cc/td/doc/product/access/ap/ap_ts2
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Starting the Cisco AccessPath Integrated Access System for the First Time
 Introduction
 Before You Begin
 Connecting to the Failsafe/Console Management Shelf
 Configuring the Failsafe/Console Management Shelf
 Configuring the Switch Shelf
 Configuring the Access Server Shelves
 Configuring the Router Shelves

Starting the Cisco AccessPath Integrated Access System for the First Time

This chapter describes first-time startup procedures for the Cisco AccessPath Integrated Access System, including IP address and interface configuration. It assumes you have installed the AccessPath system as described in the Cisco AccessPath Integrated Access System Hardware Installation and Configuration Guide and Regulatory Compliance and Safety Information for the Cisco AccessPath Integrated Access System.

This chapter includes the following sections:

Introduction

The AccessPath system is available in the following configurations:

The configuration procedures in this chapter include steps to clear NVRAM and reload the configuration file for each shelf. You should not clear NVRAM, however, unless you intend to configure the shelf from scratch, or download your factory-preconfigured configuration file from a local TFTP server.

Note      The sample configurations in this chapter reflect the factory standard configurations for T1 PRI configurations running the Multilink Point-to-Point Protocol (MP, also known as MLP) in an AccessPath system with two Router Shelves. If you are using a different standard configuration, or a custom configuration, your configuration files will be different from the samples.

If you clear NVRAM on any shelf, you will effectively delete the factory configuration you ordered with your AccessPath system. At that point, the reload command will reload only the minimal, default configuration file, not the configuration you ordered.

If your AccessPath system includes the optional AccessPath Manager (APM), you should use it to perform the first time startup tasks described in this chapter. Refer to the document Installing Cisco AccessPath Manager and the online help that comes as part of the AccessPath Manager software.

When adding shelves to the AccessPath system, make sure the new shelf is running a compatible Cisco IOS software image; if it is not, install that software image before proceeding. For information on the correct Cisco IOS software images for each shelf, refer to the document Release Notes for the Cisco AccessPath Integrated Access System. For instructions on installing Cisco IOS software, refer to the appropriate software configuration guide on the CD or on CCO.

Note      Release Notes for each release of the Cisco IOS software are included on the CD shipped with the AccessPath system, and on the web via Cisco Connection Online (CCO).

Before You Begin

The preferred way to configure shelves in the AccessPath system is by using the AccessPath Manager (APM). If your AccessPath system includes the optional AccessPath Manager, you should use it to perform the first time startup tasks described in this chapter. Refer to the document Installing Cisco AccessPath Manager and the online help that comes as part of the AccessPath Manager software.

If your AccessPath system does not include the AccessPath Manager, or if you prefer to configure the AccessPath system via the command line interface, follow the instructions in this section.

Note      Access to stack members (AccessPath system shelves) via the Failsafe/Console Management Shelf is intended for initial configuration and emergency recovery. During normal operation, this method of access can adversely impact the performance of the AccessPath system.

All shelves in the AccessPath system are configured through the Failsafe/Console Management Shelf. Because the console port of each shelf in the AccessPath system is connected to a serial port on the Failsafe/Console Management Shelf, an administrator can gain access to each shelf by telneting to a specific port on the Failsafe/Console Management Shelf.

In the port numbering scheme used, port 2001 on the Failsafe/Console Management Shelf connects to the first Access Server Shelf (nas01), port 2002 to nas02, and so on, with port 2016 connected to the Switch Shelf, port 2015 to the first Router Shelf, and port 2014 to the optional second Router Shelf, if present.

Connecting to the Failsafe/Console Management Shelf

The Failsafe/Console Management Shelf facilitates access to the command line interface of all shelves in the Cisco AccessPath Integrated Access System. Refer to the Chapter 2, "Working with the EXEC Facility," if you are not familiar with the command line interface.

You can connect to the Failsafe/Console Management Shelf in the following ways:

For information about how to attach a terminal or modem to the Failsafe/Console Management Shelf, refer to Chapter 6, "Configuring a Modem for the Cisco AccessPath Integrated Access System," and the Cisco AccessPath Integrated Access System Hardware Installation and Configuration Guide.

Configuring the Failsafe/Console Management Shelf

This section describes how to connect to the Failsafe/Console Management Shelf, set an enable password, and view the configuration file. The section includes a sample configuration for the Failsafe/Console Management Shelf.

Step 1   Telnet through the attached modem to the Failsafe/Console Management Shelf.

The following example shows a Telnet connection to the Failsafe/Console Management Shelf (named FC/M_Shelf):

# telnet 192.168.1.234
Trying 192.168.1.234...
Connected to 192.168.1.234.
Escape character is '^]'.
FC/M_Shelf>

Step 2   Enter enable mode.

