Login    Password        Sign Up   Forgot Password
Sunday, December 10, 2023


Site Search


CCNA 2.0 
CCNP 2.0-
Multilayer -
Switched Network 
CCNP 2.0- 
CCNP Network-
Design Associate 
Netwrok WAN-
switching BSSC
Design 3.0
Pix Firewall 



MCSE Cert.
MCSD Cert. 
The Work 
Areas of Work 
Career Prospects 


Govt. Exams

Cisco BCRAN - Building Cisco Remote Access Networks

This study guide is developed to provide you with an overview of the Cisco 505 BCRAN subject. You are suggested to use this study guide to give yourself a “bird eye view” of the exam. 


Exam Objectives

According to Cisco, the Cisco Remote Access exam includes topics on wide area network concepts, configuration of an asynchronous interface on a Cisco router, implementing Point-to-Point Protocol and various authentication schemes, Dial-on-Demand Routing, and leased lines.



Similar to most of the Cisco exam, you must be familiar with concepts of TCP/IP and the OSI model.

For a good tutorial on TCP/IP, you may visit

In addition, you may learn more about the OSI model at


This exam has a lot of WAN stuff. You should have solid knowledge on ISDN, X.25 and Frame Relay

For information on ISDN:

For tutorial on Frame Relay:

For tutorial on X.25:

Tutorials on PPP:

Commands for setting up X.25 and LAPB 

Configuring Frame Relay:

Configuring ISDN DDR

Configuring ISDN line


Apart from WAN connectivity, you must also be familiar with the various remote access authentication and security technologies

Tutorials on PAP and CHAP:

Advanced traffic shaping

Outbound traffic queuing


Tutorial on RADIUS

Tutorial on TACACS

Introduction to VPN

NAT Configuration


Do NOT use this study guide as your sole study resource. Successful completion of the 505 exam requires both practical experience as well as lots and lots of reading.

On the actual exam you will encounter questions on IOS commands as well as many terms. For the commands, Cisco’s original documentation has very detailed coverage.

WAN Connections

3 types of connection

  • Dedicated connection via Synchronous serial

    1. Continuously available links

    2. Protocols include PPP, HDLC, SLIP

  • Circuit-switched connection via Asynchronous serial or ISDN

    1. Requires call setup

    2. Requires call teardown

    3. Connections are made based on needs

    4. Protocols include PPP, SLIP

  • Packet-switched connection via Synchronous serial

    1. Establish VCs

    2. Share bandwidth

    3. Lower cost than leased line

    4. Protocols include  X.25, Frame Relay, ATM

Considerations when choosing a WAN connection type

  • Amount of data transfer

  • Availability

  • Bandwidth

  • Cost

  • Management

  • QoS

  • Security

Comparison between the alternatives

Dedicated Lease Line



  • 24 x 7 connection

  • Very stable

  • Point-to-point fixed path

  • Maximum control

  • Expensive

  • Uses the phone company networks

  • Mostly on as needed basis

  • Lower cost (charge based on usage)


  • Shared bandwidth

  • More efficient than circuit switching and less costly than leased line

  • Can go for 24 x 7 connection

  • Non-fixed path

  • Less control than lease line


Site Considerations

  • Central Site

    1. Must provide access to multiple users from different sites

    2. Must control the costs

  • Branch Site

    1. Must be able to connect to the central site

  • Telecommuter Site

    1. Must be able to access company information on demand

    2. Request may be made from various remote locations

You use the Cisco Product Selection Tools to choose the appropriate products for the connection types.


