Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS

XE 17

First Published: 2020-03-20

Last Modified: 2020-05-21

Americas Headquarters

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, CA 95134-1706

USA

http://www.cisco.com

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

CONTENTS

Preface xi

PREFACE

Objectives xi

Important Information on Features and Commands xi

Related Documentation

• Hardware Installation Guide for the Cisco Terminal Gateway

• Release Notes for the Cisco Terminal Gateway

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Commands

Cisco IOS XE commands are identical in look, feel, and usage to Cisco IOS commands on most platforms.

To find reference information for a specific Cisco IOS XE command, see the Cisco IOS Master Command

List, All Releases document.

Features

The router runs Cisco IOS XE software which is used on multiple platforms. For more information on the

available software features, see the configuration guides on the Cisco IOS XE 17 page.

To verify support for specific features, use the Cisco Feature Navigator tool. For more information, see Using

Cisco Feature Navigator, on page 56.

Document Conventions

This documentation uses the following conventions:

DescriptionConvention

The ^ and Ctrl symbols represent the Control key.

For example, the key combination ^D or Ctrl-D

means hold down the Control key while you press

the D key. Keys are indicated in capital letters but are

not case sensitive.

^ or Ctrl

A string is a nonquoted set of characters shown in

italics. For example, when setting an SNMP

community string to public, do not use quotation

marks around the string or the string will include the

quotation marks.

string

Command syntax descriptions use the following conventions:

DescriptionConvention

Bold text indicates commands and keywords that you

enter exactly as shown.

bold

Italic text indicates arguments for which you supply

values.

italics

Square brackets enclose an optional element (keyword

or argument).

[x]

A vertical line indicates a choice within an optional

or required set of keywords or arguments.

Square brackets enclosing keywords or arguments

separated by a vertical line indicate an optional choice.

[x | y]

Braces enclosing keywords or arguments separated

by a vertical line indicate a required choice.

{x | y}

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

xii

Preface

Document Conventions

Nested sets of square brackets or braces indicate optional or required choices within optional or required

elements. For example:

DescriptionConvention

Braces and a vertical line within square brackets

indicate a required choice within an optional element.

[x {y | z}]

Examples use the following conventions:

DescriptionConvention

Examples of information displayed on the screen are

set in Courier font.

screen

Examples of text that you must enter are set in Courier

bold font.

bold screen

Angle brackets enclose text that is not printed to the

screen, such as passwords.

< >

An exclamation point at the beginning of a line

indicates a comment line. (Exclamation points are

also displayed by the Cisco IOS XE software for

certain processes.)

Square brackets enclose default responses to system

prompts.

[ ]

Means reader be careful. In this situation, you might do something that could result in equipment damage or

loss of data.

Caution

Means reader take note. Notes contain helpful suggestions or references to materials that may not be contained

in this manual.

Note

Obtaining Documentation and Submitting a Service Request

• To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

• To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

• To submit a service request, visit Cisco Support.

• To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit

Cisco Marketplace.

• To obtain general networking, training, and certification titles, visit Cisco Press.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

xiii

Preface

Obtaining Documentation and Submitting a Service Request

• To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

xiv

Preface

CHAPTER 1

Introduction

The Cisco 1100 Terminal Services Gateway is a modular terminal gateway that provides asynchronous

connections to the console ports for different kinds of network devices such as Cisco third-party network

devices, and servers. The Cisco 1100 Terminal Services Gateway offers integrated asynchronous ports, optional

switching, and simplified Ethernet. It also supports secure tunnels, such as IPSec, generic routing encapsulation

(GRE), and Cisco Dynamic Multipoint VPN, all at scale.

The Cisco 1100 Services Terminal Gateway with the LAN and WAN connections can be configured by means

of interface modules and Network Interface Modules (NIMs).

The following features are provided for enterprise and service provider applications:

• Enterprise Applications

• High-end branch gateway

• Centralized Management

• Zero Touch Provisioning

• Mulit Tenant

• Role based access to server and session

• Regional site aggregation

• Key server or PfR master controller

• Device consolidation or "Rack in a Box"

• Service Provider Applications

• High-end managed services in Customer-Premises Equipment (CPE)

• Services consolidation platform

• Flexible customer edge terminal gateway

The Cisco 1100 Terminal Services Gateway runs Cisco IOS XE software, and uses software components in

many separate processes. This modular architecture increases network resiliency, compared to standard Cisco

IOS software.

• Sections in this Document, on page 2

• Processes, on page 2

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Sections in this Document

Table 1: Sections in this Document

DescriptionSection

Provides a high-level description of the router and

describes the main internal processes of the router.

Overview

Describes the basics of using Cisco IOS XE software

with the router.

Using Cisco IOS XE Software

Describes the uses of a Gigabit Ethernet management

interface and a web user interface.

Managing the Device Using Web User Interface, on

page 69

Describes software features that are common across

Cisco IOS XE platforms.

Console Port, Telnet, and SSH Handling, on page 75

Contains important information about filesystems,

packages, licensing, and installing software.

Installing the Software, on page 91

Describes the basic tasks required to configure a

router.

Basic Router Configuration, on page 29

Provides information about the chassis slot numbers

and subslots where the service modules are installed.

Slot and Subslot Configuration, on page 117

Provides information about syslog messages.System Messages, on page 127

Describes the tracing function where logs of internal

events on a router are recorded.

Trace Management, on page 133

Describes the environmental monitoring features on

a router.

Environmental Monitoring and PoE Management, on

page 139

Describes how it can be used to protect or restore a

router to an earlier, fully functional state.

Information About Factory Reset

Processes

The list of background processes in the following table may be useful for checking router state and

troubleshooting. However, you do not need to understand these processes to understand most router operations.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Introduction

Sections in this Document

Table 2: Individual Processes

Sub Package MappingAffected FRUsPurposeProcess

RPControl

SIPBase

ESPBase

SIP

ESP

Controls chassis

management functions,

including management of

the High Availability

(HA) state, environmental

monitoring, and FRU state

control.

Chassis Manager

RPControl

SIPBase

ESPBase

SIP

ESP

Provides an interface

between the IOS process

and many of the

information gathering

functions of the

underlying platform

kernel and operating

system.

Host Manager

RPControl

SIPBase

ESPBase

SIP

ESP

Provides IOS logging

services to processes

running on each FRU.

Logger

RPIOSRPImplements all forwarding

and routing features for

the router.

IOS

RPControl

ESPBase

ESP

Manages downloading of

configuration details to

the ESP and the

communication of

forwarding plane

information, such as

statistics, to the IOS

process.

Forwarding Manager

RPControlRPProvide integration

between platform policy

applications, such as

authentication and the IOS

process.

Pluggable Services

RPControlRPProvides user interface

(UI) features relating to

non-IOS components of

the consolidated package.

These features are also

available for use in

diagnostic mode when the

IOS process fails.

Shell Manager

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Introduction

Processes

Sub Package MappingAffected FRUsPurposeProcess

SIPSPAIO ModuleExchanges configuration

and other control

messages with a NIM.

IO Module process

ESPBaseESPManages CPP hardware

forwarding engine on the

ESP.

CPP driver process

ESPBaseESPManages HA state for the

CPP hardware forwarding

engine.

CPP HA process

ESPBaseESPPerforms high-latency

tasks for the CPP-facing

functionality in the ESP

instance of the

Forwarding Manager

process.

CPP SP process

For further details of router capabilities and models, see the Hardware Installation Guide for Cisco 1100

Terminal Gateway.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Introduction

Processes

CHAPTER 2

Configure Initial Router Settings on Cisco 1100

Terminal Gateway

This chapter describes how to perform the initial configuration on Cisco 1100 Terminal Gateway. It contains

the following sections:

• Perform Initial Configuration on Cisco 1100 Terminal Gateway, on page 5

• Verify Network Connectivity, on page 23

• Verify Initial Configuration on Cisco 1100 Terminal Server Gateway, on page 27

Perform Initial Configuration on Cisco 1100 Terminal Gateway

You can perform initial configuration on Cisco 1100 Terminal Gateway by using either the setup command

facility or the Cisco IOS command-line interface (CLI):

Use Cisco Setup Command Facility

The setup command facility prompts you to enter the information about your router and network. The facility

steps guides you through the initial configuration, which includes LAN and WAN interfaces. For more general

information about the setup command facility, see the following document:

Cisco IOS Configuration Fundamentals Configuration Guide , Release 12.4, Part 2: Cisco IOS User Interfaces:

Using AutoInstall and Setup:

http://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-3s/products-installation-and-configuration-guides-list.html.

This section explains how to configure a hostname for the router, set passwords, and configure an interface

to communicate with the management network.

The messages that are displayed will vary based on your router model, the installed interface modules, and

the software image. The following example and the user entries (in bold) are shown only as examples.

Note

If you make a mistake while using the setup command facility, you can exit and run the setup command

facility again. Press Ctrl-C, and enter the setup command in privileged EXEC mode (Router#)

Note

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

To configure the initial router settings by using the setup command facility, follow these steps:

SUMMARY STEPS

1. From the Cisco IOS-XE CLI, enter the setup command in privileged EXEC mode:

2. To proceed using the setup command facility, enter yes.

3. To enter the basic management setup, enter yes.

4. Enter a hostname for the router (this example uses ‘myrouter’):

5. Enter an enable secret password. This password is encrypted (for more security) and cannot be seen

when viewing the configuration.

6. Enter an enable password that is different from the enable secret password. This password is not encrypted

(and is less secure) and can be seen when viewing the configuration.

7. Enter the virtual terminal password, which prevents unauthenticated access to the router through ports

other than the console port:

8. Respond to the following prompts as appropriate for your network:

9. Respond to the following prompts as appropriate for your network:

10. Respond to the following prompts. Select [2] to save the initial configuration:

DETAILED STEPS

Step 1 From the Cisco IOS-XE CLI, enter the setup command in privileged EXEC mode:

Example:

Router> enable

Password: <password>

Router# setup

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]:

You are now in the Setup Configuration Utility.

Depending on your router model, the installed interface modules, and the software image, the prompts in the setup

command facility vary. The following steps and the user entries (in bold) are shown only as examples.

This setup command facility is also entered automatically if there is no configuration on the router when

it is booted into Cisco IOS-XE.

Note

If you make a mistake while using the setup command facility, you can exit and run the setup command

facility again. Press Ctrl-C, and enter the setup command at the privileged EXEC mode prompt (Router#).

For more information on using the setup command facility, see The Setup Command chapter in Cisco IOS

Configuration Fundamentals Command Reference , Release 12.2T, at the following URL:

http://www.cisco.com/en/US/docs/ios/12_2t/fun/command/reference/122tfr.html

Note

Step 2 To proceed using the setup command facility, enter yes.

Example:

Continue with configuration dialog? [yes/no]:

At any point you may enter a question mark '?' for help.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Use Cisco Setup Command Facility

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.

Step 3 To enter the basic management setup, enter yes.

Example:

Would you like to enter basic management setup? [yes/no]: yes

Step 4 Enter a hostname for the router (this example uses ‘myrouter’):

Example:

Configuring global parameters:

Enter host name [Router]: myrouter

Step 5 Enter an enable secret password. This password is encrypted (for more security) and cannot be seen when viewing the

configuration.

Example:

The enable secret is a password used to protect access to

privileged EXEC and configuration modes. This password, after

entered, becomes encrypted in the configuration.

Enter enable secret: cisco

Step 6 Enter an enable password that is different from the enable secret password. This password is not encrypted (and is less

secure) and can be seen when viewing the configuration.

Example:

The enable password is used when you do not specify an

enable secret password, with some older software versions, and

some boot images.

Enter enable password: cisco123

Step 7 Enter the virtual terminal password, which prevents unauthenticated access to the router through ports other than the

console port:

Example:

The virtual terminal password is used to protect

access to the router over a network interface.

Enter virtual terminal password: cisco

Step 8 Respond to the following prompts as appropriate for your network:

Example:

Configure SNMP Network Management? [no]: yes

Community string [public]:

A summary of the available interfaces is displayed.

The interface summary includes interface numbering, which is dependent on the router model and the

installed modules and interface cards.

Note

Example:

Current interface summary

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Use Cisco Setup Command Facility

Interface IP-Address OK? Method Status Protocol

GigabitEthernet0/0/0 unassigned YES NVRAM administratively down down

GigabitEthernet0/1/0 10.10.10.12 YES DHCP up up

GigabitEthernet0/2/0 unassigned YES NVRAM administratively down down

SSLVPN-VIF0 unassigned NO unset up

Any interface listed with OK? value "NO" does not have a valid configuration

Step 9 Respond to the following prompts as appropriate for your network:

Example:

Configuring interface GigabitEthernet0/1/0

Configure IP on this interface? [yes]: yes

IP address for this interface [10.10.10.12

Subnet mask for this interface [255.0.0.0] : 255.255.255.0

Class A network is 10.0.0.0, 24 subnet bits; mask is /24

The following configuration command script was created:

Example:

hostname myrouter

enable secret 5 $1$t/Dj$yAeGKviLLZNOBX0b9eifO0 enable password cisco123 line vty 0 4 password cisco

snmp-server community public !

no ip routing

interface GigabitEthernet0/0/0

shutdown

no ip address

interface GigabitEthernet0/1/0

no shutdown

ip address 10.10.10.12 255.255.255.0

interface GigabitEthernet0/2/0

shutdown

no ip address

end

Step 10 Respond to the following prompts. Select [2] to save the initial configuration:

Example:

[0] Go to the IOS command prompt without saving this config.

[1] Return back to the setup without saving this config.

[2] Save this configuration to nvram and exit.

Enter your selection [2]: 2

Building configuration...

Use the enabled mode 'configure' command to modify this configuration.

Press RETURN to get started! RETURN

The user prompt is displayed:

Example:

myrouter>

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Use Cisco Setup Command Facility

Complete the Configuration

When using the Cisco Setup, and after you have provided all the information requested by the facility, the

final configuration appears. To complete your router configuration, follow these steps:

SUMMARY STEPS

1. Choose to save the configuration when the facility prompts you to save the configuration.

2. When the messages stop appearing on your screen, press Return to get the Router> prompt.

3. Choose to modify the existing configuration or create another configuration. The Router> prompt indicates

that you are now at the command-line interface (CLI) and you have just completed a initial router

configuration. Nevertheless, this is not a complete configuration. At this point, you have two choices:

DETAILED STEPS

Step 1 Choose to save the configuration when the facility prompts you to save the configuration.

• If you answer ‘no’, the configuration information you entered is not saved, and you return to the router enable prompt

(Router#). Enter setup to return to the System Configuration Dialog.

• If you answer ‘yes’, the configuration is saved, and you are returned to the user EXEC prompt (Router>).

Example:

Use this configuration? {yes/no} : yes

Building configuration...

Use the enabled mode 'configure' command to modify this configuration.

Press RETURN to get started!

%LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up

%LINK-3-UPDOWN: Interface Ethernet0/1, changed state to up

%LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up

%LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down

%LINK-3-UPDOWN: Interface Serial0/2, changed state to down

%LINK-3-UPDOWN: Interface Serial1/0, changed state to up

%LINK-3-UPDOWN: Interface Serial1/1, changed state to down

%LINK-3-UPDOWN: Interface Serial1/2, changed state to down

Step 2 When the messages stop appearing on your screen, press Return to get the Router> prompt.

Step 3 Choose to modify the existing configuration or create another configuration. The Router> prompt indicates that you are

now at the command-line interface (CLI) and you have just completed a initial router configuration. Nevertheless, this

is not a complete configuration. At this point, you have two choices:

• Run the setup command facility again, and create another configuration.

Example:

Router> enable

Password: password

Router# setup

• Modify the existing configuration or configure additional features by using the CLI:

Example:

Router> enable

Password: password

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Complete the Configuration

Router# configure terminal

Router(config)#

Use Cisco IOS XE CLI—Manual Configuration

This section describes you how to access the command-line interface (CLI) to perform the initial configuration

on the router.

To configure the initial router settings by using the Cisco IOS CLI, you must set up a console connection.

Note

If the default configuration file is installed on the router prior to shipping, the system configuration dialog

message does not appear, To configure the device, follow these steps:

SUMMARY STEPS

1. Enter the appropriate answer when the following system message appears on the router.

2. Press Return to terminate autoinstall and continue with manual configuration:

3. Press Return to bring up the Router> prompt.

4. Type enable to enter privileged EXEC mode:

DETAILED STEPS

Step 1 Enter the appropriate answer when the following system message appears on the router.

Example:

--- System Configuration Dialog ---

At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.

Would you like to enter the initial configuration dialog? [yes/no]: no

Step 2 Press Return to terminate autoinstall and continue with manual configuration:

Example:

Would you like to terminate autoinstall? [yes]

Return

Several messages are displayed, ending with a line similar to the following:

Example:

...

Compiled <date

> <time

> by <person

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Use Cisco IOS XE CLI—Manual Configuration

Step 3 Press Return to bring up the Router> prompt.

Example:

...

flashfs[4]: Initialization complete.

Router>

Step 4 Type enable to enter privileged EXEC mode:

Example:

Router> enable

Router#

Configure Cisco 1100 Terminal Gateway Hostname

The hostname is used in CLI prompts and default configuration filenames. If you do not configure the router

hostname, the router uses the factory-assigned default hostname “Router.”

SUMMARY STEPS

1. enable

2. configure terminal

3. hostname name

4. Verify that the router prompt displays your new hostname.

5. end

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Specifies or modifies the hostname for the network server.hostname name

Example:

Step 3

Router(config)# hostname myrouter

—Verify that the router prompt displays your new hostname.

Example:

Step 4

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configure Cisco 1100 Terminal Gateway Hostname

PurposeCommand or Action

myrouter(config)#

(Optional) Returns to privileged EXEC mode.end

Example:

Step 5

myrouter# end

Configure the Enable and Enable Secret Passwords

To provide an additional layer of security, particularly for passwords that cross the network or are stored on

a TFTP server, you can use either the enable password command or enable secret command. Both commands

accomplish the same thing—they allow you to establish an encrypted password that users must enter to access

privileged EXEC (enable) mode.

We recommend that you use the enable secret command because it uses an improved encryption algorithm.

Use the enable password command only if you boot an older image of the Cisco IOS XE software.

For more information, see the “Configuring Passwords and Privileges” chapter in the Cisco IOS Security

Configuration Guide . Also see the Cisco IOS Password Encryption Facts tech note and the Improving Security

on Cisco Routers tech note.

If you configure the enable secret command, it takes precedence over the enable password command; the

two commands cannot be in effect simultaneously.

Note

SUMMARY STEPS

1. enable

2. configure terminal

3. enable password password

4. enable secret password

5. end

6. enable

7. end

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configure the Enable and Enable Secret Passwords

PurposeCommand or Action

Router# configure terminal

(Optional) Sets a local password to control access to various

privilege levels.

enable password password

Example:

Step 3

• We recommend that you perform this step only if you

boot an older image of the Cisco IOS-XE software or

Router(config)# enable password pswd2

if you boot older boot ROMs that do not recognize the

enable secret command.

