Re: What is bandwidth domain? [7:38887]

2002-03-19 Thread Jeff Smith 

I have heard it used as another name for collision domain.  Theory is that 
everyone in same collsion domain is competing for bandwidth.


>From: "Love Cisco" 
>Reply-To: "Love Cisco" 
>To: [EMAIL PROTECTED]
>Subject: What is bandwidth domain? [7:38887]
>Date: Tue, 19 Mar 2002 21:44:44 -0500
>
>I only know broadcast domain and collision doman.
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3&t=38887
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Suggestions welcome [7:27378]

2001-11-26 Thread Jeff Smith 

Chris, did you try shutting down interface vlan1 on that switch?  AFAIK, you 
can only have 1 vlan/interface up at a time for the management interface on 
the 3548.

Jeff


>From: "chris" 
>Reply-To: "chris" 
>To: [EMAIL PROTECTED]
>Subject: RE: Suggestions welcome [7:27378]
>Date: Mon, 26 Nov 2001 16:33:20 -0500
>
>I have router on a stick configured between a Cisco 3600 and 4 Cisco 3548s
>that are trunk together and it is working OK. However, must all the 3548s
>have an ip address in the same subnet as vlan 1.  I changed the ip address
>on a switch from interface vlan1 172.16.10.1/24 to vlan2 172.16.11.1/24 
>then
>I cannot ping that switch from the router or any other switch. Any
>suggestions
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27415&t=27378
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN between Checkpoint and Pix [7:27787]

2001-11-30 Thread Jeff Smith 

You could also try   firetower.com - a good security consulting firm.


>From: "Paul Holloway" 
>Reply-To: "Paul Holloway" 
>To: [EMAIL PROTECTED]
>Subject: RE: VPN between Checkpoint and Pix [7:27787]
>Date: Fri, 30 Nov 2001 20:05:29 -0500
>
>Ramesh,
>Here is what you are looking for:
>http://www.cisco.com/warp/public/110/cp-p.html
>
>many other at: http://www.cisco.com/warp/public/707/index.shtml#pix
>
>Hope this helps
>Paul
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Ramesh c
>Sent: Friday, November 30, 2001 4:04 AM
>To: [EMAIL PROTECTED]
>Subject: VPN between Checkpoint and Pix [7:27787]
>
>
>Hi guys,
>
>Is there any site which give details(Configuration,specs)abt  VPN between
>Pix firewall and checkpt firewall using IPSec.
>
>TIA
>
>Cheers
>Ramesh
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27902&t=27787
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT: who do you trust: WAS: RE: Does session layer [7:28642]

2001-12-10 Thread Jeff Smith 

Go Fish?  ;->


>From: "Chuck Larrieu" 
>Reply-To: "Chuck Larrieu" 
>To: [EMAIL PROTECTED]
>Subject: RE: OT: who do you trust: WAS: RE: Does session layer [7:28642]
>Date: Mon, 10 Dec 2001 17:43:12 -0500
>
>you probably need two for it to be meaningful ;->
>
>kinda like another activity we all know and love? ;->
>
>Chuck
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Michael Williams
>Sent: Monday, December 10, 2001 2:21 PM
>To: [EMAIL PROTECTED]
>Subject: RE: OT: who do you trust: WAS: RE: Does session layer [7:28642]
>
>
>Speaking of, a co-worker showed me a page on CCO that stated that "you
>cannot perform redistribution on a single router".  (this is no joke).
>
>Talk about misinformation. geez
>
>Mike W.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28793&t=28642
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Access Lists [7:28927]

2001-12-12 Thread Jeff Smith 

Is 165.5.x.x the range of your internal network or the range of addresses 
that your dial in users are assigned to?  This list says that any packet 
whose source address is 165.5.x.x can be destined for anywhere.  If you want 
to restrict which subnets they can get to make some more lines specifying 
your internal subnets.  Not to insult, but dont' forget to apply it to an 
interface.


>From: "J. Johnson" 
>Reply-To: "J. Johnson" 
>To: [EMAIL PROTECTED]
>Subject: Access Lists [7:28927]
>Date: Wed, 12 Dec 2001 14:24:16 -0500
>
>We have a Cisco 5300 Dial-up.  We want to allow everyone to get to our
>network when they dial in.  We do not want everyone to get on the internet
>when they dial-in.  This is what my access list look like
>
>access-list 110 permit ip  165.5.0.0 0.0.255.255 any
>  access-list 110 deny ip any any
>
>Everyone can get to our network and get on the internet with the above 
>list.
>Can you see anything wrong?
>
>Thanks.
>
>Jill
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28940&t=28927
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: DirectTV [7:30136]

2001-12-26 Thread Jeff Smith 

I had them out last week to install mine, but there was no clear path to the 
satellite from my roof, due to large trees, so they couldn't do it.  I am 
going to try someone else and hope they have a satellite in a different 
spot.  I think he said if there is no clear line of sight from your roof to 
the southwest you may have problems, with DirectTV at least.  Good luck.


>From: "Jeff D" 
>Reply-To: "Jeff D" 
>To: [EMAIL PROTECTED]
>Subject: OT: DirectTV [7:30136]
>Date: Wed, 26 Dec 2001 21:00:59 -0500
>
>I was thinking about doing this, but was curious if anyone knows of 
>anything
>better or pros/cons to this:
>
>http://store.yahoo.com/dialadish/dirtvdsssatt.html
>
>Cheers,
>Jeff
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30146&t=30136
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: question about VPN-IPSEC and NAT [7:30694]

2002-01-02 Thread Jeff Smith 

This is a remote access vpn situation?  If you can ping the server then we 
can assume that the tunnel was set up correctly and it is not a situation 
where IPSec protocols are being blocked.  Try playing with the IPSec over 
NAT setting on the client itself.


>From: "Leonardo Borda" 
>Reply-To: "Leonardo Borda" 
>To: [EMAIL PROTECTED]
>Subject: question about VPN-IPSEC and NAT [7:30694]
>Date: Wed, 2 Jan 2002 13:55:14 -0500
>
>Hello,
>
> I have in my organization a cisco router 2600 running NAT and IPSEC56. 
>I
>want to configure two access-lists. One for inbound access and another one
>for outbound access and apply it in the same serial line.
> Does anyone know what are the ports I have to permit to work that job
>successfull as much inbound as outbound?
>
> I had success in configuring internet access and it4s working fine but
>over IPSEC my users from the other side of VPN can not access my exchange
>server using VPN. but they can ping it...
>
> thanks.
>
>   Leonardo Borda.
_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30745&t=30694
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

specific MIBs on Cat 6509 [7:62370]

2003-02-03 Thread Jeff Smith 
I am looking for some snmp OIDs or MIBs that I can incorporate into my 
network management that will give me specific port counters - errors, 
overall throughput per port and things like that.  I have tried Cisco's site 
but cannot seem to find them.  Any ideas?  Thanks.