Cisco 700 series router is for

  • Telecommuter

  • Small office

  • Home office


Functions include

  • Networking

  • Routing

  • WAN Connectivity

  • ISDN

  • Telephony


Router Access Modes 

  • Character mode‘s 4 line types

    1. AUX stands for Auxiliary port

      • Uses RJ45

    2. CON stands for Console port

      • Uses RJ45

    3. TTY refers to the Asynchronous port

    4. VTY refers to the Virtual terminal

  • Packet mode’s types

    1. Async or Group-async

    2. BRI or PRI

    3. Serial

    4. Dialer profiles

    5. Dialer rotaries


  • Classified as Data communications equipment DCE

  • Converts digital signals to analog signals

  • Signaling functions

    1. TxD - Transmit data

    2. RxD - Receive data

    3. GRD - Grounding

  • Hardware flow control

    1. RTS - Request To Send

    2. CTS  - Clear To Send

  • Modem control

    1. DTR - Data Terminal Ready

    2. CD - Carrier Detect

    3. DSR - Data Set Ready

  • Modem Modulation ITU Standards

    1. V.22                          : 1200 bps

    2. V.22bis                      : 2400 bps

    3. V.32                          : 9600 bps

    4. V.32bis                      : 14.4 kbps

    5. V.34                          : 28.8 kbps

    6. V.34 annex 1201H        : 33.6 kbps

    7. V.90                          : 56 kbps

  • Error detection & correction with Microcom Networking Protocol MNP

    1. MNP 2–4 in public domain

    2. MNP 10 for cellular

  • Error detection & correction with CCITT V.42

    1. LAP-M

    2. MNP 4

  • Data compression

    1. MNP - 5: 2:1 compression ratio

    2. V.42bis - 4:1 compression ratio

  • Modem autoconfiguration

    1. Can configure the modems without the need to use modem configuration commands

    2. Can auto-discover the modems

    3. Can reconfigure the modems each time the AT commands are sent to match the current line settings



  • Multiple protocol encapsulations are done with NCP

  • Link setup and control are done with LCP

  • Multiple protocols supported

  • PPP PAP is a type of authentication that uses clear text

  • Keep in mind that clear text transfer is always insecure

  • PPP CHAP is a type of authentication much more secure than PAP, as traffic is encrypted

  • To enable CHAP, you need to enable PPP encapsulation for the router interface, then enable chap with ppp and finally set the usernames and passwords

  • Provide callback when the callback timer is stopped

  • Also provide callback service when the PPP NCP negotiation is successful


Multilink PPP

  • Load balanced PPP

  • Controlled by adding a sequencing header in the PPP frame

  • Can work with:

  • Asynchronous serial interface

  • Synchronous serial interface

  • BRI and PRI interfaces

  • Can work on a dialer rotary group



  • A serial encapsulation method for private serial line

  • Work at the data link layer

  • Enable orderly reliable data exchange between DTE and DCE

  • Need to use one of the X.25 packet-level encapsulations when this is attaching to an X.25 network

  • 2 types of hosts

    1. Data terminal equipment DTE

    2. Data circuit-terminating equipment DCE

  • Router using LAPB can act as a DTE or DCE at the protocol level

  • Provide greater throughput than High-Level Data Link Control encapsulation in congested environment

  • Router resends the missing frame but not waiting for the higher layers to recover

  • Uses priority and custom queueing to improve the responsiveness of a link to a given type of traffic

  • Priority queueing assigns packets to one of the 4 output queues: high, medium, normal, or low priority

  • Custom queueing assigns packets to one of the 10 output queues and controls the % of the available bandwidth for the queue



Description and Interfaces

TE1 - Has an ISDN Interface. DS0=64Kbps=Digital Signal Level 0

TE2 - Does not have an ISDN interface; requires a TA (Terminal Adapter). The TA is typically an ISDN Modem. The TA converts the signal to ISDN standards. DS0=64Kbps

ISDN PRI US T1 - Requires different connectors. Uses DB15 and RJ48 connections. DS1=1.54Mbps contains 24 DS0’s

- Requires 4 connections DB15 before the CSU/DSU and 4 RJ45 and/or DB15 connections to the switch. 30 X DS0

In Europe, the ISDN service provider provides the NT1. In the US, the customer supplies the NT1.


Logical Interfaces

RSTUV-Logical Reference Points

Rate Reference Point - Located between the NON ISDN router interface and the Terminal Adapter (TA).

System Reference Point - Is the reference point between the router with an ISDN Interface and the NT2 or TA and NT2. Non-US demarcation.

Terminal Reference Point - The reference point between the TE1 and NT1 and/or TA. If there is an NT2 (Customer Switching Equipment), the reference point is included to the NT1 as well. This point is NON-US demarcation.

User Reference Point - This reference point is a US demarcation. It references the point between the NT1 and the LT.

