Sign In
Upload
Manuals
Brands
Cisco Manuals
Software
Router IOS XR
Cisco Router IOS XR Manuals
Manuals and User Guides for Cisco Router IOS XR. We have
2
Cisco Router IOS XR manuals available for free PDF download: Configuration Manual, Getting Started Manual
Cisco Router IOS XR Configuration Manual (254 pages)
System Security Configuration Guide
Brand:
Cisco
| Category:
Software
| Size: 2.68 MB
Table of Contents
Table of Contents
3
Contents
5
Information about Implementing Certification Authority
14
Supported Standards for Certification Authority Interoperability
14
Certification Authorities
15
Prerequisites for Implementing Certification Authority
14
Restrictions for Implementing Certification Authority
14
How to Implement CA Interoperability
17
Configuring a Router Hostname and IP Domain Name
18
Generating an RSA Key Pair
19
Declaring a Certification Authority and Configuring a Trusted Point
20
Authenticating the CA
22
Requesting Your Own Certificates
23
Configuring Certificate Enrollment Using Cut-And-Paste
24
Configuration Examples for Implementing Certification Authority Interoperability
26
Configuring Certification Authority Interoperability: Example
26
Additional References
28
Related Documents
28
Standards
28
Mibs
29
Rfcs
29
Technical Assistance
29
Where to Go Next
28
Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
31
Prerequisites
32
Information about Implementing IKE Security Protocol Configurations for Ipsec Networks
32
Supported Standards
33
Concessions for Not Enabling IKE
34
IKE Policies
34
ISAKMP Identity
38
ISAKMP Profile Overview
38
Mask Preshared Keys
39
Preshared Keys Using a AAA Server
39
Internet Key Exchange Mode Configuration
40
Banner, Auto-Update, and Browser-Proxy
41
Pushing a Configuration URL through a Mode-Configuration Exchange
41
Internet Key Exchange Extended Authentication
42
Call Admission Control
42
Information about IP Security VPN Monitoring
43
Information about IKE for the Cisco Ipsec VPN SPA on Cisco IOS XR Software
44
Ipsec Dead Peer Detection Periodic Message Option
44
How to Implement IKE Security Protocol Configurations for Ipsec Networks
44
Enabling or Disabling IKE
44
Configuring IKE Policies
46
Defining Group Policy Information for Mode Configuration
48
Configuring a Banner
52
Configuring Auto-Upgrade
52
Configuring a Browser Proxy
53
Configuring a Browser-Proxy Map to a Group
54
Configuring the Pushing of a Configuration URL through a Mode-Configuration Exchange
55
Manually Configuring RSA Keys
56
Configuring ISAKMP Preshared Keys in ISAKMP Keyrings
60
Configuring Call Admission Control
62
Configuring Crypto Keyrings
66
Configuring IP Security VPN Monitoring
69
How to Implement IKE for Locally Sourced and Destined Traffic
70
Configuring the ISAKMP Profile for Locally Sourced and Destined Traffic
70
How to Implement IKE for Cisco Ipsec VPN Spas on Cisco IOS XR Software
74
Configuring a Periodic Dead Peer Detection Message
74
Configuring the ISAKMP Profile for Service Interfaces
76
Configuration Examples for Implementing IKE Security Protocol
80
Configuring a Service-Ipsec Interface with a Dynamic Profile: Example
80
Creating IKE Policies: Example
80
Configuring Easy VPN with a Local AAA: Example
82
Configuring VRF-Aware: Example
83
Additional References
85
Related Documents
85
Standards
85
Mibs
86
Rfcs
86
Technical Assistance
86
Implementing Keychain Management on Cisco IOS XR Software
87
Restrictions for Implementing Keychain Management
87
Information about Implementing Keychain Management
88
Lifetime of a Key
88
How to Implement Keychain Management
88
Configuring a Keychain
89
Configuring a Tolerance Specification to Accept Keys
90
Configuring a Key Identifier for the Keychain
91
Configuring the Text for the Key String
93
Determining the Valid Keys
94
Configuring the Keys to Generate Authentication Digest for the Outbound Application Traffic
96
Configuring the Cryptographic Algorithm
97
Configuration Examples for Implementing Keychain Management
99
Configuring Keychain Management: Example
99
Additional References
100
Related Documents
100
Standards
100
Mibs
101
Rfcs
101
Technical Assistance
101
Implementing Ipsec Network Security on Cisco IOS XR Software
103
Prerequisites for Implementing Ipsec Network Security
104
Restrictions for Implementing Ipsec Network Security
