|
Home > Archive > Voice over IP Cisco > November 2006 > Configure Cisco 871 Branch Office VoIP
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Configure Cisco 871 Branch Office VoIP
|
|
| Lead Solution 2006-11-20, 1:11 pm |
| Hi All,
Bellow is the configuration of our one of the branch office VoIP router. I
would like to share it with you guys and see whether someone can suggest
me better VLAN, QoS configuration. Also, I have policy map 2MB spplied for
FastEthernet 4 and Tunnel. Is this right?
I would greatly appreciate your comments.
Best regards,
Manoj
Building configuration...
Current configuration : 7520 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXX_871
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable password xxxxxxxx
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.5.1 192.168.5.99
ip dhcp excluded-address 192.168.5.151 192.168.5.254
ip dhcp excluded-address 172.198.10.1 172.198.10.99
ip dhcp excluded-address 172.198.10.151 172.198.10.254
!
ip dhcp pool VLAN10
network 172.198.10.0 255.255.255.0
default-router 172.198.10.1
domain-name xxxx.com
dns-server 211.129.14.134
lease 7
!
ip dhcp pool VLAN20
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
domain-name xxxx.com
dns-server 211.129.14.134
option 150 ip 172.16.0.10
lease 7
!
!
no ip domain lookup
ip domain name xxxx.com
!
!
crypto pki trustpoint TP-self-signed-1440134037
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1440134037
revocation-check none
rsakeypair TP-self-signed-1440134037
!
!
crypto pki certificate chain TP-self-signed-1440134037
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
quit
username pbxl privilege 15 secret 5 $1$Ce8g$9S4kDri6Yyg2gBCVSS1LI0
!
!
class-map match-any AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
!
!
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map Shape-2MB
class class-default
shape average 2000000
service-policy AutoQoS-Policy-Trust
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 6 xxxxxx address 210.181.112.194 no-xauth
!
!
crypto ipsec transform-set XXXLKAMIYA esp-3des esp-md5-hmac
!
crypto ipsec profile GREPRO
set transform-set XXXLKAMIYA
!
!
!
!
!
interface Tunnel0
bandwidth 2000
ip address 10.0.20.2 255.255.255.0
tunnel source Dialer0
tunnel destination 210.181.112.194
tunnel mode ipsec ipv4
tunnel protection ipsec profile GREPRO
service-policy output Shape-2MB
!
interface FastEthernet0
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet1
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet2
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet3
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet4
bandwidth 2000
no ip address
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
service-policy output Shape-2MB
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 172.198.1.1 255.255.255.0
!
interface Vlan10
description Data Vlan 1
ip address 172.198.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan20
description Voice Vlan 1
ip address 192.168.5.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
bandwidth 2000
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxx8@ffa.xxx.xxx.com
ppp chap password 0 xxxx93
ppp pap sent-username xxxxxx8@ffa.xxx.xxx.com password 0 cyum93
!
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 172.16.0.0 255.255.0.0 Tunnel0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.5.0 0.0.0.255
access-list 1 permit 172.198.10.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice
Drops" owner AutoQoS
rmon alarm 33333 cbQosCMDropBitRate.18.3164929 30 absolute rising-threshold
1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33334 cbQosCMDropBitRate.34.5364641 30 absolute rising-threshold
1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33335 cbQosCMDropBitRate.50.14618161 30 absolute rising-threshold
1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33336 cbQosCMDropBitRate.66.2065329 30 absolute rising-threshold
1 33333 falling-threshold 0 owner AutoQoS
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a
privilege level of 15.
Please change these publicly known initial credentials using SDM or the IOS
CLI.
Here are the cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to
use.
For more information about SDM please follow the instructions in the QUICK
START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
length 0
transport input telnet ssh
!
scheduler max-task-time 5000
end
| |
| Linsemier, Matthew 2006-11-20, 1:11 pm |
| Manoj,
Can you provide a few more details?
* Is this a public or private circuit?
* Is this a symmetrical 2mb link?
Some things to look at:
* No IOS firewall has been enabled (if this is a public link, you
will want to do this)
* As a best practice cisco states that you should keep your
Priority Queue / LLQ < 35% of total bandwidth
* As a security best practice you may want to disable telnet and
http and stick with ssh and https
* If you want to track MoS and other IP voice related statistics,
you may want to implement IP SLA
Matt
________________________________
From: cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] On Behalf Of Lead Solution
Sent: Monday, November 20, 2006 10:39 AM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Configure cisco 871 Branch Office VoIP
Hi All,
Bellow is the configuration of our one of the branch office VoIP router.
