Cisco CP Express User Guide

思科CP用户指南

Cisco CP Express User Guide

Americas Headquarters

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, CA 95134-1706

USA

http://www.77cn.com.cn

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408

527-0883

Customer Order Number:

Text Part Number: OL-15296-06

思科CP用户指南

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at http://www.77cn.com.cn/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Cisco CP Express User Guide

© 2010 Cisco Systems, Inc. All rights reserved.

思科CP用户指南

CONTENTS

CHAPTER 1Cisco CP Express Wizard 1

Getting Started with Cisco CP Express 2

Cisco CP Express Interface 2

Cisco CP Express and CCP 3

Screen Reference 3

Welcome 3

Giving the Router a Basic Configuration 4

Basic Configuration Reference 4

Basic Configuration 4

Provisioning the Router 6

Router Provisioning 6

Provision From USB Token 7

Provision From USB Flash 8

File Selection 9

CNS Server Information 10

Configuring the Wireless Interface 11

Wireless Interface Configuration 11

Configuring the LAN Interface 12

LAN Interface Configuration 12

DHCP Server Configuration 14

Configuring a Wireless Access Point 16

Autonomous Wireless Configuration 16

Wireless-LWAPP Host Router Configuration 18

Configuring a Wide Area Network Interface 19

Cisco CP Express User Guide

OL-15296-06iii

思科CP用户指南

WAN Reference 19

WAN Interface Selection 20

Internet (WAN): Ethernet Interface 21

Internet (WAN): Autodetect Encapsulation 23

Internet (WAN): User Specified Encapsulation 23

Serial Connection 26

Frame Relay Configuration Settings 27

Internet (WAN): Advanced Options 28

Internet (WAN): Cable Modem 29

Add Cable Modem Connection 29

Authentication 30

Configuring a Firewall 30

Firewall Configuration 31

Configuring Security Settings 32

Security Settings 34

Summary 36

Teleworker Support 37

Supplementary Help 37

Cisco Configuration Professional 38

Cisco Network Services 38

Security Settings 40

Disable SNMP 40

Disable Finger Service 40

Disable PAD Service 41

Disable TCP Small Servers Service 41

Disable UDP Small Servers Service 42

Disable IP BOOTP Server Service 43

Disable IP Identification Service 43

Disable CDP 44

Disable IP Source Route 44

Cisco CP Express User Guide

ivOL-15296-06

思科CP用户指南

Enable Password Encryption Service 45

Enable Netflow Switching 45

Enable TCP Keepalives for Inbound Telnet Sessions 46

Enable TCP Keepalives for Outbound Telnet Sessions 46

Enable Sequence Numbers and Time Stamps on Debugs 46

Enable IP CEF 47

Set Scheduler Interval 47

Set Scheduler Allocate 47

Set TCP Synwait Time 48

Enable Logging 48

Enable Unicast RPF on Outside Interfaces 49

Disable IP Gratuitous ARPs 50

Disable IP Redirects 50

Disable IP Proxy ARP 50

Disable IP Directed Broadcast 51

Disable MOP Service 52

Disable IP Unreachables 52

Disable IP Mask Reply 52

Set Minimum Password Length to Less Than 6 Characters 53

Set Authentication Failure Rate to Less Than 3 Retries 53

Set Banner 54

Enable Telnet Settings 54

Enable SSH for Access to the Router 55

Cisco CP Express Buttons 56

Reconnecting to the Router After Initial Configuration 57

Testing Your WAN (Internet) Connection 58

SDP Troubleshooting Tips 58

CHAPTER 2Cisco CP Express Edit Mode 1

Getting an Overview of Router Configuration 1

Cisco CP Express User GuideOL-15296-06v

思科CP用户指南

Overview 2

Editing the Basic Configuration 3

Basic Configuration Reference 4

Basic Configuration 4

Edit a Username 5

Editing the LAN and Wireless Configuration 5

LAN and Wireless Reference 7

LAN 7

Wireless 7

Editing the WAN Configuration 8

WAN Screen Reference 8

Edit Cable Modem Connection 8

WAN—Unable to Configure WAN Interface 9

No WAN Available 9

Delete Connection 10

Enabling or Disabling a WAN Connection 10

Editing the Default Route 11

Default Route Reference 11

Routing 11

Editing Security Settings 12

Security Settings Reference 12

Security Settings 12

Tools 14

Ping 15

Update Location 16

Update Cisco CP from http://www.77cn.com.cn 17

Update Cisco CP from Local PC 17

Update Cisco CP from CD 18

Reset to Factory Defaults 18

Cisco CP Express User Guide

viOL-15296-06

思科CP用户指南

Reset to Factory Defaults 18

Reconfiguring Your PC with a Dynamic or a Static IP Address 20

Other Cisco CP Express Screens 22

Date and Time Properties 22

CCO Login 23

Feature Not Available 24

Cisco CP Express User GuideOL-15296-06vii

思科CP用户指南

Cisco CP Express User Guide

