RouterGeek - How to Configure BRI ISDN in a Cisco Router

Home

Monday, 05 January 2009

Home

Hints and Tips

How to Configure BRI ISDN in a Cisco Router

Cisco Routers

Subscribe To Our Feed

Get Weekly Email Updates
Name E-mail Subscribe Unsubscribe

Bookmark this page on
View blog reactions

How to Configure BRI ISDN in a Cisco Router

| Print |

E-mail

Cisco Routers - General

Written by Mohammed Alani

Friday, 20 April 2007

When would you need this: When you have ISDN WAN link and you want the router to use it.

Special Requirements: The router should have BRI interface(s).

There are two ways to configure ISDN in a Cisco router. The first one is to setup the ISDN connection to be always on. This method will be very costly because most ISDN service providers charge not only by monthly subscription, but by the amount of data that you transfer. Having the connection opened 24/7, will cause extra expenses because all kinds of traffic will pass through the ISDN link.

The second method is Dial on Demand Routing (DDR). DDR employs a mechanism that filters the traffic into interesting (worth connecting for) and non-interesting (not worth it). Using the DDR the call scenario will be that the router does not setup the connection until “Interesting” traffic needs to be routed to the other side. Once the connection is setup, ALL kinds of traffic (interesting and non-interesting) will pass unless you filter the passing traffic with an access-list. Then, the router sets a down-counter (idle-timer), and if no interesting traffic comes in and the timer goes to zero, the connection is terminated. If interesting traffic comes in before the idle-timer is finished, the traffic is passed and the idle-timer is reset. What made this function possible is the very small call-setup time in ISDN.

If you are connecting two nodes using ISDN, keep reading. However if you are connecting more than two nodes, you will need to refer to this procedure for configuring DDR Dialer Profiles.

Configuring Dial-on-Demand-Routing ISDN:

1. The first thing to do is to setup routing. Static routing is usually preferred with DDR. Setting dynamic routing protocol, will cause the link to be on all (or most) of the time. Thus, static routing is a better solution. You can setup dynamic routing and tune it a bit for the DDR. This tuning might include changing the timers of routing updates.

I will give an example of static routing;

Router(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1

Router(config)#ip route 192.168.2.1 255.255.255.255 bri0

Or, a default route,

Router(config)#ip route 0.0.0.0 0.0.0.0 bri0

Remember that you need to setup routing on both ends of the WAN link.

2. Specify the type of the ISDN switch. This piece of information should be provided to you by the ISDN service provider. You can issue this command,

Router(config)#isdn switch-type SSSSS

where SSSSS is the ISDN switch type. Issuing this command in the global configuration mode will cause ALL your ISDN interfaces to be set to use this type of switch. You can set different types of switches for different interfaces if you issue the command in the interface configuration mode like the following example:

Router(config)#int bri0

Router(config-if)#isdn switch-type SSSS1

Router(config-if)#int bri1

Router(config-if)#isdn switch-type SSSS2

After defining the switch type, identify the SPIDs in the BRI interface configuration mode,

Router(config-if)#isdn spid1 XXXXXXX YYY

Router(config-if)#isdn spid2 XXXXXXX YYY

The numbers used here should be provided to you by the ISDN service provider. Most providers in Europe do not use SPIDs in their ISDN networks. So, unless you are supplied with SPID numbers from the provider, just neglect all the commands of setting SPIDs in this procedure.

3. Specify interesting traffic to the router. This traffic is defined as the traffic permitted by a command named ‘dialer-list’ as a similar to ‘access-list’.

This can be done in two ways; the first is to use the following command,

Router(config)#dialer-list X protocol YY permit

where X is the dialer-list number and YY is the protocol you want to permit. And you can use ‘deny’ instead of the ‘permit’ part. This is not a very powerful way of defining the interesting traffic. Thus, I recommend the second way. The second way is to do a complete access-list permitting the traffic that we want the router to consider interesting, and then attach it to a dialer-list.

