Re: Syslog server for Whatsup Gold [7:52269]
Hello all I am using Whatsup gold as Network Management system . Now I want to collect the data on syslog server which is freeware.Can anybody suggest me some syslog servers. I tried Kiwi syslog Daemon ,but is there anything better than it ? Thanks in advance ... Piyush Want to sell your car? advertise on Yahoo Autos Classifieds. It's Free!! visit http://in.autos.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52269t=52269 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
problem with reverse telnet [7:52270]
hi all, have the following scenario. ISP -- DSL Router -- FreeBSD -- 2511 -- CCIE Lab I do a telnet from the internet to my DSL router. from the router a telnet to my unix box. from there I do a cu -l /dev/cuaa1 -s 9600 to connect to the 2511 via the COM1. this works fine !! from the 2511 I can connect via reverse telnet to my lab routers it's not possible to logout from the routers and come back to the 2511. - CTRL+SHIFT+6 x isn't working at all - CTRL+6 x is disconnecting all telnet sessions and throwing me back to the prompt of my dsl router. - disconnect isn't working - exit and logout are giving me the following R2 con0 is now available Press RETURN to get started. after I press return I am back on the router to which I did the reverse telnet from the 2511. how can I come back to the 2511 without loosing all the telnet sessions ??!?!? hope somebody can help thanks monti Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52270t=52270 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mobile IP not responding...help! [7:52215]
Hi, Here is the config of Router A and Rotuer B trying to do mobile IP between them. I am running (C2500-JS-L), Version 12.2 on my 2501s. HostA here is a Windows 2000 Professional client which is not responding to the mobile IP advertisements. R1-R2 | | | | HostA HostA on visit Host A is the roaming host. R1 is the Home Agent. HostA moves to the Foreign Agent R2 network. Router1 (Home Agent) ip mobile home-agent ip mobile host 192.168.10.2 192.168.10.3 interface Ethernet0 router mobile interface Ethernet0 ip address 192.168.10.1 255.255.255.0 Router2 (Foreign Agent) router mobile ip mobile foreign-agent care-of Ethernet0 interface Ethernet0 ip address 172.168.10.1 255.255.0.0 ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip irdp holdtime 30 ip mobile foreign-service I am not getting any response from the win2K client though MobileIP Agent advertisements are sent out on Ethernet0 of the Foreign Agent Router. I am just wondering if I any client software installation needed at my win2K. Any help much appreciated... Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52271t=52215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: CSS1 Cert [7:52240]
The one is from Bernard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52272t=52240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Point to Point VS multipoint [7:52273]
List, I have few questions about some limitations and your suggestions. 1. How many interfaces can the ATM card handle ? 2 - What is the difference between point-to-point interfaces and multipoint ones ? 3 - Is there any better way to configure ADSL customers rather than going to the Cisco router every time and adding them there ? Any other devices or extra software that can assist us in organizing it better and not having to access the router and modify its configuration each time ? We are having this on STM1 running PPPOE Many thanks in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52273t=52273 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mobile IP not responding...help! [7:52215]
Not understanding or actually having read about Mobile IP, but I'm going to ask about your Windows 2000 Machine Is Your windows 2000 machine configured with a static or dynamic address? If it is configured with a dynamic address and is booted up on a network that does not have a DHCP server or access to a DHCP server, the Windows 2000 client will thumbsuck an IP address from the some range that Microsoft has coded into their operating system. Just thinking that this could be your problem? -Original Message- From: robert 2140 [mailto:[EMAIL PROTECTED]] Sent: 29 August 2002 10:57 To: [EMAIL PROTECTED] Subject: Mobile IP not responding...help! [7:52215] Hi, Here is the config of Router A and Rotuer B trying to do mobile IP between them. I am running (C2500-JS-L), Version 12.2 on my 2501s. HostA here is a Windows 2000 Professional client which is not responding to the mobile IP advertisements. R1-R2 | | | | HostA HostA on visit Host A is the roaming host. R1 is the Home Agent. HostA moves to the Foreign Agent R2 network. Router1 (Home Agent) ip mobile home-agent ip mobile host 192.168.10.2 192.168.10.3 interface Ethernet0 router mobile interface Ethernet0 ip address 192.168.10.1 255.255.255.0 Router2 (Foreign Agent) router mobile ip mobile foreign-agent care-of Ethernet0 interface Ethernet0 ip address 172.168.10.1 255.255.0.0 ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip irdp holdtime 30 ip mobile foreign-service I am not getting any response from the win2K client though MobileIP Agent advertisements are sent out on Ethernet0 of the Foreign Agent Router. I am just wondering if I any client software installation needed at my win2K. Any help much appreciated... Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52274t=52215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CRC frame errors and carrier transitions [7:52225]
I don't know how much this counts but since it is a serial interface, maybe you should put the bandwidth command for the interface, since it is a T1 -- PASTE MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, Available Bandwidth 1536 kilobits/sec --- Would this help in addition to everyone else's advice? Of course the bandwidth command is usually only meant for routing protocols that make use of it, but if your routing protocol thinks you have a 2Mb Link .. Then that could be some part of the cause ... But I also realise that if it were based on this, you would have a problem on a daily basis. The solution though depends on when the link goes down ... There probably is a pattern to it! -Original Message- From: Gary Crouch [mailto:[EMAIL PROTECTED]] Sent: 28 August 2002 19:02 To: [EMAIL PROTECTED] Subject: CRC frame errors and carrier transitions [7:52225] our WAN connections dies about once a month and we always get lots of frame error and carrier transitions Pac Bell does not have a clue to why this is happening the have blamed our Equpment Cisco 3640 with Adtran TSU LS or timing errors but general have no clue. is there any way to clean this connection up and stop the monthly outages Thanks MCI-Frame#sh int s0/1 Serial0/1 is up, line protocol is up Hardware is QUICC Serial Description: backport to DI Internet address is x.x.x.x/30 MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, reliability 255/255, txload 2/255, rxload 7/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 17:02:48 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 10 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/22/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1536 kilobits/sec 5 minute input rate 59000 bits/sec, 13 packets/sec 5 minute output rate 17000 bits/sec, 14 packets/sec 350855 packets input, 175929333 bytes, 0 no buffer Received 7602 broadcasts, 0 runts, 0 giants, 0 throttles 37509 input errors, 2081 CRC, 35414 frame, 0 overrun, 0 ignored, 8 abort 292361 packets output, 39591690 bytes, 0 underruns 0 output errors, 0 collisions, 5 interface resets 0 output buffer failures, 0 output buffers swapped out 168 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52275t=52225 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mobile IP not responding...help! [7:52215]
thanks for your reply...but I use a static IP addrs on my win2k box. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52276t=52215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VG 200 with Cosmocom Call Center server [7:52277]
HI Has any one done configuration of VG200 with Cosmocom Call Center server? Can any one give me the configuration of VG200. Thanks and regards Mukesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52277t=52277 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: problem with reverse telnet [7:52270]
In a similar situation I found that entering ctrl+shift+6 twice before the x worked. The sequence is ctrl+shift+6 ctrl+shift+6 x. Good luck. -gt Antonio Montana wrote: hi all, have the following scenario. ISP -- DSL Router -- FreeBSD -- 2511 -- CCIE Lab I do a telnet from the internet to my DSL router. from the router a telnet to my unix box. from there I do a cu -l /dev/cuaa1 -s 9600 to connect to the 2511 via the COM1. this works fine !! from the 2511 I can connect via reverse telnet to my lab routers it's not possible to logout from the routers and come back to the 2511. - CTRL+SHIFT+6 x isn't working at all - CTRL+6 x is disconnecting all telnet sessions and throwing me back to the prompt of my dsl router. - disconnect isn't working - exit and logout are giving me the following R2 con0 is now available Press RETURN to get started. after I press return I am back on the router to which I did the reverse telnet from the 2511. how can I come back to the 2511 without loosing all the telnet sessions ??!?!? hope somebody can help thanks monti Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52279t=52270 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: problem with reverse telnet [7:52270]
