Chapter 1 Introduction 5
Part Ⅰ: Introduction to Remote Access Networks 5
Part Ⅱ: Identifying Cisco Solutions to Remote Access Needs 5
Part Ⅲ: Enabling On-Demand Connections to the Central Site 6
Part Ⅳ: Enhancing On-Demand Connectivity 6
Part Ⅴ: Enabling Permanent Connections to the Central Site 7
Part Ⅵ: Scaling Remote Access Networks 7
Appendixes 8
Case Studies and Review Questions 8
Who Should Read this Book? 10
Conventions Used in this Book 10
Illustration Iconography 10
Command Syntax Conventions 11
Author's Notes,Key Concepts,Notes,and Warnings 12
Chapter 2 Selecting Cisco Products for Remote Connections 17
Remote Access Overview 17
Defining WAN Connection Types 18
Dedicated Connections 18
Circuit-Switched Connections 20
Packet-Switched Connections 22
Defining WAN Encapsulation Protocols 23
PPP Encapsulation 24
X.25 and Frame Encapsulations 24
Determining the WAN Type to Use 25
Selecting WAN Configuration Types 25
WAN Connections—Speed Comparison 26
WAN Connections Summary 27
Identifying Site Requirements 27
Central Site Considerations 28
Branch Office Considerations 29
Telecommuter Site Considerations 31
Selecting Cisco Remote Access Solutions 31
Determining the Appropriate Interfaces—Fixed Interfaces 34
Determining the Appropriate Interfaces—Modular Interfaces 34
Selecting Products with Cisco Product-Selection Tools 35
Product Selection Tool Example 36
Summary 37
Review Questions 37
Chapter 3 Assembling and Cabling the WAN Components 39
Network Overview 40
Identifying Company Site Equipment 40
Central Site Router Equipment 41
Branch Office Router Equipment 42
Telecommuter Site Router Equipment 43
Assembling and Cabling the Network 43
Verifying Network Installation 45
Verifying Central Site Installation 45
Verifying Branch Office Installation 47
Verifying Telecommuter Site Installation 48
Summary 50
Review Questions 50
Chapter 4 Configuring Asynchronous Connections with Modems 55
Modem Overview 56
Modem Signaling and Cabling 58
Data Transfer Group 59
Flow Control Group 59
Modem Control Group 60
Communication Termination 60
Modem Operation 61
Communication Wiring and Cabling 62
Modem Modulation Standards 66
Error Control and Data Compression 67
Configuration for Asynchronous Connections 69
EXEC Connection Commands 71
Line Types and Numbering 72
Router Configuration 75
Interface Async and Line Configuration 75
Basic Async Configuration—Router Preparation 76
Basic Async Configuration—Modem Preparation 77
Manual Configuration of Modems 78
Automatic Configuration of Modems 81
Chat-Scripts for Async Lines 86
Verifying and Debugging Modem Autoconfiguration 88
Troubleshooting Modem Autoconfiguration 89
Summary 90
Case Study 4-1—Configuring Asynchronous Connections with Modems 90
Scenario 90
Task 1—Setting Up the Initial Configuration of the Central Site Router 90
Task 2—Configuring the Serial Interface and Line 91
Task 3—Configuring the Central Site Modem 91
Task 4—Configuring the PC Modem and Connecting to Central Site 91
Task 5—Simplifying Router Modem Configuration with Autoconfigure 91
Solution to Case Study 4-1—Configuring Asynchronous Connections with Modems 92
Task 1 Solution—Setting Up the Initial Configuration of the Central Site Router 92
Task 2 Solution—Configuring the Serial Interface and Line 93
Task 3 Solution—Configuring the Central Site Modem 94
Task 4 Solution—Configuring the PC Modem 94
Task 5 Solution—Simplifying Router Modem Configuration with Autoconfigure 96
Case Study Conclusion 96
Case Study 4-2—Configuring Remote WAN Routers 96
Scenario 96
Solution to Case Study 4-2—Configuring Remote WAN Routers 97
Solution Summary 101
Review Questions 101
