from:"\"Patrick Donlon\""

New User

2001-01-24 Thread Patrick Donlon


Hi All

I've just subscribed to the newsgroup, I'm currently studying for my CCNP
Switching exam and work in the VoIP area. If anyone can give me some advice
on how to view discussion on these subjects I'll be very grateful

regards Pat


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 802 ISDN ROUTER and Ameritech

2001-01-25 Thread Patrick Donlon


It's probably caused by Netbios packets on ports 137, 138 & 139 ( I'd check
these to make sure), they will cause the router to dial every time it sees
them. You need to set up some IP call filters to prevent them from bringing
up your dial connection. It's normally caused by Microsoft's Client on
Windows NT or 9X,

regards Pat

"Michael Taivalmaa" <[EMAIL PROTECTED]> wrote in message
94pdej$131$[EMAIL PROTECTED]">news:94pdej$131$[EMAIL PROTECTED]...
>
>
> I have had a few clients now that get 5,000 calles per month on there ISDN
> bill from Ameritech.  I check the logs with there ISP and there is no way
> that they are logging in that many times. The routers are setup using DDR
> and a standard config that has worked with many other customers.
>
> Just looking for some answers..
>
> Mike
>
>
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP isdn numbering types

2001-01-30 Thread Patrick Donlon


Hi All

I'm trying to send the ISDN numbering types and translate numbers from the
ingress to the egress gateway. I have a gateway which accepts an incoming
call from the PSTN then routes it across the IP network to the egress
gateway and to an IVR system, this part works fine. However when I get an
international call the call is still routed across the network but the
translation rule removes the international prefix and puts the local country
code, hence the IVR system gets an incorrect number. Has anyone any
experience of this or know any good references?

Thanks

Patrick Donlon

[EMAIL PROTECTED]




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Routing to different destinations from same source [7:3569]

2001-05-08 Thread Patrick Donlon


Why not do the routing on your router? Your NT machines will send packets to
their default gateway and that router can decide to send it to the internet
or the other network

regards

Pat

""Hans Stout""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello colleagues,
>
> I want to route to two different destinations from the same source
> addresses. The souces are Windows NT machines with two default gateways; I
> want everything going to the Internet going out to one of the gateways,
and
> everything else going out the other. I am not sure if configuring access
> lists does the job; when a packet from the source is denied, does it then
> automatically choose the other default gateway ? I guess policy routing
> won't work, since the source is the same, only the destinations are
> different. Any ideas ? Thanks in advance for your help.
>
> Regards,
>
> Hans
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3583&t=3569
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP [7:3622]

2001-05-08 Thread Patrick Donlon


I'd like to know a little bit more about BGP, mainly general stuff such as
it's config' and troubleshooting, if any has any url's with some concise
details, I would be very grateful

regards Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3622&t=3622
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP between offices [7:3769]

2001-05-09 Thread Patrick Donlon


Depending on the number of users and simultaneous calls you want to support,
I'd suggest using 1750's with analog or BRI interfaces or move up to
2600/3600 or higher with analog/ISDN interfaces on the HO or BO sites. Your
choice will probably be determined by what routers you already have and
whether you have PBX's. If you've got 2600/3600s then you should be able to
install voice modules with analog or isdn interfaces without to many
problems

cheers

Pat


""Alec Smiths""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi group,
>
> I have a customer which branch offices are connecetd
> to HQ via LLs. But routers in branch offices are Cisco
> 1600. They want to make VoIP between HQ and BOs . What
> external hardware can be an efficient and economic
> solution for these guys ?
>
> Thanks,
>
> Alec
>
> __
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3848&t=3769
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP and VoFR integration [7:3765]

2001-05-09 Thread Patrick Donlon


Do both customers have existing VoIP and VoFR networks and what sort of
equipment do they use?

If you can connect on an IP level you should be able to use h323 as common
protocol between the two systems. Otherwise you may want to look at some
sort of Clearing house solution.