thorne, thanks a lot ... it's working !! regards, monti Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52280t=52270 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Security Lab schedule FYI [7:52281]
I thought I should share some info with the group, especially those interested in pursuing the Security CCIE. I passed the written last week, and the system finally updated last night so that I could register for the lab. By the way, all lab types can be registered for on the web now. According to the online system, the first available date to take the Security lab in San Jose (the only North American site that offers the Security lab) is, ironically, April 1, 2003. That is over 7 months away. Extrapolating, if I have to schedule another date (I'm not so arrogant to assume I will pass the first try, but you never know...) I won't be able to take it again until November 1, 2003. I don't know if Cisco is planning to add more seats in San Jose or other locations anytime soon, so if you are thinking about taking the Security lab you better plan ahead, way ahead. My $0.02, John Dorffler CCIE #6677 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52281t=52281 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Michelle T., are you out there? [7:52283]
Sorry to bother the list, but I have a bouncing email address. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52283t=52283 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Policy [7:52061]
SANS has a great collection of canned policies that are VERY thorough. Grab em -Original Message- From: Tim Medley To: [EMAIL PROTECTED] Sent: 8/28/2002 5:52 PM Subject: RE: Security Policy [7:52061] I'd be interested in something like this too, to use as a template. Perhaps someone has a generic dummy security policy from a class or something they can share. tm Tim Medley, CCNP+Voice, CCDP, CWNA Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: John Brandis [mailto:[EMAIL PROTECTED]] Sent: Monday, August 26, 2002 1:08 AM To: [EMAIL PROTECTED] Subject: Security Policy [7:52061] Hi All, does any one have a copy of a security policy (like a corporate security outline for the company) that they are willing to share, so I can create one using that as a template/guide ? Thanks all John Sydney, Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52284t=52061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ICQ and blocking the thing-PIX [7:52285]
Hi Cisco gods, I have successfully blocked all chat services at the PIX firewall, I think. As I walk around and find people using MSN or Messenger I find that public proxy they are using and kill it too. BUT, I am having a hell of a time with ICQ. I do have all the ports UDP and TCP blocked so it does not work UNLESS they use port 80. This is where I am stuck, I cant block port 80 as you know so how do I kill this monster? Has any one had luck with this and has anyone found a way to stop the public proxy usage? I really feel as if I am fighting a losing battle, cuss for every block I am countered with a way around it. My inside ACL in the pix is quite impressive and all just for blocking this crap, if anyone would like it for theirs I will provide as it is proven and works, with exception to ICQ. HELP WANTED Thanks Rob Mears III, CCNP, MCSE, CNE, NNCDS, NNCSS, NNCPS, MCP+I, A+ Technical Mercenary Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52285t=52285 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What IOS version tested in CCIE [7:52256]
12.1(5)T9 enterprise at the moment. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Tribavan Raina wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi guys, ..The CCIE web site says Specific features new to IOS version 12.1 can appear on CCIE lab exams starting on this date. Candidates should note that this change primarily affects the CCIE Routing and Switching and CCIE Security exams Does this mean we don't need to worry about features in 12.2 And which image is usually used mean GD or ED.. Cheers Tribavan Raina Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52265t=52256 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help needed on Simline 2 ISDN Simulator [7:52255]
Hello Brad, Ethernet patches?? Do you mean normal Ethernet straight-through cables, or Ethernet cross-over cables?? Thanks in advance, H. Brad Ellis wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ethernet connections??? Maybe you mean ethernet patch cables connecting the ISDN ports on the 2503s to the simulator. If that's the case, then yes, that's all you need to connect the simulator to your router. I've had a TON of experience with the Simline 2's, and I'm sure it will be more than sufficient for your CCIE lab needs. If you can get one second hand at a good price (less than $1k) GO FOR IT! :) thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) H. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, Does anyone had any experience on Simline 2 ISDN Simulator? I am thinking of buying a 2nd hand one. I have been told that the simulator works just by normal Ethernet connections into the Cisco 2503, so no need of any extra cabling. Is there anything I have to look out for when getting an ISDN Simulator? http://www.astricom.com/simline2faq.htm Any help or comments would be greatly appreciated. Best Regards, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52268t=52255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE qualification Exam, misconception? Longi [7:52235]
I definitely agree on the difficulty of this new exam. I have spoken to a number of people that have taken the new CCIE Written exam and they have all failed miserably. And I mean miserably. Apparently, the scoring is now different. It's not a straight 70% passing score anymore. For example, one guy I talked to said the passing score for his exam was 105 and he got a 33! Shawn K. -Original Message- From: Bernard Omrani [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, August 28, 2002 5:09 PM To: [EMAIL PROTECTED] Subject: CCIE qualification Exam, misconception? Longish. [7:52235] I hope this message can save CCIE written exam applicants several hundreds of $$ and lots of frustration. There was a time that a CCIE applicant could add a few weeks of study on top of his/her CCNP or CCDP knowledge and take the CCIE qualification exam and pass it. As of August 7th of this year the rules have changed. The new format of the exam is totally different, absolutely brutal and very extensive. Now, every question of this exam is a challenge. If you see a question with a straight answer, you better think again because most definitely you have missed a twist. One, two, and even three Graphics and exhibits are part of most of the questions. Some exhibits fill up the whole screen with configurations and debug outputs. There is no way you can find the information that you want within those few seconds if you do not already know where to look for them. Given the configuration of 4 or more routers with all possible IP routing protocols (including BGP) and redistributions, you must be able to follow the packets and updates and say what you see at the other end of the network. The same applies for IPX, and the same applies for bridging. You must be very fluent in BGP. You must be very fluent in IS-IS. General knowledge about BGP and IS-IS will not cut it. You must know all the features of the 4000 and 6500 Cats. and be able to use those features. You must be an expert in multicasting and know the behavior or routers in all different scenarios. You must be an expert in Qos, shaping and policing. You must know Ethernet, and know it in detail. You must know CSMA/CD's frames, measurements, bits and pieces. You must know Token ring in detail. You must be able identify who does what in what sequence when something goes wrong or in normal operation. You must know the frame format of almost every kind of frame. You must know the content of each frame. You must be familiar with IEEE standards. Just knowing that IEEE 802.11 deals with the wireless is not enough. You must know much more than that in detail. You must be familiar with the famous RFCs and identify them by their number, besides their contents. On top of these, add questions that try to trick you by changing just one word in the question. Then again, add the well-known Cisco questions that do not make any sense at all. So how do we pass this exam then? This is what I recommend. Assume that you have taken the written exam and have passed it. Assume that you have contacted Cisco and have got a lab date in 8 month. Start practicing for the lab. Do all kinds of scenarios that you have to do to pass the lab, including Fatkid, Ccbootcamp, IPExpert and Cyscoexpert scenarios and many more. In the meantime, in parallel to your lab, read the above mentioned subjects and the blueprint in detail. In 8 months you must be at a relatively comfortable level to attempt the qualification exam, mainly due to your practice with scenarios. You will know you are ready for the exam when you know (almost) as much as Priscilla at Layer 1 and Layer 2, as much as Howard at Layer 3, and as much as Peter Van Oene at layer 3 4. After you pass the written, call Cisco and schedule your lab. I can guarantee you; there will hardly be any waiting. You should be able to schedule your lab for the next day or so. There will not be very many people around who have qualified to take the lab. If you are already a CCIE and you are reading this message and you are happy that this degree of difficulty will add to the value of your (or ##,###) in the long run, yes it will. But remember, this monster will soon knock at your door when you want to re-certify! And trust me; it will not be a piece of cake. Good luck to everybody, Bernard Omrani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52278t=52235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3550 and 3524 [7:52286]
