|
|
Protocol translation provides transparent translation between systems running different protocols. The Cisco IOS software supports two-way virtual terminal protocol translation between nodes running X.25, LAT, and Telnet.
This chapter describes the commands that you use to configure protocol translation.
For protocol translation configuration information and examples, see the Access Services Configuration Guide.
To log the X.121 calling address, Call User Data (CUD), and the IP address assigned to a VTY asynchronous connection, use the service pt-vty-logging global configuration command. Use the no form of this command to disable this function.
service pt-vty-loggingThis command has no arguments or keywords.
This feature is disabled.
Global configuration
This command first appeared in Cisco IOS Release 11.2.
This command permits you to log the X.121 calling address, Call User Data (CUD), and the IP address assigned to a VTY asynchronous connection and direct this information to the console, an internal buffer, or a UNIX syslog server, depending on the logging configuration command you use. This authentication information can be used to associate an incoming PAD VTY-asynchronous connection with an IP address.
The following example enables you to log the X.121 calling address, Call User Data (CUD), and the IP address assigned to a VTY asynchronous connection and save this information to a syslog server:
service pt-vty-logging
The following is sample output from the service pt-vty-logging command:
01:24:31: PAD18: call from 00011890 on LCI 10 PID 1 0 0 0 CUD "foo"
Table 72 describes the fields shown in the output.
| Field | Description |
|---|---|
| 01:24:31: | Time stamp. |
| PAD18: | Active VTY line number using the PAD connection. |
| 00011890 | The source/calling address. |
| on LCI 10 | Incoming call is initiated on Logical Channel 10. |
| PID 1 0 0 0 | The PAD Protocol Identifier is "01000000." |
| CUD "foo" | Call User Data "foo." If no CUD is available, this field will appear as follows:
CUD "" |
logging
logging buffered
To view translation sessions that have been configured, use the show translate global configuration command:
show translateThis command has no arguments or keywords.
Privileged EXEC
This command first appeared in Cisco IOS Release 10.3.
The display from this command shows each translation session set up on the router. It shows the incoming device and virtual terminal protocol as well as the outgoing device and protocol.
The show translate output in this sample display is based on the following translation command configured:
translate x25 3131415912345 ppp ip-pool scope-name cardinal keepalive 0
Router# show translate
Translate From: x25 3131415912345
To: PPP ip-pool scope-name cardinal keepalive 0
1/1 users active, 1 peak, 1 total, 0 failures
Table 73 describes fields shown in the display.
| Field | Description |
|---|---|
| Translate From: x25 3131415912345 | Protocol (X.25) and address (3131415912345) of the incoming device. |
| To: PPP | The virtual terminal protocol (PPP). |
| ip-pool | Obtain an IP address from a DHCP proxy client or a local pool. |
| scope-name cardinal | Specific local scope name (cardinal) from which to obtain an IP address. |
| keepalive 0 | Indicates that keepalive updates have been disabled for the current translation session. |
| 1/1 users active | Number of users active over the total number of users. |
| 1 peak | Maximum number of translate sessions up at any given time. |
| 1 total | Total number of translation sessions. |
| 0 failures | Number of failed translation attempts resulting from this configuration. |
The show translate output in this sample display is based on the following translation command configured:
translate x25 31301234 PPP 192.168.14.23 ipx-client Loopback0
Router# show translate
Translate From: x25 31301234
To: PPP 192.168.14.23 ipx-client Loopback0
1/1 users active, 1 peak, 1 total, 0 failures
Table 74 describes fields shown in the display.
| Field | Description |
|---|---|
| Translate From: x25 31301234 | Protocol (X.25) and address (31301234) of the incoming device. |
| To: PPP 192.168.14.23 | The virtual terminal protocol (PPP) and IP address of the outgoing device. |
| ipx-client loopback0 | Indicates that loopback interface 0 has been configured in client mode. |
| 1/1 users active | Number of users active over the total number of users. |
| 1 peak | Maximum number of translate sessions up at any given time. |
| 1 total | Total number of translation sessions. |
| 0 failures | Number of failed translation attempts resulting from this configuration. |
When receiving a LAT connection request to a service name, the Cisco router can automatically translate the request to another outgoing protocol connection type. To set this up, use the translate global configuration command.