I would like to share it with you guys and see whether someone can
suggest me better VLAN, QoS configuration. Also, I have policy map 2MB
spplied for FastEthernet 4 and Tunnel. Is this right?
I would greatly appreciate your comments.
Best regards,
Manoj
Building configuration...
Current configuration : 7520 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXX_871
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable password xxxxxxxx
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.5.1 <http://192.168.5.1/> 192.168.5.99
<http://192.168.5.99/>
ip dhcp excluded-address 192.168.5.151 <http://192.168.5.151/>
192.168.5.254 <http://192.168.5.254/>
ip dhcp excluded-address 172.198.10.1 <http://172.198.10.1/>
172.198.10.99 <http://172.198.10.99/>
ip dhcp excluded-address 172.198.10.151 <http://172.198.10.151/>
172.198.10.254 <http://172.198.10.254/>
!
ip dhcp pool VLAN10
network 172.198.10.0 <http://172.198.10.0/> 255.255.255.0
<http://255.255.255.0/>
default-router 172.198.10.1 <http://172.198.10.1/>
domain-name xxxx.com <http://xxxx.com/>
dns-server 211.129.14.134 <http://211.129.14.134/>
lease 7
!
ip dhcp pool VLAN20
network 192.168.5.0 <http://192.168.5.0/> 255.255.255.0
<http://255.255.255.0/>
default-router 192.168.5.1 <http://192.168.5.1/>
domain-name xxxx.com <http://xxxx.com/>
dns-server 211.129.14.134 <http://211.129.14.134/>
option 150 ip 172.16.0.10 <http://172.16.0.10/>
lease 7
!
!
no ip domain lookup
ip domain name xxxx.com <http://xxxx.com/>
!
!
crypto pki trustpoint TP-self-signed-1440134037
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1440134037
revocation-check none
rsakeypair TP-self-signed-1440134037
!
!
crypto pki certificate chain TP-self-signed-1440134037
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101
04050030
quit
username pbxl privilege 15 secret 5 $1$Ce8g$9S4kDri6Yyg2gBCVSS1LI0
!
!
class-map match-any AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
!
!
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map Shape-2MB
class class-default
shape average 2000000
service-policy AutoQoS-Policy-Trust
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 6 xxxxxx address 210.181.112.194
<http://210.181.112.194/> no-xauth
!
!
crypto ipsec transform-set XXXLKAMIYA esp-3des esp-md5-hmac
!
crypto ipsec profile GREPRO
set transform-set XXXLKAMIYA
!
!
!
!
!
interface Tunnel0
bandwidth 2000
ip address 10.0.20.2 <http://10.0.20.2/> 255.255.255.0
<http://255.255.255.0/>
tunnel source Dialer0
tunnel destination 210.181.112.194 <http://210.181.112.194/>
tunnel mode ipsec ipv4
tunnel protection ipsec profile GREPRO
service-policy output Shape-2MB
!
interface FastEthernet0
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet1
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet2
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet3
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet4
bandwidth 2000
no ip address
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
service-policy output Shape-2MB
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 172.198.1.1 <http://172.198.1.1/> 255.255.255.0
<http://255.255.255.0/>
!
interface Vlan10
description Data Vlan 1
ip address 172.198.10.1 <http://172.198.10.1/> 255.255.255.0
<http://255.255.255.0/>
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan20
description Voice Vlan 1
ip address 192.168.5.1 <http://192.168.5.1/> 255.255.255.0
<http://255.255.255.0/>
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
bandwidth 2000
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxx8@ffa.xxx.xxx.com
ppp chap password 0 xxxx93
ppp pap sent-username xxxxxx8@ffa.xxx.xxx.com password 0 cyum93
!
ip route 0.0.0.0 <http://0.0.0.0/> 0.0.0.0 <http://0.0.0.0/> Dialer0
ip route 172.16.0.0 <http://172.16.0.0/> 255.255.0.0
<http://255.255.0.0/> Tunnel0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.5.0 <http://192.168.5.0/> 0.0.0.255
<http://0.0.0.255/>
access-list 1 permit 172.198.10.0 <http://172.198.10.0/> 0.0.0.255
<http://0.0.0.255/>
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for
Voice Drops" owner AutoQoS
rmon alarm 33333 cbQosCMDropBitRate.18.3164929 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33334 cbQosCMDropBitRate.34.5364641 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33335 cbQosCMDropBitRate.50.14618161 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33336 cbQosCMDropBitRate.66.2065329 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this
device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a
privilege level of 15.
Please change these publicly known initial credentials using SDM or the
IOS CLI.
Here are the cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you
want to use.
