Manuals / Black Box / Computer Equipment / Network Router

Black Box LR1112A-T1/E1, LR1114A-T1/E1 Example, Blackbox configure terminal Blackbox/configure ip

Models: LR1102A-T1/E1 LR1112A-T1/E1 LR1104A-T1/E1 LR1114A-T1/E1

1 142

Download 142 pages 53.89 Kb

Page 20

Black Box LR11xx Series Router Configurations Guide

Blackbox/configure/ip> apply_filter ether0 filtera in

Blackbox/configure/ip> apply_filter WAN1 filtera in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local

3.1.2 Example 2

Consider the same network addressing as in example 1. The network administrator has a slightly different requirement - he wishes to permit FTP sessions from all networks to the internal FTP server (222.199.19.12), deny FTP sessions to all other addresses, and permit all other traffic to flow through the Black Box unit.

3.1.2.1Configure the Black Box LR1104A

Blackbox> configure terminal Blackbox/configure> ip

Blackbox/configure/ip> filter_list filterb (gives the list a name) Blackbox/configure/ip/filter_list> add permit tcp any 222.199.19.12 dport =21 Blackbox/configure/ip/filter_list> add deny tcp any 222.199.19.0 dport =21 Blackbox/configure/ip/filter_list> add permit ip any any Blackbox/configure/ip/filter_list> exit

Blackbox/configure/ip> apply_filter WAN1 filterb in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local

3.1.3 Example 3

Example 3 focuses on a filter list where the network administrator is specifically denying all traffic from a specific external network (197.100.200.0/24) access through the Black Box unit.

3.1.3.1Configure the Black Box LR1104A

Blackbox> configure terminal Blackbox/configure> ip

Blackbox/configure/ip> filter_list filterc (gives the list a name) Blackbox/configure/ip/filter_list> add deny ip 197.100.200.0/24 any Blackbox/configure/ip/filter_list> add permit ip any any Blackbox/configure/ip/filter_list> exit

Blackbox/configure/ip> apply_filter WAN1 filterc in

Blackbox/configure/ip> exit

Blackbox/configure> exit

Blackbox> save local

22

Image 20

Black Box LR1112A-T1/E1, LR1114A-T1/E1, LR1104A-T1/E1 manual Example, Blackbox configure terminal Blackbox/configure ip

