Instruction/ maintenance manual of the product OL-7141-04 321 Studios
Go to page of 74
Corporate Headquarters Cisco S yste ms, Inc . 170 W est Tasma n Drive San Jose , CA 95134 -1706 USA http://ww w.cisco. com Tel: 408 526-400 0 800 55 3-N ETS ( 6387 ) Fax: 408 526- 4100 Cisco SDM Expre.
THE SPECIFICA TIONS AND INFORMA TIO N REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTI CE. ALL ST A TE MENTS, INFORMA TION, AND RECOMMENDA TIONS IN THIS MANUAL ARE B ELIEVED TO BE ACCURA TE BUT ARE PRESENTED WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED .
i Cisco SDM Exp ress User’s Guide Ol-7141-04 CONTENTS Cisco SDM Expres s 1 Welcome 1 Basic Conf igur ation 2 Router Prov isi oning 3 Provi sion From USB To ken 4 Provi sion From USB Fl ash 5 File S .
Contents ii Cisco SDM Exp ress User’ s Guide Ol-7141-04 Cisco Net work Ser vices 25 Securi ty S etti ngs 2 6 Disabl e SNMP 26 Disabl e Finge r Servic e 27 Disabl e PAD Servic e 27 Disab le T CP Sm a.
iii Cisco SDM Exp ress User’s Guide Ol-7141-04 Conte nts Set A uthen tica tion F ailure Rate to Less Than 3 Retr ies 41 Set Banne r 41 Enable Telnet Setti ngs 42 Enable SSH for Acce ss to th e Route.
Contents iv Cisco SDM Exp ress User’ s Guide Ol-7141-04 Date and Ti me Prop erties 15 Reset to Factor y Defau lts 16 Reconfi guri ng Your PC wit h a Stat ic or a Dyn amic IP A ddress 17 Featur e Not.
C HAPTER 1-1 Cisco SDM Express OL-7141-04 1 Cisco SDM Express The Cisc o SDM Express windows guid e you throug h basic configurati on of the router . After you complete the ba sic conf iguratio n, the rout er is av ailable on the LAN, has a W AN connect ion, and has a firew all.
Chapter 1 Cis co SDM Expres s Basic Co nfiguration 1-2 Cisco SD M Express OL-7141-04 This ta sk is bypasse d if SDP or Cisco N etwork Se rvices i s chosen for provisioning the rout er . • Identif y DNS se rvers and your organization' s domai n name .
1-3 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Router P rovi sioni ng Note Y ou will use the us ername a nd passwo rd you se t in this windo w the n e xt time you use Cisco SDM Express, and ther eafter, unless y ou chan ge it. M ake the p assword diff icult to guess but easy for you t o remember .
Chapter 1 Cis co SDM Expres s Provision From U SB Tok en 1-4 Cisco SD M Express OL-7141-04 USB Token or USB Flash Choose t his opti on if you have a US B token or USB flash device atta ched t o your router and i t conta ins th e appro priat e configur ation file.
1-5 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Provisio n From USB Flash Note Th is wi ndow appear s only if a US B token is con necte d to yo ur rout er . If b oth a USB token and a USB flas h de vice are connec ted to yo ur router , Cisco SD M Exp ress will use th e USB t oken.
Chapter 1 Cis co SDM Expres s Provision From USB Flash 1-6 Cisco SD M Express OL-7141-04 When you pro vision your router with a conf igur ation f ile, th e f ile is mer ged with the runnin g configuration, and it also becomes part of the startup c onfiguration.
1-7 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Wireless Interface Configuration Name Click Name to orde r the files and di rector ies alph abeti cally based on nam e. Clic ki ng Name again will re ver se the o rder . Size Click Size to order the files and directo ries by size.
Chapter 1 Cis co SDM Expres s LAN Inter face Configura tion 1-8 Cisco SD M Express OL-7141-04 Interf ace/Bri dge-to-Inter face List If the router has multiple LAN interfaces, the interfaces ar e displayed in this list. Select the LA N inte rface that you want t o co nf igure.
1-9 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess DHCP Server Configuration Enter a Service Set I dentif ier (SSID) for th is wireless traf f ic. The SSID is a unique identif ier th at wireless n etworking de vices use to est ablish and mainta in wireless connect i vit y .
Chapter 1 Cis co SDM Expres s DHCP S erver Con figuration 1-10 Cisco SD M Express OL-7141-04 address pool sm aller, b ut you must e nter an addr ess in the sa me subne t as th e address of the LAN interface, or Cisco SDM Express displays a message informing you that the address is in valid.
