Re: RE: 500-CS...HELP!! [7:2414]......here is my 500-CS config [7:2536]
**WARNING - THE VERBOSITY BIT IS SET - THIS MESSAGE IS DISCARD ELIGIBLE IF YOUR BUFFERS ARE FULL** Hi, I think there may be a degree of misunderstanding about the use of the no exec command. If you have seen this command used in an access server that provides dialin access to corporate users, or you have configured an access server for a typical ISP, that is probably an appropriate place for this command. When you place no exec under a given line, it will preclude any use of an executive process (user or privileged). Dont take my word on it. Lets all do a little test on our home routers. First, do not do this test in a production network, period. Second, it you are a little weak on the IOS, you may want to brush up on your password recovery procedures; you will need it later. Here goes. I will show you three different ways to test this. First, go to the console port of your router **DO NOT TELNET IN** Next, configure your router as follows: router# router(config)# router(config)#lin vty 0 4 router(config-line)#no exec router(config-line)#exit router(config)#int loopback 77 router(config-int)#ip add 1.0.0.1 255.0.0.0 router(config-int)#end router# Now attempt to telnet into your own router using any accepted telnet command, such as: router#telnet 1.0.0.1 or, router#connect 1.0.0.1 or, router#1.0.0.1 You should get the following output: 2503#telnet 1.0.0.1 Trying 1.0.0.1 ... Open [Connection to 1.0.0.1 closed by foreign host] The connection will not open. Since we did not have any access class commands applied, the only other explanation is that a vty line is dedicated for one purpose, namely to run an executive process. You can either telnet into the vty to do user exec commands, or privileged exec commands. When the line has been restricted so that no exec is in place, then the vty line is effectively shut down and no connection is allowed. Remove the no exec command under the vty lines and reattempt it. You will note it works. Lets try it a second way. This time, we will implement the following commands on any cisco router that has both an AUX port and a console line. We will change the AUX port into a line configuration and we will issue the no exec command on the AUX line. Before you start, make sure your configuration is clear under the AUX line and console lines. It should similar to this: line con 0 transport input all line aux 0 transport input all Go ahead and verify you get a command prompt in both AUX and console lines. Verify you have interactivity by starting a ping to 1.0.0.1 on each (physically plug into both ports). Then execute the following additional commands while plugged into the AUX line: router#conf t router(config)#lin aux 0 router(config-line)#no exec router(config-line)#end router# Try a ping again. It will work. Now save your configuration with the following command and execute a reload while still plugged into the AUX line: router#copy run start router#reload Proceed with reload? [confirm]y 07:35:36: %SYS-5-RELOAD: Reload requested The last line is the last entry you will see. When the router reboots, you will not be able to see any output. You may be asking yourself why the command did not take place immediately as most commands do. It did take place immediately however, you were still on a connected line. Once the connection is severed (via a reload), then the AUX line will have no exec process when the system reboots. This can be further verified once the system boots by attempting to get a router prompt from the AUX line. When you are unsuccessful, plug into the console line and go into line configuration mode and restore the exec process with the following commands: router#conf t router(config)#lin aux 0 router(config-line)#exec router(config-line)#end router# Log back into the AUX line and verify it now works properly. On some routers you may have to reboot to get this to take effect. The final check on this is to do the same test with the console line. WARNING - DO NOT ATTEMPT TO DO THIS UNLESS YOU ARE VERY FAMILIAR WITH PASSWORD RECOVERY!!! Plug into the console line and type the following: router#conf t router(config)#lin con 0 router(config-line)#no exec router(config-line)#end router# Run the same test and verify all functionality is still there, e.g. execute a ping and get a response. Everything should work just fine. Save your config and do a reload as before: router#copy run start router#reload Proceed with reload? [confirm]y 07:35:36: %SYS-5-RELOAD: Reload requested This time you are going to notice something really strange and different. You will note that you can watch the router reload and go through its POST and execute its startup-config. The only problem is that you cannot tell the router to do anything because you guessed it, you have no exec on the console line. You will see output go by one the screen, but you cannot
Re: CVOICE - Cisco Voice Over Frame Relay, ATM, and IP [7:2537]
Michael I am using Caputo - Cisco Packetized Voice Data Integration ISBN 0-07-134777-1 it is good read but will require additional supplementary information (eg CIPT hardware etc)- but most on the list seem to recommend Integrating Voice and Data Networks by Scott Keagy (I have ordered it bit I won't see it before my test - takes two or more weeks to get to the bookstore) Another recent addition is Cisco Voice over Frame Relay, ATM and IP ISBN 1578702275 (have not read it can't say much more) There is also good supplementary information at http://www.cisco.com/warp/public/625/ccie/recertifications/multiserv_blueprint.html Good luck! Michael Bambic wrote: Anybody know a good book for this Exam? I can't seem to find one. Thanks! Mike Bambic FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- -- Regards Edmund Woltynski ___ The information transmitted by the following e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (618) 83711492, and delete the communication from any computer or network system. - Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2537t=2537 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: has anybody tried non-Cisco approved flash/memory [7:2498]
Recently did the same - was apprehensive about using non-recommended Cisco parts, in lab equipment - used Kingston and has not missed a beat so far. Adam Burgess wrote: I have 8 2500's, two 2600's and a 4500M, all with Kingston Flash and DRAM and I have never had a problem with any of them. Regards Adam -Original Message- From: xc [mailto:[EMAIL PROTECTED]] Sent: Monday, 30 April 2001 11:34 AM To: [EMAIL PROTECTED] Subject: has anybody tried non-Cisco approved flash/memory [7:2498] I need to upgrade some of my lab routers to handle 12.0 and 12.1. These IOS's are resource hogs, so apparently I need to pump up the DRAM and flash. So, has anybody tried out some of those non-Cisco approved DRAM and flash units? Don't worry, none of my routers are going to be used in a production environment. But I won't do it if these units completely blow some circuit on the router. XC FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- -- Regards Edmund Woltynski ___ The information transmitted by the following e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (618) 83711492, and delete the communication from any computer or network system. - Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2538t=2498 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dialup behind PIX and Telephony services!!!! [7:2539]
Dear All, I installed my PIX firewall and configured my Dialup users to work behind it ofcourse using private IPs for the dialup and the PIX do NAT to access the internet.. Many clients complain that they could not use the telephony services such as MSN calling services and others... Is this problem caused by the PIX firewall??? If so, then what is the solution or setting to aviod this issue Please help me soon as I am going to lose my clients because of this problem... Worm regards Magdy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2539t=2539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco [7:2540]
unsubscribe cisco -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Edmund Woltynski Sent: Monday, April 30, 2001 12:31 AM To: [EMAIL PROTECTED] Subject: Re: has anybody tried non-Cisco approved flash/memory [7:2498] Recently did the same - was apprehensive about using non-recommended Cisco parts, in lab equipment - used Kingston and has not missed a beat so far. Adam Burgess wrote: I have 8 2500's, two 2600's and a 4500M, all with Kingston Flash and DRAM and I have never had a problem with any of them. Regards Adam -Original Message- From: xc [mailto:[EMAIL PROTECTED]] Sent: Monday, 30 April 2001 11:34 AM To: [EMAIL PROTECTED] Subject: has anybody tried non-Cisco approved flash/memory [7:2498] I need to upgrade some of my lab routers to handle 12.0 and 12.1. These IOS's are resource hogs, so apparently I need to pump up the DRAM and flash. So, has anybody tried out some of those non-Cisco approved DRAM and flash units? Don't worry, none of my routers are going to be used in a production environment. But I won't do it if these units completely blow some circuit on the router. XC FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- -- Regards Edmund Woltynski ___ The information transmitted by the following e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (618) 83711492, and delete the communication from any computer or network system. - FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2540t=2540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT problem with 827 [7:2541]
Hi groups, Anybody can help me ??? I have a problem 827 ADSL cisco router with NAT. If I do NAT with atm interface for the users to connect to the internet, I can do telnet and ping from the outside to the atm interface. But If I do nat with another ip address ( other static ip range ),i can not telnet or ping from outside to the atm interface. you know if we subscribe to the ISP we will get two kind of public ip address range, one for interface and another for static ip address which are for web server, email server, nat, or whatever. So Is it a IOS bugs or, something wrong about my config. FYI, I permit all for the access list. thanks regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2541t=2541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Anil Panjwani/Bombay/IN/i2Tech is out of the office. [7:2542]
I will be out of the office starting 04/24/2001 and will not return until 05/14/2001. hi i am out of office currently, please contact girish gavaskar for any official work or contact me on [EMAIL PROTECTED] if it is personal for me. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2542t=2542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VLAN's and Routers [7:2534]
Hi Sammi, You can create 10.200.1.x/24 as VLAN 1 10.200.2.x/24 as VLAN 2 this will isolate the broadcast within the VLAN. You can't create 10.200.1.x/16 as VLAN 1 10.200.2.x/16 or /24 as VLAN 2 because VLAN 2 will become part of VLAN 1, does not serve the purpose of having VLAN configuration. Andy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 2:14 PM To: [EMAIL PROTECTED] Subject: VLAN's and Routers [7:2534] Still struggling with VLAN's and a basic question escapes me. If I create: VLAN1 as 10.200.1.x/16 VLAN2 as 10.200.2.x/16 or /24 I get VLAN's overlap, which I assume is a bad thing (at least at my skill level, I understand you could use overlapped VLAN's). So, I'm confused how I can assign scopes to each VLAN, what the exact rules are. I'm starting to come to the conclusion I cannot use VLAN's without a router. Is that a correct assumption? Any help, tips, leads appreciated. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2543t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Internet Tunneling [7:2544]
Hello everyone Could someone please explain how I would go about connecting two private networks (behind two routers, each connected to the internet) over the Internet using some form of Tunnelling? Is there any special IOS release I need? Any special hardware? Security is not a great concern. I have been looking into L2TP, am I on the right track?? Thanks for any help you can provide! Sam. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2544t=2544 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco IOS Question [7:2545]
Hello everyone! Just wondering if someone could explain the difference between the different IOS Feature Packs. Ie. What is the difference between IP Only, IP Plus, IP/Firewall etc etc. Do you know of a site that compares the capabilities of each? I have been looking on the Cisco website with no luck so far Also, I am looking at buying a 2651 router, and was just wondering if the IOS that comes with the router is capable of routing IPX as well as IP. How expensive is it to buy additional software if it is not supported?? thanks Sam. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2545t=2545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco IOS Question [7:2545]
Generally, IP is come with Router free. Generally speaking, different IOS has different feautre. You need to order IP/IPX feature set for cisco 2650 series at least, IOS is more expensive than the router if you order from cisco partner. hope this help Vincent Sam Deckert Hello everyone! Just wondering if someone could explain the difference between the different IOS Feature Packs. Ie. What is the difference between IP Only, IP Plus, IP/Firewall etc etc. Do you know of a site that compares the capabilities of each? I have been looking on the Cisco website with no luck so far Also, I am looking at buying a 2651 router, and was just wondering if the IOS that comes with the router is capable of routing IPX as well as IP. How expensive is it to buy additional software if it is not supported?? thanks Sam. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2546t=2545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE written test questions [7:2497]
TCP Slow Start is a term used to describe TCP's windowing mechanism and the process that it goes throught to expand and contract the window size. It describes how TCP starts out with a small window size and slowly increases it. Then, upon loss of data will immediately reduce this window only to slowly ramp it up again. Hope this helps... scott mann wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I have three questions that I cannot seem to find the answer to. ANy of you learned people out there would be very much appreciated if you could give me your best shot at these. I have my written tommorow and these questions are stuck in my craw; What is Fast Link Pulse? What is meant by TCP Slow Start? What is the result of sending a loop up signal to the CSU/DSU? I eagerly await any input. Thanks, Scott _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2547t=2497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco IOS Question [7:2545]
You may need to have a CCO ID to access this page but here is the Cisco feature Navigator page. This will allow you to pick a feaure/platform and see what Feature pack it is available in. While this doesn't specifically address your question i have found it to be pretty helpful. This is especially helpful when i do configurations for customers and they have a specific feature that they need. I can then look it up and decide which service pack to add then go to the memory tool to make sure i have enough for the feature set. Ed Dombrowski http://www.cisco.com/cgi-bin/Support/FeatureNav/FN.pl Sam Deckert wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello everyone! Just wondering if someone could explain the difference between the different IOS Feature Packs. Ie. What is the difference between IP Only, IP Plus, IP/Firewall etc etc. Do you know of a site that compares the capabilities of each? I have been looking on the Cisco website with no luck so far Also, I am looking at buying a 2651 router, and was just wondering if the IOS that comes with the router is capable of routing IPX as well as IP. How expensive is it to buy additional software if it is not supported?? thanks Sam. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2548t=2545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Secure PIX Firewall Advanced (9E1-571) [7:1481]