Contents

Black Box LR11xx Series Router Configurations Black Box LR11xx Series Router Configurations Guide Normas Oficiales Mexicanas NOM Electrical Safety Statement Instrucciones DE SeguridadBlack Box LR11xx Series Router Configurations Guide Contents Ipsec Specifications Ultipath M Ulticast C Onfigurations 101 107117 119WAN I Nterface C Onfigurations Black Box LR11xx Series Router Configurations Guide Feature Overview Bootp Requests1DHCP Relay FunctionalityUsing Dhcp Relay with NAT Command Line InterfaceBootp Replies Enabling Dhcp RelayDisplaying Dhcp Configuration Configuring the Gateway Address field when NAT is enabledDisplaying Statistics Dhcp RelayDhcp Limitations Displaying Ethernet Interface StatisticsConfiguring Internet Group Management Protocol 1IGMP ConfigurationExample Igmp CommandsIgmp Configuration Examples Igmp Configuration 2.10Example2.11Example 2.12ExampleBlack Box LR11xx Series Router Configurations Guide Configure the Black Box LR1104A Blackbox configure term Blackbox/configure ipFiltering IP Traffic 1IP Packet Filter ListsBlackbox configure terminal Blackbox/configure ip Blackbox/configure/ip applyfilter WAN1 filterbBlackbox/configure/ip applyfilter WAN1 filterc ExampleConfiguring Security 1IPSec ConfigurationsDisplay the crypto interfaces Configure IKE to the peer gateway Example 1 Managing the BlackPermit SE Enable Snmp on the Black Box1 router Display Snmp communities Configure IPSec tunnel to the remote host Example 2 Single Proposal TunUsing the show crypto ipsec policy all command 1022 Out Any Black Box1 Show firewall policy corp detail Policy with Example 3 Multiple IPSec Pro Message Proposal added with priority2-esp-3des-sha1-tunnel Example 4 IPSec remote access As in of ExampleConfigure dynamic IPSec policy for a group of mobile users Display dynamic IKE policies in detailDisplay dynamic IPSec policies Display dynamic IPSec policies in detailLifetime in Kilobytes Bytes In 0, Bytes Out Permit E Example 5 IPSec remote access Display dynamic IKE policiesDisplay dynamic IKE policies in detail Permit 20.1.1.150 1022 Out Any Example 5 IPSec remote access Black Box LR11xx Series Router Configurations Guide Ipsec Specifications 1IPSec AppendixIPSec Defaults Black Box IKE and IPSec DefaultsIKE Defaults IPSec Appendix ESPBlack Box LR11xx Series Router Configurations Guide Forwarding IP Traffic 1IP MultiplexingPacket Forwarding Modes Proxy ARP and Packet ForwardingAddressing in IP Multiplexing Networks Proxy ARP and Packet ForwardingIP Multiplexing Single SubnetSplit Subnet Secondary Addressing POP Only Secondary Addressing 30 BitRouting Considerations for IP Multiplexing Secondary Addressing 29 BitPros and Cons of Different IP Addressing Schemes Black Box LR11xx Series Router Configurations Guide IP Multiplexing Hdlc Configurations 1Connecting a Black Box Router to a Router/CSU Via HdlcConfigure the Black Box LR1104A at Site Configuration GuideIP Multiplexing PPP and Mlppp Configurations 1Configuring Multiple PPP and Mlppp BundlesLR1104A Configure the Black Box LR1104A at the Main Site Configuring Multiple PPPBlack Box LR11xx Series Router Configurations Guide Configuring PPP, MLPPP, 1Layer Two Configurations PPP, MLPPP,LR1114A LR1104AMlppp Configuration PPP and Mlppp ConfigurationHdlc Configuration Configure the Black Box LR1114A System at SiteConfiguring Firewalls 10.1FirewallsFirewall Configuration Examples Basic Firewall ConfigurationCreate the security zones Corp and DMZ and attach interfaces Create policies for Security Zone Corp thatVerify the firewall policy for Security Zone Corp Create policies for Security Zone DMZ thatCreate a default route out of the WAN Verify the firewall policy for Security Zone DMZBlack Box LR11xx Series Router Configurations Guide Firewall Configuration Ex Black Box LR11xx Series Router Configurations Guide Stopping DoS Attacks Packet Reassembly NAT ConfigurationsNAT Configuration Examples NAT Configuration Examples Dynamic NAT many to manyStatic NAT one to one Static NATMethod2 Attaching nat pool to the policy Method1 Specifying NAT address with the policy command10.4.3Port Address Translation Many to one Black Box LR11xx Series Router Configurations Guide Multipath