Hi all, What is the difference between 3550 and 3500? For CCIE lab, can you practice on 3500 only, or do you need a 3550? Thanks all Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52286t=52286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE needs advice on MCSE [7:52236]
Thank you Mark! John, like Mark said boot camps are the easy way to get a cert but do little for your skill set unless you have a photographic memory. There is nothing that can replace hard core studying and experience. When I hire certed people I actually drill them in real world situations like, you just added a new server in the domain as a member server but now you are having login problems and election storms, why? That is very easy of course but you get the picture. Get the experience and work on the cert as you go. With MS if you get your W2K MCSE today, next year it is being replaced with .net, and then who knows. : Steve (MCSE) -Original Message- From: Mark W. Odette II [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 28, 2002 5:00 PM To: [EMAIL PROTECTED] Subject: RE: CCIE needs advice on MCSE [7:52236] John- Honestly, I believe that unless you've got some extensive (more than 2 years) experience in troubleshooting MS Servers and workstations, the Bootcamp will do you an injustice. You will learn a considerable amount of stuff in a short time, and then take the tests to pass immediately afterwards. 3-6 months later, you won't remember half of what you learned about Active Directory or Group Policy management, much less anything dealing with NT 4/2000 mixed Server application scenarios. You'll then feel really stupid when trying to solve problems that you would feel should be simple, but some gotcha makes them not. Just my humble opinion though, from years of experience working with the Paper MCSEs. This, of course, does not take into account the possibility that you personally have a read once, never forget it learning capacity. :) If you do have the experience though, MCSE Bootcamps are the way to go (provided money is no object). I would suggest LearnQuick.com as the source for the Bootcamp, as the instructor is top notch. Classes are held in Austin, TX. Sincerely, Mark Odette, II CCNP, MCSE 4.0/2000, A+ Certified. -Original Message- From: John Conzone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 28, 2002 4:07 PM To: [EMAIL PROTECTED] Subject: CCIE needs advice on MCSE [7:52236] Hi. Sorry to go off topic but I studied here for my CCIE and found all of you very helpful and understanding. I am wanting to get my MCSE and want to attend a MCSE Bootcamp. Any experiences, advice or recommendations would be greatly appreciated. Best Regards John Conzone CCIE #6409 R/S CNE 3/4/5 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52282t=52236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550 and 3524 [7:52286]
The two switches are similar in command appearance, but way different in terms of functionality. Even a quick look at the documentation as found on CCO should tell you that. yes you will need eye time with the docs and finger time with the 3550 itself. There are far too many things different that you will be responsible for. I've written extensively about the 3550 on this list. another reason why everyone really should read my posts religiously. :- Chuck -- M. Nabelsi wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, What is the difference between 3550 and 3500? For CCIE lab, can you practice on 3500 only, or do you need a 3550? Thanks all Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52287t=52286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FXS and Key System connection [7:52288]
Hi Group, Could anyone please tell me is there a way to connect FXS to Key system, I was thinking that it can only be used to connect to an Analog phone or Fax, but I have heard there is a way to connect it to Key system, I guess in that case some programming might be needed in Key System. Please help, neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52288t=52288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help needed on Simline 2 ISDN Simulator [7:52255]
Hi H, What you need is a normal Straight through Ethernet Cable to connect from the Slimline-2 or Slimline-6 directly onto a Cisco 2503 ISDN Interface. You could use the same Ethernet Straight-Through cable if you have ISDN at your home to connect from the NT1 to an ISDN Device. An Ethernet Cross-Cable will not work. Hope this helps. Regards, Brian. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52290t=52255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Verizon Contact [7:52220]
I'm not too sure if my previous message was sent. Here it is again: Verizon NOC @ 1-800-243-6994 Good luck. Erich Kuehn wrote:Does anyone have a Verzion contact that could help with setting up a 2600 with a DSL wic. Or configs that might work. Thanks Erich Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52291t=52220 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ICQ and blocking the thing-PIX [7:52285]
Rob, Currently we use MS Proxy server to restrict Internet access so I, unfortunately, do not have your answer. Your offer to post your ACL for peer-to-peer blocking would be very appreciated though. Soon we will be removing Proxy and allowing our new PIX to restrict Internet access. At that time we'll need to set up ACL's as you are now. If you wouldn't mind posting yours, I would be extremely appreciative. It will help save me a lot of time in the very near future. Thanks, David Armstrong Mears, Rob wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Cisco gods, I have successfully blocked all chat services at the PIX firewall, I think. As I walk around and find people using MSN or Messenger I find that public proxy they are using and kill it too. BUT, I am having a hell of a time with ICQ. I do have all the ports UDP and TCP blocked so it does not work UNLESS they use port 80. This is where I am stuck, I cant block port 80 as you know so how do I kill this monster? Has any one had luck with this and has anyone found a way to stop the public proxy usage? I really feel as if I am fighting a losing battle, cuss for every block I am countered with a way around it. My inside ACL in the pix is quite impressive and all just for blocking this crap, if anyone would like it for theirs I will provide as it is proven and works, with exception to ICQ. HELP WANTED Thanks Rob Mears III, CCNP, MCSE, CNE, NNCDS, NNCSS, NNCPS, MCP+I, A+ Technical Mercenary Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52293t=52285 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Security Lab schedule FYI [7:52281]
John Dorffler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I thought I should share some info with the group, especially those interested in pursuing the Security CCIE. I passed the written last week, and the system finally updated last night so that I could register for the lab. By the way, all lab types can be registered for on the web now. According to the online system, the first available date to take the Security lab in San Jose (the only North American site that offers the Security lab) is, ironically, April 1, 2003. That is over 7 months away. Extrapolating, if I have to schedule another date (I'm not so arrogant to assume I will pass the first try, but you never know...) I won't be able to take it again until November 1, 2003. I don't know if Cisco is planning to add more seats in San Jose or other locations anytime soon, so if you are thinking about taking the Security lab you better plan ahead, way ahead. CL: I got curious, and did a quick check of the San Jose Lab myself. The RS lab is booked solid until April 2003, with the exception of a single open date in early February. CL: usually there are last minute cancellations, and one can pick up a date tomorrow or next week if one keeps checking. However, it now appears that the Lab is keeping pretty full. This is interesting, and expected, given the announced Lab changed dues Novemebr 4. People are keeping their pre-3550 date, or moving into open spots quickly, fearing that if they wait they will get nailed if they don't. CL: I don't have time to fool around much more today, so I can't check the other locations. My $0.02, John Dorffler CCIE #6677 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52294t=52281 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Secondary addresses on fast ethernet interfaces [7:52295]
