Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
two nics will have a lot to do it Godswill Oletu wrote: >Hi Mark, > >Actually before now I had been checking the routing table 'route print' and >also the netbios cache. On Computer A with IP address 192.168.0.1, there is >a route to network 192.168.0.0 through interface 192.168.0.1 and on Computer >B with IP address 192.168.0.2, there is a route to network 192.168.0.0 >through interface 192.168.0.1 (seem great!). > >I will try reinstalling the OS, because I look stupified, however currently >am trying it on another computer to see what happens. > >What I did not mention is that, on both Computer A and B, I have two NICs >each. My intention is to implement double NATing. Computer B is connected to >the Internet through RJ45 broadband and this connection is working great!. >My goal was to NAT this connection to Computer A and then NAT it again from >computer A downstream (I have not reached here), I do not think the presense >of two NICs in each computer would have any thing to do with thei. > >Thanks men! >Godswill > > >- Original Message - >From: Mark W. Odette II >To: >Sent: Friday, November 29, 2002 2:03 PM >Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > >>Oletu- >>What you are trying to do is not impossible. Many of us do this all the >>time to migrate data from one machine to another without burdening the >>Hub-based LAN or if the computer is all by itself and is being upgraded. >>Case in point is the situation where a Win9x/Pentium 166Mhz workstation >>is being replaced with a Windows XP/Pentium III 1.8Ghz workstation... >>NetBEUI isn't a protocol option on XP, as it isn't supported anymore- >>So, it's TCP/IP or IPX! >> >>Configuration of each computer is correct; the fact that you can operate >>with success running NetBEUI says that your physical layer is also >>solid, i.e., NIC's and Cross-over cable. >> >>Next thing to do is (for informational purposes) to 'route print' or a >>'netstat -r' at the command line to determine the TCP/IP stack has >>proper routing information. Optionally issue the 'nbtstat -c' or >>'nbtstat -r' to see if you are getting any netbios caching... >> >>After collecting this information, I would remove the TCP/IP protocol, >>reboot, reinstall TCP/IP protocol, install most recent SP for OS, and >>test again... If that doesn't resolve the problem, then seek out >>replacement drivers for the NIC(s). >> >>This pretty much addresses every possibility of failure between two >>Windows-based computers that are directly connected to each other with a >>cross-over cable. >> >>... One other thought- You wouldn't have some kind of personal firewall >>installed/previously installed on either one of these computers by >>chance, would you!?!?! >> >>I have seen all kinds of crazy stuff occur on MS boxes that had had any >>of the different flavors of "Personal Firewalls" installed, which >>usually required complete removal of the TCP/IP protocol, and then >>sifting through the networking portion of the registry to recover the >>machine. The alternative was to reinstall the OS from scratch. The >>firewalls in question were the Norton Personal Firewall, the Network >>Associates Desktop Firewall, BlackIce, and one other I can't recall the >>name of. Just some extra info to chew on for possibility. >> >>Good luck, and let us know what you find... >> >>-Mark >> >> >>-Original Message- >>From: Godswill Oletu [mailto:[EMAIL PROTECTED]] >>Sent: Friday, November 29, 2002 12:04 PM >>To: Mark W. Odette II; [EMAIL PROTECTED] >>Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] >> >>Hi Mark, >> >>I have done all that. The crossover cable is okay. NeTBEUI is working >>fine. >>I can see both computers through Network Neigbourhood; copy files from >>one >>computer to the other. Everthing about NetBEUI is kool. I have alos >>edited >>the hosts/lmhost files on each computer (this only help to resolve the >>IP >>Address to the netbios name.) >> >>IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer >>B=192.168.0.2/255.255.255.0 >> >>On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it >>will >>response fine. On Computer B, I can also ping 192.168.0.2, localhost and >>127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly >>installed)!!! >> >>But I cannot ping A from B, neither can I ping B from A. >> >>This is the dumbest thing I have ever done and it is messing me up. >> >>Or is it impossible? >> >>- Original Message - >>From: Mark W. Odette II >>To: >>Sent: Thursday, November 28, 2002 8:22 PM >>Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] >> >> >>>Check your subnet masks for each computer. >>>Either specify Computer B as the default gateway for Computer A and >>>vice-versa, or don't specify a default gateway at all. >>> >>>After that, you have to configure the lmhosts/hosts files if you want >>> >>to >> >>>resolve machine names between each other (quickly). >
Re: Firewall Question [7:57893]
Piscilla what apart from Elijah's BSD firewall one can use if he does not have UNIX based machines in his setup ? Pls advice Piyush --- Priscilla Oppenheimer wrote: > MADMAN wrote: > > > > money no object, hardware based > > > > money an object, CBAC works well > > > > no moe money, ACLs > > > > Dave > > With such a small site, personal firewall software > on each of the computers > might be a good option too. That could work out to > be pretty cost-effective > and certainly easy to install and configure. For > additional security, > combine the personal firewalls with access-control > lists (ACLs) on the > router or the Context-Based Access Control (CBAC) > firewall feature set for > the router. > > Elijah's BSD firewall looks like a good option too, > especially considering > it's an intrusion detection system (IDS) too. If the > customer knows some > UNIX and doesn't have money to spend, this would be > a great choice. > > And James, please give your friend a bit of a > talking to. ;-) Not using > firewalls in this day and age is shockingly unwise. > Please have him check > all the computers for worms or Trojan horses that > are busy attacking the > rest of us. Thanks. > > Priscilla > > > > > James Gruggett wrote: > > > > > > I have a friend that has a T1 going into his > 1700 series > > cisco router. > > > His ISp has stated that someone has hacked into > his Win2k > > server and > > > that he must put a firewall in place. > > > > > > Do you reccomend a software or hardware based > firewall and > > what type. > > > > > > The network consist of 1 server, 1 switch, ans > 10 > > workstations. > > > > > > Thanks > > > > > > [GroupStudy.com removed an attachment of type > text/x-vcard > > which had a name > > > of james.gruggett.vcf] > > -- > > David Madland > > CCIE# 2016 > > Sr. Network Engineer > > Qwest Communications > > 612-664-3367 > > > > "You don't make the poor richer by making the rich > poorer." > > --Winston > > Churchill [EMAIL PROTECTED] Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58323&t=57893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need info on CSU/DSU [7:58240]
Hi I think the csu/dsu is not integrated. could you please check this link. http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis2600/hw_inst/nm_inst/nm-doc/conntpri.htm Regards Deepak not enough time to study wrote: > dsu/csu is integrated. > > check this link from cisco (which i found by simply typing NM-2CE1B in the > search box on cisco.com) > http://www.cisco.com/en/US/customer/products/hw/modules/ps2797/products_tech > _note09186a00800b1150.shtml > > ""Deepak Nagarajachary"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi > > can anyone give info on these as it is very urgent. > > expecting your help > > > > Regards > > Deepak > > > > Deepak Nagarajachary wrote: > > > > > Hi All > > > I have the following configuration for setting up the lab. > > > (c3660)[NM2CE1B]--->csu/dsucsu/dsu-->[NM2CE1B]{c3660) > > > > > > To my understanding NM2CE1B requires external csu/dsu. > > > If anyone have the information on this, could u please share your ideas > > > with me regarding type of csu/dsu > > > does it require external or internal is available and about the csu/dsu > > > product. > > > > > > Thanks in advance > > > > > > Regards > > > Deepak Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58322&t=58240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab [7:58278]
Check out the Free labs at www.bfqlabs.com - Original Message - From: "Tomasz Szymaqski" To: Sent: Friday, November 29, 2002 5:26 AM Subject: CCIE Lab [7:58278] > Hi All, > > I'm new to the group and I'd like to ask if someon has some materials (and > could share with me) for the CCIE Lab. > > TS Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58321&t=58278 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Lou Rossi Token Ring Paper [7:58320]
Besides Rossi's paper, there's a really good description of the RIF fields at http://home.attbi.com/~blaga/index.htm The Tick - Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58320&t=58320 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Lou Rossi Token Ring Paper [7:58319]
Besides Rossi's paper, there's a really good description of the RIF fields at http://home.attbi.com/~blaga/index.htm The Tick - Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58319&t=58319 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Little OT: Variation on SRM vs. Config Sync [7:58317]
Scott, Normal HSRP rules would be in effect in this scenario I would say (haven't done this yet). If the failed unit had a higher HSRP priority and was configured to preempt then when it came back online it would become active HSRP router. --- s vermill wrote: > This is very closely related to another active > thread but thought I should > probably start another. I know better than to post > on a Friday and expect > much of an answer, but I could really use some > insight on this one... > > I recently was looking at a network about to roll > into production. It's a > classic collapsed core design with redundant > dist/core 6509s. I noticed > that SRM was configured on each 6509. I also > noticed that there was an HSRP > instance per VLAN configured between the two > chassis. So, in the event of > an MSFC failure, assuming the failed MSFC was the > active HSRP router for a > given VLAN or group of VLANs, I guess the other > chassis' designated MSFC > would start picking up outbound traffic (normal HSRP > stuff). In the mean > time, the SRM process would be taking place on the > chassis where the > designated MSFC had failed. At what point, if at > all, would the outbound > traffic shift back to the chassis with the failed > MSFC (assuming of course > that the non-designated MSFC had successfully come > online)? Is it a simple > matter of whether or not preemt is configured? Or, > would the switch to the > other chassis ever even take place? Could it be > that the non-designated > MSFC would come online and immediately take over as > the active HSRP router? > That seems possible too. Maybe it comes down to how > you set all the > relevant timers? > > I couldn't find any example on CCO where SRM and > HSRP were used together. > In every case, SRM was used or HSRP was used with > config sync. Never both > together. > > Any thoughts? Any experience? It isn't an option > at the moment to do too > much experimenting. Besides, I'm not sure exactly > how I would simulate a > true MSFC failure to see what happens. Any thoughts > there would also be > appreciated. > > Thanks all... > > Scott __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58318&t=58317 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Little OT: Variation on SRM vs. Config Sync [7:58317]
This is very closely related to another active thread but thought I should probably start another. I know better than to post on a Friday and expect much of an answer, but I could really use some insight on this one... I recently was looking at a network about to roll into production. It's a classic collapsed core design with redundant dist/core 6509s. I noticed that SRM was configured on each 6509. I also noticed that there was an HSRP instance per VLAN configured between the two chassis. So, in the event of an MSFC failure, assuming the failed MSFC was the active HSRP router for a given VLAN or group of VLANs, I guess the other chassis' designated MSFC would start picking up outbound traffic (normal HSRP stuff). In the mean time, the SRM process would be taking place on the chassis where the designated MSFC had failed. At what point, if at all, would the outbound traffic shift back to the chassis with the failed MSFC (assuming of course that the non-designated MSFC had successfully come online)? Is it a simple matter of whether or not preemt is configured? Or, would the switch to the other chassis ever even take place? Could it be that the non-designated MSFC would come online and immediately take over as the active HSRP router? That seems possible too. Maybe it comes down to how you set all the relevant timers? I couldn't find any example on CCO where SRM and HSRP were used together. In every case, SRM was used or HSRP was used with config sync. Never both together. Any thoughts? Any experience? It isn't an option at the moment to do too much experimenting. Besides, I'm not sure exactly how I would simulate a true MSFC failure to see what happens. Any thoughts there would also be appreciated. Thanks all... Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58317&t=58317 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hsrp & isl trunking [7:57896]