V Reference Point - Located between the LT and the ET. Also referred to as the local exchange.

ISDN Protocols - ITU-T Groups the protocols, interfaces and addressing.

E-series - describes telephone network ex. E.164=International addressing for ISDN.

I-series - describes Interfaces & Concepts ex. I.430=BRI Interface.

Q-series - describes switching and signaling. (e.g. Q.921=LAPD Link Access Procedure D channel, Q.931 DSS1 Digital Subscriber Signaling #1)


Configuring ISDN BRI

1. Select your switch type (provided by your service provider)

Router2 (config)# isdn switch-type basic-5ess (basic-5ess is the switch type) Router2 (config-if)# isdn switch-type basic-5ess (basic-5ess is the switch type)

2. Configure the appropriate interface on the router.

  • Router2 (config)# interface bri X (x = the interface you are going to configure)

  • For a TE1 non-ISDN interface use the interface serial command.

  • Router2 (config)# interface serial X (x = the interface you are going to configure)

3. Set SPID's (Service Profile Identifiers). The service provider assigns these numbers.

  • Router2 (config-if)# isdn spid1 512790203300

  • Router2 (config-if)# isdn spid1 512790203400

4. Set the appropriate protocol for encapsulation and set the protocol for authentication. PPP or HDLC can be used for encapsulation. CHAP or PAP can be used for authentication. CHAP is encrypted; PAP sends information in plain text.

  • Router2 (config-if)# encapsulation ppp

  • Router2 (config-if)# authentication chap

Dial on Demand Routing (DDR)

DDR for ISDN - Use DDR for connections that do not need to be connected for long periods of time. Determine what traffic is "interesting" and needs to be routed. Use access lists to restrict broadcasts such as SAP updates and permit traffic that needs to be forwarded. You can also use the passive interface command to prevent the forwarding of routing updates ex. IGRP, OSPF

dialer list is the command used to configure DDR. This command is used to first initiate the call and used to control the protocol for dialing.

1. Define what traffic is interesting. An access-list command can be used following this dialer-list command to specify the appropriate traffic to be forwarded.

  • Router2 (config)# dialer-list 3 protocol ip permit

  • Router2 (config)# access-list 5 permit protocol ip x.x.x.x any 10.98.98.x any

2. Assign the dialer-list to the appropriate interface.

  • Router2 (config-if)# interface bri 2

  • Router2 (config-if)#dialer-group 3 (3= the group number)

3. Assign the destination. Use the dialer map command to specify the destination parameters.

  • Router2 (config-if)#dialer map router3 5125551092

4. Determine which call options to use. To use DDR successfully, you must specify the appropriate call values.

  • Router2 (config-if)# dialer fast-idle 30 (if the interface is busy and another call needs to be placed, 30 specifies to disconnect the call if the line is idle for over 30 seconds)

  • Router2 (config-if)# dialer idle-timeout 180 (tells the interface to disconnect after idle for 180 seconds)

  • Router2 (config-if)# dialer load-threshold 128 either (1-255 value tells the router at what level to make another call to another destination)

Options can be inbound, outbound or either.

Rate adaptation - The data speed of an ISDN line can be slowed down to 56K if necessary. Use the speed option with the dialer map command.

Router2 (config-if)# dialer map router3 5125551092 speed 56 broadcast 5125551038


Backup Interfaces Load and Outage

This is important for fault tolerance and useful when interfaces exceed the expected load. Follow these simple steps to back up an interface:

For OUTAGE backup

1. Select the interface you want to use as a backup.

  • Router2 (config)# interface serial 0

2. Select the interface you want to backup.

  • Router2 (config-if)# backup interface bri2

3. Set when you want the backup line to come up. Set on/off parameters.

  • Router2 (config-if)# backup delay 60 30 (60 designates ON after bri2 is down for 60 seconds) (30 designates OFF after bri2 is back online)

For LOAD backup

Follow steps one and two above. Use the backup load command to back up the primary line. Values are based on percentages.

Set the bandwidth ON/OFF values for the backup interface.

