RE: Privilege mode prompt is > on my routers [7:7154]

[Maness, Drew]

maybe 

prompt router>



-Original Message-
From: Michael Bambic [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 04, 2001 1:58 PM
To: [EMAIL PROTECTED]
Subject: Privilege mode prompt is > on my routers [7:7154]


Students have been using my rack and now I've spent the last 1/2 an hour
trying to figure out why or how my router prompt would be a > after
typing enable and entering the password. I know I'm in privilege mode
because I can do things such as show run etc that you can't do in user
mode.
Hope somebody can help...

Mike Bambic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7156&t=7154
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: anybody ever connected 2600 AUX ports back2back? [7:5844]

[Maness, Drew]

You might just need to clear both lines.  Clear line x  Also are you using a
rollover cable?

-Original Message-
From: Doug Hammond [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 24, 2001 11:04 PM
To: [EMAIL PROTECTED]
Subject: Re: anybody ever connected 2600 AUX ports back2back? [7:5844]


Some thoughts -
Try putting in this command on your async interface: async default routing
Also what type of cable are you using? I've always used the cisco black
cable.
And try to hard-code the rxspeed and txspeed. I never trust auto-select.
Why are you using async65? Wouldn't it be async1?

""NRF""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Well, now I've just tried back2back aux between a 2610 and a 2514.  It
still
> doesn't work, exact same errors as before.
>
>
>
>
> ""NRF""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > So I'm trying to connect the AUX ports of 2 2610's back to back.  I am
> > following a known procedure on CCO where you can connect 2500's AUX
ports
> > back to back.
> > http://www.cisco.com/warp/public/793/access_dial/auxback.html
> >
> > So I follow exactly what they do.  But it doesn't work.  Maybe the
problem
> > is that 2600's don't do back2back aux ports (the CCO example was for
> > 2500's).  But that doesn't make much sense, because why not?  Anyway,
has
> > anybody ever gotten AUX 2600's (or any router for that matter) to
connect
> > back to back?
> >
> > For example, here is the Async config on one of the 2610's.
> >
> > interface Async65
> >  ip address 192.168.10.1 255.255.255.0
> >  no ip directed-broadcast
> >  encapsulation ppp
> >  async dynamic routing
> >  async mode dedicated
> >
> > Here is the aux line config:
> >
> > ine aux 0
> >  modem InOut
> >  transport input all
> >  speed 38400
> >  flowcontrol hardware
> >
> > So I believe that everything is good, it's exactly like the CCO config.
> > Yet, the async interface just keeps bouncing up and down.  For example:
> >
> > r1#
> > 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset
> > r1#
> > 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up
> > r1#
> > 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset
> >
> >
> > Here's what happens when I debug async packet
> > r1#debug async packet
> > Async packet I/O debugging is on
> > r1#
> > 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset
> > r1#
> > 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up
> > r1#
> > 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21
> > 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21
> > 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21
> > r1#
> > 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21
> > 1d19h: APPP65: Input packet, len = 24, header = FF 3 C0 21
> > 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21
> > r1#
> >
> > Here's what happens when I debug async framing
> >
> > r1#debug async framing
> > Async interface framing debugging is on
> > r1#
> > 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset
> > r1#
> > 1d19h: Async65: Reset PPP framing on TTY65
> > r1#
> > 1d19h: Async65: Setup PPP framing on TTY65
> > 1d19h: As65 PPP: Processed packet cached during autoselect
> > r1#
> > 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > r1#
> > 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5911&t=5844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]

[Maness, Drew]

I don't think it is security holes at a lower layer.  Checkpoint installs
what they call a shiv between the network and data link layer to protect the
IP stack.  And if you were to take advantage of OS security flaws you would
be doing it at the Session Layer and above, not the lower layers.


About five years ago it used to be the case the application based firewalls
did not protect the network as well as packet filtering.  But that was
because people didn't really understand what a firewall was. Most people
considered a proxy server as a sort of firewall.

I remember a client telling me they were protected because they used
reserved ip address and M$ proxy.  In fact at the time M$ was marketing
their proxy server as a "poormans" firewall.

But today firewalls protect the IP stack.  And most people know that a proxy
is not a firewall.  So this hardware based is better than software based
stuff does not ring true. 

When someone asks me which is better Pix or Checkpoint, I tell them it
depends. I can find you studies that says Pix has better throughput than
Checkpoint and vise versa. 

The real difference between them is that Checkpoint has a gui interface and
Pix has the o'l command line.  You can pretty much do the same thing with
them, so what it comes down to is what are you or your staff more
comfortable configuring.  Are you a cisco shop, buy the pix, are you an
NT/Unix shop, buy Checkpoint.  Beyond that it is all marketing semantics.   

In fact I have heard, but not seen, that their is a new gui interface for
the Pix.  Anyone used it lately?

I haven't had time to work with it, since I'm preparing for this little know
lab called CCIE or something like that.  What's an IGP? (oh my brain is
starting to hurt...)

-Original Message-
From: Jim Brown [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 04, 2001 7:45 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]


Security holes in lower layers? Where did you come up with that, your Cisco
rep?

-Original Message-
From: Eugene Nine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 03, 2001 5:01 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]


PIX goes up to layer 4, so it won't do things like URL filtering.
Checkpoint (or other SW) can do higher layer protection but may not be as
well at the lower layers (due to security holes in the OS, etc)
Eugene

""Chuck Larrieu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Asked sincerely, what advantages do you see in provisions PIX plus
> checkpoint?
>
> Chuck
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> [EMAIL PROTECTED]
> Sent: Thursday, May 03, 2001 2:47 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
>
> It depends on your security policy , design and needs  , generally what we
> advice our
> customers is checkpoint + pix together
>
> Hatim badr a icrit :
>
> > Hi ,
> >
> > I would like to know the pluses and minuses of each product .  Currently
> We
> > are using checkpoint and I want to convince my management to switch to
> cisco
> > PIX firewall .
> >
> > Thanks
> >
> > Hatim
> >
> > 
> > Get free email and a permanent address at http://www.netaddress.com/?N=1
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3204&t=2878
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame LMI Multicasting [7:2893]

[Maness, Drew]

What is the purpose of LMI Multicasting?  I've seen the "Allows a sender to
transmit a single frame but
have it delivered by the network to multiple recipients. "  But that doesn't
quite cut it.  How would you use LMI multicasting and what is the difference
between the frame interface-dlci broadcast command.  Has anyone tried to use
it in there lab?

Any help would be appreciated.

thanks

Drew




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2893&t=2893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco IOS upgrade security policy [7:1408]

[Maness, Drew]

With the different major IOS releases, 11.1,11.2, 11.3, 12.0, 12.1...,  How
do security vulnerabilities get updated? My question really is this.  Is
running IOS 11.3.11b less secure than the latest release of 12.1?

What is the upgrade policy associated with the IOS version?  Should it be
that if you are running 11.3 you should update to the latest version of 11.3
or is the recommendation to upgrade all the way to 12.1?

Since it looks like different IOS versions along with platform version have
different bugs associated with them, I was just wondering what other peoples
corporate security policy was in relation to the Cisco IOS versions.

Thanks for any insight

Drew




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1408&t=1408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: T1 pinout [7:1297]

[Maness, Drew]

Here you go

http://www.cisco.com/warp/public/471/75.html#command

-Original Message-
From: SH Wesson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 19, 2001 2:18 PM
To: [EMAIL PROTECTED]
Subject: T1 pinout [7:1297]


Anyone know the pinout to a cable that use to connect two fractional T1 
CSU/DSU back to back for testing.  Thanks.

_
Get your FREE download of MSN Explorer at http://explorer.msn.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1309&t=1297
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE Qual...Off-topic [7:1185]

[Maness, Drew]

Since I personally know the person that wrote those test and he is a list
member, I would highly recommend that you purchase them, if you want to use
them.

We have a number of authors, be it books or test, on this list.  That is
what makes it a great list. But they wouldn't be here nor would they be
writing their books/tests if they had to give it away.

