800 553-NETS Fax 408
Americas Headquarters
Cisco Systems, Inc 170 West Tasman Drive San Jose, CA
Text Part Number OL-23590-02 September 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS
WLAN Features
Information Needed for Configuration
New Features
Wireless Device Overview
Configuring DDR
Configuring a Cellular Interface
Prerequisites for Configuring the 3G Wireless Interface
Verifying Configuration
Interface Enablement Configuration Examples
Ignoring DCD and Monitoring DSR as Line Up/Down Indicator
Configuration Examples
Configuring Security Features
Configure a Site-to-Site GRE Tunnel
Configure the IKE Policy
Create a Cisco Easy VPN Remote Configuration
Configuring the Ethernet Switches
Configuring 802.1x Authentication
Configure the Virtual Private Dialup Network Group Number
Configuring VLANs
Configuration Tasks
Configure Group Policy Information
Entering Global Configuration Mode A-5
Configure the IKE Policy
Understanding Command Modes
Backup Interface
Changing the Configuration Register Manually C-11
Changing the Configuration Register Using Prompts C-11
ROM Monitor Commands
Contents
OL-23590-02
General Description
General Description, page SKU Information, page New Features, page
Product Overview
C H A P T E R
Chapter 1 Product Overview General Description
Figure 1-1 Cisco 819HG Integrated Services Router
Figure 1-2 Cisco 819HGW Integrated Services Router
OL-23590-02
3G Features, page WLAN Features, page 4G LTE Features, page
New Features
3G Features
Platform Features, page Security Features, page
Security Features
WLAN Features
Platform Features
ScanSafe, page TFTP support with Ethernet WAN interface, page
Wireless Device Overview
ScanSafe
LEDs, page
Color
TFTP support with Ethernet WAN interface
LEDs
Description
Description
show platform led for all LEDs show controller cellular 0 for 3G LEDs
Color
3G LED Descriptions continued
Chapter 2 Wireless Device Overview LEDs
router# show controllers cellular
Dual-Radio, page Images Supported, page CleanAir Technology, page
Wireless Local Area Network
WLAN Features
Dual-Radio
Dynamic Frequency Selection
CleanAir Technology
Images Supported
LEDs
Description
WLAN LED
Color
WLAN LED Descriptions
Chapter 3 Wireless Local Area Network WLAN Features
OL-23590-02
4G LTE Wireless WAN
C H A P T E R
Chapter 4 4G LTE Wireless WAN
OL-23590-02
Information Needed for Configuration, page
Basic Router Configuration
Interface Ports, page Default Configuration, page
Configuring Command-Line Access, page
Router
Default Configuration
Interface Ports
Interface
Information Needed for Configuration
3G-ACC-OUT-LA-See Cisco 3G Lightning Arrestor 3G-ACC-OUT-LA
If you are setting up IP routing
3. login
Configuring Command-Line Access
1. line aux console tty vty line-number 2. password password
4. exec-timeout minutes seconds
Purpose
Command
DETAILED STEPS
Example
Purpose
Example
Command
Example
enable secret password
Configuring Global Parameters
configure terminal
hostname name
Configuring a Gigabit Ethernet WAN Interface, page
Configuring WAN Interfaces
Configuring a Gigabit Ethernet WAN Interface
Configuring the Cellular Wireless WAN Interface, page
Enters the configuration mode for a Gigabit
Configuring the Cellular Wireless WAN Interface
Command
Enables the Ethernet interface, changing its
5-11
Prerequisites for Configuring the 3G Wireless Interface
Restrictions for Configuring the Cellular Wireless Interface
Configuring a GSM Modem Data Profile, page
Verifying Signal Strength and Service Availability
Verifying Signal Strength and Service Availability, page
Command or Action
Command or Action
Configuring a GSM Modem Data Profile
5-13
Command or Action
Username provided by your service provider
authentication
Type of authentication, for example, CHAP, PAP
Password
router # cellular 0 cdma activate otasp phonenumber
Activating with Over-the-Air Service Provisioning
cellular cdma activate iota
5-15
4. ppp chap hostname hostname 5. ppp chap password 0 password
Configuring a Cellular Interface
1. configure terminal 2. interface cellular 3. encapsulation ppp
6. asynchronous mode interactive 7. ip address negotiated
4. dialer idle-timeout seconds 5. dialer string string
Configuring DDR
1. configure terminal 2. interface cellular 3. dialer in-band
9. ip access-list access list number permit ip source address
