Cisco IOS Configuration for Speakeasy DS1

From Buici

Jump to: navigation, search

Speakeasy and Couvad partner to provide DS1 curcuits at a reasonable price to users who are too far from a telco central office for DSL. They offer a Netopia device to terminate the circuit, but you may have a capable Cisco router on hand and would rather configure it to accept the traffic directly. Here are some notes for making that work.

Speakeasy will usually provide you with a WAN address, a LAN address, and the routed network. In addition to these data, you'll need to know the IP address of the gateway on the other end of the T1.

[edit]

Create Adminstrator Account

The default username and password are cisco/cisco. Create a new administrative account. Be careful to test the new account before deleting the old one. Replace USERNAME and PASSWORD with appropriate values. 

cisco(config)# username USERNAME privilege 15 secret PASSWORD

Once you've tested the new account, delete the old one. 

cisco(config)# no username cisco
[edit]

Enable SSH

The use of telnet to manage network gear is deprecated with the availability of ssh. To enable ssh, you first need to generate general purpose RSA keys on the router. The default key length of 512 isn't considered strong enough any more. Choose a key length of at least a 1024 bits. On a 2801 router, this key generation took about five seconds. 

cisco(config)# crypto key generate rsa
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys ...[OK]

Restrict the device to ssh access only, and give it some conservative parameters access parameters. 

cisco(config)# ip ssh authentication-retries 3
cisco(config)# ip ssh time-out 120
cisco(config)# ip ssh version 2

You'll also want to remove telnet access to the router. In this case, there are two vty configurations. Both are changed to support only ssh. 

cisco(config)# line vty 0 4 transport input ssh
cisco(config)# line vty 5 15 transport input ssh
[edit]

Configure Serial (T1) for Speakeasy/Couvad

Speakeasy configures their DS1 circuits for frame-relay. In this example, the serial interface is a HWIC (?) card inserted into a 2801 chassis. It is in the fourth slot, so the identifier for the interface is Serial0/3/0. Your specific interface identifier will likely be different.

Speakeasy has given us the impossible address 192.168.100.45/24 for the serial interface on the router. The upstream gateway address is 192.168.100.1. 

cisco(config)# interface serial 0/3/0
cisco(config-if)# mtu 1522
cisco(config-if)# ip address 192.168.100.45 255.255.255.0
cisco(config-if)# encapsulation frame-relay ietf
cisco(config-if)# no fair-queue
cisco(config-if)# frame-relay map ip 192.168.100.1 16 ietf
cisco(config-if)# frame-relay interface-dlci 16
cisco(config-if)# frame-relay lmi-type ansi
cisco(config-if)# qos-autosense

If you have only a fractional circuit, say 384 Kib, you will want to add a few more configuration commands. 

cisco(config-if)# bandwidth 384
cisco(config-if)# service-module t1 timeslots 1-6

The router will bring up the interface as soon as the line is inserted into the DSU/CSU NT1 jack and the interface is configured. There are a couple of things to look for when determining if the interface is properly functioning.

The AL (Alarm) light on the DSU/CSU should be off and the CD (Carrier Detect) light should be green. Once the interface is running, you'll see a connected route in the routing table. 

cisco# show ip route connected
C    192.168.100.0/24 is directly connected, Serial0/3/0

You can also inspect the interfaces itself for clues if trouble persists. 

cisco#show interfaces serial 0/3/0
Serial0/3/0 is up, line protocol is up 
  Hardware is GT96K with integrated T1 CSU/DSU
  Internet address is 192.168.100.45/24
  MTU 1522 bytes, BW 1544 Kbit, DLY 20000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation FRAME-RELAY IETF, loopback not set
  Keepalive set (10 sec)
  LMI enq sent  293, LMI stat recvd 293, LMI upd recvd 0, DTE LMI up
  LMI enq recvd 0, LMI stat sent  0, LMI upd sent  0
  LMI DLCI 0  LMI type is ANSI Annex D  frame relay DTE
  FR SVC disabled, LAPF state down
  Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters 00:49:12
  Input queue: 0/75/1/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     2288 packets input, 231749 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     1628 packets output, 207803 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 output buffer failures, 0 output buffers swapped out
     1 carrier transitions
     DCD=up  DSR=up  DTR=up  RTS=up  CTS=up

Be patient. After rebooting the router, there may be a delay of several minutes after the router has come back on-line before Speakeasy accepts and routes packets.

Also know that you won't be able to ping the 192.168.100.45 address from the router. To test the link, try to ping the gateway address 192.168.100.1.

--Elf 16:55, 6 April 2006 (PDT)

Retrieved from "http://wiki.buici.com/wiki/Cisco_IOS_Configuration_for_Speakeasy_DS1"
Personal tools