C.2.1 Pre-configuration to Use Simple Configuration Mode

Explains the pre-configuration necessary to use simple configuration mode.

For details on the logical network configuration which can be configured using simple configuration mode, refer to "Appendix I Auto-configuration and Operations of Network Devices Using Simple Configuration Mode" in the "Design Guide CE".

Procedure for Configuration Creating the NS Appliance Pre-configuration File

Use the NS Appliance pre-configuration file created in preparations to perform configuration using the rcxnetworkservice preconfig command.

For details on how to create the NS Appliance pre-configuration file, refer to "2.2.3.4 NS Appliance Pre-configuration File".

Procedure for Configuration without Creating the NS Appliance Pre-configuration File

Connect with NS appliances, and perform pre-configuration using the following procedure:

Switch over to the mode for performing configuration definition of the NS appliance.
Execute the following command:
```
admin
Password: Administrator Password

configure terminal
load running-config
```
Administrator Password
Enter the administrator password specified in the "2.2.3.3 Network Configuration Information Files" which was created during installation of NS Appliance.

Define the interface on the internet side.
Execute the following command:

interface lan0.0
!
interface vlanID1
description "UNM_PRE_INTERNET_IF"
ip address IP Addresses on the Internet Side/Mask Length
ip-routing
vlan-link lan0.0 dot1q-tagged
rule protect 10 in any syn-flood drop max-pps 148809
rule protect 20 in any udp-flood drop udp-pps 148809
rule access 10 in UNM_PRE_ACC_IF-IN drop audit-session-none audit-match-none
rule access 59800 in UNM_PRE_ACC_BROADCAST drop audit-session-none audit-match-none
rule access 59810 in UNM_PRE_ACC_MULTICAST drop audit-session-none audit-match-none
rule access 59820 in UNM_PRE_ACC_NON-IP drop audit-session-none audit-match-none
rule access 59900 in any drop audit-session-normal audit-match-none
rule access 59900 out any drop audit-session-none audit-match-none
!
nat udp-src-port random

ID1: Specify the VLAN IDs used for the interface on the internet side.

IP Addresses on the Internet Side/Mask Length: Specify the IP addresses and the mask length used for the interfaces on the internet side.

Perform the interface definition and the RIP definition for the intranet side.
Execute the following command:

class-map match-all rip
    match source-address ipv4 Network Address on the Intranet Side/Mask Length
    match destination-port 520/udp
!
interface vlanID2
    description "UNM_PRE_INTRANET_IF"
    ip address IP Addresses on the Intranet Side/Mask Length
    ip-routing
    vlan-link lan0.0 dot1q-tagged
    rule access 10 in UNM_PRE_ACC_IF-IN drop audit-session-none audit-match-none
    rule access 20 in rip accept audit-session-none audit-match-none
    rule access 20 out rip accept audit-session-none audit-match-none
    rule access 30 out UNM_PRE_ACC_MULTICAST accept audit-session-none audit-match-none
    rule access 59800 in UNM_PRE_ACC_BROADCAST drop audit-session-none audit-match-none
    rule access 59810 in UNM_PRE_ACC_MULTICAST drop audit-session-none audit-match-none
    rule access 59820 in UNM_PRE_ACC_NON-IP drop audit-session-none audit-match-none
    rule access 59900 in any drop audit-session-normal audit-match-none
    rule access 59900 out any drop audit-session-none audit-match-none
!
access-list UNM_PRE-ADD_ACCLIST_INTRANET deny Admin LAN Network Address/Mask Length
router rip
distribute-list UNM_PRE-ADD_ACCLIST_INTRANET out
network vlanID2
redistribute connected
version 2
!

Network Address on the Intranet Side/Mask Length: Specify the network addresses and the mask length used for the interfaces on the intranet side.

ID2: Specify the VLAN IDs used for the interfaces on the intranet side.

IP Addresses on the Intranet Side/Mask Length: Specify the IP addresses and the mask length used for interfaces on the intranet side.

Admin LAN Network Address/Mask Length: Specify the admin LAN network addresses and the mask length of NS appliances.

Define the route information (routing).
Execute the following command: When defining multiple sets of route information, execute this command multiple times.
```
ip route Network Address/Mask Length Gateway Address
```
Network Address/Mask Length
Specify the destination address and the mask length. When specifying them as the default gateway, specify 0.0.0.0/0.
Gateway Address
Specify the gateway address.
Reflect the configuration definition on the NS appliance.
Execute the following command:
```
commit
```
After executing the command, when the following messages are displayed, enter "y" in each message.
```
Do you overwrite "running-config" by the current configuration? (y|[n]):y
Do you overwrite "startup-config" by the current configuration? (y|[n]):y
```
Exit the edit mode of configuration definition, and log out from the NS appliance.
Log out using the exit command. Execute the exit command, until disconnected from the NS appliance.

Note

Do not perform any configuration other than that below.
When configuring settings other than those described in the configuration procedure, auto-configuration cannot be performed using simple configuration mode.
When the following message is notified on execution of each command, an error has occurred in the command or insufficient information has been specified for the values used. Check the command being used, and enter it again.
- Unknown commands or command parameters are insufficient.
- Command incomplete.