Router 2 (config-if)# backup load 50 10 (50 designates ON when bri2 exceeds 50% of bandwidth) (10 designates OFF after bri2 reaches within 10% of the total bandwidth) 40% of line bri2



ISDN Protocols - ISDN uses several protocols; which protocol each channel uses is crucial to understanding how ISDN works.

PRI Functional Groups and Reference Points - Since an ISDN BRI requires the use of a CSU/DSU the logical groups and reference points are much easier to identify. Note that the above diagram is for PRI and BRI.

ISDN PRI can be configured in 5 very complicated steps. SCFLC (Swami Can Fix Left-handed Clocks) can be used to remember the steps. For PRI you configure Switch type, Controller, Frame type, Linecode, and Clocksource.


Syntax to configure ISDN PRI

1. Select your switch type.

  • isdn switch-type pri-5ess

2. Choose the controller.

  • controller T1 slot/port

  • controller T1 2/1

3. Specify the frame type.

  • framing esf

4. Specify the linecode.

  • linecode b8zs

5. Specify clocksource

  • clock source 1 primary

ISDN PRI can accept incoming calls from analog lines by using the following command:

isdn incoming-voice modem

ISDN Physical Interfaces – SERIAL


EIA/TIA -449

EIA -530


BOD Bandwidth on Demand - Can be used on BRI or PRI channels to supply additional bandwidth once a channel is connected. PPP Multilink must be enabled. The traffic trigger can be set for inbound, outbound or either. The value metric is 0-255. (255 equals 100%) Example:

Dallas2 (config)# interface bri 0

Dallas2 (config-if)# dialer load-threshold 128 either (specifies at 50% load either direction bring up additional line)

ISDN Caller ID Screening - ISDN can also be configured to only accept certain calls from certain numbers. X's can be used as wildcards. Example:

Dallas2 (config-if)# isdn caller 1512555xxxx (allows any inbound call from 512 are code with 555 exchange)


X.25 is a packet switched layer 2 protocol that operates at the Data Link Layer of the OSI model. This protocol works by encapsulating the layer 3 protocols. The max speed for X.25 is 128K. X.25 was engineered for strong error checking and flow control at layers 2 and 3. X.25 uses LAPB and it is very reliable, it also uses sliding windows (much like TCP/IP) for flow control. Options for flow control on the interface must match the remote router. X.25 uses SVC's (Switched Virtual Circuits) and PVC's (Permanent Virtual Circuits). PVC's are always connected. Use show interface to view configuration.

Datagram Encapsulation

Network Function - X.25 is highly available and used worldwide.

PAD - Is a Packet Assembler Deassembler that can also be a router. It collects the data transmissions from the terminals and gathers them into a X.25 data stream and vice versa. PAD acts like a multiplexer for the terminals. During configuration of the X.25 you specify whether the interface will act as a DCE or DTE. When configured as a DCE the router behaves as an X.25 switch.

X.121 - Is the addressing standard. Static mappings must be made manually. X.25 does not support ARP. The addressing standard is a 4-digit country code. The following 8 to 11 digits are assigned by the X.25 service provider:

  • DTE Router or Pad

  • DCE (Switch or Concentrator)

To configure an X.25 interface for SVC - Define the encapsulation, assign the X.121 address and use map statements to link the X.121 logical address with the IP protocol or other addresses. Options for flow control must match on both sides.

Steps to configure X.25 on an interface

SanAton2 (config)# interface serial 2

SanAton2 (config-if)# encapsulation x25

SanAton2 (config-if)# x25 address 316012345678 (316 country code the whole # specifies the x25 address)

SanAton2 (config-if)# ip address (configures the IP address for the interface)

SanAton2 (config-if)# x25 map ip 3160987654321 broadcast (maps the target IP address to the x121 address)

To configure an X.25 interface for PVC - Is exactly the same as above except for the last step. You use the pvc command instead of the map command to establish the PVC.

SanAton2 (config-if)# x25 pvc 6 ip 3160987654321 broadcast (maps the target IP address to the x121 address #6 establishes virtual circuit 6)

Options for X.25 - Windows and packet sizes must match on both sides of the connection. Use the x25 ips command for incoming packet size and x25 ops for outgoing packet size. Window size uses a counter for when to send an acknowledgement. x25 win and x25 wout commands are used. The module controls the size of the window, 8 or 128 is used to specify the number of packets.

