cc/td/doc/cisintwk/intsolns
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Commissioning the Cisco AS5400 Hardware

Commissioning the Cisco AS5400 Hardware

In this Section

This section describes how to configure Cisco AS5400 to support terminal EXEC shell services and login prompts for client modems.

In this case study, Maui Onions commissions the Cisco AS5400. Local-based authentication is used. After the Cisco AS5400 is commissioned, Maui Onions configures and tests PPP as described in the section "Configuring PPP and Authentication." In the future, Maui Onions will use a AAA TACACS+ server.

Note   For a description of terminal EXEC shell services, see the section "Testing Asynchronous-Shell Connections" section

Understanding the Basic Hardware Architecture

Figure 2-1shows the logical and physical system architecture for the Cisco AS5400. It illustrates the components used to process a call.


Figure 2-1: Cisco AS5400 Basic System Architecture

Figure 2-1 shows:

One analog PPP call consumes

One synchronous PPP call consumes:

Task 1. Verifying Basic Setup

The following subsections detail the tasks required to verify that basic system components are functioning normally:

1.1 Analyzing the System Boot Dialog

The Cisco AS5400 has a specific boot sequence. To view the boot sequence through a terminal session, you must have a console connection to the access server before it powers up.

Note   If you observe no messages on the console port, check that the baud rate is configured correctly. The Cisco AS5400 console port can support a baud rate up to 115200.

The following boot sequence occurs. Event numbers and comments are inserted in the example to describe the boot sequence.

System Bootstrap, Version 12.0(20000106:234457) [tombnyg-rommon_1_6 106], DEVELOPMENT SOFTWARE REV 1.6
Copyright (c) 1994-2000 by cisco Systems, Inc.
AS5400 platform with 131072 Kbytes of main memory
 
 
Self decompressing the image : #################################################
##################################################### [OK]
Self decompressing the image : #################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################### [OK]

Event 1—In the previous segment, the NAS decompresses the system boot image, tests the NVRAM for validity, and decompresses the Cisco IOS image. 

Restricted Rights Legend
 
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
 
           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706
 
 
 
Cisco Internetwork Operating System Software 
IOS (tm) 5400 Software (C5400-JS-M), Version 12.1(3)T,  RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 20-Jul-00 03:02 by ccai
Image text-base: 0x60008968, data-base: 0x61000000
 
cisco AS5400 (R7K) processor (revision O) with 131072K/65536K bytes of memory.
Processor board ID JAB0351040G
R7000 CPU at 250Mhz, Implementation 39, Rev 1.0, 256KB L2, 2048KB L3 Cache
Last reset from IOS reload
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
Primary Rate ISDN software, Version 1.1.
Manufacture Cookie Info:
 EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x31,
 Board Hardware Version 3.21, Item Number 800-5171-01,
 Board Revision 017, Serial Number JAB0351040G,
 PLD/ISP Version 1.0,  Manufacture Date 6-Jan-2000.
Processor 0xFF, MAC Address 0x03096F818
Backplane HW Revision FF.FF, Flash Type 5V
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
108 terminal line(s)
8 Channelized T1/PRI port(s)
512K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
8192K bytes of processor board Boot flash (Read/Write)

Event 2—The following components are detected: Cisco IOS Release, available memory, hardware interfaces, and modem lines.

If a hardware card is not recognized, verify that you are running the optimum version of Cisco IOS. Refer to the Hardware-Software Compatibility Matrix at the following URL:

http://cco-sj-1.cisco.com/cgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi

--- System Configuration Dialog ---
 
Would you like to enter the initial configuration dialog? [yes/no]: no

Would you like to terminate autoinstall? [yes]: yes

Event 3—Because the NAS has never been configured, the NAS cannot find a startup-config file. Therefore, the software asks, "Would you like to enter the initial configuration dialog? [yes/no]:"

Enter no. In this document, the Cisco IOS is configured manually. The automatic setup script is not used. Configuring the Cisco IOS manually develops your expertise.

Enter yes to terminate autoinstall.

00:00:03: %NP_MD-6-SLOT_INSERTED: Slot 1 (108 ports max) inserted
00:00:16: %CARRIER-3-NO_DFC: DFC is not present - DFC 3
00:00:16: %CARRIER-3-NO_DFC: DFC is not present - DFC 4
00:00:16: %CARRIER-3-NO_DFC: DFC is not present - DFC 5
00:00:16: %CARRIER-3-NO_DFC: DFC is not present - DFC 6
00:00:16: %CARRIER-3-NO_DFC: DFC is not present - DFC 7
00:00:19: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down
00:00:19: %LINK-3-UPDOWN: Interface Serial0/1, changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
00:00:23: %NP_BS-6-MODULE_STARTED: NextPort module 1/0/0 Started - 1.1.6.81
00:00:26: %NP_BS-6-MODULE_STARTED: NextPort module 1/0/1 Started - 1.1.6.81
00:00:30: %NP_MD-6-MODULE_UP: NextPort module 1/0/0 up
00:00:30: %NP_BS-6-MODULE_STARTED: NextPort module 1/0/2 Started - 1.1.6.81
00:00:33: %NP_MD-6-MODULE_UP: NextPort module 1/0/1 up
00:00:37: %NP_MD-6-MODULE_UP: NextPort module 1/0/2 up
00:01:05: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down
00:01:05: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
00:01:05: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
00:01:05: %LINK-5-CHANGED: Interface Serial0/1, changed state to administratively down
00:01:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
00:01:10: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software 
IOS (tm) 5400 Software (C5400-JS-M), Version 12.1(1)XD1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc2)
TAC:Home:SW:IOS:Specials for info
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Sun 09-Jul-00 07:06 by beliu
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 1 priority 205 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 2 priority 204 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 3 priority 205 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 4 priority 204 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 5 priority 205 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 6 priority 204 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-SWITCH: Switching to the clock on slot 2 port 7 priority 205 as the current primary has gone bad
00:01:10: %TRUNK_CLOCK-6-BAD_CLOCKS: There are no good clocks in the system. Remain in HOLDOVER mode
00:01:10: %TRUNK_CLOCK-6-BAD_CLOCKS: There are no good clocks in the system. Remain in HOLDOVER mode
00:01:10: %TRUNK_CLOCK-6-BAD_CLOCKS: There are no good clocks in the system. Remain in HOLDOVER mode
00:01:10: %TRUNK_CLOCK-6-BAD_CLOCKS: There are no good clocks in the system. Remain in HOLDOVER mode
00:01:10: %TRUNK_CLOCK-6-BAD_CLOCKS: There are no good clocks in the system. Remain in HOLDOVER mode

Event 4—The state of the LAN interfaces is displayed as well as the slots in which Dial Feature Cards (DFCs) are not inserted. The NextPort module boardware version is detected (version 1.1.6.81). The AS5400 attempts to switch to a better clock source but does not find a suitable source because the T1s are not yet configured.