Specifies an additional layer of security over the enable

password command.

enable secret password

Example:

Step 4

• Do not use the same password that you entered in Step

3 .

Router(config)# enable secret greentree

Returns to privileged EXEC mode.end

Example:

Step 5

Router(config)# end

Enables privileged EXEC mode.enable

Step 6

Example:

• Verify that your new enable or enable secret password

works.

Router> enable

(Optional) Returns to privileged EXEC mode.end

Example:

Step 7

Router(config)# end

Configure the Console Idle Privileged EXEC Timeout

This section describes how to configure the console line’s idle privileged EXEC timeout. By default, the

privileged EXEC command interpreter waits 10 minutes to detect user input before timing out.

When you configure the console line, you can also set communication parameters, specify autobaud connections,

and configure terminal operating parameters for the terminal that you are using. For more information on

configuring the console line, see the Cisco IOS Configuration Fundamentals and Network Management

Configuration Guide . In particular, see the “Configuring Operating Characteristics for Terminals” and

“Troubleshooting and Fault Management” chapters.

SUMMARY STEPS

1. enable

2. configure terminal

3. line console 0

4. exec-timeout minutes [seconds]

5. end

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configure the Console Idle Privileged EXEC Timeout

6. show running-config

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Configures the console line and starts the line configuration

command collection mode.

line console 0

Example:

Step 3

Router(config)# line console 0

Sets the idle privileged EXEC timeout, which is the interval

that the privileged EXEC command interpreter waits until

user input is detected.

exec-timeout minutes [seconds]

Example:

Router(config-line)# exec-timeout 0 0

Step 4

• The example shows how to specify no timeout. Setting

the exec-timeout value to 0 will cause the router to

never log out after it is logged in. This could have

security implications if you leave the console without

manually logging out using the disable command.

Returns to privileged EXEC mode.end

Example:

Step 5

Router(config)# end

Displays the running configuration file.show running-config

Step 6

Example:

• Verify that you properly configured the idle privileged

EXEC timeout.

Router(config)# show running-config

Examples

The following example shows how to set the console idle privileged EXEC timeout to 2 minutes 30 seconds:

line console

exec-timeout 2 30

The following example shows how to set the console idle privileged EXEC timeout to 30 seconds:

line console

exec-timeout 0 30

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Examples

Gigabit Ethernet Management Interface Overview

The router uses gi0/0/0 or gi0/0/1 as management port.

The purpose of this interface is to allow users to perform management tasks on the router. It is an interface

that should not and often cannot forward network traffic. It ca, however, be used to access the router through

Telnet and SSH to perform management tasks on the router. The interface is most useful before a router begins

routing, or in troubleshooting scenarios when other forwarding interfaces are inactive.

Note he following aspects of the management ethernet interface:

• The router has one management ethernet interface named GigabitEthernet0.

• IPv4, IPv6, and ARP are the only routed protocols supported for the interface.

• The interface provides a way to access to the router even if forwarding interfaces are not functional, or

the IOS process is down.

Default Gigabit Ethernet Configuration

By default, a forwarding VRF is configured for the interface with a special group named “Mgmt-intf.” This

cannot be changed. This isolates the traffic on the management interface away from the forwarding plane.

The basic configuration is like other interfaces; however, there are many forwarding features that are not

supported on these interfaces. No forwarding features can be configured on the GigabitEthernet0 interface as

it is only used for management.

For example, the default configuration is as follows:

interface GigabitEthernet0

vrf forwarding Mgmt-intf

ip address 172.18.77.212 255.255.255.240

negotiation auto

Gigabit Ethernet Port Numbering

The Gigabit Ethernet Management port is always GigabitEthernet0.

The port can be accessed in configuration mode.

Router# config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#interface gigabitethernet0

Router(config-if)#

Configure Gigabit Ethernet Interfaces

This sections shows how to assign an IP address and interface description to an Ethernet interface on your

router.

For comprehensive configuration information on Gigabit Ethernet interfaces, see the “Configuring LAN

Interfaces” chapter of Cisco IOS Interface and Hardware Component Configuration Guide ,

http://www.cisco.com/en/US/docs/ios/12_2/interface/configuration/guide/icflanin.html

For information on interface numbering, see the software configuration guide for your router.

SUMMARY STEPS

1. enable

2. show ip interface brief

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Gigabit Ethernet Management Interface Overview

3. configure terminal

4. interface {fastethernet | gigabitethernet} 0/port

5. description string

6. ip address ip-address mask

7. no shutdown

8. end

9. show ip interface brief

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Displays a brief status of the interfaces that are configured

for IP.

show ip interface brief

Example:

Step 2

• Learn which type of Ethernet interface is on your

router.

Router# show ip interface brief

Enters global configuration mode.configure terminal

Example:

Step 3

Router# configure terminal

Specifies the Ethernet interface and enters interface

configuration mode.

interface {fastethernet | gigabitethernet} 0/port

Example:

Step 4

For information on interface numbering, see

Slots, Subslots (Bay), Ports, and Interfaces in

section page 1-38 .

Note

Router(config)# interface gigabitethernet 0/0/0

(Optional) Adds a description to an interface configuration.

The description helps you remember what is attached to

description string

Example:

Step 5

this interface. The description can be useful for

troubleshooting.

Router(config-if)# description GE int to 2nd floor

south wing

Sets a primary IP address for an interface.ip address ip-address mask

Example:

Step 6

Router(config-if)# ip address 172.16.74.3

255.255.255.0

Enables an interface.no shutdown

Example:

Step 7

Router(config-if)# no shutdown

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configure Gigabit Ethernet Interfaces

PurposeCommand or Action

Returns to privileged EXEC mode.end

Example:

Step 8

Router(config)# end

Displays a brief status of the interfaces that are configured

for IP. Verify that the Ethernet interfaces are up and

configured correctly.

show ip interface brief

Example:

Router# show ip interface brief

Step 9

Configuration Examples

Configuring the GigabitEthernet Interface: Example

interface GigabitEthernet0/0/0

description GE int to HR group

ip address 172.16.3.3 255.255.255.0

duplex negotiation auto

speed negotiation auto

no shutdown

Sample Output for the show ip interface brief Command

Router#show ip interface brief

Interface IP-Address OK? Method Status Protocol

GigabitEthernet0/0/0 unassigned YES NVRAM administratively down down

GigabitEthernet0/0/1 unassigned YES NVRAM administratively down down

GigabitEthernet0/0/2 unassigned YES NVRAM administratively down down

GigabitEthernet0/0/3 unassigned YES NVRAM administratively down down

GigabitEthernet0 10.0.0.1 YES manual up up

Specify a Default Route or Gateway of Last Resort

This section describes how to specify a default route with IP routing enabled. For alternative methods of

specifying a default route, see the Configuring a Gateway of Last Resort Using IP Commands Technical

Specifications Note.

The Cisco IOS-XE software uses the gateway (router) as a last resort if it does not have a better route for a

packet and if the destination is not a connected network. This section describes how to select a network as a

default route (a candidate route for computing the gateway of last resort). The way in which routing protocols

propagate the default route information varies for each protocol.

Configure IP Routing and IP Protocols

For comprehensive configuration information about IP routing and IP routing protocols, see the Configuring

IP Routing Protocol-Independent Feature at cisco.com.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configuration Examples

IP Routing

IP routing is automatically enabled in the Cisco ISO- XE software. When IP routing is configured, the system

will use a configured or learned route to forward packets, including a configured default route.

This task section does not apply when IP routing is disabled. To specify a default route when IP routing is

disabled, refer to the Configuring a Gateway of Last Resort Using IP Commands Technical Specifications

Note at cisco.com.

Note

Default Routes

A router might not be able to determine the routes to all other networks. To provide complete routing capability,

the common practice is to use some routers as smart routers and give the remaining routers default routes to

the smart router. (Smart routers have routing table information for the entire internetwork.) These default

routes can be passed along dynamically, or can be configured into the individual routers.

Most dynamic interior routing protocols include a mechanism for causing a smart router to generate dynamic

default information that is then passed along to other routers.

Default Network

If a router has an interface that is directly connected to the specified default network, the dynamic routing

protocols running on the router generates or sources a default route. In the case of RIP, the router will advertise

the pseudonetwork 0.0.0.0. In the case of IGRP, the network itself is advertised and flagged as an exterior

route.

A router that is generating the default for a network may also need a default of its own. One way a router can

generate its own default is to specify a static route to the network 0.0.0.0 through the appropriate device.

Gateway of Last Resort

When default information is being passed along through a dynamic routing protocol, no further configuration

is required. The system periodically scans its routing table to choose the optimal default network as its default

route. In the case of RIP, there is only one choice, network 0.0.0.0. In the case of IGRP, there might be several

networks that can be candidates for the system default. The Cisco IOS-XE software uses both administrative

distance and metric information to determine the default route (gateway of last resort). The selected default

route appears in the gateway of last resort display of the show ip route EXEC command.

If dynamic default information is not being passed to the software, candidates for the default route are specified

with the ip default-network global configuration command. In this usage, the ip default-network command

takes an unconnected network as an argument. If this network appears in the routing table from any source

(dynamic or static), it is flagged as a candidate default route and is a possible choice for the default route.

If the router has no interface on the default network, but does have a route to it, it considers this network as

a candidate default path. The route candidates are examined and based on administrative distance and metric,

the best one is chosen. The gateway to the best default path becomes the gateway of last resort.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip routing

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

IP Routing

4. ip route dest-prefix mask next-hop-ip-address [admin-distance] [permanent]

5. Do one of the following:

• ip default-network network-number

•

• ip route dest-prefix mask next-hop-ip-address

6. end

7. show ip route

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Step 1

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Enables IP routing.ip routing

Example:

Step 3

Router(config)# ip routing

Establishes a static route.ip route dest-prefix mask next-hop-ip-address

[admin-distance] [permanent]

Step 4

Example:

Router(config)# ip route 192.168.24.0 255.255.255.0

172.28.99.2

Selects a network as a candidate route for computing the

gateway of last resort.

Do one of the following:

Step 5

• ip default-network network-number

Creates a static route to network 0.0.0.0 0.0.0.0 for

computing the gateway of last resort.

•

• ip route dest-prefix mask next-hop-ip-address

Example:

Router(config)# ip default-network 192.168.24.0

Example:

Router(config)# ip route 0.0.0.0 0.0.0.0

172.28.99.1

Returns to privileged EXEC mode.end

Example:

Step 6

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Gateway of Last Resort

PurposeCommand or Action

Router(config)# end

Displays the current routing table information. Verify that

the gateway of last resort is set.

show ip route

Example:

Step 7

Router# show ip route

Configuration Examples

Specifying a Default Route: Example

ip route 192.168.24.0 255.255.255.0 172.28.99.2

ip default-network 192.168.24.0

Sample Output for the show ip route Command

Router# show ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 -

IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default,

U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP,

l - LISP a - application route + - replicated route, % - next hop override

Gateway of last resort is not set 40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C

40.0.0.0/24 is directly connected, Loopback1 L 40.0.0.1/32 is directly connected, Loopback1

Router#

Configure Virtual Terminal Lines for Remote Console Access

Virtual terminal (vty) lines are used to allow remote access to the router. This section shows you how to

configure the virtual terminal lines with a password, so that only authorized users can remotely access the

router.

By default, the router has five virtual terminal lines. However, you can create additional virtual terminal lines.

See the Cisco IOS XE Dial Technologies Configuration Guide at

http://www.cisco.com/en/US/docs/ios/dial/configuration/guide/2_xe/dia_2_xe_book.html .

Line passwords and password encryption is described in the C isco IOS XE Security Configuration Guide:

Secure Connectivity document available at the following URL:

http://www.cisco.com/en/US/docs/ios/ios_xe/sec_secure_connectivity/configuration/guide/2_xe/sec_secure_connectivity_xe_book.html

. See the Security with Passwords, Privilege Levels, and Login Usernames for CLI Sessions on Networking

Devices section. If you want to secure the virtual terminal lines (vty) with an access list, see the Access Control

Lists: Overview and Guidelines.

SUMMARY STEPS

1. enable

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configuration Examples

2. configure terminal

3. line vty line-number [ending-line-number]

4. password password

5. login

6. end

7. show running-config

8. From another network device, attempt to open a Telnet session to the router.

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Step 1

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Starts the line configuration command collection mode for

the virtual terminal lines (vty) for remote console access.

line vty line-number [ending-line-number]

Example:

Step 3

• Make sure that you configure all vty lines on your

router.

Router(config)# line vty 0 4

To verify the number of vty lines on your

router, use the line vty ? command.

Note

Specifies a password on a line.password password

Example:

Step 4

Router(config-line)# password guessagain

Enables password checking at login.login

Example:

Step 5

Router(config-line)# login

Returns to privileged EXEC mode.end

Example:

Step 6

Router(config-line)# end

Displays the running configuration file. Verify that you

bave properly configured the virtual terminal lines for

remote access.

show running-config

Example:

Router# show running-config

Step 7

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configure Virtual Terminal Lines for Remote Console Access

PurposeCommand or Action

Verifies that you can remotely access the router and that

the virtual terminal line password is correctly configured.

From another network device, attempt to open a Telnet

session to the router.

Example:

Step 8

Router# 172.16.74.3

Example:

Password:

Configuration Examples

The following example shows how to configure virtual terminal lines with a password:

line vty 0 4

password guessagain

What to Do Next

After you configure the vty lines, follow these steps:

• (Optional) To encrypt the virtual terminal line password, see the “Configuring Passwords and Privileges”

chapter in the Cisco IOS Security Configuration Guide . Also see the Cisco IOS Password Encryption

Facts tech note.

• (Optional) To secure the VTY lines with an access list, see the “Part 3: Traffic Filtering and Firewalls”

in the Cisco IOS Security Configuration Guide .

Configure the Auxiliary Line

This section describes how to enter line configuration mode for the auxiliary line. How you configure the

auxiliary line depends on your particular implementation of the auxiliary (AUX) port. See the following

documents for information on configuring the auxiliary line:

• Configuring a Modem on the AUX Port for EXEC Dialin Connectivity , Technical Specifications Note

http://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080094bbc.shtml

• Configuring Dialout Using a Modem on the AUX Port , sample configuration

http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080094579.shtml

• Configuring AUX-to-AUX Port Async Backup with Dialer Watch , sample configuration

http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080093d2b.shtml

• Modem-Router Connection Guide , Technical Specifications Note

http://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a008009428b.shtml

SUMMARY STEPS

1. enable

2. configure terminal

3. line aux 0

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configuration Examples

4. See the Technical Specifications Note and sample configurations to configure the line for your particular

implementation of the AUX port.

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Starts the line configuration command collection mode for

the auxiliary line.

line aux 0

Example:

Step 3

Router(config)# line aux 0

—See the Technical Specifications Note and sample

configurations to configure the line for your particular

implementation of the AUX port.

Step 4

Verify Network Connectivity

This section describes how to verify network connectivity for your router.

Before you begin

• All configuration tasks describe in this chapter must be completed.

• The router must be connected to a properly configured network host.

SUMMARY STEPS

1. enable

2. ping [ip-address | hostname]

3. telnet {ip-address | hostname}

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Step 1

Router> enable

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Verify Network Connectivity

PurposeCommand or Action

Diagnoses initial network connectivity. To verify

connectivity, ping the next hop router or connected host for

each configured interface to.

ping [ip-address | hostname]

Example:

Router# ping 172.16.74.5

Step 2

Logs in to a host that supports Telnet. If you want to test

the vty line password, perform this step from a different

network device, and use your router’s IP address.

telnet {ip-address | hostname}

Example:

Router# telnet 10.20.30.40

Step 3

Examples

The following display shows sample output for the ping command when you ping the IP address 192.168.7.27:

Router# ping

Protocol [ip]:

Target IP address: 192.168.7.27

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.7.27, timeout is 2 seconds:

!!!!!

Success rate is 100 percent, round-trip min/avg/max = 1/2/4 ms

The following display shows sample output for the ping command when you ping the IP hostname donald:

Router# ping donald

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.7.27, timeout is 2 seconds:

!!!!!

Success rate is 100 percent, round-trip min/avg/max = 1/3/4 ms

Save Your Device Configuration

This section describes how to avoid losing your configuration at the next system reload or power cycle by

saving the running configuration to the startup configuration in NVRAM. The NVRAM provides 256KB of

storage on the router.

SUMMARY STEPS

1. enable

2. copy running-config startup-config

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Examples

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Step 1

Router> enable

Saves the running configuration to the startup configuration.copy running-config startup-config

Example:

Step 2

Router# copy running-config startup-config

Save Backup Copies of Configuration and System Image

To aid file recovery and minimize downtime in case of file corruption, we recommend that you save backup

copies of the startup configuration file and the Cisco IOS-XE software system image file on a server.

SUMMARY STEPS

1. enable

2. copy nvram:startup-config {ftp: | rcp: | tftp:}

3. show {bootflash0|bootflash1}:

4. copy {bootflash0|bootflash1}: {ftp: | rcp: | tftp:}

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Step 1

Router> enable

Copies the startup configuration file to a server. The

configuration file copy can serve as a backup copy.Enter

the destination URL when prompted.

copy nvram:startup-config {ftp: | rcp: | tftp:}

Example:

Router# copy nvram:startup-config ftp:

Step 2

Displays the layout and contents of a flash memory file

system. Learn the name of the system image file.

show {bootflash0|bootflash1}:

Example:

Step 3

Router# show {bootflash0|bootflash1}:

Copies a file from flash memory to a server.copy {bootflash0|bootflash1}: {ftp: | rcp: | tftp:}

Step 4

Example:

• Copy the system image file to a server to serve as a

backup copy.

Router# copy {bootflash0|bootflash1}: ftp:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Save Backup Copies of Configuration and System Image

PurposeCommand or Action

• Enter the filename and destination URL when

prompted.

Configuration Examples

Copying the Startup Configuration to a TFTP Server: Example

The following example shows the startup configuration being copied to a TFTP server:

Router# copy nvram:startup-config tftp:

Remote host[]? 172.16.101.101

Name of configuration file to write [rtr2-confg]? <cr>

Write file rtr2-confg on host 172.16.101.101?[confirm] <cr>

![OK]

Copying from Flash Memory to a TFTP Server: Example

The following example shows the use of the show {flash0|flash1}: command in privileged EXEC to learn

the name of the system image file and the use of the copy {flash0|flash1}: tftp: privileged EXEC command

to copy the system image to a TFTP server. The router uses the default username and password.

