Edit Interface/Connection

This window displays the router's interfaces and connections. The window also enables you to add, edit, and delete connections, and to enable or disable connections.

Add

Clicking the Add button displays a drop-down menu. This menu will always have options to add a new loopback or tunnel interface, and if there are switch ports present on the router, this menu will have an option to add a new VLAN. When you choose an unconfigured interface, and click Add, the menu contains choices for adding a connection on that interface.

If you want to reconfigure an interface, and see no choices except Loopback and Tunnel when you click Add, choose the interface and click Delete. All the types of connections available for that kind of interface will appear in the Add menu. Click Available Interface Configurations to see what configurations are available for an interface.

Edit

When you choose an interface and click Edit, a dialog appears. If the interface is a supported and configured interface and is not a switch port, the dialog will have a Connection tab, an Association tab, a NAT tab, and a General tab. If the interface is not supported, the dialog will have an Association tab, a NAT tab, and a General tab. If you choose a switch port, the Edit Switch Port dialog appears. The Edit button will be disabled if the interface is supported and unconfigured.

Delete

Choosing a connection and clicking Delete displays a dialog box informing you of the associations this connection has and asking you if you want to remove the associations along with the connection. You can delete just the connection, or the connection and all of its associations.

Summary

Clicking the Summary button hides the details about the connection, restricting the information to the IP address, Type, Slot, Status, and Description.

Details

Clicking Details displays the Details About Interface area, described next. Details about the interface are shown by default.

Enable or Disable

When the chosen interface or connection is down, this appears as the Enable button. Click the Enable button to bring up the chosen interface or connection. When the chosen interface or connection is up, this appears as the Disable button. Click the Disable button to administratively shut down the interface or connection. This button can not be used with an interface whose configuration has not been delivered to the router.

Test Connection

Click to test the chosen connection. A dialog appears that enables you to specify a remote host to ping through this connection. The dialog then reports on the success or failure of the test. If the test fails, information about why the test may have failed is given, along with the steps you need to take to correct the problem.

Interface List

The interface list displays the physical interfaces and the logical connections to which they are configured.

This column lists the physical and logical interfaces by name. If a logical interface has been configured for a physical interface, the logical interface is shown under the physical interface.

If SDM is running on a Cisco 7000 router, you will be able to create a connection only on Ethernet and Fast Ethernet interfaces.

•

DHCP Client—The interface receives an IP address from a Dynamic Host Configuration Protocol (DHCP) server.

•

IP address negotiated—The interface receives an IP address through negotiation with the remote device.

•

IP unnumbered—The router will use one of a pool of IP addresses supplied by your service provider for your router, and for the devices on the LAN.

The number of the physical slot in the router that the interface is installed in. If SDM is running on a Cisco 1710 router, the slot field will be empty.

This column shows whether this interface is up or down. The green icon with the upward-pointing arrowhead indicates the interface is up. The red icon with the downward-pointing arrowhead indicates that the interface is down.

Details About Interface

This area of the window displays association and, if applicable, connection details about the interface chosen in the interface list. Association details include such information as Network Address Translation (NAT), access, and inspection rules, IPSec policies, and Easy VPN configurations. Connection details include IP address, encapsulation type, and DHCP options.

The name of the configuration item, such as IP address/Subnet mask, or IPSec policy. The actual items listed in this column depend on the type of interface chosen.

What do you want to do?


If you want to:	Do this:
Add a new connection.	Click Add, and choose a connection from the context menu.
Add a new logical interface.	Click Add, and choose a logical interface from the context menu.
Add a new VLAN interface.	Click Add, choose New Logical Interface from the context menu, and then choose VLAN from the submenu.
Edit an existing interface.	Highlight the interface you want to edit, and click Edit. Note If you are editing a GRE tunnel, the Connection tab will not appear if the GRE tunnel has not been configured to use gre ip mode.
Reset a physical interface to an unconfigured state.	Choose the physical interface, and click Reset.
Delete a logical interface.	Choose the interface you want to delete, and click Delete.
Find out how to perform related configuration tasks.	See one of the following procedures: • How Do I Configure a Static Route? • How Do I View Activity on My LAN Interface? • How Do I Enable or Disable an Interface? • How Do I View the IOS Commands I Am Sending to the Router? • How Do I Configure an Unsupported WAN Interface? • How Do I View Activity on My WAN Interface? • How Do I Configure NAT on a WAN Interface? • How Do I Configure a Static Route? • How Do I Configure a Dynamic Routing Protocol?

Why Are Some Interfaces or Connections Read-Only?

There are many conditions that can prevent SDM from modifying a previously configured interface or subinterface.

Connection: Ethernet for IRB

This dialog box contains the following fields if you chose Ethernet for IRB in the Configure list.

Current Bridge Group/Associated BVI

These read-only fields contain the current bridge group value and the current Bridge-Group Virtual Interface (BVI) name.

Create a new Bridge Group/Join an existing Bridge Group

Choose whether you want to make this interface a member of a new bridge group, or if you want to join an existing bridge group. If you want to create a new bridge group, enter a number in the range 1-255. If you want to have the interface join an existing bridge group, choose the BVI interface that is already a member of that group.

IP Address

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: Ethernet for Routing

This dialog box contains the following fields if you chose Ethernet for Routing in the Configure list.

IP Address

Enter an IP address and subnet mask in the IP Address fields. This address will be the source IP address for traffic originating from this interface, and the destination IP address for traffic destined for hosts connected to this interface.

