Полезная информация


Table of Contents

Access Services Overview

Access Services Overview

This chapter provides an introduction to the chapters in the Access Services Configuration Guide. The chapters in this publication describe access services, which consist of the following functions:

Access Service Functions

Routers that support access services enable single users to access network resources from remote sites. Remote users include corporate telecommuters, mobile users, and individuals in remote offices who access the central site. Access services connect remote users over serial lines to modems, networks, terminals, printers, workstations, and other network resources on LANs and WANs. In contrast, routers that do not support access services connect local-area networks (LANs) or wide-area networks (WANs).

Note Access services are supported on the Cisco 2500 router series, models 2509, 2510, 2511, and 2512 and the AS5100, which combines three Cisco 2511 chassis with integrated modems and a channelized T1 interface. Throughout the remainder of this publication, the term router is used to refer to the devices that support access services.

Figure 2 illustrates these four access services available in the Cisco IOS software:

Figure 2: Access Service Functions

Line Characteristics and Modems

The Cisco IOS software permits you to connect to asynchronous serial devices such as terminals and modems and to configure custom device operation. You can configure a single physical or virtual line or a range of lines. For example, you can configure one line for a laser printer and then configure a set of lines to switch incoming modem connections to the next available line. You also can customize your configurations. For example, you can define line-specific transport protocols, control character, and packet transmissions, set line speed, flow control, and establish time limits for user access. The chapter "Configuring Terminal Lines and Modem Support" in this publication describes these tasks.

Remote Node Services

Remote node services permit remote users to connect devices over a telephone network using the following protocols:

Using ARA, Macintosh users can connect across telephone lines into an AppleTalk network to access network resources, such as printers, file servers, and e-mail. A remote user running ARA has the same access to network resources as a Macintosh connected directly to the LAN. They can also run other applications on top of ARA to access UNIX file servers for such tasks as reading e-mail and copying or transferring files between UNIX hosts. Note that Macintosh users can run Macintosh-based SLIP or PPP applications to access non-AppleTalk-based resources. (See Figure 3.)
Using SLIP or PPP, PC users running DOS or Windows can connect across telephone lines into a network to access network resources, such as printers, file servers, and e-mail. The remote user's PC running SLIP or PPP has the same access to network resources as a PC connected directly to the LAN. (See Figure 3.)
Remote users with X terminals, such as NCD terminals, use the XRemote protocol over asynchronous lines. The router provides network functionality to remote X terminals. Figure 4 illustrates an XRemote connection.

Figure 3:
Remote Node Connection--Macintosh and PC Users Dialing In

Figure 4:
XRemote Connection

Terminal Services

Terminal services permit asynchronous devices to be connected to a LAN or WAN through network and terminal-emulation software including Telnet, rlogin, NetWare asynchronous services interface (NASI), Digital's Local-Area Transport (LAT) protocol, and IBM TN3270. (See Figure 5.)

Access services permit terminals to connect with remote hosts using virtual terminal protocols including Telnet, NASI, LAT, TN3270, rlogin, and X.25 PAD. You can use a router that supports access services to function as a terminal server to provide terminal access to devices on the network.

A host can also connect directly to an access server. In IBM environments, TN3270 allows a standard ASCII terminal to emulate a 3278 terminal and access an IBM host across an IP network.

In Digital environments, LAT support provides a terminal with connections to VMS hosts. X.25 PAD allows terminals to connect directly to an X.25 host over an X.25 network through the router. X.25 PAD eliminates the need for a separate PAD device. This connection requires use of one of the synchronous serial interfaces on the router supporting access services.

Figure 5 illustrates terminal-to-host connections using a Cisco 2509 router.

Figure 5: Terminal-to-Host Connectivity

Protocol Translation

Protocol translation services are essentially an extension of terminal services. A user running a TCP/IP based application can connect to a host running a different virtual terminal protocol, such as Digital's Local Area Transport (LAT) protocol. The Cisco IOS software converts one virtual terminal protocol into another protocol. (See Figure 6.) Protocol translation enables users to make connections to X.25 machines using X.25 PAD.

Routers translate virtual terminal protocols to allow communication between devices running different protocols. Protocol translation supports Telnet (TCP), LAT, and X.25. One-step protocol translation software performs bidirectional translation between any of the following protocols:

Figure 6 illustrates LAT-to-TCP protocol translation.

Figure 6: LAT-to-TCP Protocol Translation

Connecting to IBM hosts from LAT, Telnet, rlogin, and X.25 PAD environments requires a two-step translation process. In other words, users must first establish a connection with the router, then use the TN3270 facility to make a connection to the IBM host.

Asynchronous Routing

Remote access routing services enable full-featured Internet Protocol (IP), Novell Internet Packet Exchange (IPX), and AppleTalk routing over asynchronous lines. These same routing functions are found on all router platforms. (See Figure 7.)

The Cisco IOS software supports full routing functionality, which enables routers performing access services to determine the most efficient path for sending data packets to a destination address outside the LAN. The router gathers and maintains routing information to enable the transmission and receipt of data packets. Routing information takes the form of entries in a routing table, with one entry for each identified route. The Cisco IOS software can create and maintain the routing table dynamically to accommodate network and configuration changes when they occur.

Other WAN services include dial-on-demand routing (DDR) of IP and IPX, X.25, Frame Relay, and SMDS. Full IP and Novell IPX routing services are also supported.

A key feature of asynchronous routing is its ability to provide low-cost operation over normal dial-up telephone networks. The router's routing capabilities provide remote home and sales offices with cost-effective access to a central site. For example, traffic from PCs and UNIX workstations can be routed through a router, eliminating multiple phone lines and modems. Routing over asynchronous lines also provides significant phone-line savings for small offices by allowing dial-up telephone lines to be used rather than more costly leased lines. The Access Services Quick Configuration Guide describes DDR over dialup modem lines.

Routing protocols include Internet Gateway Routing Protocol (IGRP), Enhanced Internet Gateway Routing Protocol (Enhanced IGRP), Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP), Exterior Gateway Protocol (EGP), Gateway Discovery protocol (GDP), and ICMP Router Discovery Protocol (IRDP). Special routing features include route filtering, priority queuing, access lists, and more.

Figure 7 illustrates an IP routing configuration using the Cisco IOS software. In this configuration, the host is connected to an Ethernet and forms a routing connection with access servers at remote sites.

Figure 7: Asynchronous Remote Access Routing Connectivity

Security Features

Full network-access control features help to ensure system and network security. Security features provide restrictions to resources on the network. The following security mechanisms are supported by access services:

For information about using any of these security mechanisms, refer to the chapter "Managing the System" in the Configuration Fundamentals Configuration Guide.

Copyright 1989-1998 © Cisco Systems Inc.