I would say that there is a fair amount of subject matter overlap, but that the CSPFA questions are significantly harder. The MCNS didn't have any type in questions and those are abundant on CSPFA. The MCNS questions I remember on the Pix and IOS Firewall were really pretty easy and more conceptual than anything. CSPFA tests the details more. Tommy Dropped Packet wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... For those who have taken this and MCNS, how much overlap was there? What materials did you use to prepare? Thanks! _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2549t=1481 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
so weird [7:2550]
I have a router configured 216.226.97.130 for eth0 as local network gateway, and ip route 0.0.0.0 0.0.0.0 x.x.x.x, everything is working fine except one program: intny7.ilx.net. On any workstations, I can not ping this host which says time out. If I run route print on the workstations, it says network destination: 162.8.232.166, netmask 255.255.255.255, gateway 216.226.97.132. I wonder why it does not go through the default gateway 216.226.97.130 to get out, and tries a wrong gateway 216.226.97.130. Any idea will be appreciated. Shawn Xu _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2550t=2550 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help extra ethernet connection for a 2501!! [7:2187]
It may be that it is actually a 2501 and the serial link is attached to a terminal adapter (we used to do this with JTEC TA's in them thar good ole days the micro channel switching type (ts013) in the land of Oz) which would give the ISDN connectivity. Either way then the answers below are still valid (ie what Jenny said) BTW - I wonder when Cisco will finally change its recommended Australian type to net3/net5 - the ETSI standard. The old switch type is still in its latest books and manuals - has anyone told the yet? Take care all - [EMAIL PROTECTED] wrote: Doesn't sound like a 2501 to me - they don't have BRI interfaces. Did you mean a 2503? I'm not quite clear on your setup, but anyway... No, you can't use a serial interface to connect to a LAN. No, you can't add more LAN interfaces to a 2500 series router. They are fixed config, not modular. Can you connect to the 'outside world' using a cross-over cable to a serial port in the 'outside world' perhaps? Or is your 2500 in the outside world? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 27/04/2001 04:26 pm --- Dan Pearson @groupstudy.com on 27/04/2001 08:36:49 am Please respond to Dan Pearson Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: help extra ethernet connection for a 2501!! [7:2187] Hi, I am setting up a test lab environment for a windows 2000 migration and want to have access to the outside world, the problem is we have a 2501 router which currently has the bri and ethernet interfaces in use, I need another ethernet interface for the test LAN, is there anyway I could utilise the serial connections for the test LAN? I m guessing that you cant put another ethernet card into the router due to the chassy type...i might be wrong...help! cheers in advance Dan FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- -- Regards Edmund Woltynski ___ The information transmitted by the following e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (618) 83711492, and delete the communication from any computer or network system. - Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2551t=2187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Differences between TACACS+ and Cisco ACS [7:2245]
Bill, Are you sure about this? I've contacted Cisco TAC support and have been told it is NOT possible because Cisco ACS itself does NOT https. Can anyone confirm this? Thanks Sean From: Bill Pearch Reply-To: Bill Pearch To: [EMAIL PROTECTED] Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Date: Mon, 30 Apr 2001 02:16:01 -0400 With NT/2000 and IIS4 or IIS5 we can make any HTTP:// site a HTTPS:// site with a couple of mouse clicks. If you are using Win2K there is a heck of a help file that will walk you through the process, step by step. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 29, 2001 7:19 PM To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] You can access it using a browser anywhere. This is what I am worried about. When you are talking about controlling ACS via the web browser interface, does it use standard http or https. If it uses the standard http, then everything can be captured by a sniffer. Can anyone confirm this? Thanks. Sean From: nana Reply-To: nana To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] Date: Sun, 29 Apr 2001 18:08:09 -0400 CiscoSecure Version 2.6 was for Windows NT/2000 is actually a very improved product compared to its preds. Easy to configure and manage. You can access it using a browser anywhere. It also allows you to control the admin access itself so that others can manage usersgroups etc but not the top admin level functions Sean Young wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Everyone, The company I am working for is considering purchasing Cisco ACS software. This piece of software will be running on Solaris platform. Currently, I am using TACACS+ (self-supported software with source code) on our environment running on both Solaris and linux platforms (Primary TACACS is on Solaris and backup is on Linux). We've modified the source code so that each user has his/her own privilige password so that we have a record of who is doing what on the network devices (accounting purpose). Everything is running smoothly and the company is happy with the result. In my opinion, learning CLI in Unix/linux is not an easy task to master. Because of this, I am solely responsible for the TACACS servers. Finding someone to train for this thing is NOT an easy thing (thanks to Microsoft mentality of POINT-and-CLICK attitude of new people coming into the IT field these days). I've tried to train several people for this task but it was unsuccessful. Because of this, the company is considering of migrating the TACACS server from Solaris/Linux over to Microsoft Windows platforms (YIKES) so that we can find additional support staffs. The software package that we consider is Cisco ACS. I have several questions regarding this package: 1) Is this software stable on a Windows platform? (Sorry I have to ask) 2) How long does it take to train a newbie to be efficient with Cisco ACS running on Winblows platform? 3) Does Cisco ACS support enable privilege for each individual user (i.e does each user have his/own enable password)? If anyone has done it before or have a similar experience, I would like to hear from you. Many thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2552t=2245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Excessive Retransmissions UPDATE [7:2553]
Just wanted to update the list on this matter because I feel that it could very easily happen to anyone of you and it was very difficult to locate the problem. Got to blame this one on Big Blue hardware. Yes, the AS400 was the cause of all our problems here, once again. Apparently several days prior to this problem, the AS400 was upgraded and a rollover software called Visions was added. This is similar in function to HSRP. A third party software that allows rollover from one AS400 to another. Anyway, during the setup for the rollover testing it was recommended that some static routes in the AS400 be cleaned up and deleted. Way to go Visions! Our AS400 folks didn't know any better and just deleted static routes down from about a dozen to 4!!! Our symptoms were major broadcast storms of retransmissions. Got to keep a close eye on those big blue boys! Of course, as always, it was a network problem and the network team solved it!!! Is it at all possible that IBM could come up with a more worthless IP stack? Bob Sites, CCNA Winchester Medical Center Do you have a TACAC's, Syslog server, or SNMP database server. Helps you find the who, what, where, when things started. Sometimes you gotta dig backwards when the obvious just won't present itself. My guess is that you have a link down, a flapping interface, or had bounce on a link that the protocol wasn't configured to handle. Please keep us posted with your success or failures Phil Perhaps someone could steer me on this problem that I've been fighting for a day and half now. We are having a severe slowdown on our network and when looking at the IP traffic from just about anywhere to anywhere, about 1/3 of the packets are being retransmitted? Sniffer error is excessive retransmissions. Spent about 3 hours on the phone this morning with the TAC and didn't really get anywhere. It appears that we are having a broadcast storm of the retransmissions. Any insight into what direction to head would be greatly appreciated. Would like to isolate the problem by blades on the switches or routers, but being a hospital this is almost impossible. We have 2 core 6509's with duplicate sups and msfc's. Main router is a 7200. Bob Sites, CCNA Winchester Medical Center Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipients and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2553t=2553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ATM Bit rate [7:2256]
many thanks... also who-ever recommended the atm book nice one steve :-) From: Carroll Kong Reply-To: Carroll Kong To: [EMAIL PROTECTED] Subject: Re: ATM Bit rate [7:2256] Date: Fri, 27 Apr 2001 12:07:33 -0400 At 10:39 AM 4/27/01 -0400, Stephen Skinner wrote: Guys, i`m looking for a good explanation of what this is... i looked on the archives and cisco site,but beleive i am bieng thick . according to cisco the bit rate comes in various flavours UBR,VBR,CBRbut am i getting this complete leg-before-arm i thought the bit rate was a messunment of how fast the link was ??? i don`t get it ...some-one put me out of my misery thanks steve :-$ They are the types of QoS. Service classes defined by the ATM standards. (UNI 4.0) Unspecified Bit Rate (AAL5, pretty much Best Effort) Variable Bit Rate (AAL2, for variable bit video, never really took off) Constant Bit Rate (AAL1, for constant, guaranteed bandwidth) There is also ABR (available bit rate), (takes left over bandwidth). For your information, AAL0 is raw ATM cells, and AAL3/4 is combined together. In theory, AAL3/4 is absolutely obsoleted by AAL5 since the cell tax would have been higher. (CRCs in EACH cell vs each PDU (9180 octets or so)). Also, VBR has two forms, Non-real time and real time. The actual ATM adaption type I listed above may vary, as ATM is very complicated and the standards get fuzzed left and right. I hope anyone with more definitive knowledge can help you fill in the gaps I may have left. -Carroll Kong FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2554t=2256 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco 1750 [7:2555]
Can anyone tell me if a DSP card is required in a 1750 for a VIC-2FXS to be recognised by the IOS? I have a voice IOS but it's not showing the VIC as being installed. Thanks, Dion * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2555t=2555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IS-IS: Default route for L1 router [7:2485]
The way I always understood it was that the default-information originate command was used as a way to implement a default route in a single IS-IS area network or to override the ATT default by the level 2 router connected to another area. In an IS-IS network a level 2 router with an active level 2 adjacency with another area will send level 1 updates with the ATT bit set. All level 1 routers that receive that update will install a default route to the originator. This allows for inter area routing. However, if there are multiple level 2 exit points within the area then a level 1 router will always install a default to the closest exit point when only using the ATT bit. This is not always the most efficient routing since level 1 routers have no idea about anything outside of their area and could send traffic to the closest exit point instead of the shortest path. There are 2 ways around this. First, by using default-information originate you can override which default gets installed in level 1 routers. Using this command overrides defaults implemented with the ATT bit. Secondly you can use route leaking which allows you to redistribute level 2 (backbone routes) into level 1 areas. HTH, -Michael Cohen CCIE #6080 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of aaa aaa Sent: Monday, April 30, 2001 12:17 AM To: [EMAIL PROTECTED] Subject: Re: IS-IS: Default route for L1 router [7:2485] The adjancencies are formed, here clns routing is automatically enabled when you enter routing isis, but actually clns routing is not enabled at any interface, so it will not try to build clns routing table. According to Doyle's book, you need to do something to let L1 knows the default route, for example, have clns routing command *on* interface level. Or have L1L2 router generate a default route, but I have neither one configured here. Probably it's a new enhancement after 11.2. I don't know. --- andyh wrote: I'm not convinced that you have L1-L2 adjancencies as you think - you have a fairly random mix of circuit-types on the interfaces and is-types on the isis processes. Might want to do a sh clns neighbors on each router to see that the adjancencies are as you think they are. Don't recall quite how default/unspecified circuit-types will behave, but prolly worth checking Also, you *do* have clns routing enabled on all the routers. As far as loopbacks go, I would always run link-state protocols off Lo interfaces, even in the lab - gives you a few extra routes in the table to play with, nice to have non-direct-link routes in there to check your connectivity. This may well be a bug - as per Control Program, but good to be certain of what we're actually looking at first-off Andy - Original Message - From: Jerry Seven To: Sent: Monday, April 30, 2001 3:30 AM Subject: Re: IS-IS: Default route for L1 router [7:2485] Actually I have 1 L1/L2 which is in 12.1, and two L1 routers, one is in 11.3, another is also in 12.1 same as L1/L2, same result, no luck. Here is the topology, the links are all ethernet: E0/1 F2/3 G1/2 G1/2 -- NSX(L1) --- Corvette(L1/L2) -- Boxster(L1) -- Here is related config(trimmed): For NSX: version 11.3 clns routing interface Ethernet0/1 ip address 192.20.20.2 255.255.255.0 ip router isis router isis net 01.0050.731d.1941.00 is-type level-1 NSX#show ip ro i*L1 0.0.0.0/0 [115/10] via 192.20.20.1, Ethernet0/1 NSX# For Corvette: version 12.1 clns routing interface GigabitEthernet1/2 ip address 118.60.0.2 255.255.0.0 ip router isis isis circuit-type level-1 interface FastEthernet2/3 ip address 192.20.20.1 255.255.255.0 ip router isis isis circuit-type level-1 router isis net 01.0030.b636.fe61.00 For Boxster: version 12.1 clns routing interface GigabitEthernet1/2 ip address 118.60.0.1 255.255.0.0 ip router isis router isis net 01.00d0.97f2.8c8c.00 is-type level-1 Boxster#sh ip ro i*L1 0.0.0.0/0 [115/10] via 118.60.0.2, GigabitEthernet1/2 Boxster# I have loopback if defined in each router, but I don't think it's related to this. Thanks, Jerry - Original Message - From: andyh To: Jerry Seven ; Sent: Sunday, April 29, 2001 6:36 PM Subject: Re: IS-IS: Default route for L1 router [7:2485] I would go with what works in your lab!! seriously - try putting 11.3 on both routers, then 12.1 on both, and then reverse the 11.3/12.1 (so 12.1 on L1 and 11.3 on L2) and see what happens. I would imagine that you can get away with not enabling CLNS if you have IS-IS on just a P2P link - maybe not in a multi-router environment - are you running off loopback interfaces, or just the physicals? I have had trouble with this in the past - albeit in a
Re: VLAN's and Routers [7:2534]
