|
|
This appendix contains sample configurations for the NAS you will be using with the Cisco DialOut Utility, Release 2.0. The Cisco DialOut Utility can be used with any NAS that supports Class 2 faxing.
For more information on setting up and configuring your NAS, see the documentation for your NAS and the Telnet Extensions for Dialout supplement to your Cisco IOS documentation.
! version 11.3 service timestamps debug datetime msec localtime no service udp-small-servers service tcp-small-servers ! hostname 2500-DialOut ! enable secret 5 $1$WG3K$8ZhlhHUG6hx4U3U2KFPyW0 enable password abc ! ip domain-name cisco.com ip name-server 10.0.0.0 ip address-pool local ! interface Ethernet0 ip address 10.0.0.1 255.255.255.0 no ip mroute-cache no ip route-cache no lat enabled no mop enabled ! interface Serial0 no ip address no ip mroute-cache no ip route-cache shutdown ! interface Serial1 no ip address no ip mroute-cache no ip route-cache shutdown ! interface Group-Async1 ip unnumbered Ethernet0 no ip mroute-cache encapsulation ppp no ip route-cache async default routing async dynamic address async mode interactive peer default ip address pool local dialer in-band no cdp enable ppp authentication chap group-range 1 8 ! interface Dialer0 no ip address no ip mroute-cache no ip route-cache no cdp enable ! router eigrp 109 network 10.2.0.0 no auto-summary ! ip local pool local 10.1.1.1 10.1.1.5 ip default-gateway 10.1.1.2 no ip classless ip route 10.2.2.2 255.255.255.224 10.1.1.1 ip route 10.3.3.3 255.255.255.224 10.4.4.4 ! line con 0 exec-timeout 0 0 line 1 8 refuse-message ^C [!NMM!] No Modems Available ^C modem InOut rotary 1 transport preferred telnet transport input all rxspeed 115200 txspeed 115200 flowcontrol hardware line aux 0 line vty 0 4 password abc login ! end
Following is a sample configuration file for a Cisco AS2509 access server using authentication, authorization, and accounting (AAA) that you can use with the Cisco DialOut Utility. Edit the example to reflect your own configuration.
version 11.3 service timestamps debug datetime msec localtime; Helpful for accurate debug based on timestamps no service udp-small-servers service tcp-small-servers ! hostname 2500-DialOut ! aaa new-model aaa authentication local-override aaa authentication login dialout local aaa authentication enable default enable aaa authentication ppp dialup local aaa authorization reverse-access none enable password cisco ! username admin password 7 02050D480809 username dialout password 7 110A1016141D4B4C44 ip address-pool localpool ! interface Ethernet0 ip address 10.1.1.40 255.255.255.0 no ip mroute-cache no ip route-cache no lat enabled no mop enabled ! interface Serial0 no ip address no ip mroute-cache shutdown ! interface Serial1 no ip address shutdown ! interface Dialer0 no ip address no ip mroute-cache no ip route-cache no cdp enable ! interface Group-Async1 ip unnumbered Ethernet0 no ip mroute-cache encapsulation ppp no ip route-cache async default routing async dynamic address async mode interactive peer default ip address pool local dialer in-band no cdp enable ppp authentication chap group-range 1 8 ! interface Dialer0 no ip address no ip mroute-cache no ip route-cache no cdp enable ! router rip network 10.0.0.0 ! ip local pool localpool 10.1.1.50 10.1.1.60 no ip classless ! line 1 4 login authentication dialout refuse-message ^C [!NMM!] No Modems Available ^C modem InOut rotary 1 transport preferred telnet transport input all rxspeed 115200 txspeed 115200 flowcontrol hardware ! line 5 8 login authentication dialout no exec refuse-message ^CCC [!NMM!] No modems available ^C modem InOut rotary 1 transport preferred telnet transport input all rxspeed 38400 txspeed 38400 flowcontrol hardware line aux 0 line vty 0 4 password cisco login authentication dialout ! end
version 11.3 service timestamps debug datetime msec localtime no service password-encryption service udp-small-servers service tcp-small-servers ! hostname 5XXX-1 ! enable password cisco ! username root password 7 123456789012 username cisco password 7 223456789012 modem startup-test no ip domain-lookup isdn switch-type primary-5ess ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 ! controller T1 1 shutdown framing esf clock source line secondary linecode b8zs pri-group timeslots 1-24 ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip route-cache no ip mroute-cache no lat enabled ! interface Serial0 no ip address no ip route-cache no ip mroute-cache shutdown no fair-queue ! interface Serial1 no ip address no ip route-cache no ip mroute-cache shutdown ! interface Serial0:23 