Chapter 5 Configuring Point-to-Point Protocol and Controlling Network Access 103
PPP Overview 103
PPP Architecture 104
PPP Mechanisms 104
PPP Functional Components 105
Related RFCs 106
Configuring Cisco Access Servers 106
Enabling PPP 108
Configuring Dedicated or Interactive PPP (and SLIP) Sessions 108
Configuring the Interface Addressing Method for Local Devices 109
Configuring the Interface-Addressing Method for Remote Devices 110
PPP Link Control Protocol Options 111
PAP and CHAP Authentication 112
Configuring PAP Authentication 113
Configuring CHAP Authentication 115
PPP Callback 121
Callback: How Does it work? 122
Configuring Async Callback 124
PPP Compression 127
Configuring Compression 128
PPP Multilink 129
Multilink Operation and Configuration 130
Verifying and Troubleshooting PPP 131
Summary 133
Case Study—Configuring PPP and Controlling Network Access with CHAP 134
Scenario 134
Task 1—Configuring PPP on Your Central Site Router 135
Task 2—Configuring Your Central Site Router to Accept Telnet Connections 135
Task 3—Verifying Your PPP Configuration 136
Solution to Case Study—Configuring PPP and Controlling Network Access with CHAP 136
Task 1 Solution—Configuring PPP on Your Central Site Router 136
Task 2 Solution—Configuring Your Central Site Router to Accept Telnet Connections 138
Task 3 Solution—Verifying Your PPP Configuration 138
Case Study Conclusion 140
Supplement 5-1—IP Address Negotiations 140
Supplement 5-2—Authentication Process with Windows 95 and Cisco Routers 141
Review Questions 142
Chapter 6 Accessing the Central Site with Windows 95 145
Windows 95 Dial-Up Networking Overview 146
The Basics 146
The Issues 146
LAN Connection Protocols 147
Configuring a Windows 95 Dial-Up Connection 148
Configuring a Windows 95 Dial-Up Client 149
Verifying a Windows 95 Dial-Up Connection 151
Summary 152
Configuring a Windows 95 Dial-Up Connection Using ISDN and DDR to Enhance Remote Connectivity 153
Scenario 153
Task 1—Setting Up Windows 95 with Your Network and Dialing 154
Task 2—Setting Dial-Up Connection Properties 154
Task 3—Making the Connection 154
Solution to Case Study—Configuring a Windows 95 Dial-Up Connection 155
Task 1 Solution—Setting Up Windows 95 with Your Network and Dialing 155
Task 2 Solution—Setting Dial-Up Connection Properties 157
Task 3 Solution—Making the Connection 159
Review Questions 161
Chapter 7 Using ISDN and DDR Technologies to Enhance Remote Connectivity 165
ISDN Overview 165
ISDN versus Asynchronous 165
SDN Services and Channelized E1 and T1 167
BRI Call Processing 169
BRI Functional Groups and Reference Points 170
PRI—Reference Points 173
ISDN Protocol Layers 174
ISDN Layer 1 174
ISDN Layer 2 176
ISDN Layer 3—Channel Q.931 177
ISDN Call Setup 177
ISDN Call Teardown 178
ISDN BRI and DDR Overview 179
Configuring an ISDN BRI 181
Step 1—Selecting the ISDN Switch Type 182
Step 2—Configuring the Interface 183
Step 3—Setting the Service Profile Identifiers (SPID), If Necessary 184
Step 4—Setting the Encapsulation Protocol 185
Configuring Dial-on-Demand Routing (DDR) 185
Step 1—Defining what Constitutes Interesting Traffic 186
Step 2—Assigning the Dialer-List to an Interface 187
Step 3—Defining Destination Parameters 187
Step 4—Defining Optional Call Parameters 188
Static and Default Routing 189
Static Route 189
Default Route 190
Setting Route Redistribution 190
Deactivating Routing Updates 191
Configuring a Router for Initiating an ISDN Call 192
Using an Extended Access-List to Define a Dialer-List 194
Optional Configurations 196
B Channel Aggregation 196
ISDN Caller Identification 200
Called-Party Number Answering 201
ISDN Rate Adaptation 202