Just think of VLANs as normal broadcast domains. One routes between broadcast domains. Your config does not create an overlap between the VLANs, but rather between the IP subnets. To properly route between broadcast domains, you must have unique IP subnets that do not overlap. Pete *** REPLY SEPARATOR *** On 4/30/2001 at 2:13 AM Sammi wrote: Still struggling with VLAN's and a basic question escapes me. If I create: VLAN1 as 10.200.1.x/16 VLAN2 as 10.200.2.x/16 or /24 I get VLAN's overlap, which I assume is a bad thing (at least at my skill level, I understand you could use overlapped VLAN's). So, I'm confused how I can assign scopes to each VLAN, what the exact rules are. I'm starting to come to the conclusion I cannot use VLAN's without a router. Is that a correct assumption? Any help, tips, leads appreciated. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2558t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Status for CCIE if passed only written [7:2557]
If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2557t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. -Original Message- From: Israel Lima [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Status for CCIE if passed only written [7:2557] If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2559t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ccna 2.0 [7:2560]
What equipment is need to study for the ccna 2.0 exam thanks Eric James Network Systems Engineer Franklin County Data Center 373 South High Street 9th Floor Columbus, Ohio 43215 ** The opinions expressed herein are those of the author and not those of Franklin County Data Center or any other company, governmental agency, or organization. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2560t=2560 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: help extra ethernet connection for a 2501!! [7:2187]
There is no such thing as a serial to Ethernet adapter. It's either 2 IP addresses to e0, no internet access, another router, or setting up a win2k box with dual NICs and enabling IP Forwarding (routing). The only stipulation is that the one particular Win2k box will be plugged into the production lan ETHERNET segment. If finding funding for another router such as a 1005 with a serial and ethernet interface is nigh on impossible, it may be time to reconsider where you are working.. especially if it is required to support confidence in the health state of the production network. A 1005 shouldn't cost more than $300USD.. how expensive is an hour of downtime on the production network worth? 4 hours? 8 hours? It's simple business politics and accounting.. time to learn how to justify testing gear cost. Regards, Trevor J Corness, CCNA CCDA MCSE MCP+I SCSA SCNA NNCSS Network Design Analyst, Advanced Datacom BMS Communications Services Ltd. http://www.bmscom.com -Original Message- From: Dan Pearson [mailto:[EMAIL PROTECTED]] Sent: April 30, 2001 5:06 AM To: 'Trevor J Corness, CCNA ' Subject: RE: help extra ethernet connection for a 2501!! [7:2187] ok heres another spanner in the works so to speak, how about if I setup one of my win2k boxes as a router (in the test Lan) and via a couple of serial to ethernet adapters (with a 10baseT crossover cable in between) connected it to the serial connection of the cisco router? surely if feesible that would make more sense than binding two ips to one ethernet card, (basically i dont want any packets taking a short cut from the test lan to the production lan) i know this scenario is far fetched but trying to get funding for such a minor project such as wan traffic is nigh on impossible!! some people have no idea!! cheers Dan -Original Message- From: Trevor J Corness, CCNA To: 'Dan Pearson' Sent: 29/04/01 18:18 Subject: RE: help extra ethernet connection for a 2501!! [7:2187] it is possible, but not advisable in an undetermined lab environment. A chattering win2k box could cause problems for your production network. Given limited resources though, I suppose you could do it. conf t int e 0 ip address 192.168.1.0 255.255.255.0 (Production Network) ip address 192.168.100.0 255.255.255.0 secondary (Win2K Lab) would be sufficient. This would also allow ip routing between the Win2k lab, and the production network. Running 2 LANs off of 1 segment though, you are making all of your production network machines look at the MAC address broadcasts from your lab. If both are of a substantial size, it may create a performance issue on your production network. It is really a design issue. Regards, Trevor J Corness, CCNA Network Design Analyst, Advanced Datacom BMS Communications Services Ltd. http://www.bmscom.com -Original Message- From: Dan Pearson [mailto:[EMAIL PROTECTED]] Sent: April 29, 2001 12:01 AM To: 'Trevor J Corness, CCNA' Subject: RE: help extra ethernet connection for a 2501!! [7:2187] thanks for the reply, I wonder is would be possible to run a second ip off the ethernet port on my exsisting router (i.e a hub with the connection to the company lan and the win2k test lab going into the one ethernet port) what do you think? thanks *** Dan Pearson Implementation Engineer Datastream Systems Tel: +61 (0)738340301 Mobile +61 (0)411 649879 email: [EMAIL PROTECTED] web: www.datastream.net *** -Original Message- From: Trevor J Corness, CCNA [mailto:[EMAIL PROTECTED]] Sent: Sunday, 29 April 2001 3:31 AM To: 'Dan Pearson' Subject: RE: help extra ethernet connection for a 2501!! [7:2187] You can not add any interfaces to an existing 2500-series router.. and like Jenny said, this sounds more like a 2503. Another possibility, would be to find another 2501/2503 router, use a back-to-back serial, and use the ethernet on that router to your lab. Your lab would look a little like this: Outside world | (BRI) | Cisco 250x -(e0)LAN | (S0) | Cisco 250x -(e0)Win2k Lab Regards, Trevor J Corness, CCNA CCDA Network Design Analyst, Advanced Datacom BMS Communications Services Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dan Pearson Sent: April 26, 2001 3:37 PM To: [EMAIL PROTECTED] Subject: help extra ethernet connection for a 2501!! [7:2187] Hi, I am setting up a test lab environment for a windows 2000 migration and want to have access to the outside world, the problem is we have a 2501 router which currently has the bri and ethernet interfaces in use, I need another ethernet interface for the test LAN, is there anyway I could utilise the serial connections for the test LAN? I m guessing that you cant put another ethernet card into
RE: OFF TOPIC -Job Offer without Interview?? [7:2369]
HEY !!! You got a problem with drinkin beer and pickin yer toes ?? :-) Depending on what you see when you visit his site, you should know. You should definately talk with some of the other employees of this company first. --- adam lee wrote: I had a situation like that. A ten min tech interview at job fair. I guess that's ten mins more then yours! They constantly bothered me after the fair about coming aboard without giving me a real interview. I wasn't comfortable and just blew the whole thing off. If you feel the same, investigate more or just turn it down. Unless, of course, you're broke:)) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Saturday, April 28, 2001 11:38 AM To: [EMAIL PROTECTED] Subject: Re: OFF TOPIC -Job Offer without Interview?? [7:2369] I think it would be a mistake to take a job without an in-person interview. I did it once. My boss turned out to be an (expletive deleted). Priscilla At 04:58 AM 4/28/01, you wrote: Gd' Day Everyone, I need some input (comments, criticisms, enlightenment, suggestions, etc.) rather quickly. I'm in the DC metro area. Someone grabbed my resume off Monster and called me two weeks ago -- asked NO technical questions -- and basically gave me a brief synopsis of his company -- confirmed my salary requirements -- and said he would circulate my resume to others in his company and if there was interest, he'd get back to me. Last nite -- Friday 4/27 at about 8:00 p.m., he calls again -- asks only if I'm available -- and then says I can report to work on Tuesday 5/1. Again, no technical questions -- simply confirmed my salary requirements -- and simply wanted me to FAX a copy of my certs to him. Nothing else. Then I slowed him down. Asked about benefits, including training, etc. and then asked about the job Turns out he has a contract with a Freddie-something? Agency and needs a NP/DP as he put it (CCNP/CCDP) to show up on Tuesday for about 3 mos. Althought he assured me that I would be a PERMANENT employee and he had other projects to put me on after this job was complete. When I pushed questions about the benefits, he offered to have his benefits person call me Monday -- until I suggested that I come to his company offices Monday to SEE his site. Now I have to decide whether this is really a suitable position to want to put on my resume, and whether it's really legit. I have serious doubts about someone who would hire an employee over the phone, sight unseen (I could be picking my toes, drinking beer, a fat old redneck! -- I'm not!). If he's willing to hire in such a fashion -- isn't he doing a disservice to his client -- and won't he be just as likely to fire me -- on a whim. Is this a safe job -- am I really going to get paid? What do I say to the client if asked?? I''ve got very bad vibes about this -- but I don't know if my suspicions are justified!!! All replies will be appreciated! Greg Macaulay FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Chris from Chicago MasterCNE, 5.x CNE, ICNE, 4.x CNE, CCNA, MCP __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2561t=2369 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
From CCO, located at http://www.cisco.com/warp/public/625/ccie/ccie_program/policies.html Written Exam Expiry Candidates must attempt the CCIE Lab exam within one year of passing the CCIE Qualification exam. As long as a candidate attempts the CCIE Lab at least once every 12 months, the candidate may take up to three years to pass the Lab Exam. However, if a candidate has not passed the CCIE Lab exam within three years of passing the written exam, he or she must retake the CCIE Qualification exam before the candidate will be allowed to schedule the Lab exam again. Lupi, Guy 4/30/01 8:25:50 AM You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. -Original Message- From: Israel Lima [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Status for CCIE if passed only written [7:2557] If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2563t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Spanning Tree Protocol [7:2564]
Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2564t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
That is incorrect. This passage is directly from the Cisco web page on the CCIE lab: Candidates must attempt the CCIE Lab exam within one year of passing the CCIE Qualification exam. As long as a candidate attempts the CCIE Lab at least once every 12 months, the candidate may take up to three years to pass the Lab Exam. However, if a candidate has not passed the CCIE Lab exam within three years of passing the written exam, he or she must retake the CCIE Qualification exam before the candidate will be allowed to schedule the Lab exam again. You have to take the lab w/in 1 year of the written, but you have three years to pass the lab, as long as you take it once a year. Here is the link if you want more details: http://www.cisco.com/warp/public/625/ccie/ccie_program/policies.html Jason Coleman - CCNP, CCDP Customer Engineer -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 9:26 AM To: [EMAIL PROTECTED] Subject:RE: Status for CCIE if passed only written [7:2557] You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. -Original Message- From: Israel Lima [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Status for CCIE if passed only written [7:2557] If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2565t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 1750 [7:2555]
You do not need DSP card as I know. Radford Dion wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can anyone tell me if a DSP card is required in a 1750 for a VIC-2FXS to be recognised by the IOS? I have a voice IOS but it's not showing the VIC as being installed. Thanks, Dion * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2566t=2555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:2564]
Try portfast, if connecrivity issue. John Gotti wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2567t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:2564]
By the way, where is the DHCP server, if your DHCP is located in the other vlan, you need add ip-helper address in your router. Hope this help Vincent Chong John Gotti wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2568t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
No, You have to sit the lab within one year and every other year after until you pass or you have to sit your written again. -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: 30 April 2001 15:26 To: [EMAIL PROTECTED] Subject: RE: Status for CCIE if passed only written [7:2557] You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. -Original Message- From: Israel Lima [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Status for CCIE if passed only written [7:2557] If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2569t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SSH version2 for 7120 [7:2570]
Can anyone point me to the links to be able to configure ssh ver2 on a 7120 router and what ios do I need D'Wayne Saunders Senior MIS Operator, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2570t=2570 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. Nope, if you take the lab, you have another year to pass it, up to a total of three years from passing the written exam. Rob./ (CCNP, CCDP, CCIE Cand.) - _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2571t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:2564]
This is definitely a spanning tree issue. Enabling port fast on the access ports will get rid of the problem. CM -Original Message- From: John Gotti [mailto:[EMAIL PROTECTED]] Sent: 30 April 2001 15:44 To: [EMAIL PROTECTED] Subject: Spanning Tree Protocol [7:2564] Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2573t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ccna 2.0 [7:2560]
What equipment is need to study for the ccna 2.0 exam A brain and some books. thanks Anytime. Eric James Rob./ _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2572t=2560 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:2564]
Strongly in favour, A similar problem occurs in an IPX environment. Make sure all Servers/Clients are 'portfast' and switch/switch disable 'portfast'. Regards, Phil. --- John Gotti wrote: Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2575t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Status for CCIE if passed only written [7:2557]
Apparently I was incorrect, sorry. -Original Message- From: Coleman, Jason [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:47 AM To: [EMAIL PROTECTED] Subject: RE: Status for CCIE if passed only written [7:2557] That is incorrect. This passage is directly from the Cisco web page on the CCIE lab: Candidates must attempt the CCIE Lab exam within one year of passing the CCIE Qualification exam. As long as a candidate attempts the CCIE Lab at least once every 12 months, the candidate may take up to three years to pass the Lab Exam. However, if a candidate has not passed the CCIE Lab exam within three years of passing the written exam, he or she must retake the CCIE Qualification exam before the candidate will be allowed to schedule the Lab exam again. You have to take the lab w/in 1 year of the written, but you have three years to pass the lab, as long as you take it once a year. Here is the link if you want more details: http://www.cisco.com/warp/public/625/ccie/ccie_program/policies.html Jason Coleman - CCNP, CCDP Customer Engineer -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 9:26 AM To: [EMAIL PROTECTED] Subject:RE: Status for CCIE if passed only written [7:2557] You have to pass the lab within one year of passing the written test, or you lose eligibility and must take the written test again. -Original Message- From: Israel Lima [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Status for CCIE if passed only written [7:2557] If u pass the written and then do not schedule or do not pass the LAB, do you loose the CCIE candidate status? What about if you were CCNP, do you loose your CCNP too? Please advise thank you Israel FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2576t=2557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Switching (bridging across 1 vlan) [7:2579]
