The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This preface describes the objectives and organization of this document and explains how to find additional information on related products and services. This preface contains the following sections:
•Obtaining Technical Assistance
•Obtaining Additional Publications and Information
This document contains instructions and procedures for installing and configuring the Integrated Services Adapter (ISA) in Cisco 7200 series routers and the Integrated Services Module (ISM) in Cisco 7100 series routers. Also contained in this document are basic configuration steps and examples of router commands and displays.
The ISA is a single-width service adapter and the ISM is a single-width service module. Each provides high-performance, hardware-assisted tunneling and encryption services suitable for virtual private network (VPN) remote access, site-to-site intranet, and extranet applications. The ISA and the ISM offload IP Security Protocol (IPSec) and Microsoft Point to Point Encryption (MPPE) processing from the main processor of the Cisco 7200 series or Cisco 7100 series router, thus freeing router resources for other tasks.
Although both the ISA and the ISM provide the same functionality, they are physically unique cards designed for different router platforms, with their own part numbers:
•SM-ISM(=)—Cisco 7100 series routers
•SA-ISA(=)—Cisco 7200 series routers
Note The information provided in this document applies to both the ISA and the ISM unless specifically stated otherwise.
Note To ensure compliance with U.S. export laws and regulations, and to prevent problems later on, see the "Compliance with U.S. Export Laws and Regulations Regarding Encryption" section for specific and important information.
To use this publication, you should be familiar not only with Cisco router hardware and cabling but also with electronic circuitry and wiring practices. You should also have experience as an electronic or electromechanical technician.
This document contains the following chapters:
Command descriptions use the following conventions:
Screen examples use the following conventions:
Notes, cautionary statements, and safety warnings use these conventions:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual.
To fully understand the content of this user guide, you should be familiar with the following terms and acronyms:
•DCE—data communications equipment
•DMA—direct memory access
•DTE—data terminal equipment
•EPROM—erasable programmable read-only memory
•EEPROM—electrically erasable programmable read-only memory
•GB—gigabit
•GBIC—Gigabit Interface Converter
•Gbps—gigabits per second
•MB—megabyte
•Mbps—megabits per second
•NVRAM—nonvolatile random-access memory
•OIR—online insertion and removal
•PCI—Peripheral Component Interconnect
•PXF—Parallel eXpress Forwarding—A secondary processor used to accelerate Cisco IOS services
•RFI—radio frequency interference
•RISC—reduced instruction set computing
•ROM—read-only memory
•SDRAM—synchronous dynamic random-access memory
•SDRAM-fixed—SDRAM of a fixed size or quantity; can be replaced, but not upgraded
•SIMM—single in-line memory module
•SNMP—Simple Network Management Protocol
•SRAM—static random-access memory
•TFTP—Trivial File Transfer Protocol
•VAM—Virtual Private Network (VPN) Acceleration Module (VAM)
•Cache—Memory with fast access and small capacity used to temporarily store recently accessed data; found either incorporated into the processor or near it.
•Primary, secondary, tertiary cache—Hierarchical cache memory storage based on the proximity of the cache to the core of the processor. Primary cache is closest to the processor core and has the fastest access. Secondary cache has slower access than primary cache, but faster access than tertiary cache.
•Instruction and data cache—Instructions to the processor and data on which the instructions work.
•Unified cache—Instruction cache and data cache are combined. For example, a processor may have primary cache with separate instruction and data cache memory, but unified secondary cache.
•Integrated cache—Cache that is built into the processor; sometimes referred to as internal cache. Cache memory that is physically located outside the processor is not integrated, and is sometimes referred to as external cache.
Your router and the Cisco IOS software running on it contain extensive features and functionality, which are documented in the following resources:
•For configuration information and support, refer to the modular configuration and modular command reference publications in the Cisco IOS software configuration documentation set that corresponds to the software release installed on your Cisco hardware. Access these documents at: http://www.cisco.com/en/US/products/sw/iosswrel/index.html.
Note Select Translated documentation is available at http://www.cisco.com/ by selecting the topic `Select a Location / Language' at the top of the page.
–To determine the minimum Cisco IOS software requirements for your router, Cisco maintains the Software Advisor tool on Cisco.com. This tool does not verify whether modules within a system are compatible, but it does provide the minimum IOS requirements for individual hardware modules or components. Registered Cisco Direct users can access the Software Advisor at: http://www.cisco.com/cgi-bin/Support/CompNav/Index.pl.
•Cisco 7100 series routers:
–Cisco 7100 Series VPN Router Documentation
–Cisco 7100 Series VPN Router Installation and Configuration Guide
–Cisco 7100 Series VPN Quick Start Guide
–Installing Field-Replaceable Units
Note For specific port and service adapters for the Cisco 7100 series VPN routers, see the Cisco 7100 Series VPN Router Documentation .
–Cisco 7100 Series VPN Configuration Guide
–Cisco 7100 series VPN router troubleshooting information
–Cisco 7100 Tech Notes
•Cisco 7200 series routers:
–For port adapter hardware and memory configuration guidelines, refer to the Cisco 7200 Series Port Adapter Hardware Configuration Guidelines.
–For hardware installation and maintenance information (including the Cisco 7206 as a router shelf in a Cisco AS5800 Universal Access Server), refer to the installation and configuration guide for your Cisco 7200 series router.
