Set-pfs, Session-key | Carrier Access none guide

Configuration - IPSec Mode

session-key

Use the IPSec session-keycommand to specify the parameters needed during manual key exchange (ipsec-manual).

Syntax: (config-ipsec-{n})# session-key {inboundoutbound} ah spi authentication [md5sha] hex-key-data

Field	Definition
inbound	Set the inbound (local) IPSec key.

outbound	Set the outbound (remote) IPSec key.

ah spi	Set the Authentication Header Security Parameter Index. 100-FFF

md5	Set authentication to MD5.

sha	Set authentication to Secure Hash Algorithm.

hex-key-data	MD5 or SHA authentication key in hex. String length must be 40.

Example: (config-ipsec-1)# session-key outbound ah 256 authentication md5 0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

set-pfs

Use the IPSec set-pfscommand to enable Perfect Forward Secrecy.

Syntax: (config-ipsec-{n})# set-pfs {125phase1}

Field	Definition
1	Use DH group 1	(768 bit).

2	Use DH group 2	(1024 bit).

5	Use DH group 25 (1536 bit).

phase1	Use the same settings as the Phase 1 group settings.

Example: (config-ipsec-1)# set-pfs phase1

Supported Platforms: Adit 3104, Adit 3200, Adit 3500, MSR

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

14-19

Image 339

Carrier Access none manual Set-pfs, Session-key

Contents

Adit 3000 Series Multi-Service Router MSR Card Corporate Contact Information Customer SupportSupporting Software Versions Preface Preface Table of Contents Global Configuration Mode Configuration T1 Controller Mode Configuration LCC Controller Mode Configuration Dhcp Pool Ethernet Mode Configuration Dial Peer FXS ModeConfiguration Dial Peer Trunk Mode Configuration Ethernet Interface Mode Configuration Dial Peer VoIP Mode Configuration Multilink Interface Mode Configuration Serial Interface Mode Configuration IPSec Mode Configuration L2TPC Mode Configuration Pptpc Mode Configuration Ospf Mode Configuration Pptps Mode Configuration Radius ModeConfiguration Vlan Mode Configuration Voice Port Trunk Mode Configuration Vlan Port ModeConfiguration Voice Port Mode Configuration Voice Port FXS Mode Index Configuration Voice Service SIP Mode Xviii This Chapter Introduction Overview Prompt Identifier Configuration Mode Link to Command Prompt Displayed Configuration Mode Example config# clock 12 source nonet1 port Example config# clock source 12 noneds1 1ds1 2ds1 3ds1 Shortcuts User Mode User Mode CommandsDate Enable End Exit Help History Ping Show Traceroute End EnableExample adit 3500 enable Password Adit 3500# Date Help Exit History Syntax ping address -i time -l size -n count -w timeoutstop PingStop Show Show alarms Address Show arpSyntax show arp alladdressethernet port All Display entire ARP table Show caclkcd Example Adit 3500 show caclkcd Show caclkcd Example Adit MSR show controller lcc Show config dynamic-dnsShow controller lcc Syntax show controller lcc number Show controller t1 Syntax show controller t1 portExample Adit 3500 show controller t1 Show dhcp-leases Show digit-mapSyntax show digit-map Example Adit 3500 show digit-map Show interface description Show interface ethernet Show interface multilinkAdit 3104, Adit 3200, Adit 3500 Value must be Example Adit MSR show interface serial Show interface serialSyntax show interface serial port Example Adit 3500 show interface serial Example Adit MSR show interface stats Show interface stats Supported PlatformsAdit 3104, Adit 3200, Adit 3500, MSR Syntax show ip ospf Example adit 3500 show ip ospf Show ip ospf Show ip ospf database Example adit 3500 show ip ospf database self-originate Example adit 3500 show ip ospf database Multilink port Show ip ospf interfaceEthernet port Serial port Example adit 3500 show Ip ospf neighbor Show ip ospf neighborInterface address Detail Sip Show licensesFirewall Pri Example Adit 3500 show log t1 1 minor Show mac-address-table Syntax show nat-fw Example Adit 3500 show nat-fw Show nat-fw Show port-trigger Show routeSyntax show route Example Adit 3500 show route Syntax show service Example Adit 3500 show service Show service Syntax show version Example Adit 3500 show version Show usersShow version Syntax show users Example Adit 3500 show users Example Adit MSR show version Example Adit MSR show voice-port fxs Show voice-port fxsSyntax show voice-port fxs Example Adit 3500 show voice-port fxs Show voice-port trunk Syntax show voice-port trunk portExample Adit 3500 show voice-port trunk Example Adit MSR show voice-port trunk Syntax traceroute Syntax traceroute addresshostnamestop