105
Restrictions for Implementing Ipsec Network with a Cisco Ipsec VPN SPA
105
Information about Implementing Ipsec Networks
106
Crypto Profiles
106
Crypto Access Lists
107
Dynamic Crypto Profiles
107
Global Lifetimes for Ipsec Security Associations
108
Transform Sets
108
Manual Ipsec Security Associations
109
Perfect Forward Secrecy
109
Checkpointing
110
DF Bit Override Functionality with Ipsec Tunnels
110
Ipsec Antireplay Window
110
Ipsec NAT Transparency
111
Ipsec Security Association Idle Timers
111
Prefragmentation for Cisco Ipsec VPN Spas
111
Reverse-Route Injection
112
Cisco Ipsec Vpn Spa Overview
113
Displaying the Spa Hardware Type
113
Ipsec-SNMP Support
113
Setting Global Lifetimes for Ipsec Security Associations
117
Creating Crypto Access Lists
118
Defining Transform Sets
120
Configuring Crypto Profiles
121
Configuring the Df Bit for the Encapsulating Header in Ipsec Tunnels
126
Configuring the Ipsec Antireplay Window: Expanding and Disabling
127
Configuring Ipsec Nat Transparency
130
Configuring Ipsec Security Association Idle Timers
132
Disabling Prefragmentation for Cisco Ipsec Vpn Spas
136
Configuring Reverse-Route Injection in a Crypto Profile
139
Configuring Ipsec Failure History Table Size
140
Applying Crypto Profiles to Tunnel-Ipsec Interfaces
142
Applying Crypto Profiles to Crypto Transport
143
How to Implement Ipsec Network Security for Vpns
144
Configuring Ipsec Virtual Interfaces
145
Configuring the Default Path Maximum Transmission Unit for the Sa
151
Configuring a Static Profile and Attaching to a Tunnel-Ipsec Interface: Example
152
Configuring a Static Profile and Attaching to Transport: Example
154
Configuring Ipsec for a Vrf-Aware Service-Ipsec Interface: Example
154
Configuring a Service-Gre Interface: Example
157
Prerequisites to Implementing Secure Shell
162
Restrictions for Implementing Secure Shell
162
Information about Implementing Secure Shell
163
Sftp Feature Overview
163
Ssh Client
163
Ssh Server
163
Aaa Feature
164
Configuring Ssh
164
How to Implement Secure Shell
164
Configuring the Ssh Client
166
Configuration Examples for Implementing Secure Shell
168
Configuring Secure Shell: Example
168
Implementing Secure Socket Layer on Cisco Ios Xr Software
171
Prerequisites for Implementing Secure Socket Layer
172
Information about Implementing Secure Socket Layer
172
Purpose of Certification Authorities
172
How to Implement Secure Socket Layer
173
Configuring Secure Socket Layer
173
Configuration Examples for Implementing Secure Socket Layer
176
Configuring Secure Socket Layer: Example
176
Prerequisites for Configuring Aaa Services
181
Information about Configuring Aaa Services
181
User, User Groups, and Task Groups
182
User Groups
183
Restrictions for Configuring Aaa Services
181
Password Types
189
Task-Based Authorization
190
Task Ids for TACACS+ and RADIUS Authenticated Users
191
XML Schema for AAA Services
193
About RADIUS
194
How to Configure Aaa Services
195
Configuring Task Groups
196
Configuring User Groups
198
Configuring Users
200
Configuring Router to Radius Server Communication
202
Configuring Radius Dead-Server Detection
206
Configuring Per Vrf Aaa
208
Configuring a Tacacs+ Server
210
Configuring Radius Server Groups
213
Configuring Tacacs+ Server Groups
215
Configuring Aaa Method Lists
216
Applying Method Lists for Applications
228
Configuring Login Parameters
232
Configuration Examples for Configuring Aaa Services
233
Configuring Aaa Services: Example
233
Restrictions for Implementing Management Plane Protection
240
Information about Implementing Management Plane Protection
240
Control Plane Protection Overview
240
Inband Management Interface
240
Management Plane
240
Benefits of the Management Plane Protection Feature
241
Management Plane Protection Feature
241
How to Configure a Device for Management Plane Protection
241
Configuring a Device for Management Plane Protection
242
Configuring Management Plane Protection: Example
244
Advertisement
Cisco Router IOS XR Getting Started Manual (222 pages)
Cisco Systems Router Getting Started Guide
Brand:
Cisco
| Category:
Software
| Size: 5.39 MB
Table of Contents
Table of Contents
3
About this Document
9
Chapter 1 Introduction to Cisco IOS XR Software
10
Preface
10
Intended Audience
10
Related Documents Conventions
10
Obtaining Documentation