Multicast Configurations 11.1Multipath Multicast11.2Multipath Commands 11.2.1Multipath ExamplesConfiguring NAT 12.1Network Address TranslationDynamic NAT Static NATConfiguration for Figure Dynamic and Static NATNetwork Address Translation 12.1.4Configuration for FigureReverse NAT Blackbox configure terminal Reverse NATNAT Configuration Examples 13.1.1Dynamic NAT many to many60.1.1.1 13.1.2Static NAT one to one 13.1.3Port Address Translation Many to one Remote Access Vpns Secure Remote Access Using IPSec VPNAccess Methods Remote Access User GroupConfiguration Examples Remote Access Mode ConfigurationIPSec Remote Access User Black Box #1IPSec Remote Access Mode Configuration Group Method David@blackboxcom .comIPSec Remote Access Mode Con Mike@Blackbox.comBlack Box LR11xx Series Router Configurations Guide 15.1.1Configuring RIP for Ethernet 0 and WAN 1 Interfaces 15.1.2Displaying RIP Configuration15.1.3Displaying All Configured RIP Interfaces Networking with Routing Information ProtocolShow ip rip interface all Command Configuring Static Routes Static Routing ConfigurationBlackbox/configure ip route 0.0.0.0 0.0.0.0 10.1.1.2 16.1.1Configure the Router at Site a16.1.2Configure the Router at site B Configuring Open Shortest Path First Routing 17.1.1Configuring the host name17.1.2Configuring interface ethernet 17.1.3Configuring interface bundle Dallas17.1.4Configuring ospf 17.1.5Configuring ospf interface parameters17.1.6Displaying neighbors 17.1.7Displaying ospf routesInstalling Licenses Configuring Generic Routing EncapsulationConfiguring GRE GRE Configuration Examples 18.3.1Configuring Site to Site Tunnel GRE Configuration ExamplesFor more information enter Configuring GRE Site to Site with IPSec Configuring GRE Site to Site withConfiguring GRE Site to Site with IPSec and Ospf Add to the Cisco configuration aboveConfiguring Ospf and Frame Relay Ospf Frame Relay19.1.1Configuring the host name 19.1.2Configuring interface ethernet19.1.3Configuring interface bundle Dallas 19.1.4Configuring Ospf20.1.1PIM Commands Configuring Protocol Independent Multicasting RoutingPIM Configuration Bootstrap Router related Commands PIM Configuration Show and debug PIM commands are20.1.2PIM Configuration Examples Blackbox/configure/ip/pim register-suppress-timeoutBlackbox/configure display ip pim global Blackbox/configure display ip pim neighbors Blackbox clear ip pim statistics 116 Mtrace Configuration 21.1.1mtrace CommandMulticast Traceroute Facility RestrictionsMtrace Example Blackbox mtrace 192.168.0.0 192.168.2.2222.1.1Features Configuring Quality of Service RoutingConfiguring QoS 22.1.2Definitions 22.1.3Classification TypesConfiguring QoS Vlan IdentifiersCreate bundle AppTest Create traffic classesCreate traffic classes and assign classifications 22.1.5Bulk StatisticsCreate bundle VLANtest Screen Display for show qos bulkstatsconfig Command Configuring bulk statistics124 Virtual LAN Tagging Managing Traffic with Vlan TaggingReston configuration Black Box LR1104A # The POP router is 205.1.1.1/30DC configuration Black Box LR1114A Managing Traffic with Vlan Tag128 Trunk Group/Failover 24.1.1Configuration DetailsManaging Redundant Connections Configure the Black Box LR1114A for Failover Operation WAN Interface Configurations 25.1 T1 Interface Configuration25.1.1Module Configuration Bundle ConfigurationConfigure a Fractional T1 Hdlc Bundle Configure a T1 PPP BundleBlackbox/configure interface bundle demo2 Configure an N x T1 Mlppp BundleVirtual LAN Forwarding Managing Vlan Traffic134 Managing Vlan Traffic 26.1.1POP configuration Black Box LR1104A26.1.2Bldg1 configuration Black Box LR1114A 10 br Configure interface bundle uplinkConfigure Snmp 27.1Multilink Frame Relay FRF.15 and FRF.16 FeaturesMutlilink Frame Relay 27.1.1.1 # Configure Ethernet interface 27.1.1.2 # Configure CVC127.1.1.4 # Configure CVC3 27.1.1.5 #Configure AVCConfiguring Frame Relay Multilink Frame Relay Layer Two Configurations FR and MFRFR Configuration Configure the Hssi Bundle at SiteMFR Configuration Layer Two Configurations FRConfigure the Clear Channel Bundle on the LR1104A Configure the LR1104A LR1104A at Site142 Copyright 2004. Black Box Corporation. All rights reserved