This chapter provides an introduction to the chapters in the Access Services Configuration Guide. The chapters in this publication describe access services, which consist of the following functions:
Routers that support access services enable single users to access network resources from remote sites. Remote users include corporate telecommuters, mobile users, and individuals in remote offices who access the central site. Access services connect remote users over serial lines to modems, networks, terminals, printers, workstations, and other network resources on LANs and WANs. In contrast, routers that do not support access services connect local-area networks (LANs) or wide-area networks (WANs).
Figure 2 illustrates these four access services available in the Cisco IOS software:
The Cisco IOS software permits you to connect to asynchronous serial devices such as terminals and modems and to configure custom device operation. You can configure a single physical or virtual line or a range of lines. For example, you can configure one line for a laser printer and then configure a set of lines to switch incoming modem connections to the next available line. You also can customize your configurations. For example, you can define line-specific transport protocols, control character, and packet transmissions, set line speed, flow control, and establish time limits for user access. The chapter "Configuring Terminal Lines and Modem Support" in this publication describes these tasks.
Remote node services permit remote users to connect devices over a telephone network using the following protocols:
Terminal services permit asynchronous devices to be connected to a LAN or WAN through network and terminal-emulation software including Telnet, rlogin, NetWare asynchronous services interface (NASI), Digital's Local-Area Transport (LAT) protocol, and IBM TN3270. (See Figure 5.)
Access services permit terminals to connect with remote hosts using virtual terminal protocols including Telnet, NASI, LAT, TN3270, rlogin, and X.25 PAD. You can use a router that supports access services to function as a terminal server to provide terminal access to devices on the network.
A host can also connect directly to an access server. In IBM environments, TN3270 allows a standard ASCII terminal to emulate a 3278 terminal and access an IBM host across an IP network.
In Digital environments, LAT support provides a terminal with connections to VMS hosts. X.25 PAD allows terminals to connect directly to an X.25 host over an X.25 network through the router. X.25 PAD eliminates the need for a separate PAD device. This connection requires use of one of the synchronous serial interfaces on the router supporting access services.
Figure 5 illustrates terminal-to-host connections using a Cisco 2509 router.
Protocol translation services are essentially an extension of terminal services. A user running a TCP/IP based application can connect to a host running a different virtual terminal protocol, such as Digital's Local Area Transport (LAT) protocol. The Cisco IOS software converts one virtual terminal protocol into another protocol. (See Figure 6.) Protocol translation enables users to make connections to X.25 machines using X.25 PAD.
Routers translate virtual terminal protocols to allow communication between devices running different protocols. Protocol translation supports Telnet (TCP), LAT, and X.25. One-step protocol translation software performs bidirectional translation between any of the following protocols:
Figure 6 illustrates LAT-to-TCP protocol translation.
Connecting to IBM hosts from LAT, Telnet, rlogin, and X.25 PAD environments requires a two-step translation process. In other words, users must first establish a connection with the router, then use the TN3270 facility to make a connection to the IBM host.
Remote access routing services enable full-featured Internet Protocol (IP), Novell Internet Packet Exchange (IPX), and AppleTalk routing over asynchronous lines. These same routing functions are found on all router platforms. (See Figure 7.)
The Cisco IOS software supports full routing functionality, which enables routers performing access services to determine the most efficient path for sending data packets to a destination address outside the LAN. The router gathers and maintains routing information to enable the transmission and receipt of data packets. Routing information takes the form of entries in a routing table, with one entry for each identified route. The Cisco IOS software can create and maintain the routing table dynamically to accommodate network and configuration changes when they occur.
Other WAN services include dial-on-demand routing (DDR) of IP and IPX, X.25, Frame Relay, and SMDS. Full IP and Novell IPX routing services are also supported.
A key feature of asynchronous routing is its ability to provide low-cost operation over normal dial-up telephone networks. The router's routing capabilities provide remote home and sales offices with cost-effective access to a central site. For example, traffic from PCs and UNIX workstations can be routed through a router, eliminating multiple phone lines and modems. Routing over asynchronous lines also provides significant phone-line savings for small offices by allowing dial-up telephone lines to be used rather than more costly leased lines. The Access Services Quick Configuration Guide describes DDR over dialup modem lines.
Routing protocols include Internet Gateway Routing Protocol (IGRP), Enhanced Internet Gateway Routing Protocol (Enhanced IGRP), Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP), Exterior Gateway Protocol (EGP), Gateway Discovery protocol (GDP), and ICMP Router Discovery Protocol (IRDP). Special routing features include route filtering, priority queuing, access lists, and more.
Figure 7 illustrates an IP routing configuration using the Cisco IOS software. In this configuration, the host is connected to an Ethernet and forms a routing connection with access servers at remote sites.
Full network-access control features help to ensure system and network security. Security features provide restrictions to resources on the network. The following security mechanisms are supported by access services:
For information about using any of these security mechanisms, refer to the chapter "Managing the System" in the Configuration Fundamentals Configuration Guide.