Re: OSPF over FR [7:70025]
you may want to check out the OSPF config guide on my website www.chuckslongroad.info hint - in the world of Cisco certification, it is essential that you master OSPF over NMBA in all its manifestations. Catherine Wu wrote in message news:[EMAIL PROTECTED] I am testing Hub-Spoke for OSPF over FR, I verified the neighbor adjacency,but I couldn't see route 2.2.2.2 and 3.3.3.3 in the routing table, RouterA#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 1 FULL/ -00:01:4110.1.1.6 Serial0/0.2 2.2.2.2 1 FULL/ -00:01:3910.1.1.2 Serial0/0.1 RouterB#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR00:01:3810.1.1.1 Serial0/0 RouterC#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR00:01:3410.1.1.5 Serial0/0 RouterA#sh ip ro Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback0 10.0.0.0/30 is subnetted, 2 subnets C 10.1.1.0 is directly connected, Serial0/0.1 C 10.1.1.4 is directly connected, Serial0/0.2 Please help. Thanks Catherine RouterA interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Serial0/0 no ip address encapsulation frame-relay frame-relay lmi-type ansi no sh ! interface Serial0/0.1 point-to-point ip address 10.1.1.1 255.255.255.252 ip ospf hello-interval 30 frame-relay interface-dlci 101 ! interface Serial0/0.2 point-to-point ip address 10.1.1.5 255.255.255.252 ip ospf hello-interval 30 frame-relay interface-dlci 102 ! router ospf 1 log-adjacency-changes network 1.1.1.1 0.0.0.0 area 1 network 10.1.1.0 0.0.0.3 area 0 network 10.1.1.4 0.0.0.3 area 0 RouterB ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Serial0/0 ip address 10.1.1.2 255.255.255.252 encapsulation frame-relay frame-relay map ip 10.1.1.1 110 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi no sh ! router ospf 1 log-adjacency-changes network 2.2.2.2 0.0.0.0 area 2 network 10.1.1.0 0.0.0.3 area 0 neighbor 10.1.1.1 ! RouterC interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Serial0/0 ip address 10.1.1.6 255.255.255.252 encapsulation frame-relay frame-relay map ip 10.1.1.5 120 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi no sh ! router ospf 1 log-adjacency-changes network 3.3.3.3 0.0.0.0 area 3 network 10.1.1.4 0.0.0.3 area 0 neighbor 10.1.1.5 [GroupStudy removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70297t=70025 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Are we getting naughty email in the group? [7:70298]
Hi, I am receiving some naughty email on my official email. I did not register any and wondering if other in the group are receiving the same type off email. I used this email to received only officials email and groupstudy only. Thanks Nuurul Basar Mohd Baki Network Engineer DDSe Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70298t=70298 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Number of routes and memory usage [7:70299]
Hello again friends, I want to thank Mr Jvd for his help, and I would like to post again my question, It is very surprising that we all have been working with routers for years but there is no answer for this question, I can evaluate the ammount of memory used in my router for every type of route, but I would like to learn from someone more skilled than me and test my results :) :) Hello folks, I have to evaluate the impact of adding almost 1000 routes in my network, and what I want to know is simple: How many memory do I need for every new router? Do you know a simle rule? What I want to know is the relationship between the number of routes and the memory consumption. I can evaluate know this by looking how many routes are in may routing table and the memory used, but I would appreciate any experience from you. Thanks group! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70299t=70299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS for 2500 series router. [7:70056]
Send me Email [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70300t=70056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Number of routes and memory usage [7:70299]
sounds like the perfect topic for a PhD research project. Assuming, of course, that number of routes is the only variable which effects sizing of memory Curious wrote in message news:[EMAIL PROTECTED] Hello again friends, I want to thank Mr Jvd for his help, and I would like to post again my question, It is very surprising that we all have been working with routers for years but there is no answer for this question, I can evaluate the ammount of memory used in my router for every type of route, but I would like to learn from someone more skilled than me and test my results :) :) Hello folks, I have to evaluate the impact of adding almost 1000 routes in my network, and what I want to know is simple: How many memory do I need for every new router? Do you know a simle rule? What I want to know is the relationship between the number of routes and the memory consumption. I can evaluate know this by looking how many routes are in may routing table and the memory used, but I would appreciate any experience from you. Thanks group! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70305t=70299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7505 problem, microcode? [7:70288]
Is this a new or existing configuration? Not every 75xx and 72xx module is backwards and forward compatible. I first began to notice this about 2 or 3 years ago when receiving our first VXR chassis and have since dealt with the microcode issue (old module syndrome) in 7500s as well. When this happens Cisco will generally posts the compatibility issues on the CCO, and offers some sort of trade up program (very little credit I might add). http://www.cisco.com/en/US/customer/products/hw/modules/ps2033/prod_bull etin09186a00800a3f83.html I have never seen microcode available for download (chipset thing I suspect), except for the old CiscoPro routers. **Don't stop looking and asking though, it's why we're all here... and all ears ;-) All the best! Phil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lamy Alexandre Sent: Friday, June 06, 2003 6:10 PM To: [EMAIL PROTECTED] Subject: 7505 problem, microcode? [7:70288] Is there a good Samaritan who can help me? I am looking for a microcode for my 7505 router. I have hundreds IOS images, but there is a microcode missing. I think that it is cip28.12.bin take a look at this problem: sho diagbus Slot 0: Physical slot 0, ~physical slot 0xF, logical slot 0, CBus 0 Microcode Status 0x4 Master Enable, LED, WCS Loaded Board is analyzed Pending I/O Status: None EEPROM format version 1 FEIP2 controller, HW rev 2.11, board revision E0 Serial number: 17934563 Part number: 73-1684-04 Test history: 0x00RMA number: 00-00-00 Flags: cisco 7000 board; 7500 compatible EEPROM contents (hex): 0x20: 01 20 02 0B 01 11 A8 E3 49 06 94 04 00 00 00 00 0x30: 70 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 Slot database information: Flags: 0x4 Insertion time: 0x2C68 (00:33:37 ago) Controller Memory Size: 32 MBytes DRAM, 2048 KBytes SRAM PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.04, Board revision B0 Serial number: 15811504 Part number: 73-2570-02 PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.04, Board revision B0 Serial number: 15810930 Part number: 73-2570-02 --Boot log begin-- Cisco Internetwork Operating System Software IOS (tm) VIP Software (SVIP-DW-M), Version 12.2(16), RELEASE SOFTWARE (fc3) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 06-Mar-03 23:12 by pwade Image text-base: 0x60010930, data-base: 0x603E --Boot log end-- Slot 1: Physical slot 1, ~physical slot 0xE, logical slot 1, CBus 0 Internal Instruction Error, Microcode Status 0x5 Master Enable, LED, WCS DBUS Cmd Enable, WCS Loading, WCS Loaded Board is disabled wedged Pending I/O Status: None EEPROM format version 1 VIP2 R5K controller, HW rev 2.03, board revision A0 Serial number: 18571089 Part number: 73-2167-06 Test history: 0x00RMA number: 00-00-00 Flags: cisco 7000 board; 7500 compatible EEPROM contents (hex): 0x20: 01 1E 02 03 01 1B 5F 51 49 08 77 06 00 00 00 00 0x30: 50 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 Slot database information: Flags: 0x291Insertion time: 0x2C68 (00:33:43 ago) VIP Controller Memory Size: Unknown 2 crashes since restart. Last crash context (*Jun 06 2003 06:01:07): $0 : , AT : , v0 : , v1 : a0 : , a1 : , a2 : , a3 : t0 : , t1 : , t2 : , t3 : t4 : , t5 : , t6 : , t7 : s0 : , s1 : , s2 : , s3 : s4 : , s5 : , s6 : , s7 : t8 : , t9 : , k0 : , k1 : gp : , sp : , s8 : , ra : EPC : , ErrorEPC : , SREG : Cause (Code 0x0): Interrupt exception --Boot log begin-- Cisco Internetwork Operating System Software IOS (tm) VIP Software (SVIP-DW-M), Version 12.2(16), RELEASE SOFTWARE (fc3) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 06-Mar-03 23:12 by pwade Image text-base: 0x60010930, data-base: 0x603E PA Bay 1 Upstream PCI-PCI Bridge, Handle=1 DEC21050 bridge chip, config=0x0 (0x00):dev, vendor id = 0x00011011 (0x04):status, command = 0x42800147 Signaled System Error on primary bus (0x08):class code, revid= 0x06040002 (0x0C):hdr, lat timer, cls = 0x0001 (0x18):sec lat,cls bus no =
Re: Insufficient memory to boot the image. [7:70223]
Either 1) You do not have enough memory (would be the obvious choice) 2) You have a corrupt IOS 3) You have a hardware problem Try troubleshooting each item one step at a time. Have you checked the software center on cisco to make sure you have enough memory for the IOS image you are tryign to load? Have you tried swapping out the memory? Have you tried re-installing the IOS? thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (cisco training) Rajesh Kumar wrote in message news:[EMAIL PROTECTED] Hello all, I see this message upon bootup on 85K router - System INIT - Insufficient memory to boot the image. I suspected the processor board and replaced with the known good one. But still it keeps coming. Any idea of what exactly is going on? Thanks, rajesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70295t=70223 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
The Road Goes Ever On wrote: n rf wrote in message news:[EMAIL PROTECTED] Well, there are still less than 10,000 CCIE's. So the population hasn't accelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the average quality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. I respectfully disagree. True, there are more cheaters out there, and more practice labs, and the like. OTOH, Cisco is turning over the tests more often, and the test I saw a couple of mopnths ago was every bit as difficult as the one I saw a couple of years ago. You just said it right there, though, Chuck. More cheaters and more practice labs. That makes the process ultimately easier. I would add other factors, like changing the test from 2 days to 1, but I think you catch my drift. The exam still seems to thrive on silliness ( build a six router network with every known routing protocol, and force any and all peering to occur through at least two redistribution points, while forbidding static routes, routes to null 0, and default networks, and by the way, all your /22's must be reachable in all of your classful protocol routers which are all /29's or /28's, and try to get anything to work with the bizarre combinations of physical interfaces and subinterfaces that we give you ) But IMHO the test is no easier today than it was three years ago, anyway. In fact, I think the case can be made that the test is more, not less relevant than it was for those with numbers in the 4000-6000 series, where there was still substantial emphasis on obsolete vendor proprietary protocols I think the test itself is probably of comparable difficulty. But I'm talking about the entire test 'environment' which ultimately makes things easier. Bootcamps, practice labs, and all that. Let me put it to you this way. Let's say that I set a competition where everybody who runs 100 meters in 10 seconds or less gets a prize. My first batch of runners runs without the benefit of nutritional or chemical supplements. My second batch of runners have available to them anabolic steroids, androstenedione (think Mark McGwire), creatine, blood-doping, and every other supplement in the world. Sure, the test itself (can you run 100 m in 10 seconds) is of equivalent difficulty, but surely you would agree that things are easier for the second group of runners? Practice labs and braindumps would be the chemical supplements of the CCIE world. Now, I'm not saying that there's anything wrong with bootcamps necessarily. But it does mean that Cisco needs to constantly raise the bar in order to keep the overall testing environment the same. For example, I should probably adjust the test difficult so that the second group has to run faster than the first group in order to win the prize, simply because the second group is chemically enhanced. just another opinion, worth hat you paid for it ;- Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number, would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not created equal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000 Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually, numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in