Enter the show version command to check the system hardware, Cisco IOS image name, uptime, and restart reason:

Router>show version
Cisco Internetwork Operating System Software 
IOS (tm) 5400 Software (C5400-JS-M), Version 12.1(1)XD1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc2)
TAC:Home:SW:IOS:Specials for info
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Sun 09-Jul-00 07:06 by beliu
Image text-base: 0x60008910, data-base: 0x61180000
 
ROM: System Bootstrap, Version 12.0(20000106:234457) [tombnyg-rommon_1_6 106], DEVELOPMENT SOFTWARE REV 1.6
BOOTFLASH: 5400 Software (C5400-BOOT-M), Experimental Version 12.0(19991217:131536) [pchu-nextport_weekly 431]
 
Router uptime is 1 minute
System returned to ROM by reload at 22:27:17 PST Mon Aug 14 2000
System image file is "flash:c5400-js-mz.121-1.XD1.bin"
 
cisco AS5400 (R7K) processor (revision O) with 131072K/65536K bytes of memory.
Processor board ID JAB0351040G
R7000 CPU at 250Mhz, Implementation 39, Rev 1.0, 256KB L2, 2048KB L3 Cache
Last reset from IOS reload
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
Primary Rate ISDN software, Version 1.1.
Manufacture Cookie Info:
 EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x31,
 Board Hardware Version 3.21, Item Number 800-5171-01,
 Board Revision 017, Serial Number JAB0351040G,
 PLD/ISP Version 1.0, Manufacture Date 6-Jan-2000.
Processor 0xFF, MAC Address 0x03096F818
Backplane HW Revision FF.FF, Flash Type 5V
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
108 terminal line(s)
8 Channelized T1/PRI port(s)
512K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
8192K bytes of processor board Boot flash (Read/Write)


Configuration register is 0x2102

Table 2-1 describes the significant output fields in the previous example:


Table 2-1: Show Version Command Field Descriptions 
Field

Description

Router uptime is 1 minute

 Watch for unscheduled reloads by inspecting this field.


System returned to ROM by reload at 22:27:17 PST Mon Aug 14 2000

 Tells you why the access server last reloaded. If the field displays "power-on," a power interruption caused the reload.


System image file is "flash:c5400-js-mz.121-1.XD1.bin"

 The Cisco AS5400 booted from this image location.

1.2 Checking the Initial Running-Config

The Cisco IOS creates an initial running configuration. Inspect the configuration to get familiar with the default settings.

Router>enable
Router#show running-config
Building configuration...
 
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
no boot startup-test
resource-pool disable
!
ip subnet-zero
!
cns event-service server
!
mta receive maximum-recipients 0
!
controller T1 2/0
!
controller T1 2/1
!
controller T1 2/2
!
controller T1 2/3
!
controller T1 2/4
!
controller T1 2/5
!
controller T1 2/6
!
controller T1 2/7
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clockrate 2000000
!
interface Serial0/1
 no ip address
 shutdown
 clockrate 2000000
!
interface Async1/00
 no ip address
!
interface Async1/01
 no ip address
!
interface Async1/02
 no ip address
!
interface Async1/03
 no ip address
!
interface Async1/04
 no ip address
!
interface Async1/05
 no ip address
!
interface Async1/06
 no ip address
 
.
. Sections of the configuration have been removed for brevity
. An Async interface is automatically created for each modem
.

!
interface Async1/102
 no ip address
!
interface Async1/103
 no ip address
!
interface Async1/104
 no ip address
!
interface Async1/105
 no ip address
!         
interface Async1/106
 no ip address
!
interface Async1/107
 no ip address
!
interface Group-Async0
 no ip address
 no group-range
!
ip classless
no ip http server
!!
line con 0
 logging synchronous
 transport input none
line aux 0
line vty 0 4
line 1/00 1/107
 no flush-at-activation
 no logging synchronous
 modem InOut
!
scheduler allocate 10000 400
end

Some sections of the running-configuration above have been removed for brevity. The AS5400 displays every async interface it recognizes. Therefore, if your system has a large number of async interfaces, the running-configuration will be very long. To aggregate the async interfaces, you must assign them to a Group-Async Interface with the command group-range (see the "Assigining Async interfaces to a Group-Async Interface" section) .

Group-async interfaces are templates used to control the configuration of multiple async interfaces on the access server. Each async interface corresponds to one of the modem lines and uses the same number as its corresponding line. Configuring the asynchronous interfaces as a group-async saves you time and configuration file size.The process to create a Group-Async Interface is described in "Assigining Async interfaces to a Group-Async Interface" section.

1.3 Exploring the Cisco IOS File System

Get familiar with the file system and memory storage areas. The Cisco IOS File System (IFS) feature provides a single interface to:

IFS first appeared in Cisco IOS Releases 11.3 AA and 12.0. For more information about IFS, refer to the chapter Using the Cisco IOS File System in the Release 12.0 Configuration Fundamentals Configuration Guide at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/fun_c/fcprt2/fcifs.htm


Figure 2-2: Cisco AS5400 Memory Locations

Table 2-2 describes the memory locations shown in Figure 2-2.


Table 2-2: Memory Location Descriptions 
Component

Description

 R7000 CPU


 RISC 7000 central processing unit.


 Processor memory


 The Cisco IOS image is initially read out of Flash memory, decompressed, and loaded into processor memory (also known as main memory or DRAM). 


 Routing tables, call control blocks, and other data structures are also stored here.


 Packet I/O memory


 Packets are temporarily stored in I/O memory. 


 System Flash and Boot Flash memory


 Stores Cisco IOS images, modem firmware/portware, and custom web pages.


 NVRAM memory


 Non-volatile configuration memory.

To inspect the file system, enter the show file systems command and dir comand as shown in the following bullet list:

    Router#show file systems
File Systems:
 
     Size(b)     Free(b)      Type  Flags  Prefixes
      520184      520184     nvram     rw   nvram:
           -           -    opaque     rw   null:
           -           -    opaque     rw   system:
           -           -   network     rw   tftp:
           -           -    opaque     wo   vfc:
*   32768000    22992256     flash     rw   flash:
     7602176     4634364     flash     rw   bootflash:
           -           -    opaque     wo   lex:
           -           -   network     rw   rcp:
           -           -   network     rw   ftp:
  In addition, verify that you have everything that you ordered (for example, 32 MB of Flash memory). The asterisk (*) indicates the current directory. 
    Router#dir system:
Directory of system:/
 
  4  dr-x           0              <no date>  memory
  1  -rw-        5026              <no date>  running-config
  2  dr-x           0              <no date>  ucode
 14  dr-x           0              <no date>  vfiles

Note   Remember to include the trailing colon (:) in dir commands. 
    Router#dir bootflash:
Directory of bootflash:/
 