Jeff




_
The new MSN 8: advanced junk mail protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62370&t=62370
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Technology, Certification, Skill Sets, and Loo [7:70953]

2003-06-20 Thread Jeff Smith 
Mark, I think it is safe to say that "corporate greed" is never going to go 
away.  You cannot legislate or force morality on someone - unless they are 
breaking the law they should be able to do whatever is best for their 
business.  The trick is to stay valuable so you don't have to rely on their 
morality for your livelihood.


>From: "Mark E. Hayes" 
>Reply-To: "Mark E. Hayes" 
>To: [EMAIL PROTECTED]
>Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
>Date: Fri, 20 Jun 2003 09:05:30 GMT
>
>My basic point is this, however moot. I am not talking about NOT hiring
>foreign workers. I have no beef with that. My beef is with CORPORATE
>GREED. You claim to be a free-market capitalist. Are you a business
>owner? Or do you invest in the market, or both? Maybe I should have said
>this in my previous post. My disgust in Corporate America stems from the
>total lack of morals and sense of responsibility to the people who put
>them where they are, their workers. Believe it or not, I am not a
>Democrat. I sway towards the conservative side. But I believe you have
>to have some morals when you run a business. There is a symbiotic
>realtionship that exists between the worker and the employer. I know
>employers hold the cards and can dictate the rules as they see fit. But
>laying off 10,000 workers after reporting 40,000,000 dollars in profit
>for the quarter is callous. The cliche "we have to do what's right for
>the business" comes to mind. Enron and MCI are shining examples of
>corporate greed. How many people lost their retirement, their lives?
>
>I guess we could come down from the mountaintop and say "Weee,
>here's how it is. You don't have a PhD and a wonderful stock portfolio
>so you can just go by the way side. No life for you. You don't have the
>education to be a CEO, you have morals so you can't go into sales".
>Management has been pretty shaky for a while too. I know guys afraid to
>lose their jobs because they know they can't find another one that pays
>as well without having a BA or BS or higher.
>
>
>
> >>From your reply- "in short, the high-end, "high-touch", work that is
>not easily outsourced at all.  And who tends to make more money, the
>engineers or the business leadership/finance/sales?  Right.  Therefore,
>the high-yield, high-margin work will stay here."
> > Ok n rf... I will admit before I go any farther, this is a rant
> > ;)
> >
> > You have hit the nail on the head. The one that puts me over
> > the top. I
> > am going to refer back to my first rant over CCIE numbers.
> > hehehe. The
> > part where Corporate America oughtta go hang out with the Nazis
> > in S.A.
> > When is enough, enough? NAFTA brought about the demise of the
> > labor
> > sector (as far as assembly line workers, and more menial tasks
> > that
> > employers did not want to pay minimum wage here to do). The
> > spin was
> > that higher tech jobs would be available. Well we had a nice
> > run for
> > about 8 years. Now the higher tech jobs are being farmed out to
> > "off-site" locations. I can almost picture a bunch of poor
> > souls locked
> > in a NOC and having to ask to go to the bathroom like they do
> > in the
> > Mexican plants run by a few rich guys hired out to American
> > interests.
> > All in the name of $aving money. I haven't checked but I doubt
> > Caterpillar passed on the savings when they moved their
> > production
> > facilities to Mexico.
> >
> > The way things are going the only jobs left will be food
> > service and
> > nurses. The only problem is nobody will be working to afford
> > either one
> > of the services. I changed career fileds in the mid-to-late
> > nineties
> > hoping I would be able to hold on to something worthwhile. I
> > chose
> > networking. It turned out to be an addiction. I love doing this
> > stuff
> > but un-employment sucks! In retrospect nursing would have been
> > a better
> > choice, but hey the market wasn't to good for them either back
> > then.
> > Will American companies EVER realize they have a commitment to
> > keep this
> > country strong. After all, if no one is working who will buy
> > their
> > services?
> >
> > I know you are not the cause, only the messenger. So please
> > forgive my
> > rant.
> >
> > Mark
>
>
>Well, as a free-market capitalist, I have several points to make
>
>* Own any stocks?  Perhaps a mutual fund in a 401k?  If so, guess what,
>you're part of the very Corporate America that you apparently despise.
>If
>you own shares in American companies, then your portfolio is helped by
>any
>and all cost-cutting moves made by those companies.
>
>*Ever use any foreign products?  I bet you have.  Just go out to the
>street
>and check out all the foreign cars.  There's a good chance you have one
>in
>your garage. Or just look at the clothes you wear.  I bet you that your
>underwear was made either in Mexico or in Asia.  In fact, just take a
>look
>around your room at all the househood goods.  How many of them were
>manufactured in other

RE: Technology, Certification, Skill Sets, and Loo [7:70953]

2003-06-20 Thread Jeff Smith 
If you are starting a business to provide a service first then you must be 
one of the fortunate people that do not have to worry about income.  I would 
dare say that most business owners start a business to make a profit and the 
service provided is a way of reaching that end.