•For international agency compliance, safety, and statutory information for WAN interfaces:
–Regulatory Compliance and Safety Information for Cisco 7100 Series VPN Routers
–Regulatory Compliance and Safety Information for the Cisco 7200 Series Routers
•For IP security and encryption:
–Cisco IOS Enterprise VPN Configuration Guide
–Cisco IOS Interface Configuration Guide, Release 12.1
–Cisco IOS Interface Command Reference, Release 12.1
–Cisco IOS Security Configuration Guide, Release 12.2
–Cisco IOS Security Command Reference, Release 12.2
–Cisco IOS Security Configuration Guide, Release 12.1
–Cisco IOS Security Command Reference, Release 12.1
–Cisco IOS Release 12.0 Security Configuration Guide
–Cisco IOS Release 12.0 Security Command Reference
–Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2
–Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.1
–Cisco IOS Release 12.0 Quality of Service Solutions Configuration Guide
–Cisco IOS Interface Configuration Guide, Release 12.1
–FIPS 140 Security documents
–VPN Device Manager documents
•If you are a registered Cisco Direct Customer, you can access the following tools:
–Tools, Maintenance, and Troubleshooting Tips for Cisco IOS Software for Cisco IOS Release 12.0
–Tools, Maintenance, and Troubleshooting Tips for Cisco IOS Software for Cisco IOS Release 12.1
–Tools, Maintenance, and Troubleshooting Tips for Cisco IOS Software for Cisco IOS Release 12.2
–Software Advisor
–Bug Toolkit
–Bug Navigator
–Feature Navigator
–Output Interpreter
–Cisco IOS Error Message Decoder
–Cisco Dynamic Configuration Tool
–MIB Locator
•Additional tools include:
–Tools Index
–Cisco IOS Software Selector Tool
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco web sites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Registered Cisco.com users can order the Documentation CD-ROM (product number DOC-CONDOCCD=) through the online Subscription Store:
http://www.cisco.com/go/subscription
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
•Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace:
http://www.cisco.com/en/US/partner/ordering/index.shtml
•Registered Cisco.com users can order the Documentation CD-ROM (Customer Order Number DOC-CONDOCCD=) through the online Subscription Store:
http://www.cisco.com/go/subscription
•Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco Systems Corporate Headquarters (California, U.S.A.) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can e-mail your comments to bug-doc@cisco.com.
You can submit your comments by mail by using the response card behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Cisco provides Cisco.com, which includes the Cisco Technical Assistance Center (TAC) Website, as a starting point for all technical assistance. Customers and partners can obtain online documentation, troubleshooting tips, and sample configurations from the Cisco TAC website. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC website, including TAC tools and utilities.
Cisco.com offers a suite of interactive, networked services that let you access Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com provides a broad range of features and services to help you with these tasks:
•Streamline business processes and improve productivity
•Resolve technical issues with online support
•Download and test software packages
•Order Cisco learning materials and merchandise
•Register for online skill assessment, training, and certification programs
To obtain customized information and service, you can self-register on Cisco.com at this URL:
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two levels of support are available: the Cisco TAC website and the Cisco TAC Escalation Center. The avenue of support that you choose depends on the priority of the problem and the conditions stated in service contracts, when applicable.
We categorize Cisco TAC inquiries according to urgency:
•Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.
•Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
•Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.
•Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.
You can use the Cisco TAC website to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC website, go to this URL:
All customers, partners, and resellers who have a valid Cisco service contract have complete access to the technical support resources on the Cisco TAC website. Some services on the Cisco TAC website require a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to this URL to register:
http://tools.cisco.com/RPF/register/register.do
If you are a Cisco.com registered user, and you cannot resolve your technical issues by using the Cisco TAC website, you can open a case online at this URL:
http://www.cisco.com/en/US/support/index.html
If you have Internet access, we recommend that you open P3 and P4 cases through the Cisco TAC website so that you can describe the situation in your own words and attach any necessary files.
The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer automatically opens a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). When you call the center, please have available your service agreement number and your product serial number.
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
•The Cisco Product Catalog describes the networking products offered by Cisco Systems as well as ordering and customer support services. Access the Cisco Product Catalog at this URL:
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
•Cisco Press publishes a wide range of networking publications. Cisco suggests these titles for new and experienced users: Internetworking Terms and Acronyms Dictionary, Internetworking Technology Handbook, Internetworking Troubleshooting Guide, and the Internetworking Design Guide. For current Cisco Press titles and other information, go to Cisco Press online at this URL:
•Packet magazine is the Cisco monthly periodical that provides industry professionals with the latest information about the field of networking. You can access Packet magazine at this URL:
http://www.cisco.com/en/US/about/ac123/ac114/about_cisco_packet_magazine.html
•iQ Magazine is the Cisco monthly periodical that provides business leaders and decision makers with the latest information about the networking industry. You can access iQ Magazine at this URL:
http://business.cisco.com/prod/tree.taf%3fasset_id=44699&public_view=true&kbns=1.html
•Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering professionals involved in the design, development, and operation of public and private internets and intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
•Training—Cisco offers world-class networking training, with current offerings in network training listed at this URL:
http://www.cisco.com/en/US/learning/le31/learning_recommended_training_list.html