Hi again, I'm mulling over a possible issue on a (WINDOWS) lan here that uses a Cisco 6509 with a few vlans. One of the vlans is accessable via 2 ports (GE). On one side of the vlan, there is the subnet master browser and, on the other side of the switch are more clients. These clients that are isolated from the master browser are failing to see browse lists. A few things complicate this like the MBrowser is a w2k machine while the clients are win9X. While in the Supervisor module I notice that they are not forwarding the protocols netbios name server and netbios datagram. Other than that everything looks OK. What I'm wondering here is, on a Cat 6509 or on any other for that matter, Does the Packets from the same VLAN traverse the policies on the sup module? As in netbios requests enters ge1 then hits the access lists on the super and gets stopped? I would figure that being in the same vlan and broadcast domain that this would not be tampered with. Any insight would be appreciated. Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2579t=2579 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:2564]
What you were told sounds correct to me. If you have a port that is only connecting to workstations or servers then turn on portfast for that port. That will prevent you from having problems with DHCP. At 08:43 AM 4/30/01, you wrote: Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2578t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: 500-CS...HELP!! [7:2414]......here is my 500-CS config [7:2577]
I think the no exec issue may be a work around for other behaviour on async lines. Specifically for using async lines as a terminal server. I don't know how well the normal octopus cables are insulated but I have noticed lots of noise on these lines. The noise on these lines seem to be able to trigger an exec session which prevents the line from being opened until it is cleared. Using no exec seems to prevent this from happening but you are still able to connect. Now I'm talking through the router out the line connection, not in the line out the router connection which it seems you are talking about. Most times when we're talking about reverse telent we're talking about connecting a line from the server to the console port of another router. In this case, the remote router is not initiating a call down the line, it is accepting a call. We talk about this so much it seems as it is just about the first thing you have to do in the CCIE lab. (so I'm told - haven't been there yet but I have books that say this) I grant that if you tried to make a call into the line with no exec, you probably won't get too far. But in most of the cases we are talking about going the other way. The no exec keeps the line down (available) until we really want it. On our main terminal server at work - a 2611 we have the following line: line 33 48 no exec Now our purpose is to connect to the terminal server to access the lab and to access the console ports of the other routers in the lab pod. When I telnet to w.x.y.z 2033 I get connected to the router at the end of line 33. (which is line 1 on the cable) When on the terminal server console I telnet to port 2033 on the loopback I get to the same place. So, you are correct in what you say - but I think the most often the problem being addressed is that the line is reported as in use and the user isn't the one using it. I have yet to see anyone suggest using no exec on a vty or console line so that doesn't seem to fit into the discussion. My slant - others may vary. Kevin Wigle - Original Message - From: Paul Werner To: Sent: Monday, April 30, 2001 3:10 AM Subject: Re: RE: 500-CS...HELP!! [7:2414]..here is my 500-CS config [7:2536] **WARNING - THE VERBOSITY BIT IS SET - THIS MESSAGE IS DISCARD ELIGIBLE IF YOUR BUFFERS ARE FULL** Hi, I think there may be a degree of misunderstanding about the use of the no exec command. If you have seen this command used in an access server that provides dialin access to corporate users, or you have configured an access server for a typical ISP, that is probably an appropriate place for this command. When you place no exec under a given line, it will preclude any use of an executive process (user or privileged). Dont take my word on it. Lets all do a little test on our home routers. First, do not do this test in a production network, period. Second, it you are a little weak on the IOS, you may want to brush up on your password recovery procedures; you will need it later. Here goes. I will show you three different ways to test this. First, go to the console port of your router **DO NOT TELNET IN** Next, configure your router as follows: router# router(config)# router(config)#lin vty 0 4 router(config-line)#no exec router(config-line)#exit router(config)#int loopback 77 router(config-int)#ip add 1.0.0.1 255.0.0.0 router(config-int)#end router# Now attempt to telnet into your own router using any accepted telnet command, such as: router#telnet 1.0.0.1 or, router#connect 1.0.0.1 or, router#1.0.0.1 You should get the following output: 2503#telnet 1.0.0.1 Trying 1.0.0.1 ... Open [Connection to 1.0.0.1 closed by foreign host] The connection will not open. Since we did not have any access class commands applied, the only other explanation is that a vty line is dedicated for one purpose, namely to run an executive process. You can either telnet into the vty to do user exec commands, or privileged exec commands. When the line has been restricted so that no exec is in place, then the vty line is effectively shut down and no connection is allowed. Remove the no exec command under the vty lines and reattempt it. You will note it works. Lets try it a second way. This time, we will implement the following commands on any cisco router that has both an AUX port and a console line. We will change the AUX port into a line configuration and we will issue the no exec command on the AUX line. Before you start, make sure your configuration is clear under the AUX line and console lines. It should similar to this: line con 0 transport input all line aux 0 transport input all Go ahead and verify you get a command prompt in both AUX and console lines. Verify you have interactivity by starting a ping to 1.0.0.1 on each (physically plug into both ports). Then execute the following additional commands while plugged into the AUX line:
RE: SSH version2 for 7120 [7:2570]
This is true but all documentation on the Cisco website relates to version 1, is version 2 supported D'Wayne Saunders Senior MIS Operator, CCNA -Original Message- From: Tim O'Brien [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 1 May 2001 0:27 To: Dwayne Saunders Subject: Re: SSH version2 for 7120 [7:2570] Using SSH for Terminal Servers SSH is only applied to the VTY's of a router. It cannot be applied to the other LINEs. Terminal Server style access will have to form an SSH session to the router and then form a session to a line to access a device at the end of it. This can be simplified to some extent. If I have a 3620 with an A32, then I can have the following configuration. ! aaa new-model aaa authentication login ruth none aaa authentication login sarah tacacs+ local enable secret 5 *elided* ... interface Loopback0 ip address 12.0.0.1 255.255.255.0 no ip directed-broadcast ! interface ethernet 0/0 ip address 10.1.1.99 255.255.255.0 no ip directed-broadcast ... ! access-list 4 permit 12.0.0.1 ! line con 0 transport input none line 33 41 access-class 4 in no exec login authentication ruth transport input telnet ! ! having the aaa authentication list of ruth applied will allow ! direct access to the lines without prompting for a username/password ! ! having the transport input limited to telnet will prevent other ! sessions attempts to the line ... line vty 0 4 exec-timeout 0 0 password cisco login authentication sarah transport input ssh telnet ! end Then I can start a session from my Unix device directly to a line as follows: unix% ssh -x -t -c 3des -l chris 10.1.1.99 telnet 12.0.0.1 2033 [EMAIL PROTECTED]'s password: *elided* Trying 12.0.0.1, 2033 ... Open DevicePrompt The only thing that I entered was the ssh command and then my password. The rest was automated through until I got the prompt from the device at the end of the line. This is more difficult to do from a Windows client as most of those don't allow the inclusion of the command. In that case, it would be best if you just formed the SSH session to the router and then performed the command: router telnet 12.0.0.1 2033 If the line doesn't support hardware shutdown (DTR toggle) then you may have to resort to ~. from your ssh session to terminate the session. Once that is broken, then the telnet session will be cleanly disconnected and the line will be freed. Excluding the Use of Telnet The types of access to the router can be controlled through the use of the transport input command. Accecss can be limited to only incoming SSH sessions by applying only the ssh keyword as follows: line vty 0 4 exec-timeout 0 0 password cisco login authentication sarah transport input ssh - Original Message - From: Dwayne Saunders To: Sent: Monday, April 30, 2001 10:56 AM Subject: SSH version2 for 7120 [7:2570] Can anyone point me to the links to be able to configure ssh ver2 on a 7120 router and what ios do I need D'Wayne Saunders Senior MIS Operator, CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2580t=2570 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help with frame-relay [7:2204]
Yes, the frame map statement on the DCE side creates the DLCI and the DCE will advertise the DLCI via LMI to the DTE. The DTE will find that IP address of the DCE via inverse-arp. Like I said, the config works fine for me. At 11:12 PM 4/29/01, you wrote: You need to creat DLCI and link WAN IP to DLCI so that routing can take place. DLCI on DTE and DCE shall be have same no. - Original Message - From: Curtis Call To: Sent: Saturday, April 28, 2001 7:44 AM Subject: Re: Help with frame-relay [7:2204] The config I provided works fine for me. I believe the DTE and DCE can be determined on a per-interface basis. You'll notice that I'm not actually switching via the frame-relay route command, but the frame-relay switch command is required if you want to use the frame-relay intf-type dce command. At 03:52 PM 4/27/01, you wrote: But as I know, you should have a cisco router acted as frame-relay switch between them. It seems a router can not acted as DTE and DCE at the same time. Am I correct? Curtis Call wrote: On the DCE end: globably define: frame-relay switching on the interface define: encapsulation frame-relay frame-relay intf-type dce clock rate x ip address x.x.x.x x.x.x.x frame-relay map ip x.x.x.x broadcast On the DTE end interface: encapsulation frame-relay ip address x.x.x.x x.x.x.x That should work for you. I've been using POS instead of serial lately so my commands might be a little off, but I think it should work. At 06:51 PM 4/26/01, you wrote: ive been dying now for two days trying to get frame relay going between 2 2501 routers. I have tried everything i know to do, and looked at 900 different places and i must just be missing something. can anyone give me the exact steps to configure this. I have 2 2501 routers connected together with v.35 cable. i can get PPP and HDLC working fine but frame-relay just doesnt want to work for me. im also running ios 12.1(7) enterprise if that helps. -- Justin M. Clark MCSE 4.0, MCSE 2000 CCNA, CCDA [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2581t=2204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Home lab question [7:2491]
We are studying to attain certs but the primary focus should be to become networkers. An external CSU/DSU is closer to the real world than a back-to-back cable. Consider acquiring another external CSU/DSU. Run those boxes back to back between two routers. Alternately if you have a modular router buy a WIC with the CSU/DSU built-in. Connect that to your Paradyne which connects to the serial port of a second router. -Original Message- From: Scott McFarland [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 29, 2001 7:33 PM To: [EMAIL PROTECTED] Subject: Home lab question [7:2491] First of all, thanks for all the good info over the last few months. I plan to build a home lab for my CCNP studies and hope to continue with CCIE in the next year. I aquired a Paradyne Acculink 3160-A2-210 external CSU/DSU from a friend. Is there anything I can use this for in my home lab or just go ahead and sell it on Ebay? Thanks, Scott _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2582t=2491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: has anybody tried non-Cisco approved flash/memory [7:2498]
same here... Tim LeBrun CCNA, CCDA [EMAIL PROTECTED] -Original Message- From: Edmund Woltynski [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 3:31 AM To: [EMAIL PROTECTED] Subject: Re: has anybody tried non-Cisco approved flash/memory [7:2498] Recently did the same - was apprehensive about using non-recommended Cisco parts, in lab equipment - used Kingston and has not missed a beat so far. Adam Burgess wrote: I have 8 2500's, two 2600's and a 4500M, all with Kingston Flash and DRAM and I have never had a problem with any of them. Regards Adam -Original Message- From: xc [mailto:[EMAIL PROTECTED]] Sent: Monday, 30 April 2001 11:34 AM To: [EMAIL PROTECTED] Subject: has anybody tried non-Cisco approved flash/memory [7:2498] I need to upgrade some of my lab routers to handle 12.0 and 12.1. These IOS's are resource hogs, so apparently I need to pump up the DRAM and flash. So, has anybody tried out some of those non-Cisco approved DRAM and flash units? Don't worry, none of my routers are going to be used in a production environment. But I won't do it if these units completely blow some circuit on the router. XC FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- -- Regards Edmund Woltynski ___ The information transmitted by the following e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (618) 83711492, and delete the communication from any computer or network system. - FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2583t=2498 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dialup behind PIX and Telephony services!!!! [7:2539]
It's not exactly a problem. It's probably just a blocked port. If you can send more info I'll be glad to help out. What is blocked/open on the PIX? What kind of NAT are you using? Overload? Is the router in front of the PIX locking anything? Do users on the network get into these services if they're not dialing in? Send your config..that'll help too. - Original Message - From: Magdy H. Ibrahim To: Sent: Monday, April 30, 2001 2:59 AM Subject: Dialup behind PIX and Telephony services [7:2539] Dear All, I installed my PIX firewall and configured my Dialup users to work behind it ofcourse using private IPs for the dialup and the PIX do NAT to access the internet.. Many clients complain that they could not use the telephony services such as MSN calling services and others... Is this problem caused by the PIX firewall??? If so, then what is the solution or setting to aviod this issue Please help me soon as I am going to lose my clients because of this problem... Worm regards Magdy FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2584t=2539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Differences between TACACS+ and Cisco ACS [7:2245]