>From: "Mark E. Hayes" 
>To: "Jeff Smith" ,
>Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
>Date: Fri, 20 Jun 2003 12:51:01 -0500
>
>I'm starting a business to provide a service first. If the service is
>good, then hopefully I will make money. No one will give you money
>solely for the purpose of giving you money, unless you run a charity.
>Even then a charity is a service to someone. Companies founded for
>social reasons are still providing a service.
>
>-Original Message-
>From: Jeff Smith [mailto:[EMAIL PROTECTED]
>Sent: Friday, June 20, 2003 12:43 PM
>To: Mark E. Hayes; [EMAIL PROTECTED]
>Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
>
>
>"Most companies exist to provide a service, hopefully making money at
>the
>same time. They are not there to simply make money devoid of any
>marketable
>service."
>
>How do you figure that?  Besides some businesses that exist for strictly
>
>social reasons, money is the sole reason people go into business.  If
>there
>were no money in it, the service would no longer be provided.
>Businesses
>provide whatever services they do because it is profitable, simple as
>that.
>
>
> >From: "Mark E. Hayes" 
> >Reply-To: "Mark E. Hayes" 
> >To: [EMAIL PROTECTED]
> >Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
> >Date: Fri, 20 Jun 2003 16:30:28 GMT
> >
> >Nope, don't own any 401k's now. Times have been tough. It's easy to
> >pontificate on the virtues of capitalism when you are doing well. Yes,
> >we all have to future- proof ourselves. Most companies exist to provide
> >a service, hopefully making money at the same time. They are not there
> >to simply make money devoid of any marketable service. Yes there are
> >exceptions like holding companies.
> >
> >I guess I'm am an idealist discussing ethics with someone who endorses
> >amoral business activities. It's funny how businesses try to sound like
> >they care about their people through bogus mission statements and core
> >values, then turn around and stick it to the employees every chance
>they
> >get. There's nothing like looking at the company you work for's (bad
> >grammar) latest deforestation project called a mission and core values
> >statement as you just saw someone get the axe because they had another
> >needed operation. Or you get asked to leave because you have been
>taking
> >time off while your mother is dying.
> >
> >
> >
> >
> >-Original Message-
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
>n
> >rf
> >Sent: Friday, June 20, 2003 7:45 AM
> >To: [EMAIL PROTECTED]
> >Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
> >
> >
> >Mark E. Hayes wrote:
> > >
> > > My basic point is this, however moot. I am not talking about
> > > NOT hiring
> > > foreign workers. I have no beef with that. My beef is with
> > > CORPORATE
> > > GREED. You claim to be a free-market capitalist. Are you a
> > > business
> > > owner? Or do you invest in the market, or both?
> >
> >Well, yes and yes.
> >
> >And apparently, so are you, at least on the first question. You stated
> >yourself in a previous post that you are starting your own business.
> >Furthermore, you probably own stock of some form or another, perhaps in
> >a
> >401k.
> >
> > >Maybe I should
> > > have said
> > > this in my previous post. My disgust in Corporate America stems
> > > from the
> > > total lack of morals and sense of responsibility to the people
> > > who put
> > > them where they are, their workers.
> >
> >But that's not really the purpose of companies.  Companies are amoral,
> >which
> >is not the same as immoral.  Simply put, companies exist to make
>profit.
> >
> >Period.  There simply is no other reason for a company to exist.  Rough
> >as
> >this may sound, we both know that businesses do not exist for the
> >purpose of
> >benefitting workers.  They exist for the purpose of making money.
> >Simple as
> >that.
> >
> >
> > > Believe it or not, I am not
> > &g

RE: Technology, Certification, Skill Sets, and Loo [7:70953]

2003-06-20 Thread Jeff Smith 
"Most companies exist to provide a service, hopefully making money at the 
same time. They are not there to simply make money devoid of any marketable 
service."

How do you figure that?  Besides some businesses that exist for strictly 
social reasons, money is the sole reason people go into business.  If there 
were no money in it, the service would no longer be provided.  Businesses 
provide whatever services they do because it is profitable, simple as that.


>From: "Mark E. Hayes" 
>Reply-To: "Mark E. Hayes" 
>To: [EMAIL PROTECTED]
>Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
>Date: Fri, 20 Jun 2003 16:30:28 GMT
>
>Nope, don't own any 401k's now. Times have been tough. It's easy to
>pontificate on the virtues of capitalism when you are doing well. Yes,
>we all have to future- proof ourselves. Most companies exist to provide
>a service, hopefully making money at the same time. They are not there
>to simply make money devoid of any marketable service. Yes there are
>exceptions like holding companies.
>
>I guess I'm am an idealist discussing ethics with someone who endorses
>amoral business activities. It's funny how businesses try to sound like
>they care about their people through bogus mission statements and core
>values, then turn around and stick it to the employees every chance they
>get. There's nothing like looking at the company you work for's (bad
>grammar) latest deforestation project called a mission and core values
>statement as you just saw someone get the axe because they had another
>needed operation. Or you get asked to leave because you have been taking
>time off while your mother is dying.
>
>
>
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of n
>rf
>Sent: Friday, June 20, 2003 7:45 AM
>To: [EMAIL PROTECTED]
>Subject: RE: Technology, Certification, Skill Sets, and Loo [7:70953]
>
>
>Mark E. Hayes wrote:
> >
> > My basic point is this, however moot. I am not talking about
> > NOT hiring
> > foreign workers. I have no beef with that. My beef is with
> > CORPORATE
> > GREED. You claim to be a free-market capitalist. Are you a
> > business
> > owner? Or do you invest in the market, or both?
>
>Well, yes and yes.
>
>And apparently, so are you, at least on the first question. You stated
>yourself in a previous post that you are starting your own business.
>Furthermore, you probably own stock of some form or another, perhaps in
>a
>401k.
>
> >Maybe I should
> > have said
> > this in my previous post. My disgust in Corporate America stems
> > from the
> > total lack of morals and sense of responsibility to the people
> > who put
> > them where they are, their workers.
>
>But that's not really the purpose of companies.  Companies are amoral,
>which
>is not the same as immoral.  Simply put, companies exist to make profit.
>
>Period.  There simply is no other reason for a company to exist.  Rough
>as
>this may sound, we both know that businesses do not exist for the
>purpose of
>benefitting workers.  They exist for the purpose of making money.
>Simple as
>that.
>
>
> > Believe it or not, I am not
> > a
> > Democrat. I sway towards the conservative side. But I believe
> > you have
> > to have some morals when you run a business. There is a
> > symbiotic
> > realtionship that exists between the worker and the employer. I
> > know
> > employers hold the cards and can dictate the rules as they see
> > fit. But
> > laying off 10,000 workers after reporting 40,000,000 dollars in
> > profit
> > for the quarter is callous. The cliche "we have to do what's
> > right for
> > the business" comes to mind.
>
>Look, I'm not blind to the pain that layoffs cause.  But in your
>particular
>case, I would ask how many people happen to be shareholders in that
>particular company?  Almost certainly a lot more than 10,000.  The
>company's
>earnings, and hence the stock price was probably helped by the layoffs,
>and
>since there ware more stockholders than workers, the overall net benefit
>is
>still positive.  Sometimes you gotta hurt the few in order to help the
>many.
>
>
> >Enron and MCI are shining examples
> > of
> > corporate greed. How many people lost their retirement, their
> > lives?
>
>I'm not endorsing criminal behavior.  Obviously criminal behavior should
>be
>prosecuted to the full extent of the law.
>
>But in the case of Enron, (I know I'm gonna get flamed for saying this),
>but
>I have to say that a big chunk of responsibility needs to be doled out
>to
>the workers themselves.   Obviously not all the responsibility goes to
>them,
>but you simply can't say that they were blameless on this score.
>
>The 'problem', if you will, with the Enron scandal is that a lot of
>workers
>chose to fully stack their 401k's with Enron stock, and then those
>401k's
>tanked as Enron stock tanked. But first of all, nobody's "entitled" to a
>401k - Enron was offering it as a perk. There are millions of Americans
>who
>don't get a 401k or any other kind of re

Re: longest match vs. other metrics [7:41692]

2002-04-16 Thread Jeff Smith 

Sean, the longest match is the first characteristic considered.  So, using 
your example, IOS will choose the route that has the longest prefix match- 
only when they are the same will the decison come down to administratice 
distance between protocols.

P.S.
Due to your connections can I get some Red Sox tickets?


>From: "Sean Wolfe" 
>Reply-To: "Sean Wolfe" 
>To: [EMAIL PROTECTED]
>Subject: longest match vs. other metrics [7:41692]
>Date: Tue, 16 Apr 2002 22:08:54 -0400
>
>Quick question, hope it's not too trivial:
>
>When a router decides to forward a packet based on the longest match
>principle, does this supersede other factors?
>
>For example, if there is a route to network A via EIGRP, but a more 
>specific
>route available via OSPF, does it choose OSPF because of longest match, or
>EIGRP because of lower administrative distance (90 vs. 110)?
>
>Thanks folks, fun reading your posts as always. Wish me luck as I take BCSN
>this week. -Sean.
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41703&t=41692
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: longest match vs. other metrics [7:41692]

2002-04-16 Thread Jeff Smith 

I am under the impression that if a router had more than one route with the 
same prefix length in its database(s) then it would choose the one with the 
lowest AD to place in its routing table.  As in John's example only when the 
prefixes are different are they both in the routing table.  AFAIK, a Cisco 
router will load balance between paths but only when it involves the same 
protocol, it will not load balance between differing ADs.  Please educate me 
if I am incorrect.

Jeff


>From: "Chuck" 
>Reply-To: "Chuck" 
>To: [EMAIL PROTECTED]
>Subject: Re: longest match vs. other metrics [7:41692]
>Date: Tue, 16 Apr 2002 23:05:34 -0400
>
>perhaps I am misunderstanding your answer.
>
>a router always forwards based on the longest match. this is a requirement,
>per RFC 1812.
>
>if there are two or more routes in a routing table of the same prefix
>length, then, in accordance with the rules regarding load sharing, more 
>than
>one route / interface can be used.
>
>admin distance is the tiebreaker a ( Cisco ) router uses when determining
>which routes of identical prefix length, but learned from different routing
>protocols,  to place into the routing table in the first place.
>
>John N's post on this topic is an excellent explanation of the two 
>different
>processes.
>
>Chuck
>
>
>""Jeff Smith""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Sean, the longest match is the first characteristic considered.  So, 
>using
> > your example, IOS will choose the route that has the longest prefix 
>match-
> > only when they are the same will the decison come down to administratice
> > distance between protocols.
> >
> > P.S.
> > Due to your connections can I get some Red Sox tickets?
> >
> >
> > >From: "Sean Wolfe"
> > >Reply-To: "Sean Wolfe"
> > >To: [EMAIL PROTECTED]
> > >Subject: longest match vs. other metrics [7:41692]
> > >Date: Tue, 16 Apr 2002 22:08:54 -0400
> > >
> > >Quick question, hope it's not too trivial:
> > >
> > >When a router decides to forward a packet based on the longest match
> > >principle, does this supersede other factors?
> > >
> > >For example, if there is a route to network A via EIGRP, but a more
> > >specific
> > >route available via OSPF, does it choose OSPF because of longest match,
>or
> > >EIGRP because of lower administrative distance (90 vs. 110)?
> > >
> > >Thanks folks, fun reading your posts as always. Wish me luck as I take
>BCSN
> > >this week. -Sean.
> > _
> > Chat with friends online, try MSN Messenger: http://messenger.msn.com
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41712&t=41692
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security advice - opening ports other than 80 and 443 in [7:42336]

2002-04-23 Thread Jeff Smith 

Try to find out exactly which ports are needed, allowing all IP is 
dangerous.  In terms of what the vendor said about only that box being 
affected- the hacker can gain control of that box and possibly have his way 
with your network from there or use you to spread his treachery.  Key is to 
find out exaclty what is needed and allow nothing else to even reach the 
box.

Jeff


>From: "Brown, M" 
>Reply-To: "Brown, M" 
>To: [EMAIL PROTECTED]
>Subject: Security advice - opening ports other than 80 and 443 in the 
>[7:42333]
>Date: Tue, 23 Apr 2002 11:59:48 -0400
>
>Certain application requires port other than 80 or 443 opened in the
>firewall for inbound and outbound traffic. The firewall was configured to
>allow traffic to that specific server ip address.
>
>The software vendor argues "that the worst scenario could be that hackers
>could bring the server down. No other significant would be possible. "
>
>  Is that true  ?
>
>How risky is that to my network ?  I would like to secure that connection
>using CA from the company and IPSec. The software vendor argues that is not
>necessary.
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42336&t=42336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: does vtp can span the router [7:18545]

2001-09-05 Thread Jeff Smith 

I believe it means that the router will not listen to the vtp messages.  It 
will also not pass them along- it is strictly layer 2.


>From: "Guest" 
>Reply-To: "Guest" 
>To: [EMAIL PROTECTED]
>Subject: does vtp can span the router [7:18545]
>Date: Tue, 4 Sep 2001 23:54:23 -0400
>
>i am reading the cit 4.1 ppt,on page 19,it says
>
>a router will be transparent for VTP(forward messages).
>
>what is that mean?
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18590&t=18545
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: does vtp can span the router [7:18545]

2001-09-05 Thread Jeff Smith 

Does a VTP advertisement have a layer 3 address?  I thought these were only 
heard within a broadcast domain.  How does the router know who to pass these 
to on the other side?


>From: "Priscilla Oppenheimer" 
>Reply-To: "Priscilla Oppenheimer" 
>To: [EMAIL PROTECTED]
>Subject: Re: does vtp can span the router [7:18545]
>Date: Wed, 5 Sep 2001 13:51:37 -0400
>
>A VTP transparent device does not advertise its VLAN configuration and does
>not synchronize its VLAN configuration based on received advertisements.
>However, VTP-transparent devices do forward received VTP advertisements to
>other devices.
>
>I can imagine a situation where a router with VLANs implemented is sitting
>in the middle of a Layer 2 topology and you want the router to be in VTP
>transparent mode so that it passes VTP advertisements onto switches on the
>other side of it. It doesn't seem like a very good design, but it could
>happen.
>
>Priscilla
>
>At 10:19 AM 9/5/01, Guest wrote:
> >I believe it means that the router will not listen to the vtp messages.  
>It
> >will also not pass them along- it is strictly layer 2.
> >pass them along,you mean just transfer it ,right?but i don't know where 
>it
> >go,see my
> >last message,i dont
> >know which vlan can carry vtp,or like cdp-a purely layer 2 protocol,
> >does vtp indepent of vlan,it runs on native vlan??
> >i dont find ways to prove it.
> >anyway ,thanks a lot
>
>
>Priscilla Oppenheimer
>http://www.priscilla.com
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18662&t=18545
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: console port broken, how can i login in router? [7:18651]

2001-09-05 Thread Jeff Smith 

Try setting the baud to 1200 or 2400 and hit the space bar while the router 
reboots (won't be able to see anything on screen).  You will have to guess 
on the time it takes to boot, etc.  Then set your baud back and you should 
have the rommon prompt.  Has worked for me.


>From: "xie rootstock" 
>Reply-To: "xie rootstock" 
>To: [EMAIL PROTECTED]
>Subject: console port broken, how can i login in router? [7:18651]
>Date: Wed, 5 Sep 2001 14:09:41 -0400
>
>i used aux port and telnet for login, but both only can into > mode, and i
>pressed ctrl+break to revise confreg, but not work, it seems the router
>ignore what i pressed.
>
>any segguestion?
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18663&t=18651
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VLAN configuration question [7:18696]

2001-09-05 Thread Jeff Smith 

If I remember correctly you cannot have an ip address on the actual 
interface if you have sub-int's with ip's.  That true?


>From: "Sean Knox" 
>Reply-To: "Sean Knox" 
>To: [EMAIL PROTECTED]
>Subject: VLAN configuration question [7:18696]
>Date: Wed, 5 Sep 2001 17:39:23 -0400
>
>On a Cisco router/switch running IOS with VLAN capabilities (i.e. 8500) can
>a physical interface have an IP address if a subinterface off the same
>physical interface has an IP and is actively participating in a VLAN? i.e.
>
>Router(enable)# conf t
>Router(config)# interface 1/0
>Router(config-if)# ip addr 10.10.10.50 255.255.255.0
>Router(config-if)# interface 1/0.1
>Router(config-if)# ip address 10.10.10.1 255.255.255.0
>Router(config-if)# encapsulation dot1q 15
>
>Are there any problems forthcoming in this setup? I seem to remember there
>was, but I have no equipment to verify this.
>
>Thanks!
>Sean
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18719&t=18696
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New to CCNP [7:18933]

2001-09-07 Thread Jeff Smith 

Cisco suggests Routing, Switching, Remote Access and then Support.  I would 
say that you could take either of the first two initially.


>From: "Tel Khan" 
>Reply-To: "Tel Khan" 
>To: [EMAIL PROTECTED]
>Subject: New to CCNP [7:18933]
>Date: Fri, 7 Sep 2001 05:22:31 -0400
>
>Hi guys i passed my CCNA 2.0, i would like to know which topic i should
>cover 1st? i think i should cover the Routing topic 1st.
>
>Can someone please come back to me on this.
>
>Kind reagrds
>Tel
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18952&t=18933
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX & Citrix/nfuse access [7:18938]

2001-09-07 Thread Jeff Smith 

I am pretty sure that Citrix uses port 1604 also.


>From: "[EMAIL PROTECTED]" 
>Reply-To: "[EMAIL PROTECTED]" 
>To: [EMAIL PROTECTED]
>Subject: Re: PIX & Citrix/nfuse access [7:18938]
>Date: Fri, 7 Sep 2001 10:23:19 -0400
>
>make a static mapping
>
>static (inside,outside)
>conduit permit tcp glbol ip add (citrix port ) 1494 i guess and 80 for web
>
>shd work fine
>- Original Message -
>From: "Matthew Tayler"
>To:
>Sent: Friday, September 07, 2001 2:18 PM
>Subject: PIX & Citrix/nfuse access [7:18938]
>
>
> > Has anybody any experience on how I can allow remote workers using
> > Citrix/nfuse through a PIX to access internal servers please.
> >
> > I have tried using the notes from citrix but they cannot help further 
>and
> > all I get when making the connection is a long delay and timeout.
> >
> > The idea is our home workers go to the site home page and hit a link 
>which
> > redirects them to the Citrix/nfuse server, where they login.
> >
> > I am not a Citrix expert and the in house Citrix guys are saying that 
>any
> > problems are on the PIX. They are talking about kicking PIX out and just
> > using some freebi firewall from microsoft.
> >
> > Any help or config extracts would be appreciated
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18981&t=18938
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Multihoming BGP with two seperate ISP's via single router [7:19361]

2001-09-10 Thread Jeff Smith 

Bob,
Is your PIX default gateway the router in question?  If yes, it should not 
even know what is going on in terms of bgp at the edge.  The bgp changes 
should not affect its routing, as long as there is a path available beyond 
that router when the change occurs, which you said there is.  I have always 
used static routes between PIX-router, are you running a protocol?

Jeff


>From: "Bob" 
>Reply-To: "Bob" 
>To: [EMAIL PROTECTED]
>Subject: Multihoming BGP with two seperate ISP's via single router that 
>[7:19328]
>Date: Mon, 10 Sep 2001 18:01:04 -0400
>
>Hello,
>
>I am multihoming BGP with two seperate ISP's via single router that is
>connected to a PIX.
>When I shutdown the one of my serial ports to one of the ISP's you can
>see the BGP table
>removing paths. All trace's show that the router starts routing to the
>ISP
>that is still active, but all the workstations on the inside of the pix
>interface can no
>longer route. I've read where the PIX Firewall does not support the use
>of BGP, and that I
>could use RIP between them. Does anyone have an example of this
>configuration? My searches
>on this subject within Cisco's knowledgebase have not been very
>successfull. Or if you can
>think of another solution for my setup, please let me know.
>
>Thank you,
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19361&t=19361
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: sub-interface on Ethernet or FastEthernet [7:19394]

2001-09-11 Thread Jeff Smith 

Certainly can.  Used often when routing between vlans when the router is 
external to the switch (non- rsm, msfc, etc)- the old "router on a stick" 
scenario.

>From: "Jimmy Leong" 
>Reply-To: "Jimmy Leong" 
>To: [EMAIL PROTECTED]
>Subject: sub-interface on Ethernet or FastEthernet [7:19394]
>Date: Tue, 11 Sep 2001 06:47:35 -0400
>
>Hi all :
>
> Can anyone enlighten me whether I can create sub-interface on Ethernet
>or FastEthernet.
>
>thanks in advance
>
>regards
>Jimmy
>
>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19402&t=19394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: sub-interface on Ethernet or FastEthernet [7:19394]

2001-09-12 Thread Jeff Smith 

Jimmy,
I don't see why it would not work on an Ethernet interface when it does on 
FastEthernet, but I don't have one to test on right now.  Give it a shot, it 
should work.

Jeff


>From: "Jimmy Leong" 
>Reply-To: "Jimmy Leong" 
>To: [EMAIL PROTECTED]
>Subject: Re: sub-interface on Ethernet or FastEthernet [7:19394]
>Date: Tue, 11 Sep 2001 22:18:43 -0400
>
>Hi Jeff :
>
> Currently I am using cisco 4000  with 2 ethernet port ( 10Base T ) ,
>interface Ethernet 1 got 3 networks ( 2 secondary IP ) , Interface Ethernet
>0 got 1 network. I plan to use sub-interface in interface Ethernet 1 
>instaed
>of secondary IP. Interface Ethenet is connected to hub.
>
>Some people told me that we can only create sub-interface on FastEthernet
>and NOT Ethernet ( 10Base ). Is it true ? What is the minimum IOS version
>should I use ?
>
>
>cheers
>Jimmy
>
>
>
> >From: "Jeff Smith"
> >To: [EMAIL PROTECTED], [EMAIL PROTECTED]
> >Subject: Re: sub-interface on Ethernet or FastEthernet [7:19394]
> >Date: Tue, 11 Sep 2001 12:46:02 +
> >
> >Certainly can.  Used often when routing between vlans when the router is
> >external to the switch (non- rsm, msfc, etc)- the old "router on a stick"
> >scenario.
> >
> >>From: "Jimmy Leong"
> >>Reply-To: "Jimmy Leong"
> >>To: [EMAIL PROTECTED]
> >>Subject: sub-interface on Ethernet or FastEthernet [7:19394]
> >>Date: Tue, 11 Sep 2001 06:47:35 -0400
> >>
> >>Hi all :
> >>
> >> Can anyone enlighten me whether I can create sub-interface on
> >>Ethernet
> >>or FastEthernet.
> >>
> >>thanks in advance
> >>
> >>regards
> >>Jimmy
> >>
> >>
> >>_
> >>Get your FREE download of MSN Explorer at 
>http://explorer.msn.com/intl.asp
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19610&t=19394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco VPN Client [7:19858]

2001-09-16 Thread Jeff Smith 

I believe you will have to enable split tunneling on the concentrator.  With 
this enabled packets destined for networks defined on the concentrator will 
be encrypted and sent to that gateway, and all others will use local 
routing.

Jeff


>From: "George Kallingal" 
>Reply-To: "George Kallingal" 
>To: [EMAIL PROTECTED]
>Subject: Cisco VPN Client [7:19858]
>Date: Thu, 13 Sep 2001 17:31:20 -0400
>
>I have a question about the Cisco VPN Client software and how it binds its
>driver to a network card.
>
>We have an NT server that we are connecting to a remote network using the
>Cisco VPN Client (to a Concentrator 3000, I believe).  Upon connection
>through the VPN, I lose connectivity to the other servers on the local
>network.  Is there a way to maintain the local area connection while
>connected over VPN?  I tried to multi-home the server and unbind the DNE
>driver for one network card, but that just disabled the network card.
>
>Has anyone experienced this before?  Are there any workarounds? Fixes?  Or
>does this require a call to Cisco TAC?
>
>Thanks.
>
>George
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20139&t=19858
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: fasteth relearning address [7:20515]

2001-09-20 Thread Jeff Smith 

If this a trunked linked, make sure you manually set the parameters on each 
end, no auto.  Also, I have seen some servers with teamed nic's try to 
etherchannel and it will flap like that unless the switch is also configured 
for it.  Hope this helps.

Jeff


>From: "TP" 
>Reply-To: "TP" 
>To: [EMAIL PROTECTED]
>Subject: fasteth relearning address [7:20515]
>Date: Thu, 20 Sep 2001 05:29:33 -0400
>
>Dear Group,
>
>I  log into myCatalyst 2924XL  and I  found the following  error 
>message:
>
>%RTD-1-ADDR_FLAP: FastEthernet0/1 relearning 7 addrs per min
>
>How can I proceed to troubleshoot this?
>
>Thanks in advance,
>Teresa
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20607&t=20515
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco VPN Solutions [7:20468]

2001-09-20 Thread Jeff Smith 

Bob,
I have had a couple versions of 3.x on my w2000 machine with no problems at 
all.  Also, I use netzero and it has been good to me so far, 9 months with 
this client.  I would agree that the Concentrator is solid, haven't had to 
touch it for anything except user management, config. for over a year.


>From: "Andras Bellak" 
>Reply-To: "Andras Bellak" 
>To: [EMAIL PROTECTED]
>Subject: RE: Cisco VPN Solutions [7:20468]
>Date: Thu, 20 Sep 2001 10:15:56 -0400
>
>One thing to be aware of - the VPN client doesn't (at least didn't last
>time I looked) support Windows 2000. It also has (once again, possibly
>should be "had") big issues with some ISPs, especially aol and netzero.
>
>I have to agree with the other folks, the concentrator (we have 3
>vpn-3030 systems deployed around the world) is rock solid - I've only
>ever had one hang. The cisco VPN hardware solution is a great fit for
>home offices connecting to the concetrator, and the 806 router also
>works very well.
>
>I've used the client to pix, and while it works fine, it's a real
>p.i.t.a.
>
>Andras
>
>-Original Message-
>From: Neil Borne [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, September 20, 2001 6:33 AM
>To: [EMAIL PROTECTED]
>Subject: RE: Cisco VPN Solutions [7:20468]
>
>
>The better, but more costly choice is the concentrator, you have a lot
>less
>issues to worry about than w/ IOS.Either pay now or pay for it later
>
>P. Neil Borne, CCDA,CCNP and C-voice
>Systems Integrator III
>
>
>
>
> >From: "Hyde, Lori"
> >Reply-To: "Hyde, Lori"
> >To: [EMAIL PROTECTED]
> >Subject: RE: Cisco VPN Solutions [7:20468]
> >Date: Thu, 20 Sep 2001 08:42:52 -0400
> >
> >I've used both the IOS and the concentrator solutions. I have found the
> >concentrator solution to be more expensive, but absolutely rock solid.
>The
> >IOS solution is less expensive, but there are many bugs even with the
> >latest
> >versions. Lots of headaches here. My recommendation: if you have the
>bucks,
> >go with the concentrator. By far the better choice from a maintenance
>and
> >reliablity aspect.
> >Lori
> >
> >-Original Message-
> >From: Bob Johnson [mailto:[EMAIL PROTECTED]]
> >Sent: Wednesday, September 19, 2001 6:46 PM
> >To: [EMAIL PROTECTED]
> >Subject: Cisco VPN Solutions [7:20468]
> >
> >
> >Hi,
> >
> >I'm looking for comments about various Cisco VPN options allowing
>access
> >from a home workstation..
> >As far as I know my options are:
> >
> >1) Cisco PIX accessed by VPN Client 1.1
> >2) Cisco 3000 (or 5000) Concentrator accessed by VPN client 3.1
> >3) Cisco IPsec IOS access by VPN Client 1.1
> >
> >It would seem that option 3 is the most cost effective (assuming you
> >already
> >have the hardware, you just need to purchase the correct IOS)..
> >Anyone with hints/info/caveats?
> >Appreciate any feedback from people actually using the IOS and the VPN
> >client...
> >
> >Thanks
>_
>Get your FREE download of MSN Explorer at
>http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20611&t=20468
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Fiber Trunking.....question? [7:20596]

2001-09-20 Thread Jeff Smith 

Mark, not sure what you mean by putting a pc on a trunk link.  Were the two 
boxes plugged into the same switch at one time and now they are plugged into 
two joined by a trunk?  If so, make sure the config for the two trunked 
ports is consistent.


>From: "Mark Kinley" 
>Reply-To: "Mark Kinley" 
>To: [EMAIL PROTECTED]
>Subject: Fiber Trunking.question? [7:20596]
>Date: Thu, 20 Sep 2001 15:59:26 -0400
>
>Hello All you cisco mentors out there
>I have a question regarding a particular device on an existing network
>that i cannot connect  to after i have set up the trunk.
>
>The device is address 172.21.1.248 ..a reporting system.
>
>I have a p.c on the same network that currently connects to this unit
>daily.
>I have loaded some PBX software onto this p.c. that is extremely
>"Chatty".
>I have been advised to put this device onto this trunked vlan in order
>to "share the load " so to speak.
>I wanna know if anyone has a solution as to how this p.c can still
>communicate to this .248 device after i put it on the trunk?
>isn't there a database of MAC addesss that get's created ?
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20639&t=20596
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN 3005 Conc. & Windows2k Clients [7:21011]

2001-09-25 Thread Jeff Smith 

Make sure that the users are assigned to the right group and that the group 
is configured on the client correctly.  If these connection attempts are 
getting to your Concentrator the live log is pretty good and telling you 
what is going on.


>From: "cisco skin" 
>Reply-To: "cisco skin" 
>To: [EMAIL PROTECTED]
>Subject: VPN 3005 Conc. & Windows2k Clients [7:21011]
>Date: Tue, 25 Sep 2001 12:05:17 -0400
>
>Just curious how you guys have set this up...
>
>I have Win95 and Win2k clients that need to come into a Cisco 3005 VPN
>Concentrator. I've got the Authentication bit down but seem to be having
>trouble with the tunnel side of the house.
>
>What's the best way to set this up... I would rather not mess with digital
>certificates if I don't have to.
>
>Thanks
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21036&t=21011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP network design [7:21019]

2001-09-25 Thread Jeff Smith 

Patrick,
I don't think you will have a choice of passing EIGRP through a firewall 
because I don't think you can do it.  An eigrp packet uses multicast 
addressing and has no layer 3 address.  I would think that a firewall would 
not pass this traffic.


>From: "Patrick Donlon" 
>Reply-To: "Patrick Donlon" 
>To: [EMAIL PROTECTED]
>Subject: EIGRP network design [7:21019]
>Date: Tue, 25 Sep 2001 12:52:28 -0400
>
>Hi everyone
>
>I've got a project where I have to design and implement EIGRP in a small to
>medium sized network of about 50 to 70 routers. One of my main problems is
>what to do with routing updates at the firewalls at each site, should they
>be allowed to pass through the firewall or should statics be used either
>side of the firewalls. Another problem I can see is the routes on the
>firewalls, is there a way to avoid having to type all those route entries 
>in
>them, the network has many discontiguous networks. And one last point is 
>the
>redistribution to the BGP routers at the edge of the network I'm after some
>tips, experiences and URLs so I can read around the subject myself
>
>Regards Pat
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21052&t=21019
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Need Help on pix [7:21135]

2001-09-26 Thread Jeff Smith 

You said everything was working fine.  What changed?


>From: "Rajeev Karamchand" 
>Reply-To: "Rajeev Karamchand" 
>To: [EMAIL PROTECTED]
>Subject: Need Help on pix [7:21135]
>Date: Wed, 26 Sep 2001 09:53:49 -0400
>
>Hi all
>
>I am facing the a strange problem.
>
>All the site were working fine till yesterday.
>
>Now I can just ping from outside both with Ip and
>name. But cannot bring the site from outside with IP
>number and site name. DNS is working fine.
>
>When I move one site out the firewall the site is up
>and running. Is it the problem of the pix.
>
>Any ideas
>
>
>
>
>=
>Rajeev Karamchand
>MCSE,MCSE+I,MCDBA,CCNA
>
>__
>Do You Yahoo!?
>Get email alerts & NEW webcam video instant messaging with Yahoo! 
>Messenger.
>http://im.yahoo.com
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21198&t=21135
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ARP question [7:21920]

2001-10-03 Thread Jeff Smith 

Did the nic card on the server change?