Dennis, Just a little different perspective below... dennis cherry wrote: > > The way we have it is 2 routers connected to the 4000 switch > with 4 vlans on the switch. Have set up 4 subinterfaces on each > router, 1 for each van. Each with a separate ip address > corresponding to the vlan number. We have 2 HSRP groups set up > with 2 vlans in each group. That's one way of looking at it. But it might help to keep things clear in your mind if you consider that there really are four HSRP groups. You're simply using each group number (and, as has been pointed out, the same virtual MAC) twice. > 1 router will be the active for 1 > group (2 of the vlans) and the other router will be the active > for the other group (2 vlans). On each subinterface for each > router for each vlan, it has a unique virtual HSRP IP address. > I originally thought that all would use the same virtual HSRP > IP address. Did you mean that all VLANs in a group would use the same virtual address? If so, you really need to consider looking at things the way I described above. Think about it. One VLAN per subnet, right? (yes you can have more than one subnet per VLAN but you can't have more than one VLAN per subnet) So how would a host in VLAN 10 use the virtual IP of VLAN 12 as a gateway (or vice versa)? Even if the VLANs/subnets are in the "same group," they're still in different networks. How could a host with ip address 10.1.1.50/24 use a virtual IP of 10.1.2.1/24 as a gateway? The host would need a gateway to reach the gateway since they're in different layer 3 networks. > You are saying that there should be 4 groups (1 for > each vlan) instead of the 2 groups that we have?? Or is it OK > with 2 groups and the 4 unique virtual HSRP IP addresses on > each router?? It's OK. But to the extent possible, at least in a real network, I'd think you would want to have a 1:1 ratio between HSRP groups and VLANs. > > This type of setup wasn't covered together in our class, just > vlans and HSRP seperately. But in this lab we have Vlans > running thru HSRP router doing ISL trunking and the routers are > also running BGP and EIGRP to connect to a remote router. AHHH! > > Thanks for your help. Regards, Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58316&t=57896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Hi, At this level what am really concern about is being able to Ping the WinNT system (Service Pack 6) from the Win98 System and also the other way round. After this I will be able to to take care of the ICS and NAT issue. I just first want TCP/IP to run between both systems. Here is my TCP/IP config for each System: (Major concern is linking Ethernet adapter F5D50006 in Windows NT with Ethernet adapter 3 in Windows 98 below:) Windows NT IP Configuration Host Name . . . . . . . . . : xbsabga001 DNS Servers . . . . . . . . : Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : Yes WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : No PPP adapter NdisWan5: Description . . . . . . . . : NdisWan5 NdisWan Adapter Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : PPP adapter NdisWan4: Description . . . . . . . . : NdisWan4 NdisWan Adapter Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : Ethernet adapter AMDPCN1: Description . . . . . . . . : AMDPCN1 AMD PCNET Family Ethernet Adapter Physical Address. . . . . . : 00-80-5F-5C-1D-CC DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 100.100.0.1 Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : Ethernet adapter F5D50006: Description . . . . . . . . : F5D50006 F5D5000, PCI Card/Desktop Network PCI Card Physical Address. . . . . . : 00-30-BD-04-82-D6 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 192.168.0.1 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : >>> (Major concern is linking Ethernet adapter 3, below with Ethernet adapter F5D50006 above) Windows 98 IP Configuration Host Name . . . . . . . . . : ewwax011 DNS Servers . . . . . . . . : n.n.n.n Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : Yes 0 Ethernet adapter : Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 4B-A5-53-64-AA-B0 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : n.n.n.n Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : n.n.n.n DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 01 01 80 12:00:00 AM Lease Expires . . . . . . . : 01 01 80 12:00:00 AM 1 Ethernet adapter : Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 4A-65-B3-5A-B0-0C DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : Lease Expires . . . . . . . : 2 Ethernet adapter : Description . . . . . . . . : OVISLINK NWAY NIC Physical Address. . . . . . : 00-4A-54-E1-3B-90 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : n.n.n.n Subnet Mask . . . . . . . . : 255.255.240.0 Default Gateway . . . . . . : n.n.n.n DHCP Server . . . . . . . . : n.n.n.n Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 11 29 02 4:07:58 PM Lease Expires . . . . . . . : 11 30 02 1:36:14 AM 3 Ethernet adapter : Description . . . . . . . . : D-Link DFE-530TX+ PCI Adapter Physical Address. . . . . . : 00-02-AD-DE-D5-A9 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : Lease Expires . . . . . . . : >>>. Thanks man! Regards. Godswill - Original Message - From: Symon Thurlow To: Godswill Oletu ; Sent: Friday, November 29, 2002 5:12 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] Can a WIN98 machine act as a router? I have had issue slike this before, and they are normally attributed to dodgy IP stacks, especially on win98 machines. Godswill, can you post the results of a winipcfg on the 98 machine and a ipconfig /all on the nt machine? Do you have IP forwarding enabled on the NT machine? Do you have any internet connection sharing enabled on the 98 machine? The first paragraph of your email below states that you have 192.168.0.1 as the DG on both boxes, is this correct? -Original Message- From: Godswill Oletu [mailto:[EMAIL PROTECTED]] Sent: 29 November 2002 20:43 To: [EMAIL PROTECTED] Subject: Re: I seem
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
I have just one NT system at home. - Original Message - From: Symon Thurlow To: Sent: Friday, November 29, 2002 5:15 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Does another WINNT system talk to the other one? > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: 29 November 2002 21:45 > To: [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > Hi Mark, > > So far... > I brought in another Win98 system. TCP/IP and NetBEUI is working great > between the two Win98 Systems. I can Ping and do all sorts of things > between those two Win98 Systems. > > Now, same old problem, TCP/IP cannot work between Win98 and WinNT 4.0, > only NetBEUI is working so far. I just swap the cable to a Win98 system > and it start working. > > Have you personally implemented a peer to peer network between a WinNT > 4.0 and Win98 System? Everything on the WinNT system looks okay, however > am determined to fine a logical conclusion to this. > > What are not getting right now? > > Regards. > Godswill > > - Original Message - > From: Mark W. Odette II > To: > Sent: Friday, November 29, 2002 2:03 PM > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Oletu- > > What you are trying to do is not impossible. Many of us do this all > > the time to migrate data from one machine to another without burdening > > > the Hub-based LAN or if the computer is all by itself and is being > > upgraded. Case in point is the situation where a Win9x/Pentium 166Mhz > > workstation is being replaced with a Windows XP/Pentium III 1.8Ghz > > workstation... NetBEUI isn't a protocol option on XP, as it isn't > > supported anymore- So, it's TCP/IP or IPX! > > > > Configuration of each computer is correct; the fact that you can > > operate with success running NetBEUI says that your physical layer is > > also solid, i.e., NIC's and Cross-over cable. > > > > Next thing to do is (for informational purposes) to 'route print' or a > > > 'netstat -r' at the command line to determine the TCP/IP stack has > > proper routing information. Optionally issue the 'nbtstat -c' or > > 'nbtstat -r' to see if you are getting any netbios caching... > > > > After collecting this information, I would remove the TCP/IP protocol, > > > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > > test again... If that doesn't resolve the problem, then seek out > > replacement drivers for the NIC(s). > > > > This pretty much addresses every possibility of failure between two > > Windows-based computers that are directly connected to each other with > > > a cross-over cable. > > > > ... One other thought- You wouldn't have some kind of personal > > firewall installed/previously installed on either one of these > > computers by chance, would you!?!?! > > > > I have seen all kinds of crazy stuff occur on MS boxes that had had > > any of the different flavors of "Personal Firewalls" installed, which > > usually required complete removal of the TCP/IP protocol, and then > > sifting through the networking portion of the registry to recover the > > machine. The alternative was to reinstall the OS from scratch. The > > firewalls in question were the Norton Personal Firewall, the Network > > Associates Desktop Firewall, BlackIce, and one other I can't recall > > the name of. Just some extra info to chew on for possibility. > > > > Good luck, and let us know what you find... > > > > -Mark > > > > > > -Original Message- > > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > > Sent: Friday, November 29, 2002 12:04 PM > > To: Mark W. Odette II; [EMAIL PROTECTED] > > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Hi Mark, > > > > I have done all that. The crossover cable is okay. NeTBEUI is working > > fine. I can see both computers through Network Neigbourhood; copy > > files from one > > computer to the other. Everthing about NetBEUI is kool. I have alos > > edited > > the hosts/lmhost files on each computer (this only help to resolve the > > IP > > Address to the netbios name.) > > > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > > B=192.168.0.2/255.255.255.0 > > > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > > will response fine. On Computer B, I can also ping 192.168.0.2, > > localhost and 127.0.0.1 and it will response fine. (TCP/IP stack seems > > > perfectly installed)!!! > > > > But I cannot ping A from B, neither can I ping B from A. > > > > This is the dumbest thing I have ever done and it is messing me up. > > > > Or is it impossible? > > > > - Original Message - > > From: Mark W. Odette II > > To: > > Sent: Thursday, November 28, 2002 8:22 PM > > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > > > > Check your subnet masks for each computer. > > > Either specify Computer B as the default g
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Hi, At this level what am really concern about is being able to Ping the WinNT system (Service Pack 6) from the Win98 System and also the other way round. After this I will be able to to take care of the ICS and NAT issue. I just first want TCP/IP to run between both systems. Here is my TCP/IP config for each System: (Major concern is linking Ethernet adapter F5D50006 in Windows NT with Ethernet adapter 3 in Windows 98 below:) Windows NT IP Configuration Host Name . . . . . . . . . : xbsabga001 DNS Servers . . . . . . . . : Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : Yes WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : No PPP adapter NdisWan5: Description . . . . . . . . : NdisWan5 NdisWan Adapter Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : PPP adapter NdisWan4: Description . . . . . . . . : NdisWan4 NdisWan Adapter Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : Ethernet adapter AMDPCN1: Description . . . . . . . . : AMDPCN1 AMD PCNET Family Ethernet Adapter Physical Address. . . . . . : 00-80-5F-5C-1D-CC DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 100.100.0.1 Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : Ethernet adapter F5D50006: Description . . . . . . . . : F5D50006 F5D5000, PCI Card/Desktop Network PCI Card Physical Address. . . . . . : 00-30-BD-04-82-D6 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 192.168.0.1 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : >>> (Major concern is linking Ethernet adapter 3, below with Ethernet adapter F5D50006 above) Windows 98 IP Configuration Host Name . . . . . . . . . : ewwax011 DNS Servers . . . . . . . . : n.n.n.n Node Type . . . . . . . . . : Broadcast NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : Yes 0 Ethernet adapter : Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 4B-A5-53-64-AA-B0 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : n.n.n.n Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : n.n.n.n DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 01 01 80 12:00:00 AM Lease Expires . . . . . . . : 01 01 80 12:00:00 AM 1 Ethernet adapter : Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 4A-65-B3-5A-B0-0C DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : Lease Expires . . . . . . . : 2 Ethernet adapter : Description . . . . . . . . : OVISLINK NWAY NIC Physical Address. . . . . . : 00-4A-54-E1-3B-90 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : n.n.n.n Subnet Mask . . . . . . . . : 255.255.240.0 Default Gateway . . . . . . : n.n.n.n DHCP Server . . . . . . . . : n.n.n.n Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : 11 29 02 4:07:58 PM Lease Expires . . . . . . . : 11 30 02 1:36:14 AM 3 Ethernet adapter : Description . . . . . . . . : D-Link DFE-530TX+ PCI Adapter Physical Address. . . . . . : 00-02-AD-DE-D5-A9 DHCP Enabled. . . . . . . . : No IP Address. . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . : Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : Lease Expires . . . . . . . : >>>. Thanks man! Regards. Godswill - Original Message - From: Symon Thurlow To: Godswill Oletu ; Sent: Friday, November 29, 2002 5:12 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] Can a WIN98 machine act as a router? I have had issue slike this before, and they are normally attributed to dodgy IP stacks, especially on win98 machines. Godswill, can you post the results of a winipcfg on the 98 machine and a ipconfig /all on the nt machine? Do you have IP forwarding enabled on the NT machine? Do you have any internet connection sharing enabled on the 98 machine? The first paragraph of your email below states that you have 192.168.0.1 as the DG on both boxes, is this correct? -Original Message- From: Godswill Oletu [mailto:[EMAIL PROTECTED]] Sent: 29 November 2002 20:43 To: [EMAIL PROTECTED] Subject: Re: I seem