DHCP Relay

Click this button to enable the router to act as a DHCP relay. A device acting as a DHCP relay forwards DHCP requests to a DHCP server. When a device needs to have an IP address dynamically assigned, it broadcasts a DHCP request. A DHCP server replies to this request with an IP address. You can have a maximum of one DHCP relay or one DHCP server per subnetwork.

Note If the router has been previously configured to be a DHCP relay and is configured to have more than one remote DHCP server IP address, these fields will be disabled.

Enter the IP address of the DHCP server that will provide addresses to devices on the LAN.

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Existing Dynamic DNS Methods

This window allows you to choose a dynamic DNS method to associate with a WAN interface.

The list of existing dynamic DNS methods shows each method's name and associated parameters. Choose a method from the list, and then click OK to associate it to the WAN interface.

To add, edit, or delete dynamic DNS methods, go to Configure > Additional Tasks > Dynamic DNS Methods.

Add Dynamic DNS Method

This window allows you to add a dynamic DNS method. Choose the type of method, HTTP or IETF, and configure it.

HTTP

HTTP is a dynamic DNS method that updates a DNS service provider with changes to the associated interface's IP address.

Server

If using HTTP, choose the domain address of the DNS service provider from the drop-down menu.

Username

Password

IETF

IETF is a dynamic DNS method that updates a DNS server with changes to the associated interface's IP address.

DNS Server

If using IETF, and no DNS server has been configured for the router in Configure > Additional Tasks > DNS, then enter the IP address of your DNS server.

Hostname

Enter a hostname if one has not been configured in Configure > Additional Tasks > Router Properties > Edit > Host, or if you want to override the configured hostname. When updating the interface IP address, the dynamic DNS method sends the hostname along with the interface's new IP address.

Domain Name

Enter a domain name if one has not been configured in Configure > Additional Tasks > Router Properties > Edit > Domain, or if you want to override the configured domain name. When updating the interface IP address, the dynamic DNS method sends the domain name along with the interface's new IP address.

Wireless

If the router has a wireless interface, you can launch the wireless application from this tab. You can also launch the wireless application from the Tools menu by choosing Tools > Wireless Application.

Association

Use this window to view, create, edit, or delete associations between interfaces and rules or VPN connections.

Interface

Access Rule

The names or numbers of any access rules associated with this interface. Access rules permit or deny traffic that matches the IP address and service criteria specified in the rule.

The name or number of an access rule applied to inbound traffic on this interface. If you want to apply a rule, click the ... button and either choose an existing rule or create a rule and choose it.

When a rule is applied to inbound traffic on an interface, the rule filters traffic before it enters the router. Any packet that the rule does not permit is dropped and will not be routed to another interface. When you apply a rule to the inbound direction on an interface, you are not only preventing it from entering a trusted network connected to the router but also preventing it from being routed anywhere else by the local router.

The name or number of an access rule applied to outbound traffic on this interface. If you want to apply a rule, click the ... button and either choose an existing rule or create a rule and choose it.

When a rule is applied to outbound traffic on an interface, the rule filters traffic after it has entered the router but before it exits the interface. Any packet that the rule does not permit is dropped before it leaves the interface.

Inspect Rule

The names of inspection rules associated with this interface. Inspection rules create temporary holes in firewalls so that hosts inside the firewall that started sessions of a certain type can receive return traffic of the same type.

The name or number of an inspection rule applied to inbound traffic on this interface. If you want to apply an inbound rule, click the Inbound drop-down menu and choose a rule.

The name or number of an inspection rule applied to outbound traffic on this interface. If you want to apply an outbound rule, click the Outbound drop-down menu and choose a rule.

VPN

VPNs protect traffic that may flow over lines that your organization does not control. You can use the chosen interface in a VPN by associating it with an IPSec policy.

The configured IPSec policy associated with this interface. To associate the interface with an IPSec policy, choose the policy from this list.

Note To create a GRE-over-IPSec Tunnel, you must first associate the policy with the tunnel interface, and then associate it with the source interface for the tunnel. For example, if you wanted to associate a policy with Tunnel3, whose source interface is Serial0/0, you would first choose Tunnel3 in the Interfaces and Connections window, click Edit and associate the policy with it, and then click OK. Then you would choose the Serial0/0 interface and associate the same policy with it.

If the interface is used in an Easy VPN connection, the name of the connection is shown here.

Note An interface cannot be used in both a virtual private network (VPN) connection and an Easy VPN connection.

Making Association Changes

When you change the association properties of an interface, the changes are reflected in the lower portion of the Edit Interface/Connection window. For example, if you associate an IPSec policy with the interface, the name of the IPSec policy appears in the lower portion of the window. If you delete an association, the value in the Item Value column changes to <None>.

NAT

If you intend to use this interface in a NAT configuration, you must designate it as either an inside or an outside interface. Choose the traffic direction to which NAT is to be applied. If the interface connects to a LAN that the router serves, choose Inside. If it connects to the Internet or to your organization's WAN, choose Outside. If you have chosen an interface that cannot be used in a NAT configuration, such as a logical interface, this field is disabled and contains the value Not Supported.

Edit Switch Port

Mode Group

Choose the type of VLAN information you want to be carried across this Ethernet switch port. Choosing Access causes the switch port to forward only data destined for the specific VLAN number. Choosing Trunking causes the switch port to forward data for all VLANs, including the VLAN data itself. Choose Trunking only for "trunking" VLAN ports that connect to other networking devices, such as another switch, that will connect to devices in multiple VLANs.

VLAN

To assign the switch port to a VLAN, enter the VLAN number to which this switch port should belong. If the switch port does not already have a VLAN associated with it, this field will show the default value VLAN 1. To create a new VLAN interface corresponding to a VLAN ID, enter that VLAN ID here and check the Make VLAN visible to interface list check box.