  1  -rw-     1962796   Jan 01 2000 00:00:59  c5400-boot-mz.Jan7
  2  -rw-      182684   Jun 05 2000 22:04:15  crashinfo_20000605-220415
  3  -rw-      172464   Jun 26 2000 19:21:04  crashinfo_20000626-192104
  5  -rw-      167594   Jun 26 2000 19:24:37  crashinfo_20000626-192437
  6  -rw-      163300   Aug 02 2000 00:14:08  crashinfo_20000802-001408
  7  -rw-      131250   Aug 02 2000 00:14:19  crashinfo_20000802-001419
  8  -rw-      158171   Aug 08 2000 23:21:40  crashinfo_20000808-232140
7602176 bytes total (4634364 bytes free)

  In the example, the bootflash image is c5400-boot-mz.Jan7. The compressed file size is 1,962,796 bytes. The total boot flash memory size is 7,602,176 bytes. The number of free bytes is 4,634,364. The crashinfo file is a collection of useful information related to the current crash stored in boot Flash or Flash memory.
  For more information on crashinfo files refer to Retreiving Information from the Crashinfo File on CCO. Go to http://www.cisco.com/warp/public/63/crashinfo.html
 
    Router#pwd
flash:
Router#dir
Directory of flash:/
 
  1  -rw-     9950528   Jan 01 2000 00:48:59  c5400-js-mz.121-1.XD1.bin
 
32768000 bytes total (22817344 bytes free)
  The Cisco IOS image named c5400-js-mz.121-1.XD1.bin is present. 
    Router#dir nvram:
Directory of nvram:/
 
  1  -rw-           0              <no date>  startup-config
  2  ----           0              <no date>  private-config
 
520184 bytes total (520184 bytes free)

  In the example, two files are present: startup-config and private-config. The private-config is a secure file that is part of the startup configuration. It supports encryption technologies, but it is not user accessible.

1.4 Investigating Memory Usage

Use the show memory summary command to:

    Router#show memory summary
                Head    Total(b)     Used(b)     Free(b)   Lowest(b)  Largest(b)
Processor   61952B00   107664640    24210716    83453924    82827184    82866768
      I/O   40000000    67108880    28952352    38156528    38156528    38156412

The sum of the used and free memory equals the total memory. Most of the show memory summary command output have been removed for brevity

Note   Do not enter the show memory summary command with the terminal length 0 command enabled. If you do, many screens of output will appear. It might interrupt your session.

1.5 Inspecting CPU Utilization

Enter the show processes cpu command to investigate high CPU utilization. High utilization causes network performance problems. For example, knowing when the router is running at over 50% utilization is critical. The router might start dropping packets if an unexpected traffic burst comes through or if OSPF gets recalculated. Fast switching can also be used to reduce CPU utilization.

    Router#show processes cpu
CPU utilization for five seconds: 0%/0%; one minute: 1%; five minutes: 1%
 PID  Runtime(ms)  Invoked  uSecs    5Sec   1Min   5Min TTY Process 
   1           0        83      0   0.00%  0.00%  0.00%   0 Load Meter       
   2        3436      1486   2312   0.08%  0.80%  0.59%   0 Exec             
   3        1256       103  12194   0.00%  0.36%  0.20%   0 Check heaps      
   4           0         1      0   0.00%  0.00%  0.00%   0 Chunk Manager    
   5           8        10    800   0.00%  0.00%  0.00%   0 Pool Manager     
   6           0         2      0   0.00%  0.00%  0.00%   0 Timers           
   7           0        66      0   0.00%  0.00%  0.00%   0 ALARM_TRIGGER_SC 
   8           4         2   2000   0.00%  0.00%  0.00%   0 Serial Backgroun 
   9           0         1      0   0.00%  0.00%  0.00%   0 RM PROCESS       
  10           0         1      0   0.00%  0.00%  0.00%   0 RM PROCESS       
  11           0         1      0   0.00%  0.00%  0.00%   0 RM PROCESS       
  12           0         1      0   0.00%  0.00%  0.00%   0 RM PROCESS       
  13           0         2      0   0.00%  0.00%  0.00%   0 CAS Process      
  14           0        11      0   0.00%  0.00%  0.00%   0 ARP Input        
  15           0        23      0   0.00%  0.00%  0.00%   0 HC Counter Timer 
  16           0         2      0   0.00%  0.00%  0.00%   0 DDR Timers       
  17           0         2      0   0.00%  0.00%  0.00%   0 Dialer event     
  18           4         2   2000   0.00%  0.00%  0.00%   0 Entity MIB API   
  19           0         1      0   0.00%  0.00%  0.00%   0 SERIAL A'detect  
  20           0         1      0   0.00%  0.00%  0.00%   0 Critical Bkgnd   
  21           0        53      0   0.00%  0.00%  0.00%   0 Net Background


Look at the top line of the output. If you see high utilization numbers, for example over 50%, inspect the columns 5Sec, 1Min, and 5Min. Find the process that uses the most CPU power. For an idle chassis, numbers larger than two percent indicate a problem.

Task 2. Configuring Cisco IOS Basics

The following subsections detail the tasks required to apply a basic-running configuration to the NAS:

Note   Periodically save the configuration by using the copy running-config startup-config command.

2.1 Configuring the Host Name, Enable Secret, and Time Stamps

Assign a host name to the NAS, specify an enable secret password, and turn on time stamps:

Step 1   Enter the following commands in global configuration mode:

Router(config)#hostname 5400-NAS
5400-NAS(config)#enable secret yourpasswordhere 
5400-NAS(config)#service password-encryption 
5400-NAS(config)#service timestamps debug datetime msec
5400-NAS(config)#service timestamps log datetime msec
Note   The enable password command is an obsolete command. Do not use it.

Step 2   Log in with the enable secret password. The show privilege command shows the current security privilege level.

5400-NAS#disable
5400-NAS>enable
Password:
5400-NAS#show privilege
Current privilege level is 15
5400-NAS#

2.2 Configuring Local AAA Security

Configure authentication, authorization, and accounting (AAA) to perform login authentication by using the local username database. The login keyword authenticates EXEC shell users. Additionally, configure PPP authentication to use the local database if the session was not already authenticated by login.

AAA (called triple A) is the Cisco IOS security model used on all Cisco devices. AAA provides the primary framework through which you set up access control on the NAS.

In this basic case study, the same authentication method is used on all interfaces. AAA is set up to use the local database configured on the NAS. This local database is created with the username configuration commands.

Step 1   Create a local login username database in global configuration mode. In this example, the administrator's username is admin. The remote client's login username is dude. 

5400-NAS(config)#username admin password adminpasshere
5400-NAS(config)#username dude password dudepasshere
Caution This step also prevents you from getting locked out of the NAS. If you get locked out, you must reboot the device and perform password recovery.

Step 2   Configure local AAA security in global configuration mode. You must enter the aaa new-model command before the other two authentication commands.

5400-NAS(config)#aaa new-model
5400-NAS(config)#aaa authentication login default local
5400-NAS(config)#aaa authentication ppp default if-needed local

The following table describes the previous configuration snippet.


