Manuals / Carrier Access / Computer Equipment / Network Router

Carrier Access none manual Security-default, Maximum, Minimum, Typical default

Models: none

1 496

Download 496 pages 60.9 Kb

Page 183

Global Configuration Mode

Global Configuration Commands

security-default

Use the security-defaultcommand to configure the security policy.

Syntax: (config)# security-default {maximumminimumtypical} [block-ip-frag]

Field	Definition
The following security levels are described in detail.

	Requests Originating in the		Requests Originating in the LAN
	WAN
maximum	Blocked: No access to network		Limited: Only commonly-used
	from Internet, except as		services, such as Web-browsing and
	configured in the Local Servers,		e-mail, are permitted. These
	DMZ host and Remote Access		services include Telnet, FTP,
	screens.		HTTP, HTTPS, DNS, IMAP,
			POP3, Ping and SNMP

minimum	Blocked: No access to network		Unrestricted: All services are
	from Internet, except as		permitted, except as configured in
	configured in the local Servers,		the Access Control screen.
	DMZ host and Remote Access
	screens.

typical (default)	Unrestricted: Permits full		Unrestricted: All services are
	access from Internet to network;		permitted, except as configured in
	all connection attempts		the Access Control screen.
	permitted.

block-ip-frag	Block IP Fragments
	Checking this option will protect your network from a common type of
	hacker attack that could make use of fragmented data packets to
	sabotage your network. Note that VPN over IPSec and some UDP-
	based services make legitimate use of IP fragments. You will need to
	allow IP fragments to pass into the home network in order to make use
	of these selected services.

Example: (config)# security-default maximum

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

4-57

Image 183

Carrier Access none manual Security-default, Maximum, Minimum, Typical default, Block-ip-frag Block IP Fragments