Like Stephen said, it is only 60 bucks and as Fred said, "extremely helpful"

My .02

Drew

-Original Message-
From: Fred Danson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 19, 2001 7:17 AM
To: [EMAIL PROTECTED]
Subject: Re: CCIE Qual...Off-topic [7:1185]


If I was you I would buy all three tests. I thought they were extremely 
helpful for the written.

Fred


>From: "Stephen Skinner" 
>Reply-To: "Stephen Skinner" 
>To: [EMAIL PROTECTED]
>Subject: Re: CCIE Qual...Off-topic [7:1185]
>Date: Thu, 19 Apr 2001 06:09:20 -0400
>
>if i remember correctly i got KILLED for mearly suggesting the codes
>stuff .and AM NOT going into it again.THANKFULLY boson have changed
>the way you buy the exams and it is a lot MORE secure...so ...anyway here 
>is
>the code
>
>1. startup the exam and hit the ORDER FULL VERSION button
>2. imput your details
>3. put in credit card number and BUY the thing..
>
>in the long run ...it will save you so much HASSLE(not that at the time i
>didnt DESERVE it)
>
>but if people on the list find out you cracked the exams they are less
>likely to help you.TRUST ME ON THIS
>
>
>it is only $60..
>
>NO FLAMING PLEASE
>
>regards
>
>steve
>
>
> >From: "Henry Rollins"
> >Reply-To: "Henry Rollins"
> >To: [EMAIL PROTECTED]
> >Subject: Re: CCIE Qual...Off-topic [7:1185]
> >Date: Thu, 19 Apr 2001 03:29:07 -0400
> >
> >You can't gather a mere $60 to help you pursue a $1550 exam (with lab)
> >with some hint of legitimacy? That is very sad.
> >
> >Of course MAYBE I'm overreacting and you simply lost your codes for the
> >referenced exams which you have already purchased, and you wish to study
> >RIGHT THIS MINUTE and the B O S O N offices are not open yet for you to
> >get the codes again.  Yeah...that's probably it.
> >
> >Shame on me for thinking such bad thoughts initially --- now where's my
> >crack pipe ;-]
> >
> >
> >Quoting "[EMAIL PROTECTED]" :
> >
> > > Could somebody provide me the signature files of CCIE Qual 1 & 2, for
> > > converting the trial versions of Boson tests ?
> > >
> > > If you want to take it offline, reply.
> > >
> > > -a CCNP
> > >
> > > -
> > > Get free personalized email at http://email.lycos.com
> > > FAQ, list archives, and subscription info:
> > > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> >
> >--
> >FREE ANONYMOUS EMAIL!  Sign up now.
> >http://www.subdimension.com/freemail
> >FAQ, list archives, and subscription info:
> >http://www.groupstudy.com/list/cisco.html
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>FAQ, list archives, and subscription info: 
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get your FREE download of MSN Explorer at http://explorer.msn.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1233&t=1185
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame Relay switching [7:435]

[Maness, Drew]

I've also noticed that if you don't use the intf-dce command on the switch,
regardless of whether the switch interface is or is not dce, you will not
get lmi to work properly.

-Original Message-
From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 13, 2001 9:30 AM
To: [EMAIL PROTECTED]
Subject: RE: Frame Relay switching [7:435]


Once again, to clarify:

The interface with the DCE end of the cable is the interface that requires
the clock rate configured.

This may be different than the interface that has the frame-relay intf-type
DCE

Frame relay intf-type dce does NOT require clock rate and does NOT require
the DCE end of the cable. The difference is the physical versus the logical
DCE.

If you were to configure two Cisco routers back to back NNI, one of those
routers would still require the clock rate set.

A minor point, but one most misunderstood.

Chuck

-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent:   Thursday, April 12, 2001 11:45 PM
To: [EMAIL PROTECTED]
Subject:RE: Frame Relay switching [7:435]

Thomas,
On fr switch, dce side needs clock rate defined.  If your interface is dte,
simply assign clock rate on the dce side of other router (but of couse you
must swap the dce-dte cable).  No matter what you use, you may just use
frame intf-type dce on the fr switch.  This gives you the ability to define
"frame route" which is what you want on the fr switch, right ?

YY

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Thomas
Sent: Friday, April 13, 2001 9:12 AM
To: [EMAIL PROTECTED]
Subject: Frame Relay switching [7:435]


Hi All - I am setting up my 2501 router as a frame-relay switch.  I succeed
when setting both of its serial as DCE interfaces.  However, I failed to
have one serial acts as a DCE and one acts as a DTE.  Is it possible to
specify a switch as a "frame-relay" switch and have one of its serial acting
as a DTE interface (and assign IP address...) ???  Thanks All
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=533&t=435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE:

[Maness, Drew]

Can you identify the type of DOS.  What IOS is he running? If this is a
known bug is there a cisco bug track ID on it?

Thanks

Drew

-Original Message-
From: Sean Young [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 28, 2001 2:57 PM
To: [EMAIL PROTECTED]
Subject: 


Hi everyone,
I have a story that wish to share with everyone.  One of my friends
works for a company that uses Cisco PIX as the firewall.  This afternoon,
he called and told me that the company firewall is experiencing a Denial
of Service (DOS) attack.  The attack is so heavy that the PIX is just
simply gives up.  The company contacts Cisco and the TAC told my friend
that there is a bug in the Cisco PIX code and he will have to wait a
few days for the new code to arrive.  Frustrated, he decides to use his
workstation which is running NetBSD, put in an extra NIC, shutoff all
essential services but SSH and netfilter.  Amazingly, the new BSD
firewall withstand the DOS and connectivity is restored.

The point of the story.  Not everything from Cisco is good.  Their code
is just buggy as everyone else.  Just because it carries the name Cisco
doesn't mean it is safe.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Off Topic: Any interest in new Sniffer Certification?

[Maness, Drew]

Before we had all the great books that we had today, the SnifferU courses
were a great source for information.  A lot of the low level stuff that it
is hard to find information on, like what is B8ZS, how does it work and how
does it differ from D4AMI.  


I don't know if I'll go for the certification but I'm glad to see they are
bringing it back.  It is definatly worth a look. 
-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 07, 2001 9:10 AM
To: info; [EMAIL PROTECTED]
Subject: Re: Off Topic: Any interest in new Sniffer Certification?


It was a very interesting post. The poster probably should have used a 
private e-mail address so it wouldn't appear to be marketing spam, but it 
was still a relevant and important piece of news for the clueful people on 
the list.