I think what he's saying is that https sites can be set up for any http content through the webserver. Just dump the management site into the https section and it's secure. ACS doesn't have to do the https portion..only the webserver. - Original Message - From: Sean Young To: Sent: Monday, April 30, 2001 7:41 AM Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Bill, Are you sure about this? I've contacted Cisco TAC support and have been told it is NOT possible because Cisco ACS itself does NOT https. Can anyone confirm this? Thanks Sean From: Bill Pearch Reply-To: Bill Pearch To: [EMAIL PROTECTED] Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Date: Mon, 30 Apr 2001 02:16:01 -0400 With NT/2000 and IIS4 or IIS5 we can make any HTTP:// site a HTTPS:// site with a couple of mouse clicks. If you are using Win2K there is a heck of a help file that will walk you through the process, step by step. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 29, 2001 7:19 PM To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] You can access it using a browser anywhere. This is what I am worried about. When you are talking about controlling ACS via the web browser interface, does it use standard http or https. If it uses the standard http, then everything can be captured by a sniffer. Can anyone confirm this? Thanks. Sean From: nana Reply-To: nana To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] Date: Sun, 29 Apr 2001 18:08:09 -0400 CiscoSecure Version 2.6 was for Windows NT/2000 is actually a very improved product compared to its preds. Easy to configure and manage. You can access it using a browser anywhere. It also allows you to control the admin access itself so that others can manage usersgroups etc but not the top admin level functions Sean Young wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Everyone, The company I am working for is considering purchasing Cisco ACS software. This piece of software will be running on Solaris platform. Currently, I am using TACACS+ (self-supported software with source code) on our environment running on both Solaris and linux platforms (Primary TACACS is on Solaris and backup is on Linux). We've modified the source code so that each user has his/her own privilige password so that we have a record of who is doing what on the network devices (accounting purpose). Everything is running smoothly and the company is happy with the result. In my opinion, learning CLI in Unix/linux is not an easy task to master. Because of this, I am solely responsible for the TACACS servers. Finding someone to train for this thing is NOT an easy thing (thanks to Microsoft mentality of POINT-and-CLICK attitude of new people coming into the IT field these days). I've tried to train several people for this task but it was unsuccessful. Because of this, the company is considering of migrating the TACACS server from Solaris/Linux over to Microsoft Windows platforms (YIKES) so that we can find additional support staffs. The software package that we consider is Cisco ACS. I have several questions regarding this package: 1) Is this software stable on a Windows platform? (Sorry I have to ask) 2) How long does it take to train a newbie to be efficient with Cisco ACS running on Winblows platform? 3) Does Cisco ACS support enable privilege for each individual user (i.e does each user have his/own enable password)? If anyone has done it before or have a similar experience, I would like to hear from you. Many thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and
Re: so weird [7:2550]
It looks almost like route print is telling you that you have an IP address of 162.8.232.166 assigned to a NIC or virtual interface. Is it on all the computers? Check DHCP scopes to make sure something weird isn't set up in there. Also capture a route print and an IPCONFIG /ALL and send that. That'll help. - Original Message - From: Shawn Xu To: Sent: Monday, April 30, 2001 7:30 AM Subject: so weird [7:2550] I have a router configured 216.226.97.130 for eth0 as local network gateway, and ip route 0.0.0.0 0.0.0.0 x.x.x.x, everything is working fine except one program: intny7.ilx.net. On any workstations, I can not ping this host which says time out. If I run route print on the workstations, it says network destination: 162.8.232.166, netmask 255.255.255.255, gateway 216.226.97.132. I wonder why it does not go through the default gateway 216.226.97.130 to get out, and tries a wrong gateway 216.226.97.130. Any idea will be appreciated. Shawn Xu _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2585t=2550 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed CCNA Exam [7:2586]
I passed the CCNA exam with an 881/1000. Thank you to everyone for contributing insight on the CCNA exam. I've learned a great deal reading everyone posting. Jess thank so much for helping me studying to pass this exam. It's help to have a study pal. What I used was the CCNA book from Todd Lammle, CCNA from Wendell Odom, Cisco TCP/IP from Chris Lewis and flashcard from exam cram and routersim. Also a study pal Goodluck to everyone taking the exam. Sid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2586t=2586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ccna 2.0 [7:2560]
Add to that list about 2-3 weeks study time if you are new to Cisco but know TCP/IP well. James, Eric L. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What equipment is need to study for the ccna 2.0 exam thanks Eric James Network Systems Engineer Franklin County Data Center 373 South High Street 9th Floor Columbus, Ohio 43215 ** The opinions expressed herein are those of the author and not those of Franklin County Data Center or any other company, governmental agency, or organization. ** FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2587t=2560 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
I bought 5 routers and one token ring hub!!!please help [7:2588]
I got those things from Peking , one of the CCIEs. 1 2503 1 2513 2 2521 1 2523 He has no 2509 or 2511 as a terminal server.So he suggested that I used 2523 as the terminal server to configure others, cause it has 10 serial ports. And the quiz is , some had suggested that I need to buy two token ring MAU,now I have a hub for token ring with lots of ports,Do I have to buy the MAUs??? And is there anything that I couldn't do with my routers(except catalyst 5000,too dear for me)in order to simulate the CCIE LAB?I heard in China, they have only 25xx series now, most of the devices are 4000s. anyone can help? Thanks in advance. My DRAM is 8M,flash is 8M,can I use IP ENTERPRISE PLUS I heard it was the fullest functional IOS version, is it??? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2588t=2588 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ccna 2.0 [7:2560]
Follow my CCNP link below to read my recommendations... Hth, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.oledrews.com/ccnp NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: James, Eric L. [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 8:31 AM To: [EMAIL PROTECTED] Subject: ccna 2.0 [7:2560] What equipment is need to study for the ccna 2.0 exam thanks Eric James Network Systems Engineer Franklin County Data Center 373 South High Street 9th Floor Columbus, Ohio 43215 ** The opinions expressed herein are those of the author and not those of Franklin County Data Center or any other company, governmental agency, or organization. ** FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2589t=2560 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CISCO Internet Routing Architectures by bassam halabi [7:2590]
Hi If anyone is interested, in bidding on Cisco Internet routing architectures book by bassam halabi , Network Protocol Handbook and others , (TCIP addressing this book bidding is over in an less than an hour), copy this whole shortcut to get to the my Ebay page http://cgi6.ebay.com/aw-cgi/eBayISAPI.dll?ViewListedItemsuserid=pcadmnincl ude=0since=-1sort=2rows=25 Dan Evensen ccnaws cns Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2590t=2590 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: 500-CS...HELP!! [7:2414]......here is my 500-CS config [7:2591]
Actually, it is you who are correct. While my discussion and the resulting tests were good for intellectual debate, they did little to further answering the problem correctly. You have stated correctly that no exec will work exactly as advertised for *reverse* telnet connections only. Since my CS516 uses a combination of forward and reverse connections, it was not practical for me to use this methodology. Oh well, that's what you get for making a post late at night when you are tired :-) The two replies that stated the reverse connection was made to the wrong line are likely the root of the original problem. v/r, Paul Werner So, you are correct in what you say - but I think the most often the problem being addressed is that the line is reported as in use and the user isn't the one using it Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2591t=2591 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1600 Serial connected modem [7:2592]
Hi all, Just a quick one. Anyone connected a modem via RS232 cable to Serial interface of a 1600 for dial in. Mainly interested to see if it is possible. At the moment is failing, seemingly at the authentication, but no debug for this other than closing call. Does 1600 have TTY capability. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2592t=2592 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLAN's and Routers [7:2534]
Sammi, You can always create VLANs without a router, you just can't move traffic between them. If you have a situation where you have two networks that exist in the same location but need to be kept strictly seperate (such as a production and a test network) then it isn't necessarily a bad thing to segregate the traffic. Usually there needs to be some form of communication between VLANS though, so practically speaking you do need a router. About the overlapping VLANs... Looks like you might have forgotten to take into account the difference between classful and classless (VLSM) addressing. Quick subnetting summary: if it says class x with ## bits of masking then you add the ## of masking bits to the default subnet mask for the address class. If it says x.x.x.x/## then the number of bits listed for subnetting is the entire mask, not just the extra not included in the default class mask. The first method is classful addressing, the second is classless. Remember, routers aren't very bright. They aren't smart enough to know that network 10.200.x.x/16 is on VLAN 1 if the 3rd octet has a value of 1 and on VLAN 2 if it has a value of 2. You need to tell it (via the subnet mask) the entire network address, not just part of it. Hope this helps, Karen *** REPLY SEPARATOR *** On 4/30/2001 at 2:13 AM Sammi wrote: Still struggling with VLAN's and a basic question escapes me. If I create: VLAN1 as 10.200.1.x/16 VLAN2 as 10.200.2.x/16 or /24 I get VLAN's overlap, which I assume is a bad thing (at least at my skill level, I understand you could use overlapped VLAN's). So, I'm confused how I can assign scopes to each VLAN, what the exact rules are. I'm starting to come to the conclusion I cannot use VLAN's without a router. Is that a correct assumption? Any help, tips, leads appreciated. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2593t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLAN's and Routers [7:2534]
Thanks all, that clarifies somewhat. On 30 Apr 2001 14:06:09 -0400, [EMAIL PROTECTED] (Karen E Young) wrote: Usually there needs to be some form of communication between VLANS though, so practically speaking you do need a router. What I would like to do is create broadcast domains for different departments, ie finance, admin. But all departments would need to communicate with the same server(s). I'd like to implement VLAN's without the expense of having to purchase routers, but doesn't seem like it's feasible? I have ordered P. Openheimer's (sp) Top Down Design book and that may better guide me in trying to implement an efficient network design. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2595t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:2564]
A few comments. First, not being able to obtain a DHCP lease upon initial boot isn't a problem related to Cisco's Spanning Tree Protocol implementation. Cisco implements the IEEE 802.1D STP algorithm that specifies when a port becomes active, it must go through the blocking, listening, and learning phases before it can be switched to forwarding mode. By default, Spanning Tree Protocol to transition from the blocking phase to the forwarding phase is 50 seconds. A port is to remain in the blocking phase for 20 seconds. It then transitions to the listening phase that lasts 15 seconds. Once the listening phase has been completed, the port transitions to the learning phase, which is 15 seconds in length. It's become commonplace for many newer PCs and operating systems to send DHCP requests well in advance of 50 seconds of system boot - which creates the problem of not being able to initially obtain a DHCP lease. If a PC is not configured to bridge frames between LAN segments, the switch port to which the PC is connected can safely begin forwarding frames immediately. -- Leigh Anne Chisholm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Gotti Sent: April 30, 2001 8:44 AM To: [EMAIL PROTECTED] Subject: Spanning Tree Protocol [7:2564] Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2596t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switch command questions [7:2477]
The test covers the IOS of the 1900 series and the set-based interface of the 5000 series--the IOS interface of the XL and 5000 is NOT covered. And yes, there are some significant differences between the IOS of the 1900 and XL series, as you have found out. Enjoy! Richard Hunt Lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I tried to practice some switching commands on the BCMSN book with my switch (2924XL), but I found I lot of commands is completely different from the BCMSN book. BCMSN My switch e.g.1. To assign ports to a VLAN: interface ethernet 0/1 interface ethernet 0/3 vlan-membership static 3switchport access vlan 3 e.g.2 To enable PortFastspantree start-forwardingspantree portfast Is this because of the different IOS version? Or what do I have to do so that I can make my switch to use the same commands as the BCMSN book. Can anyone please shed some light on this? Regards, Hunt Lee IP Solution Analyst Cable and Wireless Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2597t=2477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLAN's and Routers [7:2534]
Thanks all, that clarifies somewhat. On 30 Apr 2001 14:06:09 -0400, [EMAIL PROTECTED] (Karen E Young) wrote: Usually there needs to be some form of communication between VLANS though, so practically speaking you do need a router. What I would like to do is create broadcast domains for different departments, ie finance, admin. But all departments would need to communicate with the same server(s). Have you looked at VLAN-aware NICs on the server? They would let you have a logical interface in each VLAN. There may be more basic questions. Approximately how many hosts are in each department? What protocols do they run? Is there a specific reason you think you may have a problem with broadcasts? Are the hosts plugged into switches that can do per-port broadcast rate limiting? I'd like to implement VLAN's without the expense of having to purchase routers, but doesn't seem like it's feasible? I have ordered P. Openheimer's (sp) Top Down Design book and that may better guide me in trying to implement an efficient network design. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2598t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW+ Problem [7:2599]
Hi I am having some performance problem with DLSW+. The peers are 2621 with IOS Version 12.0(3)T3 and at the other end I have Cisco 2612 with version 11.3(9)T. Our testing setup with obviously less load worked fine but when we moved to production the sessions started dropping. I have checked circuit load and it looks fine. Probably some DLSW+ parametes with some timing features or problem with IOS is causing this problem. Or may be its related to 2600 routers. Is there anyone who experienced same kinda issues in past. Any comments. Thanks... Peter _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2599t=2599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW+ Problem [7:2599]