Router#Directory of bootflash:

11 drwx 16384 Jun 12 2012 17:31:45 +00:00 lost+found 64897 drwx 634880 Sep 6 2012 14:33:26

+00:00 core 340705 drwx 4096 Oct 11 2012 19:28:27 +00:00 .prst_sync 81121 drwx 4096 Jun

12 2012 17:32:39 +00:00 .rollback_timer 12 -rw- 0 Jun 12 2012 17:32:50 +00:00 tracelogs.336

713857 drwx 1347584 Oct 11 2012 20:24:26 +00:00 tracelogs 162241 drwx 4096 Jun 12 2012

17:32:51 +00:00 .installer 48673 drwx 4096 Jul 2 2012 17:14:51 +00:00 vman_fdb 13 -rw-

420654048 Aug 28 2012 15:01:31 +00:00

crankshaft-universalk9.BLD_MCP_DEV_LATEST_20120826_083012.SSA.bin 14 -rw- 727035 Aug 29

2012 21:03:25 +00:00 uut2_2000_ikev1.cfg 15 -rw- 420944032 Aug 29 2012 19:40:28 +00:00

crankshaft-universalk9.BLD_MCP_DEV_LATEST_20120829_033026.SSA.bin 16 -rw- 1528 Aug 30 2012

14:24:38 +00:00 base.cfg 17 -rw- 360900 Aug 31 2012 19:10:02 +00:00 uut2_1000_ikev1.cfg

18 -rw- 421304160 Aug 31 2012 16:34:19 +00:00

crankshaft-universalk9.BLD_MCP_DEV_LATEST_20120821_193221.SSA.bin 19 -rw- 421072064 Aug 31

2012 18:31:57 +00:00 crankshaft-universalk9.BLD_MCP_DEV_LATEST_20120830_110615.SSA.bin 20

-rw- 453652 Sep 1 2012 01:48:15 +00:00 uut2_1000_ikev1_v2.cfg 21 -rw- 16452768 Sep 11 2012

20:36:20 +00:00 upgrade_stage_1_of_1.bin.2012-09-05-Delta 22 -rw- 417375456 Sep 12 2012

20:28:23 +00:00 crankshaft-universalk9.2012-09-12_00.45_cveerapa.SSA.bin 23 -rw- 360879 Oct

8 2012 19:43:36 +00:00 old-config.conf 24 -rw- 390804800 Oct 11 2012 15:34:08 +00:00

_1010t.bin 7451738112 bytes total (4525948928 bytes free)

Router#show bootflash: -#- --length-- ---------date/time--------- path 1 4096 Oct 11 2012

20:22:19 +00:00 /bootflash/ 2 16384 Jun 12 2012 17:31:45 +00:00 /bootflash/lost+found 3

634880 Sep 06 2012 14:33:26 +00:00 /bootflash/core 4 1028176 Sep 06 2012 14:31:17 +00:00

/bootflash/core/UUT2_RP_0_iomd_17360.core.gz 5 1023738 Sep 06 2012 14:31:24 +00:00

/bootflash/core/UUT2_RP_0_iomd_23385.core.gz 6 1023942 Sep 06 2012 14:31:30 +00:00

/bootflash/core/UUT2_RP_0_iomd_24973.core.gz 7 1023757 Sep 06 2012 14:31:37 +00:00

/bootflash/core/UUT2_RP_0_iomd_26241.core.gz 8 1023726 Sep 06 2012 14:31:43 +00:00

/bootflash/core/UUT2_RP_0_iomd_27507.core.gz 9 1023979 Sep 06 2012 14:31:50 +00:00

/bootflash/core/UUT2_RP_0_iomd_28774.core.gz 10 1023680 Sep 06 2012 14:31:56 +00:00

/bootflash/core/UUT2_RP_0_iomd_30045.core.gz 11 1023950 Sep 06 2012 14:32:02 +00:00

/bootflash/core/UUT2_RP_0_iomd_31332.core.gz 12 1023722 Sep 06 2012 14:32:09 +00:00

/bootflash/core/UUT2_RP_0_iomd_5528.core.gz 13 1023852 Sep 06 2012 14:32:15 +00:00

/bootflash/core/UUT2_RP_0_iomd_7950.core.gz 14 1023916 Sep 06 2012 14:32:22 +00:00

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Configuration Examples

/bootflash/core/UUT2_RP_0_iomd_9217.core.gz 15 1023875 Sep 06 2012 14:32:28 +00:00

/bootflash/core/UUT2_RP_0_iomd_10484.core.gz 16 1023907 Sep 06 2012 14:32:35 +00:00

/bootflash/core/UUT2_RP_0_iomd_11766.core.gz 17 1023707 Sep 06 2012 14:32:41 +00:00

/bootflash/core/UUT2_RP_0_iomd_13052.core.gz 18 1023963 Sep 06 2012 14:32:48 +00:00

/bootflash/core/UUT2_RP_0_iomd_14351.core.gz 19 1023915 Sep 06 2012 14:32:54 +00:00

/bootflash/core/UUT2_RP_0_iomd_15644.core.gz 20 1023866 Sep 06 2012 14:33:00 +00:00

/bootflash/core/UUT2_RP_0_iomd_17171.core.gz 21 1023518 Sep 06 2012 14:33:07 +00:00

/bootflash/core/UUT2_RP_0_iomd_18454.core.gz 22 1023938 Sep 06 2012 14:33:13 +00:00

/bootflash/core/UUT2_RP_0_iomd_19741.core.gz 23 1024017 Sep 06 2012 14:33:20 +00:00

/bootflash/core/UUT2_RP_0_iomd_21039.core.gz 24 1023701 Sep 06 2012 14:33:26 +00:00

/bootflash/core/UUT2_RP_0_iomd_22323.core.gz 25 4096 Oct 11 2012 19:28:27 +00:00

/bootflash/.prst_sync 26 4096 Jun 12 2012 17:32:39 +00:00 /bootflash/.rollback_timer 27 0

Jun 12 2012 17:32:50 +00:00 /bootflash/tracelogs.336 28 1347584 Oct 11 2012 20:24:26 +00:00

/bootflash/tracelogs 29 392 Oct 11 2012 20:22:19 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.gz 30 308 Oct 11 2012 18:39:43 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011183943.gz 31 308 Oct 11 2012 18:49:44

+00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011184944.gz 32 42853 Oct 04

2012 07:35:39 +00:00 /bootflash/tracelogs/hman_R0-0.log.0498.20121004073539.gz 33 307 Oct

11 2012 18:59:45 +00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011185945.gz

34 308 Oct 11 2012 19:19:47 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011191947.gz 35 307 Oct 11 2012 19:37:14

+00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011193714.gz 36 308 Oct 11

2012 19:47:15 +00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011194715.gz 37

308 Oct 11 2012 19:57:16 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011195716.gz 38 308 Oct 11 2012 20:07:17

+00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011200717.gz 39 307 Oct 11

2012 20:12:18 +00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011201218.gz 40

306 Oct 11 2012 20:17:18 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011201718.gz 41 44220 Oct 10 2012

11:47:42 +00:00 /bootflash/tracelogs/hman_R0-0.log.32016.20121010114742.gz 42 64241 Oct 09

2012 20:47:59 +00:00 /bootflash/tracelogs/fman-fp_F0-0.log.12268.20121009204757.gz 43 177

Oct 11 2012 19:27:03 +00:00 /bootflash/tracelogs/inst_compmatrix_R0-0.log.gz 44 307 Oct

11 2012 18:24:41 +00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011182441.gz

45 309 Oct 11 2012 18:29:42 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011182942.gz 46 43748 Oct 06 2012

13:49:19 +00:00 /bootflash/tracelogs/hman_R0-0.log.0498.20121006134919.gz 47 309 Oct 11

2012 18:44:43 +00:00 /bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011184443.gz 48

309 Oct 11 2012 19:04:46 +00:00

/bootflash/tracelogs/inst_cleanup_R0-0.log.0000.20121011190446.gz 49 2729 Oct 09 2012

21:21:49 +00:00 /bootflash/tracelogs/IOSRP_R0-0.log.20011.20121009212149 50 116 Oct 08 2012

21:06:44 +00:00 /bootflash/tracelogs/binos_log_R0-0.log.20013.20121008210644

To avoid losing work you have completed, be sure to save your configuration occasionally as you proceed.

Use the copy running-config startup-config command to save the configuration to NVRAM.

Note

Verify Initial Configuration on Cisco 1100 Terminal Server

Gateway

Enter the following commands at Cisco IOS-XE to verify the initial configuration on the router:

• show version—Displays the system hardware version; the installed software version; the names and

sources of configuration files; the boot images; and the amount of installed DRAM, NVRAM, and flash

memory.

• show diag—Lists and displays diagnostic information about the installed controllers, interface processors,

and port adapters.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Verify Initial Configuration on Cisco 1100 Terminal Server Gateway

• show interfaces— Shows interfaces are operating correctly and that the interfaces and line protocol are

in the correct state; either up or down.

• show ip interface brief— Displays a summary status of the interfaces configured for IP protocol.

• show configuration— Verifies that you have configured the correct hostname and password.

• show platform— Displays the software/rommon version, and so on.

When you have completed and verified the initial configuration, specific features and functions are ready to

be configured.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Configure Initial Router Settings on Cisco 1100 Terminal Gateway

Verify Initial Configuration on Cisco 1100 Terminal Server Gateway

CHAPTER 3

Basic Router Configuration

This section includes information about some basic terminal server gateway configuration, and contains the

following sections:

• Default Configuration, on page 29

• Configuring Global Parameters, on page 31

• Configuring Gigabit Ethernet Interfaces, on page 31

• Configuring a Loopback Interface, on page 32

• Configuring Module Interfaces, on page 34

• Enabling Cisco Discovery Protocol, on page 34

• Configuring Command-Line Access, on page 34

• Configuring Static Routes, on page 36

• Configuring Dynamic Routes, on page 38

Default Configuration

When you boot up the router, the router looks for a default file name-the PID of the router. For example, the

Cisco 1100 Terminal Server Gateway look for a file named c1100.cfg. The device looks for this file before

finding the standard files-router-confg or the ciscortr.cfg.

The device looks for the c1100.cfg file in the bootflash. If the file is not found in the bootflash, the router then

looks for the standard files-router-confg and ciscortr.cfg. If none of the files are found, the router then checks

for any inserted USB that may have stored these files in the same particular order.

If there is a configuration file with the PID as its name in an inserted USB, but one of the standard files are

in bootflash, the system finds the standard file for use.

Note

Use the show running-config command to view the initial configuration, as shown in the following example:

Router# show running-config

Building configuration... Current configuration : 977 bytes !

version 15.3

service timestamps debug datetime msec

service timestamps log datetime msec

no platform punt-keepalive disable-kernel-core

page21image1612800

hostname Router

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

boot-start-marker

boot-end-marker

vrf definition Mgmt-intf

address-family ipv4

exit-address-family

address-family ipv6

exit-address-family

no aaa new-model

ipv6 multicast rpf use-bgp

multilink bundle-name authenticated

redundancy

mode none

interface GigabitEthernet0/0/0

no ip address

negotiation auto

interface GigabitEthernet0/0/1

no ip address

negotiation auto

interface GigabitEthernet0/0/2

no ip address

negotiation auto

interface GigabitEthernet0/0/3

no ip address

negotiation auto

interface GigabitEthernet0/0/4

no ip address

negotiation auto

interface GigabitEthernet0/0/5

no ip address

negotiation auto

ip forward-protocol nd

no ip http server

no ip http secure-server

control-plane

line con 0

stopbits 1

line vty 0 4

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Default Configuration

end

Configuring Global Parameters

To configure the global parameters for your router, follow these steps.

SUMMARY STEPS

1. configure terminal

2. hostname name

3. enable secret password

4. no ip domain-lookup

DETAILED STEPS

PurposeCommand or Action

Enters global configuration mode when using the console

port.

configure terminal

Example:

Step 1

Use the following to connect to the router with a remote

terminal:

Router> enable

Router# configure terminal

Router(config)#

telnet router-name or address

Password: *********

Router> enable

Specifies the name for the router.hostname name

Example:

Step 2

Router(config)# hostname Router

Specifies an encrypted password to prevent unauthorized

access to the router.

enable secret password

Example:

Step 3

Router(config)# enable secret cr1ny5ho

Disables the router from translating unfamiliar words (typos)

into IP addresses.

no ip domain-lookup

Example:

Step 4

For complete information on global parameter commands,

see the Cisco IOS Release Configuration Guide

documentation set.

Router(config)# no ip domain-lookup

Configuring Gigabit Ethernet Interfaces

To manually define onboard Gigabit Ethernet interfaces, follow these steps, beginning from global configuration

mode.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Global Parameters

SUMMARY STEPS

1. interface gigabitethernet slot/bay/port

2. ip address ip-address mask

3. ipv6 address ipv6-address/prefix

4. no shutdown

5. exit

DETAILED STEPS

PurposeCommand or Action

Enters the configuration mode for a Gigabit Ethernet

interface on the router.

interface gigabitethernet slot/bay/port

Example:

Step 1

Router(config)# interface gigabitethernet 0/0/1

Sets the IP address and subnet mask for the specified

Gigabit Ethernet interface. Use this Step if you are

configuring an IPv4 address.

ip address ip-address mask

Example:

Router(config-if)# ip address 192.168.12.2

255.255.255.0

Step 2

Sets the IPv6 address and prefix for the specified Gigabit

Ethernet interface. Use this step instead of Step 2, if you

are configuring an IPv6 address.

ipv6 address ipv6-address/prefix

Example:

Router(config-if)# ipv6 address

2001.db8::ffff:1/128

Step 3

Enables the Gigabit Ethernet interface and changes its state

from administratively down to administratively up.

no shutdown

Example:

Step 4

Router(config-if)# no shutdown

Exits configuration mode for the Gigabit Ethernet interface

and returns to privileged EXEC mode.

exit

Example:

Step 5

Router(config-if)# exit

Configuring a Loopback Interface

Before you begin

The loopback interface acts as a placeholder for the static IP address and provides default routing information.

To configure a loopback interface, follow these steps.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring a Loopback Interface

SUMMARY STEPS

1. interface type number

2. (Option 1) ip address ip-address mask

3. (Option 2) ipv6 address ipv6-address/prefix

4. exit

DETAILED STEPS

PurposeCommand or Action

Enters configuration mode on the loopback interface.interface type number

Example:

Step 1

Router(config)# interface Loopback 0

Sets the IP address and subnet mask on the loopback

interface. (If you are configuring an IPv6 address, use the

(Option 1) ip address ip-address mask

Example:

Step 2

ipv6 address ipv6-address/prefix command described

below.

Router(config-if)# ip address 10.108.1.1

255.255.255.0

Sets the IPv6 address and prefix on the loopback interface.(Option 2) ipv6 address ipv6-address/prefix

Example:

Step 3

Router(config-if)# 2001:db8::ffff:1/128

Exits configuration mode for the loopback interface and

returns to global configuration mode.

exit

Example:

Step 4

Router(config-if)# exit

Example

Verifying Loopback Interface Configuration

The loopback interface in this sample configuration is used to support Network Address Translation

(NAT) on the virtual-template interface. This configuration example shows the loopback interface

configured on the Gigabit Ethernet interface with an IP address of 192.0.2.0/24, which acts as a static

IP address. The loopback interface points back to virtual-template1, which has a negotiated IP address.

interface loopback 0

ip address 192.0.2.0 255.255.255.0 (static IP address)

ip nat outside

interface Virtual-Template1

ip unnumbered loopback0

no ip directed-broadcast

ip nat outside

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring a Loopback Interface

Enter the show interface loopback command. You should see an output similar to the following

example:

Router# show interface loopback 0

Loopback0 is up, line protocol is up

Hardware is Loopback

Internet address is 200.200.100.1/24

MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation LOOPBACK, loopback not set

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/0, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

Alternatively, use the ping command to verify the loopback interface, as shown in the following

example:

Router# ping 192.0.2.0

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.0.2.0, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Configuring Module Interfaces

For detailed information about configuring service modules, see "Service Modules" in the "Service Module

Management" section of the Cisco Service Module Configuration Guide.

Enabling Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) is enabled by default on the router.

For more information on using CDP, see Cisco Discovery Protocol Configuration Guide.

Configuring Command-Line Access

To configure parameters to control access to the router, follow these steps.

SUMMARY STEPS

1. line [| console | tty | vty] line-number

2. password password

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Module Interfaces

3. login

4. exec-timeout minutes [seconds]

5. exit

6. line [| console | tty | vty] line-number

7. password password

8. login

9. end

DETAILED STEPS

PurposeCommand or Action

Enters line configuration mode, and specifies the type of

line.

line [| console | tty | vty] line-number

Example:

Step 1

The example provided here specifies a console terminal for

access.

Router(config)# line console 0

Specifies a unique password for the console terminal line.password password

Example:

Step 2

Router(config-line)# password 5dr4Hepw3

Enables password checking at terminal session login.login

Example:

Step 3

Router(config-line)# login

Sets the interval during which the EXEC command

interpreter waits until user input is detected. The default is

10 minutes. Optionally, adds seconds to the interval value.

exec-timeout minutes [seconds]

Example:

Router(config-line)# exec-timeout 5 30

Router(config-line)#

Step 4

The example provided here shows a timeout of 5 minutes

and 30 seconds. Entering a timeout of 0 0 specifies never

to time out.

Exits line configuration mode to re-enter global

configuration mode.

exit

Example:

Step 5

Router(config-line)# exit

Specifies a virtual terminal for remote console access.line [| console | tty | vty] line-number

Example:

Step 6

Router(config)# line vty 0 4

Router(config-line)#

Specifies a unique password for the virtual terminal line.password password

Example:

Step 7

Router(config-line)# password aldf2ad1

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Command-Line Access

PurposeCommand or Action

Enables password checking at the virtual terminal session

Example:

Step 8

Router(config-line)# login

Exits line configuration mode, and returns to privileged

EXEC mode.

end

Example:

Step 9

Router(config-line)# end

Example

The following configuration shows the command-line access commands.

You do not have to input the commands marked default. These commands appear automatically in

the configuration file that is generated when you use the show running-config command.

line console 0

exec-timeout 10 0

password 4youreyesonly

transport input none (default)

stopbits 1 (default)

line vty 0 4

password secret

Configuring Static Routes

Static routes provide fixed routing paths through the network. They are manually configured on the router. If

the network topology changes, the static route must be updated with a new route. Static routes are private

routes unless they are redistributed by a routing protocol.

To configure static routes, follow these steps.

SUMMARY STEPS

1. (Option 1) ip route prefix mask {ip-address | interface-type interface-number [ip-address]}

2. (Option 2) ipv6 route prefix/mask {ipv6-address | interface-type interface-number [ipv6-address]}

3. end

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Static Routes

DETAILED STEPS

PurposeCommand or Action

Specifies a static route for the IP packets. (If you are

configuring an IPv6 address, use the ipv6 route command

described below.)

(Option 1) ip route prefix mask {ip-address |

interface-type interface-number [ip-address]}

Example:

Step 1

Router(config)# ip route 192.168.1.0 255.255.0.0

10.10.10.2

Specifies a static route for the IP packets.(Option 2) ipv6 route prefix/mask {ipv6-address |

interface-type interface-number [ipv6-address]}

Step 2

Example:

Router(config)# ipv6 route 2001:db8:2::/64

Exits global configuration mode and enters privileged EXEC

mode.

end

Example:

Step 3

Router(config)# end

Verifying Configuration

In the following configuration example, the static route sends out all IP packets with a destination

IP address of 192.168.1.0 and a subnet mask of 255.255.255.0 on the Gigabit Ethernet interface to

another device with an IP address of 10.10.10.2. Specifically, the packets are sent to the configured

PVC.