We create the access-list the exact same way we create any other access-list, but we do not apply it to an interface, but instead, we associate it with a dialer-list. All the traffic permitted by this access-list, will be considered interesting. An example is the following:

Router(config)#access-list YYY deny tcp any any telnet

Router(config)#access-list YYY deny icmp any any

Router(config)#access-list YYY permit ip any any

And the step that will associate the access-list to the dialer-list is:

Router(config)#dialer-list X protocol ip list YYY

where X is the dialer-list number and YYY is the access-list number. These two numbers do not need to be the same.

Please remember that this dialer-list and access-list does NOT filter the traffic outgoing through the ISDN interface, it just chooses which traffic is entitled to initiate a call. Once the call is setup, ALL traffic willing to pass through the ISDN link will pass. If you want to filter the traffic that is passing through the ISDN interface, create another access-list for that with the filters that you find appropriate and apply it to the BRI or PRI interface as you do to any other type of interface.

4. Setup the encapsulation protocol, PPP. Using PAP authentication does not provide that much of security, so we will use CHAP for authentication.

The first thing to do to configure PPP to use CHAP is to set a username and a password.

Router(config)#username USER password PASS

where USER is the username and PASS is the password. The username should be the hostname of the other end and the password is the secret password of the other end. If you like to use different usernames and passwords, please refer to the PPP configuration procedure .

Then, move into the interface configuration mode of the ISDN interface,

Router(config)#int bri X/X

Now, set an IP address and a subnet mask for the interface,

Router(config-if)#ip address XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY

Set the encapsulation and authentication types;

Router(config-if)#encapsulation ppp

Router(config-if)#ppp authentication chap

5. Apply the dialer-list to the interface,

Router(config-if)#dialer-group X

where X is the dialer-list that was setup in step 3.

6. Define the idle-timeout that you find appropriate for each call,

Router(config-if)#dialer idle-timeout ZZZ

where ZZZ is the duration of the call in seconds (default is usually 120 seconds). The idle-timeout is the period of time in which the call will remain unterminated waiting for more interesting traffic. If more interesting traffic comes in before the timer is over, the timers will be reset. If no interesting traffic comes in, the call will be terminated even if there was non-interesting traffic being transferred.

7. If you are using this link between to points only and your router will be dialing only one destination using the ISDN network, use the following command to set the dialer string:

Router(config-if)#dialer string XXXXX

where XXXXX is the dialer string that is provided to you by the service provider. This dialer string is similar to the phone number that you dial in the regular PSTN. So, you command the router to dial the string of the other side not your side.

For further security, you can use a different command that associates the dialing to a destination IP address with a username and a dialer string,

Router(config-if)#dialer map ip YYY.YYY.YYY.YYY name USER XXXXX

where YYY.YYY.YYY.YYY is the IP address of the other end of the ISDN link

USER is the same username that you have setup to use with PPP

XXXXX is the dialer string of the other end of the ISDN link.

8. You can optionally use the following command to set up a threshold of load on which the second channel (in a BRI link) becomes active.

Router(config-if)#dialer load-threshold VVV either

where VVV is a number between 1 and 255, 1 being the minimum load and 255 being %100 load on the first channel. This means that this command tells the router to activate the second channel once the first one is VVV/255 loaded.

9. You can check the operation of the ISDN using the following commands;

Router#show isdn active

Router#show isdn status

Router#show dialer

and

Router#debug isdn q921

Router#debug isdn q931

Router#debug dialer

Comments

Only registered users can write comments.
Please login or register.

Thank you for leaving a comment

[ Back ]

RouterGeek Store
Take a look into RouterGeek Store

Polls

Bookmark Us

Who's Online
We have 5 guests online

Hit Count

Latest Articles
How to Configure a Cisco Router as a DHCP Client How to Configure Site-to-Site VPN in Cisco Routers 10 ‘show’ Commands Everybody Needs in Cisco Routers Hints and Tips Before Upgrading the IOS of a Cisco Router Understanding the IOS File Name Convention

Popular Articles
How to Upgrade IOS of a Cisco Router Using HyperTerminal How to Configure DHCP on a Cisco Router How to Upgrade IOS on a Cisco Router How to Configure Inter-VLAN Routing on a Cisco Router How to Configure Site-to-Site VPN in Cisco Routers