Priscilla

At 06:00 AM 3/7/01, info wrote:
>Eh, big deal. The original post's header indicated it was
>Off topic. Plenty of threads on this list are about non Cisco
>certifications. Protocol Analysis is a skill reserved for experts.
>Some people on this list are CNX certified which is a certification
>being superceded by the new cert program.it will be interesting
>to see how they react to the new program.
>Therefore the post has relevance to the list.  Even if it came
>from Sniffer's Marketing team, it wouldnt change that.
>
>.personally, I think protocol analysis is going to be extremely
>important in Wireless environments as a security measure.
>
>
>
>Andy <[EMAIL PROTECTED]> wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > Gee, thanks for spamming a Cisco cert list with your marketing jizz
> > propaganda crap press release. If you want to spam a cert list, start
your
> > own..
> >
> >
> >
> >
> >
> > On Tue, 6 Mar 2001, info wrote:
> >
> > > http://biz.yahoo.com/prnews/010305/sfm057.html
> > >
> > > Was wondering if any of you had comments or interest
> > > in the new Sniffer Cerficication just announced.  See
> > > link above or article below.
> > >
> > >
> > > Sniffer Certification Program to Accredit IT Professionals With
>First-Class
> > > Troubleshooting and Protocol Analysis Skills for Managing Enterprise
> > > Networks
> > >
> > > SANTA CLARA, Calif., March 5 /PRNewswire/ -- Sniffer Technologies, a
> > > business unit of Network Associates (Nasdaq: NETA - news), today is
>setting
> > > a worldwide standard by introducing its IT certification program for
>network
> > > management called the Sniffer Certified Professional Program (SCPP).
>While
> > > meeting the industry's demand for network professionals with
>vendor-specific
> > > certification, the SCPP will identify IT professionals with
first-class
> > > Sniffer-specific troubleshooting and protocol analysis skills to
protect
>and
> > > optimize networks across the enterprise.
> > >
> > > Developed through close collaboration with Sniffer University, the
>Sniffer
> > > Certified Professional Program will help employers identify
>professionals
> > > within their organizations who are equipped with the knowledge and
>skills to
> > > implement, operate and troubleshoot networks effectively. At the same
>time,
> > > SCPP will provide network professionals industry-recognized
>accreditation as
> > > experts in their field.
> > >
> > > ``The rapidly changing landscape of internetworking technologies is
>creating
> > > a shortage of qualified, trained professionals to manage
>business-critical
> > > networks,'' said Rich Baich, Director of Sniffer University's
>Educational
> > > Services, Sniffer Technologies. ``Companies recognize the critical
role
> > > network availability plays in the success of their business, and the
>Sniffer
> > > Certified Professional Program ensures they have trained professionals
>to
> > > ensure maximum uptime of their network.''
> > >
> > > The Sniffer Certified Professional Program was developed using proven
> > > psychometric processes to create quality tests targeted at network
> > > professionals with in-depth knowledge of Sniffer technologies and
> > > significant hands-on experience in real world environments. Each exam
>tests
> > > objectives and content that maps to Sniffer University's existing
>curriculum
> > > ensuring clear learning paths between product and technology emphasis
>areas.
> > >
> > > The Sniffer Certified Professional program consists of three levels.
The
> > > first level, the Sniffer Certified Professional (SCP), includes a
>60-minute
> > > required core exam designed to test a candidate's knowledge in the use
>of
> > > Sniffer Technologies' network analyzer. The SCP credential is the
basis
>for
> > > the entire program.
> > >
> > > The following levels, the Sniffer Certified Expert (SCE) and the
Sniffer
> > > Certified Master (SCM), evaluate a candidate's knowledge in their
choice
>of
> > > a combination of other Sniffer products and technologies in various
> > > networking environments. Additional SCPP exams validate skills for
>products

RE: IPSec, IKE, VPN study resources?

[Maness, Drew]

For a starting out point I would recommend Enhanced IP Services for Cisco
Networks by Donald Lee.  He does a great job explaining how cisco handles
IPSEC and IKE.

Next I would recommend Cryptography and Network Security - Principles and
Practice by William Stallings.  Probably the best free book I received from
cisco.  (Besides Small Business Networking for Dummies--I keep it smack dab
in the middle of all my cisco/networking books.  You should see peoples
faces when they come across it ;)

After that you should probably head to the RFC's: (God I'm starting to sound
like Howard :)
RFC2104 Hashing
RFC2402 AH
RFC2406 IPSec ESP
RCF2405
RFC2408 ISAKMP
and a bunch more

Have fun

Drew

-Original Message-
From: Brian Lodwick [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 8:40 AM
To: [EMAIL PROTECTED]
Subject: IPSec, IKE, VPN study resources?


Group,
   Can anyone out there help me out. I am trying to find resources for 
study. I want to get learn as much as possible about IPSec and VPN 
technology. I would like to see if anyone knows of some good resources to 
learn more about this kind of stuff  -IPSec tunnel and transport modes, 
Security Associations, ISAKMP\OAKLEY process, The Diffie-Hellman algorithm, 
and ...

What I would really like to find is a book that gets right into the guts of 
it and goes through it inside and out. I'd also like to learn the  history, 
and where the forefront is trying to push this technology.
If anyone knows of any resources they have found helpfull I would really be 
gratefull for your response.
Thanks in advance guys-

>>>Brian
_
Get your FREE download of MSN Explorer at http://explorer.msn.com

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NM-1E

[Maness, Drew]

Cisco now offers a WIC-1E for the 1600, 1700, 2600, and 3600.  It retails
for $238 USD on cdw.com  It is only 10mb

Hope that helps

Drew 

-Original Message-
From: Christopher M. Heffner [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 7:22 AM
To: Gary Marsh; Kevin Wigle; Jim Brown; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: NM-1E


If you only the 2610 then you might want to think about selling or
swapping the 2610 for a 2611 instead.  It might be cheaper in the long
run.

I found out the hard way last week that any Lan module with the wic
slots are NOT support by Cisco in the 2600 family.  I was trying to add
more serial interfaces to my 2621 last week to simulate the ANEW 2 labs.

Cisco says only the NM-1E or NM-4E is support in slot 1 for LAN modules.


My choices were to use either the NM-2W module for my serial interfaces
or to upgrade from the WIC-1T cards to the WIC-2T or WIC-2AS cards or
use my 3640 instead.

Good Luck,

Christopher M. Heffner
IMCR Course Director
Certified Cisco Systems Instructor
CCSI, MCT, MCNI, CLI, ASE, CTT, A+
[EMAIL PROTECTED] 


-Original Message-
From: Gary Marsh [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 6:35 AM
To: Kevin Wigle; Jim Brown; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: NM-1E


If you live in the UK, then check out www.prodec.co.uk, telephone 01344
86 they will more than likely negotiate a good deal for you from
their
range of second hand Cisco kit.

Gary

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kevin
Wigle
Sent: Saturday, February 24, 2001 6:47 AM
To: Jim Brown; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: NM-1E

well there is the NM-4E (4 ethernet ports) but if you think the
1E
is expensive don't look there.


- Original Message -
From: "Jim Brown" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, 23 February, 2001 13:35
Subject: WTB: NM-1E


>
> Sorry for posting this here, but I thought is semi-appropriate. This
is
gear
> for my home lab.
>
> I'm looking for an Ethernet module for a 2600 series router and I
think
this
> is the only one that is supported.
>
> I have checked E-bay for a while and there are none to be found.
>
> Can anyone help me out, retail hurts!


___
To unsubscribe from the CCIELAB list, send a message to
[EMAIL PROTECTED] with the body containing:
unsubscribe ccielab

___
To unsubscribe from the CCIELAB list, send a message to
[EMAIL PROTECTED] with the body containing:
unsubscribe ccielab

___
To unsubscribe from the CCIELAB list, send a message to
[EMAIL PROTECTED] with the body containing:
unsubscribe ccielab

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: FR + Poison Reverse...

[Maness, Drew]

OSPF does use Split horizon.  I don't think OSPF uses PR because PR sets the
route to infinity and I'm not sure what an ' infinity' cost would mean in
OSPF.

-Original Message-
From: Z [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 12:47 AM
To: Brian; [EMAIL PROTECTED]
Subject: Re: FR + Poison Reverse...


But I thought that I'd seen or heard of using split horizon with
OSPF...maybe I'm thinking of Frame Relay...long day I guess...


This has been an Eyez Only streaming e-mail broadcast...We are watching.

NetEyez ~ CCNP, CCDA

- Original Message -
From: "Brian" <[EMAIL PROTECTED]>
To: "Z" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, February 27, 2001 1:16 AM
Subject: Re: FR + Poison Reverse...


>
>
> split horizon and PR are both associated with distance vector protocols,
> OSPF is a link state protocol.
>
> Brian
> On Mon, 26 Feb 2001, Z wrote:
>
> > Hey Group,
> > I recently pondered something while at work and nobody could give me
a
> > strait answer. Actually I feel a little embarrassed asking this due to
me
> > being an NP and I feel like I should know this. Guess this type of thing
> > doesn't come up much around me. Question is: Can poison reverse (PR) be
used
> > with OSPF? I know split horizon is used with it but I just cant see
why/how
> > poison reverse would. My definition of PR is that it sets the link to
the
> > max hop count and deems it unreachable, hence the term poison. I can't
see
> > how this would work with  OSPF because it doesn't use a hop count. Maybe
I'm
> > confused about PR. Does it set the link to the highest metric, and not
hop
> > count? Maybe I'm just used to hearing about PR in discussions of RIP
that
> > I'm assuming it set the hop count to the highest and has nothing to do
with
> > metric. Any clarity would help, thanks all...
> >
> > ...sorry for the rambling...
> >
> > 
> > This has been an Eyez Only streaming e-mail broadcast...We are watching.
> >
> > NetEyez ~ CCNP, CCDA
> >
> >
> >
> > _
> > FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> ---
> I'm buying / selling used CISCO gear!!
> email me for a quote
>
> Brian Feeny,CCDP,CCNP+VAS Scarlett Parria
> [EMAIL PROTECTED] [EMAIL PROTECTED]
> 318-222-2638 x 109318-222-2638 x 101
>
> Netjam, LLC   http://www.netjam.net
> 1401 Oden St.
> Suite 18
> Shreveport, LA 71104
> Fax 318-221-6612
>
>

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: back-to-back cable AGS+ and 2523

[Maness, Drew]

On the AGS, unlike the 2500's and above, the DTE, DCE setting is actually a
jumper on the serial card.  You will have to go in and remove the card and
set/verify the jumpers.