You do not have to enter the command marked default. This command appears automatically in the

configuration file generated when you use the running-config command.

ip classless (default)

ip route 192.168.1.0 255.255.255.0

To verify that you have configured static routing correctly, enter the show ip route command (or

show ipv6 route command) and look for static routes marked with the letter S.

When you use an IPv4 address, you should see verification output similar to the following:

Router# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.108.1.0 is directly connected, Loopback0

S* 0.0.0.0/0 is directly connected, FastEthernet0

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Static Routes

When you use an IPv6 address, you should see verification output similar to the following:

Router# show ipv6 route

IPv6 Routing Table - default - 5 entries

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route

B - BGP, R - RIP, H - NHRP, I1 - ISIS L1

I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP

EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -

Destination

NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1

OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

ls - LISP site, ld - LISP dyn-EID, a - Application

C 2001:DB8:3::/64 [0/0]

via GigabitEthernet0/0/2, directly connected

S 2001:DB8:2::/64 [1/0]

via 2001:DB8:3::1

Configuring Dynamic Routes

In dynamic routing, the network protocol adjusts the path automatically, based on network traffic or topology.

Changes in dynamic routes are shared with other routers in the network.

A router can use IP routing protocols, such as Routing Information Protocol (RIP) or Enhanced Interior

Gateway Routing Protocol (EIGRP), to learn about routes dynamically.

• Configuring Routing Information Protocol, on page 38

• Configuring Enhanced Interior Gateway Routing Protocol, on page 41

Configuring Routing Information Protocol

To configure the RIP on a router, follow these steps.

SUMMARY STEPS

1. router rip

2. version {1 | 2}

3. network ip-address

4. no auto-summary

5. end

DETAILED STEPS

PurposeCommand or Action

Enters router configuration mode, and enables RIP on the

router.

router rip

Example:

Step 1

Router(config)# router rip

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Dynamic Routes

PurposeCommand or Action

Specifies use of RIP version 1 or 2.version {1 | 2}

Example:

Step 2

Router(config-router)# version 2

Specifies a list of networks on which RIP is to be applied,

using the address of the network of each directly connected

network.

network ip-address

Example:

Router(config-router)# network 192.168.1.1

Router(config-router)# network 10.10.7.1

Step 3

Disables automatic summarization of subnet routes into

network-level routes. This allows subprefix routing

information to pass across classful network boundaries.

no auto-summary

Example:

Router(config-router)# no auto-summary

Step 4

Exits router configuration mode, and enters privileged

EXEC mode.

end

Example:

Step 5

Router(config-router)# end

Example

Verifying Configuration

The following configuration example shows RIP Version 2 enabled in IP networks 10.0.0.0 and

192.168.1.0. To see this configuration, use the show running-config command from privileged

EXEC mode.

Router# show running-config

Building configuration... Current configuration : 977 bytes !

version 15.3

service timestamps debug datetime msec

service timestamps log datetime msec

no platform punt-keepalive disable-kernel-core

page21image1612800

hostname Router

boot-start-marker

boot-end-marker

vrf definition Mgmt-intf

address-family ipv4

exit-address-family

address-family ipv6

exit-address-family

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Routing Information Protocol

no aaa new-model

ipv6 multicast rpf use-bgp

multilink bundle-name authenticated

redundancy

mode none

interface GigabitEthernet0/0/0

no ip address

negotiation auto

interface GigabitEthernet0/0/1

no ip address

negotiation auto

interface GigabitEthernet0/0/2

no ip address

negotiation auto

interface GigabitEthernet0/0/3

no ip address

negotiation auto

interface GigabitEthernet0/0/4

no ip address

negotiation auto

interface GigabitEthernet0/0/5

no ip address

negotiation auto

ip forward-protocol nd

no ip http server

no ip http secure-server

control-plane

line con 0

stopbits 1

line vty 0 4

end

To verify that you have configured RIP correctly, enter the show ip route command and look for

RIP routes marked with the letter R. You should see an output similar to the one shown in the

following example:

Router# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Routing Information Protocol

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.108.1.0 is directly connected, Loopback0

R 3.0.0.0/8 [120/1] via 2.2.2.1, 00:00:02, Ethernet0/0/0

Configuring Enhanced Interior Gateway Routing Protocol

To configure Enhanced Interior Gateway Routing Protocol (EIGRP), follow these steps.

SUMMARY STEPS

1. router eigrp as-number

2. network ip-address

3. end

DETAILED STEPS

PurposeCommand or Action

Enters router configuration mode, and enables EIGRP on

the router. The autonomous-system number identifies the

router eigrp as-number

Example:

Step 1

route to other EIGRP routers and is used to tag the EIGRP

information.

Router(config)# router eigrp 109

Specifies a list of networks on which EIGRP is to be

applied, using the IP address of the network of directly

connected networks.

network ip-address

Example:

Router(config)# network 192.168.1.0

Router(config)# network 10.10.12.115

Step 2

Exits router configuration mode, and enters privileged

EXEC mode.

end

Example:

Step 3

Router(config-router)# end

Example

Verifying the Configuration

The following configuration example shows the EIGRP routing protocol enabled in IP networks

192.168.1.0 and 10.10.12.115. The EIGRP autonomous system number is 109. To see this

configuration, use the show running-config command.

Router# show running-config

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Enhanced Interior Gateway Routing Protocol

router eigrp 109

network 192.168.1.0

network 10.10.12.115

To verify that you have configured IP EIGRP correctly, enter the show ip route command, and look

for EIGRP routes marked by the letter D. You should see verification output similar to the following:

Router# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.108.1.0 is directly connected, Loopback0

D 3.0.0.0/8 [90/409600] via 2.2.2.1, 00:00:02, Ethernet0/0

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Basic Router Configuration

Configuring Enhanced Interior Gateway Routing Protocol

CHAPTER 4

Accessing the CLI Using a Router Console

Before you begin

Use the console (CON) port to access the command-line interface (CLI) directly or when using Telnet.

The following sections describe the main methods of accessing the router:

• Accessing the CLI Using a Directly-Connected Console, on page 43

• Using SSH to Access Console, on page 44

• Accessing the CLI from a Remote Console Using Telnet, on page 45

• Accessing the CLI Using a Directly-Connected Console, on page 43

• Using SSH to Access Console, on page 44

• Accessing the CLI from a Remote Console Using Telnet, on page 45

• Using Keyboard Shortcuts, on page 47

• Using the History Buffer to Recall Commands, on page 47

• Using the no and default Forms of Commands, on page 54

• Saving Configuration Changes, on page 54

• Managing Configuration Files, on page 55

• Filtering Output from the show and more Commands, on page 55

• Powering Off a Router, on page 56

• Finding Support Information for Platforms and Cisco Software Images, on page 56

• CLI Session Management, on page 57

Accessing the CLI Using a Directly-Connected Console

The CON port is an EIA/TIA-232 asynchronous, serial connection with no-flow control and an RJ-45 connector.

The CON port is located on the front panel of the chassis.

The following sections describe the procedure to access the control interface:

• Connecting to the Console Port, on page 44

• Using the Console Interface, on page 44

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Connecting to the Console Port

Step 1 Configure your terminal emulation software with the following settings:

• 9600 bits per second (bps)

• 8 data bits

• No parity

• No flow control

Step 2 Connect to the CON port using the RJ-45-to-RJ-45 cable and the RJ-45-to-DB-25 DTE adapter or the RJ-45-to-DB-9

DTE adapter (labeled Terminal).

Using the Console Interface

Step 1 Enter the following command:

Router> enable

Step 2 (Go to Step 3 if the enable password has not been configured.) At the password prompt, enter your system password:

Password: enablepass

When your password is accepted, the privileged EXEC mode prompt is displayed.

Router#

You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your

desired tasks.

Step 3 If you enter the setup command, see “Using Cisco Setup Command Facility” in the “Initial Configuration” section of

the Hardware Installation Guide for the Cisco 1100 Terminal Gateway.

Step 4 To exit the console session, enter the quit command:

Router# quit

Using SSH to Access Console

Secure Shell (SSH) is a protocol which provides a secure remote access connection to network devices. To

enable SSH support on the device:

Step 1 Configure the hostname:

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname xxx_lab

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Connecting to the Console Port

Here, host name is the router hostname or IP address.

Step 2 Configure the DNS domain of the router:

xxx_lab(config)# xxx.cisco.com

Step 3 Generate an SSH key to be used with SSH:

xxx_lab(config)# crypto key generate rsa

The name for the keys will be: xxx_lab.xxx.cisco.com Choose the size of the key modulus in the range

of 360 to 4096 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few

minutes.

How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable...

[OK] (elapsed time was 0 seconds)

xxx_lab(config)#

Step 4 By default, the vtys? transport is Telnet. In this case, Telnet is disabled and only SSH is supported:

xxx_lab(config)#line vty 0 4

xxx_lab(config-line)#transport input SSH

Step 5 Create a username for SSH authentication and enable login authentication:

xxx_lab(config)# username jsmith privilege 15 secret 0 p@ss3456

xxx_lab(config)#line vty 0 4

xxx_lab(config-line)# login local

Step 6 Verify remote connection to the device using SSH.

Accessing the CLI from a Remote Console Using Telnet

The following topics describe the procedure to access the CLI from a remote console using Telnet:

• Preparing to Connect to the Router Console Using Telnet, on page 45

• Using Telnet to Access a Console Interface, on page 46

Preparing to Connect to the Router Console Using Telnet

To access the router remotely using Telnet from a TCP/IP network, configure the router to support virtual

terminal lines using the line vty global configuration command. Configure the virtual terminal lines to require

users to log in and specify a password.

See the Cisco IOS Terminal Services Command Reference document for more information about the line vty

global configuration command.

To prevent disabling login on a line, specify a password with the password command when you configure

the login command.

If you are using authentication, authorization, and accounting (AAA), configure the login authentication

command. To prevent disabling login on a line for AAA authentication when you configure a list with the

configuration command.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Accessing the CLI from a Remote Console Using Telnet

For more information about AAA services, see the Cisco IOS XE Security Configuration Guide: Secure

Connectivity and the Cisco IOS Security Command Reference documents. For more information about the

In addition, before you make a Telnet connection to the router, you must have a valid hostname for the router

or have an IP address configured on the router. For more information about the requirements for connecting

to the router using Telnet, information about customizing your Telnet services, and using Telnet key sequences,

see the Cisco IOS Configuration Fundamentals Configuration Guide.

Using Telnet to Access a Console Interface

Step 1 From your terminal or PC, enter one of the following commands:

• connect host [port] [keyword]

• telnet host [port] [keyword]

Here, host is the router hostname or IP address, port is a decimal port number (23 is the default), and keyword is a

supported keyword. For more information about these commands, see the Cisco IOS Terminal Services Command

Reference document.

If you are using an access server, specify a valid port number, such as telnet 172.20.52.40 2004, in addition

to the hostname or IP address.

Note

The following example shows how to use the telnet command to connect to a router named router:

unix_host% telnet router

Trying 172.20.52.40...

Connected to 172.20.52.40.

Escape character is '^]'.

unix_host% connect

Step 2 Enter your login password:

User Access Verification

Password: mypassword

If no password has been configured, press Return.

Note

Step 3 From user EXEC mode, enter the enable command:

Router> enable

Step 4 At the password prompt, enter your system password:

Password: enablepass

Step 5 When the enable password is accepted, the privileged EXEC mode prompt is displayed:

Router#

Step 6 You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your

desired tasks.

Step 7 To exit the Telnet session, use the exit or logout command.

Router# logout

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Using Telnet to Access a Console Interface

Using Keyboard Shortcuts

Commands are not case sensitive. You can abbreviate commands and parameters if the abbreviations contain

enough letters to be different from any other currently available commands or parameters.

The following table lists the keyboard shortcuts for entering and editing commands.

Table 3: Keyboard Shortcuts

PurposeKey Name

Move the cursor back one character.Ctrl-B or the Left Arrow key

Move the cursor forward one character.Ctrl-F or the Right Arrow key

Move the cursor to the beginning of the command

line.

Ctrl-A

Move the cursor to the end of the command line.Ctrl-E

Move the cursor back one word.Esc B

Move the cursor forward one word.Esc F

Using the History Buffer to Recall Commands

The history buffer stores the last 20 commands you entered. History substitution allows you to access these

commands without retyping them, by using special abbreviated commands.

The following table lists the history substitution commands.

Table 4: History Substitution Commands

PurposeCommand

Recalls commands in the history buffer, beginning

with the most recent command. Repeat the key

sequence to recall successively older commands.

Ctrl-P or the Up Arrow key

Returns to more recent commands in the history buffer

after recalling commands with Ctrl-P or the Up

Arrow key.

Ctrl-N or the Down Arrow key

While in EXEC mode, lists the last few commands

you entered.

Router# show history

The arrow keys function only on ANSI-compatible terminals such as VT100s.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Using Keyboard Shortcuts

Understanding Command Modes

The command modes available in Cisco IOS XE are the same as those available in traditional Cisco IOS. Use

the CLI to access Cisco IOS XE software. Because the CLI is divided into many different modes, the commands

available to you at any given time depend on the mode that you are currently in. Entering a question mark (?)

at the CLI prompt allows you to obtain a list of commands available for each command mode.

When you log in to the CLI, you are in user EXEC mode. User EXEC mode contains only a limited subset

of commands. To have access to all commands, you must enter privileged EXEC mode, normally by using a

password. From privileged EXEC mode, you can issue any EXEC command—user or privileged mode—or

you can enter global configuration mode. Most EXEC commands are one-time commands. For example, sho w

commands show important status information, and clear commands clear counters or interfaces. The EXEC

commands are not saved when the software reboots.

Configuration modes allow you to make changes to the running configuration. If you later save the running

configuration to the startup configuration, these changed commands are stored when the software is rebooted.

To enter specific configuration modes, you must start at global configuration mode. From global configuration

mode, you can enter interface configuration mode and a variety of other modes, such as protocol-specific

modes.

ROM monitor mode is a separate mode used when the Cisco IOS XE software cannot load properly. If a valid

software image is not found when the software boots or if the configuration file is corrupted at startup, the

software might enter ROM monitor mode.

The following table describes how to access and exit various common command modes of the Cisco IOS XE

software. It also shows examples of the prompts displayed for each mode.

Table 5: Accessing and Exiting Command Modes

Exit MethodPromptAccess MethodCommand Mode

Use the logoutcommand.Router>Log in.User EXEC

To return to user EXEC

mode, use the disable

command.

Router#From user EXEC mode,

use the enable command.

Privileged EXEC

To return to privileged

EXEC mode from global

configuration mode, use

the exit or end command.

Router(config)#From privileged EXEC

mode, use the configure

terminal command.

Global configuration

To return to global

configuration mode, use

the exit command.

To return to privileged

EXEC mode, use the end

command.

Router(config-if)#From global configuration

mode, specify an interface

using an interface

command.

Interface configuration

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Understanding Command Modes

Exit MethodPromptAccess MethodCommand Mode

If failure of the Cisco IOS

process is the reason for

entering diagnostic mode,

the Cisco IOS problem

must be resolved and the

router rebooted to get out

of diagnostic mode.

If the router is in

diagnostic mode because

of a transport-map

configuration, access the

router through another

port or by using a method

that is configured to

connect to the Cisco IOS

CLI.

Router(diag)#The router boots up or

accesses diagnostic mode

in the following scenarios:

• In some cases,

diagnostic mode will

be reached when the

Cisco IOS process or

processes fail. In

most scenarios,

however, the router

will reload.

• A user-configured

access policy is

configured using the

transport-map

command that directs

a user into diagnostic

mode.

• A break signal

(Ctrl-C,

Ctrl-Shift-6, or the

send break

command) is entered

and the router is

configured to go to

diagnostic mode

when the break

signal is received.

Diagnostic

To exit ROM monitor

mode, manually boot a

valid image or perform a

reset with autoboot set so

that a valid image is

loaded.

rommon#>From privileged EXEC

mode, use the reload

EXEC command. Press

the Break key during the

first 60 seconds while the

system is booting.

ROM monitor

Understanding Diagnostic Mode

The router boots up or accesses diagnostic mode in the following scenarios:

• The IOS process or processes fail, in some scenarios. In other scenarios, the system resets when the IOS

process or processes fail.

• A user-configured access policy was configured using the transport-map command that directs the user

into the diagnostic mode.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Understanding Diagnostic Mode

• A send break signal (Ctrl-C or Ctrl-Shift-6) was entered while accessing the router, and the router was

configured to enter diagnostic mode when a break signal was sent.

In the diagnostic mode, a subset of the commands that are available in user EXEC mode are made available

to the users. Among other things, these commands can be used to:

• Inspect various states on the router, including the IOS state.

• Replace or roll back the configuration.

• Provide methods of restarting the IOS or other processes.

• Reboot hardware, such as the entire router, a module, or possibly other hardware components.

• Transfer files into or off of the router using remote access methods such as FTP, TFTP, and SCP.

The diagnostic mode provides a more comprehensive user interface for troubleshooting than previous routers,

which relied on limited access methods during failures, such as ROMMON, to diagnose and troubleshoot

Cisco IOS problems. The diagnostic mode commands can work when the Cisco IOS process is not working

properly. These commands are also available in privileged EXEC mode on the router when the router is

working normally.

Getting Help

Entering a question mark (?) at the CLI prompt displays a list of commands available for each command

mode. You can also get a list of keywords and arguments associated with any command by using the

context-sensitive help feature.

To get help that is specific to a command mode, a command, a keyword, or an argument, use one of the

following commands.

PurposeCommand

Provides a brief description of the help system in any

command mode.

help

Provides a list of commands that begin with a

particular character string.

There is no space between the command

and the question mark.

Note

abbreviated-command-entry?

Completes a partial command name.abbreviated-command-entry<Tab>

Lists all the commands that are available for a

particular command mode.

Lists the keywords or arguments that you must enter

next on the command line.

There is a space between the command

and the question mark.

Note

command ?

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Getting Help

Finding Command Options: Example

This section provides information about how to display the syntax for a command. The syntax can consist of

optional or required keywords and arguments. To display keywords and arguments for a command, enter a

question mark (?) at the configuration prompt or after entering a part of a command followed by a space. The

Cisco IOS XE software displays a list and brief descriptions of the available keywords and arguments. For

example, if you are in global configuration mode and want to see all the keywords and arguments for the arap

command, you should type arap ?.

The <cr> symbol in command help output stands for carriage return. On older keyboards, the carriage return

key is the Return key. On most modern keyboards, the carriage return key is the Enter key. The <cr> symbol

at the end of command help output indicates that you have the option to press Enter to complete the command

and that the arguments and keywords in the list preceding the <cr> symbol are optional. The <cr> symbol by

itself indicates that no more arguments or keywords are available, and that you must press Enter to complete

the command.

The following table shows examples of using the question mark (?) to assist you in entering commands.