viiiOL-15296-06

思科CP用户指南

CHAPTER1

Cisco CP Express Wizard

These help topics introduce Cisco Configuration Professional Express

(Cisco CP Express) wizard, describe the configurations you can perform with it,

and explain the information required in each Cisco CP Express screen.

This chapter contains the following sections:

Getting Started with Cisco CP ExpressGiving the Router a Basic ConfigurationProvisioning the RouterConfiguring the Wireless InterfaceConfiguring the LAN InterfaceConfiguring a Wireless Access PointConfiguring a Wide Area Network InterfaceConfiguring a FirewallConfiguring Security SettingsSummaryTeleworker SupportSupplementary Help

Cisco CP Express User Guide

OL-15296-061-1

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Getting Started with Cisco CP Express

The Cisco CP Express windows guide you through initial configuration of the

router. With Cisco CP Express, you can provide the following configurations for

the router:

Local Area Network (LAN) configuration.DHCP Server ConfigurationWide Area Network (WAN)FirewallSecurity Settings.Router Provisioning

After you complete the Cisco CP Express wizard and deliver the configuration to

the router, you can continue to use Cisco CP Express to modify the configuration

if that is necessary.

Cisco CP Express Interface

Cisco CP Express has three types of windows:

The Overview screen—This window provides a snapshot of basic router

information, enabling you to verify information at a glance without that you

enter a configuration screen.

Wizard screens—The first time that you run Cisco CP Express, you use the

wizard screens. These screens guide you through the essential parts of the

router configuration so that the router can start functioning on the network.

Firewall, and security settings are included so that the router and the LAN

that it serves are secure. The left pane of each screen shows you which part

of the configuration you are completing. The right pane contains the

configuration fields. If you need more information on a screen, just click the

question mark (?) icon at the top of the screen.

Edit screens—After you have completed initial configuration, you can return

to Cisco CP Express to modify the router configuration if you need to do so.

Cisco CP Express User Guide

1-2OL-15296-06

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Cisco CP Express and CCP

Cisco CP Express allows you to provide the router with the configuration

essentials so that it can start working on the network.

Cisco Configuration Professional (Cisco CP) allows you to perform more

advanced configurations on the router, such as Virtual Private Network (VPN)

configurations, Intrusion Prevention System (IPS) configurations, and Network If

Cisco CP is installed on the PC, you can start it on the PC and then provide the IP

address of the router that you want to configure.

Screen Reference

The following topics describe the screens and dialog boxes that you use when

viewing router information and getting started with Cisco CP Express:

WelcomeOverview

Welcome

This wizard guides you through a basic configuration that will help you do the

following:

Name the router.Specify a username and specify passwords.You can configure the router manually using the Cisco CP Express wizard, or

provision it with a configuration file loaded from a USB token or a USB flash

device, Secure Device Provisioning (SDP), or Cisco Network Services, if

supported by your Cisco IOS release.

If you use Cisco Network Services to configure your router, you can provide

Cisco Network Services parameters that will enable the router to contact a

Cisco Network Services server and obtain a configuration.

Change the factory default LAN IP address.

This task is bypassed if SDP or Cisco Network Services is chosen for

provisioning the router.

Create a DHCP address pool for the LAN.

Cisco CP Express User GuideOL-15296-061-3

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

This task is bypassed if SDP or Cisco Network Services is chosen for

provisioning the router.

Identify DNS servers and your organization's domain name. Consult your

network administrator or Internet service provider for this information.

This task is bypassed if SDP or Cisco Network Services is chosen for

provisioning the router.

Create a WAN connection.Create a firewall for the LAN and WAN connections.Make settings that will enhance network security and performance.