DETAILED STEPS
5-18
Command or Action
Purpose
Purpose
5-19
Command or Action
Example
Basic Cellular Interface Configuration, page
Examples for Configuring Cellular Wireless Interfaces
Basic Cellular Interface Configuration
Tunnel over Cellular Interface Configuration, page
5-21
Tunnel over Cellular Interface Configuration
Configuration for 8705 modem
Chapter 5 Basic Router Configuration Configuring WAN Interfaces
5-22
Configuring Dual SIM for Cellular Networks
Syntax
Command
Command
Configuring Router for Image and Config Recovery Using Push Button
5-23
Syntax
ROMMON Behavior
Output When Button Is Not Pushed Example
Output When Button Is Pushed Example
IOS Behavior
Push Button in WLAN AP
Configuring a Loopback Interface
Configuring the Fast Ethernet LAN Interfaces
3. exit
Exits configuration mode for the loopback
Verifying Configuration
Enters configuration mode for the loopback
interface and returns to global configuration
IOS IP Routing Protocol-Independent Command
Configuring Static Routes
For details about this command and about
Exits router configuration mode and enters
Configuring Routing Information Protocol, page
Configuring Dynamic Routes
Verifying Configuration
Configuring Enhanced Interior Gateway Routing Protocol, page
2. version 1
Configuring Routing Information Protocol
router rip
3. network ip-address
2. network ip-address
Configuring Enhanced Interior Gateway Routing Protocol
1. router eigrp as-number
3. end
Command
5-31
Verifying Configuration
Example
OL-23590-02
5-32
Chapter 5 Basic Router Configuration Configuring Dynamic Routes
Configuring Backup Interfaces, page
Configuring Backup Data Lines and Remote Management
Configuring Backup Interfaces
Configuring Cellular Dial-on-Demand Routing Backup, page
Command
2. backup interface interface-type interface-number
1. interface type number
SUMMARY STEPS
1. configure terminal
Configuring Cellular Dial-on-Demand Routing Backup
Configuring DDR Backup Using Dialer Watch
6. ip access-list access list number permit ip source address
Purpose
Command or Action
DETAILED STEPS
Example
1. configure terminal
Configuring DDR Backup Using Floating Static Route
Cellular Wireless Modem as Backup with NAT and IPsec Configuration
Command or Action
no aaa new-model
Chapter 6 Configuring Backup Data Lines and Remote Management
Configuring Cellular Dial-on-Demand Routing Backup
OL-23590-02
Chapter 6 Configuring Backup Data Lines and Remote Management
Configuring Cellular Dial-on-Demand Routing Backup
line vty 0 4 login
line con no modem enable line aux 0 line
exec-timeout 0 0 script dialer gsm login
route-map track-primary-if permit 10 match ip address
1 A
Cisco 819 router
4. chat-script script-name expect-send 5. interface type number
15. modem enable 16. exit
1. ip name-server server-address 2. ip dhcp pool name 3. exit
6. exit
Command
section on page
6-11
DETAILED STEPS
a default gateway
Exits the interface configuration mode
Enables dynamic translation of addresses on the
Defines an extended access list that indicates
Chapter 6 Configuring Backup Data Lines and Remote Management
6-13
Command
modem enable
6-14
Chapter 6 Configuring Backup Data Lines and Remote Management
no ip http server ip pim bidir-enable
6-15
Chapter 6 Configuring Backup Data Lines and Remote Management
OL-23590-02
OL-23590-02
6-16
Chapter 6 Configuring Backup Data Lines and Remote Management
Environmental and Power Management
C H A P T E R
Cisco EnergyWise Support
Information About Configuring Serial Interfaces, page
Configuring the Serial Interface
Legacy Protocol Transport, page Configuring Serial Interfaces, page
How to Configure Serial Interfaces, page Configuration Examples, page
Legacy Protocol Transport
Configuring Serial Interfaces
Connector Type
Product Number
Cisco HDLC Encapsulation
Information About Configuring Serial Interfaces
Keepalive Timer, page Frame Relay Encapsulation, page
PPP Encapsulation
Keepalive Timer
Multilink PPP
Information About Configuring Serial Interfaces
Frame Relay Encapsulation
Chapter 8 Configuring the Serial Interface
OL-23590-02
Configuring a Synchronous Serial Interface, page
How to Configure Serial Interfaces
Configuring a Synchronous Serial Interface
Configuring Low-Speed Serial Interfaces, page
Inverting the Transmit Clock Signal, page 8-10 Optional