11
Documentation Feedback
12
Cisco Product Security Overview
12
Product Alerts and Field Notices
13
Obtaining Technical Assistance
14
Obtaining Additional Publications and Information
15
Contents
17
Supported Standalone System Configurations
17
Chapter 1 Introduction to Cisco IO XR Software
18
Cisco CRS-1 Multishelf System Overview
18
Router Management Interfaces
22
Command-Line Interface
22
Craft Works Interface
22
Extensible Markup Language API
22
Simple Network Management Protocol
23
Selecting and Identifying the Designated Shelf Controller
23
Selecting and Identifying the DSC on Cisco CRS-1 Routers
24
Selecting and Identifying the DSC on Cisco CRS-1 Multishelf Systems
24
Selecting and Identifying the DSC on Cisco XR 12000 and 12000 Series Routers
25
Connecting to the Router through the Console Port
25
Chapter 2 Bringing up the Cisco IOS XR Software on a Standalone Router
30
Where to Go Next
30
Contents
31
Prerequisites
31
Software Requirements
31
Standalone Router
31
Hardware Prerequisites and Documentation
32
Bringing up and Configuring a Standalone Router
32
Verifying the System after Initial Bring-Up
34
Where to Go Next
38
CHAPTER 3 Bringing up the Cisco IOS XR Software on a Multishelf System
39
Contents
39
Prerequisites
39
Software Requirements
39
C H a P T E R 3 Bringing up the Cisco IOS XR Software on a Multishelf System
40
Hardware Requirements
40
Restrictions
40
Information about Bringing up a Multishelf System
41
Bringup Overview
41
Preparing a Rack Number Plan
41
Configuring the External Cisco Catalyst 6509 Switches
46
Prerequisites
47
Restrictions
48
Before You Begin
48
Information about the Catalyst Switch Configuration
49
Configuring the Catalyst Switches
49
Verifying the Catalyst Switch
56
Integrated Switch System
58
Prerequisites for an Integrated Switch System
58
Restrictions for an Integrated Switch System
59
Before You Begin
59
Information about the Integrated Switch Implementation
59
Implementing the Integrated Switch System
61
Verifying the Connections of the Integrated Switch Control Network
63
Bringing up and Configuring Rack 0
66
Bringing up and Verifying Fccs
72
Bringing up and Verifying the Non-DSC LCC
75
Verifying the Spanning Tree
77
Verifying Fabric Cabling Connections
81
Where to Go Next
85
CHAPTER 4 Configuring General Router Features
87
Secure Domain Routers
87
C H a P T E R 4 Configuring General Router Features
88
Connecting and Communicating with the Router
88
Establishing a Connection through the Console Port
92
Establishing a Connection through a Terminal Server
94
Establishing a Connection through the Management Ethernet Interface
96
Logging in to a Router or an SDR
97
CLI Prompt
98
User Access Privileges
99
User Groups, Task Groups, and Task Ids
99
Predefined User Groups
100
Displaying the User Groups and Task Ids for Your User Account
100
Navigating the Cisco IOS XR Command Modes
103
Identifying the Command Mode in the CLI Prompt
104
Summary of Common Command Modes
105
Entering EXEC Commands from a Configuration Mode
107
Command Mode Navigation Example
108
Managing Configuration Sessions
109
Displaying the Active Configuration Sessions
110
Starting a Configuration Session
111
Starting an Exclusive Configuration Session
112
Displaying Configuration Details with Show Commands
112
Saving the Target Configuration to a File
119
Loading the Target Configuration from a File
119
Loading an Alternative Configuration at System Startup
119
Clearing All Changes to a Target Configuration
120
Committing Changes to the Running Configuration
120
Reloading a Failed Configuration
122
Exiting a Configuration Submode
123
Returning Directly to Configuration Mode from a Submode
123
Ending a Configuration Session
123
Aborting a Configuration Session
124
Configuring the SDR Hostname
124
Configuring the Management Ethernet Interface
125
Specifying the Management Ethernet Interface Name in CLI Commands
125
Displaying the Available Management Ethernet Interfaces
126
Configuring the Management Ethernet Interface
127
Manually Setting the Router Clock
130
Where to Go Next
132
CHAPTER 5 Configuring Additional Router Features
133
Configuring the Domain Name and Domain Name Server
133
C H a P T E R 5 Configuring Additional Router Features
134
Configuring Telnet, HTTP, and XML Host Services
134
Prerequisites