All, Does anyone know if using a seconday interface on fast ethernet 0/0 on a 7204 will degrade perfomance on the network for the primary interface? I have to route a a different subnet on a LAN and cannot do it without creating a secondary interace? for instance interface FastEthernet0/0 ip address 205.109.29.x 255.255.255.128 no ip route-cache no ip mroute-cache full-duplex no cdp enable interface FastEthernet0/0.1 ip add 205.109.29.33 255.255.255.224 to add a second subnet to this router for that LAN Will this degrade performance or cause a problem. There is probably a beter way to do it but I the router will not let me create a static route for this subnet becuase the gateway is the router itself. for instance Enter configuration commands, one per line. End with CNTL/Z. AAAV7204(config)#ip route 205.109.29.32 255.255.255.224 205.109.29.129 %Invalid next hop address (it's this router) AAAV7204(config)# Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52295t=52295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unidentified cisco cable [7:52296]
Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52296t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: unidentified cisco cable [7:52296]
yes, if you've had the cable since 1999 and still don't know what it is, throw it out or put it up on e-bay already! :) thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Vicuna, Mark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52298t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ICQ and blocking the thing-PIX [7:52285]
Make sure that you carefully figure out the correct side of the connection. ICQ server runs on port 4000, and the client chooses a random high-numbered port. That means you will see UDP packets FROM (inbound/source) port 4000 going to the random port. In other words, don't go looking in a port database trying to figure what that random, high-numbered port means. The significant port is the source. HTH Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: Mears, Rob [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 9:48 AM To: [EMAIL PROTECTED] Subject: ICQ and blocking the thing-PIX [7:52285] Hi Cisco gods, I have successfully blocked all chat services at the PIX firewall, I think. As I walk around and find people using MSN or Messenger I find that public proxy they are using and kill it too. BUT, I am having a hell of a time with ICQ. I do have all the ports UDP and TCP blocked so it does not work UNLESS they use port 80. This is where I am stuck, I cant block port 80 as you know so how do I kill this monster? Has any one had luck with this and has anyone found a way to stop the public proxy usage? I really feel as if I am fighting a losing battle, cuss for every block I am countered with a way around it. My inside ACL in the pix is quite impressive and all just for blocking this crap, if anyone would like it for theirs I will provide as it is proven and works, with exception to ICQ. HELP WANTED Thanks Rob Mears III, CCNP, MCSE, CNE, NNCDS, NNCSS, NNCPS, MCP+I, A+ Technical Mercenary Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52299t=52285 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mobile IP not responding...help! [7:52215]
There's no lifetime on your ip mobile host statement for the foreign agent Did you verify the map with sh ip route mobile, how about submitting output of sh ip mob int to verify the advert's (plus I'm assuming you ran the ip mobile foreign-service on R2) Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: robert 2140 [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 3:57 AM To: [EMAIL PROTECTED] Subject: Mobile IP not responding...help! [7:52215] Hi, Here is the config of Router A and Rotuer B trying to do mobile IP between them. I am running (C2500-JS-L), Version 12.2 on my 2501s. HostA here is a Windows 2000 Professional client which is not responding to the mobile IP advertisements. R1-R2 | | | | HostA HostA on visit Host A is the roaming host. R1 is the Home Agent. HostA moves to the Foreign Agent R2 network. Router1 (Home Agent) ip mobile home-agent ip mobile host 192.168.10.2 192.168.10.3 interface Ethernet0 router mobile interface Ethernet0 ip address 192.168.10.1 255.255.255.0 Router2 (Foreign Agent) router mobile ip mobile foreign-agent care-of Ethernet0 interface Ethernet0 ip address 172.168.10.1 255.255.0.0 ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip irdp holdtime 30 ip mobile foreign-service I am not getting any response from the win2K client though MobileIP Agent advertisements are sent out on Ethernet0 of the Foreign Agent Router. I am just wondering if I any client software installation needed at my win2K. Any help much appreciated... Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52300t=52215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mobile IP not responding...help! [7:52215]
FYI - from our lab... Our config for our equivalent of your R2: interface Ethernet0 ip address 10.0.0.1 255.0.0.0 interface Ethernet1 ip address 10.0.0.10 255.0.0.0 ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip mobile foreign-service ip mobile registration-lifetime 3600 ! router mobile ! ip mobile foreign-agent care-of Ethernet0 Also if you can sniff the traffic, check the foreign agent registration bitflags. Check out below for all you need to know (word wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t1/mobileip.htm#18261 Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data 1301 Algonquin Rd. Rm. 434 Schaumburg, IL 60193 Office: (847) 761-7069 Mobile: (630) 918-6600 Skytel: (877) 681-2614 [EMAIL PROTECTED] -Original Message- From: robert 2140 [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 3:57 AM To: [EMAIL PROTECTED] Subject: Mobile IP not responding...help! [7:52215] Hi, Here is the config of Router A and Rotuer B trying to do mobile IP between them. I am running (C2500-JS-L), Version 12.2 on my 2501s. HostA here is a Windows 2000 Professional client which is not responding to the mobile IP advertisements. R1-R2 | | | | HostA HostA on visit Host A is the roaming host. R1 is the Home Agent. HostA moves to the Foreign Agent R2 network. Router1 (Home Agent) ip mobile home-agent ip mobile host 192.168.10.2 192.168.10.3 interface Ethernet0 router mobile interface Ethernet0 ip address 192.168.10.1 255.255.255.0 Router2 (Foreign Agent) router mobile ip mobile foreign-agent care-of Ethernet0 interface Ethernet0 ip address 172.168.10.1 255.255.0.0 ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip irdp holdtime 30 ip mobile foreign-service I am not getting any response from the win2K client though MobileIP Agent advertisements are sent out on Ethernet0 of the Foreign Agent Router. I am just wondering if I any client software installation needed at my win2K. Any help much appreciated... Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52301t=52215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: unidentified cisco cable [7:52296]
Vicuna, Mark wrote: I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. Might be a 7500 console cable (for redundant RSPs): http://www.cisco.com/univercd/cc/td/doc/product/core/cis7505/rte_swit/rsp4/2662rsp4.htm#xtocid34 Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52302t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: unidentified cisco cable [7:52296]
sounds like something I see on 7500 routers with dual processor cards.. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vicuna, Mark Sent: Thursday, August 29, 2002 9:35 AM To: [EMAIL PROTECTED] Subject: unidentified cisco cable [7:52296] Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52303t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Secondary addresses on fast ethernet interfaces [7:52295]
Short answer would be not unless the volume of data was a problem or the new configuration caused packets to be switched(proccess, ...) in a different manner than before. I think you want to do: int fa0/0 ip addr 205.109.29.x(where x is 128) 255.255.255.128 ip addr 205.109.29.33 255.255.255.224 sec If you are trying to keep x below 128 then you've got a problem with the subnet mask's being different. Not a problem for the router, but a problem for the end hosts the router sends icmp redirects to which have different subnet masks. Assuming no other routers attached to this the L2 network of this fa0/0 this just Disable icmp re-directs and also seriously consider ip route-cache same-interface. If you want to run a trunking protocol and have the two networks on different sub interfaces then you'll have to straighten out any overlapping net blocks. By abstracting X for us you really made it difficult to help. Showing the .29. as an X if you wanted to hide addresses would have been better. Good Luck and hope this helps, Darrell McHugh Randy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All, Does anyone know if using a seconday interface on fast ethernet 0/0 on a 7204 will degrade perfomance on the network for the primary interface? I have to route a a different subnet on a LAN and cannot do it without creating a secondary interace? for instance interface FastEthernet0/0 ip address 205.109.29.x 255.255.255.128 no ip route-cache no ip mroute-cache full-duplex no cdp enable interface FastEthernet0/0.1 ip add 205.109.29.33 255.255.255.224 to add a second subnet to this router for that LAN Will this degrade performance or cause a problem. There is probably a beter way to do it but I the router will not let me create a static route for this subnet becuase the gateway is the router itself. for instance Enter configuration commands, one per line. End with CNTL/Z. AAAV7204(config)#ip route 205.109.29.32 255.255.255.224 205.109.29.129 %Invalid next hop address (it's this router) AAAV7204(config)# Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52304t=52295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multiple Helper-addresses on same interface [7:52305]