Frame Relay

Frame Relay Interfaces - Serial interfaces use DB-60 connectors. Frame relay requires the use of a CSU/DSU. Like X.25, frame relay uses SVC's and PVC's. PVC's are used for frequent and long connection times. SVC's are for sporadic infrequent traffic. List settings with show interface command or show frame-relay map command.

EIA/TIA232 EIA/TIA449 .V35 X.21 = Physical interfaces

Frame Relay Bandwidth - Max throughput is 2 Mbps to 56Kbps. Frame relay is a layer 2 protocol. It uses the upper layer for error correction. It is faster than x.25.



Line Management Interface is the standard for signaling. There are 3 types:

  • Cisco LMI


  • q.933a LMI

Cisco is the default. Service provider will specify the LMI in use.

  • LMI's control data keep alives and verify the dataflow.

  • Use multicast mechanism to provide network server the DCLI.

  • Use multicast addressing so DLCI has global significance.

  • Verifies the DLCI's in use and status to the local Frame relay switch.

    LMI Autoconfigure  

    A router with IOS 11.2 and newer does not need to be configured for the LMI. The newer routers will send a signal to the FR switch to determine the LMI in use.



    Data Link Connection Identifier verifies the logical circuits in use and the status from the CPE to the Frame Relay switch.

    DLCI states are

    Deleted - No LMI signal being received from switch or no service available from switch.

    Active - Lines are up; connections are active. Routers are exchanging data.

    Inactive - Frame relay switch to local connection is working. The remote routers' connection to the frame switch is not working.

    Encapsulation Types - Are Cisco and IETF. Cisco is the default. If the router is a non-Cisco router, use IETF. This designation can be made per DLCI. Even if all the routers are Cisco, you can communicate with a location with non-Cisco router. Specify the IETF encapsulation and DLCI. You can use this with the map command. In short, encapsulation can be set per interface or per destination. Example:

    Dallas2 (config-if)# frame-relay map ip 25 broadcast IETF
    (25 = the DLCI#)

    Steps to configure frame relay:

    1. Select the interface.

    • Dallas2 (config)# interface serial 3

    2. Assign an IP address to the interface.

    • Dallas2 (config-if)# ip address

    3. Select the encapsulation mode.

    • Dallas2 (config-if)# encapsulation frame-relay cisco (this is an example of setting the encapsulation per interface. All traffic leaving interface will be Cisco.)

    4. Set the LMI (not necessary with IOS 11.2 and up).

    • Dallas2 (config-if)# frame-relay lmi-type cisco

    5. Map protocol.

    • Dallas2 (config-if)# frame-relay map ip 25 broadcast cisco

    Split Horizon and Routing Updates 

    Since routing updates should not be sent out the same interface you learned the update from (his causes routing loops), the solution to fixing this problem is creating subinterfaces with different DLCI's.


    Each subinterface has its own DLCI enable multipoint connection. Routing updates will now work properly.

    Traffic Shaping - Since the speed of the frame relay circuits can vary, it is important to control how much and which traffic is sent or received on an interface.

    Queuing - Priority, weighted fair and custom queuing allow for specialized control of the traffic.

    Rate Enforcement - You can configure the maximum amount of traffic to pass out the interface by setting the transmission rate. Usually determined by the CIR (Committed Information Rate). Use the following commands when setting up the frame relay: (*Note: uses map classes)

    Dallas2 (config-map-class)# frame-relay traffic-rate 9600 33600 (9600 specifies the average, 33600 specifies the peek rate)

    Dallas2 (config-if)# frame-relay traffic-shaping

    BECN/FECN Support - Dynamic monitoring of the congestion of the frame relay network. Requires Cisco IOS 11.2 or higher to support BECN monitoring.

    FECN – (Forward Explicit Congestion Notification) When the frame relay switch becomes congested it sends a FECN to the destination.

    BECN – (Backward Explicit Congestion Notification) When the frame relay switch becomes congested it sends a BECN to the source.

    To use traffic shaping with the BECN support use the following commands: *Note uses map classes.