OT: Cisco HSSI Y cable, part-number NTC/4203/AA [7:58281]
Does anyone know where I can buy this Cisco HSSI Y cable, part-number NTC/4203/AA? Thanks for any advice. Cheers, Jose Martos Loud Packet, Inc. 26755 Jefferson Ave. Suite F Murrieta, CA 92562 Email: [EMAIL PROTECTED] Ask a question in our Tech Forum: http://www.loudpacket.com/tech.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58281&t=58281 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help!!! about ccbootcamp lab1 [7:58239]
Yes I used inverse-arp.But in the spoke router only can see the hub's ip when using show frame-relay map command. Some books say that in this situation you can only ping hub router but can't ping the other spoke router.But I can directly ping from the spoke to spoke.I don't know why. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58282&t=58239 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CSS1/CCSP [7:58301]
Found this info from Cisco in my mailbox. Looks like you can still write CSS1 until Feb 28/03. Individuals can still earn the Cisco Security Specialist 1 certification until February 28, 2003. After that date, this focused certification will no longer be offered. For those who have already earned the Cisco Security Specialist 1 certification, the certification remains valid until two years from date of achievement. So looks like we still have a little bit of time for those who want to get it before it expires. Thanks John -Original Message- From: Cisco Systems Inc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 11:04 AM To: [EMAIL PROTECTED] Subject: New Cisco Certified Security Professional Every organization has data, facilities, and workflow processes that are mission critical to their success. As more organizations make greater use of the Internet, it becomes critical that businesses defend their networks against attacks. Productivity gains and returns on company investments are at risk if the network is not defended. Cisco protects business from end to end, enabling business growth and increased productivity. Unlike point security products that leave vulnerable gaps, comprehensive solutions from Cisco embed integrated, layered security throughout your entire network to tie separate technologies and applications into a single, secure whole. Together with responsive, qualified partners, Cisco provides the components and training to build and maintain an effective security system that can safeguard your company's ability to generate revenue. Regardless of the size of your business, Cisco network security products and Cisco IOS(r) Software help keep your network secure. To help meet your needs, on November 19, 2002, Cisco will announce the new Cisco Certified Security Professional (CCSP) and three new security Cisco Qualified Specialists the Cisco Firewall Specialist, the Cisco VPN Specialist, and the Cisco IDS Specialist. Cisco is launching this new professional level security certification in response to the heightened need for knowledgeable network professionals who can design, build, and implement complete end-to-end security solutions coupled with an industry demand to provide a certification career path in the IT security market. This new certification provides an individual with professional level recognition in designing and implementing Cisco Secure networks. To become a Cisco Certified Security Professional (CCSP) you need to hold a valid CCNA(r) certification and complete and pass the following exams: Exam Recommended training 9E0-571 CSPFA or 9E0-111 CSPFA Cisco Secure Firewall Advanced (CSPFA) 2.1 Cisco Secure Firewall Advanced (CSPFA) 3.0 9E0-570 CSVPN or 9E0-121 CSVPN Cisco Secure Virtual Private Networks (CSVPN ) 2.0 Cisco Secure Virtual Private Networks (CSVPN ) 3.0 640-442 MCNS or 640-100 MCNS Managing Cisco Network Security (MCNS) 2.0 Managing Cisco Network Security (MCNS) 3.0 9E0-572 IDSPM or 9E0-100 CSIDS Cisco Secure Intrusion Detection System (CSIDS) 2.1 Cisco Secure Intrusion Detection System (CSIDS) 3.0 9E0-131 CSI Cisco SAFE Implementation (CSI) 1.0 The recommended training to prepare for the Cisco Certified Security Professional (CCSP) certification is offered through the global network of authorized Cisco Learning Partners. >From now until September 30, 2003, individuals who currently hold the Cisco Security Specialist 1 certification can upgrade their certification to become a Cisco Certified Security Professional (CCSP) by taking one new exam, Cisco SAFE Implementation (CSI 9EO-131). Candidates with Cisco Security Specialist 1 certification have already demonstrated their knowledge of firewalls, intrusion detection systems, and virtual private networks. Therefore, if they maintain their CCNA status and pass this additional exam, they can become a Cisco Certified Security Professional (CCSP). Like other professional level Cisco certifications, the Cisco Certified Security Professional is valid for three years. New Cisco Qualified Specialists for Firewall, VPN, and IDS The three new Cisco Qualified Specialists are being launched to address the needs of individuals who want to validate skills in specific areas of network security. These individuals most likely work in organizations that have installed or are about to install Cisco security products. To earn the new focused certifications, you need to hold a valid CCNA certification and complete and pass the following exams: Focused Certification Exam Recommended training Cisco Firewall Specialist 640-100 MCNS and 9E0-111 CSPFA Managing Cisco Network Security (MCNS) 3.0 Cisco Secure PIX(r) Firewall Advanced (CSPFA) 3.0 Cisco VPN Specialist 640-100 MCNS and 9E0-121 CSVPN Managing Cisco Network Security (MCNS) 3.0 Cisco Secure Virtual Private Networks (CSVPN ) 3.0 Cisco IDS Specialist 640-100 MCNS and 9E0-100 CSIDS Managing Cisco Network Security (MCNS) 3.0 Cisco Se
Re: Cat 6500 (Redundancy (SRM) vs (Dual MSFC Redundancy) [7:58312]
Comments inline... --- Eric W wrote: > Dear Cisco Fans and Professionals, > > I need some friendly advice. There are different > opinions about > Cat6500(High availibility with Single Router Mode) > and (High availibility > with Dual MSFC Redundancy) > > Imagine you had 3 Cat65007s with Dual MSFC1 and Dual > Supervisor1A. > That is 6 MSFC's and 6 Supervisor engines. > > You have over 1500 users to support with 30VLANs > that need interconnecting > routing via EIGRP. Some user applications are > sensitive to packet loss. > > You have to provide minimium downtime in the case of > MSFC failer or > Supervisor failer. > > Question 1. Which would you implement (High > availibility with Single > router mode) or (High availibility with Dual MSFC > Redundancy) and why? I would use SRM. From my experience the downtime (if any) is very minimal while it switches over to the redundant MSFC. The forwarding tables are downloaded to the sup so when primary fails routing will still occur and after the redundant comes up and is online for 2 minutes (default) the new tables will be downloaded and become active. The 2 minute (120 sec) timer is adjustable in newer code (7.1.1 I believe) incse it takes longer than 2 mins for your network/routing to finish converging on a failover. The other HA MSFC redundant option (config-sync) is ok and works, but has limitations with some protocols. Plus you have all the alt stuff to deal with, extra IP address usage, extra neighbor adjancies, etc. It doesn't take much time to change between the 2 (SRM and config-sync) so you could see which you like better if you have a lab or flexible environment to work in. Average cutover time per box is 3-4 minutes if things go smoothly and I've done the conversion live without taking a hit. > Question 2. Is was brought to my attention that > running dual MSFC > redundancy with a high number of VLANS would cause > the EIGRP process to run > very high. As you know EIGRP is a very noisy > protocol. Query storms.. > Implementing EIGRP passive interface on all VLAN > interfaces except the > management VLAN would help the EIGRP process to run > low. Are query storms > an issue to worry about even after the passive > interface is issued on > client/user VLANS? With newer versions of IOS you can include the network mask with the network statement under EIGRP so only those networks (interfaces) are in EIGRP. You could also use the EIGRP stub feature to reduce the querys. > > Regards, > Eric Washington > Network Engineer CCNP > > Thanks in advance for your input Cisco Professionals __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58312&t=58312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Does another WINNT system talk to the other one? -Original Message- From: Godswill Oletu [mailto:[EMAIL PROTECTED]] Sent: 29 November 2002 21:45 To: [EMAIL PROTECTED] Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] Hi Mark, So far... I brought in another Win98 system. TCP/IP and NetBEUI is working great between the two Win98 Systems. I can Ping and do all sorts of things between those two Win98 Systems. Now, same old problem, TCP/IP cannot work between Win98 and WinNT 4.0, only NetBEUI is working so far. I just swap the cable to a Win98 system and it start working. Have you personally implemented a peer to peer network between a WinNT 4.0 and Win98 System? Everything on the WinNT system looks okay, however am determined to fine a logical conclusion to this. What are not getting right now? Regards. Godswill - Original Message - From: Mark W. Odette II To: Sent: Friday, November 29, 2002 2:03 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Oletu- > What you are trying to do is not impossible. Many of us do this all > the time to migrate data from one machine to another without burdening > the Hub-based LAN or if the computer is all by itself and is being > upgraded. Case in point is the situation where a Win9x/Pentium 166Mhz > workstation is being replaced with a Windows XP/Pentium III 1.8Ghz > workstation... NetBEUI isn't a protocol option on XP, as it isn't > supported anymore- So, it's TCP/IP or IPX! > > Configuration of each computer is correct; the fact that you can > operate with success running NetBEUI says that your physical layer is > also solid, i.e., NIC's and Cross-over cable. > > Next thing to do is (for informational purposes) to 'route print' or a > 'netstat -r' at the command line to determine the TCP/IP stack has > proper routing information. Optionally issue the 'nbtstat -c' or > 'nbtstat -r' to see if you are getting any netbios caching... > > After collecting this information, I would remove the TCP/IP protocol, > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > test again... If that doesn't resolve the problem, then seek out > replacement drivers for the NIC(s). > > This pretty much addresses every possibility of failure between two > Windows-based computers that are directly connected to each other with > a cross-over cable. > > ... One other thought- You wouldn't have some kind of personal > firewall installed/previously installed on either one of these > computers by chance, would you!?!?! > > I have seen all kinds of crazy stuff occur on MS boxes that had had > any of the different flavors of "Personal Firewalls" installed, which > usually required complete removal of the TCP/IP protocol, and then > sifting through the networking portion of the registry to recover the > machine. The alternative was to reinstall the OS from scratch. The > firewalls in question were the Norton Personal Firewall, the Network > Associates Desktop Firewall, BlackIce, and one other I can't recall > the name of. Just some extra info to chew on for possibility. > > Good luck, and let us know what you find... > > -Mark > > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 29, 2002 12:04 PM > To: Mark W. Odette II; [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi Mark, > > I have done all that. The crossover cable is okay. NeTBEUI is working > fine. I can see both computers through Network Neigbourhood; copy > files from one > computer to the other. Everthing about NetBEUI is kool. I have alos > edited > the hosts/lmhost files on each computer (this only help to resolve the > IP > Address to the netbios name.) > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > B=192.168.0.2/255.255.255.0 > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > will response fine. On Computer B, I can also ping 192.168.0.2, > localhost and 127.0.0.1 and it will response fine. (TCP/IP stack seems > perfectly installed)!!! > > But I cannot ping A from B, neither can I ping B from A. > > This is the dumbest thing I have ever done and it is messing me up. > > Or is it impossible? > > - Original Message - > From: Mark W. Odette II > To: > Sent: Thursday, November 28, 2002 8:22 PM > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Check your subnet masks for each computer. > > Either specify Computer B as the default gateway for Computer A and > > vice-versa, or don't specify a default gateway at all. > > > > After that, you have to configure the lmhosts/hosts files if you > > want > to > > resolve machine names between each other (quickly). > > > > Verify that your cross-over cable is good, or plug each computer > > into > a > > hub/switch. > > > > It's that simple. > > > > Cheers! > > -Mark > > > > -Original Mes
