cc/td/doc/product/vpn/solution/aswan15
hometocprevnextglossaryfeedbacksearchhelp

Table of Contents

Introduction
Operation and Maintenance Tasks
Using IP Solution Center Version 3.0 for Operations and Maintenance
Using Cisco IOS Software for Operations and Maintenance

Introduction


This chapter provides general information on operations and maintenance. It is assumed that all of the components of this solution have been correctly installed, configured, and provisioned, and that a basic solution network is in service.

For an overview of the topics in each chapter, refer to Document Organization, page Document Organization.

This chapter covers the following major topics:

To properly operate and maintain the Cisco network-based IPSec VPN solution Release 1.5, make sure you have read the following documents:

These are available at the Network-Based IPSec VPN website, at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/vpn/solution/index.htm

Operation and Maintenance Tasks

There are a variety of tasks that we recommend you attend to on a routine basis. Other tasks can be performed as needed, although you may want to schedule certain critical tasks depending on the needs of your network. This section presents the following topics:

Routine Tasks

Table 1-1 identifies, at a high level, the tasks that service providers must perform on a daily, weekly, monthly, and annual basis to operate and maintain the health of their Cisco network-based IPSec VPN solution Release 1.5 network.

Table 1-1   Routine Operations and Maintenance Tasks

Frequency Task Notes

Daily

Monitor alarms from all platforms in network

View alarms on the platform directly, or use ISC Version 3.0.

Review system logs

View alarms on the platform directly.

Weekly

Back up all relevant data and configuration information for all network platforms.

The service provider must develop a process for determining relevant data and platforms.

Visit Cisco websites regularly to see if solution release notes have been updated to recommend new software releases.

As new releases become available and caveats are added or resolved, the solution release notes are updated.

Monthly

In a maintenance window, test the ability of the solution components to failover from active to standby.

If failover is not tested regularly, redundant equipment is of little value.

Annually

Plan for the possibility of a major network upgrade of Cisco software.

Besides Cisco IOS software, changes in hardware, particularly in memory, may be required.

Review overall network traffic requirements to ensure that traffic is being served properly by existing network.

General Operations and Maintenance Guidelines

To maintain your solution network, follow these general best practices:

Table 1-2 lists general operations and maintenance guideline links for the hardware components of the Cisco network-based IPSec VPN solution Release 1.5.

Table 1-2   General Operations and Maintenance Guidelines for Solution Components

Component Maintenance Guideline Links

Cisco 7204 router

http://www.cisco.com/univercd/cc/td/doc/product/core/7204/7204ig/main4icg.htm

Cisco 7206 router

http://www.cisco.com/univercd/cc/td/doc/product/core/7206/7206ig/addpr6ug.htm

AAA server

Any RADIUS server (such as Cisco Access Registrar) that understands Cisco AV pairs can be used. See http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fsecsp/scfrad.htm#79543

Using IP Solution Center Version 3.0 for Operations and Maintenance

The Cisco IP Solution Center (ISC) Version 3.0 provides management of IPSec VPN services throughout the service life cycle including service provisioning and activation on customer-edge and provider-edge routers, service auditing and service-level agreement (SLA).

For service providers using the IPSec or MPLS transport framework, the Cisco ISC Version 3.0 provides a full complement of provisioning, monitoring, and administration tools that simplify the inherent complexities of managing a VPN infrastructure.

You can use ISC Version 3.0 to direct the operations of the following components of the Cisco network-based IPSec VPN solution Release 1.5:

You can also us the Cisco ISC Version 3.0 application to direct the operations of the following customer premise equipment:

For information on using the Cisco ISC Version 3.0, refer to Cisco ISC Version 3.0 documentation at the following URL: http://www.cisco.com/univercd/cc/td/doc/ .

Routine Maintenance

Use ISC Version 3.0 to perform the following operational tasks.

Defining IPSec Networks and Customers

Defining VPNs and Provisioning Service Requests

Provisioning the Cisco VPN 3002

Monitoring IPSec VPN Performance

Using Cisco IOS Software for Operations and Maintenance

Monitoring Network Performance Using Cisco IOS Commands

It is critical to monitor the operating environments of network devices, such as voltage, temperature, and airflow, and ensure that they are operating within specifications. Software components such as buffers and memory can have a significant impact on the protocols running on the device.

CPU utilization is a useful performance indicator on the Cisco devices. By measuring CPU use over time, a trend can be established to determine traffic patterns. Devices running constantly at high utilization levels can affect the overall performance of forwarding and processing packets. CLI commands on the Cisco devices can display the CPU utilization and information on running processes. You can access information returned on the CPU load by means of objects defined in MIB files.

Target Platforms

The Cisco IOS software CLI manages the following components of the Cisco network-based IPSec VPN solution Release 1.5:

Cisco IOS Software References

The following paragraphs provide references to URLs for Cisco IOS, system error messages, and debug commands.

Cisco IOS Software

For the details of Cisco IOS software Release 12.2, refer to the following URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/

System Error Messages

The system software sends these error messages to the console (and, optionally, to a logging server on another system) during operation. Not all system error messages indicate problems with your system. Some are purely informational, and others may help diagnose problems with communications lines, internal hardware, or the system software.

See Cisco IOS System Error Messages, Cisco IOS Release 12.2 at the following URL: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122sems/

Debug Command Reference

For details on debugging commands, refer to Cisco IOS Debug Command Reference, Cisco IOS Release 12.2, at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122debug/


hometocprevnextglossaryfeedbacksearchhelp
Posted: Tue May 20 12:29:53 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.