translate lat incoming-service-name [in-option] protocol outgoing-address [out-options]| incoming-service-name | A LAT service name. When used on the incoming portion, service-name is the name of the service that users specify when trying to make a translated connection. This name can match the name of final destination resource, but this is not required. This can be useful when making remote translated connections. |
| protocol outgoing-address | A protocol name followed by an IP address or host name. The host name is translated to an IP address during configuration, unless you use the tcp host-name option, which allows load balancing by dynamically resolving an IP address from a host name. These arguments can have the following values: |
| · x25 X.121-address--X.25 and an X.121 address. The X.121 address must conform to specifications provided in the CCITT 1984 Red Book. This number generally consists of a portion that is administered by the PDN and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses will generally be subaddresses of the X.121 address for the X.25 network interface. Typically, the interface address will be a 12-digit number. Any additional digits are interpreted as a subaddress. The PDN still routes these calls to the interface, and the Cisco IOS software itself is responsible for dealing with the extra digits appropriately. | |
| · tcp ip-address--TCP/IP Telnet and a standard IP address or host name. The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS) or explicit specification in an ip host command. | |
| · slip ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). | |
| · ppp ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). | |
| · autocommand--Enables you to specify a string for an outgoing connection. The string executes upon connection to a host. If you want to enable ARA on an outgoing connection, you need to specify autocommand arap. The autocommand option is necessary for ARA, because ARA does not use addressing, and autocommand permits you to invoke the arap string. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (" ") around the string. For example, if you specify autocommand tn3270 abracadabra, you must enclose tn3270 abracadabra in quotes. The autocommand option applies only to outgoing connections. You can issue any EXEC command and any switch or host name as an argument to the autocommand option. | |
| in-option | (Optional) Incoming connection request option: |
| · unadvertised--Prevents service advertisements from being broadcast to the network. This can be useful, for example, when you define translations for many printers, and you do not want these services advertised to other LAT terminal servers. (VMS systems will be able to connect to the service even though it is not advertised.) | |
| out-options | (Optional) Incoming and outgoing connection request options. These arguments can have the following values: |
| X.25 translation options: | |
| · cud c-u-data--Sends the specified Call User Data (CUD) text (c-u-data) as part of an outgoing call request after the protocol identification bytes. | |
| · no-reverse--Specifies that outgoing calls are not to use reverse charging, when the interface default is that all outgoing calls are reverse charged. | |
| · profile profile--Sets the X.3 PAD parameters as defined in the profile created by the x29 profile command. | |
| · reverse--Provides reverse charging for X.25 on a per-call rather than a per-interface basis. Requests reverse charges on a specified X.121 address, even if the serial interface is not configured to request reverse charge calls. This is an outgoing option only. | |
| Telnet TCP translation option: | |
| · port number--For incoming connections, number of the port to match. The default is port 23 (any port). For outgoing connections, number of the port to use. The default is port 23 (Telnet). | |
| SLIP and PPP translation options: | |
| · ip-pool--Obtain an IP address from a DHCP proxy client or a local pool. If the scope-name option is not specified, the address is obtained from a DHCP proxy client. If the scope-name option is specified, the IP address is obtained from the specified local pool. | |
| · scope-name--Specific local scope name from which to obtain an IP address. Can specify a range of IP addresses. | |
| · header-compression [passive]--Implements header compression on IP packets only. The option passive for SLIP connections permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive option) permits compression on all traffic. | |
| · routing--Permits routing updates between connections. This option is required if the destination device is not on a subnet connected to one of the interfaces on the router. | |