Make VLAN visible to interface list

Check this box if you want to create a new VLAN with the VLAN ID specified in the VLAN field.

Stacking Partner

Choose a switch module as the stacking partner to use. When a device contains multiple switching modules, these must be stacked before other stacking partners.

Bridge Group Number

If you want this switch port to form part of a bridge to a wireless network, enter the number of an existing bridge group.

General

This window displays general security settings and allows you to enable or disable them by checking or unchecking the check box next to the name and description. If you have allowed the Security Audit feature to disable certain properties but want to reenable them, you can reenable them in this window. The properties listed in this screen are as follows:

Description

In this field you can enter a short description of the interface configuration. This description is visible in the Edit Interfaces and Connections window. A description, such as "Accounting" or "Test Net 5," can help other SDM users understand the purpose of the configuration.

IP Directed Broadcasts

An IP directed broadcast is a datagram that is sent to the broadcast address of a subnet to which the sending machine is not directly attached. The directed broadcast is routed through the network as a unicast packet until it arrives at the target subnet, where it is converted into a link-layer broadcast. Because of the nature of the IP addressing architecture, only the last router in the chain, the one that is connected directly to the target subnet, can conclusively identify a directed broadcast. Directed broadcasts are occasionally used for legitimate purposes, but such use is not common outside the financial services industry.

IP directed broadcasts are used in the extremely common and popular "smurf" denial of service attack, and they can also be used in related attacks. In a "smurf" attack, the attacker sends ICMP echo requests from a falsified source address to a directed broadcast address, causing all the hosts on the target subnet to send replies to the falsified source. By sending a continuous stream of such requests, the attacker can create a much larger reply stream, which can completely inundate the host whose address is being falsified.

Disabling IP directed broadcasts drops directed broadcasts that would otherwise be "exploded" into link-layer broadcasts at that interface.

IP Proxy ARP

ARP is used by the network to convert IP addresses into MAC addresses. Normally ARP is confined to a single LAN, but a router can act as a proxy for ARP requests, making ARP queries available across multiple LAN segments. Because it breaks the LAN security barrier, proxy ARP should be used only between two LANs with an equal security level, and only when necessary.

IP Route Cache-Flow

This option enables the Cisco IOS NetFlow feature. Using NetFlow, you can determine packet distribution, protocol distribution, and current flows of data on the router. This information is useful for certain tasks, such as searching for the source of a spoofed IP address attack.

IP Redirects

ICMP redirect messages instruct an end node to use a specific router as a part of its path to a particular destination. In a properly functioning IP network, a router sends redirects only to hosts on its own local subnets, no end node will ever send a redirect, and no redirect will ever traverse more than one network hop. However, an attacker may violate these rules. Disabling ICMP redirects has no negative effects on the network but can eliminate redirect attacks.

IP Mask-Reply

ICMP mask reply messages are sent when a network device must know the subnet mask for a particular subnetwork in the internetwork. ICMP mask reply messages are sent to the device requesting the information by devices that have the requested information. These messages can be used by an attacker to gain network mapping information.

IP Unreachables

ICMP host unreachable messages are sent out if a router receives a nonbroadcast packet that uses an unknown protocol, or if the router receives a packet that it is unable to deliver to the ultimate destination because it knows of no route to the destination address. These messages can be used by an attacker to gain network mapping information.

QoS

You can associate a QoS policy with an interface in this tab, or dissociate a policy from an interface.

Dissociate Current QoS Policy Check Box

Enabled when a QoS policy is associated with the interface. Check to dissociate the currently associated policy from the interface.

Associate an existing QoS policy Check Box

Click to associate an existing policy, and then choose the QoS policy from the list.

Select Ethernet Configuration Type

This window is displayed when you click on an interface in the Interfaces and Connections window and SDM cannot determine whether the interface is configured as a LAN interface or as a WAN interface. When you configure an interface using SDM, you designate it as an inside or outside interface, and SDM adds a descriptive comment to the configuration file based on your designation. If you have configured an interface using the command-line interface (CLI), the configuration will not include this descriptive comment, and SDM will not have this information.

To indicate that the interface is a LAN interface:

Click LAN, and then click OK. SDM adds the comment line $ETH-LAN$ to the interface configuration, and the interface appears in the LAN wizard window appears with the designation Inside in the Interfaces and Connections window.

To indicate that the interface is a WAN interface:

Click WAN, and then click OK. SDM adds the comment line $ETH-WAN$ to the interface configuration, and the interface appears in the WAN wizard window appears with the designation Outside in the Interfaces and Connections window.

Connection: VLAN

VLAN ID

Enter the ID number of the new VLAN interface. If you are editing a VLAN interface, you cannot change the VLAN ID.

Native VLAN Checkbox

IP Address Fields

Choose whether this VLAN interface will have a static IP address or no IP address. This field is visible when VLAN only is chosen in the Configure As field.

Enter the subnet mask of the VLAN interface, or indicate the number of subnet bits using the scrolling field.

Subinterfaces List

This window displays the subinterfaces configured for the interface that you chose, and enables you to add, edit, and remove configured subinterfaces. For each configured subinterface, the window displays the Subinterface ID, VLAN ID, IP address and mask, and a description, if one has been entered. For example, if the router had the interface FastEthernet 1, and the subinterfaces FastEthernet1.3 and FastEthernet1.5 were configured, this window might contain the following display

In this example, FastEthernet1.5 is configured for routing, and FastEthernet1.3 is configured for IRB.

Note You must choose the physical interface on which the subinterfaces are configured to display this window. For the example described, you would have to choose FastEthernet 1 to display this window. If you chose FastEthernet1.3 or FastEthernet1.5 and clicked edit, you would display the edit dialog with the information for that interface.