Contents

Adit 3000 Series Multi-Service Router MSR Card Corporate Contact Information Customer SupportSupporting Software Versions Preface Preface Table of Contents Global Configuration Mode Configuration T1 Controller Mode Configuration LCC Controller ModeConfiguration Dhcp Pool Ethernet Mode Configuration Dial Peer FXS ModeConfiguration Dial Peer Trunk Mode Configuration Ethernet Interface Mode Configuration Dial Peer VoIP ModeConfiguration Multilink Interface Mode Configuration Serial Interface Mode Configuration IPSec Mode Configuration L2TPC Mode Configuration Pptpc Mode Configuration Ospf ModeConfiguration Pptps Mode Configuration Radius ModeConfiguration Vlan Mode Configuration Voice Port Trunk Mode Configuration Vlan Port ModeConfiguration Voice Port Mode Configuration Voice Port FXS ModeIndex Configuration Voice Service SIP ModeXviii This Chapter IntroductionOverview Prompt Identifier Configuration Mode Link to Command Prompt Displayed Configuration ModeExample config# clock 12 source nonet1 port Example config# clock source 12 noneds1 1ds1 2ds1 3ds1Shortcuts User Mode User Mode CommandsDate Enable End Exit Help History Ping Show Traceroute End EnableExample adit 3500 enable Password Adit 3500# DateHelp ExitHistory Syntax ping address -i time -l size -n count -w timeoutstop PingStop Show Show alarms Address Show arpSyntax show arp alladdressethernet port All Display entire ARP tableShow caclkcd Example Adit 3500 show caclkcd Show caclkcdExample Adit MSR show controller lcc Show config dynamic-dnsShow controller lcc Syntax show controller lcc numberShow controller t1 Syntax show controller t1 portExample Adit 3500 show controller t1 Show dhcp-leases Show digit-mapSyntax show digit-map Example Adit 3500 show digit-map Show interface description Show interface ethernet Show interface multilinkAdit 3104, Adit 3200, Adit 3500 Value must be Example Adit MSR show interface serial Show interface serialSyntax show interface serial port Example Adit 3500 show interface serialExample Adit MSR show interface stats Show interface statsSupported PlatformsAdit 3104, Adit 3200, Adit 3500, MSR Syntax show ip ospf Example adit 3500 show ip ospf Show ip ospfShow ip ospf database Example adit 3500 show ip ospf database self-originate Example adit 3500 show ip ospf databaseMultilink port Show ip ospf interfaceEthernet port Serial portExample adit 3500 show Ip ospf neighbor Show ip ospf neighborInterface address DetailSip Show licensesFirewall PriExample Adit 3500 show log t1 1 minor Show mac-address-tableSyntax show nat-fw Example Adit 3500 show nat-fw Show nat-fwShow port-trigger Show routeSyntax show route Example Adit 3500 show route Syntax show service Example Adit 3500 show service Show serviceSyntax show version Example Adit 3500 show version Show usersShow version Syntax show users Example Adit 3500 show usersExample Adit MSR show version Example Adit MSR show voice-port fxs Show voice-port fxsSyntax show voice-port fxs Example Adit 3500 show voice-port fxsShow voice-port trunk Syntax show voice-port trunk portExample Adit 3500 show voice-port trunk Example Adit MSR show voice-port trunk Syntax traceroute Syntax traceroute addresshostnamestop TracerouteUser Mode Privileged Mode Commands Privileged ModeClear ip ospf process ClearClear arp Clear caclkcdCopy path Configure terminalCopy defaults CopyExample Adit 3500# date Wed Jan 12 103751 Copy running-configSyntax # copy running-config path destination-path Destination-pathDebug portmon all DebugOff Debug portmon rxtxbothDebug portmon detail BothDebug portmon ethernet EthernetExample adit 3500# debug portmon ethernet 1 all Example adit 3500# debug portmon management hush Debug portmon managementSyntax # debug portmon management hushoff Hush OffDebug portmon multilink Debug portmon raw Syntax # debug portmon raw offonExample adit 3500# debug portmon raw off Debug portmon serial PortExample adit 3500# debug portmon 1 rip Example adit 3500# end Username Syntax # debug trace casprisip enabletxrxExample adit 3500# debug trace cas enable Debug traceAdit 3500# help Syntax # history Example adit 3500# history Example adit 3500# log clear firewall Log clearSyntax # log clear allfirewallprisipsystemt1lcc LccCas Pri Sip No debugNo debug portmon No debug traceExample Adit 3500# ping 192.168.1.1 -n 2 -l Example Adit 3500# pingReload Example adit 3500# reload Going to reboot Restarting systemShow Example adit 3500# show alarms major Example adit 3500# show arp all Syntax # show arp alladdressethernet portExample adit 3500# show arp ethernet Example adit 3500# show arp# show caclkcd Example adit 3500# show caclkcd Show config access-control Example adit 3500# show config controller t1 Syntax # show config controller t1 portDmz-host 192.168.1.200 enable Example adit 3500# show config interface ethernet Syntax # show config interface ethernet portExample adit 3500# show config interface multilink Syntax # show config interface multilink portExample adit 3500# show config interface serial Syntax # show config interface serial portExample adit 3500# show config ip dhcp ethernet Syntax # show config ip dhcp ethernet portNetwork-object id 0 description NetworkObject1 ip-address Security-default typical Static-dns hostname test1 ip-address Example adit 3500# show config voice-port fxs Syntax # show config voice-port fxs portSyntax # show config voice-port trunk port Example adit 3500# show config voice-port trunkExample adit MSR# show config voice-port trunk Syntax # show controller lcc number Example adit 3500# show controller t1 Syntax # show controller t1 portSyntax # show digit-map Example adit 3500# show digit-map Example Adit MSR# show interface description Example adit 3500# show interface multilink Syntax # show interface ethernet portExample adit 3500# show interface ethernet Syntax # show interface multilink portSyntax # show interface serial port Example adit 3500# show interface serialExample adit MSR# show interface serial Syntax # show ip ospf Example adit 3500# show ip ospf Show ip ospf database Example adit 3500# show ip ospf database self-originate Example adit 3500# show ip ospf databaseExample adit 3500# show ip ospf interface ethernet Example adit 3500# show ip ospf neighbor detail Example adit 3500# show Ip ospf neighborSyntax # show ipsec vpnipsecconnection-id Syntax # show l2tpc l2tpc connection-id Example adit 3500# show l2tpcExample adit 3500# show l2tpc l2tpc Example adit 3500# show licenses # show licensesExample adit 3500# show log t1 1 minor Syntax # show nat-fw Example adit 3500# show nat-fw Show port-trigger Syntax # show pptpc pptpc connection-id Example adit 3500# show pptpcExample adit 3500# show pptpc pptpc Syntax # show route Example adit 3500# show route Syntax # show pptps Example adit 3500# show pptpsShow running-config Privileged Mode Example adit MSR# show running-config Privileged Mode Privileged Mode Privileged Mode Supported Platforms Adit 3104, Adit 3200, Adit 3500, MSR # show service Example adit 3500# show service Syntax # show version Example adit 3500# show version Syntax # show users Example adit 3500# show usersExample Adit MSR# show version Syntax # show voice-port fxs Example adit 3500# show voice-port fxsExample adit MSR# show voice-port fxs Example adit 3500# show voice-port trunk Syntax # show voice-port trunk portExample adit MSR# show voice-port trunk Example Adit 3500# traceroute to UpgradeSyntax # upgrade ip-address address file filename check Syntax # traceroute Syntax # traceroute addresshostnamestopPrivileged Mode Global Configuration Mode Commands for Entering Configuration Submodes Global Configuration Commands Lan AccessAccess-control Lan WanAccess-list Clock source Authentication loginSyntax config# clock 12 source nonet1 port Example config# clock 1 source t1Controller t1 Controller lccTod Date auto-time-updateDate set NtpDate summer-time Example config# date summer-time 03 28 0000 10 28 0100Date timezone Delete local-serverAdit 3500 Range = Dial-peer voiceDial-peer voice pots fxs Dial-peer voice pots trunkDial-peer voice voip Dmz-hostPrivileged Mode Commands User Mode CommandsDynamic-dns Dynamic-dns backup-mxSyntax config# dynamic-dns interface eth-2mlink-1ser-n Example config# dynamic-dns interface ser-1Dynamic-dns mail-exchanger Dynamic-dns offlineDynamic-dns username Syntax config# end Example config# end Syntax config# exit Example config# exitDynamic-dns wildcard Config# help Config# help Or config# ?History Interface ethernet Syntax config# interface ethernet portExample config# interface ethernet Config-int-eth-1# Host-filterAdit 3200, Adit 3500 Range = Interface multilinkInterface serial Adit 3104, Adit 3200, Adit 3500 Value must beIpsec key generate key Ipsec authentication-retriesExample config# ipsec authentication-retries 10 delay IpsecIpsec log ike Example config# ipsec log ike msg-outpIpsec log ipsec Ipsec net-to-hostAny Remote-ip Ipsec net-to-netIpsec replay Ipsec vpnipsecIp dhcp pool ethernet Ip domain-nameIp host Ipsec KeyL2tpc Key-codeNew Local-serverLog Log lcc bufferLog lcc notify Log security buffer Log priLog sip Example config# log security notify warnExample config# log sip buffer-fill Log security notifyLog system buffer Syntax config# log system buffer kilobytesExample config# log system buffer Example config# log system notify errorLog t1 buffer Syntax config# log t1 buffer kilobytesExample config# log t1 buffer Example config# log t1 notify warnMail-server host Mail-server authentication enableMail-server Mail-server from-addressMail-server username Syntax config# mail-server port portExample config# mail-server port Mail-server portNetwork-object EnableExample config# nat-bypass ip-address 10.10.2.1 mask Nat-bypassNo commands No accessNo access-control No access-list No authentication loginNo date auto-time-update Adit 3500 Range = No date