Configuration IPSec Mode, IPSec Commands | Carrier Access none

CHAPTER 14

Configuration - IPSec Mode

The IPSecConfiguration commands allow the user to configure the VPN IPSec parameters. Enter this sub-group with the (config)# ipsec vpn_ipsec command from the Configuration mode. The IPSec commands are represented by the (config-ipsec-n)#prompt.

Note: First a connection must be created. See ipsec net-to-hostcommand on page 4-23,or ipsec net-to- net command on page 4-24.

For an example of Configuring an IPSec Connection, see Example of IPSec Connection Configuration command on page 14-21.

IPSec Commands

•	aggressive-mode	•	key
•	authentication	•	lifetime
•	description	•	local-subnet
•	do	•	max-retries
•	dpd-delay	•	mode
•	dpd-enable	•	net-type
•	dpd-timeout	•	netbios remote-brc-addr
•	encryption	•	no commands
•	end	•	reconnect
•	exit	•	rekey
•	group	•	remote-ip
•	hash	•	remote-subnet
•	history	•	schedule-availability
•	ip route metric	•	session-key
•	ipsec-conn	•	set-pfs
•	ipsec-manual	•	transform-set

Image 321

Carrier Access none manual Configuration IPSec Mode, IPSec Commands

Contents

Adit 3000 Series Multi-Service Router MSR Card Corporate Contact Information Customer SupportSupporting Software Versions Preface Preface Table of Contents Global Configuration Mode Configuration T1 Controller Mode Configuration LCC Controller Mode Configuration Dhcp Pool Ethernet Mode Configuration Dial Peer FXS ModeConfiguration Dial Peer Trunk Mode Configuration Ethernet Interface Mode Configuration Dial Peer VoIP Mode Configuration Multilink Interface Mode Configuration Serial Interface Mode Configuration IPSec Mode Configuration L2TPC Mode Configuration Pptpc Mode Configuration Ospf Mode Configuration Pptps Mode Configuration Radius ModeConfiguration Vlan Mode Configuration Voice Port Mode Configuration Vlan Port ModeConfiguration Voice Port FXS Mode Configuration Voice Port Trunk Mode Index Configuration Voice Service SIP Mode Xviii This Chapter Introduction Overview Prompt Identifier Configuration Mode Link to Command Prompt Displayed Configuration Mode Example config# clock 12 source nonet1 port Example config# clock source 12 noneds1 1ds1 2ds1 3ds1 Shortcuts User Mode User Mode CommandsDate Enable End Exit Help History Ping Show Traceroute Example adit 3500 enable Password Adit 3500# EnableDate End Help Exit History Syntax ping address -i time -l size -n count -w timeoutstop PingStop Show Show alarms Syntax show arp alladdressethernet port Show arpAll Display entire ARP table Address Show caclkcd Example Adit 3500 show caclkcd Show caclkcd Show controller lcc Show config dynamic-dnsSyntax show controller lcc number Example Adit MSR show controller lcc Show controller t1 Syntax show controller t1 portExample Adit 3500 show controller t1 Show dhcp-leases Show digit-mapSyntax show digit-map Example Adit 3500 show digit-map Show interface description Show interface ethernet Show interface multilinkAdit 3104, Adit 3200, Adit 3500 Value must be Syntax show interface serial port Show interface serialExample Adit 3500 show interface serial Example Adit MSR show interface serial Example Adit MSR show interface stats Show interface stats Supported PlatformsAdit 3104, Adit 3200, Adit 3500, MSR Syntax show ip ospf Example adit 3500 show ip ospf Show ip ospf Show ip ospf database Example adit 3500 show ip ospf database self-originate Example adit 3500 show ip ospf database Ethernet port Show ip ospf interfaceSerial port Multilink port Interface address Show ip ospf neighborDetail Example adit 3500 show Ip ospf neighbor Firewall Show licensesPri Sip Example Adit 3500 show log t1 1 minor Show mac-address-table Syntax show nat-fw Example Adit 3500 show nat-fw Show nat-fw Show port-trigger Show routeSyntax show route Example Adit 3500 show route Syntax show service Example Adit 3500 show service Show service Show version Show usersSyntax show users Example Adit 3500 show users Syntax show version Example Adit 3500 show version Example Adit MSR show version Syntax show voice-port fxs Show voice-port fxsExample Adit 3500 show voice-port fxs Example Adit MSR show voice-port fxs Show voice-port trunk Syntax show voice-port trunk portExample Adit 3500 show voice-port trunk Example Adit MSR show voice-port trunk Syntax traceroute Syntax traceroute addresshostnamestop Traceroute User Mode Privileged Mode Commands Privileged Mode Clear arp ClearClear caclkcd Clear ip ospf process Copy defaults Configure