Re: RE: number of CCIE [7:70151]
garrett allen wrote: you make an a priori argument that lower is better. is a lower number cpa better than a higher numbered one? You got me wrong. I didn't say that lower is better at all times. Read my entire post again. I said that more rigorous equates to prestige. This is why I included my example of what would happen if Cisco decided to change the CCIE exam to become extremely rigorous - then eventually people would prize high-number CCIE's who passed the more rigorous version. The fact is, prestige follows rigor. If something is more rigorous, then it becomes rigorous and vice versa. This is why graduating from MIT is more prestigious than graduating from Podunk Community College. But the fact is, the CCIE on the whole has probably gotten more rigorous (i.e. chopping the test from 2 days to 1, eliminating the dedicated troubleshooting section, more bootcamps/braindumps, more cheating, etc. etc.) which is why it has become less prestigious. actually, probably the inverse is true as the more recent the certification the more recent the material covered. this is balanced against with age comes opportunities and experiences. Unfortunately, the free market disagrees with you. The fact is, a growing number of recruiters, headhunters, and HR people are starting to give preference to lower-number CCIE's. Go check out the groupstudy.jobs forum. Yet I have never heard of any recruiter giving preference to higher-number CCIE. It's always one-way, and that's my point. threads like this are like discussing the maximum number of angels dancing on the head of a pin. i vote we kill the thread before it spawn. later. - Original Message - From: n rf Date: Thursday, June 5, 2003 5:16 pm Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn'taccelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the averagequality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number,would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not createdequal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually,numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in rigor? Well, you alluded to several factors. While it is still rather controversial exactly how the switch from 2 days to 1 day impacted the program, it is widely conceded that it probably didn't help. Nor does having all these braindumps all over the Internet, and not just for the written, but the lab as well. The CCIE has certain arcane logistical rules that people have figured out how to 'game' - for example, for example, some people who live near test sites just attempt the lab every month over and over again. Finally, there is the consensusthat the CCIE program has simply not kept up with the growing amount of study material, bootcamps, lab-guides, and so forth. We all know there's an entire cottage industry devoted just to helping people to pass the lab, and while there's nothing wrong with that per se, it does
Remote VPN config cause PIX-PIX link hang!! [7:70293]
Hi.. Group. Me again, I solved my no traffic pass thru problem but PIX-PIX link hang problem still there. After I added my remote VPN client config in my PIX, my PIX-PIX link to HK and Tokyo will hang after 10 hours. Any one know what is the problem? Below are my sh crypto isakmp sa result in my LonPIX when it hang dstsrcstate pending created 103.103.103.130 200.117.50.125(remote) QM_IDLE 0 2 hkpix 103.103.103.130 QM_IDLE 0 0 tokpix 103.103.103.130 QM_IDLE 0 0 I recall Daniel question for me as shown below? Should I ask Tokyo and HK admin to to change transform-set from esp-des to esp-des esp-md5-hmac as well? Is that the cause?? 4) You mentioned that you changed your transform set in London. Did you also change it to match in Hong Kong and Tokyo? Lonpix crypto ipsec transform-set lonset esp-des esp-md5-hmac TokPIX/ HKPIX crypto ipsec transform-set newset esp-des LonPIX isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 isakmp policy 20 authentication pre-share isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 TokPIX/ HKPIX isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 Daniel Cotts wrote: 1) Can we assume that the client is fully authenticated? Your config looks good. There is a line crypto map lonmap client authentication RS that I don't understand. My guess is that authenticates remote users individually beyond the group password used between the Client and PIX. If there is any question, you could remove it temporarily for testing. 2) Is the Client installed on a PC that has a software firewall or the PC is behind a firewall? If so, check the settings there. 3) You are using VPN Client software 3.6 or thereabouts? 4) You mentioned that you changed your transform set in London. Did you also change it to match in Hong Kong and Tokyo? 5) use sh crypto isakmp sa and sh crypto ipsec sa to see what connections are up. HTH Let the list know when you are successful. -Original Message- From: Steven shinnick [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2003 9:23 PM To: Daniel Cotts; [EMAIL PROTECTED] Subject: RE: VPN client can connect but no traffic can pass [7:70084] Hey.. Daniel and Study Group I follow the instruction to assign different IP range for my IPPOOLS, 172.16.4.1-172.16.4.31. But I still can't ping and talk to my local LAN after get connected. Any idea what's wrong? Besides, I want to make clear that I accidentally delete - at the following line when I send to u. It was no-nat in my config not nonat nat (inside) 0 access-list no-nat Besides, I want to discussing about the PIX-PIX hang problem (not immediately) after I add in additional config for remote VPN client. I suspect it is caused by change the following line from crypto ipsec transform-set lonset esp-des to-- crypto ipsec transform-set lonset esp-des esp-md5-hmac without changing this my client can't get authenticated I have 2 isakmp policies , 10 was originally set for PIX-PIX to HK and Tokyo, and I add in 20 for Remote VPN connection. Any idea about my PIX-PIX hang problem with additional Remote VPN config? isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 isakmp policy 20 authentication pre-share isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 My New config is LONPIX# wr term Building configuration... : Saved : PIX Version 6.0 nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname LONPIX domain-name xxx.co.uk fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names name 70.7.75.150 HKpix name 20.2.25.150 tokpix access-list 111 permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list 112 permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-n! at permit ip 172.16.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 192.168.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 10.10.0.0 255.255.0.0 172.16.4.0 255.255.255.255.224
Re: Cisco cert [7:70233]
Dear all, I would like to add that as long as you are a CCIE its irrelevant becuase you are among the few who has that Internetworking Expert tag with you.Even though there are a lot of Boot camps lots of resources that are available for you to gain the knowledge to pass the most difficult certification.But it should also be remembered that its the person who has earned it has gone through the grind to get it.It takes atleast 6 months of dedicated preparation to atleast pass the Lab on the first attempt.I would like to ask one Question aren't most of the Network Engineers have an Engineering Degree as their Basic qualification does that mean that the value of the degree goes down??Even though u might be a CCIE# 2.Aren't you among the few of best knowledgble people in the networking Arena??And more over you also get paid for it +Job Gurantee. Please consider the above mentioned view points. -- Regards, Rajagopal. 95250-2463729/02502463729/912502463729. Lamy Alexandre wrote in message news:[EMAIL PROTECTED] You think that it is possible to have all certifications Cisco, and to be an expert on all technologies? Because I really wonder if that is worth the sorrow the CCIE in 2003, prestige is not there any more. Will too many resources, too much bootcamp, too many offers to become CCIE... that give what in 5 years? Perhaps it is interesting to have other certifications Cisco, which will have perhaps more recognition. In the sense that to be well recognized, several high level certifications would be perhaps better. Because CCIE RS, the answers of the written exam are not hard to find. Testking, Troytech, CorrectExam, RealQuestions, lot of braindump etc... just them to retain and you have the written exam. On the other hand, it is harder to find the answers for other certifications (CCIE Security, SNA, CCIP etc...) By having all certifications, perhaps one will be a truth gourou networker.. If this possible... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70262t=70233 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Are we getting naughty email in the group? [7:70298]
Nuurul Basar wrote in message news:[EMAIL PROTECTED] Hi, I am receiving some naughty email on my official email. I did not register any and wondering if other in the group are receiving the same type off email. I used this email to received only officials email and groupstudy only. I stopped using my real e-mail address on Groupstudy well over a year ago - maybe even two years ago. Since that time I have received two spams on the Groupstudy address, both of which were certification study related. So I can say with confidence that Groupstudy is not likely the source of your spam problem. On the other hand, my real e-mail address is now being flooded with spam of all sorts. I strongly suspect that happened for two reasons - using it to buy something from e-bay stores and foolishly using it as my contact e-mail when I registered my domain. if you are using your company e-mail address for anyting other than internal company business, such as buying from an on-line store, you may have opened yourself up. I regularly receive spams from persons offering to sell me hundreds of thousands of proven valid e-mail addresses.Once you are on one of thoses lists, your only recourse is to change e-mail addresses. Thanks Nuurul Basar Mohd Baki Network Engineer DDSe Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70306t=70298 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN client can connect but no traffic can pass [7:70084]