    Dallas2 (config-map-class)# frame-relay adaptive-shaping becn

    Dallas2 (config-if)# frame-relay traffic-shaping

    Modems Asych

    Physical Interfaces – (RJ11 or DB25) The connection from the router is a DB60 connection.

    Cable Signals – DTR (Data Terminal Ready) is controlled by a router or PC; used to verify the connection and able to receive data.

    DSR – (Data Set Ready) Says modem is on and ready for action. Usually sent on power on. Says DCE is ready.

    Hardware Flow Control - RTS (Ready to Send) tells modem to send data.

    CTS – (Clear to Send) from DCE tells PC/router to send data.

    Use DTE lock to avoid speed mismatch. Modem often tries to match the inbound transfer rate of the modem to the DTE.

    LOCK DTE for speed conversion.

    Asynch Configuration Commands

    Line config - Commands change the physical attributes. See below.

    • Dallas2 (config)# line 20

    • Dallas2 (config-if)# login local

    • Dallas2 (config-if)# speed 115200

    • Dallas2 (config-if)#modem inout (enables modem for inbound and out calls)

    • Dallas2 (config-if)#modem dialin (default)

    Interface asynch
    - Commands configure the protocols.

    • Dallas2 (config)# asynch 20

    • Dallas2 (config-if)#encapsulation ppp

    • Dallas2 (config-if)#ppp authentication local

    Help for modem commands - In a reverse Telnet session, use these commands for help. AT$H or AT$

    Adding Modems to Router - The router has a built-in modem compatibility database (modemcap). Use the following command to have the router search and configure the new modem:

    Dallas2 (config)# modemcap autoconfigure discovery (autoconfigure)

    Dallas2 (config)#show modemcap (displays modems in database)

    Edit the database to add a new entry or modify and existing entry.

    Dallas2 (config)#modemcap edit new_modem_name attribute value

    This command is used to debug the modem auto configuration:

    Dallas2 (config)# debug conf modem

    Chat Scripts - Can be triggered for DDR, on startup, on connection, line activation and to reset modems. Chat scripts are useful because they can reset modem configurations, dial and remotely login to a host and detect line failure. They can be used to initialize a modem attached to a router, automatically dial out on a modem, login and execute commands on another system or router.

    Modem troubleshooting commands

    show line (shows the modems physical config) as noted above the line command is for physical attributes.

    clear line (returns the interface to idle state)

    Modem control commands CD (Carrier Detect) if modem is not configured properly and the CD state is not passed or recognized the session stays open. Someone can connect to that session without having to authenticate.

    Rotary Groups

    Dialer map - this command can be used to call multiple areas with the same configuration.

    Dialer interface - is a logical interface that can be applied to multiple interfaces.

    Dialer rotary groups - allows you to apply a logical interface to multiple physical interfaces.

    How to configure a Rotary Hunt Group :

    Dallas2 (config)# interface bri 0

    Dallas2 (config-if)# dialer rotary-group2

    Dallas2 (config)# interface bri 1

    Dallas2 (config-if)# dialer rotary-group2

    Dallas2 (config)# interface bri 2

    Dallas2 (config-if)# dialer rotary-group2

    Dallas2 (config)# interface dialer 1 (this command creates the dialer rotary group)

    With this setup, if an incoming line is busy the next line is tried.

    Dialer Hold Times - specifies the amount of time the line is idle.

    Dallas2 (config-if)# dialer idle-timeout x (x= the number of seconds)

    Analog lines take longer to make a connection, so use the wait-for-carrier-time command to tell the analog line to wait until a proper connection is made. Example:

    Dallas2 (config-if)# dialer wait-for carrier-time x (x=the number of seconds)

    Dialer Profiles

    Dialer Profiles - Are logical interfaces that can be used to control encapsulation, access list and control features per call. The key to Dialer profiles is they can take a physical interface and make connections to a specific destination with specific call parameters.

    Dialer Profile Components:

    • Dialer Interfaces (uses a per destination dialer profile)

    • Dialer Map Classes

    • Dialer Pools

    • Physical Interfaces

    The Advantages of Using Dialer Profiles:

    • ISDN channels can be split.

    • Different DDR settings can be made for each B-Channel.

