Manuals / Brands / Computer Equipment / Network Router / Cisco Systems / Computer Equipment / Network Router

Cisco Systems 7401ASR Using the EXEC Command Interpreter , Configuring IKE

1 155

Download 155 pages, 5.42 Mb

4-2

Cisco 7401ASR Installation and Configuration Guide

OL-5419-01 B0

Chapter4 Configuring the VPN Acceleration Module

Configuration Tasks

Using the EXEC Command Interpreter

You modify the configuration of your router through the software command interpreter called the EXEC

(also called enable mode). You must enter the privileged level of the EXEC command interpreter with

the enable command before you can use the configure command to configure a new interface or change

the existing configuration of an interface. The system prompts you for a password if one has been set.

The system prompt for the privileged level ends with a pound sign (#) instead of an angle bracket (>).

At the console terminal, use the following procedure to enter the privileged level:

Step1 At the user-level EXEC prompt, enter the enable command. The EXEC prompts y ou for a

privileged-level password as follows:

Router> enable

Password:

Step2 Enter the password (the password is case sensitive). For security purposes, the password is not disp layed.

When you enter the correct password, the system displays the privileged-level system prompt (#):

Router#

This completes the procedure for entering the privileged level of the EXEC command interpreter.

Configuring IKE

If you do not specify a value for a parameter, the default value is assigned. For in forma tio n o n de fault

values, refer to the “IP Security and Encryption” chapter of the Security Command Reference

publication.

To configure a policy, use the following commands, starting in global configuration mode:

For detailed information on creating IKE policies, refer to the “Configuring Internet Key Exchange

Security Protocol” chapter in the Security Configuration Guide publication.

Command Purpose

Step1 crypto isakmp policy priority Identifies the policy to create, and enters config-isakmp

command mode.

Step2 encryption {des | 3des} Specifies the encryption algorithm.

Step3 group {1 | 2} Specifies the Diffie-Hellman group identifier.