>From: "John McCartney" 
>Reply-To: "John McCartney" 
>To: [EMAIL PROTECTED]
>Subject: ARP question [7:21920]
>Date: Wed, 3 Oct 2001 15:26:09 -0400
>
>I have a question that is bugging me. I have a couple of 6509's that we 
>have
>for customers. One customer wanted me to clear the arp cache so that a
>server would wake up. It worked but it also removed all ARP entries, is
>there a way to remove a single entry?
>
>I'm still kinda puzzled why this fixed the problem. Maybe I'm having a 
>lapse
>of brain power. Any help is appreciated.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21929&t=21920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CertificationZone OSPF I white paper ? [7:23885]

2001-10-23 Thread Jeff Smith 

Phil,
OSPF does not use tcp or udp, which are IP types 6 & 17 respectively or 
vice-versa, it uses IP type 89, not port.

Jeff


>From: "Phil Barker" 
>Reply-To: "Phil Barker" 
>To: [EMAIL PROTECTED]
>Subject: CertificationZone OSPF I white paper ? [7:23885]
>Date: Tue, 23 Oct 2001 09:20:30 -0400
>
>Just finished reading this white paper by Howard and
>have the following points to raise.
>
>Page 8 (A4 wise) last line states : "OSPF does not use
>a transport protocol like UDP or TCP, but runs
>directly over the Data Link Layer". This looks like a
>typo as it runs over IP on port 89.
>
>
>Page 13 presents a table of LSA's type and purpose.
>
>Type 2 (network) states that this LSA can be generated
>by any router. With reference to Doyle, Caslow and RFC
>1247 it appears that this LSA can only be generated by
>the DR for multi-access networks. I appear to have
>confirmed this also in my lab.
>
>Referring to the same table :
>
>Type 4 (ABR) states that the contents route to 'Area
>Border Router' whereas Caslow and RFC 1247 states that
>they route to AS Boundary routers.
>
>Phil.
>
>
>Nokia Game is on again.
>Go to http://uk.yahoo.com/nokiagame/ and join the new
>all media adventure before November 3rd.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23898&t=23885
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: any experince with globalknowledge [7:24869]

2001-11-01 Thread Jeff Smith 

I have taken four courses there- 1 excellent instructor, 2 very good, and 1 
average, all classes taken were for the ccnp track.  Good enough amount of 
equipment per person to play with/configure during labs, but some of the 
stuff was in tough shape, that's a crapshoot though.

>From: "D'Wayne Saunders" 
>Reply-To: "D'Wayne Saunders" 
>To: [EMAIL PROTECTED]
>Subject: any experince with globalknowledge [7:24869]
>Date: Thu, 1 Nov 2001 00:05:28 -0500
>
> >Hi all
> > I am about to do the MCNS course with globalknowledge and was
> >just
> >wondering if any one has any experince with this company or with this
> >course
> >
> >
>
>
>
>
>
>
>D'Wayne Saunders
>Network Administrator
>Ph:08 89507742
>Fax:08 89521112
>Mobile: 0412 832322
>www.lasseters.com.au
>World's First Government Licensed and Regulated Online Casino...
>***
>
>This email message (and attachments) may contain information that is
>confidential to Lasseters Online. If
>you are not the intended recipient you cannot use, distribute or copy the
>message or attachments. In such
>a case, please notify the sender by return email immediately and erase all
>copies of the message and
>attachments. Opinions, conclusions and other information in this message
>and attachments that do not
>relate to the official business of Lasseters Online are neither given nor
>endorsed by it.
>***
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=25018&t=24869
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 3548 [7:25943]

2001-11-12 Thread Jeff Smith 

Chris, the 3548 has nothing to do with layer 3 (aside from its management 
interface) and doesn't know nor care what protocol is being used.


>From: "Chris Fredrickson" 
>Reply-To: "Chris Fredrickson" 
>To: [EMAIL PROTECTED]
>Subject: Catalyst 3548 [7:25943]
>Date: Mon, 12 Nov 2001 10:30:26 -0500
>
>Does the Catalyst 3548 support IPv6? Does anyone know what Cisco IOS 
>support
>IPv6?
>
>Chris
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26054&t=25943
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Serial Interface Down [7:61220]

2003-01-16 Thread Jeff Smith 
You are not getting any Data Carrier Detect (DCD=Down) to the interface.  If 
it uses an external csu/dsu try a loopback from the csu back toward your 
router- if everything goes up then it is a most likley problem with the 
carrier or cable from demarc to your equipment.  I assume this was up and 
running before, but if not try using a T1 crossover from the demarc into 
your csu/dsu (got burned on that before)to see if that gets it going.

Jeff





>From: "Curious" 
>Reply-To: "Curious" 
>To: [EMAIL PROTECTED]
>Subject: Serial Interface Down [7:61220]
>Date: Thu, 16 Jan 2003 19:42:31 GMT
>
>We just noticed the Serial Interface of our CIsco 2600 router is down,
>here is its current status
>
>
>Serial0/0 is down, line protocol is down
>   Hardware is PQUICC with Fractional T1 CSU/DSU
>   Internet address is A.B.C.D
>   MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec,
>  reliability 253/255, txload 1/255, rxload 1/255
>   Encapsulation HDLC, loopback not set
>   Keepalive set (10 sec)
>   Last input 00:27:48, output 00:27:43, output hang never
>   Last clearing of "show interface" counters never
>   Input queue: 0/75/1754 (size/max/drops); Total output drops: 1208
>   Queueing strategy: weighted fair
>   Output queue: 0/1000/64/1191 (size/max total/threshold/drops)
>  Conversations  0/53/256 (active/max active/max total)
>  Reserved Conversations 0/0 (allocated/max allocated)
>   5 minute input rate 0 bits/sec, 0 packets/sec
>   5 minute output rate 0 bits/sec, 0 packets/sec
>  83316984 packets input, 2394378579 bytes, 0 no buffer
>  Received 507747 broadcasts, 0 runts, 2 giants, 0 throttles
>  294 input errors, 201 CRC, 88 frame, 0 overrun, 0 ignored, 4 abort
>  80768969 packets output, 3501265478 bytes, 0 underruns
>  0 output errors, 0 collisions, 60 interface resets
>  0 output buffer failures, 0 output buffers swapped out
>  2 carrier transitions
>  DCD=down  DSR=up  DTR=up  RTS=up  CTS=down
>
>If some one shed any light on it.
>
>thanks,
>
>--
>Curious
>
>MCSE, CCNP
_
Help STOP SPAM: Try the new MSN 8 and get 2 months FREE* 
http://join.msn.com/?page=features/junkmail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61224&t=61220
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]