Building Cisco Remote Access Networks

Building Cisco Remote Access Networks

1st Edition - November 15, 2000

Write a review

  • Author: Wayne Lawson
  • eBook ISBN: 9780080476148

Purchase options

Purchase options
DRM-free (PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


An increasing number of companies are designing and implementing Remote Access Networks, which allow users who are not physically connected to a Wide Area Network (WAN) or Local Area Network (LAN) to access the network's servers, applications and databases or to participate in video conferencing and conference calls. The ability for a remote user to function as if they were in the next office dramatically improves overall efficiency while reducing total cost of ownership. Cisco Systems, the world's largest internetworking vendor, is the pioneer of the enabling technologies for Remote Access Networks. This book will identify and explain all of the Cisco products necessary for designing and building a remote access network and integrating it with legacy systems.This book is a professional reference detailing all of the strategies, tactics and methods for designing, configuring and maintaining Cisco Remote Access Networks. It will include thorough discussions of all Cisco Access Servers and routers.

Key Features

* Demand for information on remote access networks is growing quickly at corporate and administrator level
* Cisco remote access networks appeal to businesses as they provide efficient and secure connectivity at reduced cost
* Book includes thorough discussions of all Cisco Access Servers and routers

Table of Contents

  • Foreword

    Chapter 1: Introduction to BCRAN and Cisco Remote Access Solutions


    WAN Connection Requirements

    WAN Topology and Specifications

    Connection Types

    WAN Encapsulation Protocols






    Frame Relay


    Selecting Cisco Access Servers and Routers

    700 Series

    800 Series

    900 Series

    1000 Series

    1400 Series

    1600 Series

    1700 Series

    2500 Series

    2600 Series

    3000 VPN Concentrators

    3600 Series

    AS5000 Series

    7100, 7200, and 7500 Series

    Considerations Before Installing a Remote Access Network

    Network Planning and Design

    Remote Access Network Implementation Considerations

    Change Control Procedures

    Backout Plans

    Minimizing Network Interruption

    Coordination of Resources

    Verifying and Troubleshooting Network Installation



    Chapter 2: Configuring Asynchronous Remote Access Connections


    Modem Overview

    Digital Modems

    Modem Signaling and Cabling

    Cisco Console and AUX Port Cabling

    Modem Modulation Standards

    Error Control and Data Compression Methods

    Automatic Repeat Request (ARQ)

    Microcom Networking Protocol (MNP)

    Link Access Procedure for Modems (LAPM)

    Data Compression Protocols

    Configuring an Asynchronous Connection

    Router Configuration

    Chat Scripts

    Providing Asynchronous Dial-in

    Terminal Services

    The Autocommand Feature


    EXEC Callback



    Chapter 3: Using PPP to Provide Remote Network Access


    PPP Overview

    PPP Features



    PPP vs. SLIP and ARAP

    Relevant RFCs

    Configuring PPP


    PPP Addressing Methods

    PPP Link Control Options

    Authentication Failures

    Multichassis Multilink PPP

    Verifying and Troubleshooting PPP

    PPP and Cisco Access Servers

    PPP and ISDN Connections between Cisco Routers

    Providing Remote Access Services for Microsoft Windows Clients

    Microsoft Specific PPP Options

    Windows 95 Clients

    Windows 98 Clients

    Windows NT4 Clients

    Windows 2000 Clients

    Troubleshooting Microsoft Windows Connections



    Chapter 4: Utilizing Virtual Private Network (VPN) Technology for Remote Access Connectivity


    VPN Technology



    DES, Triple Pass DES & 3DES

    VPN Operation

    Cisco VPN Terminology

    Site-to-Site VPN

    An Intranet Solution

    Configuring ISAKMP/IKE

    Configuring IPSec

    An Extranet Solution

    Remote Access VPN

    Configuring IPSec on the Network Access Server

    Service Provider Solution

    Verifying and Debugging VPN Operation

    Advantages and Disadvantages of VPN

    Cisco’s VPN Solutions

    FW Solution (HW Accelerator)

    3000 Series Product Line

    Traditional Router with FW Feature Set

    Policy Manager 2.x (VPN Configuration and Management)



    Chapter 5: Using ISDN and DDR to Enhance Remote Access Connectivity


    ISDN Overview

    Basic Rate Interface (BRI)

    Primary Rate Interface (PRI)

    ISDN Protocol Layers



    ISDN Call Setup and Teardown

    Dial-on-Demand Routing (DDR)

    Interesting Traffic


    Dialer Interfaces

    Configuring ISDN and DDR

    Caller ID Screening

    Routing Issues with DDR

    Static and Default Routes

    Snapshot Routing

    OSPF On-demand Circuits

    Route Redistribution

    Monitoring and Troubleshooting ISDN and DDR

    Monitoring the ISDN Interface

    Monitoring the Dialer

    Monitoring PPP Multilink

    Monitoring Snapshot Routing

    Troubleshooting ISDN and DDR




    Chapter 6: Enabling Dial-on-Demand Routing (DDR)


    Dialer Rotary Groups

    Configuring Dialer Rotary Groups

    Dialer Profiles

    Physical Interface

    Dialer List

    Dialer Interface

    Dialer Pool

    Map Class

    Configuring Dialer Profiles

    Virtual Profiles

    Fine Tuning Connections

    Dialer Lists

    Dialer Timers




    Chapter 7: Configuring and Backing Up Permanent Connections


    Configuring Point-to-Point Connections

    X.25 Connections

    X.25 Overview

    X.25 Virtual Circuits

    Configuring X.25

    Verifying and Troubleshooting X.25 Connections

    Frame Relay Connections

    Frame Relay Overview

    Frame Relay Topologies

    Configuring Frame Relay

    Verifying and Troubleshooting Frame Relay

    Loopback Tests

    Frame Relay Traffic Shaping (FRTS)

    Configuring Traffic Shaping

    Verifying Traffic Shaping

    ATM Connections

    ATM Overview

    ATM Virtual Circuits

    Configuring ATM

    Verifying and Troubleshooting ATM Connections

    Backing up Permanent Connections

    Backup Interface

    The backup load Command

    Floating Static Routes and Default Routes

    Dialer Watch

    Verifying and Troubleshooting Backup Connections



    Chapter 8: Securing your Remote Access Network


    What is a Firewall?

    Cisco IOS Firewall Feature Set

    Firewall Feature Set Benefits and Features

    AAA Overview



    Security Protocols

    Remote Authentication Dial-in User Service (RADIUS)

    Terminal Access Controller Access Control System Plus(TACACS+)

    Comparing TACACS+ and RADIUS

    Using RADIUS and TACACS+ for AAA Services

    Configuring AAA

    Enabling AAA

    Configuring the RADIUS or TACACS+ Parameters

    Configuring AAA Authentication

    Configuring AAA Authorization

    Configuring AAA Accounting

    Virtual Profiles and AAA

    Scenario 1: Virtual Profiles Using Virtual Templates

    Scenario 2: Virtual Profiles Using AAA Configuration

    Scenario 3: Virtual Profiles Using Virtual Templates and AAA Configuration

    Configuring Virtual Profiles

    Per-User Configuration Example

    Monitoring and Verifying AAA Access Control

    AAA Debug And Show Commands




    Chapter 9: Optimizing Network Performance with Queuing and Compression


    Network Performance

    Queuing Overview

    Queuing Methods and Configuration

    Selecting a Cisco IOS Queuing Method

    Verifying Queuing Operation

    Weighted Random Early Detection (WRED) Overview

    Tail Drop

    Weighted Random Early Detection (WRED)

    Flow-based WRED

    Data Compression Overview

    Hardware Compression

    Selecting a Cisco IOS Compression Method

    Verifying Compression Operation



    Chapter 10: Requirements for Network Address Translation in Remote Access Networks


    NAT Overview


    NAT Operation

    Traffic Types Supported

    NAT Commands

    Translate Inside Source Addresses

    Dynamic Translation

    Configuring Dynamic NAT

    Dynamic NAT Translation Screen Captures

    Address Overloading

    Configuring Address Overloading

    Address Overloading Screen Captures

    Static Translation

    Configuring Static NAT Translations

    Static NAT Translation Output

    Dual Address Translation (Overlapping Networks)

    Configuring Overlapping Networks

    TCP Load Distribution

    Configuring TCP Load Distribution

    Output Showing TCP Load Distribution

    Changing NAT Timeouts

    NAT to an ISP

    NAT to an ISP using Easy IP

    Easy IP Operation

    PAT to an ISP Using a Cisco 700 Series Router




    Chapter 11: Private Addressing and Subnetting Large Networks


    Strategies to Conserve Addresses

    Classless Inter-Domain Routing (CIDR)

    Variable-Length Subnet Mask (VLSM)

    Private Addresses

    Addressing Economics

    An Appeal

    Public vs Private Address Spaces

    Can I Pick My Own?

    RFC 1918—Private Network Addresses

    The Three Address Blocks


    Which to Use When

    Strategy for Subnetting a Class A Private Network

    The Network

    The Strategy

    Address Assignment


    BGP Requirements

    IBGP and EBGP Requirements

    Loopback Interfaces



    Appendix: Implementing the Windows 2000 Servers


    Installing Windows 2000

    Overview of a Scripted Installation

    Overview of Disk Duplication Methods

    Windows 2000 Setup Phases

    Installing the Active Directory

    Which Domain First?

    Which Server First?


    Installing the Recovery Console

    Populating a Domain with Organizational Units(OUs) and Objects

    Setting Up Sites

    Installing and Configuring Windows 2000 Components

    Configuring DNS

    Configuring the Distributed File System

    Public Key Infrastructure

    Internet Information Services

    Asynchronous Transfer Mode

    Terminal Services

    Configuring Routing and Remote Access Services



    Case Studies

    ABC Chemical Company

    West Coast Accounting




Product details

  • No. of pages: 608
  • Language: English
  • Copyright: © Syngress 2000
  • Published: November 15, 2000
  • Imprint: Syngress
  • eBook ISBN: 9780080476148

About the Author

Wayne Lawson

Wayne A. Lawson II (CCIE # 5244) currently with iPexpert, Inc., formerly a Systems Engineer with Cisco Systems in Southfield, Michigan. With over 9 years of experience in the IT industry, his certifications include the Cisco CCIE, CCNA, & CCDA, Nortel Networks NNCSE, Certified Network Expert (CNX) Ethernet, Microsoft MCSE, Novell CNE, and Banyan Systems CBE. His core area of expertise is in the Routed Wide Area Network (WAN) arena as well as the Campus Switching arena.

Ratings and Reviews

Write a review

There are currently no reviews for "Building Cisco Remote Access Networks"