Hi.. Daniel and Group.. Thanks a millions..!! I SOLVED the issue. It was bcoz I installed Two different VPN clients in my PC. 1)VPN Systems VPN client 3.6.4 2)Cisco Secure VPN client (Safenet). I uninstall both and reinstalled # 1 only. I can connect to LAN now. I have some extra questions 1) how many remote VPN connections can connect to the PIX515 at the same time? 2) Can I assign the same local LAN IP range for VPN client IPPOOLS? Thanks Daniel Cotts wrote: 1) Can we assume that the client is fully authenticated? Your config looks good. There is a line crypto map lonmap client authentication RS that I don't understand. My guess is that authenticates remote users individually beyond the group password used between the Client and PIX. If there is any question, you could remove it temporarily for testing. 2) Is the Client installed on a PC that has a software firewall or the PC is behind a firewall? If so, check the settings there. 3) You are using VPN Client software 3.6 or thereabouts? 4) You mentioned that you changed your transform set in London. Did you also change it to match in Hong Kong and Tokyo? 5) use sh crypto isakmp sa and sh crypto ipsec sa to see what connections are up. HTH Let the list know when you are successful. -Original Message- From: Steven shinnick [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2003 9:23 PM To: Daniel Cotts; [EMAIL PROTECTED] Subject: RE: VPN client can connect but no traffic can pass [7:70084] Hey.. Daniel and Study Group I follow the instruction to assign different IP range for my IPPOOLS, 172.16.4.1-172.16.4.31. But I still can't ping and talk to my local LAN after get connected. Any idea what's wrong? Besides, I want to make clear that I accidentally delete - at the following line when I send to u. It was no-nat in my config not nonat nat (inside) 0 access-list no-nat Besides, I want to discussing about the PIX-PIX hang problem (not immediately) after I add in additional config for remote VPN client. I suspect it is caused by change the following line from crypto ipsec transform-set lonset esp-des to-- crypto ipsec transform-set lonset esp-des esp-md5-hmac without changing this my client can't get authenticated I have 2 isakmp policies , 10 was originally set for PIX-PIX to HK and Tokyo, and I add in 20 for Remote VPN connection. Any idea about my PIX-PIX hang problem with additional Remote VPN config? isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 isakmp policy 20 authentication pre-share isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 My New config is LONPIX# wr term Building configuration... : Saved : PIX Version 6.0 nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname LONPIX domain-name xxx.co.uk fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names name 70.7.75.150 HKpix name 20.2.25.150 tokpix access-list 111 permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list 112 permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-n! at permit ip 172.16.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 192.168.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 10.10.0.0 255.255.0.0 172.16.4.0 255.255.255.255.224 no pager logging on logging buffered errors logging trap errors logging history errors logging facility 18 logging host inside 172.16.3.101 no logging message 400010 interface ethernet0 100basetx interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 103.103.130.130 255.255.255.240 ip address inside 172.16.3.254 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool IPPOOLS 172.16.4.1-172.16.4.31 pdm history enable arp timeout 14400 global (outside) 1 103.103.103.131 nat (inside) 0 access-list no-nat nat (inside) 1 172.16.3.0 255.255.255.0 0 0 conduit permit icmp any any route outside 0.0.0.0 0.0.0.0 103.103.103.129 ! 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local aaa-server RS protocol radius aaa-server RS (inside) host 172.16.3.101 RSKEY timeout 5 aaa authentication ssh console LOCAL no snmp-server location
Re: Cisco 3550 smi switch [7:70072]
Oh, BTW, if you erase the flash completely, and reload the switch, it very nicely takes a new image via serial xmodem (even at 9.6kpbs)...we figured this one out last week. Oh fun. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (cisco training) The Road Goes Ever On wrote in message news:[EMAIL PROTECTED] Brad Ellis wrote in message news:[EMAIL PROTECTED] Technically, all you need is the emi image, and tftp it to the switch. Keep in mind, that the 3550 will not erase the flash before xfer'ing the file over, so you'll need to take that into consideration and either erase the current flash, or config it to boot off the new image (otherwise it will still use the SMI image even though the EMI image is on there as well). This is one case where it is absolutely essential to RTFM, and understand it, prior to attmpting an upgrade. And it's not like the FM is particularly clear, with several excellent examples. But you are correct that copy tftp flash is not the way to go. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (cisco training) wrote in message news:[EMAIL PROTECTED] Hi group, I just got a cisco 3550 smi switch, could someone let me know how to upgrade the switch to emi ? Thank you very much... Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70245t=70072 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Man, I never see a job post specify that certain CCIE number is prefer. Why did you even bother to ask this question in the beginning, if you think the value of CCIE title has drop. I think is fair to say, after you finished it than you will know what it take. Please take the CCIE lab exam before you make any common on this subject. Of course the # mean a lot but the learning process was even more important. In fact, one consultant company just hires two new CCIE recently with 140K salaries per year. They both study at the same school that I went. This studygroup is a very valuable resource to us and everybody is working really hard to his or her dream. I will suggest that if you are scare about the increasing number of CCIE, please leave and seeking another valuable certification for yourself. Just my 2-cent. - Original Message - From: n rf To: Sent: Thursday, June 05, 2003 5:16 PM Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn't accelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the average quality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number, would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not created equal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000 Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually, numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in rigor? Well, you alluded to several factors. While it is still rather controversial exactly how the switch from 2 days to 1 day impacted the program, it is widely conceded that it probably didn't help. Nor does having all these braindumps all over the Internet, and not just for the written, but the lab as well. The CCIE has certain arcane logistical rules that people have figured out how to 'game' - for example, for example, some people who live near test sites just attempt the lab every month over and over again. Finally, there is the consensus that the CCIE program has simply not kept up with the growing amount of study material, bootcamps, lab-guides, and so forth. We all know there's an entire cottage industry devoted just to helping people to pass the lab, and while there's nothing wrong with that per se, it does mean that Cisco needs to keep pace to maintain test rigor. To offer a parallel situation, when the MCSE bootcamps started to proliferate, the value of the MCSE plummeted because Microsoft did not properly maintain the rigor of the cert. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70239t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
Fernando Saldana del C wrote: Dear n fr, Which CCIE number are you ? What does it matter what my CCIE number is? How does that affect the validity of my statements? Either what Im saying is either true or it isnt, who I am has nothing to do with anything. Why cant people debate just on the merits of the argument? Are you trying to devalue more the networking jobs? As if I really had that kind of power over the market. I am just one person. If networking jobs are being devalued, it is because the free market has decided that it be so. The free market is composed of numerous economic entities. It would be the height of arrogance to think that I, as one person, could by myself manipulate the entire market merely with my words. If I really had that kind of power of persuasion, then I have a stellar career as a politician or a motivational speaker ahead of me, and I certainly wouldnt be wasting my time here. I think what people are really afraid of is that I am not acting alone that what Im saying is actually a growing consensus within the market. Think about it who really cares if I alone think one way if everybody else thinks the opposite? If such were the case, then my concerns could be easily dismissed. The real problem is that I am not alone that I am saying what the free market (which is comprised of numerous economic entites) is saying, which is that high-number CCIEs are on the whole treated with more skepticism than low-number CCIEs. Please be realistic you cannot compare a Software company with a Networking company. I am being entirely realistic. The fact is, in the history of IT certification, every single one ultimately declines in value. Happened with the CNE, happened with the MCSE, and is happening now with the CCIE. I looks like you are saying that the world will return to the stone age and communicate by messengers that will run log distance to take the information to the main site. Uh, interesting non-sequitur. When did I ever say anything like that? What I said is that on the whole, the CCIE program has gotten easier with time due to the proliferatio of bootcamps, braindumps, and other such supporting infrastructure. Therefore, anybody who has passed the CCIE lately has undergone a less rigorous test than those who passed the exam in the old days. Try to respect the networking field and rise its level. And how does anything I've said imply a lack of respect? Thank you Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70301t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 3550 smi switch [7:70072]