For more information about SDM please follow the instructions in the
QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
length 0
transport input telnet ssh
!
scheduler max-task-time 5000
end
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL and may
be protected by one or more legal privileges. It is intended
solely for the use of the addressee identified above. If you
are not the intended recipient, any use, disclosure, copying
or distribution of this communication is UNAUTHORIZED. Neither
this information block, the typed name of the sender, nor
anything else in this message is intended to constitute an
electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete
this communication from your computer. Thank you.
| |
| omar parihuana 2006-11-20, 1:11 pm |
| Hi,
Regarding to:
"If you want to track MoS and other IP voice related statistics, you may
want to implement IP SLA"
Could you provide any suggestions about IP SLA, it's possible track MoS for
Voice over Internet?
Rgds.
On 11/20/06, Linsemier, Matthew <MLinsemier@apcapital.com> wrote:
>
> Manoj,
>
>
>
> Can you provide a few more details?
>
>
>
> - Is this a public or private circuit?
> - Is this a symmetrical 2mb link?
>
>
>
> Some things to look at:
>
>
>
> - No IOS firewall has been enabled (if this is a public link, you
> will want to do this)
> - As a best practice cisco states that you should keep your Priority
> Queue / LLQ < 35% of total bandwidth
> - As a security best practice you may want to disable telnet and
> http and stick with ssh and https
> - If you want to track MoS and other IP voice related statistics,
> you may want to implement IP SLA
>
>
>
> Matt
>
>
>
>
> ------------------------------
>
> *From:* cisco-voip-bounces@puck.nether.net [mailto:
> cisco-voip-bounces@puck.nether.net] *On Behalf Of *Lead Solution
> *Sent:* Monday, November 20, 2006 10:39 AM
> *To:* cisco-voip@puck.nether.net
> *Subject:* [cisco-voip] Configure cisco 871 Branch Office VoIP
>
>
>
> Hi All,
>
> Bellow is the configuration of our one of the branch office VoIP router. I
> would like to share it with you guys and see whether someone can suggest
> me better VLAN, QoS configuration. Also, I have policy map 2MB spplied for
> FastEthernet 4 and Tunnel. Is this right?
>
> I would greatly appreciate your comments.
>
>
>
> Best regards,
>
> Manoj
>
>
>
> Building configuration...
>
> Current configuration : 7520 bytes
> !
> version 12.4
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname XXXXX_871
> !
> boot-start-marker
> boot-end-marker
> !
> logging buffered 51200 warnings
> enable password xxxxxxxx
> !
> aaa new-model
> !
> !
> !
> aaa session-id common
> !
> resource policy
> !
> ip cef
> !
> !
> no ip dhcp use vrf connected
> ip dhcp excluded-address 192.168.5.1 192.168.5.99
> ip dhcp excluded-address 192.168.5.151 192.168.5.254
> ip dhcp excluded-address 172.198.10.1 172.198.10.99
> ip dhcp excluded-address 172.198.10.151 172.198.10.254
> !
> ip dhcp pool VLAN10
> network 172.198.10.0 255.255.255.0
> default-router 172.198.10.1
> domain-name xxxx.com
> dns-server 211.129.14.134
> lease 7
> !
> ip dhcp pool VLAN20
> network 192.168.5.0 255.255.255.0
> default-router 192.168.5.1
> domain-name xxxx.com
> dns-server 211.129.14.134
> option 150 ip 172.16.0.10
> lease 7
> !
> !
> no ip domain lookup
> ip domain name xxxx.com
> !
> !
> crypto pki trustpoint TP-self-signed-1440134037
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-1440134037
> revocation-check none
> rsakeypair TP-self-signed-1440134037
> !
> !
> crypto pki certificate chain TP-self-signed-1440134037
> certificate self-signed 01
> 3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> quit
> username pbxl privilege 15 secret 5 $1$Ce8g$9S4kDri6Yyg2gBCVSS1LI0
> !
> !
> class-map match-any AutoQoS-VoIP-RTP-Trust
> match ip dscp ef
> class-map match-any AutoQoS-VoIP-Control-Trust
> match ip dscp cs3
> match ip dscp af31
> !
> !
> policy-map AutoQoS-Policy-Trust
> class AutoQoS-VoIP-RTP-Trust
> priority percent 70
> class AutoQoS-VoIP-Control-Trust
> bandwidth percent 5
> class class-default
> fair-queue
> policy-map Shape-2MB
> class class-default
> shape average 2000000
> service-policy AutoQoS-Policy-Trust
> !
> !
> !
> crypto isakmp policy 10
> encr 3des
> hash md5
> authentication pre-share
> group 2
> crypto isakmp key 6 xxxxxx address 210.181.112.194 no-xauth
> !
> !