Hello all, Can anyone enlighten me on the behavior of having multiple ip helper-address statements on the same interface? We are setting up a DHCP solution where we will have two DHCP servers and the Cisco router serving as the relay agent. If I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server?? Or will it randomly send it to one or the other? Or if one server is not available, the router will send the unicast message to the server that is available? What does the router do with multiple ip helper-address statements? Any help would be appreciated. Thanks. Joe Quezada Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52305t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sure [7:52305]
It just copies the UDP broadcast packets to all address specified. So you could put in a second DHCP server. Any DHCP request would be sent to both servers. Both would respond and the client would select which one to take. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52307t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IDS Appliance [7:52308]
I was wondering if anyone else has been experiencing problems with Cisco's IDS sensor appliance (formerly Netranger). Almost every time I load a service pack or new signature file I end up rebuilding the device from scratch using the install CD's. I've filed multiple cases with TAC, with little help recieved. I've even spoken to the product manager for the devices and still can't seem to stabilize these things. Anyone else using Cisco IDS appliances? If so, how's your luck with them? Thanks, Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52308t=52308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: unidentified cisco cable [7:52296]
That's what it is, used for connecting to dual RSP cards, though the one I have in the lab doesn't have that number on it the description is otherwise the same. Dave Larry Letterman wrote: sounds like something I see on 7500 routers with dual processor cards.. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vicuna, Mark Sent: Thursday, August 29, 2002 9:35 AM To: [EMAIL PROTECTED] Subject: unidentified cisco cable [7:52296] Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52309t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Time based QOS policing [7:52310]
Is there a way to do QOS policing based on time. For example limit http traffic to 50% of the bandwidth 9am to 5pm only. Does any one have any useful configs or links, Thanks for the help Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52310t=52310 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Secondary addresses on fast ethernet interfaces [7:52295]
Though I'm not sure how the nonsensical static route would alleviate the need for a secondary the secondary interface shouldn't be much of an issue. Of coarse I'm assuming your not adding a secondary network with 500 hosts. ip route-cache same-interface is useful if routing between the primary and secondary interface/s. Dave McHugh Randy wrote: All, Does anyone know if using a seconday interface on fast ethernet 0/0 on a 7204 will degrade perfomance on the network for the primary interface? I have to route a a different subnet on a LAN and cannot do it without creating a secondary interace? for instance interface FastEthernet0/0 ip address 205.109.29.x 255.255.255.128 no ip route-cache no ip mroute-cache full-duplex no cdp enable interface FastEthernet0/0.1 ip add 205.109.29.33 255.255.255.224 to add a second subnet to this router for that LAN Will this degrade performance or cause a problem. There is probably a beter way to do it but I the router will not let me create a static route for this subnet becuase the gateway is the router itself. for instance Enter configuration commands, one per line. End with CNTL/Z. AAAV7204(config)#ip route 205.109.29.32 255.255.255.224 205.109.29.129 %Invalid next hop address (it's this router) AAAV7204(config)# Thanks, Randy -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52311t=52295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple Helper-addresses on same interface [7:52305]
IIRC, the way you make this work is to make the Ethernet interface(on the Router) a trunk link to your switch with ISL or dot1q Vlans. Each VLan represents the Subnet of choice. With this in place, you enable routing between the vlans on the router, and then configure the IP Helper address on the main interface of the Ethernet (this part I may be recanting incorrectly) port. The router will then forward DHCP requests to the appropriate DHCP server based upon what interface the request came from. I don't believe the multiple IP Helper addresses config will work with an Ethernet interface configured with a secondary address. If I've stated in error the proper configuration process, someone will correct me shortly. If I AM in error, it's only because I've never had to do it before... but have read the topic a couple of times on this mail list. Good Luck! Mark -Original Message- From: Quezada, Jose L [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: Multiple Helper-addresses on same interface [7:52305] Hello all, Can anyone enlighten me on the behavior of having multiple ip helper-address statements on the same interface? We are setting up a DHCP solution where we will have two DHCP servers and the Cisco router serving as the relay agent. If I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server?? Or will it randomly send it to one or the other? Or if one server is not available, the router will send the unicast message to the server that is available? What does the router do with multiple ip helper-address statements? Any help would be appreciated. Thanks. Joe Quezada Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52312t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PAT on PIX using ouside interface [7:52258]
How do you do that I thought that if say, you had 10.1.1.1 as the IP for your outside interface. Then you could not use 10.1.1.1 as the PAT'ed address !!! I tried this two months ago and it failed (Ver 6.2) !!! So I had to use a different IP address as the PAT'ed address ie. 10.1.1.2 ... Therefore I ended up having to use two Public IP addresses ... one for the interface and the other for the global NAT/PAT ... Please tell me if Im incorrect !!! Regards Paul ... - Original Message - From: nrf To: Sent: Thursday, August 29, 2002 2:59 AM Subject: Re: PAT on PIX using ouside interface [7:52258] Yes mindiani mindiani wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can I use the outside interface IP address to do PAT on the PIX Firewall ?. Send and receive Hotmail on your mobile device: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52313t=52258 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Gatekeeper not completing calls [7:52315]
I set up two gateways with session target to each other and made calls between them successfully. I introduced gatekeeper and the gateways registered successfully to the gatekeeper, but do not complete calls. I will appreciate pointers from voice gurus. Below are my configs and sh gate end output. TIA. Tunji hostname VG1 ! ! interface FastEthernet0 ip address 217.197.175.25 255.255.255.224 speed 100 full-duplex h323-gateway voip interface h323-gateway voip id LOCAL-GK ipaddr 217.197.175.17 1719 h323-gateway voip h323-id VG1 ! ! ip classless ip route 0.0.0.0 0.0.0.0 217.197.175.1 ! ! voice-port 0/0 station-id number 3201101 ! voice-port 0/1 station-id number 3201102 ! ! dial-peer voice 10 voip destination-pattern 420T session target ras ! dial-peer voice 1 pots destination-pattern 320T port 0/0 ! dial-peer voice 2 pots destination-pattern 320T port 0/1 ! gateway ! hostname VG2 ! ! interface Ethernet0/0 ip address 217.197.175.1 255.255.255.224 half-duplex h323-gateway voip interface h323-gateway voip id LOCAL-GK ipaddr 217.197.175.17 1719 h323-gateway voip h323-id VG2 ! ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.1.1 ! ! voice-port 1/0/0 station-id number 4202101 ! voice-port 1/0/1 station-id number 4202102 ! ! dial-peer voice 1 voip destination-pattern 320T session target ras ! dial-peer voice 10 pots destination-pattern 420T port 1/0/0 ! dial-peer voice 20 pots destination-pattern 420T port 1/0/1 ! gateway ! hotname LOCAL-GK ! ! interface Ethernet0/0 ip address 217.197.175.17 255.255.255.224 half-duplex ! ip classless ip route 0.0.0.0 0.0.0.0 217.197.175.1 ! ! dial-peer cor custom ! ! ! ! gatekeeper zone local LOCAL-GK mydomain.com 217.197.175.17 zone remote REMOTE-GK remotedomain.com 215.215.77.251 1719 zone prefix REMOTE-GK 009* zone prefix LOCAL-GK 320* gw-priority 10 VG1 zone prefix LOCAL-GK 420* gw-priority 10 VG2 lrq forward-queries no shutdown LOCAL-GK#sh gate end GATEKEEPER ENDPOINT REGISTRATION CallSignalAddr Port RASSignalAddr Port Zone Name TypeF --- - --- - - -- 217.197.175.1 1720 217.197.175.1 52318 LOCAL-GKVOIP-GW H323-ID: VG2 217.197.175.25 1720 217.197.175.25 57092 LOCAL-GKVOIP-GW H323-ID: VG1 Total number of active registrations = 2 _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52315t=52315 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Off Topic - Anyone on the list in Monterey, CA? [7:52314]