Table 6: Finding Command Options

CommentCommand

Enter the enable command and password to access

privileged EXEC commands. You are in privileged

EXEC mode when the prompt changes to a “ # ”

from the “ > ”, for example, Router> to Router#

Router> enable

Password: <password>

Router#

Enter the configure terminal privileged EXEC

command to enter global configuration mode. You

are in global configuration mode when the prompt

changes to Router (config)#

Router# configure terminal

Enter configuration commands, one per line. End

with CNTL/Z.

Router(config)#

Enter interface configuration mode by specifying

the interface that you want to configure, using the

interface GigabitEthernet global configuration

command.

Enter ? to display what you must enter next on the

command line.

When the <cr> symbol is displayed, you can press

Enter to complete the command.

You are in interface configuration mode when the

prompt changes to Router(config-if)#

Router(config)# interface GigabitEthernet ?

<0-0> GigabitEthernet interface number

<0-2> GigabitEthernet interface number

Router(config)# interface GigabitEthernet 1/?

<0-4> Port Adapter number

Router (config)# interface GigabitEthernet 1/3/?

<0-15> GigabitEthernet interface number

Router (config)# interface GigabitEthernet

1/3/8?

. <0-3>

Router (config)# interface GigabitEthernet

1/3/8.0

Router(config-if)#

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Finding Command Options: Example

CommentCommand

Enter ? to display a list of all the interface

configuration commands available for the interface.

This example shows only some of the available

interface configuration commands.

Router(config-if)# ?

Interface configuration commands:

ip Interface Internet

Protocol

config commands

keepalive Enable keepalive

lan-name LAN Name command

llc2 LLC2 Interface Subcommands

load-interval Specify interval for load

calculation

for an interface

locaddr-priority Assign a priority group

logging Configure logging for

interface

loopback Configure internal

loopback on an

interface

mac-address Manually set interface

MAC address

mls mls router sub/interface

commands

mpoa MPOA interface

configuration commands

mtu Set the interface

Maximum Transmission Unit

(MTU)

netbios Use a defined NETBIOS

access list

or enable

name-caching

no Negate a command or set

its defaults

nrzi-encoding Enable use of NRZI

encoding

ntp Configure NTP

Router(config-if)#

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Finding Command Options: Example

CommentCommand

Enter the command that you want to configure for

the interface. This example uses the ip command.

Enter ? to display what you must enter next on the

command line. This example shows only some of

the available interface IP configuration commands.

Router(config-if)# ip ?

Interface IP configuration subcommands:

access-group Specify access control

for packets

accounting Enable IP accounting on

this interface

address Set the IP address of an

interface

authentication authentication subcommands

bandwidth-percent Set EIGRP bandwidth limit

broadcast-address Set the broadcast address

of an interface

cgmp Enable/disable CGMP

directed-broadcast Enable forwarding of

directed broadcasts

dvmrp DVMRP interface commands

hello-interval Configures IP-EIGRP hello

interval

helper-address Specify a destination

address for UDP broadcasts

hold-time Configures IP-EIGRP hold

time

Router(config-if)# ip

Enter the command that you want to configure for

the interface. This example uses the ip address

command.

Enter ? to display what you must enter next on the

command line. In this example, you must enter an

IP address or the negotiated keyword.

A carriage return (<cr>) is not displayed. Therefore,

you must enter additional keywords or arguments

to complete the command.

Router(config-if)# ip address ?

A.B.C.D IP address

negotiated IP Address negotiated over

PPP

Router(config-if)# ip address

Enter the keyword or argument that you want to

use. This example uses the 172.16.0.1 IP address.

Enter ? to display what you must enter next on the

command line. In this example, you must enter an

IP subnet mask.

<cr> is not displayed. Therefore, you must enter

additional keywords or arguments to complete the

command.

Router(config-if)# ip address 172.16.0.1 ?

A.B.C.D IP subnet mask

Router(config-if)# ip address 172.16.0.1

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Finding Command Options: Example

CommentCommand

Enter the IP subnet mask. This example uses the

255.255.255.0 IP subnet mask.

Enter ? to display what you must enter next on the

command line. In this example, you can enter the

secondary keyword, or you can press Enter.

<cr> is displayed. Press Enter to complete the

command, or enter another keyword.

Router(config-if)# ip address 172.16.0.1

255.255.255.0 ?

secondary Make this IP address a

secondary address

<cr>

Router(config-if)# ip address 172.16.0.1

255.255.255.0

Press Enter to complete the command.

Router(config-if)# ip address 172.16.0.1

255.255.255.0

Router(config-if)#

Using the no and default Forms of Commands

Almost every configuration command has a no form. In general, use the no form to disable a function. Use

the command without the no keyword to re-enable a disabled function or to enable a function that is disabled

by default. For example, IP routing is enabled by default. To disable IP routing, use the no ip routing command;

to re-enable IP routing, use the ip routing command. The Cisco IOS software command reference publications

provide the complete syntax for the configuration commands and describe what the no form of a command

does.

Many CLI commands also have a default form. By issuing the <command> default command-name, you

can configure the command to its default setting. The Cisco IOS software command reference publications

describe the function from a default form of the command when the default form performs a different function

than the plain and no forms of the command. To see what default commands are available on your system,

enter default ? in the appropriate command mode.

Saving Configuration Changes

Use the copy running-config startup-config command to save your configuration changes to the startup

configuration so that the changes will not be lost if the software reloads or a power outage occurs. For example:

Router# copy running-config startup-config

Building configuration...

It may take a few minutes to save the configuration. After the configuration has been saved, the following

output is displayed:

[OK]

Router#

This task saves the configuration to the NVRAM.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Using the no and default Forms of Commands

Managing Configuration Files

The startup configuration file is stored in the nvram: file system and the running configuration files are stored

in the system: file system. This configuration file storage setup is also used on several other Cisco router

platforms.

As a matter of routine maintenance on any Cisco router, users should back up the startup configuration file

by copying the startup configuration file from NVRAM to one of the router’s other file systems and,

additionally, to a network server. Backing up the startup configuration file provides an easy method of

recovering the startup configuration file if the startup configuration file in NVRAM becomes unusable for

any reason.

The copy command can be used to back up startup configuration files.

Examples of backing up the startup configuration file in NVRAM are shown in the Backing Up Cofiguration

Files section.

For more detailed information on managing configuration files, see the “Managing Configuration Files”

section in the Cisco IOS XE Configuration Fundamentals Configuration Guide.

Filtering Output from the show and more Commands

You can search and filter the output of show and more commands. This functionality is useful if you need to

sort through large amounts of output or if you want to exclude output that you need not see.

To use this functionality, enter a show or more command followed by the “pipe” character ( | ); one of the

keywords begin, include, or exclude; and a regular expression on which you want to search or filter (the

expression is case sensitive):

show command | {append | begin | exclude | include | redir ect | section | tee} regular-expression

The output matches certain lines of information in the configuration file.

Example

In this example, a modifier of the show interface command (include protocol) is used to provide only the

output lines in which the expression protocol is displayed:

Router# show interface | include protocol

GigabitEthernet0/0/0 is administratively down, line protocol is down

0 unknown protocol drops

GigabitEthernet0/0/1 is administratively down, line protocol is down

0 unknown protocol drops

GigabitEthernet0/0/2 is administratively down, line protocol is down

0 unknown protocol drops

GigabitEthernet0/0/3 is administratively down, line protocol is down

0 unknown protocol drops

GigabitEthernet0 is up, line protocol is up

0 unknown protocol drops

Loopback0 is up, line protocol is up

0 unknown protocol drops

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Managing Configuration Files

Powering Off a Router

The router can be safely turned off at any time by moving the router’s power supply switch to the Off position.

However, any changes to the running config since the last WRITE of the config to the NVRAM is lost.

Ensure that any configuration needed after startup is saved before powering off the router. The copy

running-config startup-config command saves the configuration in NVRAM and after the router is powered

up, the router initializes with the saved configuration.

Finding Support Information for Platforms and Cisco Software

Images

The Cisco IOS XE software is packaged in feature sets consisting of software images that support specific

platforms. The group of feature sets that are available for a specific platform depends on which Cisco software

images are included in a release. To identify the set of software images available in a specific release or to

find out if a feature is available in a given Cisco IOS XE software image, you can use Cisco Feature Navigator

or see the Release Notes for Cisco IOS XE.

Using Cisco Feature Navigator

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco

Feature Navigator is a tool that enables you to determine which Cisco IOS XE software images support a

specific software release, feature set, or platform. To use the navigator tool, an account on Cisco.com is not

required.

Using Software Advisor

Cisco maintains the Software Advisor tool. See Tools and Resources. Use the Software Advisor tool to see

if a feature is supported in a Cisco IOS XE release, to locate the software document for that feature, or to

check the minimum software requirements of Cisco IOS XE software with the hardware installed on your

router. You must be a registered user on Cisco.com to access this tool.

Using Software Release Notes

See the Release Notes document for Cisco Terminal Gateway for information about the following:

• Memory recommendations

• Open and resolved severity 1 and 2 caveats

Release notes are intended to be release-specific for the most current release, and the information provided

in these documents may not be cumulative in providing information about features that first appeared in

previous releases. For cumulative feature information, refer to the Cisco Feature Navigator at:

http://www.cisco.com/go/cfn/.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Powering Off a Router

CLI Session Management

An inactivity timeout is configurable and can be enforced. Session locking provides protection from two users

overwriting changes that the other has made. To prevent an internal process from using all the available

capacity, some spare capacity is reserved for CLI session access. For example, this allows a user to remotely

access a router.

• Changing the CLI Session Timeout, on page 57

• Locking a CLI Session, on page 57

Information About CLI Session Management

An inactivity timeout is configurable and can be enforced. Session locking provides protection from two users

overwriting changes that each other has made. To prevent an internal process from using all the available

capacity, some spare capacity is reserved for CLI session access. For example, this allows a user to remotely

access the router.

Changing the CLI Session Timeout

Step 1 configure terminal

Enters global configuration mode

Step 2 line console 0

Step 3 session-timeout minutes

The value of minutes sets the amount of time that the CLI waits before timing out. Setting the CLI session timeout

increases the security of a CLI session. Specify a value of 0 for minutes to disable session timeout.

Step 4 show line console 0

Verifies the value to which the session timeout has been set, which is shown as the value for " Idle Session ".

Locking a CLI Session

Before you begin

To configure a temporary password on a CLI session, use the lock command in EXEC mode. Before you can

use the lock command, you need to configure the line using the lockable command. In this example the line

is configured as lockable, and then the lock command is used and a temporary password is assigned.

Step 1 Router# configure terminal

Enters global configuration mode.

Step 2 Enter the line upon which you want to be able to use the lock command.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

CLI Session Management

Router(config)# line console 0

Step 3 Router(config)# lockable

Enables the line to be locked.

Step 4 Router(config)# exit

Step 5 Router# lock

The system prompts you for a password, which you must enter twice.

Password: <password>

Again: <password>

Locked

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Accessing the CLI Using a Router Console

Locking a CLI Session

CHAPTER 5

Licenses and Licensing Models

This chapter provides information about the licenses that are available on Cisco 1100 Terminal Services

Gateway and outlines the licensing models available on the platform.

For an overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.

• Available Licenses, on page 59

• How to Configure Available Licenses, on page 59

• Supported Licensing Models, on page 65

Available Licenses

Cisco 1100 Terminal Server Gateway platforms support the following licenses:

• Appx (appxk9)

• Security (securityk9)

• IP Base (ipbasek9)

This license is enabled by default.

• Booster Performance (booster_performance)

This license is available from Cisco IOS XE Cupertino 17.8.1a only. You must enable it for unthrottled

throughput of unencrypted traffic. By default (If the Booster Performance license is not enabled),

unencrypted traffic is throttled at 500 Mbps.

How to Configure Available Licenses

Configuring a Boot Level License

This task shows you how to enable a boot level license. The available boot level licenses include: Appx and

Security licenses.

Device reload is required before the configured changes are effective.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Before you begin

You can use this task to configure a boot level license in the Smart Licensing (Cisco IOS XE Amsterdam

17.2.x, Cisco IOS XE Amsterdam 17.3.x) and the Smart Licensing Using Policy environment (Cisco IOS XE

Bengaluru 17.4.1 and later).

If the software version running on the device is one that supports Smart Licensing, you must register the device

as per: Cisco Smart Licensing Guide for Cisco Enterprise Routing Platforms.

If the software version running on the device is one that supports Smart Licensing Using Policy, you can

purchase and use the licenses you want and complete reporting (if applicable) at a later date, as per Smart

Licensing Using Policy for Cisco Enterprise Routing Platforms.

Note

Step 1 show version

Example:

Device# show version

Technology Package License Information:

-----------------------------------------------------------------

Technology Technology-package Technology-package

Current Type Next reboot

------------------------------------------------------------------

appxk9 None Smart License None

securityk9 None Smart License None

ipbase ipbasek9 Smart License ipbasek9

The current throughput level is unthrottled

Displays the currently configured boot level license. In the accompanying example, a boot level license is not configured

yet.

Step 2 configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3 license boot level { appxk9 | securityk9 }

Example:

Device(config)# license boot level ?

appxk9 Appx License Level

securityk9 Security License Level

Device(config)# license boot level securityk9

Configures a boot level license.

Step 4 exit

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Configuring a Boot Level License

Example:

Device(config)# exit

Exits global configuration mode and returns to privileged EXEC mode.

Step 5 copy running-config startup-config

Example:

Device# copy running-config startup-config

Destination filename [startup-config]?

Building configuration...

[OK]

Saves your entries in the configuration file.

Step 6 reload

Example:

Device# reload

Proceed with reload? [confirm]

Reloads the device. License levels configured in Step 2 are effective and displayed only after this reload.

Step 7 show version

Example:

Device# show version

Technology Package License Information:

-----------------------------------------------------------------

Technology Technology-package Technology-package

Current Type Next reboot

------------------------------------------------------------------

appxk9 None Smart License None

securityk9 securityk9 Smart License securityk9

ipbase ipbasek9 Smart License ipbasek9

The current throughput level is unthrottled

Reloads the device. License levels configured in Step 3 are effective and displayed only after this reload.

Step 8 Complete license usage reporting - if required.

This step is applicable only if the software version running on the device is Cisco IOS XE Bengaluru 17.4.1

and later.

Note

After you configure a license level, you may have to send a RUM report (Resource Utilization Measurement Report) to

CSSM to report license usage information. To know if reporting is required, you can wait for a system message or refer

to the policy using show commands.

• The system message, which indicates that reporting is required: %SMART_LIC-6-REPORTING_REQUIRED: A Usage

report acknowledgement will be required in [dec] days.

[dec] is the amount of time (in days) left to meet reporting requirements.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Configuring a Boot Level License

• If using show commands, refer to the output of the show license status privileged EXEC command and check the

Next ACK deadline field. This means a RUM report must be sent and the acknolwedgement (ACK) from CSSM

must be installed by this date.

How you send the RUM report, depends on the topology you have implemented in the Smart Licensing Using Policy

environment. For more information, see How to Configure Smart Licensing Using Policy: Workflows by Topology

Enabling the Booster Performance License

This task shows you how enable the Booster Performance license. This license enables unthrottled throughput

for unencrypted traffic. Without it, unencrypted traffic is restricted to 500 Mbps.

Enabling this license does not change the cryptographic throughput level. Cryptographic throughput is restricted

to 100 Mbps on Cisco 1100 Terminal Services Gateway platforms.

Note

Before you begin

The Booster Performance license is available on all Cisco 1100 Terminal Services Gateway platforms from

Cisco IOS XE Cupertino 17.8.1a. Ensure that the software version running on the device is a supported version.

Step 1 show platform hardware throughput level

Displays the currently configured throughput level.

In the accompanying example, the throughput level is currently 500 Mbps.

Example:

Device# show platform hardware throughput level

The current throughput level is 500000 kb/s

Step 2 configure terminal

Enters the global configuration mode.

Example:

Device# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Step 3 platform hardware throughput level boost

Enables unthrottled throughput for unencrypted traffic.

Example:

Device(config)# platform hardware throughput level boost

% The config will take effect on next reboot

Step 4 end

Exits the global configuration mode and returns to the privileged EXEC mode.

Example:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Enabling the Booster Performance License

Device# end

Step 5 copy running-config startup-config

Saves changes in the configuration file.

Example:

Device# copy running-config startup-config

Building configuration...

[OK]

Step 6 reload

Reloads the device.

Example:

Device# reload

Proceed with reload? [confirm]

Mar 17 17:04:01.704: %PMAN-5-EXITACTION: R0/0: pvp: Process manager is exiting: process exit with

reload chassis code

Initializing Hardware …

Step 7 show platform hardware throughput level

Displays currently configured throughput level.

Example:

Device# show platform hardware throughput level

The current throughput level is unthrottled

Step 8 show license summary

Displays a summary of the licenses being used. In the accompanying example, the Booster Performance license is displayed

as IN USE.

Example:

Device# show license summary

Account Information:

Smart Account: Eg-SA As of Feb 26 20:57:30 2022 CST

Virtual Account: Eg-VA

License Usage:

License Entitlement Tag Count Status

-----------------------------------------------------------------------------

booster_performance (ISR_1100TG_BOOST) 1 IN USE

securityk9 (SL_1100TG_SEC_K9) 1 IN USE

Step 9 show license status

Displays currently configured transport settings, applicable policy information, and reporting requirements.

After you configure a license level, you may have to send a RUM report (Resource Utilization Measurement Report) to

CSSM to report license usage information. To know if reporting is required, you can wait for a system message or refer

to the policy using show commands.

• The system message, which indicates that reporting is required: %SMART_LIC-6-REPORTING_REQUIRED: A

Usage report acknowledgement will be required in [dec] days. [dec] is the amount of time (in days) left to meet

reporting requirements.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Enabling the Booster Performance License

• If using show commands, refer to the output of the show license status privileged EXEC command and check the

Next ACK deadline field. This means a RUM report must be sent and the acknolwedgement (ACK) from CSSM

must be installed by this date.

How you send the RUM report, depends on the topology you have implemented in the Smart Licensing Using Policy

environment. For more information, see How to Configure Smart Licensing Using Policy: Workflows by Topology

In the accompanying example, the device is connected directly to CSSM and is using Smart transport for communication

with CSSM. The device is configured to send a Resource Utilization Measurement report (RUM report) every 30 days.

It will automatically send the next RUM report on Mar 17 17:07:41 2022 CST.