> crypto ipsec transform-set XXXLKAMIYA esp-3des esp-md5-hmac
> !
> crypto ipsec profile GREPRO
> set transform-set XXXLKAMIYA
> !
> !
> !
> !
> !
> interface Tunnel0
> bandwidth 2000
> ip address 10.0.20.2 255.255.255.0
> tunnel source Dialer0
> tunnel destination 210.181.112.194
> tunnel mode ipsec ipv4
> tunnel protection ipsec profile GREPRO
> service-policy output Shape-2MB
> !
> interface FastEthernet0
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet1
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet2
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet3
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet4
> bandwidth 2000
> no ip address
> ip nat outside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> duplex auto
> speed auto
> pppoe enable
> pppoe-client dial-pool-number 1
> service-policy output Shape-2MB
> !
> interface Vlan1
> description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
> ip address 172.198.1.1 255.255.255.0
> !
> interface Vlan10
> description Data Vlan 1
> ip address 172.198.10.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> !
> interface Vlan20
> description Voice Vlan 1
> ip address 192.168.5.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> !
> interface Dialer0
> bandwidth 2000
> ip address negotiated
> ip mtu 1452
> ip nat outside
> ip virtual-reassembly
> encapsulation ppp
> dialer pool 1
> dialer-group 1
> no cdp enable
> ppp authentication chap pap callin
> ppp chap hostname xxxxxx8@ffa.xxx.xxx.com
> ppp chap password 0 xxxx93
> ppp pap sent-username xxxxxx8@ffa.xxx.xxx.com password 0 cyum93
> !
> ip route 0.0.0.0 0.0.0.0 Dialer0
> ip route 172.16.0.0 255.255.0.0 Tunnel0
> !
> !
> ip http server
> ip http access-class 23
> ip http authentication local
> ip http secure-server
> ip http timeout-policy idle 60 life 86400 requests 10000
> ip nat inside source list 1 interface Dialer0 overload
> !
> access-list 1 permit 192.168.5.0 0.0.0.255
> access-list 1 permit 172.198.10.0 0.0.0.255
> dialer-list 1 protocol ip permit
> no cdp run
> !
> !
> !
> !
> control-plane
> !
> rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for
> Voice Drops" owner AutoQoS
> rmon alarm 33333 cbQosCMDropBitRate.18.3164929 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33334 cbQosCMDropBitRate.34.5364641 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33335 cbQosCMDropBitRate.50.14618161 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33336 cbQosCMDropBitRate.66.2065329 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> banner login ^C
> -----------------------------------------------------------------------
> cisco Router and Security Device Manager (SDM) is installed on this
> device.
> This feature requires the one-time use of the username "cisco"
> with the password "cisco". The default username and password have a
> privilege level of 15.
>
> Please change these publicly known initial credentials using SDM or the
> IOS CLI.
> Here are the cisco IOS commands.
>
> username <myuser> privilege 15 secret 0 <mypassword>
> no username cisco
>
> Replace <myuser> and <mypassword> with the username and password you want
> to use.
>
> For more information about SDM please follow the instructions in the QUICK
> START
> GUIDE for your router or go to http://www.cisco.com/go/sdm
> -----------------------------------------------------------------------
> ^C
> !
> line con 0
> no modem enable
> line aux 0
> line vty 0 4
> length 0
> transport input telnet ssh
> !
> scheduler max-task-time 5000
> end
>
>
>
> ------------------------------
>
> CONFIDENTIALITY STATEMENT
> This communication and any attachments are CONFIDENTIAL and may be
> protected by one or more legal privileges. It is intended solely for the use
> of the addressee identified above. If you are not the intended recipient,
> any use, disclosure, copying or distribution of this communication is
> UNAUTHORIZED. Neither this information block, the typed name of the sender,
> nor anything else in this message is intended to constitute an electronic
> signature unless a specific statement to the contrary is included in this
> message. If you have received this communication in error, please
> immediately contact me and delete this communication from your computer.
> Thank you.
>
> ------------------------------
>
>
> ________________________________________
_______
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
--
Omar E.P.T
-----------------
Certified Networking Professionals make better Connections!
http://omarept.blogspot.com/
Usysnet Corp
Open Source Solutions
www.usysnet.com.pe
| |
| Robert Kulagowski 2006-11-20, 7:11 pm |
| > "If you want to track MoS and other IP voice related statistics, you may
> want to implement IP SLA"
>
> Could you provide any suggestions about IP SLA, it's possible track MoS
> for Voice over Internet?