summer-timeNo dial-peer voice pots fxs No dial-peer voice pots trunkNo dial-peer voice voip No dmz-hostNo dynamic-dns No ipsec authentication-retries No host-filterNo ipsec log ike Example config# no ipsec log ipsec tc No ipsec log ipsecNo ipsec replay No ipsec vpnipsec No interface multilinkNo interface serial No ip dhcp pool ethernet No keyNo l2tpc No nat-bypass No mail-server authenticationNo local-server No log sipNo port-trigger-service No network-objectNo pptpc No pptps No remote-admin icmpNo remote-admin snmp Syntax config# no pptps Example config# no pptpsNo remote-admin telnet No remote-admin udp-traceExample config# no remote-admin telnet primary-port No remote-admin web Example config# no remote-admin web primary-portNo router ospf Syntax config# no security-log setting SettingNo security-log No snmp-server No serviceSyntax config# no service service-id Example config# no service-idNo static-dns No time-rangeNo username No vlan No voice-codecNo voice-port trunk Port-trigger service PptpcPptps Radius-client Remote-adminRemote-admin icmp Remote-admin snmpPrimary-port Remote-admin telnetRemote-admin udp-trace Example config# remote-admin telnet primary-port enableRemote-admin web Example config# remote-admin web primary-port enableRouter ospf Minimum Security-defaultTypical default MaximumSecurity-log Service Server-src-port Snmp-server enableSnmp-server Snmp-server communityVersion Snmp-server traps enableSnmp-server host Snmp-server trusted-ipTime-range Static-dnsMonitor AdminUsername Vlan globalVoice-codec Vlan vlan-idVoice-port fxs Syntax config# voice-port fxs portExample config# voice-port fxs 1 config-vport-fxs-1# Voice-port globalVoice-port trunk Voice-service sipSyntax config# voice-port trunk port Example config# voice-port trunk 1 config-vport-trk-1#Configuration LCC Controller Mode LCC Controller CommandsDescription End Exit History No command Shutdown Syntax config-cont-lcc-n# description text Example config-cont-lcc-1# description LCC#1Description User Mode Commands Syntax config-cont-lcc-n# end Example config-cont-lcc-1# end No shutdown No commandShutdown T1 Controller Commands Configuration T1 Controller ModeExample config-cont-t1-1# description T1#1 Syntax config-cont-t1-n# description textUser Mode Commands Ds0-group Syntax config-cont-t1-n# ds0-group timeslots rangeExample config-cont-t1-1# ds0-group timeslots Syntax config-cont-t1-n# end Example config-cont-t1-1# endEsf FdlFraming None T1.403Syntax config-cont-t1-n# idle-pattern number Example config-cont-t1-1# idle-pattern 0x7fIdle-pattern Lbo Lbo longLbo short Linecode LoopbackAmi B8zs Csu Niu None LoopdetectNo ds0-group No pri-groupPri-group No tdm-groupIn-out Tdm-group Example config-cont-t1-1# tdm-group timeslots 1-4 dir in-outThreshold Dhcp Pool Commands Configuration Dhcp Pool Ethernet ModeConfiguration Dhcp Pool Ethernet Mode Syntax config-dhcp-eth-n# end-address address Example config-dhcp-eth-1# end-addressEnd-address Syntax config-dhcp-eth-n# lease time Example config-dhcp-eth-1# leaseLease No option No relayNo static-lease Relay OptionStatic-lease Syntax config-dhcp-eth-n# start-address addressExample config-dhcp-eth-1# start-address Start-addressWins server Subnet-maskDial Peer FXS Commands Configuration Dial Peer FXS ModeCalling-party-disc Block-out-caller-idCall-wait-caller-id Call-waitingG711alaw Codec preferenceDestination-pattern 123User Mode Commands Syntax config-dpeer-fxs# end Example config-dpeer-fxs# end Pass-through Syntax config-dpeer-fxs# fax-protocol nonepass-throught38Example config-dpeer-fxs# fax-protocol none Fax-protocolSyntax config-dpeer-fxs# modem-protocol nonepass-through Example config-dpeer-fxs# modem-protocol pass-thoughModem-protocol No calling-party-disc No block-out-caller-idNo call-wait-caller-id No call-waitingNo codec preference No sip-authenticationSyntax config-dpeer-fxs# no codec preference Example config-dpeer-fxs# no codec preferenceSip-authentication username Sip-authenticationSip-authentication enable Sip-authentication passwordDial Peer Trunk Commands Configuration Dial Peer Trunk ModeExample config-dpeer-trk# codec preference 1 g711alaw Syntax config-dpeer-trk# destination-pattern dest-patternExample config-dpeer-trk# destination-pattern 555$ User Mode Commands Syntax config-dpeer-trk# end Example config-dpeer-trk# end Syntax config-dpeer-trk# fax-protocol nonepass-throught38Example config-dpeer-trk# fax-protocol none Example config-dpeer-trk# modem-protocol pass-though Syntax config-dpeer-trk# modem-protocol nonepass-throughSyntax config-dpeer-trk# no codec preference Example config-dpeer-trk# no codec preferenceNo destination-pattern Prefix Syntax config-dpeer-trk# prefix prefixExample config-dpeer-trk# prefix PrefixSyntax config-dpeer-trk# strip-digits number Example config-dpeer-trk# strip-digitsStrip-digits Dial Peer VoIP Commands Configuration Dial Peer VoIP ModeExample config-dpeer-voip# destination-pattern