In the following example, the user enters enable mode (without entering a password, because none has yet been set).

FC/M_Shelf> enable
FC/M_Shelf#

Step 3   (Optional). Erase the startup configuration located in NVRAM. If you choose not to erase the startup configuration, continue with Step 5.

Clear NVRAM only if you want to delete the factory configuration you ordered with your AccessPath system. If you clear NVRAM, the reload command loads the default configuration into NVRAM, not the factory configuration you ordered.
FC/M_Shelf# erase startup-config

Step 4   (Optional). Reload the operating system.

If you cleared NVRAM, the reload command will reload the default configuration file, not the configuration you ordered from the factory.

Note If, when you are issuing a reload command, you receive a prompt asking if you would like to save your configuration, answer n. If you answer y, you will be saving the current configuration back into NVRAM and need to issue the erase startup-config command again in order to reload the default configuration file.

The following example shows output from the reload command (user response in boldface).

FC/M_Shelf> reload
System configuration has been modified. Save? [yes/no]:no
Proceed with reload? [confirm]y
%SYS-5-RELOAD: Reload requested

(Output truncated for readability).

6144K bytes of processor board PCMCIA flash (Read ONLY)
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Would you like to enter the initial configuration dialog? [yes]:n
Would you like to terminate autoinstall? [yes]:
Press RETURN to get started!
...

Step 5   Enter enable mode and set a password for enable mode.

In the following example, the user enters enable mode (without entering a password, because none has yet been set) and specifies cisco as the password for enable mode. Users attempting to enter enable mode in future will be prompted for a password. (Refer to the section "Securing Access to Privileged EXEC and Configuration Mode" in Chapter 7.)

FC/M_Shelf> enable
FC/M_Shelf# enable password cisco

Step 6   View the default configuration.

FC/M_Shelf# show startup-config

You can now configure the Failsafe/Console Management Shelf. See the following section, "Sample Failsafe/Console Management Shelf Configuration," for additional configuration guidelines.

Sample Failsafe/Console Management Shelf Configuration

!
!
no service finger
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname FC/M_Shelf
!
aaa new-model
aaa authentication login CONSOLE none
aaa authentication login ADMIN radius local
aaa authentication ppp ADMIN if-needed radius local
aaa accounting network start-stop radius
aaa accounting connection start-stop radius
aaa accounting exec start-stop radius
enable secret secret123
enable password cisco
!
username justincase password doublesecret
ip subnet-zero
no ip source-route
no ip domain-lookup
ip radius source-interface Loopback1
ip name-server 172.22.5.253 172.22.5.254
chat-script reset "" "AT&F2"
clock timezone EST -5
clock summer-time EDT recurring
!
interface Loopback 1
description "MGMT Network and Async17"
ip address 192.168.1.234 255.255.255.255
!
interface Ethernet0
description "MGMT VLAN 11 Via Cat5k"
ip address 192.168.1.228 255.255.255.248
no ip mroute-cache
no cdp enable
no mop enabled
no shutdown
!
interface Serial0
description "MGMT Backdoor to Offload01"
ip unnumbered Loopback1
no shutdown
no ip mroute-cache
no fair-queue
no cdp enabled
!
interface Serial1
description "To optional MGMT WAN or Offload02"
no ip address
shutdown
no ip mroute-cache
no fair-queue
no cdp enabled
!
interface Async 17
description "OSS Modem Incoming Call"
ip unnumbered Loopback1
no ip mroute-cache
encapsulation ppp
async dynamic address
async mode interactive
peer default ip address 192.168.1.233
no cdp enable
no fair-queue
ppp authentication chap callin ADMIN
!
router eigrp 4242
network 192.168.1.0
!
ip classless
logging trap debugging
logging facility syslog
logging 192.168.10.1
no access-list 10
access-list 10 permit 192.168.10.1
!
no cdp run
!
snmp-server community public RO
snmp-server community private RW 10
snmp-server trap-source Loopback1
snmp-server host 192.168.10.1 public
snmp-server location YourLocation
snmp-server contact YourContact
snmp-server system-shutdown
radius-server host 192.168.10.8 auth-port 1645 acct-port 1646
radius-server key your_key
!
line con 0
session-timeout 45
exec-timeout 45 0
login authentication CONSOLE
line 1 16
session-timeout 3
no exec
login authentication ADMIN
modem DTR-active
transport input all
flowcontrol hardware
line aux 0
exec-timeout 15 0
autoselect during-login
autoselect ppp
script startup reset
script reset reset
login authentication ADMIN
modem InOut
transport preferred none
transport input none
autohangup
rxspeed 38400
txspeed 38400
flowcontrol hardware
line vty 0 63
session-timeout 45
exec-timeout 45 0
password system
login authentication ADMIN
!
ntp server 192.168.1.249 prefer
ntp server 192.168.1.250
end

Configuring the Switch Shelf

This section describes how to connect to the Switch Shelf, enter enable mode, and set an enable password. The section includes a sample configuration for the Switch Shelf.