Table 2-3: Local AAA Commands 
Command

Description

aaa new-model

 Initiates the AAA access control system. This command immediately locks down login and PPP authentication.


aaa authentication login default local

 Configures AAA to perform login authentication by using the local username database. The login keyword authenticates EXEC shell users.


aaa authentication ppp default if-needed local

 Configures PPP authentication to use the local database if the session was not already authenticated by login.


aaa new-model

 Initiates the AAA access control system. This command immediately locks down login and PPP authentication.

Step 3   Log in with your username and password:

5400-NAS#login
 
User Access Verification
 
Username:admin
Password:
 
5400-NAS#

A successfully login means that your local username will work on any TTY or VTY line. Do not disconnect your session until you can log in.

2.3 Setting Up a Login Banner

Create a login banner. A banner shows you which unit you are connected to (or are connecting through, in the case of a console server).

Step 1   Create the banner:

5400-NAS(config)#banner login |
Enter TEXT message.  End with the character '|'.
This is a secured device. 
Unauthorized use is prohibited by law.
|
5400-NAS(config)#^Z
5400-NAS#

Step 2   Test the banner:

5400-NAS#login
 

This is a secured device.
Unauthorized use is prohibited by law.
 
User Access Verification
 
Username: admin
Password: 
 
5400-NAS#

2.4 Configuring the Loopback Interfaces, Ethernet Interface, and IP Route

To commission a basic dial access service:

Step 1   Assign the IP addresses, and create an IP route to the default gateway:

5400-NAS(config)#interface loopback 0
5400-NAS(config-if)#ip address 172.22.99.1 255.255.255.255
5400-NAS(config-if)#exit
5400-NAS(config)#interface loopback 1
5400-NAS(config-if)#ip address 172.22.90.1 255.255.255.0
5400-NAS(config-if)#exit
5400-NAS(config)#interface FastEthernet 0/0
5400-NAS(config-if)#ip address 171.68.186.55 255.255.255.240
5400-NAS(config-if)#no shutdown
5400-NAS(config-if)#exit
5400-NAS(config)# ip route 0.0.0.0 0.0.0.0 171.68.186.49

In this example:

Step 2   Verify that the Fast Ethernet interface is up. Ping the default gateway to verify this.

5400-NAS#ping 171.68.186.49
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 171.68.186.49, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms

This step verifies that you have IP connectivity with another device on the subnet. If the ping succeeds to the default gateway, try pinging the DNS server in your backbone. Make sure the backbone routers are configured to get to the access server; otherwise, the ping will not work. Configure the backbone routers to support the routes to the networks you are using.

Note   An 80% ping-success rate is normal for the first time you ping an external device. The NAS does not yet have an ARP (Address Resolution Protocol) entry for the external device. A 100% success rate is achieved the next time you ping the device.

2.5 Assigining Async interfaces to a Group-Async Interface

Group-async interfaces allow administrators to easily configure a large number of async interfaces by allowing them to clone from one managed copy. This can also reduce the number of lines in the configuration since each indvidual async interface configuration can be replaced by at least one group-async. To assign the async interfaces to a Group-Async Interface first determine the number of async lines that need to be aggregated. This can be determined from the running-configuration.

From the running-configuration in section 1.2, observe that the async lines are numbered 1/00 through 1/107

Step 1   Select Group-Async 0 interface in global configuration mode.

5400-NAS(config)#interface group-async 0

Step 2   Define the group range of the interface. The values used with the group-range command depend on your access server's hardware configuration. For example if your Access Server has a NP-108 DFCs in slots 2 and 3, the group-range could be specified as 2/00 3/107. In our situation specify group-range 1/00 1/107 

5400-NAS(config-if)#group-range 1/00 1/107 
Building configuration...
Note   If you have a large number of modems, the NAS may take up to several minutes to create the group-async interface.

Step 3   Verify that the async interfaces have been aggregated in the Group-Async Interface by performing a show running-configuration

2.6 Upgrading to a New Cisco IOS Release

Obtain new Cisco IOS features and more stable code by upgrading to a new Cisco IOS release.

Step 1   Display the contents of Flash memory:

5400-NAS#cd flash:
5400-NAS#dir
Directory of flash:/
 
  1  -rw-     9950528   Jan 01 2000 00:48:59  c5400-js-mz.121-1.XD1.bin
 
32768000 bytes total (22817344 bytes free)

Step 2   Copy the new image from the remote TFTP server into Flash memory. Make sure to specify your own TFTP server's IP address and Cisco IOS file name. If you enounter issues with upgrading the image ensure that you can ping the tftp server and that appropriate directory permissions are configured on the tftp server. To see the bangs (!) during the download operation, you must have line wrap enabled in your terminal emulation software.

TimeSaver Leave both images in Flash memory if you have the available space. If needed, you can easily revert back to the previous image. Enter the boot system flash newiosname.bin command to point to the new image file name. By default, the first image in Flash memory is loaded.
5400-NAS#copy tftp flash
Address or name of remote host [171.68.191.135]? 171.68.191.135
Source filename [c5400-js-mz.121-1.XD1.bin]? c5400-js-mz.121-3.T.bin
Destination filename [c5400-js-mz.121-3.T.bin]? 
Accessing tftp://171.68.191.135/c5400-js-mz.121-3.T.bin...
Loading c5400-js-mz.121-3.T.bin from 171.68.191.135 (via FastEthernet0/0): !!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 9775616/19551232 bytes]
 
9775616 bytes copied in 66.424 secs (148115 bytes/sec)
Caution Occasionally TFTP errors will occur. Make sure the verifying checksum reports "OK." DO NOT reload the access server if the checksum reports errors.

Step 3   Verify that the new image was downloaded. In this example, notice that the 12.1(1)XD image is the first in flash, hence it will be loaded during the boot sequence. To boot using the new image you must either a) delete the unwanted image or b) use the boot system command to specify the alternate image to use during the boot sequence

5400-NAS#dir flash:
Directory of flash:/
 
  1  -rw-     9950528   Jan 01 2000 00:48:59  c5400-js-mz.121-1.XD1.bin
  2  -rw-     9775616   Jan 01 2000 00:59:10  c5400-js-mz.121-3.T.bin


32768000 bytes total (13041600 bytes free)

For more information on deleting the image refer to the document Cisco IOS File System on CCO. Note that the AS5400, unlike the AS5200 and the AS5300, uses a Class A Flash File System. Go to http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113aa/113aa_2/allplats/ifs.htm

Step 4   To specify the alternate image that is to be used during the boot sequence use the boot system flash newiosname.bin command to specify the location(device) and name of the image to be used.

5400-NAS(config)#boot system flash c5400-js-mz.121-3.T.bin
5400-NAS(config)#^Z
5400-NAS#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]

To verify that this command is in effect, use the show running-configuration command. Do not forget to save your running-configuration before the reload or the Access Server may load the incorrect image.

