Text Part Number OL-23590-02 September 2
Americas Headquarters
Cisco Systems, Inc 170 West Tasman Drive San Jose, CA
800 553-NETS Fax 408
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS
Wireless Device Overview
Information Needed for Configuration
New Features
WLAN Features
Verifying Configuration
Configuring a Cellular Interface
Prerequisites for Configuring the 3G Wireless Interface
Configuring DDR
Configuring Security Features
Ignoring DCD and Monitoring DSR as Line Up/Down Indicator
Configuration Examples
Interface Enablement Configuration Examples
Configuring the Ethernet Switches
Configure the IKE Policy
Create a Cisco Easy VPN Remote Configuration
Configure a Site-to-Site GRE Tunnel
Configuration Tasks
Configure the Virtual Private Dialup Network Group Number
Configuring VLANs
Configuring 802.1x Authentication
Understanding Command Modes
Entering Global Configuration Mode A-5
Configure the IKE Policy
Configure Group Policy Information
ROM Monitor Commands
Changing the Configuration Register Manually C-11
Changing the Configuration Register Using Prompts C-11
Backup Interface
OL-23590-02
Contents
C H A P T E R
General Description, page SKU Information, page New Features, page
Product Overview
General Description
OL-23590-02
Figure 1-1 Cisco 819HG Integrated Services Router
Figure 1-2 Cisco 819HGW Integrated Services Router
Chapter 1 Product Overview General Description
Platform Features, page Security Features, page
New Features
3G Features
3G Features, page WLAN Features, page 4G LTE Features, page
WLAN Features
Platform Features
Security Features
LEDs, page
Wireless Device Overview
ScanSafe
ScanSafe, page TFTP support with Ethernet WAN interface, page
Description
TFTP support with Ethernet WAN interface
LEDs
Color
3G LED Descriptions continued
show platform led for all LEDs show controller cellular 0 for 3G LEDs
Color
Description
router# show controllers cellular
Chapter 2 Wireless Device Overview LEDs
Dual-Radio
Wireless Local Area Network
WLAN Features
Dual-Radio, page Images Supported, page CleanAir Technology, page
LEDs
CleanAir Technology
Images Supported
Dynamic Frequency Selection
WLAN LED Descriptions
WLAN LED
Color
Description
OL-23590-02
Chapter 3 Wireless Local Area Network WLAN Features
C H A P T E R
4G LTE Wireless WAN
OL-23590-02
Chapter 4 4G LTE Wireless WAN
Configuring Command-Line Access, page
Basic Router Configuration
Interface Ports, page Default Configuration, page
Information Needed for Configuration, page
Interface
Default Configuration
Interface Ports
Router
Information Needed for Configuration
If you are setting up IP routing
3G-ACC-OUT-LA-See Cisco 3G Lightning Arrestor 3G-ACC-OUT-LA
4. exec-timeout minutes seconds
Configuring Command-Line Access
1. line aux console tty vty line-number 2. password password
3. login
Example
Command
DETAILED STEPS
Purpose
Example
Example
Command
Purpose
hostname name
Configuring Global Parameters
configure terminal
enable secret password
Configuring the Cellular Wireless WAN Interface, page
Configuring WAN Interfaces
Configuring a Gigabit Ethernet WAN Interface
Configuring a Gigabit Ethernet WAN Interface, page
Enables the Ethernet interface, changing its
Configuring the Cellular Wireless WAN Interface
Command
Enters the configuration mode for a Gigabit
Prerequisites for Configuring the 3G Wireless Interface
Restrictions for Configuring the Cellular Wireless Interface
5-11
Command or Action
Verifying Signal Strength and Service Availability
Verifying Signal Strength and Service Availability, page
Configuring a GSM Modem Data Profile, page
Command or Action
Configuring a GSM Modem Data Profile
5-13
Command or Action
Password
authentication
Type of authentication, for example, CHAP, PAP
Username provided by your service provider
5-15
Activating with Over-the-Air Service Provisioning
cellular cdma activate iota
router # cellular 0 cdma activate otasp phonenumber
6. asynchronous mode interactive 7. ip address negotiated
Configuring a Cellular Interface
1. configure terminal 2. interface cellular 3. encapsulation ppp
4. ppp chap hostname hostname 5. ppp chap password 0 password
9. ip access-list access list number permit ip source address
Configuring DDR
1. configure terminal 2. interface cellular 3. dialer in-band
4. dialer idle-timeout seconds 5. dialer string string
Purpose
5-18
Command or Action
DETAILED STEPS
Example
5-19
Command or Action
Purpose
Tunnel over Cellular Interface Configuration, page
Examples for Configuring Cellular Wireless Interfaces
Basic Cellular Interface Configuration
Basic Cellular Interface Configuration, page
Chapter 5 Basic Router Configuration Configuring WAN Interfaces
Tunnel over Cellular Interface Configuration
Configuration for 8705 modem
5-21
Command
Configuring Dual SIM for Cellular Networks
Syntax
5-22
Syntax
Configuring Router for Image and Config Recovery Using Push Button
5-23
Command
IOS Behavior
Output When Button Is Not Pushed Example
Output When Button Is Pushed Example
ROMMON Behavior
3. exit
Configuring a Loopback Interface
Configuring the Fast Ethernet LAN Interfaces
Push Button in WLAN AP
interface and returns to global configuration
Verifying Configuration
Enters configuration mode for the loopback
Exits configuration mode for the loopback
Exits router configuration mode and enters
Configuring Static Routes
For details about this command and about
IOS IP Routing Protocol-Independent Command
Configuring Enhanced Interior Gateway Routing Protocol, page
Configuring Dynamic Routes
Verifying Configuration
Configuring Routing Information Protocol, page
3. network ip-address
Configuring Routing Information Protocol
router rip
2. version 1
3. end
Configuring Enhanced Interior Gateway Routing Protocol
1. router eigrp as-number
2. network ip-address
Example
5-31
Verifying Configuration
Command
5-32
Chapter 5 Basic Router Configuration Configuring Dynamic Routes
OL-23590-02
Configuring Cellular Dial-on-Demand Routing Backup, page
Configuring Backup Data Lines and Remote Management
Configuring Backup Interfaces
Configuring Backup Interfaces, page
SUMMARY STEPS
2. backup interface interface-type interface-number
1. interface type number
Command
6. ip access-list access list number permit ip source address
Configuring Cellular Dial-on-Demand Routing Backup
Configuring DDR Backup Using Dialer Watch
1. configure terminal
Example
Command or Action
DETAILED STEPS
Purpose
Command or Action
Configuring DDR Backup Using Floating Static Route
Cellular Wireless Modem as Backup with NAT and IPsec Configuration
1. configure terminal
Chapter 6 Configuring Backup Data Lines and Remote Management
Configuring Cellular Dial-on-Demand Routing Backup
no aaa new-model
Chapter 6 Configuring Backup Data Lines and Remote Management
Configuring Cellular Dial-on-Demand Routing Backup
OL-23590-02
route-map track-primary-if permit 10 match ip address
line con no modem enable line aux 0 line
exec-timeout 0 0 script dialer gsm login
line vty 0 4 login
Cisco 819 router
1 A
6. exit
15. modem enable 16. exit
1. ip name-server server-address 2. ip dhcp pool name 3. exit
4. chat-script script-name expect-send 5. interface type number
DETAILED STEPS
section on page
6-11
Command
Defines an extended access list that indicates
Exits the interface configuration mode
Enables dynamic translation of addresses on the
a default gateway
modem enable
6-13
Command
Chapter 6 Configuring Backup Data Lines and Remote Management
Chapter 6 Configuring Backup Data Lines and Remote Management
6-14
OL-23590-02
6-15
Chapter 6 Configuring Backup Data Lines and Remote Management
no ip http server ip pim bidir-enable
6-16
Chapter 6 Configuring Backup Data Lines and Remote Management
OL-23590-02
C H A P T E R
Environmental and Power Management
Cisco EnergyWise Support
How to Configure Serial Interfaces, page Configuration Examples, page
Configuring the Serial Interface
Legacy Protocol Transport, page Configuring Serial Interfaces, page
Information About Configuring Serial Interfaces, page
Product Number
Configuring Serial Interfaces
Connector Type
Legacy Protocol Transport
PPP Encapsulation
Information About Configuring Serial Interfaces
Keepalive Timer, page Frame Relay Encapsulation, page
Cisco HDLC Encapsulation
Multilink PPP
Keepalive Timer
OL-23590-02
Frame Relay Encapsulation
Chapter 8 Configuring the Serial Interface
Information About Configuring Serial Interfaces
Configuring Low-Speed Serial Interfaces, page
How to Configure Serial Interfaces
Configuring a Synchronous Serial Interface
Configuring a Synchronous Serial Interface, page
Setting Transmit Delay, page 8-11 Optional
Configuring Compression of HDLC Data, page 8-9 Optional
Using the NRZI Line-Coding Format, page 8-9 Optional
Inverting the Transmit Clock Signal, page 8-10 Optional
Command
Configuring PPP
Configuring Bisync
Command
1. nrzi-encoding
Configuring Compression of HDLC Data
Using the NRZI Line-Coding Format
1. encapsulation hdlc 2. compress stac
1. invert txclock 2. invert rxclock
Inverting the Transmit Clock Signal
Enabling the Internal Clock
1. transmit-clock-internal
8-11
Setting Transmit Delay
Configuring DTR Signal Pulsing
Ignoring DCD and Monitoring DSR as Line Up/Down Indicator
1. ignore-dcd
1. dce-terminal-timing enable
Configures the DCE to use SCTE from the DTE
Specifying the Serial Network Interface Module Timing
Chapter 8 Configuring the Serial Interface
1. dte-invert-txc
8-13
Command or Action
Understanding Half-Duplex DTE and DCE State Machines, page
Configuring Low-Speed Serial Interfaces
Understanding Half-Duplex DTE and DCE State Machines
Half-Duplex DTE State Machines
Half-Duplex DCE State Machines
8-15
Half-Duplex DTE Receive State Machine
Half-Duplex DCE Transmit State Machine
8-16
Command or Action
Placing a Low-Speed Serial Interface in Constant-Carrier Mode
1. no half-duplex controlled-carrier
8-17
1. physical-layer sync async
Tuning Half-Duplex Timers
sdlc cts-delay sdlc rts-timeout
Changing Between Synchronous and Asynchronous Modes
8-19
Configuration Examples
Interface Enablement Configuration Examples
1. no physical-layer
Synchronous or Asynchronous Mode Examples
Half-Duplex Timers Example
Half-Duplex Timers Example, page
Low-Speed Serial Interface Examples
Configuring AutoSecure, page Configuring Access Lists, page
Configuring Security Features
Authentication, Authorization, and Accounting
Authentication, Authorization, and Accounting, page
access-list 1-99permit deny source-addr source-mask
Configuring AutoSecure
Configuring Access Lists
Configuration Commands
Configuring Cisco IOS Firewall
Access Groups
ip inspect name inspection-name protocol timeout seconds
Configuration Examples, page
Configuring Cisco IOS IPS
Configuring VPN
Remote Access VPN, page Site-to-Site VPN, page
Remote Access VPN
Library, Cisco IOS Release 12.4T
Site-to-Site VPN
Configure the IKE Policy, page
Configuration Examples
Configure a VPN over an IPSec Tunnel
Configure the IKE Policy
Exits IKE policy configuration mode and enters
Command or Action
MD5 algorithm. The default is Secure Hash
Specifies the authentication method used in the
2. key name
Configure Group Policy Information
1. crypto isakmp client configuration group group-name default
6. ip local pool default poolname low-ip-address high-ip-address
2. crypto map tag client configuration address initiate respond
Apply Mode Configuration to the Crypto Map
Technologies Command Reference
1. crypto map map-name isakmp authorization list list-name
IOS Security Command Reference
Enable Policy Lookup
2. aaa authentication login default list-name method1 method2
details, see Securing User Services Configuration
See Secure Connectivity Configuration Guide
Configure IPSec Transforms and Protocols
Configure the IPSec Crypto Method and Parameters
Configures IPSec profile to apply protection on
Returns to global configuration mode
crypto map configuration mode
See Cisco IOS Security Command Reference for
more details about this command
2. crypto map map-name 3. exit
Where to Go Next
Enters the interface configuration mode for the
Apply the Crypto Map to the Physical Interface
hostname resolution
Create a Cisco Easy VPN Remote Configuration
Creates a Cisco Easy VPN remote configuration
and enters Cisco Easy VPN remote configuration
Purpose
Configuration Example
9-16
Command or Action
3. tunnel source interface-type number
Configure a Site-to-Site GRE Tunnel
4. tunnel destination default-gateway-ip-address
7. ip access-list standard extended access-list-name
Creates a tunnel interface and enters interface
tunnel interface must be configured to
Exits interface configuration mode and returns to
Enters ACL configuration mode for the named
9-19
Returns to global configuration mode
Specifies that only GRE traffic is permitted on the
outbound interface
9-20
Chapter 9 Configuring Security Features Configuring VPN
hash md5 authentication pre-share crypto isakmp key cisco123 address
Switch Port Numbering and Naming, page
Configuring the Ethernet Switches
Switch Port Numbering and Naming
Restrictions for the FE Switch
VLANs and VLAN Trunk Protocol, page Layer 2 Ethernet Switching, page
Information About Ethernet Switches
Layer 2 Ethernet Switching
802.1x Authentication
Storm Control
Switched Port Analyzer
Overview of SNMP MIBs
IGMP Snooping
MIBs Link
BRIDGE-MIB for Layer 2 Ethernet Switching
Routerconfig#snmp-server community public RW
MIBs
Routerconfig#snmp-server community public RW
MAC Address Notification
10-5
Routerconfig#Routersnmp-server group public v2c context bridge-group
Configuring 802.1x Authentication, page
How to Configure Ethernet Switches
Configuring VLANs
Configuring VLANs, page Configuring Layer 2 Interfaces, page
Comand
Configuring Layer 2 Interfaces
switchport mode dynamic desirable
VLANs on the GE Port
Configuring 802.1x Authentication
Configuring Spanning Tree Protocol
10-8
Port Security
Configuring MAC Table Manipulation
Configuring Cisco Discovery Protocol
Manipulation
Configuring Per-Port Storm Control
Configuring the Switched Port Analyzer
Configuring IP Multicast Layer 3 Switching
Configuring IGMP Snooping
10-11
Configuring Fallback Bridging
10-12
Managing the Switch
Configuring PPP over Ethernet with NAT
11-1
C H A P T E R
Configure the Fast Ethernet WAN Interfaces, page
Configuration Tasks
Configure the Virtual Private Dialup Network Group Number
Configure the Virtual Private Dialup Network Group Number, page
DETAILED STEPS
Configure the Fast Ethernet WAN Interfaces
11-3
Command or Action
Enables the Fast Ethernet interface and the
Configure the Dialer Interface
Enters interface configuration mode for a
Configures the PPPoE client and specifies the
2. ip address negotiated 3. ip mtu bytes
5. ppp authentication protocol1 protocol2 6. dialer pool number
Command Reference
1. interface dialer dialer-rotary-group-number
For details about this command and additional
Configure Network Address Translation
Using a dialer group controls access to
Exits the dialer 0 interface configuration
11-7
3. interface type number
4. ip nat inside outside 5. no shutdown 6. exit
8. ip nat inside outside 9. no shutdown 10. exit
and Services
by the access list 1 to be translated to one of the
permitted by access list acl1 to be translated to one
Command Reference, Volume 1 of 4 Addressing
WAN interface FE4 to be the outside interface
Configuration Example
Enters configuration mode for the Fast Ethernet
Defines a standard access list indicating which
vpdn enable vpdn-group 1 request-dialin protocol pppoe
11-10
Chapter 11 Configuring PPP over Ethernet with NAT
Configuration Example
Configuration Example
Verifying Your Configuration
11-11
Chapter 11 Configuring PPP over Ethernet with NAT
OL-23590-02
11-12
Chapter 11 Configuring PPP over Ethernet with NAT
Configuration Example
C H A P T E R
Configuring a LAN with DHCP and VLANs
DHCP
12-1
VLANs
Configure DHCP
Configure DHCP, page Configure VLANs, page
7. default-router address address2...address8
Specifies up to eight default routers for a DHCP
Identifies the default domain that the router uses to
resolution
enters DHCP pool configuration mode. The name
DHCP client
Verify Your DHCP Configuration
Exits DHCP configuration mode and enters global
Specifies up to eight DNS servers available to a
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
Configure VLANs
1. vlan ? 2. ISL VLAN ID 3. exit
12-5
2. switchport access vlan vlan-id 3. end
Assign a Switch Port to a VLAN
Services Command Reference
1. interface switch port id
Assigns a port to the VLAN
Verify Your VLAN Configuration
Specifies the switch port that you want to assign
to the VLAN
Router# vlan database
12-8
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-23590-02
12-9
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
Router# show vlan-switch
OL-23590-02
12-10
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
Cisco 819 Integrated Services Routers Software Configuration Guide
Configuring a VPN Using Easy VPN and an IPSec Tunnel
13-1
C H A P T E R
Cisco Easy VPN
13-2
Figure 13-1 Remote Access VPN Using IPSec Tunnel
Configuration Tasks
Configure the IKE Policy
Create an Easy VPN Remote Configuration, page
13-3
Specifies the Diffie-Hellman group to be used in
The example specifies 168-bit data encryption
standard SHA-1
The example specifies a pre-shared key
6. ip local pool default poolname low-ip-address high-ip-address
Configure Group Policy Information
13-5
1. crypto isakmp client configuration group group-name default
Technologies Command Reference
Apply Mode Configuration to the Crypto Map
13-6
Command or Action
Command or Action
Enable Policy Lookup
13-7
2. aaa authentication login default list-name method1 method2
Command or Action
Configure IPSec Transforms and Protocols
Configure the IPSec Crypto Method and Parameters
13-8
See Cisco IOS Security Command Reference for
13-9
Command or Action
crypto map configuration mode
13-10
Create an Easy VPN Remote Configuration
Apply the Crypto Map to the Physical Interface
2. group group-name key group-key 3. peer ipaddress hostname
7. crypto ipsec client ezvpn name outside inside 8. exit
remote configuration applied
this command would be interface atm
6. interface type number
Command or Action
Verifying Your Easy VPN Configuration
13-12
Configuration Example
OL-23590-02
13-13
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Configuration Example
Cisco 819 Integrated Services Routers Software Configuration Guide
13-14
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Configuration Example
Enable Secret Passwords and Enable Passwords, page A-5
Configuring the Router from a PC
Configuring the Router from a PC, page A-1
Understanding Command Modes, page A-2 Getting Help, page A-4
Understanding Command Modes
PC Operating System
Terminal Emulation Software
Mode
Access Method
the “Enable Secret Passwords and
Enable Passwords” procedure on
Mode
Getting Help
router rip-from
Access Method
Entering Global Configuration Mode
Enable Secret Passwords and Enable Passwords
Command-Line Error Messages
Using Commands
Abbreviating Commands
Undoing Commands
Saving Configuration Changes
Where to Go Next
Summary
Appendix A Cisco IOS Software Basic Skills Where to Go Next
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-18906-02
Access Lists, page B-9
PPP Authentication Protocols, page B-3 TACACS+, page B-4
Ethernet, page B-4 Dial Backup, page B-5 NAT, page B-6
Easy IP Phase 1, page B-6 Easy IP Phase 2, page B-7 QoS, page B-7
Ideal Topology
Routing Updates
Routing Protocol Options
Protocol
Enhanced IGRP
PPP Authentication Protocols
TACACS+
Ethernet
CHAP
Floating Static Routes
Dial Backup
Backup Interface
Backup Interface, page B-5 Floating Static Routes, page B-5
Easy IP Phase
IP Precedence, page B-8 PPP Fragmentation and Interleaving, page B-8
CBWFQ, page B-8 RSVP, page B-8 Low Latency Queuing, page B-9
Easy IP Phase
RSVP
IP Precedence
PPP Fragmentation and Interleaving
CBWFQ
Low Latency Queuing
Access Lists
B-10
Appendix B Concepts Access Lists
OL-18906-02
Configuration Register, page C-10 Console Download, page C-12
Entering the ROM Monitor, page C-1 ROM Monitor Commands, page C-2
Command Descriptions, page C-3
Disaster Recovery with TFTP Download, page C-3
Descriptions” section on page C-3
ROM Monitor Commands
exit
reload
Configuration Fundamentals and Network Management Guide
Command Descriptions
Disaster Recovery with TFTP Download
reset or
Command
TFTP Download Command Variables
Required Variables
Variable
Variable
Using the TFTP Download Command
Optional Variables
Command
Examples
Appendix C ROM Monitor Disaster Recovery with TFTP Download
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-18906-02
Cisco 819 Integrated Services Routers Software Configuration Guide
Appendix C ROM Monitor Disaster Recovery with TFTP Download
Disaster Recovery with TFTP Download
Appendix C ROM Monitor
OL-18906-02
Cisco 819 Integrated Services Routers Software Configuration Guide
Configuration Register
C-10
Appendix C ROM Monitor Configuration Register
Changing the Configuration Register Manually
Changing the Configuration Register Using Prompts
C-11
xmodem -cyrx destinationfilename
Command Description
recognize it, the name of the configuration file must be routerconfg
Console Download
Debug Commands
Error Reporting
C-13
C-14
Exiting the ROM Monitor
Keyword
Common Port Assignments
A P P E N D I X D
Port
Table D-1
Port
Keyword
Description