ip address 10.15.2.80 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache no keepalive dialer idle-timeout 400 dialer map ip 10.15.2.60 6661210 dialer-group 1 isdn incoming-voice modem peer default ip address pool setup_pool no fair-queue no cdp enable ppp authentication chap ppp multilink ! interface Serial1:23 no ip address no ip route-cache no ip mroute-cache shutdown ! interface Group-Async1 ip unnumbered Ethernet0 encapsulation ppp no ip route-cache no ip mroute-cache async dynamic address async dynamic routing async mode interactive peer default ip address pool setup_pool ppp authentication chap pap group-range 1 48 ! interface Dialer0 no ip address no ip route-cache no ip mroute-cache dialer-group 1 ! ip local pool setup_pool 10.1.1.2 10.1.1.4 ip classless dialer-list 1 protocol ip permit ! line con 0 exec-timeout 0 0 password cisco logging synchronous line 1 48 refuse-message ^C [!NMM!] No Modems Available ^C exec-timeout 0 0 autoselect during-login autoselect ppp modem InOut transport preferred telnet transport input all line aux 0 line vty 0 4 exec-timeout 0 0 password cisco line vty 5 6 password cisco ! scheduler interval 1000 end
Following is a sample configuration file for Cisco AS5xxx series access servers that you can use with the Cisco DialOut Utility. See the README.DOC file or CCO for specific information on which platforms and Cisco IOS versions are supported. Edit the example to reflect your own configuration.
version 11.3 service timestamps debug datetime msec localtime no service password-encryption service udp-small-servers service tcp-small-servers ! hostname 5XXX-1 ! aaa new-model aaa authentication login default tacacs+ aaa authentication login noaaa local aaa authentication login logintac tacacs+ aaa authentication ppp ppptac tacacs+ aaa authentication ppp paplocal local aaa authorization exec tacacs+ aaa authorization network tacacs+ aaa authorization reverse-access tacacs+ aaa accounting exec start-stop tacacs+ aaa accounting network start-stop tacacs+ aaa accounting update newinfo enable password cisco ! username root password 7 123456789012 username cisco password 7 223456789012 modem startup-test no ip domain-lookup isdn switch-type primary-5ess ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 ! controller T1 1 shutdown framing esf clock source line secondary linecode b8zs pri-group timeslots 1-24 ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip route-cache no ip mroute-cache no lat enabled ! interface Serial0 no ip address no ip route-cache no ip mroute-cache shutdown no fair-queue ! interface Serial1 no ip address no ip route-cache no ip mroute-cache shutdown ! interface Serial0:23 ip address 10.15.2.80 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache no keepalive dialer idle-timeout 400 dialer map ip 10.15.2.60 6661210 dialer-group 1 isdn incoming-voice modem peer default ip address pool setup_pool no fair-queue no cdp enable ppp authentication chap ppptac ppp multilink ! interface Serial1:23 no ip address no ip route-cache no ip mroute-cache shutdown ! interface Group-Async1 ip unnumbered Ethernet0 encapsulation ppp no ip route-cache no ip mroute-cache async dynamic address async dynamic routing async mode interactive peer default ip address pool setup_pool ppp authentication chap pap paplocal group-range 1 48 ! interface Dialer0 no ip address no ip route-cache no ip mroute-cache dialer-group 1 ! ip local pool setup_pool 10.1.1.2 10.1.1.4 ip classless dialer-list 1 protocol ip permit ! tacacs-server host 10.4.1.10 tacacs-server timeout 20 tacacs-server key nas1 ! line con 0 exec-timeout 0 0 password cisco logging synchronous login authentication noaaa line 1 48 refuse-message ^C [!NMM!] No Modems Available ^C exec-timeout 0 0 autoselect during-login autoselect ppp modem InOut transport preferred telnet transport input all line aux 0 line vty 0 4 exec-timeout 0 0 password cisco login authentication logintac line vty 5 6 password cisco ! scheduler interval 1000 end
In order to use the aaa authorization reverse access command with CiscoSecure ACS for UNIX, the profile for the Cisco DialOut Utility user must contain the following lines. The lines must be entered exactly as shown.
{
{
profile_cycle=10
profile_id=19
member=Telnet_Users
password=chap "*****"
password=clear "cisco"
service = raccess {
set port#3 = 5XXX-1/tty1
}
}
For additional information, including information for CiscoSecure ACS for Windows NT users, see the README.DOC file and your CiscoSecure documentation.
Posted: Tue Sep 21 16:57:00 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.