Manuel d'utilisation / d'entretien du produit OL-7141-04 du fabricant 321 Studios
Aller à la page of 74
Corporate Headquarters Cisco S yste ms, Inc . 170 W est Tasma n Drive San Jose , CA 95134 -1706 USA http://ww w.cisco. com Tel: 408 526-400 0 800 55 3-N ETS ( 6387 ) Fax: 408 526- 4100 Cisco SDM Expre.
THE SPECIFICA TIONS AND INFORMA TIO N REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTI CE. ALL ST A TE MENTS, INFORMA TION, AND RECOMMENDA TIONS IN THIS MANUAL ARE B ELIEVED TO BE ACCURA TE BUT ARE PRESENTED WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED .
i Cisco SDM Exp ress User’s Guide Ol-7141-04 CONTENTS Cisco SDM Expres s 1 Welcome 1 Basic Conf igur ation 2 Router Prov isi oning 3 Provi sion From USB To ken 4 Provi sion From USB Fl ash 5 File S .
Contents ii Cisco SDM Exp ress User’ s Guide Ol-7141-04 Cisco Net work Ser vices 25 Securi ty S etti ngs 2 6 Disabl e SNMP 26 Disabl e Finge r Servic e 27 Disabl e PAD Servic e 27 Disab le T CP Sm a.
iii Cisco SDM Exp ress User’s Guide Ol-7141-04 Conte nts Set A uthen tica tion F ailure Rate to Less Than 3 Retr ies 41 Set Banne r 41 Enable Telnet Setti ngs 42 Enable SSH for Acce ss to th e Route.
Contents iv Cisco SDM Exp ress User’ s Guide Ol-7141-04 Date and Ti me Prop erties 15 Reset to Factor y Defau lts 16 Reconfi guri ng Your PC wit h a Stat ic or a Dyn amic IP A ddress 17 Featur e Not.
C HAPTER 1-1 Cisco SDM Express OL-7141-04 1 Cisco SDM Express The Cisc o SDM Express windows guid e you throug h basic configurati on of the router . After you complete the ba sic conf iguratio n, the rout er is av ailable on the LAN, has a W AN connect ion, and has a firew all.
Chapter 1 Cis co SDM Expres s Basic Co nfiguration 1-2 Cisco SD M Express OL-7141-04 This ta sk is bypasse d if SDP or Cisco N etwork Se rvices i s chosen for provisioning the rout er . • Identif y DNS se rvers and your organization' s domai n name .
1-3 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Router P rovi sioni ng Note Y ou will use the us ername a nd passwo rd you se t in this windo w the n e xt time you use Cisco SDM Express, and ther eafter, unless y ou chan ge it. M ake the p assword diff icult to guess but easy for you t o remember .
Chapter 1 Cis co SDM Expres s Provision From U SB Tok en 1-4 Cisco SD M Express OL-7141-04 USB Token or USB Flash Choose t his opti on if you have a US B token or USB flash device atta ched t o your router and i t conta ins th e appro priat e configur ation file.
1-5 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Provisio n From USB Flash Note Th is wi ndow appear s only if a US B token is con necte d to yo ur rout er . If b oth a USB token and a USB flas h de vice are connec ted to yo ur router , Cisco SD M Exp ress will use th e USB t oken.
Chapter 1 Cis co SDM Expres s Provision From USB Flash 1-6 Cisco SD M Express OL-7141-04 When you pro vision your router with a conf igur ation f ile, th e f ile is mer ged with the runnin g configuration, and it also becomes part of the startup c onfiguration.
1-7 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Wireless Interface Configuration Name Click Name to orde r the files and di rector ies alph abeti cally based on nam e. Clic ki ng Name again will re ver se the o rder . Size Click Size to order the files and directo ries by size.
Chapter 1 Cis co SDM Expres s LAN Inter face Configura tion 1-8 Cisco SD M Express OL-7141-04 Interf ace/Bri dge-to-Inter face List If the router has multiple LAN interfaces, the interfaces ar e displayed in this list. Select the LA N inte rface that you want t o co nf igure.
1-9 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess DHCP Server Configuration Enter a Service Set I dentif ier (SSID) for th is wireless traf f ic. The SSID is a unique identif ier th at wireless n etworking de vices use to est ablish and mainta in wireless connect i vit y .
Chapter 1 Cis co SDM Expres s DHCP S erver Con figuration 1-10 Cisco SD M Express OL-7141-04 address pool sm aller, b ut you must e nter an addr ess in the sa me subne t as th e address of the LAN interface, or Cisco SDM Express displays a message informing you that the address is in valid.