Syntax config-dpeer-voip# destination-pattern numberAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 10-3 Syntax config-dpeer-voip end Example config-dpeer-voip# end No session-target No prefixSession-target Syntax config-dpeer-voip# prefix prefixExample config-dpeer-voip# prefix Example config-dpeer-voip# session-target ip-addressExample config-dpeer-voip# user-id testname Syntax config-dpeer-voip# strip-digits numberExample config-dpeer-voip# strip-digits Syntax config-dpeer-voip# user-id user-id10-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ethernet Interface Commands Configuration Ethernet Interface ModeExample config-int-eth-1# description Eth#1 Syntax config-int-eth-n# description textAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 11-3 Firewall Syntax config-int-eth-n# end Example config-int-eth-1# endHalf-duplex Full-duplexSecondary Example config-int-eth-1# ip address 192.168.2.100 maskIp address AutoExample config-int-eth-1# ip default-gateway Ip default-gatewayIp default-route Syntax config-int-eth-n# ip default-gateway addressAuto Syntax config-int-eth-n# ip mtu sizeautoExample config-int-eth-1# ip mtu auto Ip mtuIp ospf authentication Message-digestNull Ip ospf authentication-key Ip ospf costIp ospf dead-interval Ip ospf hello-interval Ip ospf disableSyntax config-int-eth-n# ip ospf hello-interval seconds Example config-int-eth-1# ip ospf hello-intervalIp ospf transmit-delay Ip ospf priorityIp ospf retransmit-interval Ip proxy-arp Syntax config-int-eth-n# ip primary-dns addressExample config-int-eth-1# ip primary-dns Ip primary-dnsIp rip send-version Ip rip enableIp rip Ip rip receive-versionIp route-mode Syntax config-int-eth-n# ip route-mode naptrouteExample config-int-eth-1# ip route-mode napt Ip routeMetric Ip secondary-dnsNo ip dhcp No ip default-routeNo firewall No ip addressNo ip ospf dead-interval No ip ospf authenticationNo ip ospf authentication-key No ip ospf costNo ip ospf message-digest-key No ip ospf disableExample config-int-eth-1# no ip ospf message-digest-key No ip ospf hello-intervalNo ip primary-dns No ip ospf transmit-delayNo ip ospf priority No ip ospf retransmit-intervalNo ip secondary-dns No ip proxy-arpNo ip rip No ip routeNo remote-admin No schedule-availabilityNo sip-alg Release RenewNo tos ip Sip-alg Syntax config-int-eth-n# schedule-availability time-rangeExample config-int-eth-1# schedule-availability time-range Schedule-availabilitySpeed Tos100 Auto 11-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Multilink Interface Commands Configuration Multilink Interface ModeExample config-int-mlink-1# description MLPPP1 Syntax config-int-mlink-n# description textAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-3 12-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Unnumbered Example config-int-mlink-1# ip address 192.168.2.100 maskExample config-int-mlink-1# ip mtu auto Syntax config-int-mlink-n# ip mtu sizeautoAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-7 Example config-int-mlink-1# ip ospf dead-interval Syntax config-int-mlink-n# ip ospf cost costExample config-int-mlink-1# ip ospf cost Syntax config-int-mlink-n# ip ospf dead-interval secondsExample config-int-mlink-1# ip ospf hello-interval Syntax config-int-mlink-n# ip ospf hello-interval secondsSyntax config-int-mlink-n# ip ospf transmit-delay seconds Syntax config-int-mlink-n# ip ospf priority priorityExample config-int-mlink-1# ip ospf priority Example config-int-mlink-1# ip ospf retransmit-interval121or2 Syntax config-int-mlink-n# ip primary-dns addressExample config-int-mlink-1# ip primary-dns Example config-int-mlink-1# ip rip receive-version noneExample config-int-mlink-1# ip rip send-version 2-bcast Example config-int-mlink-1# ip secondary-dns Syntax config-int-mlink-n# ip route-mode naptrouteExample config-int-mlink-1# ip route-mode napt Syntax config-int-mlink-n# ip secondary-dns addressExample config-int-mlink-1# no ip address Syntax config-int-mlink-n# no ip address addressAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-15 Example config-int-mlink-1# no ip ospf message-digest-key Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-17 No ppp encryption No ppp authenticationSyntax config-int-mlink-n# no ip route dest-ip-addr gateway Example config-int-mlink-1# no ip route 192.168.100.200No ppp username No ppp passwordNo ppp on-demand No ppp qos interleaving12-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ppp authentication Ppp exec-timeoutPpp encryption Ppp password Ppp link-fragmentationPpp on-demand Ppp restart-timer Ppp qos-interleavingPpp time-btwn-reconnect Ppp username Syntax config-int-mlink-n# ppp username usernameExample config-int-mlink-1# ppp username test-user-name Syntax config-int-mlink-n# schedule-availability time-rangeAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-25 12-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Serial Interface Commands Configuration Serial Interface ModeExample config-int-ser-1# description Serial1 Syntax config-int-ser-n# description textAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-3 Encapsulation ppp Syntax config-int-ser-n# end Example config-int-ser-1# endAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-5 Example config-int-ser-1# ip address 192.168.2.100 mask Syntax config-int-ser-n# ip mtu sizeautoExample config-int-ser-1# ip mtu auto Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-7 Example config-int-ser-1# ip ospf dead-interval Syntax config-int-ser-n# ip ospf cost costExample config-int-ser-1# ip ospf cost Syntax config-int-ser-n# ip ospf dead-interval secondsExample config-int-ser-1# ip ospf hello-interval Syntax config-int-ser-n# ip ospf hello-interval secondsSyntax config-int-ser-n# ip ospf transmit-delay seconds Syntax config-int-ser-n# ip ospf priority priorityExample config-int-ser-1# ip ospf priority Example config-int-ser-1# ip ospf retransmit-intervalExample config-int-ser-1# ip rip receive-version none Syntax config-int-ser-n# ip primary-dns addressExample config-int-ser-1# ip primary-dns Syntax config-int-ser-n# ip rip receive-version 121or2noneExample config-int-ser-1# ip rip send-version 2-bcast Example config-int-ser-1# ip secondary-dns Syntax config-int-ser-n# ip route-mode naptrouteExample config-int-ser-1# ip route-mode napt Syntax config-int-ser-n# ip secondary-dns addressNo encapsulation ppp Syntax config-int-ser-n# multilink-group group-numberExample config-int-ser-1# multilink-group Multilink-groupExample config-int-ser-1# no ip address Syntax config-int-ser-n# no ip address address13-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-int-ser-1# no ip ospf message-digest-key Example config-int-ser-1# no ip route 192.168.100.200 Syntax config-int-ser-n# no ip route dest-ip-addr gatewayAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-19 13-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ms-chap Example config-int-ser-1# ppp username test-user-pswrd Syntax config-int-ser-n# ppp link-fragmentation numberExample config-int-ser-1# ppp link-fragmentation Syntax config-int-ser-n# ppp password passwordExample config-int-ser-1# ppp time-btwn-reconnect Syntax config-int-ser-n# ppp restart-timer secondsExample config-int-ser-1# ppp restart-timer Syntax config-int-ser-n# ppp time-btwn-reconnect secondsExample config-int-ser-1# schedule-availability time-range Syntax config-int-ser-n# schedule-availability time-rangeIPSec Commands Configuration IPSec ModeRsa-sig AuthenticationAggressive-mode Pre-sharedAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 14-3 Dpd-delay Dpd-enableDpd-timeout Encryption Group HashMd5 Sha Syntax config-ipsec n# ip route metric metric Example config-ipsec-1# ip route metricIp route metric Ipsec-manual Ipsec-connSubnet ip LifetimeLocal-subnet Single ipTunnel Max-retriesMode TransportNetbios remote-brc-addr Net-typeDmz lan wan No aggressive-mode No dpd-delayNo dpd-enable No dpd-timeoutNo encryption Example config-ipsec-1# no encryption aesSyntax config-ipsec-n# no group Example config-ipsec-1# no groupNo hash No netbiosSyntax config-ipsec-n# no hash md5sha Example config-ipsec-1# no hash md5No set-pfs No reconnectNo transform-set Reconnect RekeyRemote-ip Syntax config-ipsec-n# schedule-availability rule-id Example config-ipsec-1# schedule-availability rule1Remote-subnet Session-key Set-pfsTransform-set Example config-ipsec-1# transform-set esp-aesExample of IPSec Connection Configuration 14-22 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI L2TPC Commands Configuration L2TPC ModeConfiguration L2TPC Mode Syntax config-l2tpc-n# end Example config-l2tpc-1# end Syntax config-l2tpc-n# host-ip address Example config-l2tpc-1# host-ipHost-ip Example config-l2tpc-1# ip address 192.168.2.100 mask Syntax config-l2tpc-n# ip mtu sizeautoExample config-l2tpc-1# ip mtu auto 15-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-l2tpc-1# ip ospf cost Syntax config-l2tpc-n# ip ospf authentication-key passwordExample config-l2tpc-1# ip ospf authentication-key pass777 Syntax config-l2tpc-n# ip ospf cost costExample config-l2tpc-1# ip ospf hello-interval Syntax config-l2tpc-n# ip ospf hello-interval secondsExample config-l2tpc-1# ip ospf retransmit-interval Syntax config-l2tpc-n# ip ospf priority priorityExample config-l2tpc-1# ip ospf priority Syntax config-l2tpc-n# ip ospf retransmit-interval secondsExample config-l2tpc-1# ip rip receive-version none Syntax config-l2tpc-n# ip primary-dns addressExample config-l2tpc-1# ip primary-dns Syntax config-l2tpc-n# ip rip receive-version 121or2noneExample config-l2tpc-1# ip rip send-version 2-bcast Local-secret Example config-l2tpc-1# no ip address Syntax config-l2tpc-n# metric metricExample config-l2tpc-1# metric Syntax config-l2tpc-n# no ip address address15-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 15-15 Example