If you live / work in Monterey, CA, can you contact me off line please. thanks very much Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52314t=52314 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Security Lab schedule FYI [7:52281]
It's the same thing with the Routing and Switching dates.none till April 1. Keith John Dorffler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I thought I should share some info with the group, especially those interested in pursuing the Security CCIE. I passed the written last week, and the system finally updated last night so that I could register for the lab. By the way, all lab types can be registered for on the web now. According to the online system, the first available date to take the Security lab in San Jose (the only North American site that offers the Security lab) is, ironically, April 1, 2003. That is over 7 months away. Extrapolating, if I have to schedule another date (I'm not so arrogant to assume I will pass the first try, but you never know...) I won't be able to take it again until November 1, 2003. I don't know if Cisco is planning to add more seats in San Jose or other locations anytime soon, so if you are thinking about taking the Security lab you better plan ahead, way ahead. My $0.02, John Dorffler CCIE #6677 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52316t=52281 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PAT on PIX using ouside interface [7:52258]
Come on, guys. I hate to put it to you this way, but RTFM. I really don't want to come off as overly harsh, but in the future, just remember that the docs really do contain a lot of answers. The following example enables PAT using the IP address at the outside interface in global configuration mode: ip address outside 192.150.49.1 nat (inside) 1 0 0 global (outside) 1 interface http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.h tm#xtocid1 (watch the wrap) Paul wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How do you do that I thought that if say, you had 10.1.1.1 as the IP for your outside interface. Then you could not use 10.1.1.1 as the PAT'ed address !!! I tried this two months ago and it failed (Ver 6.2) !!! So I had to use a different IP address as the PAT'ed address ie. 10.1.1.2 ... Therefore I ended up having to use two Public IP addresses ... one for the interface and the other for the global NAT/PAT ... Please tell me if Im incorrect !!! Regards Paul ... - Original Message - From: nrf To: Sent: Thursday, August 29, 2002 2:59 AM Subject: Re: PAT on PIX using ouside interface [7:52258] Yes mindiani mindiani wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can I use the outside interface IP address to do PAT on the PIX Firewall ?. Send and receive Hotmail on your mobile device: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52317t=52258 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Gatekeeper not completing calls [7:52315]
You have to configure the gateways so that they register the required dial-peers with the gatekeeper. For example: Dial-peer voice 101 pots destination-pattern 320T register --- This makes the gateway register this dial-peer with the gatekeeper. Port 0/0 When the gateway is registering with the gatekeeper, it will register all configured dial-peers (with the register command) with the GK. If you are using tech-prefixes, you can do it through tech-prefixes as well. Take a look at: http://www.cisco.com/warp/public/788/voip/gk-call-routing.html Hope this helps, Hamid Tunji Suleiman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I set up two gateways with session target to each other and made calls between them successfully. I introduced gatekeeper and the gateways registered successfully to the gatekeeper, but do not complete calls. I will appreciate pointers from voice gurus. Below are my configs and sh gate end output. TIA. Tunji hostname VG1 ! ! interface FastEthernet0 ip address 217.197.175.25 255.255.255.224 speed 100 full-duplex h323-gateway voip interface h323-gateway voip id LOCAL-GK ipaddr 217.197.175.17 1719 h323-gateway voip h323-id VG1 ! ! ip classless ip route 0.0.0.0 0.0.0.0 217.197.175.1 ! ! voice-port 0/0 station-id number 3201101 ! voice-port 0/1 station-id number 3201102 ! ! dial-peer voice 10 voip destination-pattern 420T session target ras ! dial-peer voice 1 pots destination-pattern 320T port 0/0 ! dial-peer voice 2 pots destination-pattern 320T port 0/1 ! gateway ! hostname VG2 ! ! interface Ethernet0/0 ip address 217.197.175.1 255.255.255.224 half-duplex h323-gateway voip interface h323-gateway voip id LOCAL-GK ipaddr 217.197.175.17 1719 h323-gateway voip h323-id VG2 ! ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.1.1 ! ! voice-port 1/0/0 station-id number 4202101 ! voice-port 1/0/1 station-id number 4202102 ! ! dial-peer voice 1 voip destination-pattern 320T session target ras ! dial-peer voice 10 pots destination-pattern 420T port 1/0/0 ! dial-peer voice 20 pots destination-pattern 420T port 1/0/1 ! gateway ! hotname LOCAL-GK ! ! interface Ethernet0/0 ip address 217.197.175.17 255.255.255.224 half-duplex ! ip classless ip route 0.0.0.0 0.0.0.0 217.197.175.1 ! ! dial-peer cor custom ! ! ! ! gatekeeper zone local LOCAL-GK mydomain.com 217.197.175.17 zone remote REMOTE-GK remotedomain.com 215.215.77.251 1719 zone prefix REMOTE-GK 009* zone prefix LOCAL-GK 320* gw-priority 10 VG1 zone prefix LOCAL-GK 420* gw-priority 10 VG2 lrq forward-queries no shutdown LOCAL-GK#sh gate end GATEKEEPER ENDPOINT REGISTRATION CallSignalAddr Port RASSignalAddr Port Zone Name TypeF --- - --- - - -- 217.197.175.1 1720 217.197.175.1 52318 LOCAL-GKVOIP-GW H323-ID: VG2 217.197.175.25 1720 217.197.175.25 57092 LOCAL-GKVOIP-GW H323-ID: VG1 Total number of active registrations = 2 _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52318t=52315 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
configuring catalyst 1200 [7:52319]
Am not having any luck configuring a cat 1200 using hyperterm and the rollover cable and adapter that I used to configure a 2500 router. Am not seeing anything in the Hyperterm session. TIA!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52319t=52319 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple Helper-addresses on same interface [7:52305]
The router would forward the broadcast as multiple unicast packets, one to each IP listed as a IP-Helper. The client would accept the first response that it gets. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52320t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple Helper-addresses on same interface [7:52305]
I have seen it like this f I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server? Yes the router will send request to both the servers and will forward the reply from both the servers to the client.It depends upon client what address it chooses. Tribavan Raina -Original Message- From: Mark W. Odette II [mailto:[EMAIL PROTECTED]] Sent: Friday, August 30, 2002 6:54 AM To: [EMAIL PROTECTED] Subject: RE: Multiple Helper-addresses on same interface [7:52305] IIRC, the way you make this work is to make the Ethernet interface(on the Router) a trunk link to your switch with ISL or dot1q Vlans. Each VLan represents the Subnet of choice. With this in place, you enable routing between the vlans on the router, and then configure the IP Helper address on the main interface of the Ethernet (this part I may be recanting incorrectly) port. The router will then forward DHCP requests to the appropriate DHCP server based upon what interface the request came from. I don't believe the multiple IP Helper addresses config will work with an Ethernet interface configured with a secondary address. If I've stated in error the proper configuration process, someone will correct me shortly. If I AM in error, it's only because I've never had to do it before... but have read the topic a couple of times on this mail list. Good Luck! Mark -Original Message- From: Quezada, Jose L [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: Multiple Helper-addresses on same interface [7:52305] Hello all, Can anyone enlighten me on the behavior of having multiple ip helper-address statements on the same interface? We are setting up a DHCP solution where we will have two DHCP servers and the Cisco router serving as the relay agent. If I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server?? Or will it randomly send it to one or the other? Or if one server is not available, the router will send the unicast message to the server that is available? What does the router do with multiple ip helper-address statements? Any help would be appreciated. Thanks. Joe Quezada Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52321t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE qualification Exam, misconception? Longish. [7:52235]
Bernard, Thanks for your wonderful advise. I'm sure it will be very helpful for lot of us. Warm regards. Asif Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52322t=52235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help with On-line LAB [7:52243]
let me know Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52324t=52243 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE lab [7:52250]
