background image

3

The CWI provides three ways to configure and manage a router:

Using a Telnet or SSH session launched from the CWI, which allows you to configure and manage the router using 
command-line interface (CLI) commands.

Using the Configuration Editor or Replace Configuration Editor, which allows you to view and edit the running 
configuration in CLI format. The configuration editors provide common text editing functionality as well as traditional CLI 
features. See the “Configuration Editor” section on page 22 and the “Replace Configuration Editor” section on page 22.

Using the graphical configuration applications. See the “Configuration Desktop Window” section on page 20.

Support is provided to manage a two-stage commit functionality, which includes locking and rollback control.

3  

Getting Started

This section provides information you need to know before you can start setting up a router and CWI client. The following 
information is provided:

Network Considerations, page 3

Prerequisites, page 4

Network Considerations

The following network information must be taken into consideration before starting the minimum router and CWI client 
configuration. 

Basic Configuration

The basic configuration is not secure. See the “Setting Up the Required Management Services Without a Secure Connection” 
section on page 8 for procedures.

Secure Socket Layer Encryption Configuration

The secure configuration has Secure Socket Layer (SSL) encryption. If you use the SSL protocol on your network, use the SSL 
configuration. See the “Setting Up the Required Management Services with a Secure Connection” section on page 8 for 
procedures.

IP Security

IP security (IPSec) does not require any special configuration for CWI on the router or client. See the “Setting Up the Required 
Management Services Without a Secure Connection” section on page 8 for procedures.

Firewall

If you have a firewall in your network, you can use the basic or SSL encryption configurations. See the “Setting Up the Required 
Management Services with a Secure Connection” section on page 8 and “Setting Up the Required Management Services Without 
a Secure Connection” section on page 8 for procedures.

The ports listed in Table 1 must be opened when configuring the firewall. Refer to the firewall documentation for information 
on opening the ports.

Table 1

Firewall Ports

Component

Port

Direction

HTTP/HTTPS

80/443

Inbound

IIOP/IIOPSSL

10001/10002

Inbound

Содержание CRS-1 Series

Страница 1: ...e 2 0 1 Introduction 2 About the CWI 3 Getting Started 4 Setting Up the Router and CWI Client 5 Getting Started with the CWI 6 CWI Overview 7 CWI Desktop Window 8 Configuration Desktop Window 9 Obtaining Documentation 10 Documentation Feedback 11 Obtaining Technical Assistance 12 Obtaining Additional Publications and Information ...

Страница 2: ...r Routing System Craft Works Interface Configuration Guide Intended Audience This document is intended for experienced service provider administrators Cisco telecommunication management engineers and third party field service technicians that have completed the required Cisco router training sessions 2 About the CWI The CWI is a client side application used to configure and manage routers The mana...

Страница 3: ...the minimum router and CWI client configuration Basic Configuration The basic configuration is not secure See the Setting Up the Required Management Services Without a Secure Connection section on page 8 for procedures Secure Socket Layer Encryption Configuration The secure configuration has Secure Socket Layer SSL encryption If you use the SSL protocol on your network use the SSL configuration Se...

Страница 4: ...face See Figure 1 Figure 1 Dual Homed Device Configuration When setting the minimum router configuration you must use the dual homed device router side secondary IP address and DNS name when configuring the IP hostname for the CWI client This mapping is required for the client to view the notifications from the router received by the dual home instance of CWI See Step 3 in the Setting the Minimum ...

Страница 5: ... minimum 1 20 GHz Pentium IV recommended System software Windows NT Windows 98 Windows 2000 or Windows XP Memory RAM 256 MB minimum 512 MB recommended Available drive space CWI 5MB JRE 48MB Additional software One of these browsers Microsoft Internet Explorer 5 0 or higher Netscape Navigator 4 77 or higher Netscape Navigator 7 0 or higher Java Runtime environment JRE version 1 4 2 Monitor display ...

Страница 6: ...rrectly set up to communicate with the router No special configuration is required on the CWI client 4 Setting Up the Router and CWI Client This section provides the procedures that must be completed in sequence before you can start using the CWI The procedures include setting the minimum router configuration that will allow the router to communicate with the CWI client configuring the required Ma...

Страница 7: ... hostname for the CWI client For a VPN use the VPN IP address and DNS name For a network with a dual homed device use the dual homed device router side secondary IP address and DNS name See the Network Considerations section on page 3 for information on VPN and dual homes devices in a network RP 0 RP0 CPU0 router config domain ipv4 host client DNS name client IP address Step 4 Configure the hostna...

Страница 8: ...tp server Step 4 Enable the XML agent on the router RP 0 RP0 CPU0 router config xml agent corba Step 5 Exit configuration mode RP 0 RP0 CPU0 router config commit Setting Up the Required Management Services with a Secure Connection This section provides the procedures required to set up the Management Services with SSL encryption When setting up the required Management Services and the CWI client w...

Страница 9: ... RP 0 RP0 CPU0 router config crypto ca trustpoint ca name RP 0 RP0 CPU0 router config trustp enrollment url ca URL RP 0 RP0 CPU0 router config trustp rsakeypair keypair label This command must be completed if a keypair label is specified in Step 2 RP 0 RP0 CPU0 router config trustp exit RP 0 RP0 CPU0 router config commit Example RP 0 RP0 CPU0 router config crypto ca trustpoint myca RP 0 RP0 CPU0 r...