config-l2tpc-1# no ip ospf message-digest-key Syntax config-l2tpc-n# no ip ospf message-digest-key key-idExample config-l2tpc-1# no ip route 192.168.100.200 Syntax config-l2tpc-n# no ip route dest-ip-addr gatewayNo ppp exec-timeout No ppp time-btwn-reconnect No ppp restart-timer15-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-l2tpc-n# ppp exec-timeout minutes Example config-l2tpc-1# ppp authentication chapSyntax config-l2tpc-n# ppp encryption 40-bit128-bit Example config-l2tpc-1# ppp encryption 40-bitExample config-l2tpc-1# ppp restart-timer Syntax config-l2tpc-n# ppp password passwordExample config-l2tpc-1# ppp password test-user-pswrd Syntax config-l2tpc-n# ppp restart-timer secondsExample config-l2tpc-1# ppp username test-user-name Syntax config-l2tpc-n# ppp time-btwn-reconnect secondsExample config-l2tpc-1# ppp time-btwn-reconnect Syntax config-l2tpc-n# ppp username username15-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Router Ospf Commands Configuration Ospf ModeArea commands Area authenticationMessage-digest Compatible rfc1583 16-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-ospf# exit Example config-ospf# exit Config# Syntax config-ospf# end Example config-ospf# endNetwork area Example config-ospf# network 192.168.1.1 0.0.0.255 areaNo area authentication No areaNo area stub No router-id Example config-ospf# no network 192.168.1.1 0.0.0.255 areaNo compatible rfc1583 No network areaSyntax config-ospf# router-id address Router-idExample router-ospf# router-id Sample Configuration Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 16-11 16-12 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Client Commands Configuration Pptpc ModeConfiguration Pptpc Mode Syntax config-pptpc-n# end Example config-pptpc-1# end Example config-pptpc-1# host-ip Syntax config-pptpc-n# host-ip addressExample config-pptpc-1# ip address 192.168.2.100 mask Syntax config-pptpc-n# ip mtu sizeautoExample config-pptpc-1# ip mtu auto 17-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# ip ospf cost Syntax config-pptpc-n# ip ospf authentication-key passwordExample config-pptpc-1# ip ospf authentication-key pass777 Syntax config-pptpc-n# ip ospf cost costExample config-pptpc-1# ip ospf hello-interval Syntax config-pptpc-n# ip ospf hello-interval secondsExample config-pptpc-1# ip ospf retransmit-interval Syntax config-pptpc-n# ip ospf priority priorityExample config-pptpc-1# ip ospf priority Syntax config-pptpc-n# ip ospf retransmit-interval secondsExample config-pptpc-1# ip rip receive-version none Syntax config-pptpc-n# ip primary-dns addressExample config-pptpc-1# ip primary-dns Syntax config-pptpc-n# ip rip receive-version 121or2noneExample config-pptpc-1# ip rip send-version 2-bcast Example config-pptpc-1# ip secondary-dns Syntax config-pptpc-n# ip route-mode naptrouteExample config-pptpc-1# ip route-mode napt Syntax config-pptpc-n# ip secondary-dns addressExample config-pptpc-1# no ip address Syntax config-pptpc-n# no ip address address17-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip ospf message-digest-key Syntax config-pptpc-n# no ip ospf message-digest-key key-id17-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip route 192.168.100.200 Syntax config-pptpc-n# no ip route dest-ip-addr gateway17-18 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 17-19 Example config-pptpc-1# ppp authentication chap Syntax config-pptpc-n# ppp encryption 40-bit128-bitExample config-pptpc-1# ppp encryption 40-bit Example config-pptpc-1# ppp password test-user-pswrd Syntax config-pptpc-n# ppp exec-timeout minutesExample config-pptpc-1# ppp exec-timeout Syntax config-pptpc-n# ppp password passwordExample config-pptpc-1# ppp time-btwn-reconnect Syntax config-pptpc-n# ppp restart-timer secondsExample config-pptpc-1# ppp restart-timer Syntax config-pptpc-n# ppp time-btwn-reconnect secondsExample config-pptpc-1# schedule-availability time-range 17-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Server Commands Configuration Pptps ModeConfiguration Pptps Mode End-ip-address Syntax config-pptps# end Example config-pptps# endSyntax config-pptps# end-address end-ip-address Example config-pptps# end-addressSeconds Syntax config-pptps# idle-time secondsExample config-pptps# idle-time Idle-time40-bit Example config-pptps# no ppp authenticationExample config-pptps# no ppp encryption No idle-timeExample config-pptps# ppp authentication chap Syntax config-pptps# ppp encryption 40-bit128-bitstatefulExample config-pptps# ppp encryption stateful Enter the start IP address of the range Syntax config-pptps# start-address start-addressExample config-pptps# start-address Start-ip-address18-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Radius Mode Radius CommandsAuthentication End Exit History Host Key Example config-radius# authentication chap Syntax config-radius# authentication chapms-chapms-chapv2papAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 