CISCO ASR1001-X Aggregation Services Router
The ASR 1000 Series Aggregation Services Routers from Cisco are routers designed for the mid-range edge market, providing enterprise and service providers with a new class of price-to-performance benefits. These routers utilize an innovative custom-built ASIC known as Quantum Flow Processor to aggregate services at scale.
Among the routers in the ASR 1000 Series is the ASR 1001-X Router, which features a compact form factor that consumes less rack space and power while still offering a 20 Gbps forwarding throughput. The ASR 1001-X Router also supports all of the general-purpose routing and security features that are present in the Cisco ASR 1000 Series Aggregation Services Routers.
We will talk today about how to configure the ASR1001-X router. Primarily this will be cover the initial installation and configuration of the router. For that lets begin by taking a look at the technical specifications of the ASR1001-X router.
CISCO ASR1001-X Technical Specifications
The Cisco ASR 1001-X Router technical specifications are as below:
- Up to 16 GB (8 GB in the base configuration) of DDR3 error-correcting code-protected field-replaceable memory, with single-bit error correction and multi-bit error detection.
- A nonmodular and fixed Embedded Services Processor (ESP) with a default throughput of 2.5 Gbps that is upgradable with a software-activated performance license of 5 Gbps, 10 Gbps, or 20 Gbps.
- Up to 8 Gbps security and crypto processing through a dedicated security processor.
- RJ-45 console ports and auxiliary ports, and a mini USB console port.
- One copper Ethernet 10/100/1000 Mbps network management port.
- An embedded USB (eUSB) flash module that supports 8 GB of nonvolatile Flash storage.
- Two USB 2.0 ports for USB flash sticks or USB secure tokens (secure key distribution).
- Stratum 3E network clocking per GR-1244-CORE, using 1588, 10 GE, GE, SPA, or Network Interface Module (NIM) interfaces as timing sources.
- Six built-in 1 GE SFP-only interfaces (do not support SFP+), and two built-in 10 GE SFP+ interfaces (support only 10-GE rate) that support SyncE.
- One half-height SPA bay.
- Software redundancy using Dual IOS, similar to all the other nonhardware redundant routers from the Cisco ASR 1000 Series Aggregation Services Router family.
- LED indicators for Ethernet and console status, as well as visual system state indications.
- Command-line interface (CLI), alarm, network management, logging, statistics aggregation, and on-board failure logging (OBFL).
- Environmental chassis management.
- 10 MB ternary content-addressable memory (TCAM).
- Up to 20 Gbps sustained forwarding data traffic through the chassis.
- One Network Interface Module (NIM) bay.
- Field-replaceable units (FRU) with online insertion and removal (OIR)
- AC input voltage: 85 to 264V AC
- AC input frequency: 47 to 63 Hz
- Maximum power consumption: 242Watt DC – 250Watt AC
- Redundant power supply: Yes
- Dimensions: 1.75 x 17.25 x 18.17 inches
- Weight: 24.9 pounds
Precautions prior to System Startup for ASR1001-X
To ensure safety and proper functioning of the system, it is essential to confirm that all card slots and compartments are closed. In empty slots, it is recommended to install blank faceplates. Additionally, it is important to ensure that all power supply slots are filled. Leaving a power supply slot uncovered could lead to exposure to hazardous voltages on the power pins located on the midplane.
Blank faceplates and cover panels have three primary functions that are crucial for the system’s safe operation. Firstly, they prevent exposure to hazardous voltages and currents within the chassis. Secondly, they contain electromagnetic interference that may otherwise disrupt other equipment. Lastly, they direct the flow of cooling air through the chassis, which is necessary for maintaining optimal operating temperatures.
It is strongly advised not to operate the system unless all cards, faceplates, front covers, and rear covers are securely in place to ensure safety and optimal system performance.
Before starting up the router, it is important to ensure that the following conditions have been addressed:
- The network interface cable or the optional Fast Ethernet Management port cable is connected.
- The chassis is securely mounted and grounded.
- The power and interface cables are properly connected.
- Your PC with a terminal emulation program (such as hyperTerminal or equivalent) is connected to the console port, powered up, and configured for 9600 baud, 8 data bits, 1 stop bit, no parity, with flow control set to none.
- Access control passwords have been selected.
- Captive installation screws are tightened on all removable components.
- The console terminal is turned on.
- IP addresses for the network interfaces have been determined.
- The shared port adapter and the NIM are inserted in their respective slots, if applicable.
- Empty card slots have been filled with card blanks to ensure proper airflow through the chassis and maintain electromagnetic compatibility (EMC).