Add, Edit, and Delete Buttons

Use these buttons to configure, edit, and remove subinterfaces from the chosen physical interface.

Add or Edit BVI Interface

Add or edit a Bridge Group Virtual Interface (BVI) in this window. If your router has a Dot11Radio interface, a BVI is automatically created when you configure a new bridge group. This is done to support IRB bridging. You can change the IP address and subnet mask in this screen.

IP Address/Subnet Mask

Add Loopback Interface/Connection—Loopback

IP Address

Choose whether the loopback interface is to have no IP address or a static IP address.

Enter the subnet mask in this field, or choose the number of subnet bits from the field on the right. The subnet mask tells the router which bits of the IP address designate the network address and which bits designate the host address.

Connection: Ethernet LAN

Use this window to configure the IP address and DHCP properties of an Ethernet interface that you want to use as a LAN interface.

IP Address

Enter the IP address for this interface. Obtain the IP address value from your service provider or network administrator. For more information, see IP Addresses and Subnet Masks.

Subnet Mask

Enter the subnet mask. Obtain this value from your network administrator. The subnet mask enables the router to determine how much of the IP address is used to define the network and subnet portion of the address.

DHCP Relay

Note If the router has been previously configured to be a DHCP relay and is configured to have more than one remote DHCP server IP address, this button will be disabled.

If you clicked DHCP Relay, enter the IP address of the DHCP server that will provide addresses to devices on the LAN.

Connection: Ethernet WAN

Enable PPPoE Encapsulation

Click this option if the connection must use Point-to-Point Protocol over Ethernet (PPPoE) encapsulation. Your service provider can tell you whether the connection uses PPPoE. When you configure a PPPoE connection, a dialer interface is automatically created.

IP Address

Choose one of the following IP address types, and enter the information in the displayed fields. If the Ethernet connection is not using PPPoE, you will see only the Static IP address and Dynamic options.

If you choose Static IP Address, enter the IP address and subnet mask or the network bits in the fields provided. For more information, see IP Addresses and Subnet Masks.

If you choose Dynamic, the router will lease an IP address from a remote DHCP server. Enter the name of the DHCP server from which addresses will be leased.

Choose IP Unnumbered if you want the interface to share an IP address that has already been assigned to another interface. Then choose the interface whose IP address this interface is to share.

Choose Easy IP (IP Negotiated) if the router will obtain an IP address through Point-to-Point Protocol/IP Control Protocol (PPP/IPCP) address negotiation.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Ethernet Properties

Enable PPPoE Encapsulation

Click Enable PPPoE encapsulation if your service provider requires that you use it. PPPoE specifies Point-to-Point Protocol over Ethernet encapsulation.

IP Address

Available with PPPoE encapsulation and with no encapsulation. If you choose Static IP Address, enter the IP address and subnet mask or the network bits in the fields provided. For more information, see IP Addresses and Subnet Masks.

Available with PPPoE encapsulation and with no encapsulation. If you choose Dynamic, the router will lease an IP address from a remote DHCP server. Enter the name of the DHCP server that will assign addresses.

Available with PPPoE encapsulation. Choose IP Unnumbered if you want the interface to share an IP address that has already been assigned to another interface. Then choose the interface whose IP address this interface is to share.

Available with PPPoE encapsulation. Choose Easy IP (IP Negotiated) if the router will obtain an IP address using PPP/IPCP address negotiation.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: Ethernet with No Encapsulation

IP Address

•

Static IP address—If you choose Static IP Address, enter the IP address and subnet mask or network bits in the fields provided. For more information, see IP Addresses and Subnet Masks.

•

Dynamic IP address—If you choose Dynamic, the router will lease an IP address from a remote DHCP server. Then enter the name or IP address of the DHCP server.

Hostname

If your service provider inserts a hostname for the router into the DHCP response that contains the dynamic IP address, you can enter that name in this field for informational purposes.

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: ADSL

This window enables you to specify or edit properties of a PPPoE link supported by an ADSL connection.

Encapsulation

•

RFC 1483 Routing (AAL5 SNAP) specifies that each PVC can carry multiple protocols.

•

RFC 1483 Routing (AAL5 MUX) specifies that each PVC can carry only one type of protocol.

If you are editing a connection, the encapsulation is shown, but not editable. If you need to change the encapsulation type, delete the connection and re-create it using the encapsulation type you need.

Virtual Path Identifier

The virtual path identifier (VPI) is used in ATM switching and routing to identify the path used for a number of connections. Enter the VPI value given to you by your service provider.

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

Virtual Circuit Identifier

The virtual circuit identifier (VCI) is used in ATM switching and routing to identify a particular connection within a path that your connection may share with other connections. Enter the VCI value given to you by your service provider.

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

IP Address

•

Static IP address—If you choose Static IP Address, enter the IP address and subnet mask, or network bits in the fields provided. For more information, see IP Addresses and Subnet Masks.

•

Dynamic IP address—If you choose Dynamic, the router will lease an IP address from a remote DHCP server. Then enter the name or IP address of the DHCP server.

•

Unnumbered IP address—Choose IP Unnumbered if you want the interface to share an IP address that has already been assigned to another interface. Then choose the interface whose IP address this interface is to share.

•

IP Negotiated—This interface will obtain an IP address using PPP/IP Control Protocol (IPCP) address negotiation.

Hostname

If your service provider has provided a hostname for DHCP option 12, enter it here.

Operating Mode

•

auto—Configure the Asymmetric Digital Subscriber Line (ADSL) line after autonegotiating with the digital subscriber access line multiplexer ( DSLAM) located at the central office.

•

adls2—Configure the ADSL line to train in the ITU G.992.3 mode. This mode is available for the HWIC-ADSL-B/ST, HWIC-ADSLI-B/ST, HWIC-1ADSL, and HWIC-1ADSLI ADSL network modules.

•

adsl2+—Configure the ADSL line to train in the ITU G.992.4 mode. This mode is available for the HWIC-ADSL-B/ST, HWIC-ADSLI-B/ST, HWIC-1ADSL, and HWIC-1ADSLI ADSL network modules.

•

splitterless—Configure the ADSL line to train in the G.Lite mode. This mode is available for older ADSL network modules such as the WIC-1ADSL.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: ADSL over ISDN

Encapsulation

•

RFC 1483 Routing (AAL5 SNAP) specifies that each PVC can carry multiple protocols.

•

RFC 1483 Routing (AAL5 MUX) specifies that each PVC can carry only one type of protocol.

Virtual Path Identifier

The virtual path identifier (VPI) is used in ATM switching and routing to identify the path used for a number of connections. Obtain this value from your service provider.

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

Virtual Circuit Identifier

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

IP Address

•

Static IP address—If you choose Static IP Address, enter the IP address and subnet mask, or network bits in the fields provided. For more information, see IP Addresses and Subnet Masks.

•

Dynamic IP address—If you choose Dynamic, the router will lease an IP address from a remote DHCP server. Then enter the name or IP address of the DHCP server.

•

IP Negotiated—This interface will obtain an IP address using PPP/IP Control Protocol (IPCP) address negotiation.

Operating Mode

Note If the Cisco IOS version you are running on the router does not support all five operating modes, you will see options only for the operating modes supported by your Cisco IOS version.

•

auto—Configure the Asymmetric Digital Subscriber Line (ADSL) line after autonegotiating with the digital subscriber access line multiplexer ( DSLAM) located at the central office.

•

multimode—Mode chosen by the firmware for the best operating condition on digital subscriber line (DSL). The final mode can be either ETSI mode or standard Annex-B mode depending on the current DSLAM setting.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: G.SHDSL

Note If the connection that you are configuring uses a DSL controller, the Equipment Type and Operating Mode fields do not appear in the dialog.

Encapsulation

•

RFC 1483 Routing (AAL5 SNAP) specifies that each PVC can carry multiple protocols.

•

RFC 1483 Routing (AAL5 MUX) specifies that each PVC can carry only one type of protocol.

Virtual Path Identifier

The virtual path identifier (VPI) is used in ATM switching and routing to identify the path used for a number of connections. Obtain this value from your service provider.

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

Virtual Circuit Identifier

If you are editing an existing connection, this field is disabled. If you need to change this value, delete the connection and re-create it using the value you need.

IP Address

Choose how the router will obtain an IP address for this link. The fields that appear in this area change according to the encapsulation type chosen. Your service provider or network administrator must tell you the method the router should use to obtain an IP address.

If you choose Static IP Address, enter the address that the interface will use, and the subnet mask or the network bits. Obtain this information from your service provider or network administrator. For more information, see IP Addresses and Subnet Masks.

If you choose Dynamic IP address, the interface will obtain an IP address from a DHCP server on the network. If the DHCP server uses DHCP option 12, it sends a hostname for the router along with the IP address the router is to use. Check with your service provider or network administrator to determine the hostname sent.

Choose this option if you want the interface to share an IP address with an Ethernet interface on the router. If you choose this option, you must specify from the drop-down list the Ethernet interface whose address you want to use.

IP Address for Remote Connection in Central Office

Enter the IP address of the gateway system to which this link will connect. This IP address is supplied by the service provider or network administrator. The gateway is the system that the router must connect to in order to access the Internet or your organization's WAN.

Equipment Type

Customer premises equipment. If the encapsulation type is PPPoE, CPE is automatically chosen and the field is disabled.

Operating Mode

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Configure DSL Controller

SDM supports the configuration of the Cisco WIC-1SHDSL-V2. This WIC supports TI, E1, or a G.SHDSL connection over an ATM interface. SDM only supports a G.SHDSL connection using the ATM interface. This window lets you set the controller mode on the WIC to ATM, enabling a G.SHDSL connection, and lets you create or edit DSL controller information for the G.SHDSL connection.

Controller Mode

SDM supports only ATM mode, which provides for a G.SHDSL connection, on this controller. This field will automatically be set to ATM mode when the OK button is clicked.

Equipment Type

Choose whether your connection terminates at the central office (CO) or your customer premises equipment (CPE).

Operating Mode

Choose whether the DSL connection should use Annex A signaling (for DSL connections in the United States) or Annex B signaling (for DSL connections in Europe).

Line Mode

Line Number

Line Rate

Choose the DSL line rate for the G.SHDSL port. If you have chosen a 2-wire connection, you can choose either auto, which configures the interface to automatically negotiate the line rate between the G.SHDSL port and the DSLAM, or the actual DSL line rate. The supported line rates are 200, 264, 392, 520, 776, 1032, 1160, 1544, 2056, and 2312.

If you have chosen a 4-wire connection, you must choose a fixed line rate. The supported line rates for a 4-wire connection are 384, 512, 640, 768, 896, 1024, 1152, 1280, 1408, 1664, 1792, 1920, 2048, 2176, 2304, 2432, 2688, 2816, 2944, 3072, 3200, 3328, 3456, 3584, 3712, 3840, 3968, 4096, 4224, 4352, 4480, and 4608

Note If different DSL line rates are configured at opposite ends of the DSL uplink, the actual DSL line rate is always the lower rate.