if u do practice , and know the material , it is a helpJohn Brandis wrote: Hi All, Can some one plase describe for me if you have time, how the ccie lab is conducted, how you felt during the lab ? Just keen to know john Sydney, Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52323t=52250 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple Helper-addresses on same interface [7:52305]
Well, this has been interesting... I read the original posters' question as being one thing, and responded accordingly. Everyone else responded to the question, looking at it from a different angle than I was. Jose, can you clarify if these two DHCP Servers are acting as backups or load balance for each other, i.e., they are configured for the same Subnet in scope definition, but are dividing the scope (subnet) in half (one half of the subnet on one DHCP Server, the other half on the other server)?? Or... are the DHCP Servers serving up multiple subnets, with the Router only having one Ethernet interface to route between the subnets... and the DHCP Servers are both running on the Ethernet side of the network?? Are any of the DHCP hosts on the WAN side of the Router?? Just looking for clarity to make sure I'm not reading the question wrong. -Original Message- From: Tribavan Raina [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: RE: Multiple Helper-addresses on same interface [7:52305] I have seen it like this f I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server? Yes the router will send request to both the servers and will forward the reply from both the servers to the client.It depends upon client what address it chooses. Tribavan Raina -Original Message- From: Mark W. Odette II [mailto:[EMAIL PROTECTED]] Sent: Friday, August 30, 2002 6:54 AM To: [EMAIL PROTECTED] Subject: RE: Multiple Helper-addresses on same interface [7:52305] IIRC, the way you make this work is to make the Ethernet interface(on the Router) a trunk link to your switch with ISL or dot1q Vlans. Each VLan represents the Subnet of choice. With this in place, you enable routing between the vlans on the router, and then configure the IP Helper address on the main interface of the Ethernet (this part I may be recanting incorrectly) port. The router will then forward DHCP requests to the appropriate DHCP server based upon what interface the request came from. I don't believe the multiple IP Helper addresses config will work with an Ethernet interface configured with a secondary address. If I've stated in error the proper configuration process, someone will correct me shortly. If I AM in error, it's only because I've never had to do it before... but have read the topic a couple of times on this mail list. Good Luck! Mark -Original Message- From: Quezada, Jose L [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 29, 2002 1:04 PM To: [EMAIL PROTECTED] Subject: Multiple Helper-addresses on same interface [7:52305] Hello all, Can anyone enlighten me on the behavior of having multiple ip helper-address statements on the same interface? We are setting up a DHCP solution where we will have two DHCP servers and the Cisco router serving as the relay agent. If I have two ip helper-address statements on the Ethernet interface of the router, each one pointing to a different DHCP server, will the router send the unicast message to each server?? Or will it randomly send it to one or the other? Or if one server is not available, the router will send the unicast message to the server that is available? What does the router do with multiple ip helper-address statements? Any help would be appreciated. Thanks. Joe Quezada Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52325t=52305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: unidentified cisco cable [7:52296]
haha.. no i meant i saw a post from someone with the same query back in 99 :) I do see a reference to a y cable in the 7500 product reference manual, never seen it in use though to be honest. Thanks, M -Original Message- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: Friday, 30 August 2002 03:06 To: [EMAIL PROTECTED] Subject: Re: unidentified cisco cable [7:52296] yes, if you've had the cable since 1999 and still don't know what it is, throw it out or put it up on e-bay already! :) thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Vicuna, Mark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52306t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help needed on Simline 2 ISDN Simulator [7:52255]
Yes, normal Ethernet straight-through cables -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of H. Sent: Thursday, August 29, 2002 10:57 AM To: [EMAIL PROTECTED] Subject: Re: Help needed on Simline 2 ISDN Simulator [7:52255] Hello Brad, Ethernet patches?? Do you mean normal Ethernet straight-through cables, or Ethernet cross-over cables?? Thanks in advance, H. Brad Ellis wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ethernet connections??? Maybe you mean ethernet patch cables connecting the ISDN ports on the 2503s to the simulator. If that's the case, then yes, that's all you need to connect the simulator to your router. I've had a TON of experience with the Simline 2's, and I'm sure it will be more than sufficient for your CCIE lab needs. If you can get one second hand at a good price (less than $1k) GO FOR IT! :) thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) H. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, Does anyone had any experience on Simline 2 ISDN Simulator? I am thinking of buying a 2nd hand one. I have been told that the simulator works just by normal Ethernet connections into the Cisco 2503, so no need of any extra cabling. Is there anything I have to look out for when getting an ISDN Simulator? http://www.astricom.com/simline2faq.htm Any help or comments would be greatly appreciated. Best Regards, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52326t=52255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IDS Appliance [7:52308]
so far so good. I installed one for a client, and it worked awesome. I even dropped it 10 feet, and it still worked! Brian Wilkins wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I was wondering if anyone else has been experiencing problems with Cisco's IDS sensor appliance (formerly Netranger). Almost every time I load a service pack or new signature file I end up rebuilding the device from scratch using the install CD's. I've filed multiple cases with TAC, with little help recieved. I've even spoken to the product manager for the devices and still can't seem to stabilize these things. Anyone else using Cisco IDS appliances? If so, how's your luck with them? Thanks, Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52327t=52308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Time based QOS policing [7:52310]
I'm going to take a punt at this one (i.e. just start typing without confirming :)... You should be able to achieve what you want with the time-range command. With it, you can specify the times that you are interested in. You can then apply this to the access list that defines the traffic you want to rate limit. A match against this acl (http traffic within the hours of 9 to 5) will result in rate limiting, a miss (non-http traffic within 9 to 5 or all traffic outside of these hours) will result in no rate limiting. Should look something like this: time-range Blah periodic daily 9:00 to 17:00 ip access-list extended HTTP_RateLimit permit tcp any any eq 80 time-range Blah# depends the direction you are interested in permit tcp any eq 80 any time-range Blah int rate-limit ... I haven't tested this and would be interested to know if it actually works :) S. -Original Message- From: JohnZ [mailto:[EMAIL PROTECTED]] Sent: Friday, 30 August 2002 2:49 AM To: [EMAIL PROTECTED] Subject: Time based QOS policing [7:52310] Is there a way to do QOS policing based on time. For example limit http traffic to 50% of the bandwidth 9am to 5pm only. Does any one have any useful configs or links, Thanks for the help Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52328t=52310 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: configuring catalyst 1200 [7:52319]
Tim, I have a Catalyst 1600 and I had the same problem. Here is the work around I used: 1) I attached a modem to the console 2 I dialed in 3) I assigning an IP address 3) I disconnected and connected to the switch via telnet Try this with your 1200 ... Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52330t=52319 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ICQ and blocking the thing-PIX [7:52285]
Here is how I get around ICQ, AOL, MSN and Yahoo IM blocking: From work, I Secure Shell (SSH) back to my Linux Firewall. On my work desktop, I am running X-server (X-Win32 or Xceed) and just tunnel the SSH encryption from my Linux firewall back to the corporate desktop. I can fire up any X application to my heart desire (Netscape, AIM, Yahoo) that supports on Linux platform. I can pretty much do whatever I want without being spied by anyone at work because the SSH tunnel is encrypted. I can go online shopping, chat with my friends without having to worry about having my conversation being recorded. There is no way for you to stop me because unless you cut off Internet access on my desktop completely. Mears, Rob wrote:Hi Cisco gods, I have successfully blocked all chat services at the PIX firewall, I think. As I walk around and find people using MSN or Messenger I find that public proxy they are using and kill it too. BUT, I am having a hell of a time with ICQ. I do have all the ports UDP and TCP blocked so it does not work UNLESS they use port 80. This is where I am stuck, I cant block port 80 as you know so how do I kill this monster? Has any one had luck with this and has anyone found a way to stop the public proxy usage? I really feel as if I am fighting a losing battle, cuss for every block I am countered with a way around it. My inside ACL in the pix is quite impressive and all just for blocking this crap, if anyone would like it for theirs I will provide as it is proven and works, with exception to ICQ. HELP WANTED Thanks Rob Mears III, CCNP, MCSE, CNE, NNCDS, NNCSS, NNCPS, MCP+I, A+ Technical Mercenary Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52332t=52285 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