Cheers

Pat


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi.
>
> I wonder how can i integrate VoIP and VoFR.
> Let me give an example.
> I have 2 different customers.
> Customer A has VoIP network.
> Customer B has VoFR network.
> They want to integrate their networks.
> How can I communicate VoIP and VoFR?
> Which device or software shoud i use?
>
> thanks.
> best regards.
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3850&t=3765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE bootcamp [7:5438]

2001-05-22 Thread Patrick Donlon


I've seen a boot camp for the CCIE written exam for about 1700 pounds. I'd
like to know if this is good value, currently I'm about 2 weeks away from
taking my CIT support exam to get CCNP, comments welcomed

Regards

--


Pat Donlon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5438&t=5438
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help Needed for AS5300 with primary-NTT switch(PRI) [7:5441]

2001-05-22 Thread Patrick Donlon


Can I see the config of the PRIs and your dial peers? It could be a problem
with the peer and not the PRI, what version of IOS are you using for VoIP

Regardas


""Chan""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All
>
> I havea problem when AS 5300 for voip in Japan. I'm using a ISDN PRI
> line for the AS5300. I have configure the switch type as primary-ntt
> (information as given by the telco). after configure the AS5300 i can
> originate call to other AS 5300 in oversea.But my AS5300 in oversea
> can't terminate call into Japan AS 5300.
>
> I do an debug isdn q931
>
> i got this message  :  invalid element content
>
>
> Later i change the switch type to primary-net 5, is there other way
> round. It can terminate call into Japan but cannot originate call(engage
> tone).
>
> Hope that someone can help me resolve this problem.
>
>
> Thank you
> Chan
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5441&t=5441
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BCRAN [7:5498]

2001-05-23 Thread Patrick Donlon


I passed the Remote Access exam last Thursday, expect some Framely relay,
X25, and ISDN of course. I had a lot of questions where I had to choose a
command from a list of commands, including some non existant ones, such as
how do I map an IP address to an ISDN number. I used the Cisco Press book
and it's practice exam and the isdn router cim and didn't find it difficult,

good luck

Pat

""Bryce Jewell""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi guys,
>
> I am just new to the group.  Can anyone please tell me what to expect in
the
> BCRAN exam?  I am taking it next week and any tips and tricks will be
muchly
> appreciated.
>
> Thanks,
> Bryce
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5539&t=5498
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problems with a 3620 voice router [7:5500]

2001-05-23 Thread Patrick Donlon


Tony's right use the T versions, I'd recommend 12.1.8T for voice, 12.1.5T
has been deferred and has a number of problems

regards
Pat

""Circusnuts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey all- just picked up as 3620 router with 2 Serial/ 2 Ethernet/ & NMHDV
> (VIC
> 1MFT-T1).  The issue I am having is this...  the voice module, actually
> nothing voice shows on the boot-up.  It's almost as if the interface in
not
> installed.  I have tried upgrading the IOS (12.1(8) IP/H323).  The module
> looks fine too, no burn smell.  Any ideas ???
>
> Router# Show Version
> Cisco Internetwork Operating System Software
> IOS (tm) 3600 Software (C3620-IX-M), Version 12.1(8), RELEASE SOFTWARE
(fc1)
> Copyright (c) 1986-2001 by cisco Systems, Inc.
> Compiled Mon 16-Apr-01 18:54 by kellythw
> Image text-base: 0x60008940, data-base: 0x60A18000
>
> ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE
SOFTWARE
> (f
> c1)
>
> Router uptime is 4 minutes
> System returned to ROM by reload
> System image file is "flash:c3620-ix-mz.121-8.bin"
>
> cisco 3620 (R4700) processor (revision 0x81) with 28672K/4096K bytes of
> memory.
> Processor board ID 14825930
> R4700 CPU at 80Mhz, Implementation 33, Rev 1.0
> Bridging software.
> X.25 software, Version 3.0.0.
> 2 Ethernet/IEEE 802.3 interface(s)
> 2 Serial network interface(s)
> DRAM configuration is 32 bits wide with parity disabled.
> 29K bytes of non-volatile configuration memory.
> 8192K bytes of processor board System flash (Read/Write)
>
> Configuration register is 0x2102
>
> Thanks in advance !!!
> Phil
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5540&t=5500
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Bandwidth allocation for VoIP Session [7:5549]

2001-05-23 Thread Patrick Donlon


The IOS you use will determine on how you prioritise the traffic, with
earlier versions you can set a priority queues, multilink interleaving or
just set the tos bit.

For later versions of IOS, even 12.2(1), you can use policy maps. You need
to set up a policy which has classes within it, then define the traffic you
want to be prioritised in an access list. Read up on it first and test it

regards

Pat


""Brijesh""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear all,
>
> Have a query:
>
> I have a 64 kbps point-to-point link between India and US office, which is
> primarily used for data/VoIP communication.
>
> Presently there is no bandwidth allocated for a VoIP session. Please
suggest
> the suitable solution whereby I can allocate about 16 kbps per voice
session.
>
> Regards,
> Brijesh
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5561&t=5549
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX 5.1 [7:7326]

2001-06-06 Thread Patrick Donlon


I've a PIX in a test environment and I want to allow hosts access from the
outside network. Do I need a conduit and (or) static statement for every
host in my internal network?
I'm not running any NAT translations and I can reach the outside network
without any problems, any examples or URLs appreciated

regards

--


Pat Donlon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7326&t=7326
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Support exam [7:8353]

2001-06-13 Thread Patrick Donlon


Hi everyone

I'm about to take the Cisco Support exam and would like to hear from anyone
who has taken it recently, types of questions and any topics in or out will
be appreciated

Also the are the Boson tests worth taking as part of my final preparation?

Just another comment, I'm reading the Exam guide from Osborne and I think
it's terrible,  I've used before mainly Cisco Press and Exam Cram books.

Regards

Patrick Donlon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=8353&t=8353
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE written [7:10085]

2001-06-27 Thread Patrick Donlon


I'm about to start reading for the written exam and have the list below as
suggested reading

 Routing TCP/IP Volume I  (Cisco Press)
 Routing TCP/IP Volume II (Cisco Press)
 Cisco LAN Switching (Cisco Press)
 Exam Cram Routing & Switching

is this sufficient and does anyone have any other titles

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10085&t=10085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ethernet errors explained [7:33687]

2002-01-30 Thread Patrick Donlon


Hi Everyone

 I trying to find some information on some Ethernet errors that I see on a
 port, see the text below. The machine is an RS6000 and was experiencing
some
 performance problems, the NIC was set to auto negotiation and there were
the
 usual errors. The port and NIC are now both fixed and the errors are
 increasing steadily, I've had a good search on the CCO but I can't find any
 explanation of what causes the errors, any advice will be appreciated

 Regards

 Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33687&t=33687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ethernet errors explained [7:33687]

2002-01-30 Thread Patrick Donlon


And here's the show port I forgot!!




(enable) sh port 2/26
Port  Name   Status Vlan   Duplex Speed Type
- -- -- -- -- - 
 2/26 Temp Driver server connected  990  full   100 10/100BaseTX

Port  AuxiliaryVlan AuxVlan-Status InlinePowered PowerAllocated
   Admin Oper   Detected mWatt mA @42V
- - -- - --  - 
 2/26 none  none   - -  -- -


Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex
-  - -    ---
 2/26 disabled  shutdown 001 disabled  51

Port  Num-Addr Secure-Src-Addr   Age-Left Last-Src-Addr
Shutdown/Time-Left
-  -  - 
--
 2/26
 -- -- -

Port Broadcast-Limit Broadcast-Drop
 --- 
 2/26  -0

Port   Send FlowControlReceive FlowControl   RxPause TxPause Unsupported
   adminoper   adminoper opcodes
-        --- --- ---
 2/26  off  offoff  off  0   0   0

Port  Status Channel  Admin Ch
 Mode Group Id
- --  - -
 2/26 connected  auto silent 68 0

Port  Align-Err  FCS-ErrXmit-Err   Rcv-ErrUnderSize
- -- -- -- -- -
 2/26 154661 138931  0  0  6246

Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts Giants
- -- -- -- -- - - --
---
 2/26  0  0  0  0 0 30531
1