Enable Sound to Noise Ratio Margin

The sound-to-noise ratio margin provides a threshold for the DSL modem to determine whether it should reduce or increase its power output depending on the amount of noise on the connection. If you have set the line rate to "auto", you can enable this feature to maximize the quality of the DSL connection. Note that you cannot use this feature if your line rate is fixed. To enable the sound-to-noise ratio margin, check this check box and choose the ratio margins in the Current and Snext fields. To disable this feature, uncheck this check box.

Choose the sound-to-noise ratio margin in the form of decibels (Db) on the current connection. The lower the ratio chosen here, the more noise will be tolerated on the connection. A lower Db setting will cause the DSL modem to allow more noise on the line, potentially resulting in a connection of lower quality but higher throughput. A higher Db setting causes the modem to restrict noise, potentially resulting in a connection of higher quality but lower throughput.

Choose the Self near-end crosstalk (Snext) sound-to-noise ratio margin in the form of decibels.

DSL Connections

This field displays all of the G.SHDSL connections currently configured on this controller. To configure a new G.SHDSL connection, click Add. This displays the Connection: Serial Interface, Frame Relay Encapsulation page, letting you configure the new connection. To edit an existing G.SHDSL connection, choose the connection in this field and click Edit. This also will display the Connection: Serial Interface, Frame Relay Encapsulation page, letting you edit the connection configuration. To delete a connection, choose the connection in this field, and click Delete.

Connection: Serial Interface, Frame Relay Encapsulation

Complete these fields if you are configuring a serial subinterface for Frame Relay encapsulation. If you are editing a connection or creating a connection in the Edit Interfaces and Connections window, the encapsulation is shown but is not editable. If you need to change the encapsulation type, delete the connection and re-create it using the encapsulation type you need.

Encapsulation

IP Address

If you chose Static IP address, enter the IP address for this interface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

If you chose Static IP address, enter the subnet mask. The subnet mask specifies the portion of the IP address that provides the network address. This value is synchronized with the subnet bits. Your network administrator or Internet service provider provides the value of the subnet mask or the network bits.

Alternatively, enter the network bits to specify how much of the IP address provides the network address.

If you chose IP unnumbered, the interface will share an IP address that has already been assigned to another interface. Choose the interface whose IP address this interface is to share.

DLCI

Enter the data link connection identifier (DLCI) in this field. This number must be unique among all DLCIs used on this interface. The DLCI provides a unique Frame Relay identifier for this connection.

If you are editing an existing connection, the DLCI field will be disabled. If you need to change the DLCI, delete the connection and create it again.

LMI Type

Ask your service provider which of the following Local Management Interface (LMI) types you should use. The LMI type specifies the protocol used to monitor the connection:

Annex D defined by American National Standards Institute (ANSI) standard T1.617.

Default. This setting allows the router to detect which LMI type is used by the switch and then use that type. If autosense fails, the router will use the Cisco LMI type.

Use IETF Frame Relay Encapsulation

Check this box to use Internet Engineering Task Force ( IETF) encapsulation. This option is used to connect with non-Cisco routers. Check this box if you are connecting to a non-Cisco router on this interface.

Clock Settings

In most cases, clock settings should not be changed from the default values. If you know that your requirements are different from the defaults, click this button and adjust the clock settings in the window displayed.

The Clock Settings button appears only if you are configuring a T1 or E1 serial connection.

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: Serial Interface, PPP Encapsulation

Complete these fields if you are configuring a serial interface for Point-to-Point Protocol encapsulation. If you are editing a connection or creating a connection in the Edit Interfaces and Connections window, the encapsulation is shown but is not editable. If you need to change the encapsulation type, delete the connection and re-create it using the encapsulation type you need.

Encapsulation

IP Address

Choose Static IP Address, IP Unnumbered, or IP Negotiated. If you choose IP Unnumbered, choose the interface whose IP address this interface is to share. If you choose IP Negotiated, the router obtains an IP address from the Internet service provider for this interface. If you choose Specify an IP address, complete the fields below.

Enter the IP address for this point-to-point subinterface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

Enter the subnet mask. The subnet mask specifies the portion of the IP address that provides the network address. This value is synchronized with the network bits. Obtain the value of the subnet mask or the network bits from your network administrator or Internet service provider.

Alternatively, enter the network bits to specify how many bits in the IP address provide the network address.

Authentication

Clock Settings

The Clock Settings button appears only if you are configuring a T1 or E1 serial connection.

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: Serial Interface, HDLC Encapsulation

Fill out these fields if you are configuring a serial interface for HDLC encapsulation. If you are editing a connection or creating a connection in the Edit Interfaces and Connections window, the encapsulation is shown but is not editable. If you need to change the encapsulation type, delete the connection and re-create it using the encapsulation type you need.

Encapsulation

IP Address

Choose either Static IP address or IP Unnumbered. If you choose IP Unnumbered, choose the interface whose IP address this interface is to share. If you choose Static IP Address, complete the fields below.

Enter the IP address for this interface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

Alternatively, choose the number of bits that specify how much of the IP address provides the network address.

Clock Settings

The Clock Settings button appears only if you are configuring a T1 or E1 serial connection.

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Add or Edit GRE Tunnel

You can add a GRE tunnel to an interface or edit an existing interface in this window. This window does not appear if the GRE tunnel has not been configured using gre ip mode.

Tunnel Number

Tunnel Source

Choose the interface that the tunnel will use. This interface must be reachable from the other end of the tunnel; therefore, it must have a public, routable IP address.