Note      Complete this procedure only if your AccessPath system was not preconfigured at the factory.

Step 1   Telnet to the Failsafe/Console Management Shelf and connect to the Switch Shelf.

In the following example the Failsafe/Console Management Shelf, at IP address 192.168.1.234, connects to the Switch Shelf on port 2016:

# telnet 192.168.1.234 2016
Trying 192.168.1.234...
Connected to 192.168.1.234.
Escape character is '^]'.
Cat5k>

Step 2   Enter enable mode.

In the following example, the user enters enable mode (without entering a password, because none has yet been set).

Cat5k> enable
Cat5k> (enable)

Step 3   (Optional.) Clear NVRAM. If you choose not to clear NVRAM, continue with Step 4.

If you clear NVRAM, you effectively delete the factory configuration you ordered with your AccessPath system. The system automatically resets itself with the default configuration.

In the following example, the user clears NVRAM. Note that when you issue the clear config all command, the Switch Shelf automatically resets itself with the default configuration.

Cat5k> enable
Cat5k> (enable) clear config all
This command will clear all configurations in NVRAM.
Do you want to continue (y/n) [n]? y
.......................................................

(Output truncated for readability.)

System configuration cleared.
System configuration cleared.
Cat5k> (enable)

Step 4   Set an enable password.

In the following example, the user specifies secret as a password for enable mode. Users attempting to enter enable mode in future will be prompted for a password. (Refer to the enable command in the Catalyst 5000 Series Configuration Guide and Command Reference.)

Note If you cleared NVRAM in Step 3, the Switch Shelf will automatically reload the default configuration file and return the enable prompt.

Cat5k> (enable) enable password secret
Cat5k> (enable)

Step 5   View the configuration.

Cat5k> (enable) show startup-config

You can now configure the Switch Shelf. See the following section, "Sample Switch Shelf Configuration," for additional configuration guidelines.

Sample Switch Shelf Configuration

!
begin
set prompt us_pri_mlp
set length 24 default
set logout 20
!
#system
set system baud 9600
set system modem disable
set system name us_pri_mlp
set system location YourLocation
set system contact YourContact
!
#snmp
set snmp community read-only public
set snmp community read-write private
set snmp community read-write-all xprivate
set snmp rmon disable
set snmp trap enable module
set snmp trap enable chassis
set snmp trap disable bridge
set snmp trap disable repeater
set snmp trap enable vtp
set snmp trap enable auth
!
#vtp
set vtp domain us_pri_mlp mode server
set vlan 1 name default type ethernet mtu 1500 said 100001 state active
set vlan 11 name VLAN0011 type ethernet mtu 1500 said 100011 state active
set vlan 22 name VLAN0022 type ethernet mtu 1500 said 100022 state active
set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active parent 0 ring 0
set vlan 1003 name token-ring-default type token_ring mtu 1500 said 101003 state active parent 0 ring 0
set vlan 1004 name fddinet-default type fddi_net mtu 1500 said 101004 state active bridge 0 stp ieee
set vlan 1005 name trnet-default type tr_net mtu 1500 said 101005 state active bridge 0 stp ieee
!
#ip
set interface sc0 1 192.168.1.229 255.255.255.248 192.168.1.231
set interface sl0 0.0.0.0 0.0.0.0
set arp agingtime 1200
set ip redirect enable
set ip unreachable enable
set ip fragmentation enable
set ip route 0.0.0.0 192.168.1.225 1
set ip alias default 0.0.0.0
!
#Command alias
!
#switch port analyzer
set span 1 1/1 both
set span disable
!
#bridge
set bridge ipx snaptoether 8023raw
set bridge ipx 8022toether 8023
set bridge ipx 8023rawtofddi snap
!
#vlan
set vlan 1 3/12
set vlan 1 1/1-2
set vlan 1 2/1-12
set vlan 1 3/1-11
!
#syslog
set logging console enable
set logging server enable
set logging server 192.168.10.1
set logging level cdp 2 default
set logging level cgmp 2 default
set logging level disl 5 default
set logging level dvlan 2 default
set logging level earl 2 default
set logging level fddi 2 default
set logging level ip 2 default
set logging level pruning 2 default
set logging level snmp 2 default
set logging level spantree 2 default
set logging level sys 5 default
set logging level tac 2 default
set logging level tcp 2 default
set logging level telnet 2 default
set logging level tftp 2 default
set logging level vtp 2 default
set logging level vmps 2 default
!
#ntp
set ntp broadcastclient disable
set ntp broadcastdelay 3000
set ntp client enable
set ntp server 192.168.1.25
set ntp server 192.168.1.26
set timezone EST -5 0
set summertime enable EDT
!
#cam
set cam agingtime 1 300
set cam agingtime 11 300
set cam agingtime 22 300
!
#cdp
set cdp enable 1/1-2
set cdp disable 2/1-12
set cdp disable 3/1-12
set cdp interval 1/1-2 60
!
#trunks
set trunk 1/1 auto 1-1000
set trunk 1/2 auto 1-1000
!
#spantree
#vlan 1
set spantree enable 1
set spantree fwddelay 15 1
set spantree hello 2 1
set spantree maxage 20 1
set spantree priority 32768 1
#vlan 11
set spantree enable 1
set spantree fwddelay 15 1
set spantree hello 2 1
set spantree maxage 20 1
set spantree priority 32768 1
#vlan 22
set spantree enable 1
set spantree fwddelay 15 1
set spantree hello 2 1
set spantree maxage 20 1
set spantree priority 32768 1
!
#trunk
set spantree portfast 1/1-2 enable
set spantree portfast 2/1-12 disable
set spantree portfast 3/1-12 disable
!
#module 1
set module name 1
set port enable 1/1-2
set port level 1/1-2 high
set port duplex 1/1-2 full
set port trap 1/1-2 enable
set port name 1/1 Ofld-01
set port name 1/2 Ofld-02
!
#module 2
set module name 2
set module enable 2
set port enable 2/1-12
set port speed 2/1-12 auto
set port level 2/1-12 normal
set port duplex 2/1-12 half
set port trap 2/1-12 enable
set port name 2/1 nas01
set port name 2/2 nas03
set port name 2/3 nas05
set port name 2/4 nas07
set port name 2/5 nas09
set port name 2/6 nas11
set port name 2/7 nas13
!
#module 3
set module name 3
set module enable 3
set port enable 3/1-12
set port level 3/1-12 normal
set port speed 3/1-12 auto
set port duplex 3/1-12 half
set port trap 3/1-12 enable
set port name 3/1 nas02
set port name 3/2 nas04
set port name 3/3 nas06
set port name 3/4 nas08
set port name 3/5 nas10
set port name 3/6 nas12
set port name 3/7 nas14
set port name 3/12 cms2511
!
#module 4 empty
!
#module 5 empty
end