At your central site (10.255.1.5), you'd put something like:
ip sla monitor responder
At a remote site, you could:
ip sla 10
udp-jitter 10.255.1.5 16384 codec g729a
ip sla schedule 10 life forever start-time now
You could then do:
# sh ip sla stat
Round Trip Time (RTT) for Index 10
Latest RTT: 209 milliseconds
Latest operation start time: 07:26:32.224 AEDT Tue Nov 21 2006
Latest operation return code: OK
RTT Values:
Number Of RTT: 1000 RTT Min/Avg/Max: 204/209/314
milliseconds
Latency one-way time:
Number of Latency one-way Samples: 1000
Source to Destination Latency one way Min/Avg/Max: 104/104/107
milliseconds
Destination to Source Latency one way Min/Avg/Max: 100/105/209
milliseconds
Jitter Time:
Number of Jitter Samples: 999
Source to Destination Jitter Min/Avg/Max: 1/1/3 milliseconds
Destination to Source Jitter Min/Avg/Max: 1/5/105 milliseconds
Packet Loss Values:
Loss Source to Destination: 0 Loss Destination to
Source: 0
Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0
Voice Score Values:
Calculated Planning Impairment Factor (ICPIF): 14
MOS score: 3.96
Number of successes: 43
Number of failures: 0
Operation time to live: Forever
Which shows me that my calls to Sydney would be pretty good.
| |
| Lead Solution 2006-11-21, 1:11 am |
| Hi Matthew,
Thank you for your reply,
I have 2MB ADSL connection at branch office where I have 871 located.
regarding IOS firewall as this is still not in production I will configure
it once I get all other issue sorted out. Qos automatically generated as a
part of the auto qos voip trust command in interface and I have added bellow
parts
policy-map Shape-2MB
class class-default
shape average 2000000
service-policy AutoQoS-Policy-Trust
Which changes are you recommend t keep my Priority Queue / LLQ < 35% of
total bandwidth.
Thanks again everyone, I would greatly appreciate your comments when you
have time.
Manoj
On 11/21/06, Linsemier, Matthew <MLinsemier@apcapital.com> wrote:
>
> Manoj,
>
>
>
> Can you provide a few more details?
>
>
>
> - Is this a public or private circuit?
> - Is this a symmetrical 2mb link?
>
>
>
> Some things to look at:
>
>
>
> - No IOS firewall has been enabled (if this is a public link, you
> will want to do this)
> - As a best practice cisco states that you should keep your Priority
> Queue / LLQ < 35% of total bandwidth
> - As a security best practice you may want to disable telnet and
> http and stick with ssh and https
> - If you want to track MoS and other IP voice related statistics,
> you may want to implement IP SLA
>
>
>
> Matt
>
>
>
>
> ------------------------------
>
> *From:* cisco-voip-bounces@puck.nether.net [mailto:
> cisco-voip-bounces@puck.nether.net] *On Behalf Of *Lead Solution
> *Sent:* Monday, November 20, 2006 10:39 AM
> *To:* cisco-voip@puck.nether.net
> *Subject:* [cisco-voip] Configure cisco 871 Branch Office VoIP
>
>
>
> Hi All,
>
> Bellow is the configuration of our one of the branch office VoIP router. I
> would like to share it with you guys and see whether someone can suggest
> me better VLAN, QoS configuration. Also, I have policy map 2MB spplied for
> FastEthernet 4 and Tunnel. Is this right?
>
> I would greatly appreciate your comments.
>
>
>
> Best regards,
>
> Manoj
>
>
>
> Building configuration...
>
> Current configuration : 7520 bytes
> !
> version 12.4
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname XXXXX_871
> !
> boot-start-marker
> boot-end-marker
> !
> logging buffered 51200 warnings
> enable password xxxxxxxx
> !
> aaa new-model
> !
> !
> !
> aaa session-id common
> !
> resource policy
> !
> ip cef
> !
> !
> no ip dhcp use vrf connected
> ip dhcp excluded-address 192.168.5.1 192.168.5.99
> ip dhcp excluded-address 192.168.5.151 192.168.5.254
> ip dhcp excluded-address 172.198.10.1 172.198.10.99
> ip dhcp excluded-address 172.198.10.151 172.198.10.254
> !
> ip dhcp pool VLAN10
> network 172.198.10.0 255.255.255.0
> default-router 172.198.10.1
> domain-name xxxx.com
> dns-server 211.129.14.134
> lease 7
> !
> ip dhcp pool VLAN20
> network 192.168.5.0 255.255.255.0
> default-router 192.168.5.1
> domain-name xxxx.com
> dns-server 211.129.14.134
> option 150 ip 172.16.0.10
> lease 7
> !
> !
> no ip domain lookup
> ip domain name xxxx.com
> !
> !