terminalCopy Copy path Syntax # copy running-config path destination-path Copy running-configDestination-path Example Adit 3500# date Wed Jan 12 103751 Debug portmon all Debug Debug portmon detail Debug portmon rxtxbothBoth Off Debug portmon ethernet EthernetExample adit 3500# debug portmon ethernet 1 all Syntax # debug portmon management hushoff Debug portmon managementHush Off Example adit 3500# debug portmon management hush Debug portmon multilink Debug portmon raw Syntax # debug portmon raw offonExample adit 3500# debug portmon raw off Debug portmon serial PortExample adit 3500# debug portmon 1 rip Example adit 3500# debug trace cas enable Syntax # debug trace casprisip enabletxrxDebug trace Example adit 3500# end Username Adit 3500# help Syntax # history Example adit 3500# history Syntax # log clear allfirewallprisipsystemt1lcc Log clearLcc Example adit 3500# log clear firewall No debug portmon No debugNo debug trace Cas Pri Sip Example Adit 3500# ping 192.168.1.1 -n 2 -l Example Adit 3500# ping Reload Example adit 3500# reload Going to reboot Restarting system Show Example adit 3500# show alarms major Example adit 3500# show arp ethernet Syntax # show arp alladdressethernet portExample adit 3500# show arp Example adit 3500# show arp all # show caclkcd Example adit 3500# show caclkcd Show config access-control Example adit 3500# show config controller t1 Syntax # show config controller t1 port Dmz-host 192.168.1.200 enable Example adit 3500# show config interface ethernet Syntax # show config interface ethernet port Example adit 3500# show config interface multilink Syntax # show config interface multilink port Example adit 3500# show config interface serial Syntax # show config interface serial port Example adit 3500# show config ip dhcp ethernet Syntax # show config ip dhcp ethernet port Network-object id 0 description NetworkObject1 ip-address Security-default typical Static-dns hostname test1 ip-address Example adit 3500# show config voice-port fxs Syntax # show config voice-port fxs port Syntax # show config voice-port trunk port Example adit 3500# show config voice-port trunkExample adit MSR# show config voice-port trunk Syntax # show controller lcc number Example adit 3500# show controller t1 Syntax # show controller t1 port Syntax # show digit-map Example adit 3500# show digit-map Example Adit MSR# show interface description Example adit 3500# show interface ethernet Syntax # show interface ethernet portSyntax # show interface multilink port Example adit 3500# show interface multilink Syntax # show interface serial port Example adit 3500# show interface serialExample adit MSR# show interface serial Syntax # show ip ospf Example adit 3500# show ip ospf Show ip ospf database Example adit 3500# show ip ospf database self-originate Example adit 3500# show ip ospf database Example adit 3500# show ip ospf interface ethernet Example adit 3500# show ip ospf neighbor detail Example adit 3500# show Ip ospf neighbor Syntax # show ipsec vpnipsecconnection-id Syntax # show l2tpc l2tpc connection-id Example adit 3500# show l2tpcExample adit 3500# show l2tpc l2tpc Example adit 3500# show licenses # show licenses Example adit 3500# show log t1 1 minor Syntax # show nat-fw Example adit 3500# show nat-fw Show port-trigger Syntax # show pptpc pptpc connection-id Example adit 3500# show pptpcExample adit 3500# show pptpc pptpc Syntax # show route Example adit 3500# show route Syntax # show pptps Example adit 3500# show pptps Show running-config Privileged Mode Example adit MSR# show running-config Privileged Mode Privileged Mode Privileged Mode Supported Platforms Adit 3104, Adit 3200, Adit 3500, MSR # show service Example adit 3500# show service Syntax # show version Example adit 3500# show version Syntax # show users Example adit 3500# show users Example Adit MSR# show version Syntax # show voice-port fxs Example adit 3500# show voice-port fxsExample adit MSR# show voice-port fxs Example adit 3500# show voice-port trunk Syntax # show voice-port trunk port Example adit MSR# show voice-port trunk Syntax # upgrade ip-address address file filename check UpgradeSyntax # traceroute Syntax # traceroute addresshostnamestop Example Adit 3500# traceroute to Privileged Mode Global Configuration Mode Commands for Entering Configuration Submodes Global Configuration Commands Access-control AccessLan Wan Lan Access-list Syntax config# clock 12 source nonet1 port Authentication loginExample config# clock 1 