| · mtu bytes--Permits you to change the maximum transmission unit (MTU) of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is 64 through 1,000,000 bytes. | |
| More PPP translation options: | |
| · keepalive number-of-seconds--Permits you to specify the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and are sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in show running-config or show translate output. | |
| · authentication {chap | pap}--Use CHAP or PAP authentication for PPP on virtual asynchronous interfaces. If you specify both options, order is significant; the system will try to use the first authentication type, then the second. Refer to the "Terminal Lines and Modem Support" chapter in this publication for more information about enabling authentication on virtual asynchronous interfaces. | |
| · ppp use-tacacs--Enables TACACS authentication for CHAP or PAP on virtual asynchronous interfaces (for PPP only; TACACS authentication is not supported for SLIP). | |
| · ipx loopback number--Permits clients running IPX-PPP over X.25 to connect through virtual terminal (VTY) lines on the router. The loopback number option specifies the loopback interface to be created. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the VTY line. The VTY line is assigned to the loopback interface. For more information about configuring IPX on VTY lines, refer to the section "Enable IPX-PPP on Virtual Asynchronous Interfaces" in the chapter "Configuring SLIP and PPP." | |
| global-options | (Optional) Translation options that can be used by any connection type. It can be one or more of the following: |
| · access-class number--Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is the number (integer) previously assigned to an access list. The standard access list is 1-99. | |
| · max-users number--Limits the number of simultaneous users of the translation to number (an integer you specify). | |
| · local--Allows Telnet protocol negotiations to not be translated. | |
| · rotor--Provides a basic load sharing of the IP destinations. | |
| · login--Requires that the user log in before the outgoing connection is made. This type of login is specified on the VTY lines with the login command. | |
| · quiet--Suppresses printing of user-information messages. |
No default translation parameters
Global configuration
This command first appeared in Cisco IOS Release 10.0.
Table 75 provides a visual aid for the translate lat command. You define protocol translation connections by supplying a protocol keyword and the address, hostname, or service name, followed by optional features. Global options apply to most connection types, but there are exceptions.
| Incoming Protocol | Options | Outgoing Protocol | Options | Global Options | |
|---|---|---|---|---|---|
| translate | protocol incoming-address | [in-options] | protocol outgoing-address | [out-options] | [global-options] |
| lat service-name | unadvertised | x25 x.121-address | cud c-u-data | access-class number | |
| no-reverse | max-users number | ||||
| profile profile | local | ||||
| reverse | login | ||||
| tcp ip-address | port number | quiet | |||
| host-name name | |||||
| multibyte-IAC | |||||
| slip ip-address | ip-pool [scope-name name] | ||||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| ppp ip-address | ip-pool [scope-name name] | ||||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| authentication {pap | chap} | |||||
| ppp use-tacacs | |||||
| ipx loopback number | |||||
| autocommand [arap | exec-string] |
| ||||
The following example illustrates incoming LAT to outgoing TCP translations. The unadvertised keyword prevents broadcast of service advertisements to other servers. Outgoing translated packets are transmitted to IP host rubble, TCP port 4005.
translatelat pt-printer1unadvertisedtcp rubble port 4005incoming option outgoing option
The following example translates LAT on an incoming line to SLIP on an outgoing line. It uses header compression only if incoming TCP packets on the same interface are compressed.
translate lat rudolph slip 10.0.0.4 header-compression
incoming outgoing option
The following example first shows the command to disable keepalive packets on a PPP line, then shows sample output from the show translate command when keepalive packets have been turned off on the line.
translate lat ramble ppp 172.21.2.2 keepalive 0
.
.
.
Router# show translate
Translate From: LAT ramble
To: PPP 172.21.2.2 keepalive 0
0/0 users active, 0 peak, 0 total, 0 failures
show translate
translate tcp
translate x25
x29 access-list
x29 profile
When receiving a TCP connection request to a particular destination address or host name, the Cisco router can automatically translate the request to another outgoing protocol connection type. To set this up, use the translate global configuration command.