Traceroute User Mode Privileged Mode Commands Privileged Mode Clear ip ospf process ClearClear arp Clear caclkcd Copy path Configure terminalCopy defaults Copy Example Adit 3500# date Wed Jan 12 103751 Copy running-configSyntax # copy running-config path destination-path Destination-path Debug portmon all Debug Off Debug portmon rxtxbothDebug portmon detail Both Debug portmon ethernet EthernetExample adit 3500# debug portmon ethernet 1 all Example adit 3500# debug portmon management hush Debug portmon managementSyntax # debug portmon management hushoff Hush Off Debug portmon multilink Debug portmon raw Syntax # debug portmon raw offonExample adit 3500# debug portmon raw off Debug portmon serial PortExample adit 3500# debug portmon 1 rip Example adit 3500# end Username Syntax # debug trace casprisip enabletxrxExample adit 3500# debug trace cas enable Debug trace Adit 3500# help Syntax # history Example adit 3500# history Example adit 3500# log clear firewall Log clearSyntax # log clear allfirewallprisipsystemt1lcc Lcc Cas Pri Sip No debugNo debug portmon No debug trace Example Adit 3500# ping 192.168.1.1 -n 2 -l Example Adit 3500# ping Reload Example adit 3500# reload Going to reboot Restarting system Show Example adit 3500# show alarms major Example adit 3500# show arp all Syntax # show arp alladdressethernet portExample adit 3500# show arp ethernet Example adit 3500# show arp # show caclkcd Example adit 3500# show caclkcd Show config access-control Example adit 3500# show config controller t1 Syntax # show config controller t1 port Dmz-host 192.168.1.200 enable Example adit 3500# show config interface ethernet Syntax # show config interface ethernet port Example adit 3500# show config interface multilink Syntax # show config interface multilink port Example adit 3500# show config interface serial Syntax # show config interface serial port Example adit 3500# show config ip dhcp ethernet Syntax # show config ip dhcp ethernet port Network-object id 0 description NetworkObject1 ip-address Security-default typical Static-dns hostname test1 ip-address Example adit 3500# show config voice-port fxs Syntax # show config voice-port fxs port Syntax # show config voice-port trunk port Example adit 3500# show config voice-port trunkExample adit MSR# show config voice-port trunk Syntax # show controller lcc number Example adit 3500# show controller t1 Syntax # show controller t1 port Syntax # show digit-map Example adit 3500# show digit-map Example Adit MSR# show interface description Example adit 3500# show interface multilink Syntax # show interface ethernet portExample adit 3500# show interface ethernet Syntax # show interface multilink port Syntax # show interface serial port Example adit 3500# show interface serialExample adit MSR# show interface serial Syntax # show ip ospf Example adit 3500# show ip ospf Show ip ospf database Example adit 3500# show ip ospf database self-originate Example adit 3500# show ip ospf database Example adit 3500# show ip ospf interface ethernet Example adit 3500# show ip ospf neighbor detail Example adit 3500# show Ip ospf neighbor Syntax # show ipsec vpnipsecconnection-id Syntax # show l2tpc l2tpc connection-id Example adit 3500# show l2tpcExample adit 3500# show l2tpc l2tpc Example adit 3500# show licenses # show licenses Example adit 3500# show log t1 1 minor Syntax # show nat-fw Example adit 3500# show nat-fw Show port-trigger Syntax # show pptpc pptpc connection-id Example adit 3500# show pptpcExample adit 3500# show pptpc pptpc Syntax # show route Example adit 3500# show route Syntax # show pptps Example adit 3500# show pptps Show running-config Privileged Mode Example adit MSR# show running-config Privileged Mode Privileged Mode Privileged Mode Supported Platforms Adit 3104, Adit 3200, Adit 3500, MSR # show service Example adit 3500# show service Syntax # show version Example adit 3500# show version Syntax # show users Example adit 3500# show users Example Adit MSR# show version Syntax # show voice-port fxs Example adit 3500# show voice-port fxsExample adit MSR# show voice-port fxs Example adit 3500# show voice-port trunk Syntax # show voice-port trunk port Example adit MSR# show voice-port trunk Example Adit 3500# traceroute to UpgradeSyntax # upgrade ip-address address file filename check Syntax # traceroute Syntax # traceroute addresshostnamestop Privileged Mode Global Configuration Mode Commands for Entering Configuration Submodes Global Configuration Commands Lan AccessAccess-control Lan Wan