Step 5   Reload the NAS to run the new image. If you erased the old Cisco IOS image, make sure the boot system flash oldiosname.bin command is not enabled and pointing to the old image file name. Otherwise, the NAS will get stuck trying to reload the old image over and over again.

5400-NAS#reload
Proceed with reload? [confirm]
 
System Bootstrap, Version 12.0(20000106:234457) [tombnyg-rommon_1_6 106], DEVELOPMENT SOFTWARE REV 1.6
Copyright (c) 1994-2000 by cisco Systems, Inc.
AS5400 platform with 131072 Kbytes of main memory
 
Self decompressing the image : #################################################
##################################################### [OK]
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################# [OK]
Press RETURN to get started!
Note   Most sections of the boot sequence have been omitted here. For an example of a full boot sequence refer to section 1.

For more information about TFTP, refer to the document "Loading and Maintaining System Images and Microcode" at:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/fun_c/fcprt2/fcimages.htm

Task 3. Enabling the T1 Controllers

Specify the settings for the T1 controllers. T1 controller settings must match the settings on the telephone switch side. Mismatched settings cause problems that may not be detected for a long time.


Figure 2-3: Matching T1 Controller Settings
Step 1   Define the ISDN switch type and T1 controller settings: 

5400-NAS(config)#isdn switch-type primary-5ess

Step 2   Specify the T1 controller settings:

5400-NAS(config)#controller t1 2/0
5400-NAS(config-controller)#framing esf
5400-NAS(config-controller)#linecode b8zs
5400-NAS(config-controller)#pri-group timeslots 1-24

Configure the rest of the t1 controllers in the same manner.

Table 2-4 describes some of the T1-controller concepts that are applied in the previous example.


Table 2-4: T1 Controller Concepts and Descriptions 
Concept

Description

 Framing type


 Defines the control bits and data bits. Cisco supports super frame (SF) and extended super frame (ESF) for T1s.


 ESF—Extended super frame. Required for 64 kb operation on DS0s. ESF requires 2k-framing bits for synchronization. The remaining 6k is used for error detection, CRC, and data link monitoring. ESF is recommended for PRI configurations. 


 SF—Super frame. SF (D4) is used in channel bank robbed bit signalling (RBS) configurations. SF uses the framing bit to identify the channel and voice-related signaling within the frame. SF is not recommended for PRI configurations. 


 Line code type


 An encoding method used to allow synchronous data to be transmitted in a compatible format for T1 transmission. Common line codes are RZ (return to zero), NRZ (non-return to zero), B8ZS, AMI, and HDB3 (high density bipolar order 3).


 AMI—Alternate mark inversion. Signal transitions are referenced by a binary 1 (mark). AMI is used on older T1 circuits. It is not reliable. 


 B8ZS—Most popular line-code scheme used in North America. To maintain clock synchronization, B8ZS replaces a string of 8 binary 0s with variations. B8ZS is more reliable than AMI, and it should be used with PRI configurations. 


 Timeslot assignment


 Timeslots are assigned to channels. For T1 PRI scenarios, all 24 T1 timeslots are assigned as ISDNPRI channels. After the timeslots are assigned by the pri-group command, D-channel serial interfaces are automatically created in the configuration file (for example S0:23, S1:23, and so on).

Step 3   Verify that the controllers are up and no alarms or errors are detected. Error counters are recorded over a 24-hour period in 15-minute intervals. In the display output, focus on the data in the current interval. 

5400-NAS#show controllers t1
T1 2/0 is up.
  Applique type is Channelized T1
  Cablelength is long gain36 0db
  No alarms detected.
  alarm-trigger is not set
  Version info of slot 2:  HW: 771, PLD Rev: 1
  Framer Version: 0x8
 
Manufacture Cookie Info:
 EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x02,
 Board Hardware Version 3.3, Item Number 800-5176-03,
 Board Revision 015, Serial Number JAB03430DZ8\\\\\,
 PLD/ISP Version 0.0, Manufacture Date 9-Dec-1999.
 
  Framing is ESF, Line Code is B8ZS, Clock Source is Line.
  Data in current interval (769 seconds elapsed):
     0 Line Code Violations, 0 Path Code Violations
     0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins
     0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs
  Total Data (last 7 15 minute intervals):
     2 Line Code Violations, 4488 Path Code Violations,
     0 Slip Secs, 1041 Fr Loss Secs, 1 Line Err Secs, 0 Degraded Mins,
     1 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 1043 Unavail Secs

After each controller is correctly set up, clear the counters and look for ongoing line violations and errors. To do this, enter the clear controller t1 slot/number command followed by the show controller t1 command. In the display output, focus on the data in the current interval. Error counters stop increasing when the controller is configured correctly.

Tips The clear controller t1 slot/number command does not reset or bring down the controller. The T1 stays up. Only the counters are cleared.

If the counters are increasing on a specific T1 controller, look closely at the error statistics. Refer to the commands in Table 2-5.


Table 2-5: Different Options for the Show Controller T1 Command 
Command

Purpose

show controller t1

 Provides brief output statistics for the current interval and the last 24 hours.


show controller t1 slot/number

 Displays counters for all 96 intervals.


show controller t1 slot/number | begin Total

 Modifies the output as described in the Cisco IOS configuration guides. The "T" in Total is case sensitive. (Release 12.0 T is required.)

Table 2-6 provides a list of T1 alarm conditions and descriptions from the reference point of the NAS.


Table 2-6: Alarm Conditions 
Concept

Description

CRC Errors

 Occurs only in ESF format when a CRC bit has an error.


Excessive CRC Error Indication (ECRCEI)

 Reported in ESF format when 32 of any 33 consecutive CRCs are in error.


Out of Frame (OOF)

 Occurs when the framing pattern for a T1 line has been lost, and data cannot be extracted. This is a red alarm. In SF and ESF formats, OOF occurs when any two of four consecutive frame-synchronization bits are in error. 


Loss of Signal (LOS)

 Occurs when 175 consecutive 0s are detected in the MC. This is a red alarm. The signal is recovered if the density of 1s reaches 12.5%. The recovery happens when four 1s are received within a 32-bit period. 


Remote Frame Alarm (RHEA)

 Indicates that an OOF framing pattern occurred at the remote end. This is a yellow alarm. 


Alarm Indication Signal (AIS)

 Indicates to the remote end that the received signal is lost. This is a blue alarm. AIS occurs when a stream of 1s is received.


Loop Back

 Indicates that a remotely initiated loopback (from the network) is in progress.


Errored Seconds

 Depending on the framing format, indicates OOF conditions, frame slip conditions, or error events. 


 For SF, errored seconds reports the number of seconds the frame was in the OOF or slip condition. For ESF, errored seconds reports error events in seconds.


Bursty Errored Seconds

 Reports CRC error conditions in seconds (ESF format only).


Severely Errored Seconds

 Reports error events or frame slip conditions in seconds.

For more information about controllers, see the section "Channelized E1 & Channelized T1 Setup Commands" at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/dial_r/drprt1/index.htm

Step 4   Verify that the individual serial D channels and B channels are present. In the following example, B channels Se 2/0:0 through Se 2/0:22 are rotary members of the signaling D channel Se 2/0:23.