source t1 Clock source Controller t1 Controller lcc Date set Date auto-time-updateNtp Tod Date summer-time Example config# date summer-time 03 28 0000 10 28 0100 Date timezone Delete local-server Dial-peer voice pots fxs Dial-peer voiceDial-peer voice pots trunk Adit 3500 Range = Dial-peer voice voip Dmz-host Privileged Mode Commands User Mode Commands Syntax config# dynamic-dns interface eth-2mlink-1ser-n Dynamic-dns backup-mxExample config# dynamic-dns interface ser-1 Dynamic-dns Dynamic-dns mail-exchanger Dynamic-dns offlineDynamic-dns username Syntax config# end Example config# end Syntax config# exit Example config# exitDynamic-dns wildcard Config# help Config# help Or config# ? History Example config# interface ethernet Config-int-eth-1# Syntax config# interface ethernet portHost-filter Interface ethernet Interface serial Interface multilinkAdit 3104, Adit 3200, Adit 3500 Value must be Adit 3200, Adit 3500 Range = Example config# ipsec authentication-retries 10 delay Ipsec authentication-retriesIpsec Ipsec key generate key Ipsec log ike Example config# ipsec log ike msg-outp Ipsec log ipsec Ipsec net-to-hostAny Ipsec replay Ipsec net-to-netIpsec vpnipsec Remote-ip Ip dhcp pool ethernet Ip domain-nameIp host L2tpc KeyKey-code Ipsec New Local-server Log Log lcc bufferLog lcc notify Log security buffer Log pri Example config# log sip buffer-fill Example config# log security notify warnLog security notify Log sip Example config# log system buffer Syntax config# log system buffer kilobytesExample config# log system notify error Log system buffer Example config# log t1 buffer Syntax config# log t1 buffer kilobytesExample config# log t1 notify warn Log t1 buffer Mail-server Mail-server authentication enableMail-server from-address Mail-server host Example config# mail-server port Syntax config# mail-server port portMail-server port Mail-server username Example config# nat-bypass ip-address 10.10.2.1 mask EnableNat-bypass Network-object No commands No accessNo access-control No access-list No authentication loginNo date auto-time-update No dial-peer voice pots fxs No date summer-timeNo dial-peer voice pots trunk Adit 3500 Range = No dial-peer voice voip No dmz-hostNo dynamic-dns No ipsec authentication-retries No host-filterNo ipsec log ike Example config# no ipsec log ipsec tc No ipsec log ipsecNo ipsec replay No ipsec vpnipsec No interface multilinkNo interface serial No ip dhcp pool ethernet No keyNo l2tpc No local-server No mail-server authenticationNo log sip No nat-bypass No port-trigger-service No network-objectNo pptpc No remote-admin snmp No remote-admin icmpSyntax config# no pptps Example config# no pptps No pptps No remote-admin telnet No remote-admin udp-traceExample config# no remote-admin telnet primary-port No remote-admin web Example config# no remote-admin web primary-portNo router ospf Syntax config# no security-log setting SettingNo security-log Syntax config# no service service-id No serviceExample config# no service-id No snmp-server No static-dns No time-rangeNo username No vlan No voice-codecNo voice-port trunk Port-trigger service PptpcPptps Remote-admin icmp Remote-adminRemote-admin snmp Radius-client Remote-admin udp-trace Remote-admin telnetExample config# remote-admin telnet primary-port enable Primary-port Remote-admin web Example config# remote-admin web primary-port enableRouter ospf Typical default Security-defaultMaximum Minimum Security-log Service Snmp-server Snmp-server enableSnmp-server community Server-src-port Snmp-server host Snmp-server traps enableSnmp-server trusted-ip Version Time-range Static-dns Username AdminVlan global Monitor Voice-codec Vlan vlan-id Example config# voice-port fxs 1 config-vport-fxs-1# Syntax config# voice-port fxs portVoice-port global Voice-port fxs Syntax config# voice-port trunk port Voice-service sipExample config# voice-port trunk 1 config-vport-trk-1# Voice-port trunk Configuration LCC Controller Mode LCC Controller CommandsDescription End Exit History No command Shutdown Syntax config-cont-lcc-n# description text Example config-cont-lcc-1# description LCC#1Description User Mode Commands Syntax config-cont-lcc-n# end Example config-cont-lcc-1# end No shutdown No command Shutdown T1 Controller Commands Configuration T1 Controller Mode Example config-cont-t1-1# description T1#1 Syntax config-cont-t1-n# description text User Mode Commands Example config-cont-t1-1# ds0-group timeslots Syntax config-cont-t1-n# ds0-group