> crypto pki trustpoint TP-self-signed-1440134037
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-1440134037
> revocation-check none
> rsakeypair TP-self-signed-1440134037
> !
> !
> crypto pki certificate chain TP-self-signed-1440134037
> certificate self-signed 01
> 3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> quit
> username pbxl privilege 15 secret 5 $1$Ce8g$9S4kDri6Yyg2gBCVSS1LI0
> !
> !
> class-map match-any AutoQoS-VoIP-RTP-Trust
> match ip dscp ef
> class-map match-any AutoQoS-VoIP-Control-Trust
> match ip dscp cs3
> match ip dscp af31
> !
> !
> policy-map AutoQoS-Policy-Trust
> class AutoQoS-VoIP-RTP-Trust
> priority percent 70
> class AutoQoS-VoIP-Control-Trust
> bandwidth percent 5
> class class-default
> fair-queue
> policy-map Shape-2MB
> class class-default
> shape average 2000000
> service-policy AutoQoS-Policy-Trust
> !
> !
> !
> crypto isakmp policy 10
> encr 3des
> hash md5
> authentication pre-share
> group 2
> crypto isakmp key 6 xxxxxx address 210.181.112.194 no-xauth
> !
> !
> crypto ipsec transform-set XXXLKAMIYA esp-3des esp-md5-hmac
> !
> crypto ipsec profile GREPRO
> set transform-set XXXLKAMIYA
> !
> !
> !
> !
> !
> interface Tunnel0
> bandwidth 2000
> ip address 10.0.20.2 255.255.255.0
> tunnel source Dialer0
> tunnel destination 210.181.112.194
> tunnel mode ipsec ipv4
> tunnel protection ipsec profile GREPRO
> service-policy output Shape-2MB
> !
> interface FastEthernet0
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet1
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet2
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet3
> description ********** PC/VoIP **********
> switchport trunk native vlan 10
> switchport mode trunk
> switchport voice vlan 20
> auto qos voip trust
> spanning-tree portfast
> service-policy output AutoQoS-Policy-Trust
> !
> interface FastEthernet4
> bandwidth 2000
> no ip address
> ip nat outside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> duplex auto
> speed auto
> pppoe enable
> pppoe-client dial-pool-number 1
> service-policy output Shape-2MB
> !
> interface Vlan1
> description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
> ip address 172.198.1.1 255.255.255.0
> !
> interface Vlan10
> description Data Vlan 1
> ip address 172.198.10.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> !
> interface Vlan20
> description Voice Vlan 1
> ip address 192.168.5.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> ip tcp adjust-mss 1452
> !
> interface Dialer0
> bandwidth 2000
> ip address negotiated
> ip mtu 1452
> ip nat outside
> ip virtual-reassembly
> encapsulation ppp
> dialer pool 1
> dialer-group 1
> no cdp enable
> ppp authentication chap pap callin
> ppp chap hostname xxxxxx8@ffa.xxx.xxx.com
> ppp chap password 0 xxxx93
> ppp pap sent-username xxxxxx8@ffa.xxx.xxx.com password 0 cyum93
> !
> ip route 0.0.0.0 0.0.0.0 Dialer0
> ip route 172.16.0.0 255.255.0.0 Tunnel0
> !
> !
> ip http server
> ip http access-class 23
> ip http authentication local
> ip http secure-server
> ip http timeout-policy idle 60 life 86400 requests 10000
> ip nat inside source list 1 interface Dialer0 overload
> !
> access-list 1 permit 192.168.5.0 0.0.0.255
> access-list 1 permit 172.198.10.0 0.0.0.255
> dialer-list 1 protocol ip permit
> no cdp run
> !
> !
> !
> !
> control-plane
> !
> rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for
> Voice Drops" owner AutoQoS
> rmon alarm 33333 cbQosCMDropBitRate.18.3164929 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33334 cbQosCMDropBitRate.34.5364641 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33335 cbQosCMDropBitRate.50.14618161 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> rmon alarm 33336 cbQosCMDropBitRate.66.2065329 30 absolute
> rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
> banner login ^C
> -----------------------------------------------------------------------
> cisco Router and Security Device Manager (SDM) is installed on this
> device.
> This feature requires the one-time use of the username "cisco"
> with the password "cisco". The default username and password have a
> privilege level of 15.
>
> Please change these publicly known initial credentials using SDM or the
> IOS CLI.
> Here are the cisco IOS commands.
>
> username <myuser> privilege 15 secret 0 <mypassword>
> no username cisco
>
> Replace <myuser> and <mypassword> with the username and password you want
> to use.