1-11 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): Ethernet Interface Use these DNS values for DH CP clients Check Box A vailable if a DHCP server is enabled on the LAN interf ace. Check if you wa nt the rout er DHCP clients to be able to use t he DNS servers whose IP addr esses you enter in this windo w .
Chapter 1 Cis co SDM Expres s Interne t (WAN): Et hernet Int erface 1-12 Cisco SD M Express OL-7141-04 IP Unnumbered Option Select IP Unnumbe red i f you wa nt the inter face to sh are an IP a ddress that has alre ady been as signe d to another interf ace.
1-13 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): Autodetect Encapsulation Internet (WAN): Auto detect Enc apsulation Cisco SDM E xpress sup ports aut odetect o n SB 10 6, SB 107, Cisco 836 and C isco 837 rout ers. Howeve r , if yo u are co nfiguring a Cisco 83 7 rou ter runni ng a C isco IOS re lease 12.
Chapter 1 Cis co SDM Expres s Interne t (WAN): U ser Specified Encapsul ation 1-14 Cisco SD M Express OL-7141-04 Encapsulati on List The encapsu lations av ailable if yo u have an ADSL , G.SHDSL , or ADSL over ISDN inter face ar e sho wn in the follo wing table.
1-15 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Internet (WAN): User Specified Encapsulation Address Type List Select o ne of th e f ollo wing: • Static IP Addr ess —If you cho ose static IP address , enter the IP addres s and subnet ma sk or the subnet bits in the fields provided .
Chapter 1 Cis co SDM Expres s WAN Int erface S election 1-16 Cisco SD M Express OL-7141-04 Confir m Password Field Reenter t he same password that you entere d in the previous box. Refresh, Apply Changes, Discar d Changes Buttons V isible if you are ed iting an initi al conf ig uration .
1-17 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess WAN Interface S election Interf ace List Displays the interf ace name , IP addr ess, and interfac e type fo r all W AN inter faces. If no IP add ress is conf igured for an interf ace, the te xt “n o IP addre ss” is displayed.
Chapter 1 Cis co SDM Expres s WAN Int erface S election 1-18 Cisco SD M Express OL-7141-04 • Usernam e —En ter exactl y as giv en to you by your In ternet ser vice provi der or network admini strator and is u sed as the use rname f or CHAP and/or P AP authenti cation.
1-19 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess WAN Interface S election Frame Relay Configuration Settings DLCI Fiel d Enter the data lin k connection i dentif ier (DLC I) in this fi eld. This number must be uni que am ong all DLCIs u sed on t his i nterface.
Chapter 1 Cis co SDM Expres s Interne t (WAN): A dvanced O ptions 1-20 Cisco SD M Express OL-7141-04 Internet (WAN): Adva nced Options This win dow ena bles you to specify a def ault stati c rout e and to enable N A T on the router .
1-21 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Firewall Configuration Primary DNS Fiel d Enter th e IP address o f the primary Domain Nam e Serv er (DNS) that the router will use. Y our network admi nistrator or service pr ovi der will pro vide y ou with th e IP address.
Chapter 1 Cis co SDM Expres s Security Set tings 1-22 Cisco SD M Express OL-7141-04 The firew all prot ects your net work in the foll o wing ways: • Apply def ault access rules to inside and outside.
1-23 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Security Settings Disable SNMP Services on Your Router C heck Box Check to disabl e the SN MP serv ice o n your r outer . For an expl anation of why SNMP shoul d be disabled , see the hel p topic Disable SNMP .
Chapter 1 Cis co SDM Expres s Summary 1-24 Cisco SD M Express OL-7141-04 • Enab le IP C EF • Set Schedule r Interv al • Set Schedule r Alloca te • Set TCP Synw ait T ime • Enab le Log ging .
1-25 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Note When yo u click Finis h , you will lo se the con nection t o the rout er if you gave the LAN inte rf ace a ne w IP address a s we recomm end.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-26 Cisco SD M Express OL-7141-04 serv er and obtain the conf iguration. If your service pro vid er has not prov ided Cisco Ne twork Servi ces server inform ation, o r you wa nt to c onfigure the router using Cisco SDM Express, do not select this option.
1-27 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p widely used for route r monitori ng, and fre quently fo r router c onfiguration changes.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-28 Cisco SD M Express OL-7141-04 The conf igur ation that will be de li vered to the router to di sable P AD is as follo ws: no service pad Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-29 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Disable UDP Small Servers Ser vice Cisco SDM Express disables sma ll services whenev er possible. By default, Cisco devices runni ng Cisco I OS relea se 11 .3 or e arlier offer the “sm all ser vices”: echo, cha r gen, and di scar d.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-30 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to di sable BOO T P is as follows: no ip bootp server Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-31 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p no cdp run Y o u can und o this fix using the Cisco SDM Security Audit fea ture. T o learn h ow , se e th e Se c ur i t y A ud i t o n li ne h e lp in Ci s c o SD M . For more information, click Cisco Router and Security De vice Manager .