1-11 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): Ethernet Interface Use these DNS values for DH CP clients Check Box A vailable if a DHCP server is enabled on the LAN interf ace. Check if you wa nt the rout er DHCP clients to be able to use t he DNS servers whose IP addr esses you enter in this windo w .
Chapter 1 Cis co SDM Expres s Interne t (WAN): Et hernet Int erface 1-12 Cisco SD M Express OL-7141-04 IP Unnumbered Option Select IP Unnumbe red i f you wa nt the inter face to sh are an IP a ddress that has alre ady been as signe d to another interf ace.
1-13 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): Autodetect Encapsulation Internet (WAN): Auto detect Enc apsulation Cisco SDM E xpress sup ports aut odetect o n SB 10 6, SB 107, Cisco 836 and C isco 837 rout ers. Howeve r , if yo u are co nfiguring a Cisco 83 7 rou ter runni ng a C isco IOS re lease 12.
Chapter 1 Cis co SDM Expres s Interne t (WAN): U ser Specified Encapsul ation 1-14 Cisco SD M Express OL-7141-04 Encapsulati on List The encapsu lations av ailable if yo u have an ADSL , G.SHDSL , or ADSL over ISDN inter face ar e sho wn in the follo wing table.
1-15 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): User Specified Encapsulation Address Type List Select o ne of th e f ollo wing: • Static IP Addr ess —If you cho ose static IP address , enter the IP addres s and subnet ma sk or the subnet bits in the fields provided .
Chapter 1 Cis co SDM Expres s WAN Int erface S election 1-16 Cisco SD M Express OL-7141-04 Confir m Password Field Reenter t he same password that you entere d in the previous box. Refresh, Apply Changes, Discar d Changes Buttons V isible if you are ed iting an initi al conf ig uration .
1-17 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess WAN Interface S election Interf ace List Displays the interf ace name , IP addr ess, and interfac e type fo r all W AN inter faces. If no IP add ress is conf igured for an interf ace, the te xt “n o IP addre ss” is displayed.
Chapter 1 Cis co SDM Expres s WAN Int erface S election 1-18 Cisco SD M Express OL-7141-04 • Usernam e —En ter exactl y as giv en to you by your In ternet ser vice provi der or network admini strator and is u sed as the use rname f or CHAP and/or P AP authenti cation.
1-19 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess WAN Interface S election Frame Relay Configuration Settings DLCI Fiel d Enter the data lin k connection i dentif ier (DLC I) in this fi eld. This number must be uni que am ong all DLCIs u sed on t his i nterface.
Chapter 1 Cis co SDM Expres s Interne t (WAN): A dvanced O ptions 1-20 Cisco SD M Express OL-7141-04 Internet (WAN): Adva nced Options This win dow ena bles you to specify a def ault stati c rout e and to enable N A T on the router .
1-21 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Firewall Configuration Primary DNS Fiel d Enter th e IP address o f the primary Domain Nam e Serv er (DNS) that the router will use. Y our network admi nistrator or service pr ovi der will pro vide y ou with th e IP address.
Chapter 1 Cis co SDM Expres s Security Set tings 1-22 Cisco SD M Express OL-7141-04 The firew all prot ects your net work in the foll o wing ways: • Apply def ault access rules to inside and outside.
1-23 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Security Settings Disable SNMP Services on Your Router C heck Box Check to disabl e the SN MP serv ice o n your r outer . For an expl anation of why SNMP shoul d be disabled , see the hel p topic Disable SNMP .
Chapter 1 Cis co SDM Expres s Summary 1-24 Cisco SD M Express OL-7141-04 • Enab le IP C EF • Set Schedule r Interv al • Set Schedule r Alloca te • Set TCP Synw ait T ime • Enab le Log ging .
1-25 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Note When yo u click Finis h , you will lo se the con nection t o the rout er if you gave the LAN inte rf ace a ne w IP address a s we recomm end.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-26 Cisco SD M Express OL-7141-04 serv er and obtain the conf iguration. If your service pro vid er has not prov ided Cisco Ne twork Servi ces server inform ation, o r you wa nt to c onfigure the router using Cisco SDM Express, do not select this option.
1-27 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p widely used for route r monitori ng, and fre quently fo r router c onfiguration changes.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-28 Cisco SD M Express OL-7141-04 The conf igur ation that will be de li vered to the router to di sable P AD is as follo ws: no service pad Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-29 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Disable UDP Small Servers Ser vice Cisco SDM Express disables sma ll services whenev er possible. By default, Cisco devices runni ng Cisco I OS relea se 11 .3 or e arlier offer the “sm all ser vices”: echo, cha r gen, and di scar d.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-30 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to di sable BOO T P is as follows: no ip bootp server Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-31 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p no cdp run Y o u can und o this fix using the Cisco SDM Security Audit fea ture. T o learn h ow , se e th e Se c ur i t y A ud i t o n li ne h e lp in Ci s c o SD M . For more information, click Cisco Router and Security De vice Manager .
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-32 Cisco SD M Express OL-7141-04 Y o u can und o this fix using the Cisco SDM Security Audit fea ture. T o learn h ow , se e th e Se c ur i t y A ud i t o n li n e he lp i n C i sc o S D M . For more information, click Cisco Router and Security De vice Manager .
1-33 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Enable TCP Keepalives for Outbou nd Telnet Sessions Cisco SDM Express e nables TC P keepal iv e messages for both inb ound and outbound T e lnet sessions w henever possible.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-34 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to enab le Cisco Express Fo rw ardi ng i s as foll o w s: ip cef Set Scheduler Interval Cisco SDM Express conf igur es the scheduler inter v al on the router when ev e r possibl e.
1-35 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Set TCP Synwait Time Cisco SDM Express se ts the TCP synwait time to 10 sec onds wheneve r possible. The TCP synwait tim e is a value that is useful in defeat ing SYN fl ooding at tacks, a form of Den ial-o f-Serv ice (DoS) att ack.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-36 Cisco SD M Express OL-7141-04 The conf iguration that wil l be deli ve red to the router to set the TCP synwai t time to 10 seconds is as follo .
1-37 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p enabled, Cisco SDM Express will recommend that IP Cisco Express Fo rwarding be en abled and will enab le it if t he reco mmendati on i s app rov e d.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-38 Cisco SD M Express OL-7141-04 rules; some attacks are ba sed on this. Disa bling IC MP redirec ts will cause no operati onal im pact to the n etwork, a nd it e limina tes thi s possible metho d of attack.
1-39 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p directed br oadcast address, cau sing all the hosts on the target subn et to send replies to the falsified sourc e.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-40 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to disable ICMP host unreachable message s is as follo ws: int <all-interfaces> no ip unreachables Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-41 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p The conf iguratio n that will be deli ver ed to the router is as follo ws: security passwords min-length <6> S.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-42 Cisco SD M Express OL-7141-04 Enable Telnet Setting s Cisco SDM Express sec ures the co nsole, A UX, vty , and tty lines b y implem enting the f.
1-43 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p The conf iguratio n that will be deli v ered to the router to secur e access and f ile transfer functions is a s fol.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-44 Cisco SD M Express OL-7141-04 Exit Bu tton After you compl ete an initial co nf iguratio n, click Exit to close Cisco SDM Express. Refresh But ton V isible if you are ed iting an initi al conf ig uration .
1-45 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Step 2 If you conf ig ured a dif fer ent LAN inter face th an the def ault interf ace , be sure to connec t your PC to t he LAN interfac e tha t you configured.
Chapter 1 Cis co SDM Expres s SDP Troubl eshooting Tips 1-46 Cisco SD M Express OL-7141-04 SDP Troubleshooting T ips Use this info rmation before en rolling usin g Secure De vice Provisio ning (SDP) to prep are t he con nection betw een th e ro uter and t he ce rtif icate ser ver .
C HAPTER 2-1 Cisco SDM Express OL-7141-04 2 Cisco SDM Express Edit Mode SDM Expre ss edit scree ns allow you to make chang es to your LAN and W AN conf iguratio ns, and change f irewall, N A T , P A T , routing, a nd securi ty settings .
Chapt er 2 Cisco S DM Ex pres s Edit Mode Overvi ew 2-2 Cisco SD M Express OL-7141-04 • Interf ace —Th e name of the LAN interf ace . Fo r ex ampl e, F ast Eth ernet 0 . If SDM Expr ess cannot identify the rou ter’ s LAN in terfa ces, it d isplays the number of c onfigured LAN int erfaces in thi s field.
2-3 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Basic Configuration • Outsi de —The typ e of connect ion of the Inter net interfac e. Basic Configuratio n This wi ndow displays t he user account s configured on t he rout er , and enab les you to ch ange th e en able s ecre t pass wo rd.
Chapt er 2 Cisco S DM Ex pres s Edit Mode LAN 2-4 Cisco SD M Express OL-7141-04 Refresh/ Apply Changes/Discar d Changes Buttons These b uttons ar e visible if you editing an initial conf iguratio n. Click Cisco SDM Express Buttons for more infor matio n .