>
> For more information about SDM please follow the instructions in the QUICK
> START
> GUIDE for your router or go to http://www.cisco.com/go/sdm
> -----------------------------------------------------------------------
> ^C
> !
> line con 0
> no modem enable
> line aux 0
> line vty 0 4
> length 0
> transport input telnet ssh
> !
> scheduler max-task-time 5000
> end
>
>
>
> ------------------------------
>
> CONFIDENTIALITY STATEMENT
> This communication and any attachments are CONFIDENTIAL and may be
> protected by one or more legal privileges. It is intended solely for the use
> of the addressee identified above. If you are not the intended recipient,
> any use, disclosure, copying or distribution of this communication is
> UNAUTHORIZED. Neither this information block, the typed name of the sender,
> nor anything else in this message is intended to constitute an electronic
> signature unless a specific statement to the contrary is included in this
> message. If you have received this communication in error, please
> immediately contact me and delete this communication from your computer.
> Thank you.
>
> ------------------------------
>
| |
| Linsemier, Matthew 2006-11-21, 7:11 pm |
| Manoj,
The real question is how many calls do you envision traversing this link
and what codec will you be using.
You can adjust your policy as follows to adjust to the recommended <35%
LLQ.
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 35
This will give you around 700k prioritized for voice traffic. Using
20ms packets at 50pps you can fit roughly 6-8 calls at g.711 (80kbps -
106kbps per call) or 16-25 calls at g.729 (28kbps - 43kpbs).
I don't remember the exact reasoning on why cisco recommends keeping the
priority queue < 35%, if anyone can refresh my memory I would appreciate
it.
Matt
________________________________
From: Lead Solution [mailto:lead.solution@gmail.com]
Sent: Monday, November 20, 2006 10:38 PM
To: Linsemier, Matthew
Cc: cisco-voip@puck.nether.net
Subject: Re: [cisco-voip] Configure cisco 871 Branch Office VoIP
Hi Matthew,
Thank you for your reply,
I have 2MB ADSL connection at branch office where I have 871 located.
regarding IOS firewall as this is still not in production I will
configure it once I get all other issue sorted out. Qos automatically
generated as a part of the auto qos voip trust command in interface and
I have added bellow parts
policy-map Shape-2MB
class class-default
shape average 2000000
service-policy AutoQoS-Policy-Trust
Which changes are you recommend t keep my Priority Queue / LLQ < 35% of
total bandwidth.
Thanks again everyone, I would greatly appreciate your comments when you
have time.
Manoj
On 11/21/06, Linsemier, Matthew <MLinsemier@apcapital.com> wrote:
Manoj,
Can you provide a few more details?
* Is this a public or private circuit?
* Is this a symmetrical 2mb link?
Some things to look at:
* No IOS firewall has been enabled (if this is a public link, you
will want to do this)
* As a best practice cisco states that you should keep your
Priority Queue / LLQ < 35% of total bandwidth
* As a security best practice you may want to disable telnet and
http and stick with ssh and https
* If you want to track MoS and other IP voice related statistics,
you may want to implement IP SLA
Matt
________________________________
From: cisco-voip-bounces@puck.nether.net [mailto:
cisco-voip-bounces@puck.nether.net
<mailto:cisco-voip-bounces@puck.nether.net> ] On Behalf Of Lead Solution
Sent: Monday, November 20, 2006 10:39 AM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Configure cisco 871 Branch Office VoIP
Hi All,
Bellow is the configuration of our one of the branch office VoIP router.
I would like to share it with you guys and see whether someone can
suggest me better VLAN, QoS configuration. Also, I have policy map 2MB
spplied for FastEthernet 4 and Tunnel. Is this right?
I would greatly appreciate your comments.
Best regards,
Manoj
Building configuration...
Current configuration : 7520 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXX_871
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable password xxxxxxxx
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.5.1 <http://192.168.5.1/> 192.168.5.99
<http://192.168.5.99/>
ip dhcp excluded-address 192.168.5.151 <http://192.168.5.151/>
192.168.5.254 <http://192.168.5.254/>
ip dhcp excluded-address 172.198.10.1 <http://172.198.10.1/>
172.198.10.99 <http://172.198.10.99/>
ip dhcp excluded-address 172.198.10.151 <http://172.198.10.151/>
172.198.10.254 <http://172.198.10.254/>
!
ip dhcp pool VLAN10
network 172.198.10.0 <http://172.198.10.0/> 255.255.255.0
<http://255.255.255.0/>
default-router 172.198.10.1 <http://172.198.10.1/>
domain-name xxxx.com <http://xxxx.com/>
dns-server 211.129.14.134 <http://211.129.14.134/>
lease 7
!
ip dhcp pool VLAN20
network 192.168.5.0 <http://192.168.5.0/> 255.255.255.0
<http://255.255.255.0/>
default-router 192.168.5.1 <http://192.168.5.1/>
domain-name xxxx.com <http://xxxx.com/>
dns-server 211.129.14.134 <http://211.129.14.134/>
option 150 ip 172.16.0.10 <http://172.16.0.10/>
lease 7
!