Port  Last-Time-Cleared
- --
""Patrick Donlon""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Everyone
>
>  I trying to find some information on some Ethernet errors that I see on a
>  port, see the text below. The machine is an RS6000 and was experiencing
> some
>  performance problems, the NIC was set to auto negotiation and there were
> the
>  usual errors. The port and NIC are now both fixed and the errors are
>  increasing steadily, I've had a good search on the CCO but I can't find
any
>  explanation of what causes the errors, any advice will be appreciated
>
>  Regards
>
>  Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33689&t=33687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ethernet errors explained [7:33687]

2002-01-30 Thread Patrick Donlon


Positive, if you look at the show port (on the other mail) you'll see there
are no collisions

Thanks


""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Are you sure switch and NIC are the same speed and duplex?  Looks like
port
> speed/duplex mismatch.
> ""Patrick Donlon""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi Everyone
> >
> >  I trying to find some information on some Ethernet errors that I see on
a
> >  port, see the text below. The machine is an RS6000 and was experiencing
> > some
> >  performance problems, the NIC was set to auto negotiation and there
were
> > the
> >  usual errors. The port and NIC are now both fixed and the errors are
> >  increasing steadily, I've had a good search on the CCO but I can't find
> any
> >  explanation of what causes the errors, any advice will be appreciated
> >
> >  Regards
> >
> >  Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33692&t=33687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ethernet errors explained [7:33687]

2002-01-30 Thread Patrick Donlon


It's a RS6000 not a PC, I think it's running AIX


""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Then try switching ports, shutting it down, different PC, etc,.  It's
> probably the PC then
> ""Patrick Donlon""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Positive, if you look at the show port (on the other mail) you'll see
> there
> > are no collisions
> >
> > Thanks
> >
> >
> > ""Steven A. Ridder""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Are you sure switch and NIC are the same speed and duplex?  Looks like
> > port
> > > speed/duplex mismatch.
> > > ""Patrick Donlon""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Hi Everyone
> > > >
> > > >  I trying to find some information on some Ethernet errors that I
see
> on
> > a
> > > >  port, see the text below. The machine is an RS6000 and was
> experiencing
> > > > some
> > > >  performance problems, the NIC was set to auto negotiation and there
> > were
> > > > the
> > > >  usual errors. The port and NIC are now both fixed and the errors
are
> > > >  increasing steadily, I've had a good search on the CCO but I can't
> find
> > > any
> > > >  explanation of what causes the errors, any advice will be
appreciated
> > > >
> > > >  Regards
> > > >
> > > >  Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33701&t=33687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ethernet errors explained [7:33687]

2002-01-30 Thread Patrick Donlon


Dave tried that one first as I thought it was the most interesting, but
sadly

(enable) set port inline 2/26 off
Feature not supported on module 2.

I'll go back to basics first Ole.

Thanks for the replies

Pat

""MADMAN""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> You appear to have the inline power module for ip phones.  I had a
> problem once on a server where I disabled the power on the port and this
> resolved the errors.
>
> C6509> (enable) set port inlinepower 2/26 off
>
>   Dave
>
> Patrick Donlon wrote:
> >
> > And here's the show port I forgot!!
> >
> > (enable) sh port 2/26
> > Port  Name   Status Vlan   Duplex Speed Type
> > - -- -- -- -- - 
> >  2/26 Temp Driver server connected  990  full   100 10/100BaseTX
> >
> > Port  AuxiliaryVlan AuxVlan-Status InlinePowered PowerAllocated
> >Admin Oper   Detected mWatt mA @42V
> > - - -- - --  - 
> >  2/26 none  none   - -  -- -
> >
> > Port  Security Violation Shutdown-Time Age-Time Max-Addr Trap
IfIndex
>
> -  - -    ---
> >  2/26 disabled  shutdown 001 disabled
51
> >
> > Port  Num-Addr Secure-Src-Addr   Age-Left Last-Src-Addr
> > Shutdown/Time-Left
> > -  -  -
> 
> > --
> >  2/26
> >  -- -- -
> >
> > Port Broadcast-Limit Broadcast-Drop
> >  --- 
> >  2/26  -0
> >
> > Port   Send FlowControlReceive FlowControl   RxPause TxPause
> Unsupported
> >adminoper   adminoper opcodes
> > -        --- ---
> ---
> >  2/26  off  offoff  off  0   0   0
> >
> > Port  Status Channel  Admin Ch
> >  Mode Group Id
> > - --  - -
> >  2/26 connected  auto silent 68 0
> >
> > Port  Align-Err  FCS-ErrXmit-Err   Rcv-ErrUnderSize
> > - -- -- -- -- -
> >  2/26 154661 138931  0  0  6246
> >
> > Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts
> Giants
> > - -- -- -- -- - -
> --
> > ---
> >  2/26  0  0  0  0 0 30531
> > 1
> >
> > Port  Last-Time-Cleared
> > - --
> > ""Patrick Donlon""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Hi Everyone
> > >
> > >  I trying to find some information on some Ethernet errors that I see
on
> a
> > >  port, see the text below. The machine is an RS6000 and was
experiencing
> > > some
> > >  performance problems, the NIC was set to auto negotiation and there
were
> > > the
> > >  usual errors. The port and NIC are now both fixed and the errors are
> > >  increasing steadily, I've had a good search on the CCO but I can't
find
> > any
> > >  explanation of what causes the errors, any advice will be appreciated
> > >
> > >  Regards
> > >
> > >  Patrick
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33707&t=33687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAJOR OT: Free CCNPtraining for convicts [7:34039]

2002-02-01 Thread Patrick Donlon


This could be the biggest load of crap I've read for some time, is your boss
planning on getting you convicted? It may be cheaper on his training budget.





""steve skinner""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> guys,
>
> my boss has just told me that cisco are trailing a few prisons where they
> are offering free CCNP training to convicts
>
> man does that just bite the buscuit.
>
> i worked long and hard to pay for my exams.get some work experience
> and at my expence (bieng a tax payer)i am funding a convict to learn
> about cisco.
>
> i know about re-abilitation.but it is just a bit sick that i as an
> individual,could
>
> a) been robbed by this man ... my house is trashed and my insurence goes
up
> (i pay )
> b) funding him in prison to learn Cisco (i pay)
> c) comes out of prison and de-vaules a cert becuse he has no experience (i
> pay)
>
>
> does cisco want to have a "useless" cert system(except ofcourse the
> CCIE)because the more people who BLANTENTLY DONT have any experience
> witht these certs ...the less they mean...
>
>
> i`m  sorry to rantbut sometimes i wish company`s would consider there
> future..
>
> FACT (from Cisco) there will always be more jobs for NA/NP than IE`s
>
> 1)i get exams to be employable...
> 2)in order to get these exams i push the company`s kit ..
>
> i have recently installed some 4000`s over another companies kit,even
> thought the other kit is more than capable of doing the job..because i get
a
> side benefit of learning about the equipment and increasing my CV value
> 
>
> 3)if i am working at a company and i dont want a cisco cert because it is
> worthless..why would i push that companies products..
>
> i would simply push another company`s products to get my certs in the
there
> equipment ,to keep my employability
>
> 4) cisco dont sell as much equipment 
> 5) certs become even more worthless..
> 6) cisco sells even less equipment as no-one is trained anymore
> 7) cisco becomes Novell(my appologies to all novell staff)...
>
> a little for-thought is all that required...
>
> as my boss says...
>
> " one of my main reson for buying kit is the amount of tech staff
availible
> to install/fix the kit...if there`s no staff there no kit"
>
> in a job market that is already depressed that last thing that is needed
is
> a flood of Certified but unexperienced people on the market..
>
> the it industry is like no other ,in that fact that we have to CONSTANTLY
> update our skills ...that takes time,money and personal
> sacrfisesomething i dont think cisco is at all concernd with...
>
> ahh welll.
>
> no chance of a "[EMAIL PROTECTED]" list starting any time soon...??
>
> Sorry for the downer
>
> steve
>
>
>
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34069&t=34039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN problems... [7:34324]