19-3 Syntax config-radius# end Example config-radius# end Example config-radius# key testpswd Syntax config-radius# host address auth-port portExample config-radius# host 192.168.1.1 auth-port Syntax config-radius# key password19-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Vlan Global Commands Configuration Vlan ModeConfiguration Vlan Mode Syntax config-vlan# exit Example config-vlan# exit Config# Syntax config-vlan# end Example config-vlan# endExample config-vlan# no vlan Syntax config-vlan# no port-dot1q ethernet portExample config-vlan# no port-dot1q ethernet Syntax config-vlan# no vlan entryAdit 3500 and MSR 1.1 Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4Disable Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4Adit 3500 and MSR 1.1 Disable Disable Vlan feature Enable Enable Vlan feature Syntax config-vlan# tag-all disableenableExample config-vlan# tag-all enable Syntax config-vlan# vlan-feature disableenable20-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Vlan Port Mode Vlan Port CommandsEnd Exit History No commands Port Priority Voip-interface Configuration Vlan Port Mode Syntax config-vlan-n# end Example config-vlan-100# end No voip-interface No portExample config-vlan-100# priority Syntax config-vlan-n# priority priority21-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Voice Port Mode Voice Port CommandsDigit-map global End Exit History No digit-map global Tos Digit-map global Long-timeoutShort-timeout Example config-vport# digit-map mode long-timeoutAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 22-3 Syntax config-vport# exit Example config-vport# exit Config# Syntax config-vport# end Example config-vport# endSip value hex-value No digit-map globalPattern number Rtp value hex-value22-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Port FXS Commands Configuration Voice Port FXS ModeSyntax config-vport-fxs-n# description text Example config-vport-fxs-1# description VoiceP-#2Comfort-noise Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 23-3 23-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-vport-fxs-1# input-gain Syntax config-vport-fxs-n# input-gain valueNo echo-cancel No comfort-noiseNo per-line-logging Example config-vport-fxs-1# output-gain Syntax config-vport-fxs-n# output-gain valueExample config-vport-fxs-1# signal ground-start Syntax config-vport-fxs-n# signal ground-startloop-startVoice Port Trunk Commands Configuration Voice Port Trunk ModeConnection t1 Connection lccDefault Digit-mapCustom 24-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Use the end command to exit the current Configuration mode Example config-vport-trk-1# input-gain Syntax config-vport-trk-n# input-gain valueExample config-vport-trk-1# isdn switch-type pri-ni2 Isdn switch-type PRINo connection t1 No connection lccNo digit-map No registration enableNo registration line enable No registration lineNo registration line logging Example config-vport-trk-1# output-gain Syntax config-vport-trk-n# output-gain valueRegistration enable Registration line authenticationRegistration Registration line first-phone-number Registration line enableRegistration line logging Example config-vport-trk-1# signal immediateSyntax config-vport-trk-n# trunk trunk-id Example config-vport-trk-1# trunk VPtrunk1Trunk 24-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Service SIP Commands Configuration Voice Service SIP ModeSyntax config-voice-serv-sip# calling-party-disc duration Example config-voice-serv-sip# calling-party-discConference Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-3 Rfc2833 DtmfEarly-media InbandAdit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-5 Ls-redundancy Fax-protocol-t38 ecsFax-protocol-t38 redundancy Hs-redundancyFeature-mode Fax-protocol-t38 signalingSyntax config-voice-serv-sip# gateway-ip address Example config-voice-serv-sip# gateway-ipGateway-ip No proxy-server No conferenceNo outbound-proxy No prackNo registration ignore-negotiated No redundancy rollback-timerNo session-timer mode No redundancy filter-incomingOutbound-proxy Phone-numberPrack Privacy-mode Proxy-serverRfc3325 Redundancy advance-retries Example config-voice-serv-sip# proxy-type genericExample config-voice-serv-sip# redundancy advance-retries Proxy-typeRedundancy filter-incoming Redundancy advance-timeoutExample config-voice-serv-sip# redundancy advance-timeout Example config-voice-serv-sip# redundancy primary-addressRedundancy secondary-address Redundancy rollback-timerExample config-voice-serv-sip# redundancy rollback-timer Example config-voice-serv-sip# redundancy secondary-addressRedundancy ttl Redundancy typeNone Srv User Rtp-base-port Session-timer Session-timer modeSession-timer refresher Tcp Udp Session-timer timeoutSip-port Transport25-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Index Index Index FXS Index Index Index Encapsulation ppp Index Index FXS 63,4-64