This link will provide you the correct jumper settings.  More than likely it
is set for DCE, the default

http://www.cisco.com/univercd/cc/td/doc/product/core/cisagspl/agscfig/34084.
htm#xtocid2857013

Let me know if you have any other questions.  I have two AGS running in my
lab.  One for a frame-switch.  The other is pretending to be a 2502 until I
can purchase one.

Regards,

Drew

-Original Message-
From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 8:04 AM
To: 'ciscojolof'; [EMAIL PROTECTED]
Subject: RE: back-to-back cable AGS+ and 2523


Do a "show controllers s 4" on the 2523 to verify that the router sees a DCE
cable.

I have no experience with the AGS+. However, some serial ports are sync
while others are async. Which ones do you have?

> -Original Message-
> From: ciscojolof [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 27, 2001 8:59 AM
> To: [EMAIL PROTECTED]
> Subject: back-to-back cable AGS+ and 2523
> 
> 
> HI guys,
> 
> I have a problem having my AGS+ (DB26 DTE) talk to my 2523 (DB60 DCE).
> I purchased a custome cable and tried to have it work in vain.
> 
> THe configs are as follow
> 
> 
> Router_2523 is DCE (provides clocking at 56000)
> 
> 
> 
> 
> 
> 
> Router_AGS+#sh int s3
> Serial3 is up, line protocol is down
>   Hardware is MCI Serial
>   Internet address is 172.17.10.4 255.255.255.0
>   MTU 1500 bytes, BW 56 Kbit, DLY 2 usec, rely 255/255, load 1/255
>   Encapsulation HDLC, loopback not set, keepalive set (10 sec)
>   Last input never, output 0:00:20, output hang never
>   Last clearing of "show interface" counters never
>   Input queue: 0/75/0 (size/max/drops); Total output drops: 0
>   Output queue: 0/64/0 (size/threshold/drops)
>  Conversations  0/1 (active/max active)
>  Reserved Conversations 0/0 (allocated/max allocated)
>   5 minute input rate 0 bits/sec, 0 packets/sec
>   5 minute output rate 0 bits/sec, 0 packets/sec
>  0 packets input, 0 bytes, 0 no buffer
>  Received 0 broadcasts, 0 runts, 0 giants
>  1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort
>  1258 packets output, 28716 bytes, 0 underruns
>  0 output errors, 0 collisions, 429 interface resets, 0 restarts
>  0 output buffer failures, 0 output buffers swapped out
>  841 carrier transitions
> Router_AGS+#
> 
> Router_2523#sh int s4
> Serial4 is up, line protocol is down
>   Hardware is CD2430 in sync mode
>   Internet address is 172.17.10.2/24
>   MTU 1500 bytes, BW 115 Kbit, DLY 2 usec, rely 255/255, 
> load 88/255
>   Encapsulation HDLC, loopback not set, keepalive set (10 sec)
>   Last input 00:00:00, output 00:00:00, output hang never
>   Last clearing of "show interface" counters never
>   Input queue: 1/75/0 (size/max/drops); Total output drops: 0
>   Queueing strategy: weighted fair
>   Output queue: 0/1000/64/0 (size/max total/threshold/drops)
>  Conversations  0/2/256 (active/max active/max total)
>  Reserved Conversations 0/0 (allocated/max allocated)
>   5 minute input rate 4 bits/sec, 200 packets/sec
>   5 minute output rate 4 bits/sec, 200 packets/sec
>  1093746 packets input, 24255326 bytes, 0 no buffer
>  Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
>  119 input errors, 119 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>  1094957 packets output, 24283752 bytes, 0 underruns
>  65 output errors, 0 collisions, 443 interface resets
>  0 output buffer failures, 0 output buffers swapped out
>  776 carrier transitions
>  DCD=up  DSR=up  DTR=up  RTS=up  CTS=up
> 
> 
> 
> Router_2523#
> 
> 
> _
> FAQ, list archives, and subscription info: 
> http://www.groupstudy.com/list/cisco.html
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]
> 

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Can someone interpret this please? - an Update

[Maness, Drew]

I have also received a call from one of our level one support staff that was
trying to move a user computer from one side of the office to the other.  It
seems that the computer worked when they were on one side of the room but
when they moved it to the other side of the room it could not get on the
network.  They were using the same port but in order for them to set up the
computer on the other side of the room they had used a longer patch cable.
It seems the longer cable put them over 325 feet.

Since this office was only roughly 75 feet from the wiring closet, I had a
cable guy come out and look at the run.  Seems who ever put in the first
cable, for some reason, left 200 and some odd feet of cable coiled up in the
ceiling.  

-Original Message-
From: Tony van Ree [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 26, 2001 1:50 PM
To: John Neiberger; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Can someone interpret this please? - an Update


Hi All,

When they refer to long they often mean 'real long'.  I once looked at a
faulty LAN in this case the servers were falling of the end.  They got
smmart moved the servers out of the computer room and into the middle of the
physical LAN this helped slightly.  Eventually the rang me and I had a look.
Straight away I saw late collision type things (I picked up on the CRC's and
Fragments).  A cable scan showed 450+ meters on a 10Base2 segment.

What had happened was someone tied two segments together with a bit of thin
cable about 50 metres long.  Also the site used AMP outlets and the spare
fly leads were still inserted in the sockets.

A repeater and removal of about 100 meters of cable fixed the issue.


These days you won't see this type of problem.

Teunis
Hobart, Tasmania
Australia


On Monday, February 26, 2001 at 01:19:29 PM, John Neiberger wrote:

> I don't remember this thread, but I wanted to chime in.  This one time
> (at band camp) we had a file server connected to a hub, but someone set
> the server to full duplex.  This was wreaking all sorts of havoc on the
> LAN.  I noticed the large number of late collisions but I didn't know
> what that indicated.  Thanks to someone on this list, I checked the
> duplex settings and voila, that was it.
> 
> I've read many times that late collisions are often caused by extra
> long ethernet cables, but I've never experienced that.  I have, however,
> experienced the duplex-caused late collisions many times.  I have to
> keep a close eye on the LAN guys around here.  
> 
> >>> "Kevin Wigle" <[EMAIL PROTECTED]> 2/26/01 12:59:01 PM >>>
> Group,
> 
> An update on that late-collision issue I brought to the list a while
> back.
> 
> Finally got to talk to a tech with my ISP today and we worked through
> the
> circuit.
> 
> It seems the half-duplex / full-duplex answer wins the prize.
> 
> At first they tried to get me to verify my router's settings and as I
> have
> done many times before, a sh int e0/1 indicated that the interface was
> not
> full-duplex.
> 
> But he wanted me to give a command to change it to half-duplex "just to
> see
> what happens".
> 
> But I suggested he do it on his end first - "just to see what
> happens".
> 
> In the meanwhile we were monitoring the router interface with sh int
> and
> observing console errors.
> The console was constantly spewing out transmit errors - late
> collision.
> 
> The sniffer was seeing significant alignment errors.
> 
> Anyway, he "does something" and immediately the console stops
> scrolling
> errors.
> 
> amazing..
> 
> So, we're going to stress this circuit a bit before letting them close
> the
> ticket.
> 
> It seems they paid more attention when we said we had a sniffer on the
> line.
> 
> thanks for all the responses!
> 
> Kevin Wigle
> 
> 
> 
> _
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html 
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> 
> 
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> 


--
www.tasmail.com


_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Here's an easy one

[Maness, Drew]

Multicast MAC address' have the second bit odd.  That is 01- or 03- to 0f- 

The 01-00-5E (I believe) is the multicast address assigned(?) to CGMP/IGMP



-Original Message-
From: Jack Williams [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 23, 2001 10:47 AM
To: Williamson, Paul; [EMAIL PROTECTED]
Subject: RE: Here's an easy one


I'm sure the group will tell me if I put my foot in my mouth, but:

Multicast *destination* MAC addresses start with 01-00-5E

--Original Message--
From: "Williamson, Paul" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Sent: February 23, 2001 3:23:34 PM GMT
Subject: Here's an easy one


Ok so we know how to convert a multicast ip into a mac, how about the
reverse.

