Enterasys Networks XSR-Series manual Table of Contents

Page 2

Table of Contents		page
1.0	IP-Address and Secondary Addresses configuration	4
1.1	IP-Static-routing	4
1.2	IP-Loopback Interface	4
1.3	IP-OSPF-routing	5
1.4	IP-RIPv1,v2-routing	6
1.5	DHCP server, static / dynamic-pool	7
1.6	DHCP/Bootp relay argent / ip-helper	7
1.7	SNTP Simple Network Time Protocol	8
2.0	Interface description	9
2.1	Duplex configuration on Fast Ethernet full/half	9
2.2	Speed configuration on Fast Ethernet 10/100MBit/s	9
2.3	System login banner	9
3.0	Access control list incoming outgoing	10
3.1	Access control list 1-99 (standard)	10
3.2	Access control list 100-199 (extended)	10
3.3	Access control list moving online editing	11
4.0	Virtual Router Redundancy Protocol (RFC 2338)	12
4.1	VRRP monitor interface function, interface tracking	13
4.2	NAT static bindings	14
4.3	NAT dynamic with PAT “Port Address Translation”	14
5.0	Dialer Interface	15
5.1	Dialer Backup interface function	16
5.2	PAP for authentication PPP	17
5.3	CHAP for authentication PPP	18
5.4.1 VPN via Dialer Interface rtr1		19
5.4.2 VPN via Dialer Interface rtr2		20
5.5.1 Dialer Int. PRI to BRI with D-channel-callbackcentral-site		21
5.5.2 Dialer Int. PRI to BRI with D-channel-callbackremote1-site		22
5.5.3 Dialer Int. PRI to BRI with D-channel-callbackremote2-site		23
6.1	ISDN switch type changing	24
6.2	ISDN callback	25
6.3	ISDN multilink / ISND channel bundling	26
7.0	PPPoE on Fast Ethernet interfaces	27
7.1	IP-address negotiation for PPPoE	27
7.2	PPPoE on ADSL interface with chap authentication	27
8.0	AAA Authentication Authorization Accounting Radius	28
8.1	SSH / Telnet	29
8.2	SYSLOG function, Server local-buffer	29
8.3	SNMP configuration /contact/location/parameter	30
8.4	SNMP v1/v2/v3	30
Configuration Guide		Page 2 of 55

Image 2

Contents Configuration Guide Table of Contents Helpful commands for using the XSR platform AppendixIP-Address and Secondary Addresses configuration IP-Static-routing IP-Loopback InterfaceIP-OSPF-routing IP-RIPv1,v2-routing Ip local pool 10th 10.10.10.0 Sntp Simple Network Time Protocol Duplex half System login bannerDuplex full Configuration Guide Access control list moving online editing XSR-1805config#access-list 110 move 1Router-1-Master Router-2-BackupVirtual Router Redundancy Protocol RFC Hostname XSR-18051Vrrp monitor interface function, interface tracking Vrrp 1 priority Vrrp 1 master-respond-ping no shutdownNAT dynamic with PAT Port Address Translation Access-list 10 permit 10.10.10.0NAT static bindings Ip address 10.10.10.1 255.255.255.0 no shutdownDialer Interface Dialer Backup interface function Controller e1 0/2/0 clock source internal no shutdownPAP for authentication PPP Username remote privilege 0 password is not displayedInterface Dialer0 dialer pool Chap for authentication PPPUsername remote privilege 0 cleartext iamRemote Dialer-list 1 protocol ip list XSR-1805-1config#aaa user XSR-1805-1config-aaa#password XSRVPN via Dialer Interface rtr1 VPN via Dialer Interface rtr2 Ppp pap sent-username central password xsr ppp multilink Dialer Int. PRI to BRI with D-channel-callbackcentral-sitePpp pap sent-username remote1 password xsr1 ppp multilink Dialer Int. PRI to BRI with D-channel-callbackremote1-sitePpp pap sent-username remote2 password xsr2 ppp multilink Dialer Int. PRI to BRI with D-channel-callbackremote2-siteIsdn config for BRIx/x Isdn switch type changing Dialer-group Isdn callbackDialer caller 112233 callback dialer remote-name XSR-Remote Isdn multilink / Isnd channel bundling PPPoE on Adsl interface with chap authentication AAA Authentication Authorization Accounting Radius Syslog function, Server local-buffer Ip ssh server disable Ip telnet server disableSSH / Telnet Logging Snmp MediumSnmp configuration /contact/location/parameter Snmp v1/v2/v3Router-1 XSR-18051config#aaa user XSR-18051config-aaa#password XSR0r1 VPN Ipsec site-to-site tunnel via pre-shared key Ip route 80.80.80.0 255.255.255.0Router-2 XSR-18052config#aaa user XSR-18052config-aaa#password XSR0r2 VPN Ipsec site-to-site tunnel via pre-shared key Ip route 10.10.10.0 255.255.255.0VPN Ipsec site-to-site tunnel certification PKI XSR-18051config#crypto ca crl request Enterasys-Networks-CA XSR-18051config#crypto ca identity Enterasys-Networks-CAPassword Re-enter password Request certificate from CA y/n ? yCertification control / certificates / Crls / CA identity ENTITY-ACTIVEVPN Pptp User termination Pptp encrypt mppe autoXSR-18051config#aaa user XSR-18051config-aaa#password XSR XSR-18052config#aaa user XSR-18052config-aaa#password XSR 5r1 GRE native site-to-site tunnel Version 6.0.0.0, Built Sep 14 20035r2 GRE native site-to-site tunnel Diffserv Dscp field addressing Description internalloopbackPrivate ip address 13.13.13.1 Firewall configurationDescription InteralnetworkPrivate ip address 10.10.10.1 Ip address 30.30.30.1 Vlan configuration 802.1q tagged routingIp address 20.20.20.1 Version 4.0.0.0, Built Mar 26 2003 A1.2 ping & tracerouteVersion 2.02, Built Feb 24 2003 XSR-1805 uptime is 0 days, 2 hours, 23 minutesPhysical link is currently up Current operational duplex mode is negotiated to fullA1.4 telnet to other routers Current operational speed is negotiated to 100 Mb/sA1.5 flash/ cflash/ dir, rename, copy commands A1.6 verify the flash file checksumB1.0 show ip route B1.1 show ip arpC1.2 show crypto ipsec sa C1.0 show tunnelsC1.1 show crypto isakmp sa C1.3 show crypto mapC1.6 show crypto ipsec sa / GRE via Ipsec C1.4 show tunnels / GRE via IpsecC1.5 show interface vpn / GRE via Ipsec C1.7 show ip route / GRE via IpsecMTU is 1492 bytes D1.1 show ip interface atm 1/0.1D1.2 show controllers atm 1/0 D1.3 show controllers atm 1/0.1 VPI/VCI 1/32D1.4 show interface atm 1/0 ATM 1/0 is Admin Up / Oper UpAdministrative State is Enabled Operational State is UP IfLastChange 001609State Opened ATM 1/0.1 is Admin Up / Oper UpD1.5 show interface atm 1/0.1 PPPoE is Oper UpD1.6 show ppp interface atm 1/0.1 ATM 1/0.1 PPP is Admin Up / Oper UpChap authentication success with Current StateGetting Help