Configuring Compression of HDLC Data, page 8-9 Optional
Using the NRZI Line-Coding Format, page 8-9 Optional
Setting Transmit Delay, page 8-11 Optional
Command
Configuring PPP
Configuring Bisync
Command
1. encapsulation hdlc 2. compress stac
Configuring Compression of HDLC Data
Using the NRZI Line-Coding Format
1. nrzi-encoding
1. transmit-clock-internal
Inverting the Transmit Clock Signal
Enabling the Internal Clock
1. invert txclock 2. invert rxclock
Ignoring DCD and Monitoring DSR as Line Up/Down Indicator
Setting Transmit Delay
Configuring DTR Signal Pulsing
8-11
Specifying the Serial Network Interface Module Timing
1. dce-terminal-timing enable
Configures the DCE to use SCTE from the DTE
1. ignore-dcd
Command or Action
1. dte-invert-txc
8-13
Chapter 8 Configuring the Serial Interface
Half-Duplex DTE State Machines
Configuring Low-Speed Serial Interfaces
Understanding Half-Duplex DTE and DCE State Machines
Understanding Half-Duplex DTE and DCE State Machines, page
Half-Duplex DTE Receive State Machine
Half-Duplex DCE State Machines
8-15
8-16
Half-Duplex DCE Transmit State Machine
8-17
Placing a Low-Speed Serial Interface in Constant-Carrier Mode
1. no half-duplex controlled-carrier
Command or Action
Changing Between Synchronous and Asynchronous Modes
Tuning Half-Duplex Timers
sdlc cts-delay sdlc rts-timeout
1. physical-layer sync async
1. no physical-layer
Configuration Examples
Interface Enablement Configuration Examples
8-19
Low-Speed Serial Interface Examples
Half-Duplex Timers Example
Half-Duplex Timers Example, page
Synchronous or Asynchronous Mode Examples
Authentication, Authorization, and Accounting, page
Configuring Security Features
Authentication, Authorization, and Accounting
Configuring AutoSecure, page Configuring Access Lists, page
Configuration Commands
Configuring AutoSecure
Configuring Access Lists
access-list 1-99permit deny source-addr source-mask
ip inspect name inspection-name protocol timeout seconds
Configuring Cisco IOS Firewall
Access Groups
Remote Access VPN, page Site-to-Site VPN, page
Configuring Cisco IOS IPS
Configuring VPN
Configuration Examples, page
Remote Access VPN
Site-to-Site VPN
Library, Cisco IOS Release 12.4T
Configure the IKE Policy
Configuration Examples
Configure a VPN over an IPSec Tunnel
Configure the IKE Policy, page
Specifies the authentication method used in the
Command or Action
MD5 algorithm. The default is Secure Hash
Exits IKE policy configuration mode and enters
6. ip local pool default poolname low-ip-address high-ip-address
Configure Group Policy Information
1. crypto isakmp client configuration group group-name default
2. key name
1. crypto map map-name isakmp authorization list list-name
Apply Mode Configuration to the Crypto Map
Technologies Command Reference
2. crypto map tag client configuration address initiate respond
details, see Securing User Services Configuration
Enable Policy Lookup
2. aaa authentication login default list-name method1 method2
IOS Security Command Reference
Configures IPSec profile to apply protection on
Configure IPSec Transforms and Protocols
Configure the IPSec Crypto Method and Parameters
See Secure Connectivity Configuration Guide
more details about this command
crypto map configuration mode
See Cisco IOS Security Command Reference for
Returns to global configuration mode
Apply the Crypto Map to the Physical Interface
Where to Go Next
Enters the interface configuration mode for the
2. crypto map map-name 3. exit
and enters Cisco Easy VPN remote configuration
Create a Cisco Easy VPN Remote Configuration
Creates a Cisco Easy VPN remote configuration
hostname resolution
Command or Action
Configuration Example
9-16
Purpose
7. ip access-list standard extended access-list-name
Configure a Site-to-Site GRE Tunnel
4. tunnel destination default-gateway-ip-address
3. tunnel source interface-type number
Enters ACL configuration mode for the named
tunnel interface must be configured to
Exits interface configuration mode and returns to
Creates a tunnel interface and enters interface
outbound interface
Returns to global configuration mode
Specifies that only GRE traffic is permitted on the
9-19
hash md5 authentication pre-share crypto isakmp key cisco123 address
9-20
Chapter 9 Configuring Security Features Configuring VPN