5400-NAS#show ip interface brief 
Interface                  IP-Address      OK? Method Status                Protocol
Async1/00                  unassigned      YES TFTP   down                  down
Async1/01                  unassigned      YES TFTP   down                  down    
Async1/02                  unassigned      YES TFTP   down                  down    
Async1/03                  unassigned      YES TFTP   down                  down    
Async1/04                  unassigned      YES TFTP   down                  down    
Async1/05                  unassigned      YES TFTP   down                  down
 
... 
... Sections of the output have been removed
...

Async1/103                 unassigned      YES TFTP   down                  down
Async1/104                 unassigned      YES TFTP   down                  down
Async1/105                 unassigned      YES TFTP   down                  down
Async1/106                 unassigned      YES TFTP   down                  down
Async1/107                 unassigned      YES TFTP   down                  down
FastEthernet0/0            171.68.186.55   YES NVRAM  up                    up  
FastEthernet0/1            unassigned      YES NVRAM  administratively down down
Group-Async0               unassigned      YES NVRAM  down                  down
Loopback0                  172.22.99.1     YES NVRAM  up                    up  
Loopback1                  172.22.90.1     YES NVRAM  up                    up  
Serial0/0                  unassigned      YES NVRAM  administratively down down
Serial0/1                  unassigned      YES NVRAM  administratively down down
Serial2/0:0                unassigned      YES unset  down                  down
Serial2/0:1                unassigned      YES unset  down                  down
Serial2/0:2                unassigned      YES unset  down                  down
Serial2/0:3                unassigned      YES unset  down                  down
Serial2/0:4                unassigned      YES unset  down                  down
Serial2/0:5                unassigned      YES unset  down                  down
Serial2/0:6                unassigned      YES unset  down                  down
Serial2/0:7                unassigned      YES unset  down                  down
Serial2/0:8                unassigned      YES unset  down                  down
Serial2/0:9                unassigned      YES unset  down                  down
Serial2/0:10               unassigned      YES unset  down                  down
Serial2/0:11               unassigned      YES unset  down                  down
Serial2/0:12               unassigned      YES unset  down                  down
Serial2/0:13               unassigned      YES unset  down                  down
Serial2/0:14               unassigned      YES unset  down                  down
Serial2/0:15               unassigned      YES unset  down                  down
Serial2/0:16               unassigned      YES unset  down                  down
Serial2/0:17               unassigned      YES unset  down                  down
Serial2/0:18               unassigned      YES unset  down                  down
Serial2/0:19               unassigned      YES unset  down                  down
Serial2/0:20               unassigned      YES unset  down                  down
Serial2/0:21               unassigned      YES unset  down                  down
Serial2/0:22               unassigned      YES unset  down                  down
Serial2/0:23               unassigned      YES NVRAM  up                    up

Task 4. Configuring the Serial Interfaces

Configure the serial D channels to route incoming voice calls from the PSTN to the integrated modems. The behavior of the B channels is controlled by the D channels' configuration instructions. The D channel is the signaling channel.

After timeslots are assigned by the pri-group command, D-channel serial interfaces are automatically created in the configuration file (for example Se2/0:23, Se2/1:23, and so on).

Individual B-channel serial interfaces are created as rotary members of their signaling D channels (for example S2/0:0 through S2/0:22). The D-channel interface functions like a dialer for all the 23 B-channels using the controller.

Table 2-7 describes the relationship between T1 controllers and serial interfaces.


Table 2-7: Controller-to-Channel Relationships 
Controller

D Channels

B Channels

 Controller T1 0


 Interface serial 2/0:23


 Se 2/0:0 through Se 2/0:22


 Controller T1 1


 Interface serial 2/1:23


 Se 2/1:0 through Se 2/1:22


 Controller T1 2


 Interface serial 2/2:23


 Se 2/2:0 through Se 2/2:22


 Controller T1 3


 Interface serial 2/3:23


 Se 2/3:0 through Se 2/3:22


 ...


 ...


 ...

Step 1   Apply the isdn incoming-voice modem command to each D-channel serial interface: 

5400-NAS(config)#interface Serial 2/0:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/1:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/2:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/3:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/4:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/5:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/6:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#interface Serial 2/7:23
5400-NAS(config-if)#isdn incoming-voice modem
5400-NAS(config-if)#exit
5400-NAS(config)#exit
5400-NAS#

Different versions of Cisco IOS enables different default commands. Release 12.0(5)T enables the commands in Table 2-8.


Table 2-8: Release 12.0(5)T Default Commands 
Command

Purpose

 no ip directed-broadcast


 Enhances security by preventing broadcasts to this subnet from unauthorized sources.


 isdn switch-type primary-5ess


 The ISDN global switch type value is propagated to the serial-interface level. This happens during initial configuration or a reload. 


 Per interface switch-types are first introduced in Release 11.3AA.


 no cdp enable


 Turns off the cisco discovery protocol (cdp). Otherwise, the protocol attempts to be negotiated on the PPP links.

Step 2   Verify that ISDN is functioning properly, and the serial channels are up:

    5400-NAS#show isdn status 
Global ISDN Switchtype = primary-5ess
ISDN Serial2/0:23 interface
        dsl 0, interface ISDN Switchtype = primary-5ess
    Layer 1 Status:
        ACTIVE
    Layer 2 Status:
        TEI = 0, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
    Layer 3 Status:
        0 Active Layer 3 Call(s)
    Activated dsl 0 CCBs = 0
    The Free Channel Mask:  0x807FFFFF     



    5400-NAS#show isdn service
PRI Channel Statistics:
ISDN Se2/0:23, Channel [1-24]
  Configured Isdn Interface (dsl) 0
  Channel State (0=Idle 1=Propose 2=Busy 3=Reserved 4=Restart 5=Maint_Pend)
  0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 3 
  Service State (0=Inservice 1=Maint 2=Outofservice)
  0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2    
 



    5400-NAS#debug isdn q921
ISDN Q921 packets debugging is on
5400-NAS#
*Jan  1 00:35:23.263: ISDN Se2/0:23: RX <-  RRp >sapi = 0  tei = 0 nr = 0 
*Jan  1 00:35:23.263: ISDN Se2/0:23: TX -  RRf sapi = 0  tei = 0  nr = 0
5400-NAS#
*Jan  1 00:35:33.283: ISDN Se2/0:23: RX <-  RRp >sapi = 0  tei = 0 nr = 0 
*Jan  1 00:35:33.283: ISDN Se2/0:23: TX -  RRf sapi = 0  tei = 0  nr = 0
    5400-NAS#undebug isdn q921
ISDN Q921 packets debugging is off

  



Step 3	  Test the configuration by sending a standard telephone (POTS) call into the NAS. The configuration works if the modem answers (that is, you hear modem squelch), the configuration works. Figure 2-4 shows how this step works.