Configuring the Access Server Shelves

This section describes how to connect to an Access Server Shelf, substitute your own IP addressess for the placeholder addresses in the configuration file, and configure interfaces.

This section also includes a sample configuration for the Access Server Shelf.

Step 1   Telnet to the Failsafe/Console Management Shelf and connect to an Access Server Shelf.

In the following example the Failsafe/Console Management Shelf, at IP address 192.168.1.234, connects to the Access Server Shelf nas01 on port 2001:

# telnet 192.168.1.234 2001
Trying 192.168.1.234...
Connected to 192.168.1.234.
Escape character is '^]'.
nas01>

Step 2   Enter enable mode.

In the following example, the user enters enable mode (without entering a password, because none has yet been set).

nas01> enable
nas01#

Step 3   (Optional.) Clear NVRAM. If you choose not to clear NVRAM, continue with Step 6.

Clearing NVRAM effectively deletes the factory configuration you ordered with your AccessPath system. At that point, the reload command reloads the default configuration file, not the configuration you ordered.
nas01># erase startup-config

Step 4   (Optional.) Reload the operating system.

Note If, when you are issuing a reload command, you receive a prompt asking if you would like to save your configuration, answer n. If you answer y, you will be saving the current configuration back into NVRAM and need to issue the erase startup-config command again in order to reload the default configuration file.

nas01# reload
System configuration has been modified. Save? [yes/no]:no
Proceed with reload? [confirm]y
%SYS-5-RELOAD: Reload requested

(Output truncated for readability).

6144K bytes of processor board PCMCIA flash (Read ONLY)
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Would you like to enter the initial configuration dialog? [yes]:n
Would you like to terminate autoinstall? [yes]:
Press RETURN to get started!
...

Step 5   Set a password for enable mode.

In the following example, the user specifies secret as the password for enable mode. All future attempts to enter enable mode will be met with a password prompt. (Refer to the section, "Securing Access to Privileged EXEC and Configuration Mode," in Chapter 7.)

nas01# enable password secret
nas01#

Step 6   Write the Access Server Shelf configuration to the terminal to view it (and for reference when configuring IP addresses).

nas01# show running-config
Current configuration:
!
version 11.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime localtime show-timezone
service udp-small-servers
service tcp-small-servers
!
hostname nas01
...