RE: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Can a WIN98 machine act as a router? I have had issue slike this before, and they are normally attributed to dodgy IP stacks, especially on win98 machines. Godswill, can you post the results of a winipcfg on the 98 machine and a ipconfig /all on the nt machine? Do you have IP forwarding enabled on the NT machine? Do you have any internet connection sharing enabled on the 98 machine? The first paragraph of your email below states that you have 192.168.0.1 as the DG on both boxes, is this correct? -Original Message- From: Godswill Oletu [mailto:[EMAIL PROTECTED]] Sent: 29 November 2002 20:43 To: [EMAIL PROTECTED] Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] Hi Mark, Actually before now I had been checking the routing table 'route print' and also the netbios cache. On Computer A with IP address 192.168.0.1, there is a route to network 192.168.0.0 through interface 192.168.0.1 and on Computer B with IP address 192.168.0.2, there is a route to network 192.168.0.0 through interface 192.168.0.1 (seem great!). I will try reinstalling the OS, because I look stupified, however currently am trying it on another computer to see what happens. What I did not mention is that, on both Computer A and B, I have two NICs each. My intention is to implement double NATing. Computer B is connected to the Internet through RJ45 broadband and this connection is working great!. My goal was to NAT this connection to Computer A and then NAT it again from computer A downstream (I have not reached here), I do not think the presense of two NICs in each computer would have any thing to do with thei. Thanks men! Godswill - Original Message - From: Mark W. Odette II To: Sent: Friday, November 29, 2002 2:03 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Oletu- > What you are trying to do is not impossible. Many of us do this all > the time to migrate data from one machine to another without burdening > the Hub-based LAN or if the computer is all by itself and is being > upgraded. Case in point is the situation where a Win9x/Pentium 166Mhz > workstation is being replaced with a Windows XP/Pentium III 1.8Ghz > workstation... NetBEUI isn't a protocol option on XP, as it isn't > supported anymore- So, it's TCP/IP or IPX! > > Configuration of each computer is correct; the fact that you can > operate with success running NetBEUI says that your physical layer is > also solid, i.e., NIC's and Cross-over cable. > > Next thing to do is (for informational purposes) to 'route print' or a > 'netstat -r' at the command line to determine the TCP/IP stack has > proper routing information. Optionally issue the 'nbtstat -c' or > 'nbtstat -r' to see if you are getting any netbios caching... > > After collecting this information, I would remove the TCP/IP protocol, > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > test again... If that doesn't resolve the problem, then seek out > replacement drivers for the NIC(s). > > This pretty much addresses every possibility of failure between two > Windows-based computers that are directly connected to each other with > a cross-over cable. > > ... One other thought- You wouldn't have some kind of personal > firewall installed/previously installed on either one of these > computers by chance, would you!?!?! > > I have seen all kinds of crazy stuff occur on MS boxes that had had > any of the different flavors of "Personal Firewalls" installed, which > usually required complete removal of the TCP/IP protocol, and then > sifting through the networking portion of the registry to recover the > machine. The alternative was to reinstall the OS from scratch. The > firewalls in question were the Norton Personal Firewall, the Network > Associates Desktop Firewall, BlackIce, and one other I can't recall > the name of. Just some extra info to chew on for possibility. > > Good luck, and let us know what you find... > > -Mark > > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 29, 2002 12:04 PM > To: Mark W. Odette II; [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi Mark, > > I have done all that. The crossover cable is okay. NeTBEUI is working > fine. I can see both computers through Network Neigbourhood; copy > files from one > computer to the other. Everthing about NetBEUI is kool. I have alos > edited > the hosts/lmhost files on each computer (this only help to resolve the > IP > Address to the netbios name.) > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > B=192.168.0.2/255.255.255.0 > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > will response fine. On Computer B, I can also ping 192.168.0.2, > localhost and 127.0.0.1 and it will response fine. (TCP/IP stack seems > perfectly installed)!!! > > But I cannot ping A from B, neither ca
Re: syntax to configure router as NTP server [7:58273]
Robert wrote: > ntp master > ntp update-calendar > ntp server 130.126.24.53 You can skip the 'ntp master' if you only want to have your router serve time if it is itself synchronized to a server. If you put in 'ntp master' it will claim to be synced (and thus serve time to others) even when it's free-running on its local clock. Not really a good idea, especially with boxes that don't have a hardware clock. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58308&t=58273 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: syntax to configure router as NTP server [7:58273]
This is the configuration from my 6506. Hope it works for you. The IP address 130.126.24.53 is an Internet time server. You may want to check into a closer one for your time zone if you're not in the U.S. Central time zone. ntp master ntp update-calendar ntp server 130.126.24.53 ""Kenny Smith"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi.. Dear Friends, > > May I know what is the IOS command to configure a IOS router/switch as a NTP > server. I tried to search on net but can't understand it. I can only > configure as a client. > > Thanks a lot > > > > _ > Help STOP SPAM with the new MSN 8 and get 2 months FREE* > http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58307&t=58273 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Followup... WinNT System have Service pack 6 installed. Regards. - Original Message - From: Mark W. Odette II To: Sent: Friday, November 29, 2002 2:03 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Oletu- > What you are trying to do is not impossible. Many of us do this all the > time to migrate data from one machine to another without burdening the > Hub-based LAN or if the computer is all by itself and is being upgraded. > Case in point is the situation where a Win9x/Pentium 166Mhz workstation > is being replaced with a Windows XP/Pentium III 1.8Ghz workstation... > NetBEUI isn't a protocol option on XP, as it isn't supported anymore- > So, it's TCP/IP or IPX! > > Configuration of each computer is correct; the fact that you can operate > with success running NetBEUI says that your physical layer is also > solid, i.e., NIC's and Cross-over cable. > > Next thing to do is (for informational purposes) to 'route print' or a > 'netstat -r' at the command line to determine the TCP/IP stack has > proper routing information. Optionally issue the 'nbtstat -c' or > 'nbtstat -r' to see if you are getting any netbios caching... > > After collecting this information, I would remove the TCP/IP protocol, > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > test again... If that doesn't resolve the problem, then seek out > replacement drivers for the NIC(s). > > This pretty much addresses every possibility of failure between two > Windows-based computers that are directly connected to each other with a > cross-over cable. > > ... One other thought- You wouldn't have some kind of personal firewall > installed/previously installed on either one of these computers by > chance, would you!?!?! > > I have seen all kinds of crazy stuff occur on MS boxes that had had any > of the different flavors of "Personal Firewalls" installed, which > usually required complete removal of the TCP/IP protocol, and then > sifting through the networking portion of the registry to recover the > machine. The alternative was to reinstall the OS from scratch. The > firewalls in question were the Norton Personal Firewall, the Network > Associates Desktop Firewall, BlackIce, and one other I can't recall the > name of. Just some extra info to chew on for possibility. > > Good luck, and let us know what you find... > > -Mark > > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 29, 2002 12:04 PM > To: Mark W. Odette II; [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi Mark, > > I have done all that. The crossover cable is okay. NeTBEUI is working > fine. > I can see both computers through Network Neigbourhood; copy files from > one > computer to the other. Everthing about NetBEUI is kool. I have alos > edited > the hosts/lmhost files on each computer (this only help to resolve the > IP > Address to the netbios name.) > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > B=192.168.0.2/255.255.255.0 > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > will > response fine. On Computer B, I can also ping 192.168.0.2, localhost and > 127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly > installed)!!! > > But I cannot ping A from B, neither can I ping B from A. > > This is the dumbest thing I have ever done and it is messing me up. > > Or is it impossible? > > - Original Message - > From: Mark W. Odette II > To: > Sent: Thursday, November 28, 2002 8:22 PM > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Check your subnet masks for each computer. > > Either specify Computer B as the default gateway for Computer A and > > vice-versa, or don't specify a default gateway at all. > > > > After that, you have to configure the lmhosts/hosts files if you want > to > > resolve machine names between each other (quickly). > > > > Verify that your cross-over cable is good, or plug each computer into > a > > hub/switch. > > > > It's that simple. > > > > Cheers! > > -Mark > > > > -Original Message- > > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, November 28, 2002 6:26 PM > > To: [EMAIL PROTECTED] > > Subject: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Hi all, > > > > Where are mine going wrong? Has anyone implemented a Peer-to-Peer > > network > > involving just two computers with ONLY TCP/IP Protocol? > > > > I have been trying to do it but keeping failing. NetBEUI is working > > fine, I > > can transfer files in between both computers. But TCP/IP protocolis > not > > working across. Am trying to connect a Window NT to Windows 98 > Machine. > > I > > used > > the normal cross over cable (1-3, 2-6, 3-1, 6-2) connection. localhost > > pings > > alright, IP-address to each machine can be pinged from that very > machine > > only. > > Hosts file have been edit
RE: RE: Block MSN Messenger COMPLETE [7:58304]