134
Managing Configuration History and Rollback
135
Displaying the Commitids
136
Displaying the Configuration Changes Recorded in a Commitid
136
Previewing Rollback Configuration Changes
137
Rolling Back the Configuration to a Specific Rollback Point
138
Rolling Back the Configuration over a Specified Number of Commits
138
Loading Commitid Configuration Changes to the Target Configuration
139
Loading Rollback Configuration Changes to the Target Configuration
140
Deleting Commitids
140
Configuring Logging and Logging Correlation
141
Logging Locations and Severity Levels
141
Alarm Logging Correlation
142
Configuring Basic Message Logging
142
Disabling Console Logging
144
Creating and Modifying User Accounts and User Groups
145
Displaying Details about User Accounts, User Groups, and Task Ids
145
Configuring User Accounts
146
Creating Users and Assigning Groups
146
Configuration Limiting
148
Static Route Configuration Limits
148
IS-IS Configuration Limits
149
Ospfv2 and V3 Configuration Limits
149
BGP Configuration Limits
152
Routing Policy Language Line and Policy Limits
153
Multicast Configuration Limits
155
MPLS Configuration Limits
155
Other Configuration Limits
156
CLI Tips and Shortcuts
157
Entering Abbreviated Commands
158
Using the Question Mark (?) to Display On-Screen Command Help
158
Chapter 6 CLI Tip, Technique, and Shortcut
159
Completing a Partial Command with the Tab Key
160
Identifying Command Syntax Errors
160
Using the no Form of a Command
161
Editing Command Lines that Wrap
161
Displaying System Information with Show Commands
161
Common Show Commands
162
Browsing Display Output When the --More-- Prompt Appears
163
Halting the Display of Screen Output
163
Redirecting Output to a File
164
Narrowing Output from Large Configurations
164
Filtering Show Command Output
165
Table
166
Wildcards, Templates, and Aliases
167
Using Wildcards to Identify Interfaces in Show Commands
167
Creating Configuration Templates
168
Applying Configuration Templates
170
Aliases
171
Keystrokes Used as Command Aliases
172
Command History
172
Displaying Previously Entered Commands
172
Recalling Previously Entered Commands
173
Recalling Deleted Entries
173
Redisplaying the Command Line
173
Key Combinations
174
Key Combinations to Move the Cursor
174
Keystrokes to Control Capitalization
174
Keystrokes to Delete CLI Entries
175
Transposing Mistyped Characters
175
Additional Sources for Information
177
Basic Troubleshooting Commands
177
CHAPTER 7 Troubleshooting the Cisco IOS XR Software
177
C H a P T E R 7 Troubleshooting the Cisco IOS XR Software
178
Using Show Commands to Display System Status and Configuration
178
Using the Ping Command
179
Using the Traceroute Command
180
Using Debug Commands
181
Enabling Debugging for a Feature
182
Configuration Error Messages
183
Configuration Failures During a Commit Operation
184
Configuration Errors at Startup
184
Memory Warnings in Configuration Sessions
185
Understanding Low-Memory Warnings in Configuration Sessions
185
Displaying System Memory Information
186
Removing Configurations to Resolve Low-Memory Warnings
187
Rolling Back to a Previously Committed Configuration
188
Clearing Configuration Sessions
188
Contacting TAC for Additional Assistance
189
Interfaces Not Coming up
189
Verifying the System Interfaces
189
Appendix
193
Regular Expressions
193
Understanding Regular Expressions, Special Characters, and Patterns
193
Special Characters
194
A P P E N D I X a Understanding Regular Expressions, Special Characters, and Patterns
195
Character Pattern Ranges
194
Multiple-Character Patterns
195
Complex Regular Expressions Using Multipliers
195
Pattern Alternation
196
Anchor Characters
196
Parentheses Used for Pattern Recall
196
Underscore Wildcard
196
Parentheses Used for Pattern Recall
198
G L O S S a R y
199
I N D E X
213
Advertisement
Related Products
Cisco IPS-4240-K9 - Intrusion Protection Sys 4240
Cisco III - Supervisor Engine III
Cisco Voice Interworking Services (VISM)
Cisco IP Communicator
Cisco IOS 11.0 BT
Cisco ROUTER-SDM-CD
Cisco Router and Security Device Manager 2.5
Cisco IOS Router
Cisco IOS XE Intelligent Services
Cisco IOS XE
Cisco Categories
Switch
IP Phone
Network Router
Wireless Access Point
Conference System
More Cisco Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL