Cisco ISDN Configuration


Configuration Example
Changing the username and password
Changing the dial number
Changing the telnet and enable passwords
Troubleshooting connectivity problems

Configuration Example

Thanks to Matt Musselman for this commented example.
 
version 12.0 
service config
no service pad 
service tcp-keepalives-out 
    Generates TCP keepalives to bring the BRI interface up on system startup and
    after disconnection.
service timestamps debug uptime
service timestamps log datetime
    This enables logging of events, such as access-list blocks and ISDN line 
    changes.
service password-encryption 
    Encrypts passwords so that they don't appear as plaintext in the
    configuration.
!
hostname training
!
enable secret 5 _password_
!
ip subnet-zero
ip classless 
!
ip name-server 129.250.35.250
ip name-server 129.250.35.251
isdn switch-type basic-ni
!
interface Ethernet0
 ip address 206.50.17.89 255.255.255.248
 no ip directed-broadcast 
!
interface BRI0 
 no ip address 
 no ip directed-broadcast
 encapsulation ppp
 dialer rotary-group 0
 isdn spid1 21426584350101 2658435
 isdn spid2 21426588200101 2658820
 isdn timeout-signaling 
    Flushes the ISDN D channel if no switch response is received within 1 second.
This is only available on newer IOS's.
 no fair-queue 
!
interface Dialer0 
 ip unnumbered Ethernet0 
    Uses the IP address for Eth 0, instead of having to assign a separate WAN IP.
 no ip directed-broadcast
    Prevents any incoming traffic to a directed broadcast (all 1's in the host bits), 
keeping any networks behind this router from being used as a denial of service
amplification network.
 encapsulation ppp
 dialer in-band 
 dialer string 2147601243
 dialer hold-queue 70
 dialer load-threshold 1 either
 dialer-group 1
 no fair-queue 
 ppp authentication pap callin
 ppp pap sent-username matt1 password 7 11041811030B5A
 ppp multilink 
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
dialer-list 1 protocol ip permit
    Permits all IP traffic to trigger dialout
!  
line con 0
 exec-timeout 0 0
 transport input none
 stopbits 1 
line vty 0 4 
 password _password_ 
 login 
!

Changing the username and password

Changing the username and password that a Cisco ISDN router uses to dial-up to the Internet is fairly easy thing. However, you do need to be in priveledged exe mode and you need to be able to see the running configuration. To change the username and password in this example, we see that the username and password are in the Dialer0 interface with the configuration line of:


ppp pap sent-username matt1 password 7 11041811030B5A

To change that line, you need to get into enable and remove it. Then, you can add the appropriate line. This would look like:


router>enable
Enter password:
router#conf t
router(config)#interface Dialer0
router(config-if)#no ppp pap sent-username matt1 password 7 11041811030B5A
router(config-if)#ppp pap sent-username matt2 password password

Once you have done that, press [CTRL-z] to exit the configuration. Then, save the configuration by running the copy running-config startup-config command. Finally, either have the router disconnect and reconnect or power cycle it.


Changing the dial number

Like the above example, you need to remove the old configuration line and add the new one before the change will work. To change the dial number, do the following:


router>enable
Enter password:
router#conf t
router(config)#interface Dialer0
router(config-if)#no dialer string 2147601243
router(config-if)#dialer string 9724079786

That will remove the old configuration line and put in its place a new dialer number in the Dialer0 interface.


Changing the telnet and enable passwords

Changing the telnet and enable passwords for Cisco routers is similar to the above examples. However, there are several different ways that this can be accomplished. Again, like the previous examples, you need to see the running configuration to see how it is currently configured. In this example, we can change the telnet password by doing the following:


router>enable
Enter password:
router#conf t
router(config)#line vty 0 4
router(config-line)#no password password
router(config-line)#password password

The line vty 0 4 command that was issued put the router into the line that controls telnet logins. Then, we removed the old password. Although this is not necessary, I have seen some routers be picky about that step. Finally, the new password was added to the vty line.


For the enable password in this configuration, there are actually two lines that affect this:


enable secret 5 _password_ 
enable password _password_

The enable secret line stores the password in the router configuration in encrypted format, so even if you can view the running configuration, you will be unable to see the password. The enable password line stores the password in plaintext. If an enable secret password and an enable password are both configured, then the Cisco router uses the enable secret line by default.


To change the enable password in this example and do a bit of clean up, we can do the following:


router>enable
Enter password:
router#conf t
router(config)#no enable password
router(config)#no enable secret
router(config)#enable secret password

Troubleshooting connectivity problems

The table below lists many commands that can be used to troubleshoot ISDN connectivity problems on a Cisco router. Reading the output of the commands is not difficult, but remembering which commands to use can be, so this list below will help you out.


Command Description
show interface BRI0 Shows the statistics, such as packets sent and received and the number of CRC's on the BRI interface. This is useful in seeing the amount of errors that the BRI interface is receiving. It is best used in conjunction with the clear counters BRI0 command so that the information listed is current.
show dialer Lists the general diagnostic information about an interface configured for DDR, such as the number of times the dialer string has been successfully reached, and the idle timer and fast idle timer values for each B channe. Current call-specific information is also provided, such as the length of the call, and the number and name of the device to which the interface is currently connected.
show isdn active Use to show if a call is in progress and which number is being dialed.
show isdn status Shows the statistics of the ISDN connection.
show ip route Displays the routes known to the router, including static and dynamically learned routes.
debug isdn q921 Verfies that you have a connection to the ISDN switch.
debug isdn q931 Displays call setup and teardown messages.
debug dialer Shows information such as what number the interface is dialing.
shutdown and no shutdown These commands can be used to disconnect any call in progress and reset an interface.
clear interface BRI0 This command causes the BRI interface to reset itself and then to re-establish a connection to the switch and then dial-up to the number that it is configured for.
}