Tunnel Destination

The tunnel destination is the interface on the router at the other end of the tunnel. Choose whether you will specify an IP address or a hostname, and then enter that information. If you chose IP address, provide the IP address and subnet mask in dotted decimal format; for example, 192.168.20.1 and 255.255.255.0.

Make sure that this address or hostname is reachable using the ping command; otherwise, the tunnel will not be created properly.

Tunnel IP Address

Enter the IP address of the tunnel in dotted decimal format; for example, 192.168.20.1. For more information, see IP Addresses and Subnet Masks.

GRE Keepalive

Check this box if you want the router to send GRE keepalives. Specify the interval, in seconds, that keepalives will be sent, and the waiting period, in seconds, between retries.

Maximum Transmission Unit

Enter the maximum transmission unit (MTU) size. If you want the size adjusted to a lower value when the adjustment would avoid packet fragmentation, click Adjust MTU to avoid fragmentation.

Bandwidth

Connection: ISDN BRI

Complete these fields if you are configuring an ISDN BRI connection. Because SDM supports only PPP encapsulation over an ISDN BRI connection, the encapsulation shown is not editable.

Encapsulation

ISDN Switch Type

Choose the ISDN switch type. Contact your ISDN service provider for the switch type for your connection.

–

basic-net3—NET3 ISDN BRI for Norway NET3, Australia NET3, and New Zealand NET3switch types; ETSI-compliant switch types for Euro-ISDN E-DSS1 signaling system

SPIDs

Some service providers use SPIDs to define the services subscribed to by the ISDN device that is accessing the ISDN service provider. The service provider assigns the ISDN device one or more SPIDs when you first subscribe to the service. If you are using a service provider that requires SPIDs, your ISDN device cannot place or receive calls until it sends a valid, assigned SPID to the service provider when accessing the switch to initialize the connection.

Currently, only the DMS-100 and NI switch types require SPIDs. The AT&T 5ESS switch type may support a SPID, but we recommend that you set up that ISDN service without SPIDs. In addition, SPIDs have significance at the local-access ISDN interface only. Remote routers never receive the SPID.

A SPID is usually a seven-digit telephone number with some optional numbers. However, service providers may use different numbering schemes. For the DMS-100 switch type, two SPIDs are assigned, one for each B channel.

Remote Phone Number

Options

Click this button if you need to associate ACLs with a dialer list to identify interesting traffic, enter timer settings, or enable or disable multilink PPP.

Identifying interesting traffic will cause the router to dial out and create an active connection only when the router detects interesting traffic.

Timer settings will cause the router to automatically disconnect a call after the line is idle for the specified amount of time.

Multilink PPP can be configured to provide load balancing between ISDN B channels.

IP Address

Choose Static IP address, IP Unnumbered, or IP Negotiated. If you choose Specify an IP address, complete the fields below.

Enter the IP address for this point-to-point subinterface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

Alternatively, enter the network bits to specify how many bits in the IP address provide the network address.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: Analog Modem

Complete these fields if you are configuring an analog modem connection. Because SDM supports only PPP encapsulation over an analog modem connection, the encapsulation shown is not editable.

Encapsulation

Remote Phone Number

Options

Click this button if you need to associate ACLs with a dialer list to identify interesting traffic or enter timer settings.

Identifying interesting traffic will cause the router to dial out and create an active connection only when the router detects interesting traffic.

Timer settings will cause the router to automatically disconnect a call after the line is idle for the specified amount of time.

Clear Line

Click this button to clear the line. You should clear the line after creating an async connection so that interesting traffic triggers the connection.

IP Address

Choose Static IP address, IP Unnumbered, or IP Negotiated. If you choose Specify an IP address, complete the fields below.

Enter the IP address for this point-to-point subinterface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

Alternatively, enter the network bits to specify how many bits in the IP address provide the network address.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Connection: (AUX Backup)

Complete these fields if you are configuring an asynchronous dial-up connection using the console port to double as an AUX port on a Cisco 831 or 837 router. Once you have entered the information in this window, click Backup Details and enter dial-backup information, which is required for this type of connection. Note that because SDM supports only PPP encapsulation over an analog modem connection, the encapsulation shown is not editable.

The option to configure the AUX port as a dial-up connection appears only for the Cisco 831 and 837 routers. This option will not be available for those routers when any of the following conditions occur:

•

When the asynchronous interface is not configurable by SDM because of the presence of unsupported Cisco IOS commands in the existing configuration

Encapsulation

Remote Phone Number

Options

Click this button if you need to associate ACLs with a dialer list to identify interesting traffic or enter timer settings.

Identifying interesting traffic will cause the router to dial out and create an active connection only when the router detects interesting traffic.

Timer settings will cause the router to automatically disconnect a call after the line is idle for the specified amount of time.

Clear Line

Click this button to clear the line. You should clear the line after creating an async connection so that interesting traffic triggers the connection.

IP Address

Choose Static IP address, IP Unnumbered, or IP Negotiated. If you choose Specify an IP address, complete the fields below.

Enter the IP address for this point-to-point subinterface. Obtain this value from your network administrator or service provider. For more information, see IP Addresses and Subnet Masks.

Alternatively, enter the network bits to specify how many bits in the IP address provide the network address.

Backup Details

Click this button to display the Backup Configuration screen, which lets you configure dial-backup information for this connection. This information is mandatory for this type of connection, and an error will be displayed if you try to complete the connection configuration without entering dial-backup configuration information.

Authentication

Dynamic DNS

Enable dynamic DNS if you want to update your DNS servers automatically whenever the WAN interface IP address changes.

Note This feature appears only if supported by the Cisco IOS version on your server.

Enter the name in the Dynamic DNS Method field exactly as it appears in the list in Configure > Additional Tasks > Dynamic DNS Methods.

Click the drop-down menu and choose an existing method. A window with a list of existing dynamic DNS methods opens. This menu choice is available only if there are existing dynamic DNS methods.

To clear an associated dynamic DNS method from the interface, choose None from the drop-down menu.

Authentication

This page is displayed if you enabled PPP for a serial connection or PPPoE encapsulation for an ATM or Ethernet connection, or you are configuring an ISDN BRI or analog modem connection. Your service provider or network administrator may use a Challenge Handshake Authentication Protocol ( CHAP) password or a Password Authentication Protocol ( PAP) password to secure the connection between the devices. This password secures both incoming and outgoing access.

CHAP/PAP

Check the box for the type of authentication used by your service provider. If you do not know which type your service provider uses, you can check both boxes: the router will attempt both types of authentication, and one attempt will succeed.

The login name is given to you by your Internet service provider and is used as the username for CHAP/PAP authentication.

Password

Enter the password exactly as given to you by your service provider. Passwords are case sensitive. For example, the password cisco is not the same as Cisco.

Reenter Password

SPID Details

Some service providers use service profile ID numbers (SPIDs) to define the services subscribed to by the ISDN device that is accessing the ISDN service provider. The service provider assigns the ISDN device one or more SPIDs when you first subscribe to the service. If you are using a service provider that requires SPIDs, your ISDN device cannot place or receive calls until it sends a valid, assigned SPID to the service provider when accessing the switch to initialize the connection.

SPID1

SPID2

Dialer Options

Both ISDN BRI and analog modem interfaces can be configured for dial-on-demand routing (DDR), which causes the connection to dial out and become active only under specified circumstances, thus saving connection time and cost. This window lets you configure options specifying when ISDN BRI or analog modem connections should be initiated and ended.

Dialer List Association

The dialer list lets you associate the ISDN BRI or analog modem connection with an ACL to identify interesting traffic. Identifying interesting traffic will cause the interface to dial out and establish a connection only when the router detects data traffic that matches the ACL.

Choose this option to cause the interface to dial out and establish a connection whenever there is any IP traffic being sent over the interface.

Choose this option to associate an ACL, which must be created using the rules interface, with the interface. Only traffic that matches the traffic identified in the ACL will cause the interface to dial out and establish a connection.

You can enter the ACL number you want to associate with the dialer interface to identify interesting traffic, or you can click the button next to the field to browse the list of ACLs or create a new ACL and choose it.

Timer Settings

Timer settings let you configure the maximum amount of time that a connection with no traffic stays active. By configuring timer settings, you can have connections that shut down automatically, saving you connection time and cost.

Enter the number of seconds that are allowed to pass before an idle connection (one that has no traffic passing over it) is terminated.

The fast idle timeout is used when one connection is active while a competing connection is waiting to be made. The fast idle timeout sets the maximum number of seconds with no interesting traffic before the active connection is terminated and the competing connection is made.

This occurs when the interface has an active connection to a next hop IP address and the interface receives interesting data with a different next hop IP destination. Because the dialer connection is point-to-point, the competing packet cannot be delivered until the current connection is ended. This timer sets the amount of time that must pass while the first connection is idle before that connection will be terminated and the competing connection made.

Enable Multilink PPP

Multilink PPP is available only for ISDN BRI connections. Multilink PPP lets you load-balance data over multiple ISDN BRI B channels. With multilink PPP, when an ISDN connection is initially made, only one B channel is used for the connection. Should the traffic load on the connection exceed the specified threshold (entered as a percentage of total bandwidth), then a connection with a second B channel is made, and the data traffic is shared over both connections. This has the advantage of reducing connection time and cost when data traffic is low, but letting you use your full ISDN BRI bandwidth when it is needed.

Check this check box if you want to enable multilink PPP. Uncheck it if you do not.

Use this field to configure the percentage of bandwidth that must be used on a single ISDN BRI channel before another ISDN BRI channel connection will be made to load-balance traffic. Enter a number between 1 and 255, where 255 equals 100 percent of bandwidth on the first connection being utilized.

Backup Configuration

ISDN BRI and analog modem interfaces can be configured to work as backup interfaces to other, primary interfaces. In that case, an ISDN or analog modem connection will be made only if the primary interface goes down for some reason. Should the primary interface and connection go down, the ISDN or analog modem interface will immediately dial out and try to establish a connection so that network services are not lost.

Enable Backup

Check this check box if you want this ISDN BRI or analog modem interface to act as a backup connection. Uncheck this check box if you do not want the ISDN BRI or analog modem interface to be a backup interface.

Primary Interface

Choose the interface on the router that will maintain the primary connection. The ISDN BRI or analog modem connection will only be made should the connection on the chosen interface go down.

Tracking Details

Use this section to identify a specific host to which connectivity must be maintained. The router will track connectivity to that host, and if the router discovers that connectivity to the host specified has been lost by the primary interface, this will initiate a backup connection over the ISDN BRI or analog modem interface.

Enter the hostname or IP address of the destination host to which connectivity will be tracked. Specify an infrequently contacted destination as the site to be tracked.

This is a read-only field that displays an internal object number generated and used by SDM for tracking the connectivity to the remote host.

Next Hop Forwarding

These fields are optional. You can enter the IP address to which the primary and backup interfaces will connect when they are active. This is known as the next hop IP address. If you do not enter next hop IP addresses, SDM will configure static routes using the interface name. Note that when you back up a multipoint WAN connection, such as an Ethernet connection, you must enter next hop IP addresses in order for routing to occur properly, but when backing up a point-to-point connection, this information is not necessary.

Table Of Contents