timeslots rangeSyntax config-cont-t1-n# end Example config-cont-t1-1# end Ds0-group Framing FdlNone T1.403 Esf Syntax config-cont-t1-n# idle-pattern number Example config-cont-t1-1# idle-pattern 0x7fIdle-pattern Lbo Lbo longLbo short Linecode LoopbackAmi B8zs No ds0-group LoopdetectNo pri-group Csu Niu None Pri-group No tdm-groupIn-out Tdm-group Example config-cont-t1-1# tdm-group timeslots 1-4 dir in-out Threshold Dhcp Pool Commands Configuration Dhcp Pool Ethernet Mode Configuration Dhcp Pool Ethernet Mode Syntax config-dhcp-eth-n# end-address address Example config-dhcp-eth-1# end-addressEnd-address Syntax config-dhcp-eth-n# lease time Example config-dhcp-eth-1# leaseLease No option No relayNo static-lease Relay Option Example config-dhcp-eth-1# start-address Syntax config-dhcp-eth-n# start-address addressStart-address Static-lease Wins server Subnet-mask Dial Peer FXS Commands Configuration Dial Peer FXS Mode Call-wait-caller-id Block-out-caller-idCall-waiting Calling-party-disc Destination-pattern Codec preference123 G711alaw User Mode Commands Syntax config-dpeer-fxs# end Example config-dpeer-fxs# end Example config-dpeer-fxs# fax-protocol none Syntax config-dpeer-fxs# fax-protocol nonepass-throught38Fax-protocol Pass-through Syntax config-dpeer-fxs# modem-protocol nonepass-through Example config-dpeer-fxs# modem-protocol pass-thoughModem-protocol No call-wait-caller-id No block-out-caller-idNo call-waiting No calling-party-disc Syntax config-dpeer-fxs# no codec preference No sip-authenticationExample config-dpeer-fxs# no codec preference No codec preference Sip-authentication enable Sip-authenticationSip-authentication password Sip-authentication username Dial Peer Trunk Commands Configuration Dial Peer Trunk Mode Example config-dpeer-trk# codec preference 1 g711alaw Syntax config-dpeer-trk# destination-pattern dest-patternExample config-dpeer-trk# destination-pattern 555$ User Mode Commands Syntax config-dpeer-trk# end Example config-dpeer-trk# end Syntax config-dpeer-trk# fax-protocol nonepass-throught38Example config-dpeer-trk# fax-protocol none Example config-dpeer-trk# modem-protocol pass-though Syntax config-dpeer-trk# modem-protocol nonepass-through Syntax config-dpeer-trk# no codec preference Example config-dpeer-trk# no codec preferenceNo destination-pattern Example config-dpeer-trk# prefix Syntax config-dpeer-trk# prefix prefixPrefix Prefix Syntax config-dpeer-trk# strip-digits number Example config-dpeer-trk# strip-digitsStrip-digits Dial Peer VoIP Commands Configuration Dial Peer VoIP Mode Example config-dpeer-voip# destination-pattern Syntax config-dpeer-voip# destination-pattern number Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 10-3 Syntax config-dpeer-voip end Example config-dpeer-voip# end No session-target No prefix Example config-dpeer-voip# prefix Syntax config-dpeer-voip# prefix prefixExample config-dpeer-voip# session-target ip-address Session-target Example config-dpeer-voip# strip-digits Syntax config-dpeer-voip# strip-digits numberSyntax config-dpeer-voip# user-id user-id Example config-dpeer-voip# user-id testname 10-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ethernet Interface Commands Configuration Ethernet Interface Mode Example config-int-eth-1# description Eth#1 Syntax config-int-eth-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 11-3 Firewall Syntax config-int-eth-n# end Example config-int-eth-1# end Half-duplex Full-duplex Ip address Example config-int-eth-1# ip address 192.168.2.100 maskAuto Secondary Ip default-route Ip default-gatewaySyntax config-int-eth-n# ip default-gateway address Example config-int-eth-1# ip default-gateway Example config-int-eth-1# ip mtu auto Syntax config-int-eth-n# ip mtu sizeautoIp mtu Auto Ip ospf authentication Message-digestNull Ip ospf authentication-key Ip ospf costIp ospf dead-interval Syntax config-int-eth-n# ip ospf hello-interval seconds Ip ospf disableExample config-int-eth-1# ip ospf hello-interval Ip ospf hello-interval Ip ospf transmit-delay Ip ospf priorityIp ospf retransmit-interval Example config-int-eth-1# ip primary-dns Syntax config-int-eth-n# ip primary-dns addressIp primary-dns Ip proxy-arp Ip rip Ip rip enableIp rip receive-version Ip rip send-version Example config-int-eth-1# ip route-mode napt Syntax config-int-eth-n# ip route-mode naptrouteIp route Ip route-mode Metric Ip secondary-dns No firewall No ip default-routeNo ip address No ip dhcp No ip ospf authentication-key No ip ospf authenticationNo ip ospf cost No ip ospf dead-interval Example config-int-eth-1# no ip ospf message-digest-key No ip ospf disableNo ip ospf hello-interval No ip ospf message-digest-key No ip ospf priority No ip ospf transmit-delayNo ip ospf retransmit-interval No ip primary-dns No ip rip No ip proxy-arpNo ip route No ip secondary-dns No remote-admin No schedule-availabilityNo sip-alg Release RenewNo tos ip Example config-int-eth-1# schedule-availability time-range Syntax config-int-eth-n# schedule-availability time-rangeSchedule-availability Sip-alg Speed Tos100 Auto 11-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Multilink Interface Commands Configuration Multilink Interface Mode Example config-int-mlink-1# description MLPPP1 Syntax config-int-mlink-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-3 12-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Unnumbered Example config-int-mlink-1# ip address 192.168.2.100 mask Example config-int-mlink-1# ip mtu auto Syntax config-int-mlink-n# ip mtu sizeauto Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-7 Example config-int-mlink-1# ip ospf cost Syntax config-int-mlink-n# ip ospf cost costSyntax config-int-mlink-n# ip ospf dead-interval seconds Example config-int-mlink-1# ip ospf dead-interval Example config-int-mlink-1# ip ospf hello-interval Syntax config-int-mlink-n# ip ospf hello-interval seconds Example config-int-mlink-1# ip ospf priority Syntax config-int-mlink-n# ip ospf priority priorityExample config-int-mlink-1# ip ospf retransmit-interval Syntax config-int-mlink-n# ip ospf transmit-delay seconds Example config-int-mlink-1# ip primary-dns Syntax config-int-mlink-n# ip primary-dns addressExample config-int-mlink-1# ip rip receive-version none 121or2 Example config-int-mlink-1# ip rip send-version 2-bcast Example config-int-mlink-1# ip route-mode napt Syntax config-int-mlink-n# ip route-mode naptrouteSyntax config-int-mlink-n# ip secondary-dns address Example config-int-mlink-1# ip secondary-dns Example config-int-mlink-1# no ip address Syntax config-int-mlink-n# no ip address address Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-15 Example config-int-mlink-1# no ip ospf message-digest-key Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-17 Syntax config-int-mlink-n# no ip route dest-ip-addr gateway No ppp authenticationExample config-int-mlink-1# no ip route 192.168.100.200 No ppp encryption No ppp on-demand No ppp passwordNo ppp qos interleaving No ppp username 12-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ppp authentication Ppp exec-timeoutPpp encryption Ppp password Ppp link-fragmentationPpp on-demand Ppp restart-timer Ppp qos-interleavingPpp time-btwn-reconnect Example config-int-mlink-1# ppp username test-user-name Syntax config-int-mlink-n# ppp username usernameSyntax config-int-mlink-n# schedule-availability time-range Ppp username Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-25 12-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Serial Interface Commands Configuration Serial Interface Mode Example config-int-ser-1# description Serial1 Syntax config-int-ser-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-3 Encapsulation ppp Syntax config-int-ser-n# end Example config-int-ser-1# end Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-5 Example config-int-ser-1# ip address 192.168.2.100 mask Syntax config-int-ser-n# ip mtu sizeautoExample config-int-ser-1# ip mtu auto Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-7 Example config-int-ser-1# ip ospf cost Syntax config-int-ser-n# ip ospf cost costSyntax config-int-ser-n# ip ospf dead-interval seconds Example config-int-ser-1# ip ospf dead-interval Example config-int-ser-1# ip ospf hello-interval Syntax config-int-ser-n# ip ospf hello-interval seconds Example config-int-ser-1# ip ospf priority Syntax config-int-ser-n# ip ospf priority priorityExample config-int-ser-1# ip ospf retransmit-interval Syntax config-int-ser-n# ip ospf transmit-delay seconds Example config-int-ser-1# ip primary-dns Syntax config-int-ser-n# ip primary-dns addressSyntax config-int-ser-n# ip rip receive-version 121or2none Example config-int-ser-1# ip rip receive-version none Example config-int-ser-1# ip rip send-version 2-bcast Example config-int-ser-1# ip route-mode napt Syntax config-int-ser-n# ip route-mode naptrouteSyntax config-int-ser-n# ip secondary-dns address Example config-int-ser-1# ip secondary-dns Example