Example:

Device# show license status

Transport:

Type: Smart

URL: https://smartreceiver.cisco.com/licservice/license

Proxy:

Not Configured

VRF:

Not Configured

Policy:

Policy in use: Installed On Jan 27 18:47:22 2021 CST

Policy name: SLE Policy

Reporting ACK required: yes (Customer Policy)

Unenforced/Non-Export Perpetual Attributes:

First report requirement (days): 30 (Customer Policy)

Reporting frequency (days): 60 (Customer Policy)

Report on change (days): 60 (Customer Policy)

Unenforced/Non-Export Subscription Attributes:

First report requirement (days): 120 (Customer Policy)

Reporting frequency (days): 150 (Customer Policy)

Report on change (days): 120 (Customer Policy)

Enforced (Perpetual/Subscription) License Attributes:

First report requirement (days): 30 (Customer Policy)

Reporting frequency (days): 90 (Customer Policy)

Report on change (days): 60 (Customer Policy)

Export (Perpetual/Subscription) License Attributes:

First report requirement (days): 30 (Customer Policy)

Reporting frequency (days): 30 (Customer Policy)

Report on change (days): 30 (Customer Policy)

Miscellaneous:

Custom Id: <empty>

Usage Reporting:

Last ACK received: Feb 26 21:25:57 2022 CST

Next ACK deadline: Apr 27 21:25:57 2022 CST

Reporting push interval: 30 days

Next ACK push check: Feb 26 21:05:37 2022 CST

Next report push: Mar 17 17:07:41 2022 CST

Last report push: Feb 26 20:55:56 2022 CST

Last report file write: <none>

Trust Code Installed: Nov 10 16:35:47 2021 CST

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Enabling the Booster Performance License

Supported Licensing Models

The licensing model defines how you account for or report the licenses that you use, to Cisco. The licensing

model supported on Cisco 1100 Terminal Services Gateway platforms depends on the Cisco IOS XE software

version running on the device.

• Cisco IOS XE Amsterdam 17.2.x to 17.3.x supports Smart Licensing.

• Cisco IOS XE Bengaluru 17.4.1 and later supports Smart Licensing Using Policy.

Refer to the corresponding section for more information about the licensing model.

Smart Licensing Using Policy

Smart Licensing Using Policy is an enhanced version of Smart Licensing.

With this licensing model, you purchase the licenses you want to use, configure them on the device, and then

report license usage – as required. You do not have to complete any licensing-specific operations, such as

registering or generating keys before you start using the software and the licenses that are tied to it - unless

you are using export-controlled and enforced licenses.

Multiple options are available for license usage reporting. You can use the Cisco Smart Licensing Utility

(CSLU), report usage information directly to CSSM, use a Controller (like Cisco DNA Center or Cisco

vManage), deploy Smart Software Manager On-Prem (SSM On-Prem) to administer products and licenses

on your premises. A provision for offline reporting for air-gapped networks, where you download usage

information and upload to CSSM, is also available.

You can also migrate from an existing licensing model, to Smart Licensing Using Policy. To migrate, you

must upgrade the software version (image) on the product instance to a supported version.

For more information, see Smart Licensing Using Policy for Cisco Enterprise Routing Platforms.

Smart Licensing

Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent

way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure

– you control what users can access. With Smart Licensing, you get:

• Easy Activation: Smart Licensing establishes a pool of software licenses that can be used across the

entire organization—no more PAKs (Product Activation Keys).

• Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco

products and services in an easy-to-use portal, so you always know what you have and what you are

using.

• License Flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer

licenses as needed.

To use Smart Licensing, you must first set up a Smart Account on Cisco Software Central

(http://software.cisco.com/).

For a more detailed overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Supported Licensing Models

For Smart Licensing configuration information for access and edge routers, see the https://www.cisco.com/

c/en/us/td/docs/ios-xml/ios/smart-licensing/qsg/b_Smart_Licensing_QuickStart/b_Smart_Licensing_QuickStart_

chapter_01.html.

• Smart Licensing feature provides users an experience of a single, standardized licensing solution for all

Cisco products. Adding support for CiscoONE suites in the Cisco IOS Software License (CISL) and

Smart Licensing mode, including the Foundation Suite and Active Directory Users and Computers

(ADUC) Suite.

• Smart Licensing provides the ability to switch between traditional licensing (CSL) and Smart Licensing

mode.

• Smart Licensing supports four software universal images NPE, NO-LI, NPE-NO-LI, and Non-NPE

images.

Prerequisites for Smart Licensing

• Ensure that the software version running on the device is one that supports Smart Licensing. Smart

Licensing is supported from Cisco IOS XE Amsterdam 17.2.x to 17.3.x.

• Ensure that Call Home is enabled before using Smart Licensing.

The Smart Call Home Transport Gateway helps to complete product registration and authorization based

on the desired performance and technology levels of Cisco products. To know more about Call Home,

refer to Call Home .

Transitioning from CSL to Smart Licensing

In the Smart Licensing Model, customers can activate licensed objects without the use of a special software

key or upgrade license file. Customers simply activate the new functionality using the appropriate product

commands and configurations and the functionality is activated. A software reboot may or may not be required

depending on the product capabilities and requirements.

Similarly, downgrading or removing an advanced feature, performance, or functionality would require removal

of the configuration or command.

After either of the above actions has been taken, the change in license state is noted by the Smart Software

Manager upon next synchronization and an appropriate action is taken.

Cisco ONE Suites

Cisco ONE Suites is a new way for customers to purchase infrastructure software. Cisco ONE offers a

simplified purchasing model, centered on common customer scenarios in the data center, wide area network,

and local access networks.

Smart Licensing supports Smart License Cisco ONE suite level licenses and image licenses, such as ipbase,

Advanced IP Services (AIS), Advanced Enterprise Services (AES) and feature license and throughput

performance, crypto throughput and port licensing on ASR 1000 Aggregation Series Routers.

To know more about Cisco One Suites, please refer to Cisco ONE Suites.

Troubleshooting for Cisco Smart Licensing Client

You can troubleshoot Smart Licensing enabling issues using the following commands on the device:

• show version

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Prerequisites for Smart Licensing

• show running-config

• show license summary

• show license all

• show license tech support

• debug smart_lic error

• debug smart_lic trace

Example: Displays summary information about all licenses

The following example shows how to use the show license all command to display summary

information about all licenses.

Device#show license all

Smart Licensing Status

======================

Smart Licensing is ENABLED

Registration:

Status: REGISTERED

Smart Account: BU Production Test

Virtual Account: ISR4K

Export-Controlled Functionality: Allowed

Initial Registration: SUCCEEDED on Sep 04 15:40:03 2015 PDT

Last Renewal Attempt: None

Next Renewal Attempt: Mar 02 15:40:02 2016 PDT

Registration Expires: Sep 03 15:34:53 2016 PDT

License Authorization:

Status: AUTHORIZED on Sep 04 15:40:09 2015 PDT

Last Communication Attempt: SUCCEEDED on Sep 04 15:40:09 2015 PDT

Next Communication Attempt: Oct 04 15:40:08 2015 PDT

Communication Deadline: Dec 03 15:35:01 2015 PDT

License Usage

==============

ISR_4400_FoundationSuite (ISR_4400_FoundationSuite):

Description: Cisco ONE Foundation Perpetual License ISR 4400

Count: 1

Version: 1.0

Status: AUTHORIZED

ISR_4400_AdvancedUCSuite (ISR_4400_AdvancedUCSuite):

Description: Cisco ONE Advanced UC Perpetual License ISR 4400

Count: 1

Version: 1.0

Status: AUTHORIZED

ISR_4451_2G_Performance (ISR_4451_2G_Performance):

Description: Performance on Demand License for 4450 Series

Count: 1

Version: 1.0

Status: AUTHORIZED

Product Information

===================

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Example: Displays summary information about all licenses

UDI: PID:ISR4451-X/K9,SN:FOC17042FJ9

Agent Version

=============

Smart Agent for Licensing: 1.4.0_rel/16

Component Versions: SA:(1_4_rel)1.0.15, SI:(dev22)1.2.6, CH:(dev5)1.0.32, PK:(dev18)1.0.17

Device#

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Licenses and Licensing Models

Example: Displays summary information about all licenses

CHAPTER 6

Managing the Device Using Web User Interface

The Web User Interface (Web UI) is an embedded GUI-based device-management tool that provides the

ability to provision the device, to simplify device deployment and manageability, and to enhance the user

experience. It comes with the default image, so there is no need to enable anything or install any license on

the device. You can use WebUI to build configurations, and to monitor and troubleshoot the device without

having CLI expertise. This chapter includes the these sections:

• Setting Up Factory Default Device Using Web UI , on page 69

• Using Web User Interface for Day One Setup, on page 73

Setting Up Factory Default Device Using Web UI

Quick Setup Wizard allows you perform the basic router configuration. To configure the router:

Before you access the Web UI, you need to have the basic configuration on the device.

Note

Step 1 Connect the RJ-45 end of a serial cable to the RJ-45 console port on the router.

Step 2 After the device initial configuration wizard appears, enter No to get into the device prompt when the following system

message appears on the router.

Would you like to enter the initial configuration dialog? [yes/no]: no

Step 3 From the configuration mode, enter the following configuration parameters.

ip dhcp pool WEBUIPool

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

username admin privilege 15 password 0 default

interface gig 0/0/1

ip address 192.168.1.1 255.255.255.0

Step 4 Connect the PC to the router using an Ethernet cable to the gig 0/0/1 interface.

Step 5 Set up your PC as a DHCP client to obtain the IP address of the router automatically.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Step 6 Launch the browser and enter the device IP address in your browser’s address line. For a secure connection, type

https://192.168.1.1/#/dayZeroRouting. For a less secure connection, enter http://192.168.1.1/#/dayZeroRouting.

Step 7 Enter the default username (admin) and the password as default.

Using Basic or Advanced Mode Setup Wizard

To configure the router using the basic or advanced mode setup:

Step 1 Choose the Basic Mode or Advanced Mode and click Go To Account Creation Page.

Step 2 Enter the username and password. Reenter the password to confirm.

Step 3 Click Create and Launch Wizard.

Step 4 Enter the device name and domain name.

Step 5 Select the appropriate time zone from the Time Zone drop-down list.

Step 6 Select the appropriate date and time mode from the Date and Time drop-down list.

Step 7 Click LAN Settings.

Configure LAN Settings

Step 1 Choose the Web DHCP Pool/DHCP Pool name or the Create and Associate Access VLAN option.

a) If you choose the Web DHCP Pool, specify the following:

Pool Name—Enter the DHCP Pool Name.

Network—Enter network address and the subnet mask.

b) If you choose the Create and Associate Access VLAN option, specify the following:

Access VLAN—Enter the Access VLAN identification number. The range is from 1 to 4094.

Network—Enter the IP address of the VLAN.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Managing the Device Using Web User Interface

Using Basic or Advanced Mode Setup Wizard

Management Interfaces—Select the interface and move to the selected list box using the right and left arrows. You

can also double click or drag and drop to move the interface to the selected list box.

Step 2 Click Primary WAN Settings.

Configure Primary WAN Settings

Step 1 Select the primary WAN type. You con configure Serial, 3G/4G, Ethernet, or Broadband (xDSL) as primary WAN

depending on the WAN types supported by the router.

Step 2 Select the interface from the drop-down list.

Step 3 Check the GetDNS Server info directly from ISP check box to get the DNS server information directly from the service

provider. You can also manually enter the Primary DNS and Secondary DNS.

Step 4 Check the Get IP automatically fromISP check box to get the IP address information directly from the service provider.

You can also manually enter the IP address and subnet mask.

Step 5 Check the Enable NAT check box to enable NAT. It is recommended to enable NAT.

Step 6 Check the Enable PPPOE check box to enable PPPoE. If you have enabled PPPoE, select the required authentication

mode. The options are: PAP and CHAP.

Step 7 Enter the user name and password provided by the service provider.

Step 8 Click Security / APP Visibility WAN Settings.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Managing the Device Using Web User Interface

Configure Primary WAN Settings

Configure Secondary WAN Settings

For advanced configuration, you should configure the secondary WAN connection.

Step 1 Select the secondary WAN type. You con configure Serial, 3G/4G, Ethernet, or Broadband (xDSL) as a secondary WAN

depending on the WAN types supported by the router.

Step 2 Select the interface from the drop-down list.

Step 3 Check the GetDNS Server info directly from ISP check box to get the DNS server information directly from the service

provider. You can also manually enter the Primary DNS and Secondary DNS.

Step 4 Check the Get IP automatically fromISP check box to get the IP address information directly from the service provider.

You can also manually enter the IP address and subnet mask.

Step 5 Check the Enable NAT check box to enable NAT. It is recommended to enable NAT.

Step 6 Check the Enable PPPOE check box to enable PPPoE. If you have enabled PPPoE, select the required authentication

mode. The options are PAP and CHAP .

Step 7 Enter the user name and password provided by the service provider.

Step 8 Click Security / APP Visibility WAN Settings.

Configure Security Settings

Step 1 Check the Enable Cisco Recommended Security Settings check box to ensure that all passwords are not shown in plain

text. The passwords are encrypted.

Step 2 Click Day 0 Config Summary.

Step 3 To preview the configuration, click CLI Preview to preview the configuration.

Step 4 Click Finish to complete the Day Zero setup.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Managing the Device Using Web User Interface

Configure Secondary WAN Settings

Using Web User Interface for Day One Setup

To configure the Web user interface:

Step 1 Configure the HTTP server. By default, the HTTP server configuration should be present on the device. Ensure the

configuration by checking if the ip http server and ip http secure-server commands are present in the running

configuration.

Device #configure terminal

Device (config)#ip http server

Device (config)#ip http secure-server

Step 2 Set up the authentication options to log into Web UI. You can use one of these methods to authenticate:

a) You can authenicate using local database. To use a local database for Web UI authentication, ensure to have the ip

http authentication local command in the running configuration. This command is preconfigured on the device. If

the command is not present, configure the device as shown in this example:

Device #configure terminal

Device (config)#ip http authentication local

You need a user with privilege 15 to access the configuration screens on Web UI. If the privilege is less

than 15, you can access only the Dashboard and Monitoring screens on Web UI.

Note

To create a user account, use the username <username> privilege <privilege> password 0 <passwordtext>

Device #configure terminal

Device (config)# username <username> privilege <privilege> password 0 <passwordtext>

b) Authenticate using AAA options. To use AAA authentication for Web UI, ensure to configure ‘ip http authentication

aaa’ on the device. Also, ensure that the required AAA server configuration is present on the device.

Device #configure terminal

Device (config)#ip http authentication local

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Managing the Device Using Web User Interface

Using Web User Interface for Day One Setup

Step 3 Launch the browser. In the address bar, type the IP address of the device. For a secure connection, type https://ip-address.

Step 4 Enter the default username (cisco) and password provided with the device

Step 5 Click Log In.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Managing the Device Using Web User Interface

Using Web User Interface for Day One Setup

CHAPTER 7

Console Port, Telnet, and SSH Handling

This chapter includes the following sections:

• Notes and Restrictions for Console Port, Telnet, and SSH, on page 75

• Console Port Overview, on page 75

• Console Port Handling Overview, on page 76

• Telnet and SSH Overview, on page 76

• Persistent Telnet and Persistent SSH Overview, on page 76

• Configuring a Console Port Transport Map, on page 77

• Configuring Persistent Telnet, on page 79

• Configuring Persistent SSH, on page 81

• Viewing Console Port, SSH, and Telnet Handling Configurations, on page 84

• Configuring Auxiliary Port for Modem Connection , on page 89

Notes and Restrictions for Console Port, Telnet, and SSH

• Telnet and Secure Shell (SSH) settings configured in the transport map override any other Telnet or SSH

settings when the transport map is applied to the Ethernet management interface.

• Only local usernames and passwords can be used to authenticate users entering a Ethernet management

interface. AAA authentication is not available for users accessing the router through a Ethernet

management interface using persistent Telnet or persistent SSH.

• Applying a transport map to a Ethernet management interface with active Telnet or SSH sessions can

disconnect the active sessions. Removing a transport map from an interface, however, does not disconnect

any active Telnet or SSH session.

• Configuring the diagnostic and wait banners is optional, but recommended. The banners are especially

useful as indicators to users about the status of their Telnet or SSH attempts.

Console Port Overview

The console port on the router is an EIA/TIA-232 asynchronous, serial connection with no flow control and

an RJ-45 connector. The console port is used to access the router and is located on the front panel of the Route

Processor.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

For information on accessing the router using the console port, see the Using Cisco IOS XE Software section.

Console Port Handling Overview

If you are using the console port to access the router, you are automatically directed to the Cisco IOS

command-line interface (CLI).

If you are trying to access the router through the console port and send a break signal (by entering Ctrl-C or

Ctrl-Shift-6, or by entering the send break command at the Telnet prompt) before connecting to the CLI,

you are directed to a diagnostic mode if the non-RPIOS subpackages are accessible. These settings can be

changed by configuring a transport map for the console port and applying that transport map to the console

interface.

Telnet and SSH Overview

Telnet and SSH on the router can be configured and handled like Telnet and SSH on other Cisco platforms.

For information on traditional Telnet, see the line command in the Cisco IOS Terminal Services Command

Reference, Release 12.2 document. For more information on AAA authentiction methods, see the line command

in the Authentication Commands chapter.

For information on configuring traditional SSH, see the “Configuring Secure Shell” chapter in the Cisco IOS

Terminal Services Command Reference, Release 12.2 document.

On the router, persistent Telnet and persistent SSH allow network administrators to more clearly define the

treatment of incoming traffic when users access the router through the management ethernet port using Telnet

or SSH. Notably, persistent Telnet and persistent SSH provide more robust network access by allowing the

router to be configured to be accessible through the Ethernet management port using Telnet or SSH even

when the Cisco IOS process has failed.

Persistent Telnet and Persistent SSH Overview

In traditional Cisco routers, accessing the router using Telnet or SSH is not possible if the Cisco IOS software

fails. When Cisco IOS fails on a traditional Cisco router, the only method of accessing the router is through

the console port. Similarly, if all the active Cisco IOS processes have failed on a router that is not using

persistent Telnet or persistent SSH, the only method of accessing the router is through the console port.

However, with persistent Telnet and persistent SSH, you can configure a transport map that defines the

treatment of incoming Telnet or SSH traffic on the Ethernet management interface. Among the many

configuration options, a transport map can be configured to direct all traffic to the Cisco IOS CLI, diagnostic

mode, or to wait for a Cisco IOS VTY line to become available and then direct users to diagnostic mode when

a user sends a break signal while waiting for the IOS VTY line to become available. If a user uses Telnet or

SSH to access diagnostic mode, that Telnet or SSH connection will be usable even in scenarios when no Cisco

IOS process is active. Therefore, persistent Telnet and persistent SSH introduce the ability to access the router

via diagnostic mode when the Cisco IOS process is not active. For information on diagnostic mode, see Using

Cisco IOS XE Software. For information on the options that are can be configured using persistent Telnet or

persistent SSH transport maps, see Configuring Persistent Telnet, on page 79 and Configuring Persistent

SSH, on page 81.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Console Port Handling Overview

Configuring a Console Port Transport Map

This task describes how to configure a transport map for a console port interface on the router.

SUMMARY STEPS

1. enable

2. configure terminal

3. transport-map type console transport-map-name

4. connection wait [allow [interruptible] | none [disconnect]]

5. (Optional) banner [diagnostic | wait] banner-message

6. exit

7. transport type console console-line-number input transport-map-name

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Creates and names a transport map for handling console

connections, and enters transport map configuration mode.

transport-map type console transport-map-name

Example:

Step 3

Router(config)# transport-map type console

consolehandler

Specifies how a console connection will be handled using

this transport map.

connection wait [allow [interruptible] | none

[disconnect]]

Step 4

Example:

• allow interruptible—The console connection waits

for a Cisco IOS VTY line to become available, and

Router(config-tmap)# connection wait none

also allows users to enter diagnostic mode by

interrupting a console connection that is waiting for a

Cisco IOS VTY line to become available. This is the

default setting.