Access-list Clock source Authentication loginSyntax config# clock 12 source nonet1 port Example config# clock 1 source t1 Controller t1 Controller lcc Tod Date auto-time-updateDate set Ntp Date summer-time Example config# date summer-time 03 28 0000 10 28 0100 Date timezone Delete local-server Adit 3500 Range = Dial-peer voiceDial-peer voice pots fxs Dial-peer voice pots trunk Dial-peer voice voip Dmz-host Privileged Mode Commands User Mode Commands Dynamic-dns Dynamic-dns backup-mxSyntax config# dynamic-dns interface eth-2mlink-1ser-n Example config# dynamic-dns interface ser-1 Dynamic-dns mail-exchanger Dynamic-dns offlineDynamic-dns username Syntax config# end Example config# end Syntax config# exit Example config# exitDynamic-dns wildcard Config# help Config# help Or config# ? History Interface ethernet Syntax config# interface ethernet portExample config# interface ethernet Config-int-eth-1# Host-filter Adit 3200, Adit 3500 Range = Interface multilinkInterface serial Adit 3104, Adit 3200, Adit 3500 Value must be Ipsec key generate key Ipsec authentication-retriesExample config# ipsec authentication-retries 10 delay Ipsec Ipsec log ike Example config# ipsec log ike msg-outp Ipsec log ipsec Ipsec net-to-hostAny Remote-ip Ipsec net-to-netIpsec replay Ipsec vpnipsec Ip dhcp pool ethernet Ip domain-nameIp host Ipsec KeyL2tpc Key-code New Local-server Log Log lcc bufferLog lcc notify Log security buffer Log pri Log sip Example config# log security notify warnExample config# log sip buffer-fill Log security notify Log system buffer Syntax config# log system buffer kilobytesExample config# log system buffer Example config# log system notify error Log t1 buffer Syntax config# log t1 buffer kilobytesExample config# log t1 buffer Example config# log t1 notify warn Mail-server host Mail-server authentication enableMail-server Mail-server from-address Mail-server username Syntax config# mail-server port portExample config# mail-server port Mail-server port Network-object EnableExample config# nat-bypass ip-address 10.10.2.1 mask Nat-bypass No commands No accessNo access-control No access-list No authentication loginNo date auto-time-update Adit 3500 Range = No date summer-timeNo dial-peer voice pots fxs No dial-peer voice pots trunk No dial-peer voice voip No dmz-hostNo dynamic-dns No ipsec authentication-retries No host-filterNo ipsec log ike Example config# no ipsec log ipsec tc No ipsec log ipsecNo ipsec replay No ipsec vpnipsec No interface multilinkNo interface serial No ip dhcp pool ethernet No keyNo l2tpc No nat-bypass No mail-server authenticationNo local-server No log sip No port-trigger-service No network-objectNo pptpc No pptps No remote-admin icmpNo remote-admin snmp Syntax config# no pptps Example config# no pptps No remote-admin telnet No remote-admin udp-traceExample config# no remote-admin telnet primary-port No remote-admin web Example config# no remote-admin web primary-portNo router ospf Syntax config# no security-log setting SettingNo security-log No snmp-server No serviceSyntax config# no service service-id Example config# no service-id No static-dns No time-rangeNo username No vlan No voice-codecNo voice-port trunk Port-trigger service PptpcPptps Radius-client Remote-adminRemote-admin icmp Remote-admin snmp Primary-port Remote-admin telnetRemote-admin udp-trace Example config# remote-admin telnet primary-port enable Remote-admin web Example config# remote-admin web primary-port enableRouter ospf Minimum Security-defaultTypical default Maximum Security-log Service Server-src-port Snmp-server enableSnmp-server Snmp-server community Version Snmp-server traps enableSnmp-server host Snmp-server trusted-ip Time-range Static-dns Monitor AdminUsername Vlan global Voice-codec Vlan vlan-id Voice-port fxs Syntax config# voice-port fxs portExample config# voice-port fxs 1 config-vport-fxs-1# Voice-port global Voice-port trunk Voice-service sipSyntax config# voice-port trunk port Example config# voice-port trunk 1 config-vport-trk-1# Configuration LCC Controller Mode LCC Controller CommandsDescription End Exit History No command Shutdown Syntax config-cont-lcc-n# description text Example config-cont-lcc-1# description LCC#1Description User Mode Commands Syntax config-cont-lcc-n# end Example config-cont-lcc-1# end No shutdown No command Shutdown T1 Controller Commands Configuration T1 Controller Mode Example config-cont-t1-1# description T1#1 Syntax config-cont-t1-n# description text User Mode Commands Ds0-group Syntax