config-int-ser-1# multilink-group Syntax config-int-ser-n# multilink-group group-numberMultilink-group No encapsulation ppp Example config-int-ser-1# no ip address Syntax config-int-ser-n# no ip address address 13-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-int-ser-1# no ip ospf message-digest-key Example config-int-ser-1# no ip route 192.168.100.200 Syntax config-int-ser-n# no ip route dest-ip-addr gateway Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-19 13-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ms-chap Example config-int-ser-1# ppp link-fragmentation Syntax config-int-ser-n# ppp link-fragmentation numberSyntax config-int-ser-n# ppp password password Example config-int-ser-1# ppp username test-user-pswrd Example config-int-ser-1# ppp restart-timer Syntax config-int-ser-n# ppp restart-timer secondsSyntax config-int-ser-n# ppp time-btwn-reconnect seconds Example config-int-ser-1# ppp time-btwn-reconnect Example config-int-ser-1# schedule-availability time-range Syntax config-int-ser-n# schedule-availability time-range IPSec Commands Configuration IPSec Mode Aggressive-mode AuthenticationPre-shared Rsa-sig Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 14-3 Dpd-delay Dpd-enableDpd-timeout Encryption Group HashMd5 Sha Syntax config-ipsec n# ip route metric metric Example config-ipsec-1# ip route metricIp route metric Ipsec-manual Ipsec-conn Local-subnet LifetimeSingle ip Subnet ip Mode Max-retriesTransport Tunnel Netbios remote-brc-addr Net-typeDmz lan wan No dpd-enable No dpd-delayNo dpd-timeout No aggressive-mode Syntax config-ipsec-n# no group Example config-ipsec-1# no encryption aesExample config-ipsec-1# no group No encryption Syntax config-ipsec-n# no hash md5sha No netbiosExample config-ipsec-1# no hash md5 No hash No set-pfs No reconnect No transform-set Reconnect RekeyRemote-ip Syntax config-ipsec-n# schedule-availability rule-id Example config-ipsec-1# schedule-availability rule1Remote-subnet Session-key Set-pfs Transform-set Example config-ipsec-1# transform-set esp-aes Example of IPSec Connection Configuration 14-22 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI L2TPC Commands Configuration L2TPC Mode Configuration L2TPC Mode Syntax config-l2tpc-n# end Example config-l2tpc-1# end Syntax config-l2tpc-n# host-ip address Example config-l2tpc-1# host-ipHost-ip Example config-l2tpc-1# ip address 192.168.2.100 mask Syntax config-l2tpc-n# ip mtu sizeautoExample config-l2tpc-1# ip mtu auto 15-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-l2tpc-1# ip ospf authentication-key pass777 Syntax config-l2tpc-n# ip ospf authentication-key passwordSyntax config-l2tpc-n# ip ospf cost cost Example config-l2tpc-1# ip ospf cost Example config-l2tpc-1# ip ospf hello-interval Syntax config-l2tpc-n# ip ospf hello-interval seconds Example config-l2tpc-1# ip ospf priority Syntax config-l2tpc-n# ip ospf priority prioritySyntax config-l2tpc-n# ip ospf retransmit-interval seconds Example config-l2tpc-1# ip ospf retransmit-interval Example config-l2tpc-1# ip primary-dns Syntax config-l2tpc-n# ip primary-dns addressSyntax config-l2tpc-n# ip rip receive-version 121or2none Example config-l2tpc-1# ip rip receive-version none Example config-l2tpc-1# ip rip send-version 2-bcast Local-secret Example config-l2tpc-1# metric Syntax config-l2tpc-n# metric metricSyntax config-l2tpc-n# no ip address address Example config-l2tpc-1# no ip address 15-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 15-15 Example config-l2tpc-1# no ip ospf message-digest-key Syntax config-l2tpc-n# no ip ospf message-digest-key key-id Example config-l2tpc-1# no ip route 192.168.100.200 Syntax config-l2tpc-n# no ip route dest-ip-addr gateway No ppp exec-timeout No ppp time-btwn-reconnect No ppp restart-timer 15-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-l2tpc-n# ppp encryption 40-bit128-bit Example config-l2tpc-1# ppp authentication chapExample config-l2tpc-1# ppp encryption 40-bit Syntax config-l2tpc-n# ppp exec-timeout minutes Example config-l2tpc-1# ppp password test-user-pswrd Syntax config-l2tpc-n# ppp password passwordSyntax config-l2tpc-n# ppp restart-timer seconds Example config-l2tpc-1# ppp restart-timer Example config-l2tpc-1# ppp time-btwn-reconnect Syntax config-l2tpc-n# ppp time-btwn-reconnect secondsSyntax config-l2tpc-n# ppp username username Example config-l2tpc-1# ppp username test-user-name 15-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Router Ospf