Monitoring the 1SDN Interface 203
The show interface bri Command 203
The show isdn status Command 205
Verifying PPP Multilink 206
Troubleshooting Multilink PPP 208
ISDN debug Commands 209
ISDN Primary Rate Interface 210
Selecting the PRI switch 211
Selecting the ISDN PRI Controller for Configuration 211
Configuring the Framing, Linecoding, and Clocking of the Controller 212
Additional ISDN PRI Configuration Parameters 213
PRI Configuration Example 215
Summary 216
Case Study—Using 1SDN and DDR to Enhance Remote Connectivity 216
Scenario 218
Task 1—Configuring ISDN BRI On Your Branch Office Router 218
Task 2—Configuring ISDN PRI on Your Central Site Router 219
Task 3—Verifying the ISDN Connection 220
Solution to Case Study—Using ISDN and DDR to Enhance Remote Connectivity 220
Task 1 Solution—Configuring ISDN BRI on your Branch Office Router 221
Task 2 Solution—Configuring ISDN PRI on Your Central Site Router 223
Task 3 Solution—Verifying the ISDN Connection 227
Case Study Conclusion 231
Review Questions 231
Chapter 8 Optimizing the Use of DDR Interface—Dialer Profiles and Rotary Groups 233
Dialer Rotary Overview 234
Creating and Configuring a Rotary Group 234
Configuring the Interface Dialer 235
Dealing with Dialer Timers 236
Dialer Profile Overview 238
Components of Dialer Profile 239
Example of Dialer Profile Configuration 246
Verifying a Dialer Profile Configuration 247
Summary 248
Case Study—Using Dialer Profiles to Enhance DDR 248
Scenario 249
Task 249
Solution to Case Study—Using Dialer Profiles to Enhance DDR 250
Case Study Conclusion 255
Review Questions 255
Chapter 9 Configuring a Cisco 700 Series Router 257
Cisco 700 Series Overview 257
Cisco 700 Series Features 259
Networking Features 259
Routing and WAN Features 260
ISDN and Telephony Features 261
Cisco IOS-700 Release 4.x—Summary of Features 261
Profile Overview 262
Cisco 700 User Interface 267
Configuring the Cisco 700 Series 267
System Level Configuration 268
LAN Profile Configuration 269
User Profile Configuration 273
Cisco 700—Configuration Example 277
Additional Interface Configuration 278
Caller ID 279
PPP Callback No Authorization 280
PPP Callback—Receive Number Authorization 280
Cisco 700 and Cisco IOS Configuration Examples 281
IP Traffic with CHAP Authentication between a Cisco 700 and an IOS-Based Router 281
IP Traffic with PAP Authentication between Two Cisco 700s 285
IPX Traffic with CHAP Authentication between a Cisco 700 and an IOS-based Router 286
Authentication Quick Reference Guide 288
Monitoring IP Routing 290
Cisco 700 Series and DHCP 291
Cisco 700—DHCP Functionality 291
Summary 296
Case Study—Configuring a Cisco 700 Series Router 296
Scenario 297
Task 1—Resetting the Cisco 700 to Default Settings 297
Task 2—Configuring the Cisco 700 to Communicate with the Central Site Router 297
Task 3—Configuring the Cisco 3640 to Communicate with the Cisco 700 298
Task 4—Placing a Manual ISDN Call from the Cisco 700 299
Task 5—Configuring the Cisco 700 to Receive Incoming Calls from the Central Site 299
Solution to Case Study—Configuring a Cisco 700 Series Router 299
Task 1 Solution—Resetting the Cisco 700 to Default Settings 299
Task 2 Solution—Configuring the Cisco 700 to Communicate with the Central Site Router 300
Task 3 Solution—Configuring the Cisco 3640 to Communicate with the Cisco 700 301
Task 4 Solution—Placing a Manual ISDN Call from the Cisco 700 302
Task 5 Solution—Configuring the Cisco 700 to Receive Incoming Calls from the Central Site 302
Case Study Conclusion 308
Review Questions 308
Chapter 10 Using X.25 for Remote Access 313
X.25 Overview 313
X.25 Protocol Stack 314