2002-02-05 Thread Patrick Donlon


Stuart

180 seconds is normal, it depends if you have a minimum call charge from
your telco. To see what causing the interface to dial use the debug dialer
command:
debug dialer [events | packets] - Displays DDR debugging information about
the packets received on a dialer interface.
Some more info' here
http://www.cisco.com/warp/customer/793/access_dial/ddr_9347.html

Regards

Pat




""Laubstein, Stuart"" <> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The dialer list command seems to be gone...I am going to add
>
>
> dialer-list 1 protocol ip permit
>
> This should work(at least to let everything threw). Or is there another
way
> to do this which is more secure? I am also trying the debug command--they
> will not help this problem but have shown me another problem with the
serial
> interfaces so thanks for that suggestion. Actually any suggestion on
> dialer-lists would alsom be welcome--ie what would it be a good idea and
> what kind of timeout is normal--I am using 50 seconds right now.
>
> stu
>
>
> -Urspr|ngliche Nachricht-
> Von: McCallum, Robert [mailto:[EMAIL PROTECTED]]
> Gesendet am: Monday, February 04, 2002 3:53 PM
> An: [EMAIL PROTECTED]
> Betreff: RE: ISDN problems... [7:34324]
>
> If the router is not seeing interesting traffic within your idle period
then
> it should drop the line.  What is in your dialer-list to define what is
> interesting traffic?
>
> -Original Message-
> From: Stuart Laubstein [mailto:[EMAIL PROTECTED]]
> Sent: 04 February 2002 14:20
> To: [EMAIL PROTECTED]
> Subject: ISDN problems... [7:34324]
>
>
> I have  a 3620 that has a problem with timing out. I have set the dialer
> idle-timoue to 180 seconds--the router will keep the interface open for
180
> seconds and then drop it for 9 seconds. I set it to 55 seconds and it did
> the same timeout after 55 seconds--9 second drop. This only seems to
happen
> when the  remote router is a cisco router. I have tried debug isdn
> events--but can only see the interface coming back up. Any idea on things
I
> can try would be much appreciated or on debug options that would narrow it
> for me...
>
> thanks
>
>
>
> stuart




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3&t=34324
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PBX [7:34499]

2002-02-06 Thread Patrick Donlon


Tom

it all depends on what interfaces you have in your router and PBX, do you
need info' on the PBX or the Cisco? I can send you some general configs for
E1 interfaces, otherwise checkout the cco
http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Internetworking:VoX:V
oIP&s=Implementation_and_Configuration

or for the as5300 (most commands can be used on the smaller 2600 or 3600)
http://www.cisco.com/univercd/cc/td/doc/product/access/nubuvoip/voip5300/ind
ex.htm

cheers

Pat



- Original Message -
From: ""Tom Richs"" 
Newsgroups: groupstudy.cisco
Sent: Tuesday, February 05, 2002 8:47 PM
Subject: PBX [7:34499]


> How can I connect a router to a PBX to get it to talk.  In specific I'm
> implementing VoIP and want to connect it to my PBX.  Do you use a specific
> PRI, E&M or what type card and cabling between the two.
>
> Thanks.
>
> Tom
>
> _
> Get your FREE download of MSN Explorer at
http://explorer.msn.com/intl.asp.
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34598&t=34499
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Renting Cisco Equipment [7:34531]

2002-02-06 Thread Patrick Donlon


Yes, Cisco can arrange loan or demo equipment for all sorts of uses, go ask
you rep

cheers

Pat


""Greg Harper""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Greetings,
>
> Does anybody on the list know of any companies that will
> rent or short-term lease Cisco equipment?  I need an AS5400
> temporarily to minimize the downtime of an ISP migration,
> and am having trouble finding companies that handle this
> type of thing.
>
> Thanks,
> Greg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34599&t=34531
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IPSec tunnels [7:34742]

2002-02-07 Thread Patrick Donlon


Hi All

I'm looking for some information on how to verify the configuration of a PIX
with an IPsec tunnel to a VPN concentrator. I have a tunnel that keeps
bouncing, I think that instabilities across the internet could be causing
some of the problems as I see the path changing quite a lot from the
Netherlands to Dubai. I can't find the command(s), or understand the ones
I've used, which tells me whether the tunnel is up on the PIX, I can see
from the concentrator that it's down but I want to know about the PIX too.
Any other advise is appreciated

Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34742&t=34742
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP & Vic-2fx cards [7:34768]

2002-02-08 Thread Patrick Donlon


Richard

I've had the very same problem some time ago, it was really annoying, can
you post the config, it'll probably jog my memory as to what was wrong

Cheers

Pat
- Original Message -
From: ""Richard Botham"" 
Newsgroups: groupstudy.cisco
Sent: Thursday, February 07, 2002 6:13 PM
Subject: VOIP & Vic-2fx cards [7:34768]


> Hi All,
>
> I have 2 x Cisco 2621 routers and each have a 2port fxs voice card -
> vic-2fxs installed.
>
> When I plug my phone into port 1/0/0 of a vic-2fxs card installed in a
2621
> I get dial tone.
>
> When I use port 1/0/1 I do not get dial tone.
>
> Is there any reason for this and what am I doing wrong.
>
> Regards
> Richard
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34832&t=34768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: [Re: VOIP & Vic-2fx cards [7:34768]

2002-02-13 Thread Patrick Donlon


Sujal

thought it could be case, just couldn't remember as it was some time back,

Thanks


""Sujal G. Ajmera""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Pat and Rich:
>
> I had a similar problem and got it solved just today.
>
> What we did was change the IOS and that made a difference.
>
> Sujal
>
> > Richard
> >
> > I've had the very same problem some time ago, it was really annoying,
can
> > you post the config, it'll probably jog my memory as to what was wrong
> >
> > Cheers
> >
> > Pat
> > - Original Message -
> > From: ""Richard Botham""
> > Newsgroups: groupstudy.cisco
> > Sent: Thursday, February 07, 2002 6:13 PM
> > Subject: VOIP & Vic-2fx cards [7:34768]
> >
> >
> > > Hi All,
> > >
> > > I have 2 x Cisco 2621 routers and each have a 2port fxs voice card -
> > > vic-2fxs installed.
> > >
> > > When I plug my phone into port 1/0/0 of a vic-2fxs card installed in a
> > 2621
> > > I get dial tone.
> > >
> > > When I use port 1/0/1 I do not get dial tone.
> > >
> > > Is there any reason for this and what am I doing wrong.
> > >
> > > Regards
> > > Richard
> > _
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35276&t=34768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 6000 Hybrid vs Native [7:35216]

2002-02-13 Thread Patrick Donlon


Sorry to spoil the party but I've had a problem with IOS on 6Ks. With
version 12.1(3a)E4, using the console port would put the switch into rommon
mode, the switch would keep running but you couldn't config it, it's a
recognised bug I think. Apart from that though I think it simplifies things
by having just the one set of commands and will be upgrading the Cat OS 6Ks
to IOS

Cheers

Pat


""Michelle Loechel""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can anyone comment on having used the native mode IOS feature on the 6000
> series switches?  Like/dislikes?  Stability?  Supportability, etc?
> Preference of hybrid or native? Compatibility issues with future Cisco
> features?
>
> Thanks
>
> Michelle Loechel
> Network Analyst
> Exempla Healthcare
> [EMAIL PROTECTED]
> "Any views or opinions presented in this email are solely
> those of the author and do not necessarily represent those
> of Exempla Healthcare."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35278&t=35216
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Serial DTE/DCE cables [7:35388]

2002-02-14 Thread Patrick Donlon


Hi

I'm after some serial cables for a home lab, anyone have any sources for
these in the UK and Europe, I'm looking to buy about 10 in total (1m or 3m
lengths)

Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35388&t=35388
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP problem [7:36396]

2002-02-25 Thread Patrick Donlon


Hi all

I've a problem with a voice router I'm getting DSP timeout errors on the far
end (egress) router and I was wondering if anyone has any ideas. See the
text below for the error, it appears after the call is disconnected with
"normal call clearing", we use E1s. A reboot will make the problem go away
for a short while and we using 12.2(4)T on a 3640. The call routing is fine
and I can make csim calls from the far end router to my local router and to
my phone no problem, in the other direction I get DSP timeouts.