Sorry my 11th finger seemed to hit send. >From several lists, but not tested thouroughly http://www.groupstudy.com/archives/cisco/200206/msg00480.html Block Kazaa Kazaa connects to other peers running Kazaa, on port 1214. So, the best way to block Kazaa downloads is to reject incoming and outgoing data packets-both TCP and UDP packets-on this port. Block Gnutella clients The P2P apps, which use the Gnutella network connect to peers on ports 6346 and 6347. AOL instant messenger can be blocked by filtering out the following I.P. addresses: But BLOCK internal DNS server AOL's DNS first BLOCK out from /32 to 205.188.0.0/16 port = 53 aim.aol.com login.oscar.aol.com 64.12.161.153bucp1-vip-m.blue.aol.com 64.12.161.185bucp2-vip-m.blue.aol.com 152.163.214.75 bucp-r01.blue.aol.com 152.163.214.76 bucp-r02.blue.aol.com 152.163.214.108bucp-r03.blue.aol.com 152.163.242.24 152.163.241.120 152.163.241.128 152.163.241.96 205.188.1.56 205.188.3.160 205.188.3.176 205.188.4.106 205.188.5.204 205.188.5.208 205.188.7.164 205.188.7.168 205.188.7.172 205.188.7.176 205.188.147.114 205.188.147.113 205.188.147.114 205.188.148.180 205.188.148.181 AOL Instant Messenger - Ok, I have been able to block this one with pretty solid results. I had to pretty much block 1 class C's worth of addresses in the 64 region of AOL's address range, but have not heard any complaints thus far. The program is pretty damn smart about getting around rules in your firewall. It will try and use FTP, TELNET, HTTP, FINGER, NETBIOS over IP, APPLETALK over IP, 1080 (SOCKS), 1024, Lotus Notes (TCP 1352) and a few others. I pretty much locked the subnet down but AIM was somehow getting through. I finally figured out that my CheckPoint firewall was allowing DNS traffic outbound in my rule base above rule 1. I had to go to the Properties section and disable the implicit access to DNS (TCP/UDP 53). Once I did that, it killed AIM altogether. DNS name of login.oscar.aol.com which is used to login to aol instant messenger. block yahoo messenger msg.sc5.yahoo.com msg.yahoo.com msg.edit.yahoo.com messenger.yahoo.com http.pager.yahoo.com cs.yahoo.com Default Port: 5050 216.136.175.145 216.136.224.213 216.136.224.214 216.136.225.11 216.136.225.12 216.136.225.35 216.136.225.36 216.136.225.83 216.136.225.84 216.136.226.117 216.136.226.118 216.136.131.93 216.136.175.142 216.136.175.143 216.136.175.144 access-list 101 deny ip 10.1.4.0 0.0.0.255 216.136.0.0 0.0.255.255 access-list 101 deny ip 10.1.4.0 0.0.0.255 66.163.0.0 0.0.255.255 access-list 101 deny ip 10.1.4.0 0.0.0.255 64.58.0.0 0.0.255.255 Test first. MSN gateway.messenger.hotmail.com Messenger uses port 1863, but if you block it then it can automatically switch to port 80. 1. Add the following registry key into client machines either through login script or similar: HKLM\SOFTWARE\Policies\Microsoft\Messenger\Client\PreventRun=1 This will prevent Messenger from running, whether or not it is installed. Because this key isn't modified during a Messenger install/re-install/upgrade, and isn't removed if the software is uninstalled, this should work for you. Nov. 9, and there were multiple login servers, where in the past there was only one. By Nov. 29, it appeared that there were login servers at addresses 64.4.13.17 64.4.13.170 through 64.4.13.190. Microsoft may be adding even more in the future. I was still able to block MSN Messenger with just default filter exceptions and the Access Rule listed above, but should a new version of MSN Messenger come out that is able to slip by the proxy rules, try redirecting an entire subnet. Redirecting subnet 64.4.13.160 (255.255.255.224) will prevent traffic from reaching all addresses from 64.4.13.161 through 64.4.13.191. (Changing that subnet to 64.4.13.128 and the subnet mask to 255.255.255.128 would expand the blocking to 64.4.13.129 through 64.4.13.255). Block ICQ/AIM traffic block out from any to any port = 5190 block in from any to any port = 5190 web.icq.com ads.icq.com login.icq.com cb.icq.com icq.mirabilis.com http.proxy.icq.com Work in progress. (from several posts) Martijn Jansen -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED]] Namens Mears, Rob Verzonden: dinsdag 19 november 2002 18:28 Aan: [EMAIL PROTECTED] Onderwerp: RE: RE: Block MSN Messenger [7:57595] Yes and I have done it all via the PIX Where you run into problems is when they use port 80. Rob Rob H Mears III, CCNP, MCSE, NNCDS, NNCSS, CNE, A+ LAN Engineer and Technical Mercenary Valor Telecom 469.420.2656 -Original Message- From: vikramjskeer [ mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Re: RE: Block MSN Messenger [7:57595] Hi All, Very rightly said that these messengers use so many servers and so many ports that it's kind of impossible to block them all. But you can very easi
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Hi Mark, So far... I brought in another Win98 system. TCP/IP and NetBEUI is working great between the two Win98 Systems. I can Ping and do all sorts of things between those two Win98 Systems. Now, same old problem, TCP/IP cannot work between Win98 and WinNT 4.0, only NetBEUI is working so far. I just swap the cable to a Win98 system and it start working. Have you personally implemented a peer to peer network between a WinNT 4.0 and Win98 System? Everything on the WinNT system looks okay, however am determined to fine a logical conclusion to this. What are not getting right now? Regards. Godswill - Original Message - From: Mark W. Odette II To: Sent: Friday, November 29, 2002 2:03 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Oletu- > What you are trying to do is not impossible. Many of us do this all the > time to migrate data from one machine to another without burdening the > Hub-based LAN or if the computer is all by itself and is being upgraded. > Case in point is the situation where a Win9x/Pentium 166Mhz workstation > is being replaced with a Windows XP/Pentium III 1.8Ghz workstation... > NetBEUI isn't a protocol option on XP, as it isn't supported anymore- > So, it's TCP/IP or IPX! > > Configuration of each computer is correct; the fact that you can operate > with success running NetBEUI says that your physical layer is also > solid, i.e., NIC's and Cross-over cable. > > Next thing to do is (for informational purposes) to 'route print' or a > 'netstat -r' at the command line to determine the TCP/IP stack has > proper routing information. Optionally issue the 'nbtstat -c' or > 'nbtstat -r' to see if you are getting any netbios caching... > > After collecting this information, I would remove the TCP/IP protocol, > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > test again... If that doesn't resolve the problem, then seek out > replacement drivers for the NIC(s). > > This pretty much addresses every possibility of failure between two > Windows-based computers that are directly connected to each other with a > cross-over cable. > > ... One other thought- You wouldn't have some kind of personal firewall > installed/previously installed on either one of these computers by > chance, would you!?!?! > > I have seen all kinds of crazy stuff occur on MS boxes that had had any > of the different flavors of "Personal Firewalls" installed, which > usually required complete removal of the TCP/IP protocol, and then > sifting through the networking portion of the registry to recover the > machine. The alternative was to reinstall the OS from scratch. The > firewalls in question were the Norton Personal Firewall, the Network > Associates Desktop Firewall, BlackIce, and one other I can't recall the > name of. Just some extra info to chew on for possibility. > > Good luck, and let us know what you find... > > -Mark > > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 29, 2002 12:04 PM > To: Mark W. Odette II; [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi Mark, > > I have done all that. The crossover cable is okay. NeTBEUI is working > fine. > I can see both computers through Network Neigbourhood; copy files from > one > computer to the other. Everthing about NetBEUI is kool. I have alos > edited > the hosts/lmhost files on each computer (this only help to resolve the > IP > Address to the netbios name.) > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > B=192.168.0.2/255.255.255.0 > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > will > response fine. On Computer B, I can also ping 192.168.0.2, localhost and > 127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly > installed)!!! > > But I cannot ping A from B, neither can I ping B from A. > > This is the dumbest thing I have ever done and it is messing me up. > > Or is it impossible? > > - Original Message - > From: Mark W. Odette II > To: > Sent: Thursday, November 28, 2002 8:22 PM > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Check your subnet masks for each computer. > > Either specify Computer B as the default gateway for Computer A and > > vice-versa, or don't specify a default gateway at all. > > > > After that, you have to configure the lmhosts/hosts files if you want > to > > resolve machine names between each other (quickly). > > > > Verify that your cross-over cable is good, or plug each computer into > a > > hub/switch. > > > > It's that simple. > > > > Cheers! > > -Mark > > > > -Original Message- > > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, November 28, 2002 6:26 PM > > To: [EMAIL PROTECTED] > > Subject: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Hi all, > > > > Where are mine going wrong? Has anyone implemented a Peer-t
Learnkey or Keystone learning [7:58303]
I am interested in purchasing CBT's for my Cisco security certifications. I was just curious of your opinions on learnkey product for the PIX, VPN , etc... by Michael Storm and Keystone in general. -Original Message- From: Mark Smith [mailto:[EMAIL PROTECTED]] Sent: Friday, November 29, 2002 2:47 PM To: [EMAIL PROTECTED] Subject: Re: CSS1/CCSP [7:58241] I was teasing, Richard. I ordered yours and a new one by a Callisma(?) and Umer Khan called Cisco Security Specialist's Guide to PIX Firewall from Bookpool.com yesterday after the post here mentioning it. When are you going to write one for CiscoPress anyway? I'm surprised they haven't approached you about it. Never did understand why Ceeesco used to have Firewall IOS covered on the PIX test anyway. Glad to see they've changed it. While I may go for CCSP the reason I bought yours is because of the areas you cover in it. I work with PIX's and have no training on them. It's a small part of my daily chores and I don't have the time to devote to learning about them that I wish I did. Too many other things to do and keep up with. Not much available on the PDM. Cisco's got squat on their site about it other than installation. Wonder what all I can do thru the PDM that I just don't know about. Thanks for writing the book. Mark Quoting Richard Deal : > Mark, > > Actually, Mark, I'm one step ahead of you :-). My PIX > book came out at the > end of October from McGraw-Hill/Osborne. I wrote it as > a non-certification > book, but it covers everything you'd see on the new > PIX exam. You can check > out a free chapter on Osborne's web site: > http://shop.osborne.com/cgi-bin/osborne/0072225238.html > (watch the wrap!). > > I also have some extra stuff on my web site that I > couldn't fit in the book > because of page constraints. Just vist my home page > below. > > Cheers! > -- > > Richard A. Deal > > Visit my home page at > http://home.cfl.rr.com/dealgroup/ > > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, > CCNP Remote Access > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco > LAN Switch Configuration > Exam Cram > > Cisco Test Prep author for QuizWare, providing the > most comprehensive Cisco > exams on the market. > > > > ""Mark Smith"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > So when are you going to write one, Rich? > > We're waiting. :) > > > > > > Quoting Richard Deal : > > > > > John, > > > > > > The CSS1 exams are valid until the end of January, > > > upon which you must take > > > the new exams. CiscoPress doesn't have any books > out > > > yet on the new tests. > > > > > > Cheers! > > > -- > > > > > > Richard A. Deal > > > > > > Visit my home page at > > > http://home.cfl.rr.com/dealgroup/ > > > > > > Author of Cisco PIX Firewalls, CCNA Secrets > Revealed!, > > > CCNP Remote Access > > > Exam Prep, CCNP Switching Exam Cram, and CCNP > Cisco > > > LAN Switch Configuration > > > Exam Cram > > > > > > Cisco Test Prep author for QuizWare, providing the > > > most comprehensive Cisco > > > exams on the market. > > > > > > > > > ""John Cianfarani"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Can we still write CSS1 or has it been replaced > with > > > the CCSP? > > > > > > > > Thanks > > > > John > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, November 28, 2002 8:30 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: RE: CSS1/CCSP [7:58241] > > > > > > > > I havent take the new CSI exam, but for CSS1 i > > > suggest you do the > > > > following > > > > : MCNS - PIX - VPN - IDS, and if you already > pass > > > all of them, i dont > > > > think > > > > you would have problems with CSI. > > > > > > > > > > > > Ardi > > > [EMAIL PROTECTED] > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58303&t=58303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: Block MSN Messenger [7:57595]