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-32 Cisco SD M Express OL-7141-04 Y o u can und o this fix using the Cisco SDM Security Audit fea ture. T o learn h ow , se e th e Se c ur i t y A ud i t o n li n e he lp i n C i sc o S D M . For more information, click Cisco Router and Security De vice Manager .
1-33 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Enable TCP Keepalives for Outbou nd Telnet Sessions Cisco SDM Express e nables TC P keepal iv e messages for both inb ound and outbound T e lnet sessions w henever possible.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-34 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to enab le Cisco Express Fo rw ardi ng i s as foll o w s: ip cef Set Scheduler Interval Cisco SDM Express conf igur es the scheduler inter v al on the router when ev e r possibl e.
1-35 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Set TCP Synwait Time Cisco SDM Express se ts the TCP synwait time to 10 sec onds wheneve r possible. The TCP synwait tim e is a value that is useful in defeat ing SYN fl ooding at tacks, a form of Den ial-o f-Serv ice (DoS) att ack.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-36 Cisco SD M Express OL-7141-04 The conf iguration that wil l be deli ve red to the router to set the TCP synwai t time to 10 seconds is as follo .
1-37 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p enabled, Cisco SDM Express will recommend that IP Cisco Express Fo rwarding be en abled and will enab le it if t he reco mmendati on i s app rov e d.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-38 Cisco SD M Express OL-7141-04 rules; some attacks are ba sed on this. Disa bling IC MP redirec ts will cause no operati onal im pact to the n etwork, a nd it e limina tes thi s possible metho d of attack.
1-39 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p directed br oadcast address, cau sing all the hosts on the target subn et to send replies to the falsified sourc e.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-40 Cisco SD M Express OL-7141-04 The conf iguratio n that will be deli v ered to the router to disable ICMP host unreachable message s is as follo ws: int <all-interfaces> no ip unreachables Y o u can und o this fix using the Cisco SDM Security Audit fea ture.
1-41 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p The conf iguratio n that will be deli ver ed to the router is as follo ws: security passwords min-length <6> S.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-42 Cisco SD M Express OL-7141-04 Enable Telnet Setting s Cisco SDM Express sec ures the co nsole, A UX, vty , and tty lines b y implem enting the f.
1-43 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p The conf iguratio n that will be deli v ered to the router to secur e access and f ile transfer functions is a s fol.
Chapter 1 Cis co SDM Expres s Supplemen tary Hel p 1-44 Cisco SD M Express OL-7141-04 Exit Bu tton After you compl ete an initial co nf iguratio n, click Exit to close Cisco SDM Express. Refresh But ton V isible if you are ed iting an initi al conf ig uration .
1-45 Cisco SDM Express OL-7141-04 Chapter 1 Cisco SDM Expr ess Supple mentary Hel p Step 2 If you conf ig ured a dif fer ent LAN inter face th an the def ault interf ace , be sure to connec t your PC to t he LAN interfac e tha t you configured.
Chapter 1 Cis co SDM Expres s SDP Troubl eshooting Tips 1-46 Cisco SD M Express OL-7141-04 SDP Troubleshooting T ips Use this info rmation before en rolling usin g Secure De vice Provisio ning (SDP) to prep are t he con nection betw een th e ro uter and t he ce rtif icate ser ver .
C HAPTER 2-1 Cisco SDM Express OL-7141-04 2 Cisco SDM Express Edit Mode SDM Expre ss edit scree ns allow you to make chang es to your LAN and W AN conf iguratio ns, and change f irewall, N A T , P A T , routing, a nd securi ty settings .
Chapt er 2 Cisco S DM Ex pres s Edit Mode Overvi ew 2-2 Cisco SD M Express OL-7141-04 • Interf ace —Th e name of the LAN interf ace . Fo r ex ampl e, F ast Eth ernet 0 . If SDM Expr ess cannot identify the rou ter’ s LAN in terfa ces, it d isplays the number of c onfigured LAN int erfaces in thi s field.
2-3 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Basic Configuration • Outsi de —The typ e of connect ion of the Inter net interfac e. Basic Configuratio n This wi ndow displays t he user account s configured on t he rout er , and enab les you to ch ange th e en able s ecre t pass wo rd.
Chapt er 2 Cisco S DM Ex pres s Edit Mode LAN 2-4 Cisco SD M Express OL-7141-04 Refresh/ Apply Changes/Discar d Changes Buttons These b uttons ar e visible if you editing an initial conf iguratio n. Click Cisco SDM Express Buttons for more infor matio n .