Brad Ellis wrote in message news:[EMAIL PROTECTED] Technically, all you need is the emi image, and tftp it to the switch. Keep in mind, that the 3550 will not erase the flash before xfer'ing the file over, so you'll need to take that into consideration and either erase the current flash, or config it to boot off the new image (otherwise it will still use the SMI image even though the EMI image is on there as well). This is one case where it is absolutely essential to RTFM, and understand it, prior to attmpting an upgrade. And it's not like the FM is particularly clear, with several excellent examples. But you are correct that copy tftp flash is not the way to go. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (cisco training) wrote in message news:[EMAIL PROTECTED] Hi group, I just got a cisco 3550 smi switch, could someone let me know how to upgrade the switch to emi ? Thank you very much... Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70296t=70072 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Sigh. I knew this was going to happen. Gentlemen, this is why I posted such a long response, because I wanted you all to be honest with yourselves. I could have just said what I had to say straight-up, without any explanation, but I felt (and obviously with a lot of justification) that I needed to do a lot of explaining. Just ask yourself the question - if you had a high-number, would you want to trade it for a lower number? You know in your heart what you want, even if you don't want to admit it on this board. Answer the question and be perfectly honest with yourself. Somebody asked whether employers are asking for lower numbers. You're damn right they are. Several recruiters, headhunters, and HR people have stated that they give preference lower-number CCIE's. In fact, you may have seen this several times on the groupstudy.jobs ng. Yet I have never ever seen a recruiter saying that he gives preference a higher-number CCIE. Why is that? Why is it only one-way? I tend not to believe in coincidences - when there's smoke, there's probably fire. Somebody also asked what number CCIE I am. Well, what exactly does that have to do with anything? Because I may or may not be a low-number CCIE, that somehow affects the truth of my arguments? Either they're true or they're not. Who I am has nothing to do with it. Why the ad-hominem attacks? Why can't people debate things simply on the merits of the argument, rather than calling into question people's motives? Hell, if you want to go down the road of ad-hominem attacks, I could just as easily say that all my detractors are or will be high-number CCIE's and so therefore all their arguments should be ignored because their motives are also questionable. But I don't do that. And when did I ever compare networking to a software company? Seems like a complete non-sequitur to me. About me 'devaluing' networking - how could I really doing that? Are you saying it's my fault that networking is devalued? Seriously. I am only 1 person. How could 1 person acting alone devalue networking in any measurable way? If I really had the power to manipulate entire markets like that, I'd be a multimillionaire and I certainly wouldn't be hanging out here on this ng. I think the real fear that people have is that I am not alone - that I really am telling the truth. If networking has been devalued, it is because the free market has decided that it should be devalued, and what is the free market but many individual entities all acting in their own self-interest? Therefore if networking has been devalued, it is because many people have decided that it be so. Not just me alone. About the cpa argument - I would argue that whenever the cpa test happened to be more difficult, then it would be more prestigious. Whenever anything is more difficult, it becomes more prestigious. Is that particularly shocking? Why is a degree from MIT more prestigious than a degree from Podunk Community College? Simple - graduating from MIT is harder than graduating from PCC. I even stated that if the CCIE all of a sudden got very very difficult starting today, then anybody who passed starting today would earn more prestige. Simply put - prestige follows rigor. And Chuck, you said it yourself - True, there are more cheaters out there, and more practice labs, and the like... - and those kinds of things are exactly what I'm talking about. Bottom line - the CCIE is not as hard to attain today as it was in the past, whether because of cheating or more practice materials, or whatever. You also said that the test is just as difficult today as it was in the past. But it's not just the test that I'm talking about, but rather the entire CCIE procedure that I'm talking about. The tests themselves may be of equivalent difficulty, but if there are more bootcamps and whatnot today, then ultimately that means that the CCIE procedure of today is easier. Sure test A and test B might be equal in difficulty, but if people are more bootcamp-ed to take test B, then ultimately passing test B is easier. Again, I don't think bootcamps are necessarily wrong, but it does mean that if you want to maintain the same level of difficulty, you have to compensate for the bootcamps by making test B even harder than test A. Otherwise, you end up with a situation where people who passed test A were good, but people who passed test B may not be quite as good, but had the benefit of bootcamps. Or let me put it to you another way. Surely you would agree that companies like Princeton Review and Kaplan make the SAT's easier. The SAT's fight back by using relative scoring - where your scores are calculated not absolutely, but relative to your peers, according to percentiles. (Incidentally, I think relative scoring is something the CCIE program could use, but I digress). But if ETS (the administrators of the SAT) were to use absolute scoring, then surely you would agree that a score of 1500
Re: VPN client can connect but no traffic can pass [7:70084]
Hey David and Group I have done as what you had asked me to change but no luck. Still no traffic can pass thru although it can connect. My new config is at the end of the mail. Anyone have idea why?? I really feel strange, as my username and password can be authenticated by my W2K radius server but why no traffic can pass to LAN after get connected? I saw the traffic statistic of VPN client increase but I can't connect to any thing on the LAN. Why? P/s: why you suggest to change from crypto map from 30 to 35 ? David Tran II wrote: After looking at your configuration, you need to do this: change from: crypto map lonmap 30 ipsec-isakmp dynamic outside_dyn change to: crypto map lonmap 35 ipsec-isakmp dynamic outside_dyn and add in this line: crypto map lonmap client configuration address respond crypto map lonmap client authentication RS (I think you already have this line) It looks to me like you are using xtended authentication, it is a good idea to upgrade your code from 6.0.x to at least 6.2(2) or better yet, 6.3(1). I know for a fact that the configuration above works for version 6.2(2) or higher. 6.3(1) supports NAT traversal. My New config is LONPIX# wr term Building configuration... : Saved : PIX Version 6.2 nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname LONPIX domain-name xxx.co.uk fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names name 70.7.75.150 HKpix name 20.2.25.150 tokpix access-list 111 permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list 112 permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 192.168.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 10.10.0.0 255.255.0.0 172.16.4.0 255.255.255.255.224 no pager logging on logging buffered errors logging trap errors logging history errors logging facility 18 logging host inside 172.16.3.101 no logging message 400010 interface ethernet0 100basetx interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 103.103.130.130 255.255.255.240 ip address inside 172.16.3.254 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool IPPOOLS 172.16.4.1-172.16.4.31 pdm history enable arp timeout 14400 global (outside) 1 103.103.103.131 nat (inside) 0 access-list no-nat nat (inside) 1 172.16.3.0 255.255.255.0 0 0 conduit permit icmp any any route outside 0.0.0.0 0.0.0.0 103.103.103.129 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local aaa-server RS protocol radius aaa-server RS (inside) host 172.16.3.101 RSKEY timeout 5 aaa authentication ssh console LOCAL no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec no sysopt route dnat crypto ipsec transform-set lonset esp-des esp-md5-hmac crypto dynamic-map outside_dyn 30 set transform-set lonset crypto map lonmap 10 ipsec-isakmp crypto map lonmap 10 match address 111 crypto map lonmap 10 set peer hkpix crypto map lonmap 10 set transform-set lonset crypto map lonmap 20 ipsec-isakmp crypto map lonmap 20 match address 112 crypto map lonmap 20 set peer tokpix crypto map lonmap 20 set transform-set lonset crypto map lonmap 35 ipsec-isakmp dynamic outside_dyn crypto map lonmap interface outside crypto map lonmap client configuration address respond crypto map lonmap client authentication RS isakmp enable outside isakmp key address hkpix netmask 255.255.255.255 isakmp key address tokpix netmask 255.255.255.255 isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 isakmp policy 20 authentication pre-share isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 vpngroup GROUP address-pool IPPOOLS vpngroup GROUP dns-server 172.16.3.101 vpngroup GROUP wins-server 172.16.3.101 vpngroup GROUP default-domain company.com vpngroup GROUP idle-time 1000 vpngroup GROUP password telnet
RE: VPN client can connect but no traffic can pass [7:70084]
1) Can we assume that the client is fully authenticated? Your config looks good. There is a line crypto map lonmap client authentication RS that I don't understand. My guess is that authenticates remote users individually beyond the group password used between the Client and PIX. If there is any question, you could remove it temporarily for testing. 2) Is the Client installed on a PC that has a software firewall or the PC is behind a firewall? If so, check the settings there. 3) You are using VPN Client software 3.6 or thereabouts? 4) You mentioned that you changed your transform set in London. Did you also change it to match in Hong Kong and Tokyo? 5) use sh crypto isakmp sa and sh crypto ipsec sa to see what connections are up. HTH Let the list know when you are successful. -Original Message- From: Steven shinnick [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2003 9:23 PM To: Daniel Cotts; [EMAIL PROTECTED] Subject: RE: VPN client can connect but no traffic can pass [7:70084] Hey.. Daniel and Study Group I follow the instruction to assign different IP range for my IPPOOLS, 172.16.4.1-172.16.4.31. But I still can't ping and talk to my local LAN after get connected. Any idea what's wrong? Besides, I want to make clear that I accidentally delete - at the following line when I send to u. It was no-nat in my config not nonat nat (inside) 0 access-list no-nat Besides, I want to discussing about the PIX-PIX hang problem (not immediately) after I add in additional config for remote VPN client. I suspect it is caused by change the following line from crypto ipsec transform-set lonset esp-des to-- crypto ipsec transform-set lonset esp-des esp-md5-hmac without changing this my client can't get authenticated I have 2 isakmp policies , 10 was originally set for PIX-PIX to HK and Tokyo, and I add in 20 for Remote VPN connection. Any idea about my PIX-PIX hang problem with additional Remote VPN config? isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash sha isakmp policy 10 group 1 isakmp policy 10 lifetime 86400 isakmp policy 20 authentication pre-share isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 86400 My New config is LONPIX# wr term Building configuration... : Saved : PIX Version 6.0 nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname LONPIX domain-name xxx.co.uk fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names name 70.7.75.150 HKpix name 20.2.25.150 tokpix access-list 111 permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list 112 permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 192.168.3.0 255.255.255.0 access-list no-nat permit ip 172.16.3.0 255.255.255.0 10.10.0.0 255.255.0.0 access-list no-n! at permit ip 172.16.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 192.168.3.0 255.255.255.0 172.16.4.0 255.255.255.224 access-list no-nat permit ip 10.10.0.0 255.255.0.0 172.16.4.0 255.255.255.255.224 no pager logging on logging buffered errors logging trap errors logging history errors logging facility 18 logging host inside 172.16.3.101 no logging message 400010 interface ethernet0 100basetx interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 103.103.130.130 255.255.255.240 ip address inside 172.16.3.254 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool IPPOOLS 172.16.4.1-172.16.4.31 pdm history enable arp timeout 14400 global (outside) 1 103.103.103.131 nat (inside) 0 access-list no-nat nat (inside) 1 172.16.3.0 255.255.255.0 0 0 conduit permit icmp any any route outside 0.0.0.0 0.0.0.0 103.103.103.129 ! 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local aaa-server RS protocol radius aaa-server RS (inside) host 172.16.3.101 RSKEY timeout 5 aaa authentication ssh console LOCAL no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec no sysopt route dnat crypto ipsec transform-set lonset esp-des esp-md5-hmac crypto dynamic-map outside_dyn 30 set transform-set lonset crypto map lonmap 10 ipsec-isakmp crypto map lonmap 10 match address 111 crypto map lonmap 10 set peer hkpix crypto map lonmap 10 set transform-set lonset crypto map lonmap 20 ipsec-isakmp crypto map lonmap 20