Step 7   Enter global configuration mode and add the IP address and subnet mask for interface Ethernet 0, and exit.

nas01# configure term
nas01(config)# interface ethernet 0
nas01(config-if)#ip address 172.16.1.11 255.255.255.224
nas01(config-if)#exit
nas01(config)#

Step 8   Enter interface configuration mode, add the IP address and subnet mask for interface serial 0 (for network management), and exit.

nas01(config)# interface serial 0
nas01(config-if)#ip unnumbered loopback01
nas01(config-if)#exit
nas01(config)#

Step 9   Create a stack group, add the correct IP address for the Router Shelf (or shelves), exit global configuration mode, and save the configuration.

Note Stack group and stack group member names are case-sensitive.

nas01(config)#sgbp group us_pri_mlp
nas01(config)#sgbp source ip 172.16.1.41
nas01(config)#sgbp seed-bid forward-only
nas01(config)#sgbp member offload01 172.16.1.36
nas01(config)#sgbp member offload02 172.16.1.37
nas01(config)#exit
nas01#copy running-config startup-config

Step 10   Repeat Step 1 through Step 9 for each Access Server Shelf.

You can now configure the Access Server Shelves. See the following section, "Sample Access Server Shelf Configuration," for additional configuration guidelines.

Note      The above procedure does not cover all of the steps required for an Access Server Shelf configuration. For more information, refer to the Cisco AS5200 Universal Access Server Software Configuration Guide.

Sample Access Server Shelf Configuration

!
!
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname nas01
!
aaa new-model
aaa authentication login CONSOLE none
aaa authentication login ADMIN radius local
aaa authentication login USERS radius
aaa authentication ppp USERS&TUNNELS if-needed radius
! uncomment the following line to use modem on AUX port
! aaa authentication ppp ADMIN if-needed radius local
aaa authorization network radius if-authenticated
aaa accounting network start-stop radius
aaa accounting connection start-stop radius
aaa accounting exec start-stop radius
enable secret secret123
enable password cisco
!
username us_pri_mlp password secret
ip subnet-zero
no ip source-route
no ip domain-lookup
ip name-server 172.22.5.253 172.22.5.254
ip radius source-interface Loopback1
!
no sgbp group us_pri_mlp
!
sgbp group us_pri_mlp
sgbp seed-bid forward-only
sgbp source-ip 172.16.1.41
sgbp member offload01 172.16.1.36
sgbp member offload02 172.16.1.37
async-bootp dns-server 172.22.5.253 172.22.5.254
async-bootp nbns-server 172.22.5.228 172.22.5.229
isdn switch-type primary-5ess
chat-script reset "" "AT&F2"
clock timezone EST -5
clock summer-time EDT recurring
!
controller T1 0
framing esf
fdl ansi
clock source line primary
linecode b8zs
pri-group timeslots 1-24
no shutdown
!
controller T1 1
framing esf
fdl ansi
clock source line secondary
linecode b8zs
pri-group timeslots 1-24
no shutdown
!
interface Loopback0
description "L2F tunnel NAS01 pseudo interface"
ip address 172.16.1.41 255.255.255.255
!
interface Loopback1
description "Management SNMP AAA NAS01 pseudo interface"
ip address 192.168.1.235 255.255.255.255
!
interface Ethernet0
description "To Offload Servers via Cat5k"
ip address 172.16.1.11 255.255.255.224
ip summary-address eigrp 4242 172.16.2.8 255.255.255.248
ip summary-address eigrp 4242 172.16.2.16 255.255.255.240
ip summary-address eigrp 4242 172.16.2.32 255.255.255.240
ip summary-address eigrp 4242 172.16.2.48 255.255.255.248
no shutdown
no ip mroute-cache
ip route-cache
no lat enabled
no cdp enable
no mop enabled
default keepalive
no fair-queue
hold-queue 1000 in
hold-queue 1000 out
!
interface Serial0
description "Sync-Serial cable to Offload Server"
ip unnumbered Loopback1
ip summary-address eigrp 4242 172.16.2.8 255.255.255.248
ip summary-address eigrp 4242 172.16.2.16 255.255.255.240
ip summary-address eigrp 4242 172.16.2.32 255.255.255.240
ip summary-address eigrp 4242 172.16.2.48 255.255.255.248
no shutdown
no ip mroute-cache
ip route-cache
no fair-queue
no cdp enable
!
interface Serial1
no ip address
shutdown
!
interface Serial0:23
description "PRI D channel"
ip unnumbered Loopback0
no ip mroute-cache
encapsulation ppp
isdn incoming-voice modem
peer default ip address pool default
no fair-queue
no cdp enable
no shutdown
dialer-group 1
ppp authentication chap callin USERS&TUNNELS
ppp chap hostname NameCustomerSees
ppp multilink
!
interface Serial1:23
description "PRI D channel"
ip unnumbered Loopback0
no ip mroute-cache
encapsulation ppp
isdn incoming-voice modem
peer default ip address pool default
no fair-queue
no cdp enable
no shutdown
dialer-group 1
ppp authentication chap callin USERS&TUNNELS
ppp chap hostname NameCustomerSees
ppp multilink
!
interface Group-Async1
description "Async Incoming Call"
ip unnumbered Loopback0
encapsulation ppp
async dynamic address
async mode interactive
no snmp trap link-status
peer default ip address pool default
no ip tcp header-compression
no ip mroute-cache
no mop enabled
no lat enabled
default keepalive
no fair-queue
no cdp enable
ppp authentication chap callin USERS&TUNNELS
ppp chap hostname NameCustomerSees
group-range 1 48
!
! uncomment the following 12 lines to use modem on AUX port
!interface Async 49
! description "OSS Modem Incoming Call"
! ip unnumbered Loopback1
! no ip mroute-cache
! encapsulation ppp
! async dynamic address
! async mode interactive
! peer default ip address pool default
! no cdp enable
! no fair-queue
! ppp authentication chap callin ADMIN
!
router eigrp 4242
redistribute connected
redistribute static
passive-interface Loopback0
passive-interface Loopback1
passive-interface Serial0:23
passive-interface Serial1:23
network 172.16.0.0
network 192.168.1.0
no auto-summary
!
ip local pool default 172.16.2.8 172.16.2.55
ip classless
! ip http server
logging trap debugging
logging facility syslog
logging 192.168.10.1
no access-list 10
access-list 10 permit 192.168.10.1
no cdp run
!
snmp-server community public RO
snmp-server community private RW 10
snmp-server trap-source Loopback1
snmp-server host 192.168.10.1 public
snmp-server location YourLocation
snmp-server contact YourContact
snmp-server system-shutdown
dialer-list 1 protocol ip permit
radius-server host 192.168.10.8 auth-port 1645 acct-port 1646
radius-server key your_key
!
line con 0
session-timeout 30
exec-timeout 15 0
logout-warning 60
login authentication CONSOLE
line 1 48
script startup reset
script reset reset
autoselect during-login
autoselect ppp
login authentication USERS
modem InOut
transport preferred none
autohangup
line aux 0
! uncomment the following aux lines to use modem on AUX port
! exec-timeout 15 0
! autoselect during-login
! autoselect ppp
! script startup reset
! script reset reset
! login authentication ADMIN
! modem InOut
! transport preferred none
! transport input none
! autohangup
! rxspeed 38400
! txspeed 38400
! flowcontrol hardware
line vty 0 4
session-timeout 45
exec-timeout 45 0
login authentication ADMIN
!
ntp server 192.168.1.249 prefer
ntp server 192.168.1.250
end