Figure 2-4: Sending a POTs Telephone Call into a NAS


 A different telephone number is associated with each end of the connection. In Figure 2-4, the called number 555-4100 is assigned to the PRI trunk. This number is dialed from the POTS telephone. The calling number 444-4123 is assigned to the POTS telephone line.


Task 5.    Configuring Modems and Lines

 
 Modems and lines are configured after:



 Each modem is mapped to a dedicated asynchronous line inside the NAS. After the modem inout command is applied to the lines, the NAS is ready to accept modem calls. 


 AAA security is applied to the lines by the aaa new-model command and aaa authentication login default local command. AAA performs login authentication by using the local username database. The login keyword authenticates EXEC shell users.


 The AS5400 uses the NextPort Dial Feature Card (DFC) that processes digital service port technology. Ports on the NextPort DFC support both modem and digital services. You can manage your port connections at the NextPort slot level, service proccessing element (SPE) level or port level using monitoring, and troubleshooting commands.


 The NextPort DFC uses a number of new commands while not supporting many of the modem commands that are used in other platforms. For more information on the new NextPort commands refer to Managing and Troubleshooting the NextPort Dial Feature Card on CCO. Go to http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/as5400/54swcg/54nextpt.htm
  






Note   The modem speed 115200 bps and hardware flow control are the default settings for integrated modems.





Step 1	  Support incoming and outgoing modem calls. In this example, the NAS has 108 modems. 


5400-NAS(config)#line 1/00 1/107
5400-NAS(config-line)#modem inout 
5400-NAS(config-line)#^Z
5400-NAS# 
 


Step 2	  Verify that the Digital Modem lines support incoming and outgoing calls. 


5400-NAS#show line
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int
*    0 CTY              -    -      -    -    -      0       0     0/0       -
     1 AUX   9600/9600  -    -      -    -    -      0       0     0/0       -
     2 VTY              -    -      -    -    -      0       0     0/0       -
     3 VTY              -    -      -    -    -      0       0     0/0       -
     4 VTY              -    -      -    -    -      0       0     0/0       -
     5 VTY              -    -      -    -    -      0       0     0/0       -
     6 VTY              -    -      -    -    -      0       0     0/0       -
     1/00 Digital modem - inout     -    -    -      0       0     0/0       -
     1/01 Digital modem - inout     -    -    -      0       0     0/0       -
     1/02 Digital modem - inout     -    -    -      0       0     0/0       -
     1/03 Digital modem - inout     -    -    -      0       0     0/0       -
     1/04 Digital modem - inout     -    -    -      0       0     0/0       -
     1/05 Digital modem - inout     -    -    -      0       0     0/0       -
     ...
     ... Sections have been removed for brevity
     ... 
     1/102 Digital modem - inout     -    -    -      0       0     0/0       -
     1/103 Digital modem - inout     -    -    -      0       0     0/0       -
     1/104 Digital modem - inout     -    -    -      0       0     0/0       -
     1/105 Digital modem - inout     -    -    -      0       0     0/0       -
     1/106 Digital modem - inout     -    -    -      0       0     0/0       -
     1/107 Digital modem - inout     -    -    -      0       0     0/0       -
 
Line(s) not in async mode -or- with no hardware support: 
7-215
 
5400-NAS#
 


Step 3	  (Optional) Use the show spe modem summary command to show modem service history statitstics for all the SPEs


5400-NAS#show spe modem summary 
Async1/00 - 1/107, TTY216 - 323
       0 incoming completes          0 incoming failures
       0 outgoing completes          0 outgoing failures
       0 failed dial attempts        0 ring no answers          0 autotests
       0 no carriers                 0 dial timeouts            0 autotest fails
       0 no dial tones               0 link failures            0 fail count
       0 watchdog timeouts           0 protocol errors          0 recovers
 
Transmit Speed Counters       :
 Speed    Calls  Speed    Calls  Speed    Calls  Speed    Calls  Speed    Calls
 60000        0  48000        0  38400        0  30666        0  12000        0 
 58000        0  46666        0  38000        0  29333        0   9600        0 
 56000        0  46000        0  37333        0  28800        0   7200        0 
 54666        0  45333        0  36000        0  28000        0   4800        0 
 54000        0  44000        0  34666        0  26400        0   2400        0 
 53333        0  42666        0  34000        0  24000        0   1200        0 
 52000        0  42000        0  33600        0  21600        0    300        0 
 50666        0  41333        0  33333        0  19200        0 
 50000        0  40000        0  32000        0  16800        0 
 49333        0  38666        0  31200        0  14400        0 
 

Receive Speed Counters        :
 Speed    Calls  Speed    Calls  Speed    Calls  Speed    Calls  Speed    Calls
 
 38400        0  26400        0  16800        0   7200        0    300        0 
 33600        0  24000        0  14400        0   4800        0 
 31200        0  21600        0  12000        0   2400        0 
 28800        0  19200        0   9600        0   1200        0 
 

 Note that the tty range for the 108 modems is 216 through 323. 



Step 4	  (Optional) Use the show spe modem csr slot command to view the success rate statistics for all the SPEs. Note that there are 18 SPEs and since each SPE handles 6 ports, the DFC supports a total of 108 ports.


5400-NAS#show spe modem csr 1       
         Avg Hold     Inc calls     Out calls    Failed    No      Succ
SPE        Time      Succ   Fail   Succ   Fail   Dial    Answer    Pct
1/00     00:00:00       0      0      0      0       0       0      0%
1/01     00:00:00       0      0      0      0       0       0      0%
1/02     00:00:00       0      0      0      0       0       0      0%
1/03     00:00:00       0      0      0      0       0       0      0%
1/04     00:00:00       0      0      0      0       0       0      0%
1/05     00:00:00       0      0      0      0       0       0      0%
1/06     00:00:00       0      0      0      0       0       0      0%
1/07     00:00:00       0      0      0      0       0       0      0%
1/08     00:00:00       0      0      0      0       0       0      0%
1/09     00:00:00       0      0      0      0       0       0      0%
1/10     00:00:00       0      0      0      0       0       0      0%
1/11     00:00:00       0      0      0      0       0       0      0%
1/12     00:00:00       0      0      0      0       0       0      0%
1/13     00:00:00       0      0      0      0       0       0      0%
1/14     00:00:00       0      0      0      0       0       0      0%
1/15     00:00:00       0      0      0      0       0       0      0%
1/16     00:00:00       0      0      0      0       0       0      0%
1/17     00:00:00       0      0      0      0       0       0      0%

Task 6.    Enabling IP Basic Setup

 
 Fine tune the IP routing functions and domain-name services for EXEC shell users.


 


  




Step 1	  Optimize IP routing functions in global configuration mode: 


5400-NAS(config)#ip subnet-zero 
5400-NAS(config)#no ip source-route 
5400-NAS(config)#ip classless 
5400-NAS(config)#ip domain-lookup 
 

 Table 2-9 describes the previous commands.