RE: number of CCIE [7:70151]
I commend people to remember the tale of the Emperor's New Clothes here. It utterly confounds me that people are focusing on the CCIE number as the discriminator for a hiring decision, lower being better. Lower means that one obtained the certification earlier. Presumably, since the number was obtained, the individual has been working. This can mean that the lower-numbered candidate can present a solid track record of CCIE-level work experience to an employer, while the higher-numbered candidate simply may not have the experience. I've never regarded certification, in any field, as more than an entry point. Let's put it this way -- when I had to have open-heart surgery, I could have chosen among several board-certified surgeons. The most important factors, however, were how many procedures they had done, and, even more importantly, how frequently they do them. Surgical statistics show, without question, that part-time cardiac surgeons and their teams do not have the good results of someone that does such procedures constantly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70307t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Anyone use the older Cisco Cache 2050 Cache engines? [7:70308]
Called Cisco and they do not have the upgrade anymore, to enable Wccp v2. I have v1.7.5 and I need v1.7.6 . It's not even on their software download site any longer. Anyone have 1.7.6 lying around? TIA Scotty Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70308t=70308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: religious wars [7:70274]
Since when is FreeBSD a flavor of Linux??? Would you say Solaris is a flavor of Linux as well??? All *nix's are not the same. Black Jack wrote in message news:[EMAIL PROTECTED] Old timers will remember Mac vs DOS/Windows. Or UNIX vs DOS. Or Beta vs VHS. More recent is Linux vs FreeBSD, or one flavor of Linux distribution vs another. (See http://ars.userfriendly.org/cartoons/?id=19990301 for example. By the way, if you are not familiar with www.userfriendly.org, you gotta check it out. Funniest geek-oriented comic strip this side of dilbert) Anyway, try asking network types what their favorite TFTP server is... then step back! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70310t=70274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: religious wars [7:70274]
That's for sure. Linus wrote his first code in 1991. FreeBSD was beginning in 1993. OpenBSD is my personal fave. -Original Message- From: Sam Sneed [mailto:[EMAIL PROTECTED] Sent: Saturday, June 07, 2003 3:34 PM To: [EMAIL PROTECTED] Since when is FreeBSD a flavor of Linux??? Would you say Solaris is a flavor of Linux as well??? All *nix's are not the same. Black Jack wrote in message news:[EMAIL PROTECTED] Old timers will remember Mac vs DOS/Windows. Or UNIX vs DOS. Or Beta vs VHS. More recent is Linux vs FreeBSD, or one flavor of Linux distribution vs another. (See http://ars.userfriendly.org/cartoons/?id=19990301 for example. By the way, if you are not familiar with www.userfriendly.org, you gotta check it out. Funniest geek-oriented comic strip this side of dilbert) Anyway, try asking network types what their favorite TFTP server is... then step back! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70320t=70274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: religious wars [7:70274]
At 7:33 PM + 6/7/03, Sam Sneed wrote: Since when is FreeBSD a flavor of Linux??? Would you say Solaris is a flavor of Linux as well??? All *nix's are not the same. In other words, we don't just have wars between major religions; it goes down to the level of denomination and schism, to say nothing of legitimacy. Shades of Popes and Anti-Popes... Someone from Avignon really should post in this thread. :-) Black Jack wrote in message news:[EMAIL PROTECTED] Old timers will remember Mac vs DOS/Windows. Or UNIX vs DOS. Or Beta vs VHS. More recent is Linux vs FreeBSD, or one flavor of Linux distribution vs another. (See http://ars.userfriendly.org/cartoons/?id=19990301 for example. By the way, if you are not familiar with www.userfriendly.org, you gotta check it out. Funniest geek-oriented comic strip this side of dilbert) Anyway, try asking network types what their favorite TFTP server is... then step back! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70321t=70274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Number of routes and memory usage [7:70299]
At 3:48 PM + 6/7/03, The Road Goes Ever On wrote: sounds like the perfect topic for a PhD research project. Assuming, of course, that number of routes is the only variable which effects sizing of memory Curious wrote in message news:[EMAIL PROTECTED] Hello again friends, I want to thank Mr Jvd for his help, and I would like to post again my question, It is very surprising that we all have been working with routers for years but there is no answer for this question, I can evaluate the ammount of memory used in my router for every type of route, but I would like to learn from someone more skilled than me and test my results :) :) Hello folks, I have to evaluate the impact of adding almost 1000 routes in my network, and what I want to know is simple: How many memory do I need for every new router? Do you know a simle rule? What I want to know is the relationship between the number of routes and the memory consumption. I can evaluate know this by looking how many routes are in may routing table and the memory used, but I would appreciate any experience from you. Thanks group! To start out with, the amount of memory is going to depend on the routing protocol(s) in use. But before going farther, be aware that the impact of adding routes impacts more than memory. It will have effects on route processor load, and thus potentially on other functions using that processor. In certain processing architectures, such as the 7000 with silicon or autonomous switching, it can have significant effects on the cache. Purely for memory, you will need 1-2 small buffers per route in the routing table. OSPF, EIGRP, and ISIS all keep databases, which will vary as to the amount of storage needed. Roughly, an LSA takes 300-400 bytes. EIGRP topology tables will be on the order of the size of the routing table each neighbor. In a router with fast switching, you'll also need at least one buffer per cached route. Of course, when you get into the distributed switching modes, there will be VIP memory consumption as well as main processor. BGP will become even more complex because you can have multiple views of the loc-RIB. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70319t=70299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
I was finally going to weigh into this, but Howard has said pretty much what I was going to say (excluding the part about having had heart surgery!). Thanks. Jamie Johnson -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Howard C. Berkowitz Sent: Saturday, June 07, 2003 11:36 AM To: [EMAIL PROTECTED] Subject: RE: number of CCIE [7:70151] I commend people to remember the tale of the Emperor's New Clothes here. It utterly confounds me that people are focusing on the CCIE number as the discriminator for a hiring decision, lower being better. Lower means that one obtained the certification earlier. Presumably, since the number was obtained, the individual has been working. This can mean that the lower-numbered candidate can present a solid track record of CCIE-level work experience to an employer, while the higher-numbered candidate simply may not have the experience. I've never regarded certification, in any field, as more than an entry point. Let's put it this way -- when I had to have open-heart surgery, I could have chosen among several board-certified surgeons. The most important factors, however, were how many procedures they had done, and, even more importantly, how frequently they do them. Surgical statistics show, without question, that part-time cardiac surgeons and their teams do not have the good results of someone that does such procedures constantly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70318t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: religious wars [7:70274]
Howard C. Berkowitz wrote in message news:[EMAIL PROTECTED] At 7:33 PM + 6/7/03, Sam Sneed wrote: Since when is FreeBSD a flavor of Linux??? Would you say Solaris is a flavor of Linux as well??? All *nix's are not the same. In other words, we don't just have wars between major religions; it goes down to the level of denomination and schism, to say nothing of legitimacy. Shades of Popes and Anti-Popes... Someone from Avignon really should post in this thread. :-) Preferably somebody named Boniface? Black Jack wrote in message news:[EMAIL PROTECTED] Old timers will remember Mac vs DOS/Windows. Or UNIX vs DOS. Or Beta vs VHS. More recent is Linux vs FreeBSD, or one flavor of Linux distribution vs another. (See http://ars.userfriendly.org/cartoons/?id=19990301 for example. By the way, if you are not familiar with www.userfriendly.org, you gotta check it out. Funniest geek-oriented comic strip this side of dilbert) Anyway, try asking network types what their favorite TFTP server is... then step back! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70322t=70274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7505 problem, microcode? [7:70288]