I got a syslog message that made me curious:-
"invalid traffic from multicast source address 0f:37:59:6f:df:0d"
and i thought well i wonder what ip address that would be but i couldn't
figure out the first octet.

Should all multicast mac addresses start with 01-00-5e ??
Is this mac address invalid ?

Anyone ?
Thanks
-Paul


PLEASE READ: The information contained in this e-mail is confidential
and intended for the named recipient(s) only. If you are not an intended
recipient of this email you must not copy, distribute or take any
further action in reliance on it and you should delete it and notify the
sender immediately. Email is not a secure method of communication and
Nomura International plc cannot accept responsibility for the accuracy
or completeness of this message or any attachment(s).  Please check this
e-mail for virus infection, for which Nomura International plc accepts
no responsibility. If verification of this email is sought then please
request a hard copy. Unless otherwise stated any views or opinions
presented are solely those of the author and do not represent those of
Nomura International plc. This email is intended for informational
purposes only and is not a solicitation or offer to buy or sell
securities or related financial instruments. Nomura International plc is
regulated by the Securities and Futures Authority Limited and is a
member of the London Stock Exchange.

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

 

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Strange problem with Cisco 2501 routers

[Maness, Drew]

Do you have a TFTP server on the segment maybe with a file net-conf?  It
could be pulling a bad configuration file from a tftp server.  Also it might
be trying to pull a IOS image from a TFTP server that is not there.  It
might have a boot system tftp command in the config.  I assume you just got
these and you are experiencing the problem.

Try going into ROM mode and change the Configuration register to ignore the
start up config file (confreg 0x142).  reload the router and see what the
config look like.  I have a feeling it is looking for something off a TFTP
server.  If you want you can make a copy of the config and then do a write
erase.  Change back the Config Register to 0x2102 (Router#config-reg
0x2102).  Reload the router and see if you get the same error.

Hope this helps

Drew

-Original Message-
From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 07, 2001 7:31 AM
To: 'John Neiberger'; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: Strange problem with Cisco 2501 routers


You're right, but I think he is talking about the UPDOWN messages.

This could be due to a "shutdown" line in each interface, but it would help
to see the configuration.

Ole


 Ole Drews Jensen
 Systems Network Manager
 CCNA, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
 http://www.CiscoKing.com

 NEED A JOB ???
 http://www.oledrews.com/job




-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 07, 2001 9:17 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Strange problem with Cisco 2501 routers


The only startup errors evident in this output is this:

> Unknown or ambiguous service arg - udp-small-servers
> Unknown or ambiguous service arg - tcp-small-servers
> Illegal IP keyword - classless

You're probably seeing this because you are running IOS 11.1(7), but your
config is pasted in from a router running at least 11.2.  11.1(7) apparently
doesn't understand these lines:

service udp-small-servers
service tcp-small-servers
ip classless

You can upgrade your IOS or remove those lines from your config.  The status
messages about the interfaces are not strange in any way.  They look quite
normal, assuming the ethernet port was connected to something but the serial
ports were not.

HTH,
John


> 
> 
> Hi Folks,
> 
> I have a few Cisco 2501 routers all eith the same
> startup problem. On startup, the routers behave
> normal, but after the "Press RETURN to get started"
> message, the routers come up with errors about the
> ethernet and serial interfaces, restarts and then hang
> up completely.
> 
> Thinking that the problem may be with the DRAM, Flash
> or software, I have replaced these with ones from
> other Cisco 2501 routers in good working condition,
> but the problem remained the same. The typical output
> from these routers is as shown at the end of this
> posting.
> 
> Any good ideas will be appreciated.
> 
> Thank you.
> 
> 
> 
> 
> System Bootstrap, Version (3.3), SOFTWARE
> Copyright (c) 1986-1993 by cisco Systems
> 2500 processor with 4096 Kbytes of main memory
> 
> Unknown or ambiguous service arg - udp-small-servers
> Unknown or ambiguous service arg - tcp-small-servers
> Illegal IP keyword - classless
> Booting ie11170n from Flash address space
> F3: 3731220+95304+191716 at 0x360
> 
>   Restricted Rights Legend
> 
> Use, duplication, or disclosure by the Government is
> subject to restrictions as set forth in subparagraph
> (c) of the Commercial Computer Software - Restricted
> Rights clause at FAR sec. 52.227-19 and subparagraph
> (c) (1) (ii) of the Rights in Technical Data and
> Computer
> Software clause at DFARS sec. 252.227-7013.
> 
>cisco Systems, Inc.
>170 West Tasman Drive
>San Jose, California 95134-1706
> 
> 
> 
> Cisco Internetwork Operating System Software
> IOS (tm) 3000 Software (IGS-I-L), Version 11.1(7),
> RELEASE SOFTWARE (fc2)
> Copyright (c) 1986-1996 by cisco Systems, Inc.
> Compiled Wed 23-Oct-96 20:37 by tej
> Image text-base: 0x0301FC14, data-base: 0x1000
> 
> cisco 2500 (68030) processor (revision A) with
> 4096K/2048K bytes of memory.
> Processor board ID 01091217, with hardware revision
> 
> Bridging software.
> X.25 software, Version 2.0, NET2, BFE and GOSIP
> compliant.
> 1 Ethernet/IEEE 802.3 interface.
> 2 Serial network interfaces.
> 32K bytes of non-volatile configuration memory.
> 4096K bytes of processor board System flash (Read
> ONLY)
> 
> 
> 
> Press RETURN to get started!
> 
> 
> %LINEPROTO-5-UPDOWN: Line protocol on Interface
> Ethernet0, changed state to down
> 
> %LINEPROTO-5-UPDOWN: Line protocol on Interface
> Serial0, changed state to down
> %LINEPROTO-5-UPDOWN: Line protocol on Interface
> Serial1, changed state to down
> %LINK-3-UPDOWN: Interface Ethernet0, changed state to
> up
> %LINK-3-UPDO

Pix Bootp relay or IP forwarding

[Maness, Drew]

Is there a way to do bootp relay through a pix box; something similar to the
IP forwarding in the router?

The scenario:  corporate network with a pix box separating separate areas of
the corporate network.  Problem is one side has the DHCP server on it and we
need clients on the other side to receive dhcp addresses.  How can I do
this?

After looking at CCO I think it can't be done.  I know there is a DHCP
Client and a minimal DHCP server with release 5.2

thank guys and gals

Drew

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: **SLA help

[Maness, Drew]

www.sans.org is a good place to start. Do a search on Policy or Acceptable
Use Policies.

Another good place is:
http://www.eff.org/pub/CAF/policies/

This site list some policies from different educational institutions.

Regards,

Drew Maness
Information Security Engineer
Veritect
www.veritect.com

-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 28, 2001 2:09 PM
To: [EMAIL PROTECTED]
Subject: Re: **SLA help


The sort of topics you are looking for are more likely to be under 
corporate security policies, or Acceptable Use Policies, than SLAs. 
SLAs tend to be concerned with how fast/reliably something can be 
done, rather than whether it is permissible or not.