AOL instant messenger can be blocked by filtering out the following I.P. addresses: 205.188.3.160. 205.188.3.176, 205.188.5.204, 205.188.5.208, 205.188.7.164, 205.188.7.168, 205.188.7.172 205.188.7.176, and DNS name of login.oscar.aol.com which is used to login to aol instant messenger. block yahoo messenger msg.sc5.yahoo.com msg.yahoo.com MSN gateway.messenger.hotmail.com This should resolve most of your messenger blocking issues. If you need anything else, let me know. -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Mears, Rob Verzonden: dinsdag 19 november 2002 18:28 Aan: [EMAIL PROTECTED] Onderwerp: RE: RE: Block MSN Messenger [7:57595] Yes and I have done it all via the PIX Where you run into problems is when they use port 80. Rob Rob H Mears III, CCNP, MCSE, NNCDS, NNCSS, CNE, A+ LAN Engineer and Technical Mercenary Valor Telecom 469.420.2656 -Original Message- From: vikramjskeer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Re: RE: Block MSN Messenger [7:57595] Hi All, Very rightly said that these messengers use so many servers and so many ports that it's kind of impossible to block them all. But you can very easily do it, right on the OS level. I know about the Win2K that you can set up some system policies with which you can directly block these exes themselves. Hope it helps: Regards, Vikram "Lidiya White" wrote: Try to block the login servers: http://acronymsonline.com/im_ips.htm -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Josh Green Sent: Monday, November 18, 2002 10:16 AM To: [EMAIL PROTECTED] Subject: RE: Block MSN Messenger [7:57595] It is possible, however Messenger uses so many different ports on so many different servers that it's not worth your time. -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Monday, November 18, 2002 8:36 AM To: [EMAIL PROTECTED] Subject: Re: Block MSN Messenger [7:57595] no. don't waste your time. ""Ahed Naimi"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear All; > > Is there any way to block MSN Messenger by using the access-list statements > on an IOS Cisco router. > > Thanks All. Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58302&t=57595 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Hi Mark, Actually before now I had been checking the routing table 'route print' and also the netbios cache. On Computer A with IP address 192.168.0.1, there is a route to network 192.168.0.0 through interface 192.168.0.1 and on Computer B with IP address 192.168.0.2, there is a route to network 192.168.0.0 through interface 192.168.0.1 (seem great!). I will try reinstalling the OS, because I look stupified, however currently am trying it on another computer to see what happens. What I did not mention is that, on both Computer A and B, I have two NICs each. My intention is to implement double NATing. Computer B is connected to the Internet through RJ45 broadband and this connection is working great!. My goal was to NAT this connection to Computer A and then NAT it again from computer A downstream (I have not reached here), I do not think the presense of two NICs in each computer would have any thing to do with thei. Thanks men! Godswill - Original Message - From: Mark W. Odette II To: Sent: Friday, November 29, 2002 2:03 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Oletu- > What you are trying to do is not impossible. Many of us do this all the > time to migrate data from one machine to another without burdening the > Hub-based LAN or if the computer is all by itself and is being upgraded. > Case in point is the situation where a Win9x/Pentium 166Mhz workstation > is being replaced with a Windows XP/Pentium III 1.8Ghz workstation... > NetBEUI isn't a protocol option on XP, as it isn't supported anymore- > So, it's TCP/IP or IPX! > > Configuration of each computer is correct; the fact that you can operate > with success running NetBEUI says that your physical layer is also > solid, i.e., NIC's and Cross-over cable. > > Next thing to do is (for informational purposes) to 'route print' or a > 'netstat -r' at the command line to determine the TCP/IP stack has > proper routing information. Optionally issue the 'nbtstat -c' or > 'nbtstat -r' to see if you are getting any netbios caching... > > After collecting this information, I would remove the TCP/IP protocol, > reboot, reinstall TCP/IP protocol, install most recent SP for OS, and > test again... If that doesn't resolve the problem, then seek out > replacement drivers for the NIC(s). > > This pretty much addresses every possibility of failure between two > Windows-based computers that are directly connected to each other with a > cross-over cable. > > ... One other thought- You wouldn't have some kind of personal firewall > installed/previously installed on either one of these computers by > chance, would you!?!?! > > I have seen all kinds of crazy stuff occur on MS boxes that had had any > of the different flavors of "Personal Firewalls" installed, which > usually required complete removal of the TCP/IP protocol, and then > sifting through the networking portion of the registry to recover the > machine. The alternative was to reinstall the OS from scratch. The > firewalls in question were the Norton Personal Firewall, the Network > Associates Desktop Firewall, BlackIce, and one other I can't recall the > name of. Just some extra info to chew on for possibility. > > Good luck, and let us know what you find... > > -Mark > > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 29, 2002 12:04 PM > To: Mark W. Odette II; [EMAIL PROTECTED] > Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi Mark, > > I have done all that. The crossover cable is okay. NeTBEUI is working > fine. > I can see both computers through Network Neigbourhood; copy files from > one > computer to the other. Everthing about NetBEUI is kool. I have alos > edited > the hosts/lmhost files on each computer (this only help to resolve the > IP > Address to the netbios name.) > > IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer > B=192.168.0.2/255.255.255.0 > > On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it > will > response fine. On Computer B, I can also ping 192.168.0.2, localhost and > 127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly > installed)!!! > > But I cannot ping A from B, neither can I ping B from A. > > This is the dumbest thing I have ever done and it is messing me up. > > Or is it impossible? > > - Original Message - > From: Mark W. Odette II > To: > Sent: Thursday, November 28, 2002 8:22 PM > Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > > > Check your subnet masks for each computer. > > Either specify Computer B as the default gateway for Computer A and > > vice-versa, or don't specify a default gateway at all. > > > > After that, you have to configure the lmhosts/hosts files if you want > to > > resolve machine names between each other (quickly). > > > > Verify that your cross-over cable is good, or plug each computer into > a > > hub/switch. > > > > It's tha
Re: CSS1/CCSP [7:58241]
I was teasing, Richard. I ordered yours and a new one by a Callisma(?) and Umer Khan called Cisco Security Specialist's Guide to PIX Firewall from Bookpool.com yesterday after the post here mentioning it. When are you going to write one for CiscoPress anyway? I'm surprised they haven't approached you about it. Never did understand why Ceeesco used to have Firewall IOS covered on the PIX test anyway. Glad to see they've changed it. While I may go for CCSP the reason I bought yours is because of the areas you cover in it. I work with PIX's and have no training on them. It's a small part of my daily chores and I don't have the time to devote to learning about them that I wish I did. Too many other things to do and keep up with. Not much available on the PDM. Cisco's got squat on their site about it other than installation. Wonder what all I can do thru the PDM that I just don't know about. Thanks for writing the book. Mark Quoting Richard Deal : > Mark, > > Actually, Mark, I'm one step ahead of you :-). My PIX > book came out at the > end of October from McGraw-Hill/Osborne. I wrote it as > a non-certification > book, but it covers everything you'd see on the new > PIX exam. You can check > out a free chapter on Osborne's web site: > http://shop.osborne.com/cgi-bin/osborne/0072225238.html > (watch the wrap!). > > I also have some extra stuff on my web site that I > couldn't fit in the book > because of page constraints. Just vist my home page > below. > > Cheers! > -- > > Richard A. Deal > > Visit my home page at > http://home.cfl.rr.com/dealgroup/ > > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, > CCNP Remote Access > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco > LAN Switch Configuration > Exam Cram > > Cisco Test Prep author for QuizWare, providing the > most comprehensive Cisco > exams on the market. > > > > ""Mark Smith"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > So when are you going to write one, Rich? > > We're waiting. :) > > > > > > Quoting Richard Deal : > > > > > John, > > > > > > The CSS1 exams are valid until the end of January, > > > upon which you must take > > > the new exams. CiscoPress doesn't have any books > out > > > yet on the new tests. > > > > > > Cheers! > > > -- > > > > > > Richard A. Deal > > > > > > Visit my home page at > > > http://home.cfl.rr.com/dealgroup/ > > > > > > Author of Cisco PIX Firewalls, CCNA Secrets > Revealed!, > > > CCNP Remote Access > > > Exam Prep, CCNP Switching Exam Cram, and CCNP > Cisco > > > LAN Switch Configuration > > > Exam Cram > > > > > > Cisco Test Prep author for QuizWare, providing the > > > most comprehensive Cisco > > > exams on the market. > > > > > > > > > ""John Cianfarani"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Can we still write CSS1 or has it been replaced > with > > > the CCSP? > > > > > > > > Thanks > > > > John > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, November 28, 2002 8:30 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: RE: CSS1/CCSP [7:58241] > > > > > > > > I havent take the new CSI exam, but for CSS1 i > > > suggest you do the > > > > following > > > > : MCNS - PIX - VPN - IDS, and if you already > pass > > > all of them, i dont > > > > think > > > > you would have problems with CSI. > > > > > > > > > > > > Ardi > > > [EMAIL PROTECTED] > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58299&t=58241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Port Security on 3550 based on given MAC-Address and IP-Address [7:58298]
How can I configure PortSecurity based on MAc-Address and IP-Address. I only know about "switchport port-security mac-address" but there must be a way to manage this in conjunction with an IP Static ARp entry Thanx Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58298&t=58298 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A dumb question (hit me or ignore me ;)) [7:58288]
... I was going to suggest verification that Port Security hasn't been enabled, along with what you suggested :) -Mark -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED]] Sent: Friday, November 29, 2002 12:13 PM To: [EMAIL PROTECTED] Subject: Re: A dumb question (hit me or ignore me ;)) [7:58288] ""deltan"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Why can't I directly hook up a laptop to a 6509 switch > port that enables "stp portfast" (using straight-thru > cable)? troubleshooting 101. can you do what you need to do if portfast is NOT enabled on that port? there have been well documented problems with NIC's of various sorts. so the question becomes, what NIC is in your laptop? do you have other laptops that CAN connect, and if so, what NICS are in those? HTH > > I can't ping anything in the same subnet (as the > port's VLAN's) and there's no ARP entry in either my > laptop or in 6509. > > Any words will be appreciated. :) > > Bill > > > __ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58297&t=58288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Oletu- What you are trying to do is not impossible. Many of us do this all the time to migrate data from one machine to another without burdening the Hub-based LAN or if the computer is all by itself and is being upgraded. Case in point is the situation where a Win9x/Pentium 166Mhz workstation is being replaced with a Windows XP/Pentium III 1.8Ghz workstation... NetBEUI isn't a protocol option on XP, as it isn't supported anymore- So, it's TCP/IP or IPX! Configuration of each computer is correct; the fact that you can operate with success running NetBEUI says that your physical layer is also solid, i.e., NIC's and Cross-over cable. Next thing to do is (for informational purposes) to 'route print' or a 'netstat -r' at the command line to determine the TCP/IP stack has proper routing information. Optionally issue the 'nbtstat -c' or 'nbtstat -r' to see if you are getting any netbios caching... After collecting this information, I would remove the TCP/IP protocol, reboot, reinstall TCP/IP protocol, install most recent SP for OS, and test again... If that doesn't resolve the problem, then seek out replacement drivers for the NIC(s). This pretty much addresses every possibility of failure between two Windows-based computers that are directly connected to each other with a cross-over cable. ... One other thought- You wouldn't have some kind of personal firewall installed/previously installed on either one of these computers by chance, would you!?!?! I have seen all kinds of crazy stuff occur on MS boxes that had had any of the different flavors of "Personal Firewalls" installed, which usually required complete removal of the TCP/IP protocol, and then sifting through the networking portion of the registry to recover the machine. The alternative was to reinstall the OS from scratch. The firewalls in question were the Norton Personal Firewall, the Network Associates Desktop Firewall, BlackIce, and one other I can't recall the name of. Just some extra info to chew on for possibility. Good luck, and let us know what you find... -Mark -Original Message- From: Godswill Oletu [mailto:[EMAIL PROTECTED]] Sent: Friday, November 29, 2002 12:04 PM To: Mark W. Odette II; [EMAIL PROTECTED] Subject: Re: I seems Confused.Peer-to-to TCP/IP Network [7:58255] Hi Mark, I have done all that. The crossover cable is okay. NeTBEUI is working fine. I can see both computers through Network Neigbourhood; copy files from one computer to the other. Everthing about NetBEUI is kool. I have alos edited the hosts/lmhost files on each computer (this only help to resolve the IP Address to the netbios