translate tcp incoming-address [in-options] protocol outgoing-address [out-options]| incoming-address | TCP/IP Telnet and a standard IP address or host name. The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS) or explicit specification in an ip host command. |
| protocol outgoing-address | Name of a protocol followed by a service name, IP address, or host name. The host name is translated to an IP address during configuration. These arguments can have the following values: |
| · lat service-name--LAT and a LAT service name. You must learn the service name, through LAT service advertisements, before you can use it. | |
| · x25 X.121-address--X.25 and an X.121 address. The X.121 address must conform to specifications provided in the CCITT 1984 Red Book. This number generally consists of a portion that is administered by the PDN and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses will generally be subaddresses of the X.121 address for the X.25 network interface. | |
| · slip ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). The slip argument applies only to outgoing connections; SLIP is not supported on incoming protocol translation connections. | |
| · ppp ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). The ppp argument applies only to outgoing connections; PPP is not supported for incoming protocol translation connections. | |
| · autocommand--Enables you to specify a string for an outgoing connection. The string executes upon connection to a host. If you want to enable ARA on an outgoing connection, you need to specify autocommand arap. The autocommand option is necessary for ARA, because ARA does not use addressing, and autocommand permits you to invoke the arap string. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (" ") around the string. For example, if you specify autocommand tn3270 abracadabra, you must enclose tn3270 abracadabra in quotes. The autocommand option applies only to outgoing connections. You can issue any EXEC command and any switch or host name as an argument to the autocommand option. | |
| in-options | (Optional) Incoming connection request options. These arguments can have the following values: |
| Telnet TCP translation options: | |
| · binary--Negotiates Telnet binary mode on the Telnet connection. (This was the default in previous versions of the protocol translation software and is set automatically when you enter at translate command in the old format.) | |
| · port number--For incoming connections, number of the port to match. The default is port 23 (any port). For outgoing connections, number of the port to use. The default is port 23 (Telnet). | |
| · printer--Supports LAT and X.25 printing over a TCP network among multiple sites. Causes the protocol translation software to delay the completion of an incoming Telnet connection until after the outgoing protocol connection (to LAT or X.25) has been successfully established. An unsuccessful outgoing connection attempt results in the TCP connection to the router being refused, rather than being accepted and then closed, which is the default behavior. Note that using this option will force the global option quiet to be applied to the translation. | |
| · stream--Performs stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process or generate any Telnet options, and prevents Telnet processing of the data stream as well. This option might be useful for connections to ports running UUCP or other non-Telnet protocols, or to ports connected to printers. For ports connected to printers using Telnet, the stream option prevents some of usual problems associated with using Telnet for printers, such as strange things happening to bare carriage returns or line feeds and echoing of data back to VMS systems. | |
| out-options | (Optional) Outgoing connection request options. These arguments can have the following values: |
| LAT translation options: | |
| · node node-name--Connects to the specified node (node-name) that offers a service. By default, the connection is made to the highest-rated node that offers the service. | |
| · port port-name--Destination LAT port name (port-name) in the format of the remote system. This parameter is usually ignored in most timesharing systems, but is used by terminal servers that offer reverse-LAT services. | |
| X.25 translation options: | |
| · cud c-u-data--Sends the specified Call User Data (CUD) text (c-u-data) as part of an outgoing call request after the protocol identification bytes. | |
| · no-reverse--Specifies that outgoing calls are not to use reverse charging, when the interface default is that all outgoing calls are reverse charged. | |
| · profile profile--Sets the X.3 PAD parameters as defined in the profile created by the x29 profile command. | |
| · reverse--Provides reverse charging for X.25 on a per-call rather than a per-interface basis. Requests reverse charges on a specified X.121 address, even if the serial interface is not configured to request reverse charge calls. This is an outgoing option only. | |
| SLIP and PPP translation options: | |
| · ip-pool--Obtain an IP address from a DHCP proxy client or a local pool. If the scope-name option is not specified, the address is obtained from a DHCP proxy client. If the scope-name option is specified, the IP address is obtained from the specified local pool. | |