>
>Deepak Sharma wrote:
>
>>  Hello all
>>
>>  Im making a SLA ( Service level agreement ) with my users in my region.
>>  Something along the lines of what type of internet browsing is allowed.
>>  What you are allowed to download and such
>>
>>  and also something on how fast my IT dept. is going to be answering to
>>  user problems and requests.
>>
>>  I recall someone posting a link of a web site where it had some examples
>>  of these type of documents.  Plus any type of other help will be greatly
>>  appreciated.
>>
>>  thanks
>  > Deepak
>>

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IGS-R image

[Maness, Drew]

I have an old IGS-R that I'm trying to get up in my lab.  The eprom has IOS
9.  While it has been fun using IOS 9 I would like to use a more up to date
IOS.  At least IOS 11.0.

But I can't figure out which IOS to use. Cisco does not list the IGS on
their software site.  Also this thing has no flash so I am trying to netboot
it.  I downloaded a couple of 11.1 images but it is not working.  It only
has 4 mb of Ram. 

Can anyone point me to the right image.  I thought the IGS used the same
image as the earlier 2500 but when I netboot those I get a buffer overflow
error.

Thanks for your help
Drew

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cascading Switches

[Maness, Drew]

I've looked through the archives as well as on CCO but could not find a
definite answer to the limit of "cascading" switches, specifically catalyst
2900's.  I saw the discussion earlier this year/last year that talked about
the difference between "cascading" and "stacking".  I'm not looking for
shared management (stacking) but just how many switches can I cascade
together to get the highest port concentration. Just a simple (or bad
network design)of one switch to another to another to N... because I ran out
of ports and do not want to by a real switch scenario How many can I
connect?

My first reaction to this question was that it had to be limited by the CAM
of each switch but can't find an answer.  Again it is for the 2900 series
switch.

Thanks

Drew

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: I'm stumped! (was EIGRP over ISDN) LONG

[Maness, Drew]

Your hold times look to be way low.
>From your example a hold of 12 would indicate a high bandwidth interface
such as Ethernet, FDDI or token ring.  On this router I would bet that the
hold time is set to 5.

H   Address Interface   Hold Uptime   SRTT   RTO  Q  Seq
(sec) (ms)   Cnt Num
0   10.120.226.1BR0/0 12 00:00:380  5000  1  0

Try setting the hold time with the ip eigrp hold-time interface command to
60 and set the ip eigrp hello-interval to 180

Hope that helps

Drew



-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 03, 2001 7:51 AM
To: [EMAIL PROTECTED]
Subject: I'm stumped! (was EIGRP over ISDN) LONG


I'm reposting this in the hopes that someone who didn't see it before might
have some ideas about this.  Heck, SWAGs, educated guesstimates, or
telephone psychic impressions are also welcome.  We are completely stumped
about how to resolve this.  I've even posted this question on the CCO Q&A
Forum but I don't think anyone has been answering questions on there lately.

Here is the problem:  we have an ISDN BRI backup link between two sites, and
we want to run eigrp over the link when it's in use.  The problem is that
even though the line is not flapping, eigrp is behaving as if it were
flapping.  My side NEVER sees hellos from the other side, but it does
receive updates.  The other side receives my hellos, but it thinks the link
is bouncing and that my router is intermittently unavailable.  My side never
establishes the other as a neighbor.

I've used every debugging command I can find to no avail.  Nothing is giving
me any information that I don't already know.  We have no access lists
configured, except for distribute lists but that shouldn't affect neighbor
relationships, should it?

Here is sample debug output (debug eigrp neighbors and debug eigrp packet):

3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up

3d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to up 
3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2  

3d01h:   AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 

3d01h: EIGRP: Neighbor(10.120.226.2) not yet found  

3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2  

3d01h:   AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 

3d01h: EIGRP: Neighbor(10.120.226.2) not yet found  

3d01h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 303xx
theirrouter
3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2  

3d01h:   AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 

3d01h: EIGRP: Neighbor(10.120.226.2) not yet found  

3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2  

3d01h:   AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 

3d01h: EIGRP: Neighbor(10.120.226.2) not yet found  

3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2

3d01h:   AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2  

3d01h:   AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 

3d01h: EIGRP: Neighbor(10.120.226.2) not yet found   

Here is some info from the remote side:

theirrouter#
1d02h: EIGRP: Retransmission retry limit exceeded
1d02h: EIGRP: Holdtime expired
1d02h: EIGRP: Neighbor 10.120.226.1 went down on BRI0/0
1d02h: EIGRP: New peer 10.120.226.1

theirrouter#sho ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address Interface   Hold Uptime   SRTT   RTO  Q  Seq
(sec) (ms)   Cnt Num
0   10.120.226.1BR0/0 12 00:00:380  5000  1  0

1d02h: EIGRP: Retransmission retry limit exceeded
1d02h: EIGRP: Holdtime expired
1d02h: EIGRP: Neighbor 10.120.226.1 went down on BRI0/0
1d02h: EIGRP: New peer 10.120.226.1
  
I'm 

RE: Off topic

[Maness, Drew]

http://www.cisco.com/warp/public/701/14.html

-Original Message-
From: Naveen Sharma [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 01, 2001 10:08 PM
To: [EMAIL PROTECTED]
Subject: Off topic


Dear Friends,

Can any one give me wiring diagram for RJ-45 to DB 9 pin out and RJ-45 =
to DB 25 pin out.

Thanks for help

Best regards

Naveen

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Prototype and Pilot

[Maness, Drew]

I don't have my DCB CD here.  The only CCDA book I have in the office is the
Sybex Exam Notes by Devin Akin and Mr. Lammle. 

On page 243 the list "Pilot  Smaller in scale;" and a "Prototype  Larger
than a pilot".  They then go on in the next chapters to list the steps for
starting a Pilot and Prototype continuing with the Pilot=Small
Prototype=Large theme.

Todd would you like to comment?

Of course in the real world (I some times wonder if there is such a thing
anymore) does it really matter what the difference is, or if even if there
is one?  This seems like one of those test questions that the original exam
objective; knowing that you don't have to build a large scale test
environment to prove your concept, gets turned around by someone into having
to define what Pilot and Prototype are.  It just seems silly.  But I still
do want to know the answer.  Sick puppy I am.

Have a good new years everyone.  See you next
year/decade/century/millennium.

Drew

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 29, 2000 3:18 PM
To: Maness, Drew; 'Hunt'; [EMAIL PROTECTED]
Subject: RE: Prototype and Pilot


It sounds like I may have had it backwards in my message, then??

Bottom line: the terms are not used precisely in the real world. We need to 
find out if the questioner just wants to know how to use the terms for the 
DCN test, which is my guess, and then help him with the Cisco DCN viewpoint.

The Cisco Press DCN book just has this confusing thing to say on the topic:

"For larger configurations, a prototype is generally more feasible. For 
smaller configurations, a pilot might be more practical. The decision will 
probably be made on relative costs; the costs for prototyping a portion of 
the network will be relatively small for a larger network. However, if the 
network itself is small, then prototyping it could involve costs that are 
relatively large compared to the total costs of the project, so 
demonstrating basic functionality with a pilot might be more feasible."

Does anyone have any other more useful CCDA books that would answer this 
question? My book has a whole chapter on testing a network design, but I 
didn't address the objective of distinguishing a prototype and pilot, since 
I can't (and I didn't know Cisco expected anyone to. &;-)

Priscilla

At 02:26 PM 12/29/00, Maness, Drew wrote:
>A pilot is used when you want to prove a minimal amount of functionality.
>Let say, for security reasons, you want to implement SSH on your routers.
>You don't need to create a large scale network to test functionality for
>SSH.  All you would do is take  one router for each type, plus maybe take
>into account different IOS images and test the different configurations for
>SSH.  This would be a pilot.
>
>A prototype is used when you need to prove a complex amount of
functionality
>and interoperability. Let say you were asked to design a remote access
>solution for 10,000 sales people all using a small router XYZ connecting to
>a Core Router of type ZZZ. And you estimate that the Core Router of type
ZZZ
>can handle N number of XYZ routers connecting to them. You also estimate
>that the company will need to purchase 1,000 ZZZ routers to handle the
>entire load. A prototype would be a couple of ZZZ routers and the
>appropriate amount of XYZ routers to test your theory.  A prototype is
>usually a scaled version or modular version of your final design.
>
>Also note that the use of a pilot or a prototype is usually driven by the
>customer requirements.  The more the customer requirements want you to
prove
>the more likely you are to use a prototype.
>
>In short.  A pilot test a minimal amount of functionality.  A prototype is
>usually a scaled version of your design.
>
>Hope that helped more than it confused.
>
>Drew
>
>-Original Message-
>From: Hunt [mailto:[EMAIL PROTECTED]]
>Sent: Friday, December 29, 2000 1:23 PM
>To: [EMAIL PROTECTED]
>Subject: Prototype and Pilot
>
>
>Can anyone please tell me what is the difference between a prototype and a
>pilot?  And when will you use them?
>
>Hunt
>
>
>_
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_
>FAQ, list archives, and subscription info: 
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Priscilla Oppenheimer
http://www.priscilla.com

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Prototype and Pilot

[Maness, Drew]

A pilot is used when you want to prove a minimal amount of functionality.
Let say, for security reasons, you want to implement SSH on your routers.
You don't need to create a large scale network to test functionality for
SSH.  All you would do is take  one router for each type, plus maybe take
into account different IOS images and test the different configurations for
SSH.  This would be a pilot.