config-cont-t1-n# ds0-group timeslots rangeExample config-cont-t1-1# ds0-group timeslots Syntax config-cont-t1-n# end Example config-cont-t1-1# end Esf FdlFraming None T1.403 Syntax config-cont-t1-n# idle-pattern number Example config-cont-t1-1# idle-pattern 0x7fIdle-pattern Lbo Lbo longLbo short Linecode LoopbackAmi B8zs Csu Niu None LoopdetectNo ds0-group No pri-group Pri-group No tdm-groupIn-out Tdm-group Example config-cont-t1-1# tdm-group timeslots 1-4 dir in-out Threshold Dhcp Pool Commands Configuration Dhcp Pool Ethernet Mode Configuration Dhcp Pool Ethernet Mode Syntax config-dhcp-eth-n# end-address address Example config-dhcp-eth-1# end-addressEnd-address Syntax config-dhcp-eth-n# lease time Example config-dhcp-eth-1# leaseLease No option No relayNo static-lease Relay Option Static-lease Syntax config-dhcp-eth-n# start-address addressExample config-dhcp-eth-1# start-address Start-address Wins server Subnet-mask Dial Peer FXS Commands Configuration Dial Peer FXS Mode Calling-party-disc Block-out-caller-idCall-wait-caller-id Call-waiting G711alaw Codec preferenceDestination-pattern 123 User Mode Commands Syntax config-dpeer-fxs# end Example config-dpeer-fxs# end Pass-through Syntax config-dpeer-fxs# fax-protocol nonepass-throught38Example config-dpeer-fxs# fax-protocol none Fax-protocol Syntax config-dpeer-fxs# modem-protocol nonepass-through Example config-dpeer-fxs# modem-protocol pass-thoughModem-protocol No calling-party-disc No block-out-caller-idNo call-wait-caller-id No call-waiting No codec preference No sip-authenticationSyntax config-dpeer-fxs# no codec preference Example config-dpeer-fxs# no codec preference Sip-authentication username Sip-authenticationSip-authentication enable Sip-authentication password Dial Peer Trunk Commands Configuration Dial Peer Trunk Mode Example config-dpeer-trk# codec preference 1 g711alaw Syntax config-dpeer-trk# destination-pattern dest-patternExample config-dpeer-trk# destination-pattern 555$ User Mode Commands Syntax config-dpeer-trk# end Example config-dpeer-trk# end Syntax config-dpeer-trk# fax-protocol nonepass-throught38Example config-dpeer-trk# fax-protocol none Example config-dpeer-trk# modem-protocol pass-though Syntax config-dpeer-trk# modem-protocol nonepass-through Syntax config-dpeer-trk# no codec preference Example config-dpeer-trk# no codec preferenceNo destination-pattern Prefix Syntax config-dpeer-trk# prefix prefixExample config-dpeer-trk# prefix Prefix Syntax config-dpeer-trk# strip-digits number Example config-dpeer-trk# strip-digitsStrip-digits Dial Peer VoIP Commands Configuration Dial Peer VoIP Mode Example config-dpeer-voip# destination-pattern Syntax config-dpeer-voip# destination-pattern number Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 10-3 Syntax config-dpeer-voip end Example config-dpeer-voip# end No session-target No prefix Session-target Syntax config-dpeer-voip# prefix prefixExample config-dpeer-voip# prefix Example config-dpeer-voip# session-target ip-address Example config-dpeer-voip# user-id testname Syntax config-dpeer-voip# strip-digits numberExample config-dpeer-voip# strip-digits Syntax config-dpeer-voip# user-id user-id 10-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ethernet Interface Commands Configuration Ethernet Interface Mode Example config-int-eth-1# description Eth#1 Syntax config-int-eth-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 11-3 Firewall Syntax config-int-eth-n# end Example config-int-eth-1# end Half-duplex Full-duplex Secondary Example config-int-eth-1# ip address 192.168.2.100 maskIp address Auto Example config-int-eth-1# ip default-gateway Ip default-gatewayIp default-route Syntax config-int-eth-n# ip default-gateway address Auto Syntax config-int-eth-n# ip mtu sizeautoExample config-int-eth-1# ip mtu auto Ip mtu Ip ospf authentication Message-digestNull Ip ospf authentication-key Ip ospf costIp ospf dead-interval Ip ospf hello-interval Ip ospf disableSyntax config-int-eth-n# ip ospf hello-interval seconds Example config-int-eth-1# ip ospf hello-interval Ip ospf transmit-delay Ip ospf priorityIp ospf retransmit-interval Ip proxy-arp Syntax config-int-eth-n# ip primary-dns addressExample config-int-eth-1# ip primary-dns Ip primary-dns Ip rip send-version Ip rip enableIp rip Ip rip receive-version Ip route-mode Syntax config-int-eth-n# ip route-mode naptrouteExample config-int-eth-1# ip route-mode napt Ip route Metric Ip secondary-dns No ip dhcp No ip default-routeNo firewall No ip address No ip ospf