The proper microcode should be included with each release of IOS. In very special circumstances a special microcode release may be needed to fix a specific bug. TAC would provide that to you via a special download. So my guess is that if your IOS doesn't have the required microcode then it is not the correct version to support the PA in that VIP2 card. 1) What is in slot1? 2) Has it ever worked? In this router or another? -Original Message- From: Lamy Alexandre [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2003 5:10 PM To: [EMAIL PROTECTED] Subject: 7505 problem, microcode? [7:70288] Is there a good Samaritan who can help me? I am looking for a microcode for my 7505 router. I have hundreds IOS images, but there is a microcode missing. I think that it is cip28.12.bin take a look at this problem: sho diagbus Slot 0: Physical slot 0, ~physical slot 0xF, logical slot 0, CBus 0 Microcode Status 0x4 Master Enable, LED, WCS Loaded Board is analyzed Pending I/O Status: None EEPROM format version 1 FEIP2 controller, HW rev 2.11, board revision E0 Serial number: 17934563 Part number: 73-1684-04 Test history: 0x00RMA number: 00-00-00 Flags: cisco 7000 board; 7500 compatible EEPROM contents (hex): 0x20: 01 20 02 0B 01 11 A8 E3 49 06 94 04 00 00 00 00 0x30: 70 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 Slot database information: Flags: 0x4 Insertion time: 0x2C68 (00:33:37 ago) Controller Memory Size: 32 MBytes DRAM, 2048 KBytes SRAM PA Bay 0 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.04, Board revision B0 Serial number: 15811504 Part number: 73-2570-02 PA Bay 1 Information: Fast-Ethernet PA, 1 ports, 100BaseTX-ISL EEPROM format version 1 HW rev 1.04, Board revision B0 Serial number: 15810930 Part number: 73-2570-02 --Boot log begin-- Cisco Internetwork Operating System Software IOS (tm) VIP Software (SVIP-DW-M), Version 12.2(16), RELEASE SOFTWARE (fc3) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 06-Mar-03 23:12 by pwade Image text-base: 0x60010930, data-base: 0x603E --Boot log end-- Slot 1: Physical slot 1, ~physical slot 0xE, logical slot 1, CBus 0 Internal Instruction Error, Microcode Status 0x5 Master Enable, LED, WCS DBUS Cmd Enable, WCS Loading, WCS Loaded Board is disabled wedged Pending I/O Status: None EEPROM format version 1 VIP2 R5K controller, HW rev 2.03, board revision A0 Serial number: 18571089 Part number: 73-2167-06 Test history: 0x00RMA number: 00-00-00 Flags: cisco 7000 board; 7500 compatible EEPROM contents (hex): 0x20: 01 1E 02 03 01 1B 5F 51 49 08 77 06 00 00 00 00 0x30: 50 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 Slot database information: Flags: 0x291Insertion time: 0x2C68 (00:33:43 ago) VIP Controller Memory Size: Unknown 2 crashes since restart. Last crash context (*Jun 06 2003 06:01:07): $0 : , AT : , v0 : , v1 : a0 : , a1 : , a2 : , a3 : t0 : , t1 : , t2 : , t3 : t4 : , t5 : , t6 : , t7 : s0 : , s1 : , s2 : , s3 : s4 : , s5 : , s6 : , s7 : t8 : , t9 : , k0 : , k1 : gp : , sp : , s8 : , ra : EPC : , ErrorEPC : , SREG : Cause (Code 0x0): Interrupt exception --Boot log begin-- Cisco Internetwork Operating System Software IOS (tm) VIP Software (SVIP-DW-M), Version 12.2(16), RELEASE SOFTWARE (fc3) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 06-Mar-03 23:12 by pwade Image text-base: 0x60010930, data-base: 0x603E PA Bay 1 Upstream PCI-PCI Bridge, Handle=1 DEC21050 bridge chip, config=0x0 (0x00):dev, vendor id = 0x00011011 (0x04):status, command = 0x42800147 Signaled System Error on primary bus (0x08):class code, revid= 0x06040002 (0x0C):hdr, lat timer, cls = 0x0001 (0x18):sec lat,cls bus no = 0x00020200 (0x1C):sec status, io base = 0x0380F0A0 Data Parity Detected on secondary bus (0x20):mem base limit = 0x03F00200 (0x24):prefetch membase/lim = 0xFE00 (0x3C):bridge ctrl = 0x0003 (0x40):arb/serr,
RE: number of CCIE [7:70151]
Here's a question for those recruiters, headhunters and HR People- Out of CCIE 1025-, how many of them do you think are still actively with the program, still working in the industry, still are at the top of their game (i.e., could go back in and take the OLD LAB again), and are the Crhme of the crop that they have so valued them as??!?!?! There are reasons of human physiology and psychology that proves that the old saying is true... If you don't keep practicing a skill or knowledge through repetition, you simply will loose your edge. My hat is off to CCIE #1058 if he can still complete the OLD LAB blind folded and run circles around CCIE #10,269 in regards to the complex multi-protocol setup of DECNet, IPX, SNA, IP (w/ BGP, OSPF, EIGRP), and AppleTalk for a 8-10+ router network that was the result of 2 or more multi-hundred-thousand-node companies merging. But I must insert my own pessimism that I seriously doubt this is the case. This could be for any number of reasons, but I'm sure the number one reason is that it was too time-consuming and expensive to maintain such prestige. Not to mention, they probably got laid off for one reason or another in the past 3-5 years. Headhunters and Recruiters are more arrogant than those CCIE's that have been minted in the past 24 months. And they've been that way for at least the last decade. An engineer with Blah-blah-blah certifications is nothing but a potential for them making a huge commission for hooking up that engineer with the employer. And because of this arrogance, they have these BS ideals that CCIE# 6328 is truly expert, and CCIE #10524 doesn't deserve the respect of knowing much more than how to power on a piece of Cisco equipment. To put in your analogy format, that's like saying the M.D. that got his PHD 20 years ago, but got bored with continually going back to those medical conferences and continued education on advances in medical science is more preferential than the Doctor that has been practicing medicine for only the past 3 years. I bet is that the older Doc is going to continue performing tried and true procedures that have a greater risk of failure or permanent damage of some sort (could be scars, amputated limb, etc.) than the younger Doc that is current with procedures that result in more favorable outcomes for the same medical situations. NRF- You've said yourself in the past that Cisco has changed the CCIE program for financial reasons, be it for increased revenue or wiser financial efficiency in maintaining the equipment, facilities, etc. What about simple relevance? True, not as many routing protocol technologies are being tested on... but they make up for that by testing on new technologies such as Voice, Security, etc. So, because Cisco tests on new technologies, that makes it acceptable for the market and all those Headhunters, Recruiters, and HR folks to deem the CCIE not as valuable as it once was?!? They obviously have a jaded/ill-informed point of reference in comparing the old with the new. Out of curiosity, just exactly what are the names of all these brain-dump groups/sites that make the CCIE LAB a cake-walk?!? If they are so common knowledge, I have a hard time believing that Cisco would allow them to continue operating. I'm sure Mr. Chambers is intelligent enough to look ahead and realize he would be preempting the demise of his own company if his company perpetuated the cycle of braindump-prepared CCIEs will equal less positive reputation for support and value of the products themselves. Or in more simplistic terms, surely he's smart enough to foresee the cause-and-effect scenario of allowing hundreds of CCIE's to be minted per month. If the economy is so dismal for a majority (read 70%+) of the country, especially the IT industry, just exactly how are all these New CCIE's affording to pay for braindump memberships, Bootcamps, rack rentals and/or personal lab purchases to prepare for the O-so-easy CCIE LAB?!?! I guess my point is, I must be continuing to perpetuate myself in this little naove bubble that makes me have a hard time believing/accepting the CCIE program is being overran in record time with wannabe CCIE's that just simply bought their certification rather than earning it. Give us some facts that can give merit to the free market's delusion that Computer Networking isn't worth the nickel it used to be. And yes, I believe the free market is under delusional control. Most of which has been perpetuated by the Dot.Bomb era (which has been nothing but pessimistic influence of the US Media [and yes, I know part of it was a result of bad financial decisions by some start-up companies and some of the Telco's, but the ripple affects caused in short by the media is why all the other businesses have experienced demise]). Real Estate and Oil had its big boom period too, but that hasn't seemed to have had an affect on the purchases of houses and gas in the past 15 years... in fact, they've just
Re: number of CCIE [7:70151]
some comments are meant in good fun, others are of more serious source. pray do not take offense, as none is intended. n rf wrote in message news:[EMAIL PROTECTED] Sigh. I knew this was going to happen. so why'd you bring it up in the first place? :- Gentlemen, this is why I posted such a long response, because I wanted you all to be honest with yourselves. I could have just said what I had to say straight-up, without any explanation, but I felt (and obviously with a lot of justification) that I needed to do a lot of explaining. Just ask yourself the question - if you had a high-number, would you want to trade it for a lower number? You know in your heart what you want, even if you don't want to admit it on this board. Answer the question and be perfectly honest with yourself. most of us on this list would take any number we could get! ;- Somebody asked whether employers are asking for lower numbers. You're damn right they are. Several recruiters, headhunters, and HR people have stated that they give preference lower-number CCIE's. In fact, you may have seen this several times on the groupstudy.jobs ng. Yet I have never ever seen a recruiter saying that he gives preference a higher-number CCIE. Why is that? Why is it only one-way? I tend not to believe in coincidences - when there's smoke, there's probably fire. so there are some idiot recruiters who are lockstepping with what thweir idiot employer / clients are asking for. I can recall when CCNA became all the rage, and there were some employers / recruiters who were turning down people with CCNP's. Against stupidity, the gods themselves contend in vain. As a job seeker, it behooves someone to focus on identifying the kind of people they want to work with and for, and those who should be avoided. Somebody also asked what number CCIE I am. Well, what exactly does that have to do with anything? Because I may or may not be a low-number CCIE, that somehow affects the truth of my arguments? Either they're true or they're not. Who I am has nothing to do with it. Why the ad-hominem attacks? Why can't people debate things simply on the merits of the argument, rather than calling into question people's motives? Hell, if you want to go down the road of ad-hominem attacks, I could just as easily say that all my detractors are or will be high-number CCIE's and so therefore all their arguments should be ignored because their motives are also questionable. But I don't do that. in general I respect your observations. I agree with this particular comment. I believe your own particular status is irrelevant. I believe the source is typical human nature. Just because someone has achieved something does not necessarily mean their observation or opinion is more valid than those of someone who has not. But human nature being what it is, many people tend to take the advice of someone with the numbers or letters after tha name as better than that of someone who does not. And when did I ever compare networking to a software company? Seems like a complete non-sequitur to me. About me 'devaluing' networking - how could I really doing that? Are you saying it's my fault that networking is devalued? Seriously. I am only 1 person. How could 1 person acting alone devalue networking in any measurable way? If I really had the power to manipulate entire markets like that, I'd be a multimillionaire and I certainly wouldn't be hanging out here on this ng. I think the real fear that people have is that I am not alone - that I really am telling the truth. If networking has been devalued, it is because the free market has decided that it should be devalued, and what is the free market but many individual entities all acting in their own self-interest? Therefore if networking has been devalued, it is because many people have decided that it be so. Not just me alone. you're NOT that powerful? How disappointing :- the job market is what you make of it. Yes there are external factors. In the grand scheme of things, comparative advantage comes into play somewhere along the line. I suggest that netwroking is to the point where fewer companies require on site support staff. They can outsource, colocate, purchase manged services, and in the end this means fewer staff jobs, and the remaining staff jobs requiring more expertise. Not saying it will happen tomorrow, but I can see the trend as well. About the cpa argument - I would argue that whenever the cpa test happened to be more difficult, then it would be more prestigious. Whenever anything is more difficult, it becomes more prestigious. Is that particularly shocking? Why is a degree from MIT more prestigious than a degree from Podunk Community College? Simple - graduating from MIT is harder than graduating from PCC. I even stated that if the CCIE all of a sudden got very very difficult starting today, then anybody who passed starting today