Configuring the Router Shelves

This section begins by describing how to connect to a Router Shelf, clear NVRAM, and reload the configuration file. If your Cisco AccessPath Integrated Access System was fully configured at the factory, it requires no further configuration and you can ignore this entire section.

If your AccessPath system was partially configured at the factory and you need to configure interfaces and substitute your own IP addressess for the placeholder addresses in the configuration, follow this procedure.

A sample configuration file is included at the end of this section.

Step 1   Telnet to the Failsafe/Console Management Shelf and connect to a Router Shelf.

In the following example, the Failsafe/Console Management Shelf, at IP address 192.168.1.234, connects to the Router Shelf on port 2015:

# telnet 192.168.1.234 2015
Trying 192.168.1.234...
Connected to 192.168.1.234.
Escape character is '^]'.
offload01>

Step 2   Enter enable mode.

In the following example, the user enters enable mode (without entering a password, because none has yet been set).

offload01> enable

offload01#

Step 3   (Optional) Clear NVRAM. If you choose not to clear NVRAM, go to Step 5.

Clearing NVRAM effectively deletes the factory configuration you ordered with your AccessPath system. At that point, the reload command reloads the default configuration file, not the configuration you ordered.
offload01# erase startup-config

Step 4   (Optional). Reload the operating system.

If you cleared NVRAM, the reload command will reload the default configuration file, not the configuration you ordered from the factory.

Note If, when you are issuing a reload command, you receive a prompt asking if you would like to save your configuration, answer n. If you answer y, you will be saving the current configuration back into NVRAM and need to issue the erase startup-config command again in order to reload the default configuration file.

The following example shows output from the reload command (user response in boldface).

offload01# reload
System configuration has been modified. Save? [yes/no]:no
Proceed with reload? [confirm]y
%SYS-5-RELOAD: Reload requested

(Output truncated for readability).