To configure additional interfaces, and to make more advanced configuration

settings, use Cisco CP. See Cisco Configuration Professional for more

information.

Giving the Router a Basic Configuration

A basic configuration gives the router a name, creates a user account with a

password, and creates the enable secret password. See the following section for

more information.

Basic Configuration Reference

Basic Configuration Reference

The following topic describes the Basic Configuration screen.

Basic Configuration

Basic Configuration

The Basic Configuration window lets you name the router that you are

configuring, enter the domain name for your organization, and control access to

Cisco CP Express, Cisco Configuration Professional (Cisco CP), and the CLI.

Cisco CP Express User Guide

1-4OL-15296-06

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Hostname

Enter the name you want to give the router.

Domain Name

Enter the domain name for your organization. An example of a domain name is

http://www.77cn.com.cn, but your domain name might end with a different suffix, such as .org

or .net.

Username and Password

You must set the username and password for Cisco CP Express users and Telnet

users.

NoteYou will use the username and password you set in this window the next time you use Cisco CP Express, and thereafter, unless you change it. Make the password

difficult to guess but easy for you to remember.

Username

Enter a username.

Enter New Password

Enter the new password. The password must be at least 6 characters.

Reenter New Password

Reenter the new password for confirmation.

Enable Secret Password

The enable secret password controls access to privileged EXEC mode by users

who are accessing the router by means of Telnet or the console port. In privileged

EXEC mode, users can make configuration changes and have access to other

commands not available outside of this mode. You must enter the enable secret

password in the Enter Password field, and reenter it in the Reenter Password

field for confirmation. The password must be 6 characters or more.

Cisco CP Express User GuideOL-15296-061-5

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Choose an enable secret password that you will remember but that will be difficult for others to guess. You will not be able to read it by viewing the configuration

file because it is stored in encrypted form.Note

Provisioning the Router

You can use Cisco CP Express to retrieve a configuration file from a network

server, or from a USB flash device or token and load it in router memory.

The following topics describe the Cisco CP Express provisioning screens:

Router ProvisioningProvision From USB TokenProvision From USB FlashFile SelectionCNS Server Information

Router Provisioning

This window lists the options available for provisioning your router. Some of

these options appear only if supported by your Cisco IOS release.

Cisco CP Express

Choose this option to use Cisco CP Express to manually provision your router.

USB Token or USB Flash

Choose this option if you have a USB token or USB flash device attached to your

router and it contains the appropriate configuration file.

Cisco CP Express User Guide

1-6OL-15296-06

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

If both a USB token and a USB flash device are connected to your router,

Cisco CP Express will use the USB token. If you want to use the USB flash device connected to your router, all USB tokens must be removed from your router before

running Cisco CP Express.Note

Secure Device Provisioning

Choose Secure Device Provisioning (SDP) if your network administrator has

given you information for provisioning your router with SDP.

Ensure the following before choosing the SDP option:

There is IP connectivity between your router and the SDP server. Your web browser supports JavaScript.

If you choose SDP, a new browser window will automatically open after you

complete the Cisco CP Express wizard. The new browser window contains a

wizard that guides you in provisioning your router with SDP.

For more information about SDP, go to

http://www.77cn.com.cn/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtadintr.html

CNS Server

If your service provider has given you Cisco Network Services server

information, choose this option. Click Cisco Network Services for more

information.

Provision From USB Token

This window allows you to provision your router with a CCCD configuration file

loaded from a USB token connected to your router. CCCD files are boot

configuration files that can be loaded on USB tokens using TMS software.

Cisco CP Express User GuideOL-15296-061-7

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

This window appears only if a USB token is connected to your router. If both a

USB token and a USB flash device are connected to your router,

Cisco CP Express will use the USB token. If you want to use the USB flash device connected to your router, all USB tokens must be removed from your router before

running Cisco CP Express.

When you provision your router with a CCCD configuration file, the file is

merged with the running configuration, and it also becomes part of the startup

configuration.

Cisco CP does not check the validity of configuration files you use to provision your router. Be sure that the contents of the configuration file you plan to use

contain the appropriate settings.To provision your router from a USB token, follow these steps:

Step 1

Step 2NoteCautionChoose the USB token name from the Token Name drop-down menu. Choose Specify device and PIN and enter a PIN in the Token PIN field if you do

not want to use the default PIN to log in to the USB token.