name.) IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer B=192.168.0.2/255.255.255.0 On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it will response fine. On Computer B, I can also ping 192.168.0.2, localhost and 127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly installed)!!! But I cannot ping A from B, neither can I ping B from A. This is the dumbest thing I have ever done and it is messing me up. Or is it impossible? - Original Message - From: Mark W. Odette II To: Sent: Thursday, November 28, 2002 8:22 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Check your subnet masks for each computer. > Either specify Computer B as the default gateway for Computer A and > vice-versa, or don't specify a default gateway at all. > > After that, you have to configure the lmhosts/hosts files if you want to > resolve machine names between each other (quickly). > > Verify that your cross-over cable is good, or plug each computer into a > hub/switch. > > It's that simple. > > Cheers! > -Mark > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 28, 2002 6:26 PM > To: [EMAIL PROTECTED] > Subject: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi all, > > Where are mine going wrong? Has anyone implemented a Peer-to-Peer > network > involving just two computers with ONLY TCP/IP Protocol? > > I have been trying to do it but keeping failing. NetBEUI is working > fine, I > can transfer files in between both computers. But TCP/IP protocolis not > working across. Am trying to connect a Window NT to Windows 98 Machine. > I > used > the normal cross over cable (1-3, 2-6, 3-1, 6-2) connection. localhost > pings > alright, IP-address to each machine can be pinged from that very machine > only. > Hosts file have been edited and it is resolving fine...but I can ping > one > machine from the other. > > I have double checked everything but cannot figure out whats happening. > I > know > I have been implementing peer-to-peer networks but I had not gotten into > this > kind of scenario.. > > Any forethought would help, thanks > > Godswill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58296&t=58255 -- FAQ, list archi
Re: CSS1/CCSP [7:58241]
Mark, Actually, Mark, I'm one step ahead of you :-). My PIX book came out at the end of October from McGraw-Hill/Osborne. I wrote it as a non-certification book, but it covers everything you'd see on the new PIX exam. You can check out a free chapter on Osborne's web site: http://shop.osborne.com/cgi-bin/osborne/0072225238.html (watch the wrap!). I also have some extra stuff on my web site that I couldn't fit in the book because of page constraints. Just vist my home page below. Cheers! -- Richard A. Deal Visit my home page at http://home.cfl.rr.com/dealgroup/ Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco exams on the market. ""Mark Smith"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > So when are you going to write one, Rich? > We're waiting. :) > > > Quoting Richard Deal : > > > John, > > > > The CSS1 exams are valid until the end of January, > > upon which you must take > > the new exams. CiscoPress doesn't have any books out > > yet on the new tests. > > > > Cheers! > > -- > > > > Richard A. Deal > > > > Visit my home page at > > http://home.cfl.rr.com/dealgroup/ > > > > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, > > CCNP Remote Access > > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco > > LAN Switch Configuration > > Exam Cram > > > > Cisco Test Prep author for QuizWare, providing the > > most comprehensive Cisco > > exams on the market. > > > > > > ""John Cianfarani"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Can we still write CSS1 or has it been replaced with > > the CCSP? > > > > > > Thanks > > > John > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, November 28, 2002 8:30 PM > > > To: [EMAIL PROTECTED] > > > Subject: RE: CSS1/CCSP [7:58241] > > > > > > I havent take the new CSI exam, but for CSS1 i > > suggest you do the > > > following > > > : MCNS - PIX - VPN - IDS, and if you already pass > > all of them, i dont > > > think > > > you would have problems with CSI. > > > > > > > > > Ardi > > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58295&t=58241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A dumb question (hit me or ignore me ;)) [7:58288]
""deltan"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Why can't I directly hook up a laptop to a 6509 switch > port that enables "stp portfast" (using straight-thru > cable)? troubleshooting 101. can you do what you need to do if portfast is NOT enabled on that port? there have been well documented problems with NIC's of various sorts. so the question becomes, what NIC is in your laptop? do you have other laptops that CAN connect, and if so, what NICS are in those? HTH > > I can't ping anything in the same subnet (as the > port's VLAN's) and there's no ARP entry in either my > laptop or in 6509. > > Any words will be appreciated. :) > > Bill > > > __ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58294&t=58288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I seems Confused.....Peer-to-to TCP/IP Network [7:58255]
Hi Mark, I have done all that. The crossover cable is okay. NeTBEUI is working fine. I can see both computers through Network Neigbourhood; copy files from one computer to the other. Everthing about NetBEUI is kool. I have alos edited the hosts/lmhost files on each computer (this only help to resolve the IP Address to the netbios name.) IP addresses are Computer A=192.168.0.1/255.255.255.0 and Computer B=192.168.0.2/255.255.255.0 On Computer A, I can ping 192.168.0.1, localhost and 127.0.0.1 and it will response fine. On Computer B, I can also ping 192.168.0.2, localhost and 127.0.0.1 and it will response fine. (TCP/IP stack seems perfectly installed)!!! But I cannot ping A from B, neither can I ping B from A. This is the dumbest thing I have ever done and it is messing me up. Or is it impossible? - Original Message - From: Mark W. Odette II To: Sent: Thursday, November 28, 2002 8:22 PM Subject: RE: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > Check your subnet masks for each computer. > Either specify Computer B as the default gateway for Computer A and > vice-versa, or don't specify a default gateway at all. > > After that, you have to configure the lmhosts/hosts files if you want to > resolve machine names between each other (quickly). > > Verify that your cross-over cable is good, or plug each computer into a > hub/switch. > > It's that simple. > > Cheers! > -Mark > > -Original Message- > From: Godswill Oletu [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 28, 2002 6:26 PM > To: [EMAIL PROTECTED] > Subject: I seems Confused.Peer-to-to TCP/IP Network [7:58255] > > Hi all, > > Where are mine going wrong? Has anyone implemented a Peer-to-Peer > network > involving just two computers with ONLY TCP/IP Protocol? > > I have been trying to do it but keeping failing. NetBEUI is working > fine, I > can transfer files in between both computers. But TCP/IP protocolis not > working across. Am trying to connect a Window NT to Windows 98 Machine. > I > used > the normal cross over cable (1-3, 2-6, 3-1, 6-2) connection. localhost > pings > alright, IP-address to each machine can be pinged from that very machine > only. > Hosts file have been edited and it is resolving fine...but I can ping > one > machine from the other. > > I have double checked everything but cannot figure out whats happening. > I > know > I have been implementing peer-to-peer networks but I had not gotten into > this > kind of scenario.. > > Any forethought would help, thanks > > Godswill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58293&t=58255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1/CCSP [7:58241]
So when are you going to write one, Rich? We're waiting. :) Quoting Richard Deal : > John, > > The CSS1 exams are valid until the end of January, > upon which you must take > the new exams. CiscoPress doesn't have any books out > yet on the new tests. > > Cheers! > -- > > Richard A. Deal > > Visit my home page at > http://home.cfl.rr.com/dealgroup/ > > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, > CCNP Remote Access > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco > LAN Switch Configuration > Exam Cram > > Cisco Test Prep author for QuizWare, providing the > most comprehensive Cisco > exams on the market. > > > ""John Cianfarani"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Can we still write CSS1 or has it been replaced with > the CCSP? > > > > Thanks > > John > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, November 28, 2002 8:30 PM > > To: [EMAIL PROTECTED] > > Subject: RE: CSS1/CCSP [7:58241] > > > > I havent take the new CSI exam, but for CSS1 i > suggest you do the > > following > > : MCNS - PIX - VPN - IDS, and if you already pass > all of them, i dont > > think > > you would have problems with CSI. > > > > > > Ardi > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58292&t=58241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Book [7:58250]
Arni, Thanks for the plug on my book. You can also use it to study for the new PIX exam, if you are thinking of pursing the CSS1, CCSP, or PIX specialist certification. If you have any questions while reading it, please don't hesitate to shoot me an email. Cheers! -- Richard A. Deal Visit my home page at http://home.cfl.rr.com/dealgroup/ Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco exams on the market. ""Arni V. Skarphedinsson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The Cisco PIX Firewalls by Richard A. Deal > > I am reading it, and would recomed it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58291&t=58250 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1/CCSP [7:58241]
John, The CSS1 exams are valid until the end of January, upon which you must take the new exams. CiscoPress doesn't have any books out yet on the new tests. Cheers! -- Richard A. Deal Visit my home page at http://home.cfl.rr.com/dealgroup/ Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco exams on the market. ""John Cianfarani"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Can we still write CSS1 or has it been replaced with the CCSP? > > Thanks > John > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 28, 2002 8:30 PM > To: [EMAIL PROTECTED] > Subject: RE: CSS1/CCSP [7:58241] > > I havent take the new CSI exam, but for CSS1 i suggest you do the > following > : MCNS - PIX - VPN - IDS, and if you already pass all of them, i dont > think > you would have problems with CSI. > > > Ardi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58290&t=58241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Software for Statistical Profiling [7:58277]
Try here for erlang calculator http://www.erlang.com/ There are 2 type B and C . B assumes blocked calls don't call back and C assumes they stay in queue. Chuck Dunkirk The Long and Winding Road wrote: >Richard, the software used for your telephone booth problem is called an >Ehrlang calculator. it seems that you could use an Ehrlang calculator to do >this as well. There are a number of web sites that have Ehrlang calcs. A >google search should reveal a bunch of them. > >A long time ago, in statistics class, we used to do something called "monte >carlo simulations" to figure out stuff like this also. I don't remember much >about the mechanics. Got a statistics professor on you campus? > >Chuck > >-- >TANSTAAFL >"there ain't no such thing as a free lunch" > > > > >""Larkin, Richard"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >>I recall in Uni that we used te Poisson distribution and some mathematical >>formulae to say that if we have x people arrive per hour at a phone booth, >>and the average phone call is y minutes, we would need z phone booths to >>ensure that 95% of the time, people don't have to wait (or only have to >> >wait > >>xx minutes). >> >>Transposing this to application budgeting, I have an application at a >> >remote > >>site which has a max of 5 concurrent users and the worst transaction they >> >do > >>will hog the 64kbps line for 30 seconds (if it is the only transaction). >> >>My question is without revising my lecture notes, what software would help >>me determine what bandwidth to allocate this application so that 95% (or >>whatever) of the time the transaction can be completed in yy seconds? >> >>Is there any good software out there which would help me with this? >> >>Cheers >>Rik Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58289&t=58277 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
A dumb question (hit me or ignore me ;)) [7:58288]
Why can't I directly hook up a laptop to a 6509 switch port that enables "stp portfast" (using straight-thru cable)? I can't ping anything in the same subnet (as the port's VLAN's) and there's no ARP entry in either my laptop or in 6509. Any words will be appreciated. :) Bill __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58288&t=58288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
test message [7:58287]