Re: number of CCIE [7:70151]
Man, I never see a job post specify that certain CCIE number is prefer. I have, many times. For example, just check out the archives at groupstudy.jobs. Why did you even bother to ask this question in the beginning, if you think the value of CCIE title has drop. Huh? I didn't ask anything. What are you talking about? I think is fair to say, after you finished it than you will know what it take. Believe me, I know what it takes. See below. Please take the CCIE lab exam before you make any common on this subject. You are assuming that I have never taken the lab. What if I told you I have. So now, according to your rules, I now have the right to say anything I want, right? Of course the # mean a lot but the learning process was even more important. In fact, one consultant company just hires two new CCIE recently with 140K salaries per year. They both study at the same school that I went. And by the same token check out all the CCIE's who haven't found a a job for a very long time. Don't believe me? Again, go to groupstudy.jobs. Or alt.certification.cisco. Or forums.cisco.com. Or any other place where CCIE's tend to congregate and you can read the stories of CCIE's desperate to find work. This studygroup is a very valuable resource to us and everybody is working really hard to his or her dream. I will suggest that if you are scare about the increasing number of CCIE, please leave and seeking another valuable certification for yourself. I'm not scared about anything. I would ask whether you're scared that perhaps your high-number CCIE may not be particularly valuable. But is that my fault? Did I cause the high-number to be less valuable? I'm just saying that it is less valuable, but I did not make that happen. You don't like what I'm saying, take it up with the entity that is responsible - take it up with Cisco itself. Ask Cisco why they changed the test from 2 days to 1. Ask Cisco why they let braindumps proliferate. Ask Cisco why they got rid of the troubleshooting section of the test. Ask Cisco why they just let people come back every month and take the test over and over again until they finally pass. All these things hurt the integrity of the program. But none of them are my fault - they're Cisco's fault. Look, the facts are clear. The CCIE has declined in quality. This is why you have some recruiters giving preference to low-number CCIE's. But nobody is giving preference to high-number CCIE's. Why is that? Ask yourself why is it only one-way? It is inescapably because of the drop in quality of the program. But now ask yourself whose fault is that? It's certainly not my fault - I'm not responsible for keeping the quality of the program high. It's Cisco's fault. Just my 2-cent. - Original Message - From: n rf To: Sent: Thursday, June 05, 2003 5:16 PM Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn't accelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the average quality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number, would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not created equal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000 Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually, numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The
RE: number of CCIE [7:70151]
Dude, with all due respect, are you a recruiter for some college somwhere? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of n rf Sent: Saturday, June 07, 2003 9:06 AM To: [EMAIL PROTECTED] Subject: Re: number of CCIE [7:70151] Sigh. I knew this was going to happen. Gentlemen, this is why I posted such a long response, because I wanted you all to be honest with yourselves. I could have just said what I had to say straight-up, without any explanation, but I felt (and obviously with a lot of justification) that I needed to do a lot of explaining. Just ask yourself the question - if you had a high-number, would you want to trade it for a lower number? You know in your heart what you want, even if you don't want to admit it on this board. Answer the question and be perfectly honest with yourself. Somebody asked whether employers are asking for lower numbers. You're damn right they are. Several recruiters, headhunters, and HR people have stated that they give preference lower-number CCIE's. In fact, you may have seen this several times on the groupstudy.jobs ng. Yet I have never ever seen a recruiter saying that he gives preference a higher-number CCIE. Why is that? Why is it only one-way? I tend not to believe in coincidences - when there's smoke, there's probably fire. Somebody also asked what number CCIE I am. Well, what exactly does that have to do with anything? Because I may or may not be a low-number CCIE, that somehow affects the truth of my arguments? Either they're true or they're not. Who I am has nothing to do with it. Why the ad-hominem attacks? Why can't people debate things simply on the merits of the argument, rather than calling into question people's motives? Hell, if you want to go down the road of ad-hominem attacks, I could just as easily say that all my detractors are or will be high-number CCIE's and so therefore all their arguments should be ignored because their motives are also questionable. But I don't do that. And when did I ever compare networking to a software company? Seems like a complete non-sequitur to me. About me 'devaluing' networking - how could I really doing that? Are you saying it's my fault that networking is devalued? Seriously. I am only 1 person. How could 1 person acting alone devalue networking in any measurable way? If I really had the power to manipulate entire markets like that, I'd be a multimillionaire and I certainly wouldn't be hanging out here on this ng. I think the real fear that people have is that I am not alone - that I really am telling the truth. If networking has been devalued, it is because the free market has decided that it should be devalued, and what is the free market but many individual entities all acting in their own self-interest? Therefore if networking has been devalued, it is because many people have decided that it be so. Not just me alone. About the cpa argument - I would argue that whenever the cpa test happened to be more difficult, then it would be more prestigious. Whenever anything is more difficult, it becomes more prestigious. Is that particularly shocking? Why is a degree from MIT more prestigious than a degree from Podunk Community College? Simple - graduating from MIT is harder than graduating from PCC. I even stated that if the CCIE all of a sudden got very very difficult starting today, then anybody who passed starting today would earn more prestige. Simply put - prestige follows rigor. And Chuck, you said it yourself - True, there are more cheaters out there, and more practice labs, and the like... - and those kinds of things are exactly what I'm talking about. Bottom line - the CCIE is not as hard to attain today as it was in the past, whether because of cheating or more practice materials, or whatever. You also said that the test is just as difficult today as it was in the past. But it's not just the test that I'm talking about, but rather the entire CCIE procedure that I'm talking about. The tests themselves may be of equivalent difficulty, but if there are more bootcamps and whatnot today, then ultimately that means that the CCIE procedure of today is easier. Sure test A and test B might be equal in difficulty, but if people are more bootcamp-ed to take test B, then ultimately passing test B is easier. Again, I don't think bootcamps are necessarily wrong, but it does mean that if you want to maintain the same level of difficulty, you have to compensate for the bootcamps by making test B even harder than test A. Otherwise, you end up with a situation where people who passed test A were good, but people who passed test B may not be quite as good, but had the benefit of bootcamps. Or let me put it to you another way. Surely you would agree that companies like Princeton Review and Kaplan make the SAT's easier. The SAT's fight back by using relative scoring - where your scores are calculated not absolutely, but relative to
RE: AUX Port dial in [7:69994]
Cisco has sample configs. You have to look. It is a skill that is necessary to learn. pad http://www.cisco.com/warp/public/471/mod-aux-exec.html -Original Message- From: Shane Stockman [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2003 11:41 PM To: [EMAIL PROTECTED] Subject: AUX Port dial in [7:69994] I have a Windows PC and would like to telnet into a remote router via the AUX port using a modem on it.Does anyone have any sample configs for the router. PC--modem---modem--Router (AUX Port) Thanks _ Wazup? Find out by joining SA Teens - http://groups.msn.com/SAteens/ MSN's hottest South African Group Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70324t=69994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Man, I never see a job post specify that certain CCIE number is prefer. I have, many times. For example, just check out the archives at groupstudy.jobs. Why did you even bother to ask this question in the beginning, if you think the value of CCIE title has drop. Huh? I didn't ask anything. What are you talking about? I think is fair to say, after you finished it than you will know what it take. Believe me, I know what it takes. See below. Please take the CCIE lab exam before you make any common on this subject. You are assuming that I have never taken the lab. What if I told you I have. So now, according to your rules, I now have the right to say anything I want, right? Of course the # mean a lot but the learning process was even more important. In fact, one consultant company just hires two new CCIE recently with 140K salaries per year. They both study at the same school that I went. And by the same token check out all the CCIE's who haven't found a a job for a very long time. Don't believe me? Again, go to groupstudy.jobs. Or alt.certification.cisco. Or forums.cisco.com. Or any other place where CCIE's tend to congregate and you can read the stories of CCIE's desperate to find work. This studygroup is a very valuable resource to us and everybody is working really hard to his or her dream. I will suggest that if you are scare about the increasing number of CCIE, please leave and seeking another valuable certification for yourself. I'm not scared about anything. I would ask whether you're scared that perhaps your high-number CCIE may not be particularly valuable. But is that my fault? Did I cause the high-number to be less valuable? I'm just saying that it is less valuable, but I did not make that happen. You don't like what I'm saying, take it up with the entity that is responsible - take it up with Cisco itself. Ask Cisco why they changed the test from 2 days to 1. Ask Cisco why they let braindumps proliferate. Ask Cisco why they got rid of the troubleshooting section of the test. Ask Cisco why they just let people come back every month and take the test over and over again until they finally pass. All these things hurt the integrity of the program. But none of them are my fault - they're Cisco's fault. Look, the facts are clear. The CCIE has declined in quality. This is why you have some recruiters giving preference to low-number CCIE's. But nobody is giving preference to high-number CCIE's. Why is that? Ask yourself why is it only one-way? It is inescapably because of the drop in quality of the program. But now ask yourself whose fault is that? It's certainly not my fault - I'm not responsible for keeping the quality of the program high. It's Cisco's fault. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70313t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: number of CCIE [7:70151]