If you post the configs and address some of the problems I'd be happy to look at it. -- James Haynes Network Architect Cendant IT A+,MCSE,CCNA,CCDA,CCNP,CCDP Fawad Alam wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi I am having some performance problem with DLSW+. The peers are 2621 with IOS Version 12.0(3)T3 and at the other end I have Cisco 2612 with version 11.3(9)T. Our testing setup with obviously less load worked fine but when we moved to production the sessions started dropping. I have checked circuit load and it looks fine. Probably some DLSW+ parametes with some timing features or problem with IOS is causing this problem. Or may be its related to 2600 routers. Is there anyone who experienced same kinda issues in past. Any comments. Thanks... Peter _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2600t=2599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Anil Panjwani/Bombay/IN/i2Tech is out of the office. [7:2601]
I will be out of the office starting 04/30/2001 and will not return until 05/14/2001. hi i am out of office currently, please contact girish gavaskar for any official work or contact me on [EMAIL PROTECTED] if it is personal for me. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2601t=2601 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Tacacs [7:2602]
Dear Group, A Tacacs question. Is it possible to configure Tacacs+ to use 2 different home gateways? Specifically, gate1 to be used to terminate L2F tunnels. If that fails, use gate2. And, another question if that is possible.. When gate1 is reachable again, will the users on gate2 be disconnected or stay there until they disconnect while new connections go to gate1 again? tia Kevin Wigle Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2602t=2602 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:2564]
How exactly do you configure portfast on a 2924XL-EN? Just wanna try it out! Thanks Bob Edmonds CCNA, Network+ John Gotti wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2603t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW+ Problem [7:2599]
Have you checked your logs to see if the DLCIs where dropping? Service interruptions? This would cuase your dlsw peers to go down. - Original Message - From: Fawad Alam To: Sent: Monday, April 30, 2001 3:14 PM Subject: DLSW+ Problem [7:2599] Hi I am having some performance problem with DLSW+. The peers are 2621 with IOS Version 12.0(3)T3 and at the other end I have Cisco 2612 with version 11.3(9)T. Our testing setup with obviously less load worked fine but when we moved to production the sessions started dropping. I have checked circuit load and it looks fine. Probably some DLSW+ parametes with some timing features or problem with IOS is causing this problem. Or may be its related to 2600 routers. Is there anyone who experienced same kinda issues in past. Any comments. Thanks... Peter _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2604t=2599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch command questions [7:2477]
Hunt, Feel free to click on my CCNP link below and use my homemade Catalyst 5000 series set-based command trainer application. Hth, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.oledrews.com/ccnp NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: Richard Deal [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 1:03 PM To: [EMAIL PROTECTED] Subject: Re: Switch command questions [7:2477] The test covers the IOS of the 1900 series and the set-based interface of the 5000 series--the IOS interface of the XL and 5000 is NOT covered. And yes, there are some significant differences between the IOS of the 1900 and XL series, as you have found out. Enjoy! Richard Hunt Lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I tried to practice some switching commands on the BCMSN book with my switch (2924XL), but I found I lot of commands is completely different from the BCMSN book. BCMSN My switch e.g.1. To assign ports to a VLAN: interface ethernet 0/1 interface ethernet 0/3 vlan-membership static 3switchport access vlan 3 e.g.2 To enable PortFastspantree start-forwardingspantree portfast Is this because of the different IOS version? Or what do I have to do so that I can make my switch to use the same commands as the BCMSN book. Can anyone please shed some light on this? Regards, Hunt Lee IP Solution Analyst Cable and Wireless FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2605t=2477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco [7:2606]
unsubscribe cisco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2606t=2606 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Remote access [7:2607]
I was wondering how I could configure my 2521 with 4 serial, two of which are (A/S), to connect to the internet via a modem? I would like to know what type of modem to buy, what type of cables/connectors will be needed to connect the modem to the (A/S) serial ports. I searched for other modems but I can never seem to find anything, that I know would be able to hook into my router. Any help would be greatly appreciated! Thanks, Bob Edmonds CCNA, Network+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2607t=2607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OFF TOPIC -Job Offer without Interview?? [7:2369]
The reseller may be desperate for certified people which means they WILL take any warm body. But another aspect of this situation is that you need to take charge of your part of the interview - remember it's a two-party transaction. My advice - Never take a job or promise to take a job without seeing the working environment and meeting your boss and coworkers. In fact if the employer doesn't want to go through the whole normal process you should politely insist on it - ask all the questions, etc. I speak from experience. I had a very lucrative and firm contract offer and start date over the phone about 3 years ago and I demanded a face-to-face plus a tour of the working environment. The interview was very disappointing and I turned down the offer. Jonathan Howard C. Berkowitz wrote: Unfortunately, you are running into something endemic to the DC area, especially the Federal government. Agencies have head count restrictions, but still need staffing. So, there have evolved a class of brokers that rent out people to the using organizations. The brokers often mark up your rate by 100% or more, although they do have to float receivables for 60 days or more. Becoming a Cisco partner just needs the right certificated people, which, at the lower level, could be the principals. As I remember, though, continued partner status also means a certain level of sales. A pure body shop won't have equipment sales. Unfortunately again, it's often easier for government agencies to deal with a small business reseller, perhaps under minority business 8(a) setasides -- they can just go make small purchases without complex procurement. Don't expect any real support from your direct employer, but keep an open mind about the client. I spent three good solid years at the US Labor Department as an ostensibly temporary contractor, which is where I really broke into system programming and networking. Some clients exploit the system, but others recognize that it's really their job to motivate the contractors and can be quite decent to them. Good clients may find loopholes for such things as training -- they can't pay your salary to attend an offsite class, but they may have in-house classes and let you drop in -- even with credit. Hey Group, Thanks for all the input -- I really do appreciate it. Just to add a few facts to this -- the company that called me -- is a Cisco SILVER partner -- not simply a pure unadulterated head-hunter -- sort of a hybrid (like EIGRP!! ). Of course it goes without saying that -- as one person said -- it's an on-the-job-interview. If I -- or any of the others who report on day 1 aren't acceptable -- then we simply are not there on Day 2. But what does it say about the Silver Partner?? Is this guy honest?? If he fails to properly screen the people he sends to the client -- isn't he -- at the very least -- intellectually dishonest?? And if that's true -- how would he treat his employees?? Would he promise the moon (e.g. oh yeah, paychecks every two weeks) and then not come through?? Who is our loyalty to go towars?? The client -- who we know is being given less than bargained for -- or the guy who's paying for our salary?? I already know the practical answer -- but somewhere in those Cisco books we all study -- I'm sure it also says that we are to have honesty and integrity in our dealings with clients. Doesn't it?? Oh well. . . . Thanks again to all of you for your time in answering. Gerg Macaulay Oldest CCNP/DP on Earth (really!!!) Lifetime member of AARP Retired Attorney/Law Professor -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Saturday, April 28, 2001 2:38 PM To: [EMAIL PROTECTED] Subject: Re: OFF TOPIC -Job Offer without Interview?? [7:2369] I think it would be a mistake to take a job without an in-person interview. I did it once. My boss turned out to be an (expletive deleted). Priscilla At 04:58 AM 4/28/01, you wrote: Gd' Day Everyone, I need some input (comments, criticisms, enlightenment, suggestions, etc.) rather quickly. I'm in the DC metro area. Someone grabbed my resume off Monster and called me two weeks ago -- asked NO technical questions -- and basically gave me a brief synopsis of his company -- cnfirmed my salary requirements -- and said he would circulate my resume to others in his company and if there was interest, he'd get back to me. Last nite -- Friday 4/27 at about 8:00 p.m., he calls again -- asks only if I'm available -- and then says I can report to work on Tuesday 5/1. Again, no technical questions -- simply confirmed my salary requirements -- and simply wanted me to FAX a copy of my certs to him. Nothing else. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and
CISCO works 2000 [7:2610]
I am planning to take CISCO works 2000 (both Fundamental and LAN/WAN) in Chicago. I find there are two training center offering theses classes in June. One is Global Knowledge the other is Skyline. I called both training center to ask for information about the instructor, they all tell me they don't have the instructor list.How can I find out which one is better? I hate to wast time listen to some boring lectures. I have some good classes from Global Knowledge. But I also have very bad experience for two classes I took from this training center.Thanks in advance.Yan Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2610t=2610 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:2564]
Config t interface FastEthernet0/1 spanning-tree portfast Tim LeBrun CCNA, CCDA [EMAIL PROTECTED] -Original Message- From: Bob Edmonds [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 3:55 PM To: [EMAIL PROTECTED] Subject: Re: Spanning Tree Protocol [7:2564] How exactly do you configure portfast on a 2924XL-EN? Just wanna try it out! Thanks Bob Edmonds CCNA, Network+ John Gotti wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey all...we are having a problem where workstations sporatically will not be able to obtain an IP address from our DHCP server. After about 4 minutes, you can perform a manual renew from WINIPCFG and you get your IP address. This has baffled me for quite some time and I have recently been told it is our Cisco 2924 Switch to blame. The story I was told is below. I welcome any comments for or against this opinion. Thank you for your time. It appears the problem is connected to the spanning tree algorithm used by the CISCO switches. By default, ports on the switch block as they are initialised; during this phase the port is in its spanning tree algorithm learning and listening state - it is not forwarding. This is specifically aimed at ports that will be used to connect to other switches/routers in a stack. After a default time (4 mins?) they switch to the standard forwarding mode and everything seems normal, the problem is that you have missed all the important DHCP broadcast and acknowledgment from client to DHCP server during this period. You can change this default state by changing the PORT-FAST setting on each port. The port is then immediately in the FORWARDING mode as it is initialised. By default this setting is DISABLED, I have ENABLED all ports except the ports doing the linking to other switches _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2611t=2564 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Differences between TACACS+ and Cisco ACS [7:2245]
Did some looking into the documentation on ACS for NT/2K and it looks like Cisco is using a non MS web server, rather than building on IIS 4 or 5. So you can do what you can do with it. If Cisco doesn't include HTTPS you don't get HTTPS. I know IIS, not ACS - sorry. I hope to remedy that in the near future. If you are using Win2K as your ACS server it is possible to make use of IPSec to other W2K boxes based on local IPSec policy or domain level IPSec policy. This would give you the secure communication you are looking for, even if the application does not support HTTPS. YMMV, VWPBL, OSTCAAT. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young To: [EMAIL PROTECTED] Sent: 4/30/2001 4:41 AM Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Bill, Are you sure about this? I've contacted Cisco TAC support and have been told it is NOT possible because Cisco ACS itself does NOT https. Can anyone confirm this? Thanks Sean From: Bill Pearch Reply-To: Bill Pearch To: [EMAIL PROTECTED] Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Date: Mon, 30 Apr 2001 02:16:01 -0400 With NT/2000 and IIS4 or IIS5 we can make any HTTP:// site a HTTPS:// site with a couple of mouse clicks. If you are using Win2K there is a heck of a help file that will walk you through the process, step by step. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 29, 2001 7:19 PM To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] You can access it using a browser anywhere. This is what I am worried about. When you are talking about controlling ACS via the web browser interface, does it use standard http or https. If it uses the standard http, then everything can be captured by a sniffer. Can anyone confirm this? Thanks. Sean From: nana Reply-To: nana To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] Date: Sun, 29 Apr 2001 18:08:09 -0400 CiscoSecure Version 2.6 was for Windows NT/2000 is actually a very improved product compared to its preds. Easy to configure and manage. You can access it using a browser anywhere. It also allows you to control the admin access itself so that others can manage usersgroups etc but not the top admin level functions Sean Young wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Everyone, The company I am working for is considering purchasing Cisco ACS software. This piece of software will be running on Solaris platform. Currently, I am using TACACS+ (self-supported software with source code) on our environment running on both Solaris and linux platforms (Primary TACACS is on Solaris and backup is on Linux). We've modified the source code so that each user has his/her own privilige password so that we have a record of who is doing what on the network devices (accounting purpose). Everything is running smoothly and the company is happy with the result. In my opinion, learning CLI in Unix/linux is not an easy task to master. Because of this, I am solely responsible for the TACACS servers. Finding someone to train for this thing is NOT an easy thing (thanks to Microsoft mentality of POINT-and-CLICK attitude of new people coming into the IT field these days). I've tried to train several people for this task but it was unsuccessful. Because of this, the company is considering of migrating the TACACS server from Solaris/Linux over to Microsoft Windows platforms (YIKES) so that we can find additional support staffs. The software package that we consider is Cisco ACS. I have several questions regarding this package: 1) Is this software stable on a Windows platform? (Sorry I have to ask) 2) How long does it take to train a newbie to be efficient with Cisco ACS running on Winblows platform? 3) Does Cisco ACS support enable privilege for each individual user (i.e does each user have his/own enable password)? If anyone has done it before or have a similar experience, I would like to hear from you. Many thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list