dead-interval No ip ospf authenticationNo ip ospf authentication-key No ip ospf cost No ip ospf message-digest-key No ip ospf disableExample config-int-eth-1# no ip ospf message-digest-key No ip ospf hello-interval No ip primary-dns No ip ospf transmit-delayNo ip ospf priority No ip ospf retransmit-interval No ip secondary-dns No ip proxy-arpNo ip rip No ip route No remote-admin No schedule-availabilityNo sip-alg Release RenewNo tos ip Sip-alg Syntax config-int-eth-n# schedule-availability time-rangeExample config-int-eth-1# schedule-availability time-range Schedule-availability Speed Tos100 Auto 11-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Multilink Interface Commands Configuration Multilink Interface Mode Example config-int-mlink-1# description MLPPP1 Syntax config-int-mlink-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-3 12-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Unnumbered Example config-int-mlink-1# ip address 192.168.2.100 mask Example config-int-mlink-1# ip mtu auto Syntax config-int-mlink-n# ip mtu sizeauto Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-7 Example config-int-mlink-1# ip ospf dead-interval Syntax config-int-mlink-n# ip ospf cost costExample config-int-mlink-1# ip ospf cost Syntax config-int-mlink-n# ip ospf dead-interval seconds Example config-int-mlink-1# ip ospf hello-interval Syntax config-int-mlink-n# ip ospf hello-interval seconds Syntax config-int-mlink-n# ip ospf transmit-delay seconds Syntax config-int-mlink-n# ip ospf priority priorityExample config-int-mlink-1# ip ospf priority Example config-int-mlink-1# ip ospf retransmit-interval 121or2 Syntax config-int-mlink-n# ip primary-dns addressExample config-int-mlink-1# ip primary-dns Example config-int-mlink-1# ip rip receive-version none Example config-int-mlink-1# ip rip send-version 2-bcast Example config-int-mlink-1# ip secondary-dns Syntax config-int-mlink-n# ip route-mode naptrouteExample config-int-mlink-1# ip route-mode napt Syntax config-int-mlink-n# ip secondary-dns address Example config-int-mlink-1# no ip address Syntax config-int-mlink-n# no ip address address Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-15 Example config-int-mlink-1# no ip ospf message-digest-key Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-17 No ppp encryption No ppp authenticationSyntax config-int-mlink-n# no ip route dest-ip-addr gateway Example config-int-mlink-1# no ip route 192.168.100.200 No ppp username No ppp passwordNo ppp on-demand No ppp qos interleaving 12-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ppp authentication Ppp exec-timeoutPpp encryption Ppp password Ppp link-fragmentationPpp on-demand Ppp restart-timer Ppp qos-interleavingPpp time-btwn-reconnect Ppp username Syntax config-int-mlink-n# ppp username usernameExample config-int-mlink-1# ppp username test-user-name Syntax config-int-mlink-n# schedule-availability time-range Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 12-25 12-26 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Serial Interface Commands Configuration Serial Interface Mode Example config-int-ser-1# description Serial1 Syntax config-int-ser-n# description text Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-3 Encapsulation ppp Syntax config-int-ser-n# end Example config-int-ser-1# end Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-5 Example config-int-ser-1# ip address 192.168.2.100 mask Syntax config-int-ser-n# ip mtu sizeautoExample config-int-ser-1# ip mtu auto Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-7 Example config-int-ser-1# ip ospf dead-interval Syntax config-int-ser-n# ip ospf cost costExample config-int-ser-1# ip ospf cost Syntax config-int-ser-n# ip ospf dead-interval seconds Example config-int-ser-1# ip ospf hello-interval Syntax config-int-ser-n# ip ospf hello-interval seconds Syntax config-int-ser-n# ip ospf transmit-delay seconds Syntax config-int-ser-n# ip ospf priority priorityExample config-int-ser-1# ip ospf priority Example config-int-ser-1# ip ospf retransmit-interval Example config-int-ser-1# ip rip receive-version none Syntax config-int-ser-n# ip primary-dns addressExample config-int-ser-1# ip primary-dns Syntax config-int-ser-n# ip rip receive-version 121or2none Example config-int-ser-1# ip rip send-version 2-bcast Example config-int-ser-1# ip secondary-dns Syntax config-int-ser-n# ip route-mode naptrouteExample config-int-ser-1# ip route-mode napt Syntax config-int-ser-n# ip secondary-dns address No encapsulation ppp Syntax config-int-ser-n# multilink-group group-numberExample config-int-ser-1# multilink-group Multilink-group Example config-int-ser-1# no ip address Syntax config-int-ser-n# no ip address address 13-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-int-ser-1# no ip ospf message-digest-key Example config-int-ser-1# no ip route 192.168.100.200 Syntax config-int-ser-n# no ip route dest-ip-addr gateway Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 13-19 13-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Ms-chap Example config-int-ser-1# ppp username test-user-pswrd Syntax config-int-ser-n# ppp link-fragmentation numberExample config-int-ser-1# ppp link-fragmentation Syntax config-int-ser-n# ppp password password Example config-int-ser-1# ppp time-btwn-reconnect Syntax config-int-ser-n# ppp restart-timer secondsExample config-int-ser-1# ppp restart-timer Syntax config-int-ser-n# ppp time-btwn-reconnect seconds Example config-int-ser-1# schedule-availability time-range Syntax config-int-ser-n# schedule-availability time-range IPSec Commands Configuration IPSec Mode Rsa-sig AuthenticationAggressive-mode Pre-shared Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 14-3 Dpd-delay Dpd-enableDpd-timeout Encryption Group HashMd5 Sha Syntax config-ipsec n# ip route metric metric Example config-ipsec-1# ip route metricIp route metric Ipsec-manual Ipsec-conn Subnet ip LifetimeLocal-subnet Single ip Tunnel Max-retriesMode Transport Netbios remote-brc-addr Net-typeDmz lan wan No aggressive-mode No dpd-delayNo dpd-enable No dpd-timeout No encryption Example config-ipsec-1# no encryption aesSyntax config-ipsec-n# no group Example config-ipsec-1# no group No hash No netbiosSyntax config-ipsec-n# no hash md5sha Example config-ipsec-1# no hash md5 No set-pfs No reconnect No transform-set Reconnect RekeyRemote-ip Syntax config-ipsec-n# schedule-availability rule-id Example config-ipsec-1# schedule-availability rule1Remote-subnet Session-key Set-pfs Transform-set Example config-ipsec-1# transform-set esp-aes Example of IPSec Connection Configuration 14-22 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI L2TPC Commands Configuration L2TPC Mode Configuration L2TPC Mode Syntax config-l2tpc-n# end Example config-l2tpc-1# end Syntax config-l2tpc-n# host-ip address Example config-l2tpc-1# host-ipHost-ip Example config-l2tpc-1# ip address 192.168.2.100 mask Syntax config-l2tpc-n# ip mtu sizeautoExample config-l2tpc-1# ip mtu auto 15-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-l2tpc-1# ip ospf cost Syntax config-l2tpc-n# ip ospf authentication-key passwordExample config-l2tpc-1# ip ospf authentication-key pass777 Syntax config-l2tpc-n# ip ospf cost cost Example config-l2tpc-1# ip ospf hello-interval Syntax config-l2tpc-n# ip ospf hello-interval seconds Example config-l2tpc-1# ip ospf retransmit-interval Syntax config-l2tpc-n# ip ospf priority priorityExample config-l2tpc-1# ip ospf priority Syntax config-l2tpc-n# ip ospf retransmit-interval seconds Example config-l2tpc-1# ip rip receive-version none Syntax config-l2tpc-n# ip primary-dns addressExample config-l2tpc-1# ip primary-dns Syntax config-l2tpc-n# ip rip receive-version 121or2none Example config-l2tpc-1# ip rip send-version 2-bcast Local-secret Example config-l2tpc-1# no ip address Syntax config-l2tpc-n# metric metricExample config-l2tpc-1# metric Syntax config-l2tpc-n# no ip address address 15-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 15-15 Example config-l2tpc-1# no ip ospf message-digest-key Syntax config-l2tpc-n# no ip ospf message-digest-key key-id Example config-l2tpc-1# no ip route 192.168.100.200 Syntax config-l2tpc-n# no ip route dest-ip-addr gateway No ppp exec-timeout No ppp time-btwn-reconnect No ppp restart-timer 15-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-l2tpc-n# ppp exec-timeout minutes Example config-l2tpc-1# ppp authentication chapSyntax config-l2tpc-n# ppp encryption 40-bit128-bit Example config-l2tpc-1# ppp encryption 40-bit Example config-l2tpc-1# ppp restart-timer Syntax config-l2tpc-n# ppp password passwordExample config-l2tpc-1# ppp password test-user-pswrd Syntax config-l2tpc-n# ppp restart-timer seconds Example config-l2tpc-1# ppp username test-user-name Syntax config-l2tpc-n# ppp time-btwn-reconnect secondsExample config-l2tpc-1# ppp time-btwn-reconnect Syntax config-l2tpc-n# ppp username username 15-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Router Ospf Commands Configuration Ospf Mode Area commands