a question about backup interface [7:52333]
interface fastethernet 0/0 backup delay 5 20 backup interface bri0/0 . interface bri0/0 . but i am fail! help me!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52333t=52333 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IDS Appliance [7:52308]
Are the Cisco sensors signature based or anomaly based? At what data rate (realized), do they max out and in effect, stop reading signatures? Just curious since I've not worked with their offerings. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Thursday, August 29, 2002 6:38 PM To: [EMAIL PROTECTED] Subject: Re: IDS Appliance [7:52308] so far so good. I installed one for a client, and it worked awesome. I even dropped it 10 feet, and it still worked! Brian Wilkins wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I was wondering if anyone else has been experiencing problems with Cisco's IDS sensor appliance (formerly Netranger). Almost every time I load a service pack or new signature file I end up rebuilding the device from scratch using the install CD's. I've filed multiple cases with TAC, with little help recieved. I've even spoken to the product manager for the devices and still can't seem to stabilize these things. Anyone else using Cisco IDS appliances? If so, how's your luck with them? Thanks, Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52334t=52308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Console Connections with USB-to-Serial Adapter [7:52249]
Colin Weaver wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I posted this to the associate group and was told I may have better luck here. Any help is appreciated. --- My new laptop has no serial port. Imagine my suprise... Do you have a PDA? Older Palms work great with the wonderful freeware Ptelnet. Then all you need is gender-bender or null-modem adapter. Eh, it is definitely enough to give a box an IP address. I bought a USB-to-serial adapter so I can console to my devices but can't seem to get connected. Has anyone been successful doing this and if so, how? I have tried both HyperTerminal and SecureCRT with no luck. Thanks in advance. -Colin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52335t=52249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Policy [7:52061]
Policy is not a place to put detailed information. it is a place to state how management feel about the importance of security in the orgazation, and who should execute further security practices. Procedure is a detailed step by step on how to do things. Guidelines is a generic approach of a specific issue. Password Policy is likely to be correctly termed as Password guidelines or procedure depending on their level of details. OK, the part about protecting/changing passwords is a given, but I wonder about your comment that password structure is too detailed... Regards, Leonard Ong, CISSP, CSS-1, CCSE, MCSE, MCDBA, CCNP, CCDP, NSA, LCP Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax.+65 6723 1596 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52336t=52061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Staic Routes on 1605 Router [7:52340]
Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52340t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID 3.0 [7:49428]
Hi, No, they are removed in new CID exam (SNA and Appletalk). Now the exam focuses in IP and ATM issues. I took it in July with score of 860, thank God, I passed. Cheers, -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of suaveguru Sent: Tuesday, July 23, 2002 5:12 PM To: [EMAIL PROTECTED] Subject: CID 3.0 [7:49428] Hi all, anyone knows what I must emphasize on for CID 3.0. Is SNA included ? AppleTalk ? any form of inputs will be greatly appreciated thanks suaveguru __ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52342t=49428 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Staic Routes on 1605 Router [7:52340]
Is the PC really 10.258.52.101..? V-- Craig Robertson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52343t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Staic Routes on 1605 Router [7:52340]
Where does the 10.258.52.x network reside in your network? I'm guessing it also uses a 255.255.255.0 mask. If there is a PC or PC's on one of the 1605 ethernet segments with a 10.258.52.x address then you will need to add a secondary IP address to the interface those devices are off of. This is also called a multinetted interface. interface e0 ip address 10.258.52.x 255.255.255.0 secondary If the 10.258.52.x is on another router in your network then you add a static route or enable a dynamic routing protocol between the routers. The static route next hop will be an adjancent router off one of the 1605 interfaces. Example: ip route 10.258.52.0 255.255.255.0 10.1.1.1.x where x is the other router on the 10.1.1.x/24 network. That router would also need routes back to the 1605 networks. HTH, Erick --- Craig Robertson wrote: Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks __ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52344t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Staic Routes on 1605 Router [7:52340]
Sorry guys, the address of the PC is 10.128.52.101, not 258. Nice typo hey :-) Thanks Vance Krier wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is the PC really 10.258.52.101..? V-- Craig Robertson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52345t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Staic Routes on 1605 Router [7:52340]
Is the PC's default gateway set to 10.128.52.1? Also, check the PCs routing table to see if everything is ok. netstat -r --- Craig Robertson wrote: Sorry guys, the address of the PC is 10.128.52.101, not 258. Nice typo hey :-) Thanks Vance Krier wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is the PC really 10.258.52.101..? V-- Craig Robertson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52346t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Tonight's Homily - Other Important Things [7:52347]
Not much studying today. Work was more hectic than usual. After work a special treat. I had the privilege and pleasure of meeting and spending some time with another of the Groupstudy Gang. Over the past couple of years I've met some good folks through this list. Tonight was no exception. It reinforced something I already know, and I hope that all of you know it too. This is a great list, peopled by wonderful people. I thoroughly enjoy the opportunities I have had to meet with you on line and in person. Ken, it was a pleasure. Still waters. Smooth jazz. Golden sunsets over endless forests. Goodnight. -- www.chuckslongroad.info still a work in progress, but on line for your enjoyment z Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52347t=52347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: unidentified cisco cable [7:52296]
I have used a Y cable for the WAN probe for watching my frame relay connections. Its possible its for that. Michael From: Vicuna, Mark Reply-To: Vicuna, Mark To: [EMAIL PROTECTED] Subject: RE: unidentified cisco cable [7:52296] Date: Thu, 29 Aug 2002 23:15:32 GMT haha.. no i meant i saw a post from someone with the same query back in 99 :) I do see a reference to a y cable in the 7500 product reference manual, never seen it in use though to be honest. Thanks, M -Original Message- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: Friday, 30 August 2002 03:06 To: [EMAIL PROTECTED] Subject: Re: unidentified cisco cable [7:52296] yes, if you've had the cable since 1999 and still don't know what it is, throw it out or put it up on e-bay already! :) thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Vicuna, Mark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I've come across a cable I haven't seen before, its a cisco Y cable. One end has a DB25 female and splits into two DB25 males. The two male ends have a sign that says Console 72-1032-01 and labels that say Console cisco router this end. I've seen a similar post in groupstudy back in 1999 but there was no reply. I've also search the cisco site but with no reference at all to this cable. Any ideas? Cheers, Mark. _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52329t=52296 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Las Vegas Cisco users group [7:52341]
I've got a few requests to start a Vegas Cisco users group. If you are interested, please shoot me an e-mail off list. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52341t=52341 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]