6144K bytes of processor board PCMCIA flash (Read ONLY)
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Would you like to enter the initial configuration dialog? [yes]:n
Would you like to terminate autoinstall? [yes]:
Press RETURN to get started!
...

Step 5   Set a password for enable mode. In the following example, the user specifies cisco as the password for enable mode. All future attempts to enter enable mode will be met with a password prompt. (Refer to the section, "Securing Access to Privileged EXEC and Configuration Mode," in Chapter 7.)

router> enable password cisco
router>

Step 6   Write the Router Shelf configuration to the terminal to view it (and for reference when configuring IP addresses).

router> show running-config
Current configuration:
!
version 11.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname offload01
...

Step 7   Enter global configuration mode, create a stack group, and add all Access Server Shelves to this stack group (it is not necessary to add the other Router Shelf).

offload01#configure terminal
offload01(config)#sgbp group us_pri_mlp
offload01(config)#sgbp seed-bid offload
offload01(config)#sgbp source-ip 172.16.1.36
offload01(config)#sgbp member nas01 172.16.1.41
offload01(config)#sgbp member nas02 172.16.1.42
offload01(config)#sgbp member nas03 172.16.1.43
offload01(config)#sgbp member nas04 172.16.1.44
offload01(config)#sgbp member nas05 172.16.1.45
offload01(config)#sgbp member nas06 172.16.1.46
offload01(config)#sgbp member nas07 172.16.1.47
offload01(config)#sgbp member nas08 172.16.1.48
offload01(config)#sgbp member nas09 172.16.1.49
offload01(config)#sgbp member nas10 172.16.1.50

Step 8   Add an IP address and subnet mask to the loopback interface, and exit the loopback interface.

offload01(config)#interface Loopback0
offload01(config-if)#ip address 172.16.1.36 255.255.255.255
offload01(config-if)#exit
offload01(config)#

Step 9   Add an IP address and subnet mask to the Fast Ethernet interface, and exit the interface.

offload01(config)#interface FastEthernet0/0
offload01(config-if)#ip address 172.16.1.33 255.255.255.252
offload01(config-if)#exit
offload01(config)#

Step 10   Add an IP address and subnet mask to the backhaul interface, exit the interface, and exit global configuration mode. (In this example, we will configure a serial interface, but your AccessPath system may be configured for another kind of backhaul interface, such as HSSI, ATM, FDDI, or Fast Ethernet.)

offload01(config)#interface Serial6/0
offload01(config-if)#ip address 172.22.5.2 255.255.255.252
offload01(config-if)#exit
offload01(config)#exit
offload01#

Step 11   Write the configuration to memory.

offload01#copy running-config startup-config

Step 12   Ping each Access Server Shelf in turn to verify that the configurations are correct and that all devices are communicating. Your output will look similar to this:

offload01#ping 172.16.1.41
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.41, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

You can now configure the Router Shelves. See the following section, "Sample Router Shelf Configuration," for additional configuration guidelines.

Note      The above procedure does not cover all of the steps required for a Router Shelf configuration. For more information, refer to the Cisco 7206 Installation and Configuration Guide.