Area authenticationMessage-digest Compatible rfc1583 16-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Syntax config-ospf# exit Example config-ospf# exit Config# Syntax config-ospf# end Example config-ospf# end Network area Example config-ospf# network 192.168.1.1 0.0.0.255 area No area authentication No areaNo area stub No router-id Example config-ospf# no network 192.168.1.1 0.0.0.255 areaNo compatible rfc1583 No network area Syntax config-ospf# router-id address Router-idExample router-ospf# router-id Sample Configuration Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 16-11 16-12 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Client Commands Configuration Pptpc Mode Configuration Pptpc Mode Syntax config-pptpc-n# end Example config-pptpc-1# end Example config-pptpc-1# host-ip Syntax config-pptpc-n# host-ip address Example config-pptpc-1# ip address 192.168.2.100 mask Syntax config-pptpc-n# ip mtu sizeautoExample config-pptpc-1# ip mtu auto 17-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# ip ospf cost Syntax config-pptpc-n# ip ospf authentication-key passwordExample config-pptpc-1# ip ospf authentication-key pass777 Syntax config-pptpc-n# ip ospf cost cost Example config-pptpc-1# ip ospf hello-interval Syntax config-pptpc-n# ip ospf hello-interval seconds Example config-pptpc-1# ip ospf retransmit-interval Syntax config-pptpc-n# ip ospf priority priorityExample config-pptpc-1# ip ospf priority Syntax config-pptpc-n# ip ospf retransmit-interval seconds Example config-pptpc-1# ip rip receive-version none Syntax config-pptpc-n# ip primary-dns addressExample config-pptpc-1# ip primary-dns Syntax config-pptpc-n# ip rip receive-version 121or2none Example config-pptpc-1# ip rip send-version 2-bcast Example config-pptpc-1# ip secondary-dns Syntax config-pptpc-n# ip route-mode naptrouteExample config-pptpc-1# ip route-mode napt Syntax config-pptpc-n# ip secondary-dns address Example config-pptpc-1# no ip address Syntax config-pptpc-n# no ip address address 17-14 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip ospf message-digest-key Syntax config-pptpc-n# no ip ospf message-digest-key key-id 17-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-pptpc-1# no ip route 192.168.100.200 Syntax config-pptpc-n# no ip route dest-ip-addr gateway 17-18 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 17-19 Example config-pptpc-1# ppp authentication chap Syntax config-pptpc-n# ppp encryption 40-bit128-bitExample config-pptpc-1# ppp encryption 40-bit Example config-pptpc-1# ppp password test-user-pswrd Syntax config-pptpc-n# ppp exec-timeout minutesExample config-pptpc-1# ppp exec-timeout Syntax config-pptpc-n# ppp password password Example config-pptpc-1# ppp time-btwn-reconnect Syntax config-pptpc-n# ppp restart-timer secondsExample config-pptpc-1# ppp restart-timer Syntax config-pptpc-n# ppp time-btwn-reconnect seconds Example config-pptpc-1# schedule-availability time-range 17-24 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Pptp Server Commands Configuration Pptps Mode Configuration Pptps Mode End-ip-address Syntax config-pptps# end Example config-pptps# endSyntax config-pptps# end-address end-ip-address Example config-pptps# end-address Seconds Syntax config-pptps# idle-time secondsExample config-pptps# idle-time Idle-time 40-bit Example config-pptps# no ppp authenticationExample config-pptps# no ppp encryption No idle-time Example config-pptps# ppp authentication chap Syntax config-pptps# ppp encryption 40-bit128-bitstatefulExample config-pptps# ppp encryption stateful Enter the start IP address of the range Syntax config-pptps# start-address start-addressExample config-pptps# start-address Start-ip-address 18-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Radius Mode Radius CommandsAuthentication End Exit History Host Key Example config-radius# authentication chap Syntax config-radius# authentication chapms-chapms-chapv2pap Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 19-3 Syntax config-radius# end Example config-radius# end Example config-radius# key testpswd Syntax config-radius# host address auth-port portExample config-radius# host 192.168.1.1 auth-port Syntax config-radius# key password 19-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Vlan Global Commands Configuration Vlan Mode Configuration Vlan Mode Syntax config-vlan# exit Example config-vlan# exit Config# Syntax config-vlan# end Example config-vlan# end Example config-vlan# no vlan Syntax config-vlan# no