If you choose Specify device and default PIN, the default PIN 1234567890 is

used to log in to the USB token.

Step 3Click Login to log in to the USB token.

If you are unable to log in to the USB token, your router cannot be provisioned

from the USB token. Click the Back button and choose a different method to

provision your router.

Step 4Click Preview CCCD to display the contents of the file in the lower pane.

Provision From USB Flash

This window allows you to provision your router with a configuration file loaded

from a USB flash device connected to your router. This window appears only if a

USB flash device is connected to your router.

Cisco CP Express User Guide

1-8OL-15296-06

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

When you provision your router with a configuration file, the file is merged with

the running configuration, and it also becomes part of the startup configuration.

Cisco CP does not check the validity of configuration files you use to provision your router. Be sure that the contents of the configuration file you plan to use

contain the appropriate data.To provision your router from a USB flash device, follow these steps:

Step 1CautionEnter the name of the configuration file, with full path, in the File Name field, or

click Browse to open a file selection window.

The file must have the extension .cfg or the filename must be a CCCD file. CCCD

files are boot configuration files.

Step 2Click Preview File to display the contents of the file in the lower pane.

File Selection

This window allows you to load a file from your router. Only DOSFS file systems

can be viewed in this window.

The left side of window displays an expandible tree representing the directory

system on your Cisco router flash memory and on USB devices connected to that

router.

The right side of the window displays a list of the names of the files and

directories found in the directory that is specified in the left side of the window.

It also shows the size of each file in bytes, and the date and time each file and

directory was last modified.

You can choose a file to load in the list on the right side of the window. Below the

list of files is a Filename field containing the full path of the specified file.

NoteIf you are choosing a configuration file to provision your router, the file must be

a CCCD file or have a .cfg extension.

Cisco CP Express User GuideOL-15296-061-9

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Name

Click Name to order the files and directories alphabetically based on name.

Clicking Name again will reverse the order.

Size

Click Size to order the files and directories by size. Directories always have a size

of zero bytes, even if they are not empty. Clicking Size again will reverse the

order.

Time Modified

Click Time Modified to order the files and directories based on modification date

and time. Clicking Time Modified again will reverse the order.

CNS Server Information

This window appears if you configured a WAN connection and chose to provision

the router using the Cisco Network Services option. It lets you to enter the

Cisco Network Services server information given to you by your service provider.

Enter the IP address and login information of the Cisco Network Services server

so that Cisco CP Express can retrieve configuration information for your router.

Enter the CNS Server IP Address /Hostname

You must enter either the IP address or hostname of the Cisco Network Services

server on your network. If you enter a hostname, you will have to provide the IP

address of a DNS server able to resolve the hostname to an IP address.

Enter the CNS ID String

You must enter the device ID required to obtain the configuration file from the

Cisco Network Services server.

Enter the CNS Password

Enter the password used to log in to the Cisco Network Services server with the

user ID entered above.

Cisco CP Express User Guide

1-10OL-15296-06

思科CP用户指南

Chapter 1 Cisco CP Express Wizard

Primary DNS

Enter the IP address of the primary Domain Name Server (DNS) that the router

will use. Your network administrator or service provider will provide you with the

IP address.

The primary DNS server is the server that the router contacts first when

attempting to resolve an IP address.

NoteIf you enter a hostname to identify a Cisco Network Services server in the Enter the CNS Server IP Address /Hostname field, you must enter the IP address of a

DNS server in the Primary DNS field.

Secondary DNS

Enter the IP address of the secondary domain name Server that the router will use,

if one is available. Your network administrator or service provider will provide

you with the IP address.

The secondary DNS server is the server that the router contacts if the primary

server is not available.

Configuring the Wireless Interface

Cisco CP Express enables you to bridge the router wireless interface with a router

LAN interface. Additionally, you can launch the Wireless Management

application from Cisco CP Express.

The following topic describes the Wireless Interface Configuration screen:

Wireless Interface Configuration

Wireless Interface Configuration

To configure the router wireless interface, click Yes. Cisco CP Express will

configure the router to bridge wireless traffic to the LAN interface. Click No if

you do not want to configure the wireless interface. You can still configure LAN

interface settings if you click No.

Cisco CP Express User GuideOL-15296-061-11

本文来源：https://www.bwwdw.com/article/jiqi.html