Sample Router Shelf Configuration

!
!
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname offload01
!
aaa new-model
aaa authentication login CONSOLE none
aaa authentication login ADMIN radius local
aaa authentication ppp USERS radius
! uncomment the following line to use modem on AUX port
! aaa authentication ppp ADMIN if-needed radius local
aaa authorization network radius
aaa accounting network start-stop radius
aaa accounting connection start-stop radius
aaa accounting exec start-stop radius
enable secret secret123
enable password cisco
!
username us_pri_mlp password secret
ip subnet-zero
no ip source-route
no ip domain-lookup
ip name-server 172.22.5.253
ip radius source-interface Loopback1
multilink virtual-template 1
!
no sgbp group us_pri_mlp
!
sgbp group us_pri_mlp
sgbp seed-bid offload
sgbp source-ip 172.16.1.36
sgbp member nas01 172.16.1.41
sgbp member nas02 172.16.1.42
sgbp member nas03 172.16.1.43
sgbp member nas04 172.16.1.44
sgbp member nas05 172.16.1.45
sgbp member nas06 172.16.1.46
sgbp member nas07 172.16.1.47
sgbp member nas08 172.16.1.48
sgbp member nas09 172.16.1.49
sgbp member nas10 172.16.1.50
sgbp member nas11 172.16.1.51
sgbp member nas12 172.16.1.52
sgbp member offload02 172.16.1.37
! uncomment the following line to use modem on AUX port
! chat-script reset "" "AT&F2"
clock timezone EST -5
clock summer-time EDT recurring
!
interface Loopback0
description "L2F tunnel Offload01 pseudo interface"
ip address 172.16.1.36 255.255.255.255
!
interface Loopback1
description "Management SNMP AAA Offload01 pseudo interface"
ip address 192.168.1.249 255.255.255.255
!
interface FastEthernet0/0
description "Offload01 to Offload02 Backdoor Link"
ip address 172.16.1.33 255.255.255.252
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
full-duplex
media-type MII
no shutdown
no ip mroute-cache
ip route-cache
no lat enabled
no cdp enable
no mop enabled
no keepalive
no fair-queue
!
interface FastEthernet1/0
description "To Stack via Cat5"
ip address 172.16.1.1 255.255.255.224
ip address 192.168.1.225 255.255.255.248 secondary
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no ip mroute-cache
ip route-cache
default keepalive
full-duplex
no cdp enable
no mop enabled
no shutdown
!
interface Serial2/0
description "Sync Serial backup to NAS01"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial2/1
description "Sync Serial backup to NAS03"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial2/2
description "Sync Serial backup to NAS05"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial2/3
description "Sync Serial backup to NAS07"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial3/0
description "Sync Serial backup to NAS09"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial3/1
description "Sync Serial backup to NAS11"
ip unnumbered Loopback1
clock rate 2000000
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
no fair-queue
no ip mroute-cache
ip route-cache
no shutdown
!
interface Serial3/2
no ip address
shutdown
!
interface Serial3/3
description "To CMS2511 Serial0"
ip unnumbered Loopback1
ip summary-address eigrp 4242 172.16.1.72 255.255.255.248
ip summary-address eigrp 4242 172.16.1.80 255.255.255.240
ip summary-address eigrp 4242 172.16.1.96 255.255.255.224
ip summary-address eigrp 4242 172.16.1.128 255.255.255.224
clock rate 2000000
no shutdown
no ip mroute-cache
ip route-cache
no fair-queue
no cdp enable
!
interface Serial 6/0
description "WAN side to ISP Backbone"
ip address 172.22.5.2 255.255.255.252
ip summary-address eigrp 4242 172.16.1.0 255.255.255.0
ip summary-address eigrp 4242 172.16.2.0 255.255.255.0
ip summary-address eigrp 4242 172.16.3.0 255.255.255.0
ip summary-address eigrp 4242 172.16.4.0 255.255.255.0
no ip mroute-cache
ip route-cache
no cdp enable
no mop enabled
!
interface Serial 6/1
no ip address
shutdown
!
interface Virtual-Template1
ip unnumbered Loopback0
no ip mroute-cache
ip route-cache
no cdp enable
peer default ip address pool default
ppp authentication chap callin USERS
ppp chap hostname NameCustomerSees
ppp multilink
!
! uncomment the following 12 lines to use modem on AUX port
!interface Async 1
! description "OSS Modem Incoming Call"
! ip unnumbered Loopback1
! no ip mroute-cache
! encapsulation ppp
! async dynamic address
! async mode interactive
! peer default ip address 192.168.1.251
! no cdp enable
! no fair-queue
! ppp authentication chap callin ADMIN
!
router eigrp 4242
redistribute connected
passive-interface Loopback0
passive-interface Loopback1
passive-interface Virtual-Template 1
redistribute static
network 172.16.0.0
network 192.168.1.0
no auto-summary
!
ip local pool default 172.16.1.72 172.16.1.159
ip classless
ip route 0.0.0.0 0.0.0.0 172.22.5.1
! ip http server
logging trap debugging
logging facility syslog
logging 192.168.10.1
no access-list 10
access-list 10 permit 192.168.10.1
no cdp run
!
snmp-server community public RO
snmp-server community private RW 10
snmp-server trap-source Loopback1
snmp-server host 192.168.10.1 public
snmp-server location YourLocation
snmp-server contact YourContact
snmp-server system-shutdown
radius-server host 192.168.10.8 auth-port 1645 acct-port 1646
radius-server key your_key
!
line con 0
session-timeout 30
exec-timeout 15 0
logout-warning 60
login authentication CONSOLE
line aux 0
! uncomment the following aux lines to use modem on AUX port
! exec-timeout 15 0
! autoselect during-login
! autoselect ppp
! script startup reset
! script reset reset
! login authentication ADMIN
! modem InOut
! transport preferred none
! transport input none
! autohangup
! rxspeed 38400
! txspeed 38400
! flowcontrol hardware
line vty 0 4
session-timeout 45
exec-timeout 45 0
login authentication ADMIN
!
ntp server 172.22.5.1 prefer
ntp server 172.22.6.1
ntp peer 172.16.1.34
end

hometocprevnextglossaryfeedbacksearchhelp
Posted: Tue Jan 21 07:59:32 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.