Commands Configuration Ospf Mode Area commands Area authenticationMessage-digest Compatible rfc1583 16-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-ospf# exit Example config-ospf# exit Config# Syntax config-ospf# end Example config-ospf# end Network area Example config-ospf# network 192.168.1.1 0.0.0.255 area No area authentication No areaNo area stub No compatible rfc1583 Example config-ospf# no network 192.168.1.1 0.0.0.255 areaNo network area No router-id Syntax config-ospf# router-id address Router-idExample router-ospf# router-id Sample Configuration Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 16-11 16-12 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Client Commands Configuration Pptpc Mode Configuration Pptpc Mode Syntax config-pptpc-n# end Example config-pptpc-1# end Example config-pptpc-1# host-ip Syntax config-pptpc-n# host-ip address Example config-pptpc-1# ip address 192.168.2.100 mask Syntax config-pptpc-n# ip mtu sizeautoExample config-pptpc-1# ip mtu auto 17-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# ip ospf authentication-key pass777 Syntax config-pptpc-n# ip ospf authentication-key passwordSyntax config-pptpc-n# ip ospf cost cost Example config-pptpc-1# ip ospf cost Example config-pptpc-1# ip ospf hello-interval Syntax config-pptpc-n# ip ospf hello-interval seconds Example config-pptpc-1# ip ospf priority Syntax config-pptpc-n# ip ospf priority prioritySyntax config-pptpc-n# ip ospf retransmit-interval seconds Example config-pptpc-1# ip ospf retransmit-interval Example config-pptpc-1# ip primary-dns Syntax config-pptpc-n# ip primary-dns addressSyntax config-pptpc-n# ip rip receive-version 121or2none Example config-pptpc-1# ip rip receive-version none Example config-pptpc-1# ip rip send-version 2-bcast Example config-pptpc-1# ip route-mode napt Syntax config-pptpc-n# ip route-mode naptrouteSyntax config-pptpc-n# ip secondary-dns address Example config-pptpc-1# ip secondary-dns Example config-pptpc-1# no ip address Syntax config-pptpc-n# no ip address address 17-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip ospf message-digest-key Syntax config-pptpc-n# no ip ospf message-digest-key key-id 17-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip route 192.168.100.200 Syntax config-pptpc-n# no ip route dest-ip-addr gateway 17-18 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 17-19 Example config-pptpc-1# ppp authentication chap Syntax config-pptpc-n# ppp encryption 40-bit128-bitExample config-pptpc-1# ppp encryption 40-bit Example config-pptpc-1# ppp exec-timeout Syntax config-pptpc-n# ppp exec-timeout minutesSyntax config-pptpc-n# ppp password password Example config-pptpc-1# ppp password test-user-pswrd Example config-pptpc-1# ppp restart-timer Syntax config-pptpc-n# ppp restart-timer secondsSyntax config-pptpc-n# ppp time-btwn-reconnect seconds Example config-pptpc-1# ppp time-btwn-reconnect Example config-pptpc-1# schedule-availability time-range 17-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Server Commands Configuration Pptps Mode Configuration Pptps Mode Syntax config-pptps# end-address end-ip-address Syntax config-pptps# end Example config-pptps# endExample config-pptps# end-address End-ip-address Example config-pptps# idle-time Syntax config-pptps# idle-time secondsIdle-time Seconds Example config-pptps# no ppp encryption Example config-pptps# no ppp authenticationNo idle-time 40-bit Example config-pptps# ppp authentication chap Syntax config-pptps# ppp encryption 40-bit128-bitstatefulExample config-pptps# ppp encryption stateful Example config-pptps# start-address Syntax config-pptps# start-address start-addressStart-ip-address Enter the start IP address of the range 18-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Radius Mode Radius CommandsAuthentication End Exit History Host Key Example config-radius# authentication chap Syntax config-radius# authentication chapms-chapms-chapv2pap Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 19-3 Syntax config-radius# end Example config-radius# end Example config-radius# host 192.168.1.1 auth-port Syntax config-radius# host address auth-port portSyntax config-radius# key password Example config-radius# key testpswd 19-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Vlan Global Commands Configuration Vlan Mode Configuration Vlan Mode Syntax config-vlan# exit Example config-vlan# exit Config# Syntax config-vlan# end Example config-vlan# end