A prototype is used when you need to prove a complex amount of functionality
and interoperability. Let say you were asked to design a remote access
solution for 10,000 sales people all using a small router XYZ connecting to
a Core Router of type ZZZ. And you estimate that the Core Router of type ZZZ
can handle N number of XYZ routers connecting to them. You also estimate
that the company will need to purchase 1,000 ZZZ routers to handle the
entire load. A prototype would be a couple of ZZZ routers and the
appropriate amount of XYZ routers to test your theory.  A prototype is
usually a scaled version or modular version of your final design.

Also note that the use of a pilot or a prototype is usually driven by the
customer requirements.  The more the customer requirements want you to prove
the more likely you are to use a prototype.

In short.  A pilot test a minimal amount of functionality.  A prototype is
usually a scaled version of your design.

Hope that helped more than it confused.

Drew

-Original Message-
From: Hunt [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 29, 2000 1:23 PM
To: [EMAIL PROTECTED]
Subject: Prototype and Pilot


Can anyone please tell me what is the difference between a prototype and a
pilot?  And when will you use them?

Hunt


_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passed CCIE written.

[Maness, Drew]

Thanks to the group I finally passed the CCIE written test.  76% is not
great but it is better than failing.

Thanks for everyone on this list.

Regards

Drew 

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Additional CCIE Written Question

[Maness, Drew]

The scores do not increase because you fail it.  The passing score is set on
a 3 month average so if a bunch of people suddenly start passing the test
with a high score, the passing score will go up.  But it has nothing to do
with you personally failing or passing.  Right now the passing score is
still at 70%

-Original Message-
From: Curtis Call [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 20, 2000 7:46 AM
To: [EMAIL PROTECTED]
Subject: Additional CCIE Written Question


Ok I have another question about the CCIE written.  I've heard the comment
that if you fail the test then when you retake it your required passing
score is higher.  Does anyone know how much the passing score is increased
by?  I am considering taking the written at the end of this week to assess
what areas I am weak in and to get an idea of the difficulty of the test.
Would that be a bad idea for me to do?  Given the high wait time for the lab
I would like to take the written as soon as possible, I'm positive I could
pass it in January after a few weeks of concentrated study but I figure if
it doesn't hurt me too bad I might as well try the test right now and I just
might get lucky and pass.

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: O/T stupid robot dog jokes

[Maness, Drew]

Last night at the DC user group, a Senior Executive VP told us that they are
going to sue the robot dog because it is based on  an operating system with
a command prompt of '>'

He said that the dogs were also no good because all they really do was PPP
with CHAP.

or was it PPTP?  Oh yeah it was PPTP,  but you can control it with the pptp
flow-control static-rtt.

I love distractions! 
Thanks Priscilla

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 12:04 PM
To: [EMAIL PROTECTED]
Subject: O/T stupid robot dog jokes


Have any of you bought one of those new robot dogs for Christmas? I hear 
that they support TCP/IP!

I wonder if they do ARP, ARP, ARP!?

Maybe they even support rrRARP.

I hope they don't SNAP at people!

If they do a good job emulating real dogs, I'm sure they say "IP" a lot. 
And if you see them doing it, you can say, "ICMP!"

Sorry! &;-) I thought we could use a little more levity in addition to the 
messages about Howard being sued.

Happy Holidays!

Priscilla



Priscilla Oppenheimer
http://www.priscilla.com

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DSU/CSU Connections

[Maness, Drew]

Yes you can.  You just need to create a cross over cable.  If you search the
archives, I believe last month, someone actually gave the pinouts.

-Original Message-
From: Mike Murphy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 7:48 AM
To: [EMAIL PROTECTED]
Subject: DSU/CSU Connections


Is it possible to connect two DSU/CSUs together.  For example I have two
1720 Routers with DSU/DSU WICs.  Can I cable these together through the
DSU/CSUs for study purposes?

Thanks,

Mike

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Numbers . . . What numbers?

[Maness, Drew]

It saves address space.  Instead of using separate networks/Ip address
between the serial interface.  You can use the IP unnumbered to use the
Ethernet ip.

Example 1: Without IP unnumbered

--172.16.3.1/24 E0 [Router1)S0 192.168.1.2/252 ---
192.168.1.1/252 S0 [Router2]E0 172.16.4.1 ---


Example 2: With IP unnumbered

--172.16.3.1/24 E0 [Router1)S0 ip unnumbered --- ip
unnumbered S0 [Router2]E0 172.16.4.1 ---

In example 2 you have saved address space.  Also in a large network you
could reduce the size of the routing table because it doesn't have to keep
track to the networks between the router.

Hope that helps

Drew
-Original Message-
From: Dyland Desmarais [mailto:[EMAIL PROTECTED]]
Sent: Saturday, December 16, 2000 12:27 PM
To: '[EMAIL PROTECTED]'
Subject: Re: Numbers . . . What numbers?


Which brings me back to my first question, what would be the benefit of
doing this.

Dyland
==
It means you want use the ip of another (specified) interface, e.g. ip
unnumbered ethernet 0, as the ip of your serial interface.

--

When I disagree with a rational man, I let reality be our final arbiter; If
I am right, he will learn, If I am wrong, I will; one of us will win, but
both of us will profit.
- John Galt



"Dyland Desmarais" <[EMAIL PROTECTED]
> wrote in message
<[EMAIL PROTECTED]">news:[EMAIL PROTECTED]>...
> Greetings all
>
> Could someone please shed some light on IP Unnumbered Serial Interfaces.
> From my BSCN book, I understand this is getting ip routing to work on a
> serial interface without specifying a specific ip to the serial interface
> (using the ip unnumbered command)
>
> My question is why would anyone want to do this?
>
> thanx
>
>
> Dyland


_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RTR-to-RTR

[Maness, Drew]

Actually you can connect two routers with a rollover cable (console cable)
using the AUX ports.  I have done it in the lab but can't find my configs.
But it can be done.  You don't need modems

-Original Message-
From: A. Geoffrey Cauchi [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 22, 2000 8:42 AM
To: Montgomery, Robert WARCOM Contractor; [EMAIL PROTECTED]
Subject: Re: RTR-to-RTR


Yes

But you have to used async leased line modems, or else two dial ups, one
calling the other.

Geoff


- Original Message -
From: "Montgomery, Robert WARCOM Contractor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 22, 2000 5:05 PM
Subject: RTR-to-RTR


> Can two routers (through Async) be connected back-to-back via modems for a
> lab?
>
> Rob
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Mostly OT thought as I wake up

[Maness, Drew]

Howard,

I always look forward to your posts...

You sure your not a comedian?


Tenlet  I'm going to see if I can convince everyone here at work that it
is actually is tenlet ;)

-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 06, 2000 6:00 AM
To: [EMAIL PROTECTED]
Subject: Mostly OT thought as I wake up


There are so many posts about reverse telnet.

If it's truly reversed, shouldn't it be tenlet?