2-5 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Wire le ss LAN interfac e configurati on Fields Y ou can edit the IP address and subne t mask of th e LAN inter face in these f i elds. See IP Address Field if y ou need mo re infor matio n about the IP ad dress and subnet ma sk f ields.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Delete Conn ection 2-6 Cisco SD M Express OL-7141-04 Delete Connec tion When you del ete a conne ction, the re may be asso ciated configur ation com mands that can either be retained in the confi guratio n, or deleted alo ng with the connec tion.
2-7 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode NAT Unable t o configur e Firewall Window If SDM Express is unable to let you conf igu re a f ire wal l, the Unable to conf igure Fire wall w ind o w is dis pla yed.
Chapt er 2 Cisco S DM Ex pres s Edit Mode NAT 2-8 Cisco SD M Express OL-7141-04 Add Butt on Click to a dd a n e w N A T rule . Edit Bu tton Click to e dit the chos en N A T rule. Refresh But ton This bu tton is visible if you editin g an initial conf igurat ion.
2-9 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Routing The serv er i s not a web or ema il serv er , but requires p ort tr anslation to prov ide servi ce. This choise act i v ates the T ranslated Port f iel d and the Protocol drop-down menu.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Security Set tings 2-10 Cisco SD M Express OL-7141-04 Refresh/ Apply Changes/Discar d Changes Buttons These b uttons ar e visible if you are editi ng an initial conf igur ation. Click Cisco SDM Express Buttons for more infor matio n .
2-11 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Security Settings • Disable I P Redirect s • Disable I P Proxy A RP • Disab le IP Direct ed Broa dcas t • Disable MOP S.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Tools 2-12 Cisco SD M Express OL-7141-04 Tools SDM Ex press provi des a nu mber of too ls that you ca n use Ping Optio n Click to open a w indow in which you can spec ify the source and destinati on of the ping.
2-13 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Tools Source Fi eld Select or enter the IP a ddress whe re you want the pi ng to origi nate. If th e address you want t o use is no t in th e list, you can en ter a d ifferent o ne in the field.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Tools 2-14 Cisco SD M Express OL-7141-04 CCO Login Y o u must provide a CCO login a nd password to access this web pa ge.
2-15 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Date and Time Properties Step 3 SDM will enabl e you to locate the file SDM-Update s.xml on the CD . When you locate the f ile , click Ope n . Step 4 Foll ow th e instructions in the in stallation wiz ard.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Reset to Factory D efaults 2-16 Cisco SD M Express OL-7141-04 Apply Button Click to ap ply the dat e and time setti ngs you have made in the Dat e, T ime, and Ti m e Z o n e f i e l d s .
2-17 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Reset to Factory Defaults If you have a router listed in the fol lowing table, configure t he PC w ith an IP address i n the 10.10.10. 0 subnet, bet ween 10.10 .10.2 and 10.10.10.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Reset to Factory D efaults 2-18 Cisco SD M Express OL-7141-04 Micr osoft Wind ows N T From th e Contr ol Panel, double- click th e Ne twork icon to display the Network windo w . Cl ick P r ot ocol s , select the first TCP/IP Protocol en try , and click Properti es .
2-19 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Feature N ot Avail able Feature Not Available This w indow appear s when the f eature you are attem pting to configure is not av ailable. Thi s may occur when the IOS imag e or the route r hard ware do es not support the feature.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Feature Not Avai lable 2-20 Cisco SD M Express OL-7141-04.
IN- 1 Cisco SDM Express OL-7141-04 INDEX B banner, configur ing 41 BOOTP, disab ling 29 C CDP, disabling 30 CEF, enablin g 33 CHAP 12, 15 D DHCP 11, 15 DLCI 19 dynam ic IP addres s 11, 15 E enca psula.
Index IN-2 Cisco SD M Express OL-7141-04 L LMI 19 logging enab lin g 36 enab ling sequ ence numbers and time stamps 33 M MOP service, disabling 39 N NetFlow, enabli ng 32 P PAD ser vi ce , di sa bli n.
An important point after buying a device 321 Studios OL-7141-04 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought 321 Studios OL-7141-04 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data 321 Studios OL-7141-04 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, 321 Studios OL-7141-04 you will learn all the available features of the product, as well as information on its operation. The information that you get 321 Studios OL-7141-04 will certainly help you make a decision on the purchase.
If you already are a holder of 321 Studios OL-7141-04, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime 321 Studios OL-7141-04.
However, one of the most important roles played by the user manual is to help in solving problems with 321 Studios OL-7141-04. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device 321 Studios OL-7141-04 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center