| · scope-name--Specific local scope name from which to obtain an IP address. Can specify a range of IP addresses. | |
| · header-compression [passive]--Implements header compression on IP packets only. The option passive for SLIP connections permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive option) permits compression on all traffic. | |
| · routing--Permits routing updates between connections. This option is required if the destination device is not on a subnet connected to one of the interfaces on the router. | |
| · mtu bytes--Permits you to change the maximum transmission unit (MTU) of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is 64 through 1,000,000 bytes. | |
| More PPP translation options: | |
| · keepalive number-of-seconds--Permits you to specify the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and are sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in show running-config or show translate output. | |
| · authentication {chap | pap}--Use CHAP or PAP authentication for PPP on virtual asynchronous interfaces. If you specify both options, order is significant; the system will try to use the first authentication type, then the second. Refer to the "Terminal Lines and Modem Support" chapter in this publication for more information about enabling authentication on virtual asynchronous interfaces. | |
| · ppp use-tacacs--Enables TACACS authentication for CHAP or PAP on virtual asynchronous interfaces (for PPP only; TACACS authentication is not supported for SLIP). | |
| · ipx loopback number--Permits clients running IPX-PPP over X.25 to connect through virtual terminal (VTY) lines on the router. The loopback number option specifies the loopback interface to be created. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the VTY line. The VTY line is assigned to the loopback interface. For more information about configuring IPX on VTY lines, refer to the section "Enable IPX-PPP on Virtual Asynchronous Interfaces" in the chapter "Configuring SLIP and PPP." | |
| global-options | (Optional) Translation options that can be used by any connection type. It can be one or more of the following: |
| · access-class number--Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is the number (integer) previously assigned to an access list. The standard access list is 1-99. | |
| · max-users number--Limits the number of simultaneous users of the translation to number (an integer you specify). | |
| · local--Allows Telnet protocol negotiations to not be translated. | |
| · rotor--Provides a basic load sharing of the IP destinations. | |
| · login--Requires that the user log in before the outgoing connection is made. This type of login is specified on the VTY lines with the login command. | |
| · quiet--Suppresses printing of user-information messages. |
No default translation parameters
Global configuration
This command first appeared in Cisco IOS Release 11.2.
Table 76 provides a visual aid for understanding how to use the translate tcp command. As the table illustrates, you define the protocol translation connections by choosing a protocol keyword and supplying the appropriate address, host name, or service name. The protocol connection information is followed by optional features for that connection, as appropriate. For example, the binary option is only appropriate with TCP/IP connections. The global options, in general, apply to all the connection types, but there are exceptions.
| Incoming Protocol | Options | Outgoing Protocol | Options | Global Options | |
|---|---|---|---|---|---|
| translate | protocol incoming-address | [in-options] | protocol outgoing-address | [out-options] | [global-options] |
| tcp ip-address | host_name | port number | lat service-name | node node-name | access-class number | |
| binary | port port-name | max-users number | |||
| stream | x25 x.121-address | cud c-u-data | local | ||
| printer | no-reverse | login | |||
| profile profile | quiet | ||||
| reverse | |||||
| slip ip-address | ip-pool [scope-name name] | ||||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| ppp ip-address | ip-pool | ||||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| authentication {pap | chap} | |||||
| ppp use-tacacs | |||||
| ipx loopback number | |||||
| autocommand [arap | exec-string] |
| ||||
The following example illustrates the use of the TCP incoming protocol option printer for an incoming TCP connection.
translatetcp 172.19.32.250printerx25 5678incomingoption outgoing
The following example permits clients running IPX/PPP to connect through the device's VTY lines to a server running PPP.
interface loopback0 no ip address ipx network 544 ipx sap-interval 2000 ! translate tcp 172.21.14.67 port 1234 ppp 10.0.0.2 ipx loopback0 ! incoming outgoing option
show translate
translate lat
translate x25
x29 access-list
x29 profile
When receiving a X.25 connection request to a particular destination address, the Cisco router can automatically translate the request to another outgoing protocol connection type. To set this up, use the translate global configuration command.
translate x25 incoming-address [in-options] protocol outgoing-address [out-options]| incoming-address | X.25 and an X.121 address. The X.121 address must conform to specifications provided in the CCITT 1984 Red Book. This number generally consists of a portion that is administered by the PDN and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses will generally be subaddresses of the X.121 address for the X.25 network interface. Typically, the interface address will be a 12-digit number. Any additional digits are interpreted as a subaddress. The PDN still routes these calls to the interface, and the Cisco IOS software itself is responsible for dealing with the extra digits appropriately. Do not use the same address on the interface and for translation. |
| protocol outgoing-address | Name of a protocol followed by a service name, IP address, or host name. The host name is translated to an IP address during configuration, unless you use the tcp host-name option, which allows load balancing by dynamically resolving an IP address from a host name. These arguments can have the following values: |
| · lat service-name--LAT and a LAT service name. You must learn the service name, through LAT service advertisements, before you can use it. | |
| · tcp ip-address--TCP/IP Telnet and a standard IP address or host name. The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS) or explicit specification in an ip host command. | |
| · slip ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). The slip argument applies only to outgoing connections; SLIP is not supported on incoming protocol translation connections. | |
| · ppp ip-address--The argument ip-address is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS). The ppp argument applies only to outgoing connections; PPP is not supported for incoming protocol translation connections. | |
| · autocommand--Enables you to specify a string for an outgoing connection. The string executes upon connection to a host. If you want to enable ARA on an outgoing connection, you need to specify autocommand arap. The autocommand option is necessary for ARA, because ARA does not use addressing, and autocommand permits you to invoke the arap string. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (" ") around the string. For example, if you specify autocommand tn3270 abracadabra, you must enclose tn3270 abracadabra in quotes. The autocommand option applies only to outgoing connections. You can issue any EXEC command and any switch or host name as an argument to the autocommand option. | |
| in-options | (Optional) Incoming connection request options. These arguments can have the following values: |
| · cud c-u-data--Sends the specified Call User Data (CUD) text (c-u-data) as part of an outgoing call request after the protocol identification bytes. | |
| · profile profile--Sets the X.3 PAD parameters as defined in the profile created by the x29 profile command. | |
| · accept-reverse--Accepts reverse charged calls on an X.121 address even if the serial interface is not configured to accept reverse charged calls. This is an incoming option only. | |
| · printer--Supports LAT and TCP printing over an X.25 network among multiple sites. Provides an "interlock mechanism" between the acceptance of an incoming X.25 connection and the opening of an outgoing LAT or TCP connection. The option causes the Cisco IOS software to delay the call confirmation of an incoming X.25 call request until the outgoing protocol connection (to TCP or LAT) has been successfully established. An unsuccessful outgoing connection attempt to the router results in the incoming X.25 connection being refused, rather than being confirmed and then cleared, which is the default behavior. Note that using this option will force the global option quiet to be applied to the translation. | |
| · pvc number--Specifies that the incoming connection (identified by the argument number) is actually a permanent virtual circuit (PVC). | |
| out-options | (Optional) Outgoing connection request options. These arguments can have the following values: |
| LAT translation options: | |
| · node node-name--Connects to the specified node (node-name) that offers a service. By default, the connection is made to the highest-rated node that offers the service. | |
| · port port-name--Destination LAT port name (port-name) in the format of the remote system. This parameter is usually ignored in most timesharing systems, but is used by terminal servers that offer reverse-LAT services. | |
| Telnet TCP translation options: | |
| · port number--For incoming connections, number of the port to match. The default is port 23 (any port). For outgoing connections, number of the port to use. The default is port 23 (Telnet). | |
| SLIP and PPP translation options: | |
| · ip-pool--Obtain an IP address from a DHCP proxy client or a local pool. If the scope-name option is not specified, the address is obtained from a DHCP proxy client. If the scope-name option is specified, the IP address is obtained from the specified local pool. | |
| · scope-name--Specific local scope name from which to obtain an IP address. Can specify a range of IP addresses. | |
| · header-compression [passive]--Implements header compression on IP packets only. The option passive for SLIP connections permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive option) permits compression on all traffic. | |