OT:There is always a New Kid on the Block (CIsco) [7:2613]
Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2613t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Differences between TACACS+ and Cisco ACS [7:2245]
Just tossing something in the air, but can you change the directory http content is put in? If so, you could dump it to another http server folder that supports https authorization. - Original Message - From: Bill Pearch To: Sent: Monday, April 30, 2001 3:27 PM Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Did some looking into the documentation on ACS for NT/2K and it looks like Cisco is using a non MS web server, rather than building on IIS 4 or 5. So you can do what you can do with it. If Cisco doesn't include HTTPS you don't get HTTPS. I know IIS, not ACS - sorry. I hope to remedy that in the near future. If you are using Win2K as your ACS server it is possible to make use of IPSec to other W2K boxes based on local IPSec policy or domain level IPSec policy. This would give you the secure communication you are looking for, even if the application does not support HTTPS. YMMV, VWPBL, OSTCAAT. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young To: [EMAIL PROTECTED] Sent: 4/30/2001 4:41 AM Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Bill, Are you sure about this? I've contacted Cisco TAC support and have been told it is NOT possible because Cisco ACS itself does NOT https. Can anyone confirm this? Thanks Sean From: Bill Pearch Reply-To: Bill Pearch To: [EMAIL PROTECTED] Subject: RE: Differences between TACACS+ and Cisco ACS [7:2245] Date: Mon, 30 Apr 2001 02:16:01 -0400 With NT/2000 and IIS4 or IIS5 we can make any HTTP:// site a HTTPS:// site with a couple of mouse clicks. If you are using Win2K there is a heck of a help file that will walk you through the process, step by step. TTFN, Bill Pearch, Anchorage AK -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 29, 2001 7:19 PM To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] You can access it using a browser anywhere. This is what I am worried about. When you are talking about controlling ACS via the web browser interface, does it use standard http or https. If it uses the standard http, then everything can be captured by a sniffer. Can anyone confirm this? Thanks. Sean From: nana Reply-To: nana To: [EMAIL PROTECTED] Subject: Re: Differences between TACACS+ and Cisco ACS [7:2245] Date: Sun, 29 Apr 2001 18:08:09 -0400 CiscoSecure Version 2.6 was for Windows NT/2000 is actually a very improved product compared to its preds. Easy to configure and manage. You can access it using a browser anywhere. It also allows you to control the admin access itself so that others can manage usersgroups etc but not the top admin level functions Sean Young wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Everyone, The company I am working for is considering purchasing Cisco ACS software. This piece of software will be running on Solaris platform. Currently, I am using TACACS+ (self-supported software with source code) on our environment running on both Solaris and linux platforms (Primary TACACS is on Solaris and backup is on Linux). We've modified the source code so that each user has his/her own privilige password so that we have a record of who is doing what on the network devices (accounting purpose). Everything is running smoothly and the company is happy with the result. In my opinion, learning CLI in Unix/linux is not an easy task to master. Because of this, I am solely responsible for the TACACS servers. Finding someone to train for this thing is NOT an easy thing (thanks to Microsoft mentality of POINT-and-CLICK attitude of new people coming into the IT field these days). I've tried to train several people for this task but it was unsuccessful. Because of this, the company is considering of migrating the TACACS server from Solaris/Linux over to Microsoft Windows platforms (YIKES) so that we can find additional support staffs. The software package that we consider is Cisco ACS. I have several questions regarding this package: 1) Is this software stable on a Windows platform? (Sorry I have to ask) 2) How long does it take to train a newbie to be efficient with Cisco ACS running on Winblows platform? 3) Does Cisco ACS support enable privilege for each individual user (i.e does each user have his/own enable password)? If anyone has done it before or have a similar experience, I would like to hear from you. Many thanks. Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL
CCIE written passed! [7:2615]
Feels Good! I just passed the CCIE written. It was not actually all that hard if you have all of your CCNP stuff still in your head. Just studied for a couple of weeks after taking 3 months off from CCNP. I would suggest that all candidates buy the new Caslow book and buy the Boson tests. Use the Bosons not only for the memorization of questions, but also for the explanations/references given for each answer. I spent about 4 hours per day studying for these two weeks using just these two guides. Thanks to those who helped me by answering my questions...They directly helped if you know what I mean... On to the LAB...should take about 3-4 months to study intermixed with my actual job. Scott _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2615t=2615 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE written passed! [7:2615]
Hi! congratulation!!! have you already scheduled the lab date? -- cU, Laszlo Csosza scott mann wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Feels Good! I just passed the CCIE written. It was not actually all that hard if you have all of your CCNP stuff still in your head. Just studied for a couple of weeks after taking 3 months off from CCNP. I would suggest that all candidates buy the new Caslow book and buy the Boson tests. Use the Bosons not only for the memorization of questions, but also for the explanations/references given for each answer. I spent about 4 hours per day studying for these two weeks using just these two guides. Thanks to those who helped me by answering my questions...They directly helped if you know what I mean... On to the LAB...should take about 3-4 months to study intermixed with my actual job. Scott _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2620t=2615 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer on a Frame line... [7:2253]
There are CSU/DSU's that will also act as a sniffer for frame-relay ckts. They usually are ungodly expensive unless your carrier provides it for you. Visual Networks comes to mind as as a manufacturer of these little toys. The amount you can capture is dependent upon the amount of mem in the csu. Not the best one out there but works very well. Good Luck, Ben Parrish -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Friday, April 27, 2001 11:15 AM To: [EMAIL PROTECTED] Subject: RE: Sniffer on a Frame line... [7:2253] RJ45 does not equal Ethernet. Are you thinking of placing an ethernet hub there? If so, you have completely incompatible physical layers to begin with. A T-1 signal from a csu/dsu or an NIU is going to wreak all sorts of havoc on an ethernet hub, most likely. You also have completely different datalink layers, so you can't expect an ethernet sniffer to have the slightest idea what is going on inside a frame relay frame on a DS1. This not unlike asking Can I connect a regular phone to an ethernet hub and listen in on a VoIP call? Completely incompatible technologies. You'd have to find a hardware sniffer designed for frame relay. HTH, John Rizzo Damian 4/27/01 9:24:53 AM The RJ45 connection between the DSU/CSU and the wall jack. Would putting a hub between the two work? Then I could place a sniffer on the hub. -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Friday, April 27, 2001 11:00 AM To: [EMAIL PROTECTED] Subject: RE: Sniffer on a Frame line... [7:2253] Frame over serial? (T1/Ds1/Ds3) They would have to plug into a Network analyzer with a compatible interface, not a hub. Most hardware network analyzers have pass-through connections that let you plug through the analyzer to the router. Good Luck, Ejay -Original Message- From: Rizzo Damian [mailto:[EMAIL PROTECTED]] Sent: Friday, April 27, 2001 10:10 AM To: [EMAIL PROTECTED] Subject: Sniffer on a Frame line... [7:2253] Quick question for you all. If you were to break a Frame Relay connection going into a router by first plugging it into a hub, then connecting it to the router, for the purposes of plugging a sniffer into that hub to monitor all frame traffic, would this scenario work or not so much? Thanks for your input! -Rizzo FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2619t=2253 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:There is always a New Kid on the Block (CIsco) [7:2613]
You know how everything follows a cycle and repeats? I think I'm gonna find a DOS certification and go for that before the rush hits ;) Maybe WFW will come back in a 64-bit, unbloated version and be the best O/S ever. Hmmm. ;) - Original Message - From: ccnawan To: Sent: Monday, April 30, 2001 3:40 PM Subject: OT:There is always a New Kid on the Block (CIsco) [7:2613] Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2621t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi Folks, need job!!!! [7:2623]
Hi Guys, Just layed-off by Cisco today. Suppose to join them on 21st May 2001 and got this job in December 2000. Didnt look for any jobs during that time and now without a job. Kindly if you know and have any opportunities let me know. Willing to relocate from Denver Colorado. Regards Shahid Muhammad Shafi = Shahid Muhammad Shafi MSc Telecommunications Candidate University of Colorado Boulder BSEE(GIKI),MCSE+I,CNA,CCNA,CCNP Please help feed hungry people worldwide http://www.hungersite.com/ A small thing each of us can do to help others less fortunate than ourselves __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2623t=2623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WAN Congestion - Cloud technology - Theory vs Reality [7:2624]
Not sure of the details but there certainly were several Frame Relay network meltdowns. The ATT Stratacom switch IOS upgrade (oops!@) and the Ascend (for MCI?). There were extenuating reasons for the initial failures but the cloud didn't converge. Anyone have a postmortem on these events? -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 3:56 PM To: [EMAIL PROTECTED] Subject: WAN Congestion - Cloud technology - Theory vs Reality [7:2618] dropped/refused entry because of congestion on the cloud. This in turn leads to the retransmission of dropped packets/cells, which in turn leads to more congestion, in a never ending spiral ( in theory, at least ) Reality: This gets into sizing of WAN links / CIR's / CBR's I am a bit curious. Anyone here have any real world experience with this kind of thing happening? I can see how this can happen in theory. In reality, carrier cloud congestion is not such that it would likely lead to this kind of result, is it? So if the above premise is something that can and does happen regularly, what does the carrier do - just massive dropping of packets / cells until the problem disappears, probably after hours that day? Any experience? Chuck One IOS to forward them all. One IOS to find them. One IOS to summarize them all And in the routing table bind them. -JRR Chambers- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2624t=2624 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: WAN Congestion - Cloud technology - Theory vs Reality [7:2625]
The list server appears to have butchered the beginning of this one - let's try again and see if it makes more sense when the whole message is included. Reading: congestion on WAN clouds can be amplified if packets / cells are dropped/refused entry because of congestion on the cloud. This in turn leads to the retransmission of dropped packets/cells, which in turn leads to more congestion, in a never ending spiral ( in theory, at least ) Reality: This gets into sizing of WAN links / CIR's / CBR's I am a bit curious. Anyone here have any real world experience with this kind of thing happening? I can see how this can happen in theory. In reality, carrier cloud congestion is not such that it would likely lead to this kind of result, is it? So if the above premise is something that can and does happen regularly, what does the carrier do - just massive dropping of packets / cells until the problem disappears, probably after hours that day? Any experience? Chuck One IOS to forward them all. One IOS to find them. One IOS to summarize them all And in the routing table bind them. -JRR Chambers- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2625t=2625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:There is always a New Kid on the Block (CIsco) [7:2613]
nice Dan, thanks for the walk down memory lane, for reminding us that this is temporary. and now listmembers... (drumroll please) ... who is YOUR guess for the next new kid on the block? -e- - Original Message - From: ccnawan To: Sent: Monday, April 30, 2001 1:40 PM Subject: OT:There is always a New Kid on the Block (CIsco) [7:2613] Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2626t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SPAN [7:2622]
port monitor Thanks, Chris Boyd Network Support 828.323.4103 Alex Lee, Inc. 120 4th St SW Hickory, NC 28602 www.alexlee.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of SH Wesson Sent: Monday, April 30, 2001 2:03 PM To: [EMAIL PROTECTED] Subject: SPAN [7:2622] On a Catalyst 3524XL, how do I enable SPAN (switch port analyzer) so I can have one port mirror traffic on another port so I can sniff it. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2628t=2622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SPAN [7:2622]
Look up port monitor -Original Message- From: SH Wesson [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 4:03 PM To: [EMAIL PROTECTED] Subject: SPAN [7:2622] On a Catalyst 3524XL, how do I enable SPAN (switch port analyzer) so I can have one port mirror traffic on another port so I can sniff it. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2629t=2622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:2602]
I'm not an expert in TACACS but I know you can have more than 1 server specified in the routers. I mainly used it just for authentication, in which case there was no problem whatsoever with this setup. If first specified server is not reachable, the other is being used. I don't think there would be an issue if I used authorization/accounting features either. There would simply be no need to try to fall back to the main server in case it came up while using the backup server on the current session. BTW, what do you mean by terminating L2F tunnels ? Do you just authenticate, or you also use the authorization/accounting features on the tunnel ? If so, could you elaborate a bit more on this topic ? Kevin Wigle wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear Group, A Tacacs question. Is it possible to configure Tacacs+ to use 2 different home gateways? Specifically, gate1 to be used to terminate L2F tunnels. If that fails, use gate2. And, another question if that is possible.. When gate1 is reachable again, will the users on gate2 be disconnected or stay there until they disconnect while new connections go to gate1 again? tia Kevin Wigle FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2630t=2602 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT:There is always a New Kid on the Block (CIsco) [7:2613]
My HOPE would be self configuring end devices and possibly even self configuring internal ( not edge ) routers. My belief is IPv6 and the nightmare that will probably be. Should keep a LOT of us in clover for several years :- Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of EA Louie Sent: Monday, April 30, 2001 2:14 PM To: [EMAIL PROTECTED] Subject:Re: OT:There is always a New Kid on the Block (CIsco) [7:2613] nice Dan, thanks for the walk down memory lane, for reminding us that this is temporary. and now listmembers... (drumroll please) ... who is YOUR guess for the next new kid on the block? -e- - Original Message - From: ccnawan To: Sent: Monday, April 30, 2001 1:40 PM Subject: OT:There is always a New Kid on the Block (CIsco) [7:2613] Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2631t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT:There is always a New Kid on the Block (CIsco) [7:2613]
