Filter
Top Products
1-103
Cisco uBR7200 Series Universal Broadband Router Software Configuration Guide
OL-2239-05
Chapter1 Overview of Cisco uBR7200 Series Software
cops tcp window-size
• Turbo Access Control Lists, page 1-108
• Vendor-Proprietary RADIUS Attributes, page 1-109
For additional BPI information and configuration steps, refer to the DOCSIS 1.1 for the Cisco uBR7200 Series
Universal Broadband Routers feature module on Cisco.com, and to additional documents cited below:
http://www.cisco.com/univercd/cc/td/doc/product/cable/cab_rout/ub7200sw/index.htm
Access Control Lists
Access control lists (ACLs) are supported on the Cisco uBR7200 Series in Cisco IOS Release
12.2(4)XF1 and later XF and BC releases, and in 12.2(10)EC and later EC releases.
The Cisco uBR7200 Series provides basic traffic filtering capabilities with access control lists
(ACLs—also referred to as access lists). Access lists can be configured for all routed network protocols
(IP, AppleTalk, and so on) to filter the packets of those protocols as the packets pass through a router.
You can configure access lists at your router to control access to a network: access lists can prevent
certain traffic from entering or exiting a network.
For complete information about access lists, see the Traffic Filtering and Firewall volume in the Cisco
IOS Release 12.1 Security Configuration Guide, available on Cisco.com:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/index.htm
The Cisco uBR7200 Series also supports SNMP access lists and Turbo Access Control Lists, and these
are described elsewhere in this chapter.
Automated Double Authentication
The automated double authentication feature enhances the existing double authentication feature.
Previously, with the existing double authentication feature, a second level of user authentication is
achieved when the user accesses the network access server or router through Telnet and enters a user
name and password. Now, with automated double authentication, the user does not have to Telnet
anywhere but instead responds to a dialog box that requests a user name and password or PIN.
For information about the existing double authentication feature, refer to the following document on
Cisco.com:
• “Configuring Authentication” chapter of the Cisco IOS Security Configuration Guide, Release 12.2
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/
Cable Modem and Multicast Authentication Using RADIUS
As an enhancement to Baseline Privacy, the Cisco uBR7200 series universal broadband routers can be
configured for cable modem and multicast authentication using the Remote Authentication Dial-In User
Server (RADIUS) protocol, an access server authentication, authorization, and accounting protocol originally
developed by Livingston, Inc. This release also supports additional vendor-proprietary RADIUS attributes.
When a cable modem comes online or when a JOIN request is sent through a multicast data stream, the
Cisco uBR7200 series universal broadband routers send relevant information to RADIUS servers for
cable modem/host authentication. This feature can be configured on a per-interface basis.
An Internet Engineering Task Force (IETF) draft standard, RFC 2138, defines the RADIUS protocol.
RFC 2139 defines the corresponding RADIUS accounting protocol. Additional RFC drafts define
vendor-proprietary attributes and MIBs that can be used with an SNMP manager.
For additional information, refer to the following document on Cisco.com:
• “Security Server Protocols” chapters of the Cisco IOS Security Configuration Guide, Release 12.2
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fsecsp/index.htm