| · routing--Permits routing updates between connections. This option is required if the destination device is not on a subnet connected to one of the interfaces on the router. | |
| · mtu bytes--Permits you to change the maximum transmission unit (MTU) of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is 64 through 1,000,000 bytes. | |
| PPP translation options: | |
| · keepalive number-of-seconds--Permits you to specify the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and are sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in show running-config or show translate output. | |
| · authentication {chap | pap}--Use CHAP or PAP authentication for PPP on virtual asynchronous interfaces. If you specify both options, order is significant; the system will try to use the first authentication type, then the second. Refer to the "Terminal Lines and Modem Support" chapter in this publication for more information about enabling authentication on virtual asynchronous interfaces. | |
| · ppp use-tacacs--Enables TACACS authentication for CHAP or PAP on virtual asynchronous interfaces (for PPP only; TACACS authentication is not supported for SLIP). | |
| · ipx loopback number--Permits clients running IPX-PPP over X.25 to connect through virtual terminal (VTY) lines on the router. The loopback number option specifies the loopback interface to be created. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the VTY line. The VTY line is assigned to the loopback interface. For more information about configuring IPX on VTY lines, refer to the section "Enable IPX-PPP on Virtual Asynchronous Interfaces" in the chapter "Configuring SLIP and PPP." | |
| global-options | (Optional) Translation options that can be used by any connection type. It can be one or more of the following: |
| · access-class number--Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is the number (integer) previously assigned to an access list. The standard access list is 1-99. | |
| · max-users number--Limits the number of simultaneous users of the translation to number (an integer you specify). | |
| · local--Allows Telnet protocol negotiations to not be translated. | |
| · login--Requires that the user log in before the outgoing connection is made. This type of login is specified on the VTY lines with the login command. | |
| · rotor--Provides a basic load sharing of the IP destinations. | |
| · quiet--Suppresses printing of user-information messages. | |
| · swap--Allows X.3 parameters to be set on the router by the host originating the X.25 call, or by an X.29 profile. This allows incoming and outgoing X.25 connections to be swapped so that the device is treated like a PAD when it accepts a call. By default, the router functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. The swap keyword allows connections from an X.25 host that wants to connect to the router, and then treats it like a PAD. For X.25-to-TCP translations only. |
No default translation parameters
Global configuration
This command first appeared in Cisco IOS Release 10.0.
Table 77 provides a visual aid for understanding how to use the translate x25 command. As the table illustrates, you define the protocol translation connections by choosing a protocol keyword and supplying the appropriate address or service name. The protocol connection information is followed by optional features for that connection, as appropriate. The global options, in general, apply to all the connection types, but there are exceptions. The swap keyword, for example, is for X.25 to TCP translations only. See the examples for more explanations on how to enter this command.
| Incoming Protocol | Options | Outgoing Protocol | Options | Global Options | |
|---|---|---|---|---|---|
| translate | protocol incoming-address | [in-options] | protocol outgoing-address | [out-options] | [global-options] |
| x25 x.121-address | cud c-u-data | lat service-name | node node-name | access-class number | |
| profile profile | port port-name | max-users number | |||
| accept-reverse | tcp ip-address | port number | local | ||
| printer | host-name name | login | |||
| pvc number | multibyte-IAC | quiet | |||
| slip ip-address | ip-pool [scope-name name] | swap | |||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| ppp ip-address | ip-pool | ||||
| headercompression [passive] | |||||
| routing | |||||
| keepalive number-of-seconds | |||||
| mtu bytes | |||||
| authentication {pap | chap} | |||||
| ppp use-tacacs | |||||
| ipx loopback number | |||||
| autocommand [arap | exec-string] |
| ||||
The following example illustrates a simple X.25 to TCP translation command. Packets coming in X.25 address 652365123 arrive via PVC 1 and are translated to TCP packets and transmitted out IP address 172.16.1.1.
translatex25 652365123pvc 1tcp 172.16.1.1incomingoption outgoing
The following example illustrates a more complex configuration that calls an X.29 profile and swaps the default PAD operation of the router to that of an X.25 host. The name of the profile is fullpackets.
x29 profile fullpackets 2:0 3:0 4:100 7:21translatex25 217536124profile fullpacketstcp rubbleport 4006swapincoming option outgoing option global
The following example illustrates the use of the X.25 incoming protocol option printer for an incoming X.25 connection.