X.25 DTE and DCE 315
The Packet Assembler/Deassembler (PAD) 316
X.121—The X.25 Addressing Standard 317
X.25 Encapsulation 318
X.25 Virtual Circuits 319
Single Protocol Virtual Circuits 320
Multiprotocol Virtual Circuits 320
Configuring X.25 321
Configuring the X.121 address 321
Configuring X.25 SVCs 322
Configuring X.25 PVCs 325
Additional X.25 Configuration Tasks 326
Configuring X.25 VC Ranges 327
Configuring X.25 Packet Sizes 328
Configuring Window Parameters 329
Additional X.25 Configuration Options Example 330
Verifying X.25 Configuration 330
Summary 331
Case Study—Using X.25 for Remote Access 331
Scenario 331
Task 1—Configuring X.25 at the Central Site 332
Task 2—Configuring X.25 at the Branch Office 333
Solution to Case Study—Using X.25 for Remote Access 333
Task 1 Solution—Configuring X.25 at the Central Site 333
Task 2 Solution—Configuring X.25 at the Branch Office 335
Review Questions 337
Chapter 11 Frame Relay Connection and Traffic Flow Control 339
Frame Relay Overview 340
Frame Relay Operation 341
Frame Relay Signaling 343
Configuring Frame Relay 345
Verifying Frame Relay Configuration and Operations 348
show interface serial Command 348
show frame-relay pvc Command 349
show frame-relay map Command 350
show frame-relay lmi Command 350
Frame Relay Topologies 350
Reachability Issues with Routing Updates 352
Solution for Split Horizon Issues—Subinterfaces 353
Configuring Frame Relay Subinterfaces 354
Frame Relay Traffic-Shaping Overview 357
Traffic Shaping and Flow Terminology 358
Using Traffic Shaping over Frame Relay 360
Configuring Frame Relay Traffic Shaping 362
Ways to Define a Map Class 363
Traffic Shaping Examples 364
Rate Enforcement Example 365
Dynamic Enforcement Example 366
Queuing Example 368
Verifying Frame Relay Traffic Shaping 369
Case Study—Establishing a Dedicated Frame Relay Connection and Controlling Traffic Flow 370
Scenario 370
Task 1—onfiguring Frame Relay Subinterfaces on the Central Site Router 371
Task 2—Configuring Frame Relay on the Branch Office Router 371
Task 3—Verifying Frame Relay Operation 372
Task 4—Enabling Frame Relay Traffic-Shaping BECN Support from the Central Site 372
Solution to Case Study—Establishing a Dedicated Frame Relay Connection and Controlling Traffic Flow 372
Task 1 Solution: Configuring Frame Relay Subinterfaces on the Central Site Router 372
Task 2 Solution—Configuring Frame Relay on the Branch Office Router 374
Task 3 Solution—Verifying Frame Relay Operation 375
Task 4 Solution—Enabling Frame Relay Traffic-Shaping BECN Support from the Central Site 376
Case Study Conclusion 377
Review Questions 377
Chapter 12 Enabling Backup to a Permanent Connection 379
Dial Backup Overview 379
Configuring Dial Backup 379
Example of Dial Backup for Link Failure 380
Activating a Dial Backup to Support Primary Line Traffic 382
Example of Dial Backup for Excessive Traffic Load 383
Backup Interface Operations 384
Dialer Profiles as Backup Interfaces 385
Configuring Dial Backup with Dialer Profiles 386
Routing with the Load Backup Feature 387
Load Backup with OSPF 387
Load Backup with IGRP and EIGRP 388
Verifying Dial Backup Configuration 390
Summary 391
Case Study—Enabling a Backup to a Permanent Connection 391
Scenario 391
Task 1—Prepare the Branch Office Router's BRI Interface to Be a Dial Backup 392
Task 2—Establish a Backup Connection for the Central Site's Frame Relay Link 393
Task 3—Verify and Enable the Dial Backup 393
Solution to Case Study—Enabling a Backup to a Permanent Connection 393
Task 1 Solution—Prepare the Branch Office Router's BRI Interface to Be a Dial Backup 394
Task 2 Solution—Establish a Backup Connection for the Central Site's Frame Relay Link 394