Users can interrupt a waiting connection

by entering Ctrl-C or Ctrl-Shift-6.

Note

• none—The console connection immediately enters

diagnostic mode.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring a Console Port Transport Map

PurposeCommand or Action

(Optional) Creates a banner message that will be seen by

users entering diagnostic mode or waiting for the Cisco IOS

(Optional) banner [diagnostic | wait] banner -messa g e

Example:

Step 5

VTY line because of the console transport map

configuration.

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

• diagnostic—Creates a banner message seen by users

directed to diagnostic mode because of the console

transport map configuration.

--Welcome to Diagnostic Mode--

Router(config-tmap)#

Users can interrupt a waiting connection

by entering Ctrl-C or Ctrl-Shift-6.

Note

• wait—Creates a banner message seen by users waiting

for Cisco IOS VTY to become available.

• banner-message—Banner message, which begins and

ends with the same delimiting character.

Exits transport map configuration mode to re-enter global

configuration mode.

exit

Example:

Step 6

Router(config-tmap)# exit

Applies the settings defined in the transport map to the

console interface.

transport type console console-line-number input

transport-map-name

Step 7

Example:

The transport-map-name for this command must match the

transport-map-name defined in the transport-map type

console command.

Router(config)# transport type console 0 input

consolehandler

Examples

The following example shows how to create a transport map to set console port access policies and

attach to console port 0:

Router(config)# transport-map type console consolehandler

Router(config-tmap)# connection wait allow interruptible

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

--Welcome to diagnostic mode--

Router(config-tmap)# banner wait X

Enter TEXT message. End with the character 'X'.

Waiting for IOS vty line

Router(config-tmap)# exit

Router(config)# transport type console 0 input consolehandler

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring a Console Port Transport Map

Configuring Persistent Telnet

For a persistent Telnet connection to access an Cisco IOS vty line on the router, local login authentication

must be configured for the vty line (the login command in line configuration mode). If local login authentication

is not configured, users will not be able to access Cisco IOS using a Telnet connection into the management

Ethernet interface with an applied transport map. Diagnostic mode will still be accessible in this scenario.

SUMMARY STEPS

1. enable

2. configure terminal

3. transport-map type persistent telnet transport-map-name

4. connection wait [allow [interruptible] | none [disconnect]]

5. (Optional) banner [diagnostic | wait] banner-message

6. transport interface

7. exit

8. transport type persistent telnetinput transport-map-name

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

• Enter your password if prompted.

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Creates and names a transport map for handling persistent

Telnet connections, and enters transport map configuration

mode.

transport-map type persistent telnet

transport-map-name

Example:

Step 3

Router(config)# transport-map type persistent

telnet telnethandler

Specifies how a persistent Telnet connection will be handled

using this transport map:

connection wait [allow [interruptible] | none

[disconnect]]

Step 4

Example:

• allow—The Telnet connection waits for a Cisco IOS

vty line to become available, and exits the router if

interrupted.

Router(config-tmap)# connection wait none

• allow interruptible—The Telnet connection waits for

the Cisco IOS vty line to become available, and also

allows user to enter diagnostic mode by interrupting

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Persistent Telnet

PurposeCommand or Action

a Telnet connection waiting for the Cisco IOS vty line

to become available. This is the default setting.

Users can interrupt a waiting connection

by entering Ctrl-C or Ctrl-Shift-6.

Note

• none—The Telnet connection immediately enters

diagnostic mode.

• none disconnect—The Telnet connection does not

wait for the Cisco IOS vty line and does not enter

diagnostic mode, so all Telnet connections are rejected

if no vty line is immediately available in the Cisco IOS

software.

(Optional) Creates a banner message that will be seen by

users entering diagnostic mode or waiting for the Cisco IOS

vty line because of the persistent Telnet configuration.

(Optional) banner [diagnostic | wait] banner -messa g e

Example:

Router(config-tmap)# banner diagnostic X

Step 5

• diagnostic—Creates a banner message seen by users

directed into diagnostic mode because of the persistent

Telnet configuration.

Enter TEXT message. End with the character 'X'.

--Welcome to Diagnostic Mode--

Router(config-tmap)#

Users can interrupt a waiting connection

by entering Ctrl-C or Ctrl-Shift-6.

Note

• wait—Creates a banner message seen by users waiting

for the vty line to become available.

• banner-message—The banner message, which begins

and ends with the same delimiting character.

Applies the transport map settings to the management

Ethernet interface (interface gigabitethernet 0).

transport interface

Example:

Step 6

Persistent Telnet can be applied only to the management

Ethernet interface on the router. This step must be taken

Router(config-tmap)# transport interface

gigabitethernet 0

before applying the transport map to the management

Ethernet interface.

Exits transport map configuration mode to re-enter global

configuration mode.

exit

Example:

Step 7

Router(config-tmap)# exit

Applies the settings defined in the transport map to the

management Ethernet interface.

transport type persistent telnetinput

transport-map-name

Step 8

Example:

The transport-map-name for this command must match the

transport-map-name defined in the transport-map type

persistent telnet command.

Router(config)# transport type persistent telnet

input telnethandler

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Persistent Telnet

Examples

In the following example, a transport map that will make all Telnet connections wait for a Cisco IOS

XE vty line to become available before connecting to the router, while also allowing the user to

interrupt the process and enter diagnostic mode, is configured and applied to the management Ethernet

interface (interface gigabitethernet 0).

A diagnostic and a wait banner are also configured.

The transport map is then applied to the interface when the transport type persistent telnet input

command is entered to enable persistent Telnet.

Router(config)# transport-map type persistent telnet telnethandler

Router(config-tmap)# connection wait allow interruptible

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

--Welcome to diagnostic mode--

Router(config-tmap)# banner wait X

Enter TEXT message. End with the character 'X'.

Waiting for IOS IOS Process--

Router(config-tmap)# transport interface gigabitethernet 0

Router(config-tmap)# exit

Router(config)# transport type persistent telnet input telnethandler

Configuring Persistent SSH

This task describes how to configure persistent SSH on the router.

SUMMARY STEPS

1. enable

2. configure terminal

3. transport-map type persistent ssh transport-map-name

4. connection wait [allow [interruptible] | none [disconnect]]

5. rsa keypair-name rsa-keypair-name

6. (Optional) authentication-retries number-of-retries

7. (Optional) banner [diagnostic | wait] banner-message

8. (Optional) time-out timeout-interval

9. transport interface gigabitethernet 0

10. exit

11. transport type persistent ssh input transport-map-name

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode.enable

Step 1

Example:

Enter your password if prompted.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Persistent SSH

PurposeCommand or Action

Router> enable

Enters global configuration mode.configure terminal

Example:

Step 2

Router# configure terminal

Creates and names a transport map for handling persistent

SSH connections, and enters transport map configuration

mode.

transport-map type persistent ssh

transport-map-name

Example:

Step 3

Router(config)# transport-map type persistent

telnet telnethandler

Specifies how a persistent SSH connection will be handled

using this transport map:

connection wait [allow [interruptible] | none

[disconnect]]

Step 4

Example:

• allow—The SSH connection waits for a Cisco IOS

VTY line to become available, and exits the router if

interrupted.

Router(config-tmap)# connection wait interruptible

• allow interruptible—The SSH connection waits for

the VTY line to become available, and also allows a

user to enter diagnostic mode by interrupting an SSH

connection waiting for the VTY line to become

available. This is the default setting.

Users can interrupt a waiting connection

by entering Ctrl-C or Ctrl-Shift-6.

Note

• none—The SSH connection immediately enters

diagnostic mode.

• none disconnect—The SSH connection does not wait

for the VTY line and does not enter diagnostic mode.

Therefore, all SSH connections are rejected if no VTY

line is immediately available.

Names the RSA keypair to be used for persistent SSH

connections.

rsa keypair-name rsa-keypair-name

Example:

Step 5

For persistent SSH connections, the RSA keypair name

must be defined using this command in transport map

Router(config)# rsa keypair-name sshkeys

configuration mode. The RSA keypair definitions defined

elsewhere on the router, such as through the use of the ip

ssh rsa keypair-namecommand, do not apply to persistent

SSH connections.

No rsa-keypair-name is defined by default.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Persistent SSH

PurposeCommand or Action

(Optional) Specifies the number of authentication retries

before dropping the connection.

(Optional) authentication-retries number-of-retries

Example:

Step 6

The default number-of-retries is 3.

Router(config-tmap)# authentication-retries 4

(Optional) Creates a banner message that will be seen by

users entering diagnostic mode or waiting for the VTY

line because of the persistent SSH configuration.

(Optional) banner [diagnostic | wait]

banner-message

Example:

Step 7

• diagnostic—Creates a banner message seen by users

directed to diagnostic mode because of the persistent

SSH configuration.

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

--Welcome to Diagnostic Mode--

Router(config-tmap)#

• wait—Creates a banner message seen by users

waiting for the VTY line to become available.

• banner-message—The banner message, which begins

and ends with the same delimiting character.

(Optional) Specifies the SSH time-out interval, in seconds.(Optional) time-out timeout-interval

Step 8

Example:

The default timeout-interval is 120 seconds.

Router(config-tmap)# time-out 30

Applies the transport map settings to the Ethernet

management interface (interface gigabitethernet 0).

transport interface gigabitethernet 0

Example:

Step 9

Persistent SSH can be applied only to the Ethernet

management interface on the router.

Router(config-tmap)# transport interface

gigabitethernet 0

Exits transport map configuration mode to re-enter global

configuration mode.

exit

Example:

Step 10

Router(config-tmap)# exit

Applies the settings defined in the transport map to the

Ethernet management interface.

transport type persistent ssh input

transport-map-name

Step 11

Example:

The transport-map-name for this command must match

the transport-map-name defined in the transport-map

type persistent ssh command.

Router(config)# transport type persistent ssh

input sshhandler

Examples

The following example shows a transport map that will make all SSH connections wait for the VTY

line to become active before connecting to the router being configured and applied to the Ethernet

management interface (interface gigabitethernet 0). The RSA keypair is named sshkeys.

This example only uses the commands required to configure persistent SSH.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Persistent SSH

Router(config)# transport-map type persistent ssh sshhandler

Router(config-tmap)# connection wait allow

Router(config-tmap)# rsa keypair-name sshkeys

Router(config-tmap)# transport interface gigabitethernet 0

Enter TEXT message. End with the character 'X'.

--Welcome to diagnostic mode--

Router(config-tmap)# banner wait X

Enter TEXT message. End with the character 'X'.

--Waiting for IOS IOS Process--

Router(config-tmap)# transport interface gigabitethernet 0

Router(config-tmap)# exit

Router(config)# transport type persistent telnet input telnethandler

In the following example, a transport map is configured and will apply the following settings to users

attempting to access the Ethernet management port via SSH:

• SSH users will wait for the VTY line to become active, but will enter diagnostic mode if the

attempt to access the Cisco IOS software through the VTY line is interrupted.

• The RSA keypair name is sshkeys.

• The connection allows one authentication retry.

• The banner --Welcome to Diagnostic Mode-- will appear if diagnostic mode is entered as

a result of SSH handling through this transport map.

• The banner --Waiting for vty line-- will appear if the connection is waiting for the VTY

line to become active.

• The transport map is then applied to the interface when the transport type persistent ssh input

command is entered to enable persistent SSH:

Router(config)# transport-map type persistent ssh sshhandler

Router(config-tmap)# connection wait allow interruptible

Router(config-tmap)# rsa keypair-name sshkeys

Router(config-tmap)# authentication-retries 1

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

--Welcome to diagnostic mode--

Router(config-tmap)# banner wait X

Enter TEXT message. End with the character 'X'.

--Waiting for vty line--

Router(config-tmap)# time-out 30

Router(config-tmap)# transport interface gigabitethernet 0

Router(config-tmap)# exit

Router(config)# transport type persistent ssh input sshhandler

Viewing Console Port, SSH, and Telnet Handling Configurations

Use the following commands to view console port, SSH, and Telnet handling configurations:

• show transport-map

• show platform software configuration access policy

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Viewing Console Port, SSH, and Telnet Handling Configurations

Use the show transport-map command to view transport map configurations.

show transport-map [all | name transport-map-name | type [console | persistent [ssh | telnet]]]

This command can be used either in user EXEC mode or privileged EXEC mode.

Example

The following example shows transport maps that are configured on the router: a console port

(consolehandler), persistent SSH (sshhandler), and persistent Telnet transport (telnethandler):

Router# show transport-map all

Transport Map:

Name: consolehandler

Type: Console Transport

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for the IOS CLI

bshell banner:

Welcome to Diagnostic Mode

Transport Map:

Name: sshhandler

Type: Persistent SSH Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS prompt

Bshell banner:

Welcome to Diagnostic Mode

SSH:

Timeout: 120

Authentication retries: 5

RSA keypair: sshkeys

Transport Map:

Name: telnethandler

Type: Persistent Telnet Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS process

Bshell banner:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Viewing Console Port, SSH, and Telnet Handling Configurations

Welcome to Diagnostic Mode

Transport Map:

Name: telnethandling1

Type: Persistent Telnet Transport

Connection:

Wait option: Wait Allow

Router# show transport-map type console

Transport Map:

Name: consolehandler

Type: Console Transport

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for the IOS CLI

Bshell banner:

Welcome to Diagnostic Mode

Router# show transport-map type persistent ssh

Transport Map:

Name: sshhandler

Type: Persistent SSH Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS prompt

Bshell banner:

Welcome to Diagnostic Mode

SSH:

Timeout: 120

Authentication retries: 5

RSA keypair: sshkeys

Router# show transport-map type persistent telnet

Transport Map:

Name: telnethandler

Type: Persistent Telnet Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS process

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Viewing Console Port, SSH, and Telnet Handling Configurations

Bshell banner:

Welcome to Diagnostic Mode

Transport Map:

Name: telnethandling1

Type: Persistent Telnet Transport

Connection:

Wait option: Wait Allow

Router# show transport-map name telnethandler

Transport Map:

Name: telnethandler

Type: Persistent Telnet Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS process

Bshell banner:

Welcome to Diagnostic Mode

Router# show transport-map name consolehandler

Transport Map:

Name: consolehandler

Type: Console Transport

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for the IOS CLI

Bshell banner:

Welcome to Diagnostic Mode

Router# show transport-map name sshhandler

Transport Map:

Name: sshhandler

Type: Persistent SSH Transport

Interface:

GigabitEthernet0

Connection:

Wait option: Wait Allow Interruptable

Wait banner:

Waiting for IOS prompt

Bshell banner:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Viewing Console Port, SSH, and Telnet Handling Configurations

Welcome to Diagnostic Mode

SSH:

Timeout: 120

Authentication retries: 5

RSA keypair: sshkeys

Router#

Use the show platform software configuration access policy command to view the current configurations

for handling the incoming console port, SSH, and Telnet connections. The output of this command provides

the current wait policy for each type of connection (Telnet, SSH, and console), as well as information on the

currently configured banners.

Unlike the show transport-map command, the show platform software configuration access policy

command is available in diagnostic mode so that it can be entered in scenarios where you need transport map

configuration information, but cannot access the Cisco IOS CLI.

Example

Router# show platform software configuration access policy

The current access-policies

Method : telnet

Rule : wait

Shell banner:

Wait banner :

Method : ssh

Rule : wait

Shell banner:

Wait banner :

Method : console

Rule : wait with interrupt

Shell banner:

Wait banner :

Example

The following example shows the show platform software configuration access policy command

being issued both before and after a new transport map for SSH are configured. During the

configuration, the connection policy and banners are set for a persistent SSH transport map, and the

transport map for SSH is enabled.

Router# show platform software configuration access policy

The current access-policies

Method : telnet

Rule : wait with interrupt

Shell banner:

Welcome to Diagnostic Mode

Wait banner :

Waiting for IOS Process

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Viewing Console Port, SSH, and Telnet Handling Configurations

Method : ssh

Rule : wait

Shell banner:

Wait banner :

Method : console

Rule : wait with interrupt

Shell banner:

Wait banner :

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# transport-map type persistent ssh sshhandler

Router(config-tmap)# connection wait allow interruptible

Router(config-tmap)# banner diagnostic X

Enter TEXT message. End with the character 'X'.

Welcome to Diag Mode

Router(config-tmap)# banner wait X

Enter TEXT message. End with the character 'X'.

Waiting for IOS

Router(config-tmap)# rsa keypair-name sshkeys

Router(config-tmap)# transport interface gigabitethernet 0

Router(config-tmap)# exit

Router(config)# transport type persistent ssh input sshhandler

Router(config)# exit

Router# show platform software configuration access policy

The current access-policies

Method : telnet

Rule : wait with interrupt

Shell banner:

Welcome to Diagnostic Mode

Wait banner :

Waiting for IOS process

Method : ssh

Rule : wait with interrupt

Shell banner:

Welcome to Diag Mode

Wait banner :

Waiting for IOS

Method : console

Rule : wait with interrupt

Shell banner:

Wait banner :

Configuring Auxiliary Port for Modem Connection

Cisco 1100 Terminal Server Gateway supports connecting a modem to the router auxiliary port for EXEC

dial in connectivity. When a modem is connected to the auxiliary port, a remote user can dial in to the router

and configure it. To configure a modem on the auxiliary port, perform these steps:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Auxiliary Port for Modem Connection

Step 1 Connect the RJ-45 end of the adapter cable to the black AUX port on the router.

Step 2 Use the show line command to determine the async interface of the AUX port:

Router# show line

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int

* 0 CTY - - - - - 0 0 0/0 -

1 AUX 9600/9600 - - - - - 0 0 0/0 -

2 VTY - - - - - 0 0 0/0 -

3 VTY - - - - - 0 0 0/0 -

4 VTY - - - - - 0 0 0/0 -

5 VTY - - - - - 0 0 0/0 -

6 VTY - - - - - 0 0 0/0 -

Step 3 Use the following commands to configure the router AUX line::

Router(config)# line 1

Router(config-line)#modem inOut

Router(config-line)#modem autoconfigure type usr_sportster

Router(config-line)#speed 115200 [Speed to be set according to the modem manual]

Router(config-line)#stopbits 1 [Stopbits to be set according to the modem manual]

Router(config-line)#transport input all

Router(config-line)#flowcontrol hardware [flowcontrol to be set according to the modem manual]

Router(config-line)#password cisco

Router(config-line)#login

Router(config-line)#end

Router(config)#enable password lab

Step 4 Use the reverse telnet method on the modem to verify the modem connectivity and configuration string:

Router(config)#int loopback 0

Router(config-if)#ip add 1.1.1.1 255.255.255.0

Router(config-if)#end

Router#telnet 1.1.1.1 2001

Trying 1.1.1.1, 2001 ... Open

User Access Verification

Password: <enter the password given under line configuration>

at <<<=== Modem command

OK <<<=== This OK indicates that the modem is connected successully to the AUX port.