Power up the ASR1001-X Router
Prerequisites:
Before you power on, ensure that:
• The power supply cord is plugged into the power supply inlet.
• All cables are connected and none is disconnected.
• Your computer is powered up and connected.
Step-1:
Flip the power switch to the ON position and listen for the fans to start running, which should happen immediately. Verify that the power supply LED is green and that the FAIL LED is not lit. During bootup, the front-panel indicator LEDs provide valuable information regarding power, activity, and status.
Step-2:
Observe the initialization process and wait for it to complete. The Cisco ASR 1001-X Router will start initializing once the system boot is finished, which usually takes a few seconds.
Now you are ready for the initial configuration of the router.
Initial Configuration of ASR1001-X Router
There are two ways to perform the initial configuration of the router.
- CISCO setup Command Facility
- CISCO IOS-XE CLI
1. CISCO setup command facility:
The setup command feature will guide you through the initial configuration process of the router, including setting up LAN and WAN interfaces. It prompts you to input all necessary information for a quick configuration.
The setup command facility is initiated automatically in the absence of any configuration on the router when it is booted into Cisco IOS-XE.
If you encounter an error while using the setup command facility, you can exit and restart the process. Simply press Ctrl-C to cancel and then re-enter the setup command in privileged EXEC mode (Router#).
Step-1: From the Cisco IOS-XE CLI, enter the setup command in privileged EXEC mode:
- Router> enable
- Password: <password>
- Router# setup
- Continue with configuration dialog? [yes/no]:
The prompts that appear in the setup command facility may differ based on the specific router model, installed interface modules, and software image. The steps and user inputs shown in bold below are provided solely as examples.
Step-2: To proceed using the setup command facility, enter yes.
- Continue with configuration dialog? [yes/no]:
- At any point you may enter a question mark ‘?’ for help.
- Use ctrl-c to abort configuration dialog at any prompt.
* Default settings are in square brackets ‘[]’.
Step-3: The basic management setup configures the minimum required connectivity.
- Would you like to enter basic management setup? [yes/no]: yes
Step 4: Enter a hostname for router: (myrouter) used as an example
- Configuring global parameters:
- Enter host name [Router]: myrouter
Step-5: Please create an enable secret password, which will be encrypted for additional security and cannot be viewed in the configuration.
- The enable secret is a password used to protect access to
privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret: cisco
Step-6: Please enter a distinct enable password that differs from the enable secret password. Unlike the encrypted enable secret password, this password is not encrypted (and is less secure) and can be viewed when examining the configuration.
- The enable password is used when you do not specify an
enable secret password, with some older software versions, and
some boot images.
Enter enable password: cisco123
Step-7:
Please set the password for virtual terminal access, which restricts unauthorized entry to the router via ports other than the console port:
- The virtual terminal password is used to protect
access to the router over a network interface.
Enter virtual terminal password: cisco
Step-8: Respond to the following prompts appropriately for your network:
- Configure SNMP Network Management? [no]: yes
- Community string [public]:
The setup command displays a summary of available interfaces. The numbering of interfaces varies depending on the installed modules, interface cards, and router model.
Step-9:
Respond to these prompts as appropriate for your network:
- Configuring interface GigabitEthernet0/0/1:
- Configure IP on this interface? [yes]: yes
- IP address for this interface [10.10.10.12]:
- Subnet mask for this interface [255.0.0.0] : 255.255.255.0
- Class A network is 10.0.0.0, 24 subnet bits; mask is /24
- Configure IP on this interface? [yes]: yes
The following configuration command script is created:
hostname myrouter
enable secret 5 $1$t/Dj$yAeGKviLLZNOBX0b9eifO0
enable password cisco123
line vty 0 4 password cisco snmp-server community public !
no ip routing
!
interface GigabitEthernet0/0/0
shutdown
no ip address
!
interface GigabitEthernet0/0/1
no shutdown
ip address 10.10.10.12 255.255.255.0
!
interface GigabitEthernet0/0/2
shutdown
no ip address
!
.
.
.
end
Step-10: Respond to the following prompts. Select [2] to save the initial configuration.
[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.
Enter your selection [2]: 2
Building configuration…
Use the enabled mode ‘configure’ command to modify this configuration.
Press RETURN to get started! RETURN
The below user prompt will be displayed:
- myrouter>
Complete your Configuration
When using the Cisco setup command facility, and after you have provided all the information requested by the facility, the final configuration appears. To complete your router configuration, follow these steps:
Step-1:
The facility prompts you to save the configuration:
- If you answer no, the configuration information you entered is not saved, and you return to the router
enable prompt (Router#). Enter setup to return to the System Configuration dialog box. - If you answer yes, the configuration is saved, and you are returned to the user EXEC prompt
(Router>).