Task 3 Solution—Verify and Enable the Dial Backup 395
Case Study Conclusion 397
Review Question 397
Chapter 13 Managing Network Performance with Queuing and Compression 399
Queuing Overview 399
The Need for Traffic Prioritization 400
Establishing a Queuing Policy 400
Choosing a Cisco IOS Queuing Option 401
First In, First Out Queuing Overview 402
Weighted Fair Queuing Overview 402
Configuring Weighted Fair Queuing 404
Priority Queuing Overview 405
Configuring Priority Queuing 407
Custom Queuing Overview 411
Custom Queuing Operation 411
Configuring Custom Queuing 412
Custom Queuing Example 415
Verifying Queuing Operation 416
Queuing Comparison 417
Optimizing Traffic Flow with Data Compression 418
Compression Overview 418
Link Compression Over a Point-to-Point Connection 420
Payload Compression 420
TCP IP Header Compression 421
Microsoft Point-to-Point Compression 421
Compression Considerations 423
Configuring Data Compression 424
Summary 424
Case Study—Managing Network Performance with Queuing and Compression 424
Scenario 425
Task 1—Devise a Queuing Strategy 425
Task 2—Verify Your Queuing Configuration 425
Solution to Case Study—Managing Network Performance with Queuing and Compression 426
Task 1 Solution—Devise a Queuing Strategy 426
Task 2 Solution—Verify Your Queuing Configuration 427
Example of Custom Queue Configuration 428
Case Study Conclusion 429
Review Questions 429
Chapter 14 Scaling IP Addresses with Network Address Translation 433
NAT Overview and Terminology 434
NAT Implementation Considerations 436
NAT Operation 437
Traffic Types Supported in Cisco IOS NAT 438
Translating Inside Local Addresses 439
Overloading Inside Global Addresses 441
TCP Load Distribution 442
Handling Overlapping Networks 443
Configuring NAT 444
Static NAT Configuration 444
Dynamic NAT Configuration 446
Inside Global Address Overloading Configuration 447
TCP Load Distribution Configuration 448
NAT to Translate Overlapping Addresses Configuration 449
Verifying and Troubleshooting NAT 451
Verifying NAT 451
Troubleshooting NAT 452
Clearing NAT Translation Entries 453
Configuring and Troubleshooting PAT On the 700 Router 454
PAT Porthandler Operation 455
Configuring PAT 455
Monitoring PAT 456
Summary 457
Case Study—Scaling IP Addresses with Network Address Translation 457
Scenario 457
Task 1—Configuring Static Network Address Translation on the Branch Office Router 458
Task 2—Configuring Dynamic Network Address Translation on the Branch Office Router 458
Solution to Case Study—Scaling IP Addresses with Network Address Translation 458
Task 1 Solution—Configuring Static Network Address Translation on the Branch Office Router 458
Task 2 Solution—Configuring Dynamic Network Address Translation on the Branch Office Router 460
Case Study Conclusion 460
Review Questions 461
Chapter 15 Using AAA to Scale Access Control in an Expanding Network 463
Overview of Cisco Access Control Solutions 463
Overview of Cisco Secure 465
Understanding AAA 467
Router Access Modes 467
Configuring AAA 468
Enabling AAA and Identifying the Server 468
AAA Authentication Commands 469
AAA Authorization Commands 473
AAA Accounting Commands 476
AAA and Virtual Profiles 477
Summary 479
Case Study—Using AAA to Scale Access Control in an Expanding Network 479
Scenario 479
Task 1—Configure the Central Site Access Server for AAA 480
Task 2—Verify the Console Back Door 481
Task 3—Verify that a Valid Network Login Attempt Will Succeed 481
Task 4—Verify that an Invalid Network Login Attempt Fails 481
Case Study Solution—Using AAA to Scale Access Control in an Expanding Network 481