Step 5 Use an analog phone to verify that the phone line is active and functions properly. Then, connect the analog phone line

to the modem.

Step 6 Initialize an EXEC modem call to the router from another device (PC) to test the modem connection.

Step 7 When the connection is established, the dial in client is prompted for a password. Enter the correct password.

Note: This password should match the one that is configured on the auxiliary port line.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Console Port, Telnet, and SSH Handling

Configuring Auxiliary Port for Modem Connection

CHAPTER 8

Installing the Software

This chapter includes the following sections:

• Overview, on page 91

• ROMMON Images, on page 92

• Provisioning Files, on page 92

• File Systems, on page 92

• Autogenerated File Directories and Files, on page 93

• Flash Storage, on page 94

• Configuring the Configuration Register for Autoboot, on page 94

• How to Install and Upgrade the Software, on page 95

• Managing and Configuring a Router to Run Using Individual Packages, on page 100

• Installing a Firmware Subpackage, on page 105

• Configuring No Service Password-Recovery, on page 111

Overview

Installing software on the router involves installing a consolidated package (bootable image). This consists

of a bundle of subpackages (modular software units), with each subpackage controlling a different set of

functions.

These are the two main methods to install the software:

• Managing and Configuring a Router to Run Using a Consolidated Package, on page 95—This method

allows for individual upgrade of subpackages and generally has reduced boot times compared to the

method below. Use this method if you want to individually upgrade a module's software.

• Managing and Configuring a Router to Run Using Individual Packages, on page 100—This a simple

method that is similar to a typical Cisco router image installation and management that is supported

across Cisco routers.

It is better to upgrade software in a planned period of maintenance when an interruption in service is acceptable.

The router needs to be rebooted for a software upgrade to take effect.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

ROMMON Images

A ROMMON image is a software package used by ROM Monitor (ROMMON) software on a router. The

software package is separate from the consolidated package normally used to boot the router.

An independent ROMMON image (software package) may occasionally be released and the router can be

upgraded with the new ROMMON software.

A new version of the ROMMON image is not necessarily released at the same time as a consolidated package

for a router.

Note

Provisioning Files

This section provides background information about the files and processes used in Managing and Configuring

a Router to Run Using Individual Packages, on page 100.

The consolidated package on a router consists of a collection of subpackages and a provisioning file titled

packages.conf. To run the software, the usual method used is to boot the consolidated package, which is

copied into memory, expanded, mounted, and run within memory. The provisioning file's name can be renamed

but subpackage file's names cannot be renamed. The provisioning file and subpackage files must be kept in

the same directory. The provisioning file does not work properly if any individual subpackage file is contained

within a different directory.

An exception to this is that if a new or upgraded module firmware package is subsequently installed, it need

not be in the same directory as the provisioning file.

Note

Configuring a router to boot, using the provisioning file packages.conf, is beneficial because no changes have

to be made to the boot statement after the Cisco IOS XE software is upgraded.

File Systems

The following table provides a list of file systems that can be seen on the Cisco Terminal Gateway.

Table 7: Router File Systems

DescriptionFile System

Boot flash memory file system.bootflash:

Alias to the boot flash memory file system above.flash:

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

ROMMON Images

DescriptionFile System

Hard disk file system (if NIM-SSD, NIM-HDD, or internal M.2 flash device is present

in the router).

The internal M.2 flash device is supported only on Cisco 1100 Terminal

Server Gateway.

Note

harddisk:

Cisco Networking Services file directory.cns:

Router NVRAM. You can copy the startup configuration to NVRAM or from

NVRAM.

nvram:

File system for Onboard Failure Logging (OBFL) files.obfl:

System memory file system, which includes the running configuration.system:

Archive file system.tar:

Temporary system files file system.tmpsys:

The Universal Serial Bus (USB) flash drive file systems.

The USB flash drive file system is visible only if a USB drive is installed

in usb0: or usb1: ports.

Note

usb0: USB 3.0 Type-

usb1: USB 3.0

Type-B

Use the ? help option, or use the copy command in command reference guides, if you find a file system that

is not listed in the table above.

Autogenerated File Directories and Files

This section discusses the autogenerated files and directories that can be created, and how the files in these

directories can be managed.

Table 8: Autogenerated Files

DescriptionFile or Directory

Crashinfo files may appear in the bootflash: file system.

These files provide descriptive information of a crash and may be useful for

tuning or troubleshooting purposes. However, the files are not part of router

operations, and can be erased without impacting the functioning of the router.

crashinfo files

The storage area for .core files.

If this directory is erased, it will automatically regenerate itself at bootup.

The .core files in this directory can be erased without impacting any router

functionality, but the directory itself should not be erased.

core directory

This directory is created on bootup if a system check is performed. Its

appearance is completely normal and does not indicate any issues with the

router.

lost+found directory

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Autogenerated File Directories and Files

DescriptionFile or Directory

The storage area for trace files.

Trace files are useful for troubleshooting. If the Cisco IOS process fails, for

instance, users or troubleshooting personnel can access trace files using

diagnostic mode to gather information related to the Cisco IOS failure.

Trace files, however, are not a part of router operations, and can be erased

without impacting the router's performance.

tracelogs directory

Important Notes About Autogenerated Directories

Important information about autogenerated directories include:

• Autogenerated files on the bootflash: directory should not be deleted, renamed, moved, or altered in any

way unless directed by Cisco customer support.

Altering autogenerating files on the bootflash: may have unpredictable

consequences for system performance.

Note

• Crashinfo, core, and trace files can be deleted.

Flash Storage

Subpackages are installed to local media storage, such as flash. For flash storage, use the dir bootflash:

command to list the file names.

Flash storage is required for successful operation of a router.

Note

Configuring the Configuration Register for Autoboot

The configuration register can be used to change router behavior. This includes controlling how the router

boots. Set the configuration register to 0x0 to boot into ROM, by using one of the following commands:

• In Cisco IOS configuration mode, use the config-reg 0x0 command.

• From the ROMMON prompt, use the confreg 0x0 command.

For more information about the configuration register, see Use of the Configuration Register on All Cisco

Routers.

Setting the configuration register to 0x2102 will set the router to autoboot the Cisco IOS XE software.

Note

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Flash Storage

The console baud rate is set to 9600 after changing the confreg to 0x2102 or 0x0. If you cannot establish a

console session after setting confreg, or garbage output appears, change the setting on your terminal emulation

software to 9600.

Note

How to Install and Upgrade the Software

To install or upgrade the software, use one of the following methods to use the software from a consolidated

package or an individual package. Also see the overview section.

• Managing and Configuring a Router to Run Using a Consolidated Package, on page 95

• Managing and Configuring a Router to Run Using Individual Packages, on page 100

Managing and Configuring a Router to Run Using a Consolidated Package

Do not use these procedures if you also need to install any optional subpackages or plan to upgrade individual

subpackages. See Managing and Configuring a Router to Run Using Individual Packages, on page 100.

Note

• Managing and Configuring a Consolidated Package Using copy and boot Commands, on page 95

• Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example,

on page 96

Managing and Configuring a Consolidated Package Using copy and boot Commands

To upgrade a consolidated package, copy the consolidated package to the bootflash: directory on the router

using the copy command. After making this copy of the consolidated package, configure the router to boot

using the consolidated package file.

The following example shows the consolidated package file being copied to the bootflash: file system via

TFTP. The config register is then set to boot using boot system commands, and the boot system commands

instruct the router to boot using the consolidated package stored in the bootflash: file system. The new

configuration is then saved using the copy running-config startup-config command, and the system is then

reloaded to complete the process.

Router# dir bootflash:

Directory of bootflash:/

11 drwx 16384 Dec 4 2007 04:32:46 -08:00 lost+found

86401 drwx 4096 Dec 4 2007 06:06:24 -08:00 .ssh

14401 drwx 4096 Dec 4 2007 06:06:36 -08:00 .rollback_timer

28801 drwx 4096 Mar 18 2008 17:31:17 -07:00 .prst_sync

43201 drwx 4096 Dec 4 2007 04:34:45 -08:00 .installer

928862208 bytes total (712273920 bytes free)

Router# copy tftp: bootflash:

Address or name of remote host []? 172.17.16.81

Source filename []? /auto/tftp-users/user/isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

How to Install and Upgrade the Software

Destination filename [isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin]?

Accessing

tftp://172.17.16.81//auto/tftp-users/user/isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin

...

Loading /auto/tftp-users/user/isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin from

172.17.16.81 (via GigabitEthernet0):

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!

[OK - 208904396 bytes]

208904396 bytes copied in 330.453 secs (632176 bytes/sec)

Router# dir bootflash:

Directory of bootflash:/

11 drwx 16384 Dec 4 2007 04:32:46 -08:00 lost+found

86401 drwx 4096 Dec 4 2007 06:06:24 -08:00 .ssh

14401 drwx 4096 Dec 4 2007 06:06:36 -08:00 .rollback_timer

28801 drwx 4096 Mar 18 2008 17:31:17 -07:00 .prst_sync

43201 drwx 4096 Dec 4 2007 04:34:45 -08:00 .installer

12 -rw- 208904396 May 28 2008 16:17:34 -07:00

isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin

928862208 bytes total (503156736 bytes free)

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# boot system flash bootflash:isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin

Router(config)# config-reg 0x2102

Router(config)# exit

Router# show run | include boot

boot-start-marker

boot system flash bootflash:isr4400-universalk9.03.10.00.S.153-3.S-ext.SPA.bin

boot-end-marker

Router# copy run start

Destination filename [startup-config]?

Building configuration...

[OK]

Router# reload

Configuring a Router to Boot the Consolidated Package via TFTP Using the

boot Command: Example

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#boot system tftp://10.74.48.3/c1100tg-universalk9.17.02.01r.SPA.bin

Router(config)#config-register 0x2102

Router(config)#exit

Router#show run | include boot

boot-start-marker

boot system bootflash:c1100tg-universalk9.BLD_POLARIS_DEV_LATEST_20200506_055739.SSA.bin

boot system tftp://10.74.48.3/c1100tg-universalk9.17.02.01r.SPA.bin

boot-end-marker

diagnostic bootup level minimal

Router# copy running-config startup-config

Destination filename [startup-config]?

Building configuration...

[OK]

Router# reload

Proceed with reload? [confirm]

May 15 17:42:54.445 R0/0: %PMAN-5-EXITACTION: Process manager is exiting: process exit with

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example

reload chassis code

Initializing Hardware ...

ECC Support : NO

Checking for PCIe device presence...done

System integrity status: 0x610

Rom image verified correctly

System BootStrap, Version 17.2.1, 1913f73a, Tue 11/26/2019

Current image running: Boot ROM1

Last reset cause: LocalSoft

C1100TG-1N24P32A platform with 4194304 Kbytes of main memory

........

IP_ADDRESS: 10.75.163.169

IP_SUBNET_MASK: 255.255.255.0

DEFAULT_GATEWAY: 10.75.163.1

TFTP_SERVER: 10.74.48.3

TFTP_FILE: c1100tg-universalk9.17.02.01r.SPA.bin

TFTP_MACADDR: 00:A0:C9:00:00:00

ETHER_PORT: 0

Validating dev_mode signature

dev_mode validation succeeded for token 00A0C9000000 (0)

DevMode is enabled

Package header rev 3 structure detected

IsoSize = 543461376

Calculating SHA-1 hash...Validate package: SHA-1 hash:

calculated 9FA1303E:AA3924C8:DE4A7528:F89D6172:D7BD4201

expected 9FA1303E:AA3924C8:DE4A7528:F89D6172:D7BD4201

RSA Signed RELEASE Image Signature Verification Successful.

Image validated

Restricted Rights Legend

Use, duplication, or disclosure by the Government is

subject to restrictions as set forth in subparagraph

Rights clause at FAR sec. 52.227-19 and subparagraph

Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, California 95134-1706

Cisco IOS Software [Amsterdam], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version

17.2.1r, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example

Compiled Thu 09-Apr-20 23:27 by mcpre

This software version supports only Smart Licensing as the software licensing mechanism.

PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE OR

LICENSE KEY PROVIDED FOR ANY CISCO SOFTWARE PRODUCT, PRODUCT FEATURE,

AND/OR SUBSEQUENTLY PROVIDED SOFTWARE FEATURES (COLLECTIVELY, THE

"SOFTWARE"), AND/OR USING SUCH SOFTWARE CONSTITUTES YOUR FULL

ACCEPTANCE OF THE FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU

ARE NOT WILLING TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.

Your use of the Software is subject to the Cisco End User License Agreement

(EULA) and any relevant supplemental terms (SEULA) found at

http://www.cisco.com/c/en/us/about/legal/cloud-and-software/software-terms.html.

You hereby acknowledge and agree that certain Software and/or features are

licensed for a particular term, that the license to such Software and/or

features is valid only for the applicable term and that such Software and/or

features may be shut down or otherwise terminated by Cisco after expiration

of the applicable license term (e.g., 90-day trial period). Cisco reserves

the right to terminate any such Software feature electronically or by any

other means available. While Cisco may provide alerts, it is your sole

responsibility to monitor your usage of any such term Software feature to

ensure that your systems and networks are prepared for a shutdown of the

Software feature.

All TCP AO KDF Tests Pass

cisco C1100TG-1N24P32A (1RU) processor with 1392289K/6147K bytes of memory.

Processor board ID PSZ23461E0E

Router operating mode: Autonomous

1 Virtual Ethernet interface

26 Gigabit Ethernet interfaces

64 terminal lines

8192K bytes of non-volatile configuration memory.

4194304K bytes of physical memory.

6565887K bytes of flash memory at bootflash:.

no device-tracking logging theft

% Invalid input detected at '^' marker.

Press RETURN to get started!

Router>

Router>enable

Router# show version

Cisco IOS XE Software, Version 17.02.01r

Cisco IOS Software [Amsterdam], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version

17.2.1r, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Compiled Thu 09-Apr-20 23:27 by mcpre

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example

licensed under the GNU General Public License ("GPL") Version 2.0. The

software code licensed under GPL Version 2.0 is free software that comes

with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such

GPL code under the terms of GPL Version 2.0. For more details, see the

documentation or "License Notice" file accompanying the IOS-XE software,

or the applicable URL provided on the flyer accompanying the IOS-XE

software.

ROM: IOS-XE ROMMON

RSBL uptime is 5 minutes

Uptime for this control processor is 7 minutes

System returned to ROM by Reload Command

System image file is "tftp://10.74.48.3/c1100tg-universalk9.17.02.01r.SPA.bin"

Last reload reason: Reload Command

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

[email protected].

Suite License Information for Module:'esg'

--------------------------------------------------------------------------------

Suite Suite Current Type Suite Next reboot

--------------------------------------------------------------------------------

Technology Package License Information:

-----------------------------------------------------------------

Technology Technology-package Technology-package

Current Type Next reboot

------------------------------------------------------------------

appxk9 None Smart License None

securityk9 None Smart License None

ipbase ipbasek9 Smart License ipbasek9

The current throughput level is 500000 kbps

Smart Licensing Status: UNREGISTERED/No Licenses in Use

cisco C1100TG-1N24P32A (1RU) processor with 1392289K/6147K bytes of memory.

Processor board ID PSZ23461E0E

Router operating mode: Autonomous

1 Virtual Ethernet interface

26 Gigabit Ethernet interfaces

64 terminal lines

8192K bytes of non-volatile configuration memory.

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

Installing the Software

Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example

4194304K bytes of physical memory.

6565887K bytes of flash memory at bootflash:.

Configuration register is 0x2102

Managing and Configuring a Router to Run Using Individual

Packages

To choose between running individual packages or a consolidated package, see Overview section.

The following topics are included in this section:

• Installing a Firmware Subpackage, on page 105

• Installing Subpackages from a Consolidated Package on a Flash Drive, on page 105

Installing Subpackages from a Consolidated Package

Perform the following procedure to obtain the consolidated package from a TFTP server.

Another variation of this procedure obtains the consolidated package from a USB flash drive. This is described

in Installing Subpackages from a Consolidated Package on a Flash Drive.

Before you begin

Copy the consolidated package to the TFTP server.

SUMMARY STEPS

1. show version

2. dir bootflash:

3. show platform

4. mkdir bootflash: URL-to-directory-name

5. request platform software package expand file URL-to-consolidated-package to

URL-to-directory-name

6. reload

7. boot URL-to-directory-name/packages.conf

8. show version installed

DETAILED STEPS

PurposeCommand or Action

Shows the version of software running on the router. This

can later be compared with the version of software to be

installed.

show version

Example:

Router# show version

Cisco IOS XE Software, Version 17.02.01r

Step 1

Cisco IOS Software [Amsterdam], ISR Software

(X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.2.1r,

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

100

Installing the Software

Managing and Configuring a Router to Run Using Individual Packages

PurposeCommand or Action

RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Compiled Thu 09-Apr-20 23:27 by mcpre

Displays the previous version of software and that a package

is present.

dir bootflash:

Example:

Step 2

Router# dir bootflash:

Displays the inventory.show platform

Example:

Step 3

Router# show platform

Chassis type: C1100TG-1N24P32A

Creates a directory to save the expanded software image.mkdir bootflash: URL-to-directory-name

Step 4

Example:

You can use the same name as the image to name the

directory.

Router# mkdir bootflash:mydir

Expands the software image from the TFTP server

(URL-to-consolidated-package) into the directory used to

request platform software package expand file

URL-to-consolidated-package to URL-to-directory-name

Step 5

save the image (URL-to-directory-name), which was created

in Step 4.

Example:

Router# request platform software package expand

file

bootflash:c1100tg-universalk9.17.02.01r.SPA.bin to

bootflash:mydir

Enables ROMMON mode, which allows the software in

the consolidated file to be activated.

reload

Example:

Step 6

Router# reload

rommon >

Boots the consolidated package, by specifying the path and

name of the provisioning file: packages.conf.

boot URL-to-directory-name/packages.conf

Example:

Step 7

rommon 1 > boot bootflash:mydir/packages.conf

Displays the version of the newly installed software.show version installed

Example:

Step 8

Router# show version installed

Package: Provisioning File, version: n/a, status:

active

Cisco 1100 Terminal Gateway Software Configuration Guide, Cisco IOS XE 17

101

Installing the Software

Installing Subpackages from a Consolidated Package

Examples

The initial part of the example shows the consolidated package,

c1100tg-universalk9.17.02.01r.SPA.bin, being copied to the TFTP server. This is a prerequisite step.

The remaining part of the example shows the consolidated file, packages.conf, being booted.

Router# copy tftp:c1100tg-universalk9.17.02.01r.SPA.bin bootflash:

Address or name of remote host []? 1.1.1.1

Destination filename [c1100tg-universalk9.17.02.01r.SPA.bin]?

Accessing tftp://1.1.1.1/c1100tg-universalk9.17.02.01r.SPA.bin...

Loading /c1100tg-universalk9.17.02.01r.SPA.bin from 1.1.1.1 (via GigabitEthernet0): !!!!!!!!

[OK - 410506248 bytes]

410506248 bytes copied in 338.556 secs (1212521 bytes/sec)