Enterasys Networks XSR-Series manual Appendix, Helpful commands for using the XSR platform

Page 3

9.0r1 VPN IPSEC site-to-site tunnel via pre-shared key

31

9.0r2 VPN IPSEC site-to-site tunnel via pre-shared key

32

9.1 VPN IPSEC site-to-site tunnel certification PKI

33

9.1.1 Certification control / certificates / CRLS / CA identity

35

9.3 VPN PPTP User termination

36

9.4r1 GRE encapsulated in IPSEC site-to-site tunnel via pre-shared key

37

9.4r2 GRE encapsulated in IPSEC site-to-site tunnel via pre-shared key

38

9.5r1 GRE native site-to-site tunnel

39

9.5r2 GRE native site-to-site tunnel

40

10.1 DIFFSERV DSCP field addressing

41

11.1 Firewall configuration

42

12.1 Vlan configuration 802.1q tagged routing

43

Appendix:

 

Helpful commands for using the XSR platform:

 

System:

 

A1.1 show version - Software, Bootrom, RAM, Flash, System Uptime

44

A1.2 ping & traceroute

44

A1.3 show interface - IP address, speed, duplex, statistics, errors

45

A1.4 telnet to other routers

45

A1.5 flash:/ cflash:/- dir, rename, copy commands

46

A1.6 verify the flash file checksum

46

IP:

 

B1.0 show ip route

47

B1.1 show ip arp

47

VPN:

 

C1.0 show tunnels

48

C1.1 show crypto isakmp sa

48

C1.2 show crypto ipsec sa

48

C1.3 show crypto map

48

C1.4 show tunnels / GRE via IPSEC

49

C1.5 show interface vpn / GRE via IPSEC

49

C1.6 show crypto ipsec sa / GRE via IPSEC

49

C1.7 show ip route / GRE via IPSEC

49

DSL:

 

D1.1 show ip interface atm 1/0.1

50

D1.2 show controllers atm 1/0

50

D1.3 show controllers atm 1/0.1

51

D1.4 show interface atm 1/0

52

D1.5 show interface atm 1/0.1

53

D1.6 show ppp interface atm 1/0.1

54

Configuration Guide

Page 3 of 55

Page 2 Page 4
Image 3
Page 2 Page 4
Contents Configuration Guide Table of Contents Appendix Helpful commands for using the XSR platformIP-Static-routing IP-Loopback Interface IP-Address and Secondary Addresses configurationIP-OSPF-routing IP-RIPv1,v2-routing Ip local pool 10th 10.10.10.0 Sntp Simple Network Time Protocol System login banner Duplex fullDuplex half Configuration Guide XSR-1805config#access-list 110 move 1 Access control list moving online editingHostname XSR-18051 Router-2-BackupVirtual Router Redundancy Protocol RFC Router-1-MasterVrrp 1 priority Vrrp 1 master-respond-ping no shutdown Vrrp monitor interface function, interface trackingIp address 10.10.10.1 255.255.255.0 no shutdown Access-list 10 permit 10.10.10.0NAT static bindings NAT dynamic with PAT Port Address TranslationDialer Interface Controller e1 0/2/0 clock source internal no shutdown Dialer Backup interface functionUsername remote privilege 0 password is not displayed PAP for authentication PPPChap for authentication PPP Username remote privilege 0 cleartext iamRemoteInterface Dialer0 dialer pool XSR-1805-1config#aaa user XSR-1805-1config-aaa#password XSR VPN via Dialer Interface rtr1Dialer-list 1 protocol ip list VPN via Dialer Interface rtr2 Dialer Int. PRI to BRI with D-channel-callbackcentral-site Ppp pap sent-username central password xsr ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote1-site Ppp pap sent-username remote1 password xsr1 ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote2-site Ppp pap sent-username remote2 password xsr2 ppp multilinkIsdn config for BRIx/x Isdn switch type changing Isdn callback Dialer caller 112233 callback dialer remote-name XSR-RemoteDialer-group Isdn multilink / Isnd channel bundling PPPoE on Adsl interface with chap authentication AAA Authentication Authorization Accounting Radius Logging Snmp Medium Ip ssh server disable Ip telnet server disableSSH / Telnet Syslog function, Server local-bufferSnmp v1/v2/v3 Snmp configuration /contact/location/parameterIp route 80.80.80.0 255.255.255.0 XSR-18051config#aaa user XSR-18051config-aaa#password XSR0r1 VPN Ipsec site-to-site tunnel via pre-shared key Router-1Ip route 10.10.10.0 255.255.255.0 XSR-18052config#aaa user XSR-18052config-aaa#password XSR0r2 VPN Ipsec site-to-site tunnel via pre-shared key Router-2VPN Ipsec site-to-site tunnel certification PKI Request certificate from CA y/n ? y XSR-18051config#crypto ca identity Enterasys-Networks-CAPassword Re-enter password XSR-18051config#crypto ca crl request Enterasys-Networks-CAENTITY-ACTIVE Certification control / certificates / Crls / CA identityPptp encrypt mppe auto VPN Pptp User terminationXSR-18051config#aaa user XSR-18051config-aaa#password XSR XSR-18052config#aaa user XSR-18052config-aaa#password XSR Version 6.0.0.0, Built Sep 14 2003 5r1 GRE native site-to-site tunnel5r2 GRE native site-to-site tunnel Diffserv Dscp field addressing Firewall configuration Description InteralnetworkPrivate ip address 10.10.10.1Description internalloopbackPrivate ip address 13.13.13.1 Vlan configuration 802.1q tagged routing Ip address 20.20.20.1Ip address 30.30.30.1 XSR-1805 uptime is 0 days, 2 hours, 23 minutes A1.2 ping & tracerouteVersion 2.02, Built Feb 24 2003 Version 4.0.0.0, Built Mar 26 2003Current operational speed is negotiated to 100 Mb/s Current operational duplex mode is negotiated to fullA1.4 telnet to other routers Physical link is currently upA1.6 verify the flash file checksum A1.5 flash/ cflash/ dir, rename, copy commandsB1.1 show ip arp B1.0 show ip routeC1.3 show crypto map C1.0 show tunnelsC1.1 show crypto isakmp sa C1.2 show crypto ipsec saC1.7 show ip route / GRE via Ipsec C1.4 show tunnels / GRE via IpsecC1.5 show interface vpn / GRE via Ipsec C1.6 show crypto ipsec sa / GRE via IpsecD1.1 show ip interface atm 1/0.1 D1.2 show controllers atm 1/0MTU is 1492 bytes VPI/VCI 1/32 D1.3 show controllers atm 1/0.1IfLastChange 001609 ATM 1/0 is Admin Up / Oper UpAdministrative State is Enabled Operational State is UP D1.4 show interface atm 1/0PPPoE is Oper Up ATM 1/0.1 is Admin Up / Oper UpD1.5 show interface atm 1/0.1 State OpenedCurrent State ATM 1/0.1 PPP is Admin Up / Oper UpChap authentication success with D1.6 show ppp interface atm 1/0.1Getting Help
Top Page Image Contents