Example config-vlan# no port-dot1q ethernet Syntax config-vlan# no port-dot1q ethernet portSyntax config-vlan# no vlan entry Example config-vlan# no vlan Adit 3500 and MSR 1.1 Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4 Disable Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4Adit 3500 and MSR 1.1 Example config-vlan# tag-all enable Syntax config-vlan# tag-all disableenableSyntax config-vlan# vlan-feature disableenable Disable Disable Vlan feature Enable Enable Vlan feature 20-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Vlan Port Mode Vlan Port CommandsEnd Exit History No commands Port Priority Voip-interface Configuration Vlan Port Mode Syntax config-vlan-n# end Example config-vlan-100# end No voip-interface No port Example config-vlan-100# priority Syntax config-vlan-n# priority priority 21-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Voice Port Mode Voice Port CommandsDigit-map global End Exit History No digit-map global Tos Short-timeout Long-timeoutExample config-vport# digit-map mode long-timeout Digit-map global Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 22-3 Syntax config-vport# exit Example config-vport# exit Config# Syntax config-vport# end Example config-vport# end Pattern number No digit-map globalRtp value hex-value Sip value hex-value 22-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Port FXS Commands Configuration Voice Port FXS Mode Syntax config-vport-fxs-n# description text Example config-vport-fxs-1# description VoiceP-#2Comfort-noise Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 23-3 23-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-vport-fxs-1# input-gain Syntax config-vport-fxs-n# input-gain value No echo-cancel No comfort-noiseNo per-line-logging Example config-vport-fxs-1# output-gain Syntax config-vport-fxs-n# output-gain value Example config-vport-fxs-1# signal ground-start Syntax config-vport-fxs-n# signal ground-startloop-start Voice Port Trunk Commands Configuration Voice Port Trunk Mode Connection t1 Connection lcc Default Digit-mapCustom 24-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Use the end command to exit the current Configuration mode Example config-vport-trk-1# input-gain Syntax config-vport-trk-n# input-gain value Example config-vport-trk-1# isdn switch-type pri-ni2 Isdn switch-type PRI No connection t1 No connection lcc No digit-map No registration enable No registration line enable No registration lineNo registration line logging Example config-vport-trk-1# output-gain Syntax config-vport-trk-n# output-gain value Registration enable Registration line authenticationRegistration Registration line first-phone-number Registration line enable Registration line logging Example config-vport-trk-1# signal immediate Syntax config-vport-trk-n# trunk trunk-id Example config-vport-trk-1# trunk VPtrunk1Trunk 24-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Service SIP Commands Configuration Voice Service SIP Mode Syntax config-voice-serv-sip# calling-party-disc duration Example config-voice-serv-sip# calling-party-discConference Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-3 Early-media DtmfInband Rfc2833 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-5 Fax-protocol-t38 redundancy Fax-protocol-t38 ecsHs-redundancy Ls-redundancy Feature-mode Fax-protocol-t38 signaling Syntax config-voice-serv-sip# gateway-ip address Example config-voice-serv-sip# gateway-ipGateway-ip No outbound-proxy No conferenceNo prack No proxy-server No session-timer mode No redundancy rollback-timerNo redundancy filter-incoming No registration ignore-negotiated Outbound-proxy Phone-numberPrack Privacy-mode Proxy-serverRfc3325 Example config-voice-serv-sip# redundancy advance-retries Example config-voice-serv-sip# proxy-type genericProxy-type Redundancy advance-retries Example config-voice-serv-sip# redundancy advance-timeout Redundancy advance-timeoutExample config-voice-serv-sip# redundancy primary-address Redundancy filter-incoming Example config-voice-serv-sip# redundancy rollback-timer Redundancy rollback-timerExample config-voice-serv-sip# redundancy secondary-address Redundancy secondary-address Redundancy ttl Redundancy typeNone Srv User Rtp-base-port Session-timer Session-timer modeSession-timer refresher Sip-port Session-timer timeoutTransport Tcp Udp 25-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Index Index Index FXS Index Index Index Encapsulation ppp Index Index FXS 63,4-64