Specific companies have been mentioned but really they represented enabling technologies. Each was first or best or best at marketing. Each offered something that gained wide useage. So what is the next killer app or service? Who will provide it? -Original Message- From: EA Louie [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 4:14 PM To: [EMAIL PROTECTED] Subject: Re: OT:There is always a New Kid on the Block (CIsco) [7:2613] nice Dan, thanks for the walk down memory lane, for reminding us that this is temporary. and now listmembers... (drumroll please) ... who is YOUR guess for the next new kid on the block? -e- - Original Message - From: ccnawan To: Sent: Monday, April 30, 2001 1:40 PM Subject: OT:There is always a New Kid on the Block (CIsco) [7:2613] Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2632t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Octal Cable for Sale [7:2633]
I have a 3 foot (Cisco brand) AS2500 type octal cable leftover from some new cabling in my home lab. $10 + shipping First response gets it... Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2633t=2633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WAN Congestion - Cloud technology - Theory vs Reality [7:2634]
- Original Message - From: Chuck Larrieu To: Sent: Monday, April 30, 2001 1:55 PM Subject: WAN Congestion - Cloud technology - Theory vs Reality [7:2618] dropped/refused entry because of congestion on the cloud. This in turn leads to the retransmission of dropped packets/cells, which in turn leads to more congestion, in a never ending spiral ( in theory, at least ) Reality: This gets into sizing of WAN links / CIR's / CBR's I am a bit curious. Anyone here have any real world experience with this kind of thing happening? I can see how this can happen in theory. In reality, carrier cloud congestion is not such that it would likely lead to this kind of result, is it? Real life experience shows that frame relay circuits with 70% or more port utilization create an environment for retransmission. However, based on packet capture and analysis, I see the retransmissions as much as I see connection timeouts because the latency of the circuit increases when the load maxes out, so it's not the never-ending spiral as one might expect. I haven't seen any production ATM networks drop cells. In reality, regarding carrier cloud congestion, domestically the carriers claim they overbuild the capability of their service backbone precisely to prevent such congestion problems and I'd tend to believe them because of my experiences with outages that never affected my circuits. Trans-oceanically (is that a word?), there are some serious contention problems especially from South America and Asia/Pac to the US. So if the above premise is something that can and does happen regularly, what does the carrier do - just massive dropping of packets / cells until the problem disappears, probably after hours that day? If it is because of a failure on the part of their network, they try to repair and re-route traffic to eliminate the data drops. SLA's usually cost the carrier money at a certain point in the failure window, and a reputation for bad reliability is a difficult issue to overcome in this marketplace. If it is because the customer has overutilized links, they try to sell the customer more bandwidth. Any experience? Chuck One IOS to forward them all. One IOS to find them. One IOS to summarize them all And in the routing table bind them. -JRR Chambers- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2634t=2634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi Folks, need job!!!! [7:2623]
Check these sites www.techiegold.com www.computerjobs.com www.dice.com . - Original Message - From: Shahid Muhammad Shafi To: Sent: Monday, April 30, 2001 4:06 PM Subject: Hi Folks, need job [7:2623] Hi Guys, Just layed-off by Cisco today. Suppose to join them on 21st May 2001 and got this job in December 2000. Didnt look for any jobs during that time and now without a job. Kindly if you know and have any opportunities let me know. Willing to relocate from Denver Colorado. Regards Shahid Muhammad Shafi = Shahid Muhammad Shafi MSc Telecommunications Candidate University of Colorado Boulder BSEE(GIKI),MCSE+I,CNA,CCNA,CCNP Please help feed hungry people worldwide http://www.hungersite.com/ A small thing each of us can do to help others less fortunate than ourselves __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2635t=2623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi Folks, need job!!!! [7:2623]
Check these sites www.techiegold.com www.computerjobs.com www.dice.com . - Original Message - From: Shahid Muhammad Shafi To: Sent: Monday, April 30, 2001 4:06 PM Subject: Hi Folks, need job [7:2623] Hi Guys, Just layed-off by Cisco today. Suppose to join them on 21st May 2001 and got this job in December 2000. Didnt look for any jobs during that time and now without a job. Kindly if you know and have any opportunities let me know. Willing to relocate from Denver Colorado. Regards Shahid Muhammad Shafi = Shahid Muhammad Shafi MSc Telecommunications Candidate University of Colorado Boulder BSEE(GIKI),MCSE+I,CNA,CCNA,CCNP Please help feed hungry people worldwide http://www.hungersite.com/ A small thing each of us can do to help others less fortunate than ourselves __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2636t=2623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLAN's and Routers [7:2534]
On 30 Apr 2001 15:06:15 -0400, [EMAIL PROTECTED] (Howard C. Berkowitz) wrote: Thanks all, that clarifies somewhat. On 30 Apr 2001 14:06:09 -0400, [EMAIL PROTECTED] (Karen E Young) wrote: Usually there needs to be some form of communication between VLANS though, so practically speaking you do need a router. What I would like to do is create broadcast domains for different departments, ie finance, admin. But all departments would need to communicate with the same server(s). Have you looked at VLAN-aware NICs on the server? They would let you have a logical interface in each VLAN. I haven't, but I will do so. There may be more basic questions. Approximately how many hosts are in each department? What protocols do they run? Is there a specific reason you think you may have a problem with broadcasts? Are the hosts plugged into switches that can do per-port broadcast rate limiting? From my limited knowledge I've observed that there is no network management. All switches are run out of the box. It seems we would get more efficiency by isolating departments. There are 6 - 12 hosts in a typical department, most located in a one floor building with four wings, others located in various quonset huts connected to main via fibre. Currently running Banyan IP, am migrating the environment to 2000 and rebuilding the infrastructure in the process. I am replacing the 2800 and 1900 switches with Catalyst 2900xl, I haven't seen mention of throttling capability. My goal is to simplify management, or centralize may be more accurate, and make the network as efficient as possible. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2637t=2534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [sc] DLSW+ Problem [7:2627]
Yes, we are going from one topology to another. This is from TR to Ethernet. From: Chris Cell Reply-To: Chris Cell To: Subject: RE: [sc] DLSW+ Problem Date: Mon, 30 Apr 2001 16:49:36 -0400 MIME-Version: 1.0 Received: from [24.0.95.141] by hotmail.com (3.2) with ESMTP id MHotMailBCB71C01004D400438CE18005F8DC6C80; Mon Apr 30 13:54:25 2001 Received: from CC55451A ([24.180.204.240]) by femail14.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with SMTP id for ; Mon, 30 Apr 2001 13:54:11 -0700 From [EMAIL PROTECTED] Mon Apr 30 13:55:54 2001 Message-ID: X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 I've seen mtu size cause app problems like that. Are you going from one topology to another on the local area sides (enet to tr for example)? If so, then I would look at it from that angle. Chris I am not having problem with DLSW+ connectivity. THe peers are up but I am seeing session drops from application perspective. On the routers I don't see sny connectivity problem or problems with DLSW+. From application point-of-view my user sees SNA communication and SNA SYSTEM RESOURCE FAILURE messages. Thanks.. Fawad From: Qurashi, Iftikhar To: 'Fawad Alam' Subject: RE: [sc] DLSW+ Problem Date: Mon, 30 Apr 2001 16:14:37 -0400 MIME-Version: 1.0 Received: from [159.231.69.23] by hotmail.com (3.2) with ESMTP id MHotMailBCB7120E00784004314F9FE745179B760; Mon Apr 30 13:11:58 2001 Received: from cbmrd-xscc001im.scc.intria.com (localhost [127.0.0.1])by unixs09.scc.intria.com (8.11.2/8.11.2) with ESMTP id f3UKCJS22386for ; Mon, 30 Apr 2001 16:12:26 -0400 (EDT) Received: by CBMRD-XSCC001IM with Internet Mail Service (5.5.2650.21)id ; Mon, 30 Apr 2001 16:10:08 -0400 From [EMAIL PROTECTED] Mon Apr 30 13:13:36 2001 Message-ID: Return-Receipt-To: Qurashi, Iftikhar X-Mailer: Internet Mail Service (5.5.2650.21) Dear Fawad, I am also working on exactly same scenario where I have 2621 on one end and 2612 on other end. let me know more about your scenario and may be I can help you somehow in this regard Iftikhar. -Original Message- From: Fawad Alam [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 2:59 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [sc] DLSW+ Problem Hi I am having some performance problem with DLSW+. The peers are 2621 with IOS Version 12.0(3)T3 and at the other end I have Cisco 2612 with version 11.3(9)T. Our testing setup with obviously less load worked fine but when we moved to production the sessions started dropping. I have checked circuit load and it looks fine. Probably some DLSW+ parametes with some timing features or problem with IOS is causing this problem. Or may be its related to 2600 routers. Is there anyone who experienced same kinda issues in past. Any comments. Thanks... Peter _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- To unsubscribe: echo unsubscribe cisco-cert | mail [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- To unsubscribe: echo unsubscribe cisco-cert | mail [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2627t=2627 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE written passed! [7:2615]
Which of the Boson tests do you recommend? Steve scott mann wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Feels Good! I just passed the CCIE written. It was not actually all that hard if you have all of your CCNP stuff still in your head. Just studied for a couple of weeks after taking 3 months off from CCNP. I would suggest that all candidates buy the new Caslow book and buy the Boson tests. Use the Bosons not only for the memorization of questions, but also for the explanations/references given for each answer. I spent about 4 hours per day studying for these two weeks using just these two guides. Thanks to those who helped me by answering my questions...They directly helped if you know what I mean... On to the LAB...should take about 3-4 months to study intermixed with my actual job. Scott _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2638t=2615 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WAN Congestion - Cloud technology - Theory vs Reality [7:2639]
ATT 1998 meltdown was caused by software flaws http://www.att.com/press/0498/980422.bsb.html MCI's 1999 meltdown was caused by a software upgrade problem http://www.google.com/search?q=cache:198.112.59.30/home/news.nsf/all/9909175 mcini+MCI+mea+culpahl=en - Original Message - From: Daniel Cotts To: Sent: Monday, April 30, 2001 2:11 PM Subject: RE: WAN Congestion - Cloud technology - Theory vs Reality [7:2624] Not sure of the details but there certainly were several Frame Relay network meltdowns. The ATT Stratacom switch IOS upgrade (oops!@) and the Ascend (for MCI?). There were extenuating reasons for the initial failures but the cloud didn't converge. Anyone have a postmortem on these events? -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Monday, April 30, 2001 3:56 PM To: [EMAIL PROTECTED] Subject: WAN Congestion - Cloud technology - Theory vs Reality [7:2618] dropped/refused entry because of congestion on the cloud. This in turn leads to the retransmission of dropped packets/cells, which in turn leads to more congestion, in a never ending spiral ( in theory, at least ) Reality: This gets into sizing of WAN links / CIR's / CBR's I am a bit curious. Anyone here have any real world experience with this kind of thing happening? I can see how this can happen in theory. In reality, carrier cloud congestion is not such that it would likely lead to this kind of result, is it? So if the above premise is something that can and does happen regularly, what does the carrier do - just massive dropping of packets / cells until the problem disappears, probably after hours that day? Any experience? Chuck One IOS to forward them all. One IOS to find them. One IOS to summarize them all And in the routing table bind them. -JRR Chambers- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2639t=2639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WAN Congestion - Cloud technology - Theory vs Reality [7:2641]
Chuck, Couple of different approaches to the below: - on F/R links, you can set low priority packets to be discard eligible, though I'm not sure that very many frame relay SPs support this - features such as Random Early Discard/Detect are often employed on links subject to congestion to avoid the phenomina you describe below - Queuing approaches such as WRED and WFQ can also make sure that priority traffic gets through in times of congestion. Irwin So if the above premise is something that can and does happen regularly, what does the carrier do - just massive dropping of packets / cells until the problem disappears, probably after hours that day? Any experience? Chuck One IOS to forward them all. One IOS to find them. One IOS to summarize them all And in the routing table bind them. -JRR Chambers- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2641t=2641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:There is always a New Kid on the Block (CIsco) [7:2613]
I see the next 'killer app' being VoIP (and just deploying one set of wires) and also Multicast audio and blackboard applications. Cisco looks well positioned to help with both of those. Ben --- EA Louie wrote: nice Dan, thanks for the walk down memory lane, for reminding us that this is temporary. and now listmembers... (drumroll please) ... who is YOUR guess for the next new kid on the block? -e- - Original Message - From: ccnawan To: Sent: Monday, April 30, 2001 1:40 PM Subject: OT:There is always a New Kid on the Block (CIsco) [7:2613] Hi all, A few days ago there was a thread about the value of cisco certs, and how they were a lot of people pursuing them now. My first recollection of IT, was when Big Blue was King, my oldest brother would bring some of the IBM computer punch cards home from his job. Nobody could touch IBM then. That was still true when I started out in IT in 1981. A couple years later the new kid on the block was Novell Netware, and everybody including me wanted to be a CNE. I pursued my Netware certs. Then, we started hearing rumblings about Microsoft NT. You had to be a MCSE, if you did you could name your price, and that was true. As it was when Netware 2.1 first came out nobody knew about NT, so I followed the new kid and got a job in a NT shop. Well, now it is Cisco, no disrespect, I am a (Cisco reseller) and a few years as technology changes, it will be someone else maybe Juniper. After 20 years in IT nothing has changed, you must be prepared to learn new technology, keep your ear to the ground for the new kid on the block, he is coming soon, to a neighborhood near you.. I love computers. Dan Evensen CCNAWS CNS FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2642t=2613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]