Restrictions for the FE Switch
Configuring the Ethernet Switches
Switch Port Numbering and Naming
Switch Port Numbering and Naming, page
802.1x Authentication
Information About Ethernet Switches
Layer 2 Ethernet Switching
VLANs and VLAN Trunk Protocol, page Layer 2 Ethernet Switching, page
IGMP Snooping
Switched Port Analyzer
Overview of SNMP MIBs
Storm Control
MIBs
BRIDGE-MIB for Layer 2 Ethernet Switching
Routerconfig#snmp-server community public RW
MIBs Link
Routerconfig#Routersnmp-server group public v2c context bridge-group
MAC Address Notification
10-5
Routerconfig#snmp-server community public RW
Configuring VLANs, page Configuring Layer 2 Interfaces, page
How to Configure Ethernet Switches
Configuring VLANs
Configuring 802.1x Authentication, page
VLANs on the GE Port
Configuring Layer 2 Interfaces
switchport mode dynamic desirable
Comand
10-8
Configuring 802.1x Authentication
Configuring Spanning Tree Protocol
Manipulation
Configuring MAC Table Manipulation
Configuring Cisco Discovery Protocol
Port Security
Configuring IGMP Snooping
Configuring the Switched Port Analyzer
Configuring IP Multicast Layer 3 Switching
Configuring Per-Port Storm Control
Configuring Fallback Bridging
10-11
Managing the Switch
10-12
C H A P T E R
Configuring PPP over Ethernet with NAT
11-1
Configure the Virtual Private Dialup Network Group Number, page
Configuration Tasks
Configure the Virtual Private Dialup Network Group Number
Configure the Fast Ethernet WAN Interfaces, page
Command or Action
Configure the Fast Ethernet WAN Interfaces
11-3
DETAILED STEPS
Configures the PPPoE client and specifies the
Configure the Dialer Interface
Enters interface configuration mode for a
Enables the Fast Ethernet interface and the
1. interface dialer dialer-rotary-group-number
5. ppp authentication protocol1 protocol2 6. dialer pool number
Command Reference
2. ip address negotiated 3. ip mtu bytes
Exits the dialer 0 interface configuration
Configure Network Address Translation
Using a dialer group controls access to
For details about this command and additional
8. ip nat inside outside 9. no shutdown 10. exit
3. interface type number
4. ip nat inside outside 5. no shutdown 6. exit
11-7
Command Reference, Volume 1 of 4 Addressing
by the access list 1 to be translated to one of the
permitted by access list acl1 to be translated to one
and Services
Defines a standard access list indicating which
Configuration Example
Enters configuration mode for the Fast Ethernet
WAN interface FE4 to be the outside interface
Configuration Example
11-10
Chapter 11 Configuring PPP over Ethernet with NAT
vpdn enable vpdn-group 1 request-dialin protocol pppoe
Chapter 11 Configuring PPP over Ethernet with NAT
Verifying Your Configuration
11-11
Configuration Example
Configuration Example
11-12
Chapter 11 Configuring PPP over Ethernet with NAT
OL-23590-02
12-1
Configuring a LAN with DHCP and VLANs
DHCP
C H A P T E R
7. default-router address address2...address8
Configure DHCP
Configure DHCP, page Configure VLANs, page
VLANs
enters DHCP pool configuration mode. The name
Identifies the default domain that the router uses to
resolution
Specifies up to eight default routers for a DHCP
Specifies up to eight DNS servers available to a
Verify Your DHCP Configuration
Exits DHCP configuration mode and enters global
DHCP client
12-5
Configure VLANs
1. vlan ? 2. ISL VLAN ID 3. exit
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
1. interface switch port id
Assign a Switch Port to a VLAN
Services Command Reference
2. switchport access vlan vlan-id 3. end
to the VLAN
Verify Your VLAN Configuration
Specifies the switch port that you want to assign
Assigns a port to the VLAN
Cisco 819 Integrated Services Routers Software Configuration Guide
12-8
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
Router# vlan database
Router# show vlan-switch
12-9
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
OL-23590-02
Cisco 819 Integrated Services Routers Software Configuration Guide
12-10
Chapter 12 Configuring a LAN with DHCP and VLANs Configuration Tasks
OL-23590-02
C H A P T E R
Configuring a VPN Using Easy VPN and an IPSec Tunnel
13-1
Figure 13-1 Remote Access VPN Using IPSec Tunnel
Cisco Easy VPN
13-2
13-3
Configure the IKE Policy
Create an Easy VPN Remote Configuration, page