  




Table 2-9: IP Routing Commands


Command

Purpose



ip subnet-zero

 Specifies that 172.22.0.0 is a legal subnet.


 


no ip source-route


 Tightens security by ensuring that IP-header packets cannot define their own paths through the network access server (NAS).


 


ip classless

 Ensures that all unknown subnets use the default route.


 













Step 2	  In global configuration mode, enter domain-name service commands to support EXEC shell users:


5400-NAS(config)#ip host onionring 172.22.53.101
5400-NAS(config)#ip domain-name maui-onions.com
5400-NAS(config)#ip name-server 172.22.11.10
5400-NAS(config)#ip name-server 172.22.11.11 
 

 Table 2-10 describes the previous commands.


  




Table 2-10: Domain-Name Commands


Command

Purpose



ip domain-lookup

 Enables IP domain-name lookups.


 


ip host onionring 172.22.53.101

 Creates a local name-to-address map. When the NAS is not entered in a DNS server, this map is useful.


 


ip domain-name mauionions.com

 Tells the NAS how to qualify DNS lookups. In this example, mauonions.com is appended to the end of each looked-up name.


 


ip name-server 172.22.11.10
ip name-server 172.22.12.11

 Specifies the primary and secondary name servers. The ip name-server command is used for mapping names to IP addresses. 


 












Task 7.    Testing Asynchronous-Shell Connections

 
 This task verifies that the following components are working:



 The Cisco IOS provides a command-line interface (CLI) called the EXEC.


 The EXEC:



 During this task, some administrators try to make complex services function such as PPP-based Web browsing. Do not jump ahead. Many other elements still need to be configured (for example, PPP and IPCP). The asynchronous-shell test ensures that the EXEC's login prompt can be accessed by a client modem. Taking a layered approach to building a network isolates problems and saves you time.



Step 1	  Locate a client PC, client modem, and analog line. From the client PC, open a terminal emulation program (such as Hyper Terminal, not Dial-Up Networking) and connect to the client modem. Figure 2-5 shows the network environment for this test. 



Figure 2-5: Test Environment



Step 2	  From a terminal-emulation program, test your RS-232 connection to the client modem. Enter the at command. The modem returns the prompt "OK." 


at
OK

  



Step 3	  Dial the PRI telephone number assigned to the NAS (in this example the number is 5554100). After the modem successfully connects, a connect message appears.


atdt 5554100
CONNECT 33600/REL - LAPM 






Note   Many modems support the a/ command, which recalls the last AT command. The ath command hangs up a modem call. The atdl command dials the last telephone number.





Step 4	  Log into the EXEC session on the AS5400 (from the client PC) :


This is a secured device.
Unauthorized use is prohibited by law.
 
 
User Access Verification
 
Username: dude
Password: 
 
5400-NAS>
 


Step 5	  Identify the line where the call landed. The following example shows that line TTY 216 accepted the call. The call has been up and active for 30 seconds.


5400-NAS#show caller
                                                Active    Idle
  Line         User               Service       Time      Time
  con 0        admin              TTY           00:39:09  00:00:00  
  tty 216      dude               TTY           00:00:30  00:00:07  

5400-NAS#show caller user dude
 
  User: dude, line tty 216, service TTY
        Active time 00:00:42, Idle time 00:00:19
  Timeouts:            Absolute  Idle      Idle
                                 Session   Exec
      Limits:          -         -         00:10:00  
      Disconnect in:   -         -         00:09:40  
  TTY: Line 1/00
  DS0: (slot/unit/channel)=2/0/18
  Line: Baud rate (TX/RX) is 115200/115200, no parity, 1 stopbits, 8 databits
  Status: Ready, Active, No Exit Banner
  Capabilities: No Flush-at-Activation, Hardware Flowcontrol In
                Hardware Flowcontrol Out, Modem Callout, Modem RI is CD
                Integrated Modem
  Modem State: Ready 






Note   The show caller command is added to the Cisco IOS software in Release 11.3 AA and 12.0 T. If your software release does not support this command, use the show user command.





Step 6	  Test the IP functionality to support shell sessions. From the NAS, telnet to another device in your network. 


5400-NAS#telnet 171.68.186.49
Trying 171.68.186.49 ... Open

access-gw line 2 

access-gwtelnet smart 
Translating "smart"...domain server (171.68.10.70) [OK]
Trying smart.cisco.com (171.68.191.135)... Open
 
 
UNIX(r) System V Release 4.0 (smart)
 
login: test
Password: 
No directory! Logging in with home=/
Last login: Fri Aug 18 13:50:07 from dhcp-aus-163-230
Sun Microsystems Inc.   SunOS 5.5.1     Generic May 1996

Task 8.    Confirming the Final Running-Config

 
 The final running configuration looks like this:


5400-NAS#show running-config 
Building configuration...
 
Current configuration:
!
version 12.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 5400-NAS
!
boot system flash c5400-js-mz.121-3.T.bin
no boot startup-test
aaa new-model
aaa authentication login default local
aaa authentication ppp default if-needed local
enable secret 5 $1$igbO$f1JluL6.OqK1XqXcqpkwj.
!
username admin password 7 14161606050A
username dude password 7 0202115F0E
!
resource-pool disable
!
ip subnet-zero
no ip source-route
ip domain-name maui-onions.com
ip name-server 172.22.11.10
ip name-server 172.22.11.11
!
isdn switch-type primary-5ess
cns event-service server
!
mta receive maximum-recipients 0
!
controller T1 2/0
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/1
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/2
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/3
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/4
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/5
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/6
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
controller T1 2/7
 framing esf
 linecode b8zs
 pri-group timeslots 1-24
!
!
!
interface Loopback0
 ip address 172.22.99.1 255.255.255.255
!
interface Loopback1
 ip address 172.22.90.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 171.68.186.55 255.255.255.240
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clockrate 2000000
!
interface Serial0/1
 no ip address
 shutdown
 clockrate 2000000
!
interface Serial2/0:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/1:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/2:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/3:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/4:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/5:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/6:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Serial2/7:23
 no ip address
 ip mroute-cache
 isdn switch-type primary-5ess
 isdn incoming-voice modem
 no cdp enable
!
interface Group-Async0
 no ip address
 group-range 1/00 1/107
!
ip classless
ip route 0.0.0.0 0.0.0.0 171.68.186.49
no ip http server
!
!
banner login ^C
This is a secured device.
Unauthorized use is prohibited by law.
^C
!
line con 0
 logging synchronous
 transport input none
line aux 0
line vty 0 4
line 1/00 1/107
 no flush-at-activation
 no logging synchronous
 modem InOut
!
scheduler allocate 10000 400
end
 
5400-NAS# 

 What to do Next

 
 Perform the tasks in the section "Verifying Modem Performance."





hometocprevnextglossaryfeedbacksearchhelp


Posted: Thu Sep 21 18:31:15 PDT 2000

Copyright 1989-2000©Cisco Systems Inc.