Use this configuration? {yes/no} : yes
Building configuration…
Use the enabled mode ‘configure’ command to modify this configuration.
%LINK-3-UPDOWN: Interface GigabitEthernet0/1/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1/0, changed state to up
<Additional messages omitted.>
Step-2: When messages stop appearing on your screen, press Return to get the Router> prompt.
Step-3: The Router> prompt indicates that you are now at the command-line interface (CLI) and you have just
completed an initial router configuration. Note that this is not a complete configuration. At this point,
you have two choices:
- Run setup command one more time and create an alternate configuration:
- Router> enable
- Password: password
- Router# setup
- Modify current configuration or configure additional features through CLI:
- Router> enable
- Password: password
- Router# configure terminal
- Router(config)#
2. CISCO IOS-XE CLI - Manual Configuration
In this section, you will learn how to access the CLI to perform the initial configuration on the router. If you do not see the system configuration message, it indicates that a default configuration file was installed on the router before it was shipped. To configure the router, follow these steps.
Step-1: Enter no when the following system message appears on the router:
— System Configuration Dialog —
Would you like to enter the initial configuration dialog? [yes/no]: no
Step-2: Press Return and continue with manual configuration. Several log messages are displayed.
Step-3: Press Return to bring up the Router> prompt.
Step-4: Type enable to enter privileged EXEC mode:
Router> enable
Router#
Configuring Router Hostname
The hostname is used in CLI prompts and default configuration filenames. If you do not configure the router hostname, the router uses the factory-assigned default hostname Router.
Steps:
- enable
- configure terminal
- hostname name
- end
Command
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configure terminal
Example:
Router# configure terminal
Enters global configuration mode
Step 3
hostname name
Example:
Router(config)# hostname myrouter
Specifies or modifies the hostname for the network server
Step 4
end
Example:
myrouter# end
Returns to privileged EXEC mode
Configuring the Enable and Enable Secret Passwords
To enhance the security of passwords that are sent over the network or stored on a TFTP server, you can use either the enable password or enable secret command. Both commands serve the same purpose by allowing you to create an encrypted password that users must provide to access privileged EXEC (enable) mode.
We recommend that you use the enable secret command because it uses an improved encryption algorithm.
However, if you configure the enable secret command, it takes precedence over the enable password command;
the two commands cannot be in effect simultaneously.
Steps:
- enable
- configure terminal
- enable secret password
- end
- enable
- end
Command
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configure terminal
Example:
Router# configure terminal
Enters global configuration mode
Step 3
enable secret password
Example:
Router(config)# enable secret greentree
Specifies an additional layer of security over the enable password command.
Step 4
end
Example:
Router(config)# end
Returns to privileged EXEC mode
Step 5
enable
Example:
Router> enable
Enables privileged EXEC mode.
Verify that your new enable or enable secret password
works.
Step 6
end
Example:
Router(config)# end
Returns to privileged EXEC mode.
Configuring the Console Idle Privileged EXEC Timeout
This section describes how to configure the console line’s idle privileged EXEC timeout. By default, the
privileged EXEC command interpreter waits 10 minutes to detect user input before timing out.
When you configure the console line, you can also set communication parameters, specify autobaud
connections, and configure terminal operating parameters for the terminal that you are using.
Steps:
- enable
- configure terminal
- line console 0
- exec-timeout minutes [seconds]
- end
- show running-config
Command
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configure terminal
Example:
Router# configure terminal
Enters global configuration mode
Step 3
line console 0
Example:
Router(config)# line console 0
Configures the console line and starts the line configuration command collection mode.
Step 4
exec-timeout minutes [seconds]
Example:
Router(config-line)# exec-timeout 0 0
Sets the idle privileged EXEC timeout, which is the interval that the privileged EXEC command interpreter waits until user input is detected.
The example shows how to specify no timeout. Setting the exec-timeout value to 0 will cause the router to never log out once logged in. This could have security implications if you leave the console without manually logging out using the disable command.
Step 5
end
Example:
Router(config)# end
Returns to privileged EXEC mode.
Step 6
show running-config
Example:
Router# show running-config
Displays the running configuration file.
Verify that you have configured the idle privileged EXEC
timeout correctly.
Examples:
The following example shows how to set the console idle privileged EXEC timeout to 2 minutes 30
seconds:
line console
exec-timeout 2 30
The following example shows how to set the console idle privileged EXEC timeout to 30 seconds:
line console
exec-timeout 0 30