    • BRI and PRI channels can be added to multiple dialing pools.

    • B-Channels can be configured to call different locales with different IP addresses and subnets.

    • An Interface can belong to multiple pools.

    A dialer map (sets configuration) can be applied to several dialer interfaces:

    *Note Asynch5 belongs to both dialer pools

    Adding interfaces to a dialer pool - Use the following command:

    Dallas2 (config-if)# dialer pool member x (x= can equal a number 1-255)


    PPP - Is an encapsulation standard used over Asynch serial, Synch serial and ISDN.

    NCP - Is a layer protocol of PPP; encapsulates multiple protocols.

    LCP - Another component of PPP is responsible for authentication, multilink, callback and compression.

    Setting the configuration to autoselect allows login to adapt to encapsulation in use. (SLIP or PPP)

    Setting the configuration to asynch mode dedicated dial in session is forced to use the encapsulation specified.

    Authentication – (CHAP or PAP) CHAP is encrypted, while PAP login and password information are sent in plain text.

    Addressing with PPP - A router can be used to assign a static IP address or have the dial-in user specify an IP address. The router can also be used as a DHCP server.

    Static mapping on an interface:

    Dallas2 (config-if)# ip address (forces dial-in connection to use as an IP address)

    For point-to-point only, the ip unnumbered command can be used. It uses the address of the interface as the source of the packet. Example:

    Dallas2 (config-if)#ip unnumbered

    To assign an IP addresses or use DHCP and/or pool of addresses use the peer default ip address command. Example:

    Dallas2 (config-if)# peer default ip address dhcp

    To allow the user or client dialing in to specify an address use the async dynamic address command. Example:

    Dallas2 (config-if)#async dynamic address

    PPP Call Back Configuration

    The configuration of the hold queue timer is vital to the success of a PPP call back configuration. Hold queue time out must be long enough to allow the call back server to make the return call before the timeout limit is hit.

    Dallas2 (config-if)#dialer hold-queue 300 timeout 60 (specifies 300 packets are held on the queue and it times out after 60 seconds)

    Call back configuration sample (Global Mode)

    Dallas2 (config-if)# ppp callback accept

    Dallas2 (config)#username hackmi password giforgot callback-dialstring 2145551234 callback-line 1 callback-rotary 2 (callback-dialstring = the number to call back, callback-line = specifies the line to call back on)

    Line configuration mode sample

    Dallas2 (config-if)# ppp callback accept

    Dallas2 (config-if)# ppp callback initiate

    Dallas2 (config)# line1

    Dallas2 (config-line)# callback forced-wait 10 (10=the number of seconds)

    Dallas2 (config-line)# script callback callme (callme is the name of the script)

    The dialer callback-secure command automatically disconnects any calls that are not explicitly set up for callback.

    To configure the callback server

    Dallas2 (config)# interface s1 (select interface)

    Dallas2 (config-if)# (specifies the IP address)

    Dallas2 (config-if)# encapsulation ppp

    Dallas2 (config-if)# ppp callback accept

    Dallas2 (config-if)# dialer callback-secure

    Dallas2 (config-if)# dialer map ip name Austin1 class dial 1512555134 (configures the dialer map)

    Dallas2 (config-if)# dialer group 2 (configures dialer group)

    Dallas2 (config-if)# ppp callback accept (sets PPP for callback)

    Dallas2 (config-if)# ppp authentication PAP

    configure map-class

    To configure the callback client - use the same basic configuration for callback and use the PPP callback request command.


    Compression for PPP

    • Predictor - looks for compressed data does not try to compress.

    • Stacker - compression algorithm sends each data type once. Works on Cisco 700.

    • TCP Header compression - used to compress headers; must be enabled on both sides.

    • MPPC - Microsoft Point to Point Compression protocol allows compressed data from Microsoft clients.

        Passive mode for TCP Header compression will send TCP header compressed if it receives them compressed.

      TroubleShooting PPP

      debug PPP negotiation command is used to troubleshoot LCP and NCP issues.

      show dialer command shows the progress of calls. Used to troubleshoot PAP and CHAP issues.