2-5 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Wire le ss LAN interfac e configurati on Fields Y ou can edit the IP address and subne t mask of th e LAN inter face in these f i elds. See IP Address Field if y ou need mo re infor matio n about the IP ad dress and subnet ma sk f ields.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Delete Conn ection 2-6 Cisco SD M Express OL-7141-04 Delete Connec tion When you del ete a conne ction, the re may be asso ciated configur ation com mands that can either be retained in the confi guratio n, or deleted alo ng with the connec tion.
2-7 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode NAT Unable t o configur e Firewall Window If SDM Express is unable to let you conf igu re a f ire wal l, the Unable to conf igure Fire wall w ind o w is dis pla yed.
Chapt er 2 Cisco S DM Ex pres s Edit Mode NAT 2-8 Cisco SD M Express OL-7141-04 Add Butt on Click to a dd a n e w N A T rule . Edit Bu tton Click to e dit the chos en N A T rule. Refresh But ton This bu tton is visible if you editin g an initial conf igurat ion.
2-9 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Routing The serv er i s not a web or ema il serv er , but requires p ort tr anslation to prov ide servi ce. This choise act i v ates the T ranslated Port f iel d and the Protocol drop-down menu.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Security Set tings 2-10 Cisco SD M Express OL-7141-04 Refresh/ Apply Changes/Discar d Changes Buttons These b uttons ar e visible if you are editi ng an initial conf igur ation. Click Cisco SDM Express Buttons for more infor matio n .
2-11 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Security Settings • Disable I P Redirect s • Disable I P Proxy A RP • Disab le IP Direct ed Broa dcas t • Disable MOP S.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Tools 2-12 Cisco SD M Express OL-7141-04 Tools SDM Ex press provi des a nu mber of too ls that you ca n use Ping Optio n Click to open a w indow in which you can spec ify the source and destinati on of the ping.
2-13 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Tools Source Fi eld Select or enter the IP a ddress whe re you want the pi ng to origi nate. If th e address you want t o use is no t in th e list, you can en ter a d ifferent o ne in the field.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Tools 2-14 Cisco SD M Express OL-7141-04 CCO Login Y o u must provide a CCO login a nd password to access this web pa ge.
2-15 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Date and Time Properties Step 3 SDM will enabl e you to locate the file SDM-Update s.xml on the CD . When you locate the f ile , click Ope n . Step 4 Foll ow th e instructions in the in stallation wiz ard.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Reset to Factory D efaults 2-16 Cisco SD M Express OL-7141-04 Apply Button Click to ap ply the dat e and time setti ngs you have made in the Dat e, T ime, and Ti m e Z o n e f i e l d s .
2-17 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Reset to Factory Defaults If you have a router listed in the fol lowing table, configure t he PC w ith an IP address i n the 10.10.10. 0 subnet, bet ween 10.10 .10.2 and 10.10.10.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Reset to Factory D efaults 2-18 Cisco SD M Express OL-7141-04 Micr osoft Wind ows N T From th e Contr ol Panel, double- click th e Ne twork icon to display the Network windo w . Cl ick P r ot ocol s , select the first TCP/IP Protocol en try , and click Properti es .
2-19 Cisco SDM Express OL-7141-04 Chapter 2 Cisco SDM Expr ess Edit Mode Feature N ot Avail able Feature Not Available This w indow appear s when the f eature you are attem pting to configure is not av ailable. Thi s may occur when the IOS imag e or the route r hard ware do es not support the feature.
Chapt er 2 Cisco S DM Ex pres s Edit Mode Feature Not Avai lable 2-20 Cisco SD M Express OL-7141-04.
IN- 1 Cisco SDM Express OL-7141-04 INDEX B banner, configur ing 41 BOOTP, disab ling 29 C CDP, disabling 30 CEF, enablin g 33 CHAP 12, 15 D DHCP 11, 15 DLCI 19 dynam ic IP addres s 11, 15 E enca psula.
Index IN-2 Cisco SD M Express OL-7141-04 L LMI 19 logging enab lin g 36 enab ling sequ ence numbers and time stamps 33 M MOP service, disabling 39 N NetFlow, enabli ng 32 P PAD ser vi ce , di sa bli n.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté 321 Studios OL-7141-04 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du 321 Studios OL-7141-04 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation 321 Studios OL-7141-04, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le 321 Studios OL-7141-04 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le 321 Studios OL-7141-04, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du 321 Studios OL-7141-04.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le 321 Studios OL-7141-04. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei 321 Studios OL-7141-04 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.