yawn. - Original Message - From: n rf Date: Saturday, June 7, 2003 12:09 pm Subject: Re: RE: number of CCIE [7:70151] garrett allen wrote: you make an a priori argument that lower is better. is a lower number cpa better than a higher numbered one? You got me wrong. I didn't say that lower is better at all times. Read my entire post again. I said that more rigorous equates to prestige. This is why I included my example of what would happen if Cisco decided to change the CCIE exam to become extremely rigorous - then eventually people would prize high-number CCIE's who passed the more rigorous version. The fact is, prestige follows rigor. If something is more rigorous, then it becomes rigorous and vice versa. This is why graduating from MIT is more prestigious than graduatingfrom Podunk Community College. But the fact is, the CCIE on the whole has probably gotten more rigorous (i.e. chopping the test from 2 days to 1, eliminating the dedicated troubleshooting section, more bootcamps/braindumps, more cheating, etc. etc.) which is why it has become less prestigious. actually, probably the inverse is true as the more recent the certification the more recent the material covered. this is balanced against with age comes opportunities and experiences. Unfortunately, the free market disagrees with you. The fact is, a growingnumber of recruiters, headhunters, and HR people are starting to give preference to lower-number CCIE's. Go check out the groupstudy.jobs forum. Yet I have never heard of any recruiter giving preference to higher-number CCIE. It's always one-way, and that's my point. threads like this are like discussing the maximum number of angels dancing on the head of a pin. i vote we kill the thread before it spawn. later. - Original Message - From: n rf Date: Thursday, June 5, 2003 5:16 pm Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn'taccelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the averagequality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number,would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not createdequal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually,numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in rigor? Well, you alluded to several factors. While it is still rather controversial exactly how the switch from 2 days to 1 day impacted the program, it is widely conceded that it probably didn't help. Nor does having all these braindumps all over the Internet, and not just for the written, but the lab as well. The CCIE has certain arcane logistical rules that people have figured out how to 'game' - for example, for example, some people who live near test sites just attempt the lab every month over and over again. Finally, there is
RE: number of CCIE [7:70151]
Howard C. Berkowitz wrote: I commend people to remember the tale of the Emperor's New Clothes here. It utterly confounds me that people are focusing on the CCIE number as the discriminator for a hiring decision, lower being better. I'm just telling you what I've seen. I think anybody who's been looking for work lately knows that this is happening. Whether they agree with it or not is besides the point. It's happening. Lower means that one obtained the certification earlier. Presumably, since the number was obtained, the individual has been working. This can mean that the lower-numbered candidate can present a solid track record of CCIE-level work experience to an employer, while the higher-numbered candidate simply may not have the experience. Which is why I provided the thought exercise of people trading their number. I didn't talk about people trading their experience level - just their number. For example, I'm fairly sure that CCIE #1100 will never willingly trade his number for #11,000. But why not - his experience level will stay the same. It's because that everybody realizes that there is a, dare I say it, a stigma attached to higher numbers - particularly to those guys who passed after the test was changed from 2 days to 1. The fact is, everybody wants to have the lowest number they can get, all other things being equal, and the inescapable reason behind this is that the test has declined in overall quality with time. For example, like I said, the change from 2 days to 1 was probably not a good thing. So was the loss of the dedicated troubleshooting section which was the one truly realistic part of the old exam. The proliferation of super-specialized bootcamps that are geared not to making a person a better overall engineer but geared strictly to help people pass the test and nothing more. Things like that have all chipped away at the rigor of the program. Now, let me point out this. It's not the fault of the recent CCIE's that things are like this. They're not the ones who are causing this decline. And it's certainly not my fault - I didn't cause this decline, so why are people jumping down my throat? You don't like it? Take it up with the entity that's responsible. The entity responsible is Cisco itself. It is Cisco that changed the test from 2 days to 1. It is Cisco that removed the troubleshooting section. I've never regarded certification, in any field, as more than an entry point. Let's put it this way -- when I had to have open-heart surgery, I could have chosen among several board-certified surgeons. The most important factors, however, were how many procedures they had done, and, even more importantly, how frequently they do them. Surgical statistics show, without question, that part-time cardiac surgeons and their teams do not have the good results of someone that does such procedures constantly. Let me put it to you this way, Howard. There have been quite a few rather emotional responses in this thread. So, rightly or wrongly, a lot of people seem to regard this particular certification as certainly a lot more than an entry point. If the CCIE wasn't a big deal, then nobody would really care that I'm pointing out problems with it. Therefore obviously some people believe that the stakes are high. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70312t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Perfect! - Original Message - From: philip To: Sent: Saturday, June 07, 2003 1:05 PM Subject: Re: number of CCIE [7:70151] Man, I never see a job post specify that certain CCIE number is prefer. Why did you even bother to ask this question in the beginning, if you think the value of CCIE title has drop. I think is fair to say, after you finished it than you will know what it take. Please take the CCIE lab exam before you make any common on this subject. Of course the # mean a lot but the learning process was even more important. In fact, one consultant company just hires two new CCIE recently with 140K salaries per year. They both study at the same school that I went. This studygroup is a very valuable resource to us and everybody is working really hard to his or her dream. I will suggest that if you are scare about the increasing number of CCIE, please leave and seeking another valuable certification for yourself. Just my 2-cent. - Original Message - From: n rf To: Sent: Thursday, June 05, 2003 5:16 PM Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn't accelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the average quality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number, would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not created equal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000 Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually, numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in rigor? Well, you alluded to several factors. While it is still rather controversial exactly how the switch from 2 days to 1 day impacted the program, it is widely conceded that it probably didn't help. Nor does having all these braindumps all over the Internet, and not just for the written, but the lab as well. The CCIE has certain arcane logistical rules that people have figured out how to 'game' - for example, for example, some people who live near test sites just attempt the lab every month over and over again. Finally, there is the consensus that the CCIE program has simply not kept up with the growing amount of study material, bootcamps, lab-guides, and so forth. We all know there's an entire cottage industry devoted just to helping people to pass the lab, and while there's nothing wrong with that per se, it does mean that Cisco needs to keep pace to maintain test rigor. To offer a parallel situation, when the MCSE bootcamps started to proliferate, the value of the MCSE plummeted because Microsoft did not properly maintain the rigor of the cert. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70314t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: religious wars [7:70274]
Sur le pont d'Avignon On y danse, on y danse Sur le pont d'Avignon On y danse, tous en rond Les jeunes filles font comme ci Les garcons font comme ca Sur le pont d'Avignon On y danse, on y danse Sur le pont d'Avignon On y danse, tous en rond Les poupees font comme ce Les soldats font comme ca Sur le pont d'Avignon On y danse, on y danse Sur le pont d'Avignon On the bridge of Avignon On y danse, tous en rond Les grenouilles font comme ci Les gorilles font comme ca Sur le pont d'Avignon Sur le pont d'Avignon On y danse, tous en rond Cheese munching surrender monkeys! Best regards, Dom Stocqueler Zoo Keeper (Small Mammals) - SysDom Technologies P.S. I like NetBSD! === IMPORTANT: This email is intended for the use of the individual addressee(s)named above and may contain information that is confidential privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the poodle next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites and place it in a warm oven for 40 minutes. Whisk briefly and let it stand for 2 hours before icing. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of The Road Goes Ever On Sent: 08 June 2003 02:12 To: [EMAIL PROTECTED] Subject: Re: religious wars [7:70274] Howard C. Berkowitz wrote in message news:[EMAIL PROTECTED] At 7:33 PM + 6/7/03, Sam Sneed wrote: Since when is FreeBSD a flavor of Linux??? Would you say Solaris is a flavor of Linux as well??? All *nix's are not the same. In other words, we don't just have wars between major religions; it goes down to the level of denomination and schism, to say nothing of legitimacy. Shades of Popes and Anti-Popes... Someone from Avignon really should post in this thread. :-) Preferably somebody named Boniface? Black Jack wrote in message news:[EMAIL PROTECTED] Old timers will remember Mac vs DOS/Windows. Or UNIX vs DOS. Or Beta vs VHS. More recent is Linux vs FreeBSD, or one flavor of Linux distribution vs another. (See http://ars.userfriendly.org/cartoons/?id=19990301 for example. By the way, if you are not familiar with www.userfriendly.org, you gotta check it out. Funniest geek-oriented comic strip this side of dilbert) Anyway, try asking network types what their favorite TFTP server is... then step back! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70325t=70274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]