      Multilink PPP

      Multilink PPP - also referred to as MP; allows additional calls or channels to connect to a host for additional bandwidth. In order to use Multilink with Brand X routers, the routers must comply with RFC1990. Multilink is configured on the interface.

      LCP controls multilink.

      • Works on Cisco 700 series routers

      • Works on routers running Cisco IOS

      • RFC 1900 allows for vendor compatibility

      • Allows packet fragmentation across channels

      • Sequences packets and performs load calculation on lines or channels

        Troubleshooting Multilink

        debug ppp negotiation is used to troubleshoot LCP and NCP issues with Multilink.

        debug dialer may also be useful on troubleshooting multilink. (Displays calling statistics)

        debug ppp multilink is used to troubleshoot LCP and NCP issues with Multilink as well.

        Queuing and Compression

        Weighted Fair - All traffic gets equal priority. FTP gets balanced access. This is the default setting.

        Priority Queuing - Critical traffic goes through. Best for low bandwidth connections. Requires configuration.

        Custom Queuing - Bandwidth is allocated. Designed for higher speed connections.

        Access List can also be used to filter traffic. Access lists are read from top to bottom. If a filter has been set to deny, you cannot set a permit statement lower in the list.

        Priority Queuing - uses priority-list command.

        Dallas2 (config)# priority-list 3 interface bri 0 medium



        stacker - compression based; repeated data replaced with token. Processor intensive.

        Predictor - predicts the next sequence of characters. Memory intensive.

        MPPC - Microsoft Point to Point Compression protocol allows compressed data from Microsoft clients.

        Link compression - USE FOR POINT TO POINT ONLY- Leased, ISDN; compresses payload and header information. The header will not be readable on WAN links on the next hop.

        Payload compression - compresses the data section of the packet.

        Compression for WAN - NO LINK COMPRESSION - can use payload compression. You can use TCP header compression and MPPC.


        AAA - stands for Accounting, Authentication and Authorization. Both RADIUS and TACACS+ servers can be used.

        Cisco Secure is software used for security management and accounting. It uses 3 major components to accomplish this:

        AAA server - interacts with RADIUS and TACACS+ servers

        Netscape Fastrack Server - web browser

        RDBMS - Relational Database Management System

        TACACS is enabled by specifying a host. Example:

        Dallas2 (config)# tacacs-server host

        To use AAA authentication, use TACACS first, then local authentication use the following syntax:

        Dallas2 (config)# aaa authentication login default tacacs+ local


        Network Address Translation - can be used to merge two large networks without having to re-address the whole network. Another function of NAT is overloading inside global addresses, this process is several inside addresses using a single IP address. NAT can also use a pool of addresses or multiple interfaces. NAT uses PAT and a NAT table to keep these translations.

        Configuring NAT on the interfaces - for the inside interface:

        • Specify the interface

        • Dallas1 (config)# interface ethernet0

        • Assign an ip address to interface

        • Dallas1 (config-if)# ip

        • Specify NAT direction

        • Dallas1 (config-if)# ip nat inside

        For the outside interface

        Dallas1 (config)# interface bri0

        • Assign an Internet IP address to interface

        • Dallas1 (config-if)# ip

        • Specify NAT direction

        • Dallas1 (config-if)# ip nat outside

        Troubleshooting NAT

        show ip nat translations command displays current translations.

        clear ip nat translations command clears the entries in the NAT table.

        debug ip nat command per packet output of translations.

        show ip nat statistics command shows the values and timeout periods.


        AS5X00 - are access servers for multiple modems and ISDN interfaces. Considered central office equipment.

        LED's - are located on the routers and can be used to check activity on an interface and to ensure the router has booted properly and hardware has been installed correctly. EN light LED is on when a module has been installed properly.

        Home | Abroad | Academics | Advice | Alumni Associations | Career Watch | Competitive Exams | Career Counseling | Distance Education | Forms | Organisations | Relax Zone | MBA | Engineering | Medical | Humanities | Sciences | Computers ICSE/ISC/CBSE | Scholarship | Loans
         Contact Us | Feedback | Advertise | Disclaimer | Privacy Policy
        ©2000-2001 All rights reserved "DD Web Vision Private Limited"

        Site developed by