port-dot1q ethernet portExample config-vlan# no port-dot1q ethernet Syntax config-vlan# no vlan entry Adit 3500 and MSR 1.1 Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4 Disable Adit 3104 and Adit 3200 1.1, 1.2, 1.3, 1.4Adit 3500 and MSR 1.1 Disable Disable Vlan feature Enable Enable Vlan feature Syntax config-vlan# tag-all disableenableExample config-vlan# tag-all enable Syntax config-vlan# vlan-feature disableenable 20-8 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Vlan Port Mode Vlan Port CommandsEnd Exit History No commands Port Priority Voip-interface Configuration Vlan Port Mode Syntax config-vlan-n# end Example config-vlan-100# end No voip-interface No port Example config-vlan-100# priority Syntax config-vlan-n# priority priority 21-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Configuration Voice Port Mode Voice Port CommandsDigit-map global End Exit History No digit-map global Tos Digit-map global Long-timeoutShort-timeout Example config-vport# digit-map mode long-timeout Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 22-3 Syntax config-vport# exit Example config-vport# exit Config# Syntax config-vport# end Example config-vport# end Sip value hex-value No digit-map globalPattern number Rtp value hex-value 22-6 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Port FXS Commands Configuration Voice Port FXS Mode Syntax config-vport-fxs-n# description text Example config-vport-fxs-1# description VoiceP-#2Comfort-noise Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 23-3 23-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Example config-vport-fxs-1# input-gain Syntax config-vport-fxs-n# input-gain value No echo-cancel No comfort-noiseNo per-line-logging Example config-vport-fxs-1# output-gain Syntax config-vport-fxs-n# output-gain value Example config-vport-fxs-1# signal ground-start Syntax config-vport-fxs-n# signal ground-startloop-start Voice Port Trunk Commands Configuration Voice Port Trunk Mode Connection t1 Connection lcc Default Digit-mapCustom 24-4 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Use the end command to exit the current Configuration mode Example config-vport-trk-1# input-gain Syntax config-vport-trk-n# input-gain value Example config-vport-trk-1# isdn switch-type pri-ni2 Isdn switch-type PRI No connection t1 No connection lcc No digit-map No registration enable No registration line enable No registration lineNo registration line logging Example config-vport-trk-1# output-gain Syntax config-vport-trk-n# output-gain value Registration enable Registration line authenticationRegistration Registration line first-phone-number Registration line enable Registration line logging Example config-vport-trk-1# signal immediate Syntax config-vport-trk-n# trunk trunk-id Example config-vport-trk-1# trunk VPtrunk1Trunk 24-16 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Voice Service SIP Commands Configuration Voice Service SIP Mode Syntax config-voice-serv-sip# calling-party-disc duration Example config-voice-serv-sip# calling-party-discConference Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-3 Rfc2833 DtmfEarly-media Inband Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI 25-5 Ls-redundancy Fax-protocol-t38 ecsFax-protocol-t38 redundancy Hs-redundancy Feature-mode Fax-protocol-t38 signaling Syntax config-voice-serv-sip# gateway-ip address Example config-voice-serv-sip# gateway-ipGateway-ip No proxy-server No conferenceNo outbound-proxy No prack No registration ignore-negotiated No redundancy rollback-timerNo session-timer mode No redundancy filter-incoming Outbound-proxy Phone-numberPrack Privacy-mode Proxy-serverRfc3325 Redundancy advance-retries Example config-voice-serv-sip# proxy-type genericExample config-voice-serv-sip# redundancy advance-retries Proxy-type Redundancy filter-incoming Redundancy advance-timeoutExample config-voice-serv-sip# redundancy advance-timeout Example config-voice-serv-sip# redundancy primary-address Redundancy secondary-address Redundancy rollback-timerExample config-voice-serv-sip# redundancy rollback-timer Example config-voice-serv-sip# redundancy secondary-address Redundancy ttl Redundancy typeNone Srv User Rtp-base-port Session-timer Session-timer modeSession-timer refresher Tcp Udp Session-timer timeoutSip-port Transport 25-20 Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Adit 3000 Rel .6 and MSR Card Rel 2.0 CLI Index Index Index Index Index FXS Index Index Index Encapsulation ppp Index Index FXS 63,4-64