Andrew Larkins BCom, CCNP, CCDP Bytes Technology Networks A Division of the Bytes Technology Group A Member of the Altron Group www.btgroup.co.za visit the press office @ www.itweb.co.za/office/bytes Tel : +27 11 800 9336 Fax : +27 11 800 9496 Mobile : +27 83 656 7214 Email : [EMAIL PROTECTED] OR [EMAIL PROTECTED] "This e-mail and its attachments may contain information that is confidential and that may be subject to legal privilege and copyright. If you are not the intended recipient you may not peruse, use, disclose, distribute, copy or retain this message. If you have received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and return and thereafter destroy the original message. Please note that e-mails are subject to viruses, data corruption, delay, interception and unauthorised amendment, and that the sender does not accept liability for any damages that may be incurred as a result of communication by e-mail. No employee or intermediary is authorised to conclude a binding agreement on behalf of the sender by e-mail without express written confirmation by a duly authorised representative of the sender. By transmitting this e-mail message over the Internet the sender does not intend to allow the contents hereof to become part of the public domain, and the confidential nature of the contents shall not be altered or diminished from by such transmission." Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58287&t=58287 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Software for Statistical Profiling [7:58277]
Richard, the software used for your telephone booth problem is called an Ehrlang calculator. it seems that you could use an Ehrlang calculator to do this as well. There are a number of web sites that have Ehrlang calcs. A google search should reveal a bunch of them. A long time ago, in statistics class, we used to do something called "monte carlo simulations" to figure out stuff like this also. I don't remember much about the mechanics. Got a statistics professor on you campus? Chuck -- TANSTAAFL "there ain't no such thing as a free lunch" ""Larkin, Richard"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I recall in Uni that we used te Poisson distribution and some mathematical > formulae to say that if we have x people arrive per hour at a phone booth, > and the average phone call is y minutes, we would need z phone booths to > ensure that 95% of the time, people don't have to wait (or only have to wait > xx minutes). > > Transposing this to application budgeting, I have an application at a remote > site which has a max of 5 concurrent users and the worst transaction they do > will hog the 64kbps line for 30 seconds (if it is the only transaction). > > My question is without revising my lecture notes, what software would help > me determine what bandwidth to allocate this application so that 95% (or > whatever) of the time the transaction can be completed in yy seconds? > > Is there any good software out there which would help me with this? > > Cheers > Rik Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58286&t=58277 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 35xx question [7:58202]
Hi Jeff, No, I don't think so it is necessary. As VLANs are essentially layer 2 entities, you can just add them through VLAN Databse. But if you want to use the Layer 3 functionalities, then its a different issue, Regards, Vikram "Jeff Specoli" wrote: If you have multiple VLANs defined on a 35xx switch, do you *have* to create an SVI (interface VLANx) for each VLAN? Thanks... Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58285&t=58202 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need info on CSU/DSU [7:58240]
dsu/csu is integrated. check this link from cisco (which i found by simply typing NM-2CE1B in the search box on cisco.com) http://www.cisco.com/en/US/customer/products/hw/modules/ps2797/products_tech _note09186a00800b1150.shtml ""Deepak Nagarajachary"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi > can anyone give info on these as it is very urgent. > expecting your help > > Regards > Deepak > > Deepak Nagarajachary wrote: > > > Hi All > > I have the following configuration for setting up the lab. > > (c3660)[NM2CE1B]--->csu/dsucsu/dsu-->[NM2CE1B]{c3660) > > > > To my understanding NM2CE1B requires external csu/dsu. > > If anyone have the information on this, could u please share your ideas > > with me regarding type of csu/dsu > > does it require external or internal is available and about the csu/dsu > > product. > > > > Thanks in advance > > > > Regards > > Deepak Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58284&t=58240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need info on CSU/DSU [7:58240]
Hi can anyone give info on these as it is very urgent. expecting your help Regards Deepak Deepak Nagarajachary wrote: > Hi All > I have the following configuration for setting up the lab. > (c3660)[NM2CE1B]--->csu/dsucsu/dsu-->[NM2CE1B]{c3660) > > To my understanding NM2CE1B requires external csu/dsu. > If anyone have the information on this, could u please share your ideas > with me regarding type of csu/dsu > does it require external or internal is available and about the csu/dsu > product. > > Thanks in advance > > Regards > Deepak Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58283&t=58240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Which IDS do you use for PIX ? [7:58280]
Hi there , I`m suppossed to order a PIX 535 (?) till Monday... Still many questions hahaha Sofar we`re using the old netranger (with HPOV) and NFR. NFR is fine, netranger is real work and uncomfy. How`s about you ? ray Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58280&t=58280 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please confirm (conf#1d5572c3ea87dd6135ea5d929d9e07a3) [7:58279]
- Original Message - From: To: Sent: Friday, November 29, 2002 12:24 PM Subject: Please confirm (conf#1d5572c3ea87dd6135ea5d929d9e07a3) > Hi, > > You have tried to post to GroupStudy.com's Professional mailing list. Because > the server does not recognize you as a confirmed poster, you will be required > to authenticate that you are using a valid e-mail address and are not a > spammer. By confirming this e-mail you certify that you are not sending > Unsolicited Bulk Email (UBE). > > PLEASE DO NOT SEND YOUR ORIGINAL MESSAGE AGAIN! BY CONFIRMING THIS EMAIL > YOUR ORIGINAL MESSAGE (WHICH IS NOW QUEUED IN THE SERVER) WILL BE POSTED. > > > By confirming this e-mail you also certify the following: > > 1. The message does NOT break Cisco's Non-Disclosure requirements. > > 2. The message is NOT designed to advertise a commercial product. > > 3. You understand all postings become property of GroupStudy.com > > 4. You have searched the archives prior to posting. > > 5. The message is NOT inflammatory. > > 6. The message is NOT a test message. > > To confirm, simply reply to this message. No editing is necessary. Once > confirmed, you will be able to post without additional confirmations. > > > Welcome to GroupStudy.com! > > > --ORIGINAL MESSAGE- > > >From [EMAIL PROTECTED] Fri Nov 29 11:24:49 2002 > Received: from dzik.trecom.com.pl (dzik.trecom.com.pl [62.233.142.90]) > by groupstudy.com (8.9.3/8.9.3) with ESMTP id LAA30579 > GroupStudy Mailer; Fri, 29 Nov 2002 11:24:48 GMT > Received: from 127.0.0.1 (localhost.localdomain [127.0.0.1]) > by dummy.domain.name (Postfix) with SMTP id 19E89111C > for ; Fri, 29 Nov 2002 12:24:45 +0100 (CET) > Received: from puma (unknown [192.168.1.2]) > by dzik.trecom.com.pl (Postfix) with ESMTP id F3CF3E0A > for ; Fri, 29 Nov 2002 12:24:44 +0100 (CET) > Message-ID: > From: =?iso-8859-2?Q?Tomasz_Szyma=F1ski?= > To: > Subject: CCIE Lab > Date: Fri, 29 Nov 2002 12:24:21 +0100 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_000_0005_01C297A2.3EE9EFD0" > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2800.1106 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 > > This is a multi-part message in MIME format. > > --=_NextPart_000_0005_01C297A2.3EE9EFD0 > Content-Type: text/plain; > charset="iso-8859-2" > Content-Transfer-Encoding: quoted-printable > > Hi All, > > I'm new to the group and I'd like to ask if someon has some materials = > (and could share with me) for the CCIE Lab. > > TS > --=_NextPart_000_0005_01C297A2.3EE9EFD0 > Content-Type: text/html; > charset="iso-8859-2" > Content-Transfer-Encoding: quoted-printable > > > > charset=3Diso-8859-2"> > > > > > Hi All, > > I'm new to the group and I'd like to = > ask if someon=20 > has some materials (and could share with me) for the CCIE = > Lab. > > TS > > --=_NextPart_000_0005_01C297A2.3EE9EFD0-- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58279&t=58279 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab [7:58278]
Hi All, I'm new to the group and I'd like to ask if someon has some materials (and could share with me) for the CCIE Lab. TS Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58278&t=58278 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Software for Statistical Profiling [7:58277]
I recall in Uni that we used te Poisson distribution and some mathematical formulae to say that if we have x people arrive per hour at a phone booth, and the average phone call is y minutes, we would need z phone booths to ensure that 95% of the time, people don't have to wait (or only have to wait xx minutes). Transposing this to application budgeting, I have an application at a remote site which has a max of 5 concurrent users and the worst transaction they do will hog the 64kbps line for 30 seconds (if it is the only transaction). My question is without revising my lecture notes, what software would help me determine what bandwidth to allocate this application so that 95% (or whatever) of the time the transaction can be completed in yy seconds? Is there any good software out there which would help me with this? Cheers Rik Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58277&t=58277 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 6500 (Redundancy (SRM) vs (Dual MSFC Redundancy) [7:58276]
Eric, We went through the same dilemma. We are upgrading from fully redundant 5500's to 6500's (Dual Sup2, MSFC2, PFC2). We decided against HSRP because it required us to keep the configurations synchronized. Granted, the auto sync would take care of IP and IPX, but we also have Appletalk which would require extra effort to maintain (disable sync, make the change to each MSFC, enable sync). The downside to SRM is the failover time. Although we haven't actually tested the failover time under load, Cisco says it could take up to 120 seconds while all the tables are repopulated on the redundant Sup/MSFC. Existing flows continue to run while this happens, just new flows can't be established. We decided that was acceptable. As for packet loss, I don't think the 6500 would have problems unless you're passing 10's of Gig's per second on a non-fabric enabled switch. We are supporting upwards of 25,000 Ethernet ports with over 100 VLANs. We have not had any problems with EIGRP overloading the 5500's or 6500. We decided to use passive on all VLANs except those that actually need it. This is more for security than anything else. I'm curious... is the 65007 a James Bond switch? :-) Ken >>> "Eric W" 11/28/02 04:47PM >>> Dear Cisco Fans and Professionals, I need some friendly advice. There are different opinions about Cat6500(High availibility with Single Router Mode) and (High availibility with Dual MSFC Redundancy) Imagine you had 3 Cat65007s with Dual MSFC1 and Dual Supervisor1A. That is 6 MSFC's and 6 Supervisor engines. You have over 1500 users to support with 30VLANs that need interconnecting routing via EIGRP. Some user applications are sensitive to packet loss. You have to provide minimium downtime in the case of MSFC failer or Supervisor failer. Question 1. Which would you implement (High availibility with Single router mode) or (High availibility with Dual MSFC Redundancy) and why? Question 2. Is was brought to my attention that running dual MSFC redundancy with a high number of VLANS would cause the EIGRP process to run very high. As you know EIGRP is a very noisy protocol. Query storms.. Implementing EIGRP passive interface on all VLAN interfaces except the management VLAN would help the EIGRP process to run low. Are query storms an issue to worry about even after the passive interface is issued on client/user VLANS? Regards, Eric Washington Network Engineer CCNP Thanks in advance for your input Cisco Professionals _ MSN Hotmail http://www.hotmail.com/ BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Ken Diliberto EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Diliberto;Ken END:VCARD Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58276&t=58276 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco 837 [7:58275]
Hi Anyone have any i info on the new cisco 837 router ? they say it has hardware acelerated 3DES encryption that would be great, but I would like to know if anyone has seen any 3des throughput figures for the router. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58275&t=58275 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
test [7:58274]
just test if i can post message Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58274&t=58274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
syntax to configure router as NTP server [7:58273]
Hi.. Dear Friends, May I know what is the IOS command to configure a IOS router/switch as a NTP server. I tried to search on net but can't understand it. I can only configure as a client. Thanks a lot _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58273&t=58273 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]