!
no ip domain lookup
ip domain name xxxx.com <http://xxxx.com/>
!
!
crypto pki trustpoint TP-self-signed-1440134037
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1440134037
revocation-check none
rsakeypair TP-self-signed-1440134037
!
!
crypto pki certificate chain TP-self-signed-1440134037
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101
04050030
quit
username pbxl privilege 15 secret 5 $1$Ce8g$9S4kDri6Yyg2gBCVSS1LI0
!
!
class-map match-any AutoQoS-VoIP-RTP-Trust
match ip dscp ef
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
!
!
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map Shape-2MB
class class-default
shape average 2000000
service-policy AutoQoS-Policy-Trust
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 6 xxxxxx address 210.181.112.194
<http://210.181.112.194/> no-xauth
!
!
crypto ipsec transform-set XXXLKAMIYA esp-3des esp-md5-hmac
!
crypto ipsec profile GREPRO
set transform-set XXXLKAMIYA
!
!
!
!
!
interface Tunnel0
bandwidth 2000
ip address 10.0.20.2 <http://10.0.20.2/> 255.255.255.0
<http://255.255.255.0/>
tunnel source Dialer0
tunnel destination 210.181.112.194 <http://210.181.112.194/>
tunnel mode ipsec ipv4
tunnel protection ipsec profile GREPRO
service-policy output Shape-2MB
!
interface FastEthernet0
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet1
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet2
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet3
description ********** PC/VoIP **********
switchport trunk native vlan 10
switchport mode trunk
switchport voice vlan 20
auto qos voip trust
spanning-tree portfast
service-policy output AutoQoS-Policy-Trust
!
interface FastEthernet4
bandwidth 2000
no ip address
ip nat outside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
service-policy output Shape-2MB
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 172.198.1.1 <http://172.198.1.1/> 255.255.255.0
<http://255.255.255.0/>
!
interface Vlan10
description Data Vlan 1
ip address 172.198.10.1 <http://172.198.10.1/> 255.255.255.0
<http://255.255.255.0/>
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan20
description Voice Vlan 1
ip address 192.168.5.1 <http://192.168.5.1/> 255.255.255.0
<http://255.255.255.0/>
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
bandwidth 2000
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxx8@ffa.xxx.xxx.com
ppp chap password 0 xxxx93
ppp pap sent-username xxxxxx8@ffa.xxx.xxx.com password 0 cyum93
!
ip route 0.0.0.0 <http://0.0.0.0/> 0.0.0.0 <http://0.0.0.0/> Dialer0
ip route 172.16.0.0 <http://172.16.0.0/> 255.255.0.0
<http://255.255.0.0/> Tunnel0
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.5.0 <http://192.168.5.0/> 0.0.0.255
<http://0.0.0.255/>
access-list 1 permit 172.198.10.0 <http://172.198.10.0/> 0.0.0.255
<http://0.0.0.255/>
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for
Voice Drops" owner AutoQoS
rmon alarm 33333 cbQosCMDropBitRate.18.3164929 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33334 cbQosCMDropBitRate.34.5364641 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33335 cbQosCMDropBitRate.50.14618161 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
rmon alarm 33336 cbQosCMDropBitRate.66.2065329 30 absolute
rising-threshold 1 33333 falling-threshold 0 owner AutoQoS
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this
device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a
privilege level of 15.
Please change these publicly known initial credentials using SDM or the
IOS CLI.
Here are the cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you
want to use.
For more information about SDM please follow the instructions in the
QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
length 0
transport input telnet ssh
!
scheduler max-task-time 5000
end
________________________________
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL and may be
protected by one or more legal privileges. It is intended solely for the
use of the addressee identified above. If you are not the intended
recipient, any use, disclosure, copying or distribution of this
communication is UNAUTHORIZED. Neither this information block, the typed
name of the sender, nor anything else in this message is intended to
constitute an electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete this
communication from your computer. Thank you.
________________________________
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL and may
be protected by one or more legal privileges. It is intended
solely for the use of the addressee identified above. If you
are not the intended recipient, any use, disclosure, copying
or distribution of this communication is UNAUTHORIZED. Neither
this information block, the typed name of the sender, nor
anything else in this message is intended to constitute an
electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete
this communication from your computer. Thank you.
|
|
|
|
|