Configuration Tasks
The example specifies a pre-shared key
The example specifies 168-bit data encryption
standard SHA-1
Specifies the Diffie-Hellman group to be used in
1. crypto isakmp client configuration group group-name default
Configure Group Policy Information
13-5
6. ip local pool default poolname low-ip-address high-ip-address
Command or Action
Apply Mode Configuration to the Crypto Map
13-6
Technologies Command Reference
2. aaa authentication login default list-name method1 method2
Enable Policy Lookup
13-7
Command or Action
13-8
Configure IPSec Transforms and Protocols
Configure the IPSec Crypto Method and Parameters
Command or Action
crypto map configuration mode
13-9
Command or Action
See Cisco IOS Security Command Reference for
2. group group-name key group-key 3. peer ipaddress hostname
Create an Easy VPN Remote Configuration
Apply the Crypto Map to the Physical Interface
13-10
6. interface type number
remote configuration applied
this command would be interface atm
7. crypto ipsec client ezvpn name outside inside 8. exit
Configuration Example
Verifying Your Easy VPN Configuration
13-12
Command or Action
Configuration Example
13-13
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
OL-23590-02
Configuration Example
13-14
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Cisco 819 Integrated Services Routers Software Configuration Guide
Understanding Command Modes, page A-2 Getting Help, page A-4
Configuring the Router from a PC
Configuring the Router from a PC, page A-1
Enable Secret Passwords and Enable Passwords, page A-5
Terminal Emulation Software
Understanding Command Modes
PC Operating System
Enable Passwords” procedure on
Access Method
the “Enable Secret Passwords and
Mode
Access Method
Getting Help
router rip-from
Mode
Enable Secret Passwords and Enable Passwords
Entering Global Configuration Mode
Undoing Commands
Using Commands
Abbreviating Commands
Command-Line Error Messages
Summary
Saving Configuration Changes
Where to Go Next
OL-18906-02
Appendix A Cisco IOS Software Basic Skills Where to Go Next
Cisco 819 Integrated Services Routers Software Configuration Guide
Easy IP Phase 1, page B-6 Easy IP Phase 2, page B-7 QoS, page B-7
PPP Authentication Protocols, page B-3 TACACS+, page B-4
Ethernet, page B-4 Dial Backup, page B-5 NAT, page B-6
Access Lists, page B-9
Protocol
Routing Updates
Routing Protocol Options
Ideal Topology
PPP Authentication Protocols
Enhanced IGRP
CHAP
TACACS+
Ethernet
Backup Interface, page B-5 Floating Static Routes, page B-5
Dial Backup
Backup Interface
Floating Static Routes
Easy IP Phase
Easy IP Phase
IP Precedence, page B-8 PPP Fragmentation and Interleaving, page B-8
CBWFQ, page B-8 RSVP, page B-8 Low Latency Queuing, page B-9
CBWFQ
IP Precedence
PPP Fragmentation and Interleaving
RSVP
Access Lists
Low Latency Queuing
OL-18906-02
B-10
Appendix B Concepts Access Lists
Disaster Recovery with TFTP Download, page C-3
Entering the ROM Monitor, page C-1 ROM Monitor Commands, page C-2
Command Descriptions, page C-3
Configuration Register, page C-10 Console Download, page C-12
reload
ROM Monitor Commands
exit
Descriptions” section on page C-3
reset or
Command Descriptions
Disaster Recovery with TFTP Download
Configuration Fundamentals and Network Management Guide
Variable
TFTP Download Command Variables
Required Variables
Command
Command
Using the TFTP Download Command
Optional Variables
Variable
Examples
OL-18906-02
Appendix C ROM Monitor Disaster Recovery with TFTP Download
Cisco 819 Integrated Services Routers Software Configuration Guide
Appendix C ROM Monitor Disaster Recovery with TFTP Download
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-18906-02
Disaster Recovery with TFTP Download
Appendix C ROM Monitor
Appendix C ROM Monitor Configuration Register
Configuration Register
C-10
Cisco 819 Integrated Services Routers Software Configuration Guide
C-11
Changing the Configuration Register Manually
Changing the Configuration Register Using Prompts
Console Download
Command Description
recognize it, the name of the configuration file must be routerconfg
xmodem -cyrx destinationfilename
C-13
Debug Commands
Error Reporting
Exiting the ROM Monitor
C-14
Port
Common Port Assignments
A P P E N D I X D
Keyword
Description
Port
Keyword
Table D-1