translatex25 55555printertcp 172.16.1.1incomingoption outgoing
The following example translates x25 packets to PPP. It enables routing updates between the two connections.
translate x25 12345678 ppp 10.0.0.2 routing
incoming outgoing option
The following example permits clients running ARA to connect through the devices's VTY lines to an AppleTalk network.
appletalk routing translate x25 12345678 autocommand arap ! incoming outgoing arap enable arap dedicated arap timelimit 45 arap warningtime 5 arap noguest arap require-manual-password arap net-access-list 614
The following example specifies IP pooling from a DHCP server named ludicrous. It then specifies that incoming TCP traffic be translated to SLIP. The DHCP server will dynamically assign IP addresses on the outgoing sessions.
ip address-pool dhcp-proxy-client ip dhcp-server ludicrous translate x25 5467835 ppp ip-pool scope-name ludicrous
The following example specifies a local IP pool named scandal with IP addresses ranging from 172.18.10.10 through 172.18.10.110. It then specifies that incoming X.25 traffic be translated to PPP. The local IP pool scandal will be used to dynamically assign IP addresses on the outgoing sessions.
ip-pool scandal 172.18.10.10 172.18.10.110 translate x25 1234567 ppp ip-pool scope-name scandal
show translate
translate lat
translate tcp
x29 access-list
x29 profile
Use the x25 host global configuration command to define a static host name-to-address mapping. Use the no form of this command to remove the host name.
x25 host name x.121-address [cud call-user-data]| name | Host name. |
| x.121-address | X.121 address. |
| cud call-user-data | (Optional) Specifies the Call User Data (CUD) field in the X.25 Call Request packet. |
No static address mapping is defined.
Global configuration
This command first appeared in Cisco IOS Release 10.0.
This command permits you to map an X.121 address to an easily recognizable name. You can later use this host name instead of the X.121 address when you issue the translate command for X.25.
The following example specifies a static address mapping:
x25 host Willard 4085551212
The following example removes a static address mapping:
no x25 host Willard
The following example specifies static address mapping from the X.121 address 12345678 to the host name masala. It then uses the name masala in the translate command in place of the X.121 address when translating from the X.25 host to the PPP host with address 10.0.0.2.
x25 host masala 12345678 translate x25 masala ppp 10.0.0.2 routing
translate
| access-list-number | Number of the access list. It can be a value between 1 and 199. |
| deny | Denies access and clears call requests immediately. |
| permit | Permits access to the router. |
| regular-expression | Usually the X.121 address, with or without regular expression pattern-matching characters, with which to compare for access. |
No default access list is defined.
Global configuration
This command first appeared in Cisco IOS Release 10.0.
An access list can contain any number of access list items. The list are processed in the order in which you entered them, with the first match causing the permit or deny condition. If an X.121 address does not match any of the regular expression in the access list, access will be denied.
Access lists take advantage of the message field defined by Recommendation X.29, which describes procedures for exchanging data between two PADs or a PAD and a DTE device.
The UNIX-style regular expression characters allow for pattern matching of characters and character strings in the address. Various pattern-matching constructions are available that will allow many addresses to be matched by a single regular expressions. Refer to the "X.3 PAD Parameters" appendix later in this publication for more information.
The following example permits connections to hosts with addresses beginning with the string 31370:
x29 access-list 2 permit ^31370
| name | Name of the PAD profile script. |
| parameter:value | X.3 PAD parameter number and value separated by a colon. You can specify multiple parameter-value pairs. |
No default PAD profile script defined.
Global configuration
This command first appeared in Cisco IOS Release 10.0.
When an X.25 connection is established, the router acts as if an X.29 SET PARAMETER packet had been sent containing the parameters and values set by the x29 profile command and sets the router accordingly.
The following profile script turns local edit mode on when the connection is made and establishes local echo and line termination upon receipt of a Return. The name "linemode" is used with the translate global configuration command to effect use of this script.
x29 profile linemode 2:1 3:2 15:1
translate
|
|