Страница 10: ...ollow these steps in sequence exiting the test steps when a failure is encountered Step 1 Ping the IP address of the router management Ethernet interface from the client PC workstation If this step fails the problem can be an incorrect IP address incorrect management Ethernet interface configuration or a network connectivity problem Step 2 Optional Ping the DNS name or IP address of the router If ...

Страница 11: ...res include the Telnet SSH application the Troubleshooter application setting character displays in the Rack View application and viewing committed configuration changes using the Configuration Change dialog box Refer to Chapter 4 Bring Up a New Cisco CRS 1 Series Router in the Cisco CRS 1 Series Carrier Routing System Getting Started Guide for information on enabling the Telnet SSH server Note Th...

Страница 12: ...ess continues Proceed to Step 9 If you choose Yes the security certificate must be accepted next time you log in to the router Click No to deny the security certificate If this option is chosen the login process is canceled Click Always to automatically trust and accept the security certificate in this section and all subsequent CWI sessions If this option is chosen the certificate is accepted and...

Страница 13: ...een the CWI and the router management agent The Troubleshooter application provides a window that describes the reason for the failure possible cause and recommended repair action An automatic repair option is provided in many instances Refer to the Cisco CRS 1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on using the Troubleshooter feature c To continue...

Страница 14: ...page 6 for information on the AAA username and password a Type your AAA username and password in the User Name and Password fields b Click Yes Step 8 If this is the first time the CWI client has started the CWI the Java Plug in must be installed and the CWI Cisco security certificate must be accepted a If the Java Plug in installation is completed a dialog box appears asking you to trust the secur...

Страница 15: ...irements section on page 11 for information on obtaining your password c Optional In the Node Name list click the drop down arrow and choose a node name DNS name or IP address of the router d Click Login Figure 3 CWI Login Dialog Box Step 12 If you did not choose Always in Step 9 you must accept the SSL certificate You have the following options Click Yes to trust and accept the SSL certificate fo...

Страница 16: ...ended repair action An automatic repair option is provided in many instances Refer to the Cisco CRS 1 Series Carrier Routing System Craft Works Interface User Interface Guide for information on using the Troubleshooter feature c To continue the initialization process click Continue Logging In to Multiple Logical Routers The CWI can manage multiple routers You can log in to multiple routers when th...

Страница 17: ... More Details to view the security certificate A dialog box appears with detailed certificate information The certificate information includes the version serial number insurer and start and end date validity of the certificate The Initializing CWI dialog box appears After the router initialization is successfully completed a new router appears in the Inventory Tree in the CWI Desktop See the Inve...

Страница 18: ... Configuration Editor or Replace Configuration Editor which allows you to view and edit the running configuration in CLI format These editors provide common text editing functionality as well as traditional CLI features such as help and command completion See the Configuration Editor section on page 22 and the Replace Configuration Editor section on page 22 Using the graphical configuration applic...

Страница 19: ...ides context sensitive launch points for other CWI applications in the same way as the Inventory Tree The card character displays are user configurable and are displayed on the card faceplate Interface Quick Viewer Provides a view of interface attributes for selected cards Configuration Desktop Provides an interface tailored to managing configuration applications Telnet SSH Provides the capability...

Страница 20: ...ided CWI Application Pane The CWI Application pane is the area of the CWI Desktop that contains the active CWI applications used to manage the router Multiple applications can be open concurrently in the CWI Application pane 8 Configuration Desktop Window The Configuration Desktop is the main point of access to all configuration applications See Figure 8 These applications allow you to configure a...

Страница 21: ...iled information on the Configuration Desktop Figure 8 Configuration Desktop Common Elements in the Configuration Desktop The graphical configuration applications launched from the Configuration Desktop include a common feature set These features include bulk configuration and validation The bulk configuration features provide templating without templates These features include the capability to t...

Страница 22: ...and CLI functions such as command completion and CLI help Replace Configuration Editor The Replace Configuration Editor application is available in the Configuration Desktop and allows you to replace the running configuration on the router with the contents of the Replace Configuration Editor window The Replace Configuration Editor provides general text editor functions such as copy paste redo and...

Страница 23: ...site requires a Cisco com user ID and password If you have a valid service contract but do not have a user ID or password you can register at this URL http tools cisco com RPF register register do Submitting a Service Request Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests S3 and S4 service requests are those in which your network is minimally impair...

Страница 24: ...uct Catalog at this URL http cisco com univercd cc td doc pcat Cisco Press publishes a wide range of general networking training and certification titles Both new and experienced users will benefit from these publications For current Cisco Press titles and other information go to Cisco Press at this URL http www ciscopress com Packet magazine is the Cisco Systems technical user magazine for maximi...

Страница 25: ...25 ...

Страница 26: ...abia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe Printed in the USA on recycled paper containing 10 postconsumer waste OL 6512 01 CCVP the Cisco Logo and the Cisco Square Bridge logo are trademarks of Cisco Systems Inc Changing the Way We Work Live Play and Learn is a service mark ...

Отзывы: