Cisco Systems MC-607 manual IPSec Configuration Example, MC-657

Page 51

Configuring Subscriber-End Broadband Access Router Features

Subscriber-End Broadband Access Router Configuration Examples

application SGCPAPP port 1

!

process-max-time 200

!

interface Ethernet0

ip address 188.186.1.14 255.255.0.0 no ip directed-broadcast

no ip route-cache no ip mroute-cache bridge-group 59

bridge-group 59 spanning-disabled

!

interface cable-modem0

ip address 188.186.1.14 255.255.0.0 no ip directed-broadcast

no ip route-cache no ip mroute-cache

cable-modem downstream saved channel 699000000 27 bridge-group 59

bridge-group 59 spanning-disabled

!

ip classless

no ip http server

!

!

line con 0 transport input none

line vty 0 4 login

!

end

IPSec Configuration Example

Note Encryption/decryption is subject to export licensing controls. To support IPSec, the Cisco uBR900 series must be configured in routing mode. The software images running at both the headend and the subscriber end must support the feature set.

Note Careful address assignment on user equipment and policy routing at the headend is required. The headend may or may not use tunnels to convey traffic back to the corporate gateway.

For detailed information on IP security, L2TP, and firewalls, refer to the Cisco IOS Security

Configuration Guide.

Current configuration:

!

Last configuration change at 23:24:55 - Thu Dedc 16 1999

!

version 12.1 no service pad

service timestamps debug uptime service timestamps log uptime

!

Cisco IOS Multiservice Applications Configuration Guide

MC-657

Image 51

Contents MC-607 Configuring Subscriber-End Broadband Access Router FeaturesCisco IOS Software Feature Sets Subscriber-end OverviewMC-608 Base IP Bridging Feature Set Home Office Easy IP Feature SetMC-609 Small Office Feature Set Telecommuter Feature SetMC-610 MC-611 Operating ModesData Specifications Description Downstream Values Upstream ValuesMC-612 MC-613 Service AssignmentsDownstream and Upstream Data Transfer Bridging ApplicationsMC-614 MC-615 Routing ApplicationsNetwork Address Translation and Port Address Translation L2TP ProtocolEasy IP Dhcp ServerMC-617 Voice over IP OperationsSimplified VoIP over Cable Network MC-618MC-619 Voice Compression and DecompressionMC-620 Protocol StackMC-621 Subscriber-End Broadband Access Router Voice SpecificationsSgcp Protocol Stack Metric ValueMC-622 Backup Pots ConnectionDocsis Baseline Privacy IPSec Network SecurityMC-623 MC-624 Triple Data Encryption StandardFirewall NetRanger Support-Cisco IOS Intrusion DetectionMC-625 Subscriber-End Broadband Access Router Configuration OptionsMC-626 MC-627 Event DescriptionMC-628 Sequence Event DescriptionMC-629 MC-630 MC-631 Cable Modem Initialization FlowchartMC-632 Subscriber-End Broadband Access Router Basic TroubleshootingWaitforlinkupstate MC-633UBR924# show controllers cable-modem 0 mac ? MC-634Event 1-Wait for the Link to Come Up Event 2-Scan for a Downstream Channel, then SynchronizeMC-635 Event 4-Start Ranging for Power Adjustments Event 3-Obtain Upstream ParametersMC-636 MC-637 Event 5-Establish IP ConnectivityEvent 9-Perform Registration Event 6-Establish the Time of DayEvent 7-Establish Security Event 8-Transfer Operational ParametersEvent 11-Enter the Maintenance State Event 10-Comply with Baseline PrivacyMC-639 MC-640 Subscriber-End Broadband Access Router Configuration TasksConfiguring a Host Name and Password Command PurposeMC-641 MC-642 Configuring Ethernet and Cable Access Router InterfacesMC-643 Configuring RoutingMC-644 Verifying RoutingMC-645 Configuring BridgingMC-646 MC-647 Reestablishing DOCSIS-Compliant BridgingMC-648 Verifying DOCSIS-Compliant BridgingCustomizing the Cable Access Router Interface Using Multiple PCs with the Cable Access RouterMC-649 MC-650 Basic Internet Access Bridging Configuration ExampleMC-651 Basic Internet Access Routing Configuration ExampleMC-652 IP Multicast Routing Configuration ExampleMC-653 VoIP Bridging Using H.323v2 Configuration Example MC-654 VoIP Routing Using H.323v2 Configuration ExampleMC-655 NAT/PAT Configuration ExampleMC-656 VoIP Bridging Using Sgcp Configuration ExampleMC-657 IPSec Configuration ExampleMC-658 L2TP Configuration ExampleMC-659 MC-660