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: console 5500

[Maness, Drew]

Have 
you tried Stop Bits of 2

  -Original Message-From: jahaughom 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 31, 2000 5:21 
  PMTo: [EMAIL PROTECTED]Subject: console 
  5500
  I am trying to get a console on a 5500 
  switch.
   
  When I bring up hyper term I am not getting 
  anything.  Occasionally I will get unintelligble items appear in the 
  window.
   
  I have tried 
  com1 com2 com3
  bps 9600
  flowcontrol hardware,none,xonxoff
  as well as different cables
  all the lights on the switch are 
  green
   
  Any help would be greatly 
appreciated
   
   
     

RE: GroupStudy.com archives

[Maness, Drew]

Paul,  Thank you again for all your hard work

-Original Message-
From: Paul Borghese [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 30, 2000 1:41 PM
To: [EMAIL PROTECTED]
Subject: GroupStudy.com archives


The Archives are back online.  If this happens again, please send me e-mail.

Thanks,

Paul


""Paul Borghese"" <[EMAIL PROTECTED]> wrote in message
005b01c012ac$a1ee5580$c81710ac@laptop">news:005b01c012ac$a1ee5580$c81710ac@laptop...
> Ok, it must be down again.   I will fix tonight.
>
> Paul
> - Original Message -
> From: "Dale Holmes" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Wednesday, August 30, 2000 1:20 PM
> Subject: Re: Trouble searching www.groupstudy.com archives
>
>
> > Hmmm, I just had the same problem. A search of the [EMAIL PROTECTED]
> list
> > found 0 matches for the word CCNA... must be that the index of that list
> is
> > fubar. It could be a punch item from the move to the new server...
> >
> > Dale
> > [=`)
> >
> >
> > >From: George Zhang <[EMAIL PROTECTED]>
> > >Reply-To: George Zhang <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Subject: Trouble searching www.groupstudy.com archives
> > >Date: Wed, 30 Aug 2000 11:46:10 -0500
> > >
> > >I tried to search the archives of this group at www.groupstudy.com.
> > >However, I always get zero(0) match regardless the word I try to
> > >search.  In the mean time, I was able to search the CCIE lab group.  Is
> > >the search engine at www.groupstudy.com for the archives of this group
> > >down?  Any info is appreciated.
> > >
> > >Thanks.
> > >
> > >George Zhang, CCNP
> > >
> > >
> > >___
> > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > >FAQ, list archives, and subscription info: http://www.groupstudy.com
> > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> >
_
> > Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.
> >
> > Share information about yourself, create your own public profile at
> > http://profiles.msn.com.
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Archives Problem

[Maness, Drew]

Anyone else having problems searching the archives?

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE Preparation

[Maness, Drew]

Raymond,
 
It is 
a very good source for the CCIE written but must be supplemented.  For 
example: the book talks about the RIF and RII but does not go as much in-depth 
as you will need.  
 
It is 
a very good place to start or review.  You can also use it in studying for 
the CID test.

  -Original Message-From: Raymond Smith 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, August 29, 2000 
  8:39 AMTo: GroupstudySubject: CCIE 
  Preparation
  Hey guys do you know how good of a read is the following book in 
  preparation for the CCIE written:-
   
  TITLE: CCIE Fundamentals: Network 
  Design and Case Studies
  Need the 411 on this Peace!

RE: Router for play @ home

[Maness, Drew]

"...And I used to get up every morn'n about an 'our before I went to bed and
lick the road clean with my tongue..."

-Original Message-
From: Cohen, Michael [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 23, 2000 3:12 PM
To: Group Study
Subject: RE: Router for play @ home


OC12?  I'm waiting on the OC192VSR interfaces to stick in my GSR's!  Till
then I'll have to settle with my OC48's:)

-Mike

-Original Message-
From: ZAPP, JULIAN F (PB) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 23, 2000 2:08 PM
To: 'Ledwidge, Feargal'; 'Mike Sholar'; Group Study
Subject: RE: Router for play @ home


7513 are nice, but I have more fun with my 12000 GSR's.  I would rather have
OC12, but the OC3 connections are fast enough.



-Original Message-
From: Ledwidge, Feargal [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 23, 2000 12:23 PM
To: 'Mike Sholar'; Group Study
Subject: RE: Router for play @ home


I think you 'll find that a couple of 7513's will make for a pretty good
home lab ... ;-)


Feargal

-Original Message-
From: Mike Sholar [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 23, 2000 5:29 AM
To: Group Study
Subject: Router for play @ home


Hello people!
 
Not exactly a cert question, but it applies. I will soon be getting cable
intenet access at the house, and would like to purchase a cisco router to
play with behind the cable modem. What series router should I be looking at,
just to learn the ios and play around with. I am working on my CCNA, and
realize a physical router is not necessary, but I will be progressing
upwards and would like the experience. I looked at the 924 cable
modem/router cisco sells, and the $899 price tag was a little much for
play-time! Thanks for the input.
 
Mike
 
MCSE, MCP+I

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: canonical and non-canonical addresses

[Maness, Drew]

Neil,

I'm not sure what your question is.  The bits on the wire are transmitted
the same 0100.  Token-ring reads them one way (non-canonical) 0100,
and Ethernet reads them another way (canonical)0010.  It is how the
network interface cards (NIC)/device drivers read the 0s and 1s that is
different.

I would be happy to help(since I have struggled with this myself) if you can
clarify your question

Regards,

Drew R. Maness, CCNP, CCDA, CCSI, MCSE

-Original Message-
From: Neil Desai [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 15, 2000 12:47 PM
To: [EMAIL PROTECTED]
Subject: Re: canonical and non-canonical addresses


Does any body know the answer to this one? Now I am getting a bit
frustrated. I have posted to this group only a couple of times and I never
get an answer. All I get is people asking me to look at the archives. I did
as much homework as possible before asking the group.
""Neil Desai"" <[EMAIL PROTECTED]> wrote in message
8n9llp$83c$[EMAIL PROTECTED]">news:8n9llp$83c$[EMAIL PROTECTED]...
> I am having a problem understanding the issues between canonical and
> non-canonical addressing. I understand that the bits are flipped within
the
> byte. On page 32-33 of Interconnections Second Edition she gives the
example
> of the address a2-41-42-59-31-51.
> Canonical:
> 10100010 0101 0110 01011001 00110001 01010001
> Non-Canonical:
> 01000101 1010 0110 10011010 10001100 10001010
>
> If you look at this you can clearly see that the address in canonical
format
> is not a group address (last bit of first byte is zero) but in
non-canonical
> format it is a group address. At this point I can see a big problem
because
> she also states:
>
>  ".the group bit in addresses was defined not as "the most significant
bit"
> or the "least significant bit" but rather as "the first bit on the wire."
> Thus, an address that was a group address on 802.3 would not necessarily
> look like a group address when transmitted on 802.5 because a different
bit
> would be transmitted first."
>
> Here is the confusion: In canonical format the least significant bit is
> transmitted first and in non-canonical format the most significant bit is
> transmitted first. So on the wire the 1's and 0's would be in the same
> order. Here is an excerpt from RFC 2469:
>
> The figure below illustrates the difference between
> canonical and non-canonical form using the canonical form address
> 12-34-56-78-9A-BC as an example:
>
>In memory,  12   34   56   78   9A   BC
>canonical:   00010010 00110100 01010110 0000 10011010 1000
>
> 1st bit appearing on LAN (group address indicator)
> |
>On LAN:  01001000 00101100 01101010 0000 01011001 0001
>
>In memory,
>MSB format:  01001000 00101100 01101010 0000 01011001 0001
>48   2C   6A   1E   59   3D
>
>
> This shows that no matter how the information is stored in memory it looks
> the same on the wire. So if it looks the same on the wire wouldn't an
> adapter pickup the packet and flip the bits in the byte if it needed to.
> Since it on the wire it looks like the bits are in non-canonical format a
> canonical format media would automatically take the first byte and flip
the
> bits and so on, or so I would think.
>
> If anyone can figure out where I am going wrong please let me know. If it
> would be best to talk, email me directly with a daytime phone number  and
I
> will call you. Thanks.
> Neil
>
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]