Task 1—onfigure the Central Site Access Server for AAA 481
Task 2—Verify the Console Back Door 483
Task 3—Verify that a Valid Network Login Attempt will Succeed 483
Task 4—Verify that an Invalid Network Login Attempt Fails 483
Case Study Conclusion 484
Review Questions 484
Appendix A Summary of BCRAN Commands 489
General Commands 489
General Configuration Commands 490
General Interface Configuration Commands 491
General IP Commands 493
IP Interface Configuration Command 494
General AAA Commands 494
General Line Configuration Commands 495
Map-Class Command 496
T1/E1 Controller Commands 496
General WAN Commands 496
WAN Configuration Commands 497
Cisco 700 IOS System Commands 498
Cisco 700 IOS Profile Commands 499
Appendix B Summary of ICRC Commands 503
General Commands 503
General Configuration Commands 505
General Interface Configuration Commands 506
General IP Commands 506
IP Configuration Commands 507
General IPX Commands 508
IPX Configuration Commands 508
General AppleTalk Commands 509
Apple Talk Configuration Commands 509
General WAN Commands 510
WAN Configuration Commands 510
General DECnet Commands 512
DECnet Configuration Commands 513
General Vines Commands 513
Vines Configuration Commands 513
Appendix C Open Systems Interconnection (OSI) Reference Model 515
Characteristics of the OSI Layers 516
Protocols 516
OSI Model and Communication Between Systems 517
Interaction between OSI Model Layers 517
OSI Layer Services 518
OSI Model Layers and Information Exchange 519
OSI Model Physical Layer 520
OSI Model Data Link Layer 521
OSI Model Network Layer 522
OSI Model Transport Layer 522
OSI Model Session Layer 522
OSI Model Presentation Layer 523
OSI Model Application Layer 523
Information Formats 524
Appendix D AT Commands for Modems and Chat-Scripts 527
Entering AT Commands 527
AT Command Sets 527
Modem Troubleshooting Tips 545
Sample Modem Scripts 546
Appendix E RFC List 557
Appendix F Emerging and Complementary Technologies 559
Cable Modems 559
XDSL 560
VPN and Layer 2 Tunneling Protocol 561
Mobile IP 562
Easy IP 562
Cisco DialOut Utility 563
Multichassis Multilink PPP 563
X.25 Over D Channel 564
Appendix G X.25 and Frame Relay Switching 567
Setting Up the Router as an X.25 Switch 567
Complete X.25 Switch Configuration 568
Setting up the Router as a Frame Relay Switch 569
Configuring Switching 570
Frame Relay Switching Example 571
Complete Frame Relay Switch Configuration 572
Appendix H Answers to Review Questions 575
Chapter 2—Selecting Cisco Products for Remote Connections 575
Chapter 3—Assembling and Cabling the WAN Components 576
Chapter 4—Configuring Asynchronous Connections with Modems 576
Chapter 5—Configuring Point-to-Point Protocol and Controlling Network Access 577
Chapter 6—Accessing the Central Site with Windows 95 577
Chapter 7—Using ISDN and DDR Technologies to Enhance Remote Connectivity 577
Chapter 8—Optimizing the Use of DDR Interface—Dialer Profiles and Rotary Groups 578
Chapter 9—Configuring a Cisco 700 Series Router 578
Chapter 10—Using X.25 for Remote Access 579
Chapter 11—Frame Relay Connection and Traffic Flow Control 579
Chapter 12—Enabling Backup to a Permanent Connection 580
Chapter 13—Managing Network Performance with Queuing and Compression 580
Chapter 14—Scaling IP Addresses with Network Address Translation 580
Chapter 15—Using AAA to Scale Access Control in an Expanding Network 581
Appendix I BCRAN Case Study Addresses and Dial-Up Phone Numbers 583
Overview 583
BCRAN Case Study Addresses and Dial-Up Phone Number Matrix, Part Ⅰ 583
BCRAN Case Study Addresses and Dial-Up Phone Number Matrix, Part Ⅱ 584
Pod Topology 585
Glossary 591
Index 625