Contents

Main Page CONTENTS Page Page Page Page Page Preface Audience Organization Document Conventions Page xii Warning Definition xiii xiv Terms and Acronyms Page Related Documentation Obtaining Documentation Cisco.com Ordering Documentation Documentation Feedback Obtaining Technical Assistance Cisco Technical Support Website Submitting a Service Request Definitions of Service Request Severity Obtaining Additional Publications and Information Overview and Parts Installation Hardware Overview Front View LEDs Rear View System Board System Management Functions Checking the Shipping Container Contents Installation Checklist Installing the CompactFlash Disk, GBIC, and Port Adapter Installing and Removing the CompactFlash Disk Installing and Removing the Gigabit Interface Converter Page Installing and Removing a Port Adapter or Service Adapter Replacing the SDRAM DIMM Removing the Cover Removing and Installing the SDRAM DIMM Replacing the Cover Rack-Mounting, Tabletop Installation, and Cabling Preparing to Install the Cisco 7401ASR Router Tools and Parts Required Electrical Equipment Guidelines Safety Guidelines Preventing Electrostatic Discharge Damage Electrostatic Discharge Prevention Site Requirement Guidelines Installing the Router General Tabletop or Workbench Installation Rack-Mounting a Cisco 7401ASR Router Attaching the Chassis Rack-Mount and Cable-Management Bracke ts Installing Rack-Mount Brackets on the Front of the Chassis Attaching the Cable-Management Bracket Installing Rack-Mount Brackets on the Rear of the Chassis Installing the Chassis in the Rack Two-Post Rack Installation Four-Post Rack Installation Attaching a Chassis Ground Connection Page Connecting Port Adapter Cables Connecting I/O Cables Connecting Console and Auxiliary Port Cables 1 3 Connecting Native Gigabit Ethernet and Fast Ethernet/Ethernet Cables 4 5 Attaching the Fast Ethernet/Ethernet 10/100 Cables Intra-Building Lightning Protection Attaching the GBIC Interface Cables Attaching Multimode and Single-Mode Optical Fiber Cables Page Mode-Conditioning Patch Cord Description Page Attaching the Mode-Conditioning Patch Cord / / / / / / Attaching the Alarm Port Cable Using the Cable-Management Bracket Connecting Power Connecting AC-Input Power Connecting DC-Input Power Page Page Starting and Configuring Functional Overview Chassis Slot and Logical Interface Numbering Page MAC Address Online Insertion and Removal Environmental Monitoring and Reporting Functions Environmental Monitoring Reporting Functions Page 3-7 With a single 24V DC power supply installed: With a single 48V DC power supply installed: Fan Failures Checking Conditions Prior to System Startup Starting the System and Observing Initial Conditions Configuring a Cisco 7401ASR Router Performing a Basic Configuration Using AutoInstall Performing a Basic Configuration Using the Setup Facility Configuring Global Parameters Page Page Configuring the Native Gigabit Ethernet and Fast Ethernet/Ethernet Interfaces Changing the Media Type Debugging Resetting the Interface Clearing Counters Configuring Port Adapter Interfaces Configuring ATM Interfaces Configuring Fast Ethernet Interfaces Configuring Synchronous Serial Interfaces 3-19 Performing a Basic Configuration Using Global Configuration Mode Saving the Running Configuration to NVRAM Checking the Running Configuration Settings Performing Other Configuration Tasks Replacing or Recovering a Lost Password Overview of the Password Recovery Procedure Details of the Password Recovery Procedure Page Viewing Your System Configuration 3-26 Performing Complex Configurations Page Configuring the VPN Acceleration Module Overview Configuration Tasks Using the EXEC Command Interpreter Configuring IKE Configuring IPSec Creating Crypto Access Lists Defining Transform Sets Creating Crypto Map Entries Verifying the Configuration 4-7 Page Troubleshooting Troubleshooting Overview Problem Solving Using a Subsystems Approach Identifying Startup Problems Troubleshooting the Power Subsystem Troubleshooting the Cooling Subsystem Troubleshooting the I/O Subsystem Troubleshooting the Processor Subsystem Troubleshooting the Port Adapter or Service Adapter Upgrading the Boot Helper (Boot Loader) Image PXF Troubleshooting Information Page Page A Specifications System Specifications Software Requirements Processor Specifications Memory Specifications and Configurations Gigabit Ethernet GBIC Configurations and Port and Cabling Specifications GBIC Cabling and Connection Equipment GBIC-SX or WS-G5484 GBIC-LX/LH or WS-G5486 GBIC-ZX or WS-G5487 Fast Ethernet/Ethernet RJ-45 Port Pinouts 3 34 5 Console and Auxiliary Port Signals and Pinouts Alarm Port Lithium Battery Caution Page B PXF Information Using show Commands B-2 Using the show version Command B-3 Using the show c7400 Command Use the show c7400 command to obtain information about the router. Using the show pxf Commands B-4 show pxf interface show pxf feature ? Sample output for these commands follows. Using the show pxf accounting ? Command and Subcommands The following is an example of the show pxf accounting ? command with sample output: The following is an example of the show pxf accounting summary command with sample output: B-5 The following is an example of the show pxf accounting interface command with sample output: Using the show pxf crash Command The following is an example of the show pxf crash command with sample output: B-6 Using the show pxf info Command The following is an example of the show pxf info command with sample output: Using the show pxf interface Command Using the show pxf feature ? Command and Subcommands The following is an example of the feature-specific show pxf feature ? command with sample output: B-7 show pxf feature cef ? show pxf feature nat ? Router# show pxf feature nat entry Router# show pxf feature nat stat Page C Using the CompactFlash Disk Hardware and Software Requirements Tools and Parts Required Product Description Compatibility Requirements System Memory and Software Image Functions and Interactions Boot Environment Variables Sample Upgrade Process Working with a CompactFlash Disk Software Command Overview Using Software Commands Using the cd Command Using the show Command Using the pwd Command Using the dir Command Using the format Command Using the mkdir Command Using the rmdir Command Using the delete Command Enabling Booting from a CompactFlash Disk Making a CompactFlash Disk-Based Software Image the Bootable Software Image Page D Configuration Register Information Configuration Bit Meanings Bits 03 Bit 6 Bit 7 Bit 8 Bit 10 and Bit 14 Bit 11 and Bit 12 Bit 13 D-5 Displaying the Configuration Register While Running Cisco IOS Displaying the Configuration Register While Running ROM Monitor Setting the Configuration Register While Running Cisco IOS Setting the Configuration Register While Running ROM Monitor D-7 Page INDEX A B C Page D E F G H I K L M N O P R S T V W