Basic Interface Settings on Cisco IOS Routers
Note |
From version 4.17, though Cisco Security Manager continues to support IOS features/functionality, it does not support any bug fixes or enhancements. |
You typically add interfaces to Security Manager by performing discovery, as described in Discovering Policies. After you have discovered the interfaces, you can modify the properties of each interface.
You can also use Security Manager to configure physical and virtual interfaces manually. This is useful when you modify interface configurations of existing devices, and makes it possible for you to configure all the interfaces of a device before you physically add the device to the network.
Related Topics
Available Interface Types
Table 1 describes the types of interfaces that can be configured on Cisco IOS routers.
Type |
Description |
||
---|---|---|---|
Null |
Null interface. |
||
Analysis-module |
A Fast Ethernet interface that connects to the internal interface on the Network Analysis Module (NAM).
|
||
Async |
Port line used as an asynchronous interface. |
||
ATM |
ATM interface. |
||
BRI |
ISDN BRI interface. This interface configuration propagates to each B channel. B channels cannot be configured individually.
|
||
BVI |
Bridge-group virtual interface. BVI interfaces are used to route traffic at Layer 3 to the interfaces in a bridge group. |
||
Content-engine |
Content engine (CE) network module interface.
|
||
Dialer |
Dialer interface. |
||
Ethernet |
Ethernet IEEE 802.3 interface. |
||
Fast Ethernet |
100-Mbps Ethernet interface. |
||
FDDI |
Fiber Distributed Data Interface. |
||
Gigabit Ethernet |
1000-Mbps Ethernet interface. |
||
Group-Async |
Main asynchronous interface. This interface type creates a single asynchronous interfaces to which other interfaces are associated. This one-to-many configuration enables you to configure all associated member interfaces by configuring the main interface. |
||
HSSI |
High-Speed Serial Interface. |
||
Loopback |
A logical interface that emulates an interface that is always up. For example, having a loopback interface on the router prevents a loss of adjacency with neighboring OSPF routers if the physical interfaces on the router go down. The name of a loopback interface must end with a number ranging from 0-2147483647.
|
||
Multilink |
Multilink interface. A logical interface used for multilink PPP (MLP). |
||
Port channel |
Port channel interface. This interface type enables you to bundle multiple point-to-point Fast Ethernet links into one logical link. It provides bidirectional bandwidth of up to 800 Mbps. |
||
POS |
Packet OC-3 interface on the Packet-over-SONET (POS) interface processor. |
||
PRI |
ISDN PRI interface. Includes 23/30 B-channels and one D-channel. |
||
Serial |
Serial interface. |
||
Switch |
Switch interface. |
||
Ten Gigabit Ethernet |
10000-Mbps Ethernet interface. |
||
Token Ring |
Token Ring interface. |
||
Tunnel |
Tunnel interface.
|
||
VG-AnyLAN |
100VG-AnyLAN port adapter. |
||
VLAN |
Virtual LAN subinterface. |
||
Virtual Template |
Virtual template interface. When a user dials in, a predefined configuration template is used to configure a virtual access interface; when the user is done, the virtual access interface goes down and the resources are freed for other dial-in uses. |
Related Topics
Defining Basic Router Interface Settings
When you define an interface or subinterface for a Cisco IOS router, you name it, specify how it is assigned an IP address, and optionally define other properties, such as the speed, maximum transmission unit (MTU), and the encapsulation type.
Note |
Basic interface settings are always local to the device on which they are configured. You cannot share this policy with other devices. You can, however, share advanced interface settings. For more information, see Advanced Interface Settings on Cisco IOS Routers. |
Related Topics
Procedure
Step 1 |
In Device view, select from the Policy selector.The Router Interfaces Page is displayed. |
||||||||
Step 2 |
To add a new interface or subinterface, click the Add Row button to open the Create Router Interface dialog box. To edit an existing interface or subinterface, select it in the Interfaces table, and then click the Edit Row button to open the Edit Router Interface dialog box. Refer to Create Router Interface Dialog Box for descriptions of the fields in these dialog boxes. |
||||||||
Step 3 |
Select Enabled to have Security Manager actively manage this interface or subinterface. If this option is deselected, the interface/subinterface definition is retained, but the interface/subinterface itself is disabled (or “shutdown”). |
||||||||
Step 4 |
Choose Interface or Subinterface from the Type list. |
||||||||
Step 5 |
If you are creating an interface, enter a name for the interface. You can click Select to open a dialog box that will help you generate a standard name based on interface type and details about the interface’s location, such as card, slot, and subinterface. For more information on using the dialog box to generate an interface name, see Interface Auto Name Generator Dialog Box.
|
||||||||
Step 6 |
If you are creating a subinterface, provide the following: |
||||||||
Step 7 |
To specify a Layer Type, choose a Level 2 (data link) or Level 3 (network) option from this list. |
||||||||
Step 8 |
Choose a method of IP address assignment for this interface/subinterface, then provide additional information, as required:
|
||||||||
Step 9 |
Define additional properties of the interface/subinterface:
Auto-negotiation detects the capabilities of remote devices and negotiates the best possible performance between the two devices. When Negotiation is enabled, the Fast Ethernet Duplex and Speed options are disabled.
|
||||||||
Step 10 |
Choose an encapsulation method from the Encapsulation list:
|
||||||||
Step 11 |
(Optional) Enter a description of up to 1024 characters for the interface. |
||||||||
Step 12 |
Click OK to save the interface/subinterface definition and close the dialog box. The new interface is displayed on the Router Interfaces page. Subinterfaces are displayed beneath the parent interface. |
Deleting a Cisco IOS Router Interface
Although you can delete the definition of a virtual interface at any time, use this option with great care. If the interface is included in any policy definitions that exist for this router, deleting the interface causes these policy definitions to fail when they are deployed to the device.
Note |
Deleting the basic interface definition does not delete any advanced settings that are configured under . You must delete these advanced settings separately. If you fail to do so, deployment fails. |
Note |
Deleting the definition of a physical interface from the Router Interfaces page does not remove the interface from the device. If you perform this operation by mistake, you can perform rediscovery to restore the definition to Security Manager. For more information, see Discovering Policies on Devices Already in Security Manager. |
Related Topics
Procedure
Step 1 |
Click the Device View button on the toolbar. |
Step 2 |
Select a router from the Device selector. |
Step 3 |
Select Table 1 for an explanation of the fields on this page. from the Policy selector. The Router Interfaces page is displayed. See |
Step 4 |
Select an interface from the table, then click the Delete button. The interface is deleted. |