Cheers

Pat

10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP Disc
(call mode=0)
10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP error
stats (call mode=1658181684), chnl info(1, 0, 0)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36396&t=36396
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP problem [7:36396]

2002-02-27 Thread Patrick Donlon


Mark

thanks for the post, yep both are identical, I've already decoded the error
and it tells me to contact Cisco, which I've done.

Cheers


""Mark Odette II""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Pat-
> Question: Are both ends identical in Hardware and/or Software??  More
> importantly, Are both routers running the same version of IOS?  I've seen
> something very similar to this, and it wound up being a compound problem
of
> buggy version of IOS and a mixture of versions from end to end.
>
> If you can, you might think about rolling back a little on the version of
> IOS, to say, 12.2.1, or something like that but verify it won't break
> some other feature you're depending on first.
>
> Another wise action would be to go onto CCO and check their BugTraq to see
> if they have any known issues with 12.2.4T.
>
> Also, here's a tool that might help with the error message: Error message
> Decoder Ring!  It requires CCO access.
> http://www.cisco.com/cgi-bin/Support/Errordecoder/home.pl
>
> Hope this helps!
>
> Mark
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Monday, February 25, 2002 11:35 AM
> To: [EMAIL PROTECTED]
> Subject: VoIP problem [7:36396]
>
>
> Hi all
>
> I've a problem with a voice router I'm getting DSP timeout errors on the
far
> end (egress) router and I was wondering if anyone has any ideas. See the
> text below for the error, it appears after the call is disconnected with
> "normal call clearing", we use E1s. A reboot will make the problem go away
> for a short while and we using 12.2(4)T on a 3640. The call routing is
fine
> and I can make csim calls from the far end router to my local router and
to
> my phone no problem, in the other direction I get DSP timeouts.
>
> Cheers
>
> Pat
>
> 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP Disc
> (call mode=0)
> 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP
error
> stats (call mode=1658181684), chnl info(1, 0, 0)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36620&t=36396
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP monitoring [7:36625]

2002-02-27 Thread Patrick Donlon


Hi

I'm after some tips for monitoring a couple of VoIP routers, as there are
only two routers buying tools isn't going to be very cost effective. I've
used the early versions of CVM (which was very funny), we use Cisco Works
2000, but don't have the add on CVM product, and Openview. I'm planning on
automatically re-route calls on failure, but I'd like to know about the
failure so we can react, any ideas or pointers?

Cheers
Pat

--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36625&t=36625
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Etherchannel/ISL trunk failure [7:38085]

2002-03-13 Thread Patrick Donlon


Hi everyone I have a strange problem I'd like to know if anyone can explain
why it happened and how to prevent it happening again. I have two Cat 5500s
connected using four 10/100 MB port configured as an etherchannel, it was
also configured as an ISL trunk. It's a very simple network with these two
switches, a PIX and only VLAN 1 is used.

The problem occurred when clients DNS requests failed. The DNS is an NT
server which was connected to Switch B, the PIX was connected to Switch A
and the default gateway for VLAN 1 was on Switch A. From a PC on Switch A
you could ping the NT server and the default gateway and PIX etc, but the NT
server couldn't ping the default gateway. Moving a PC to Switch B replicated
the problem, I could ping everything else on the network but not the default
gateway. When I checked the switches I could see some errors on the first
port of the channel, a few align, fcs and runts, I then noticed the port was
leaving and joining the spanning tree every 30 seconds or so. Removing the
cable from the port fixed the problem immediately, when the cable was put
back the problem occurred after about 3 mins. I removed the ISL trunk and
put the cable back and it is working and error free for over 12 hours.

I'd love to know exactly what caused this, I think it was the VLAN
information not being passed down the trunk but I'm not sure and as the link
had to be up v.quickly I didn't have time to test a few things out.

cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38085&t=38085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Etherchannel/ISL trunk failure [7:38085]

2002-03-13 Thread Patrick Donlon


I love this group, how's about scalability, new requirements, sorry for
being sarcastic but it's not about the design, simple as it is, but a fault

cheers

--

email me on : [EMAIL PROTECTED]

""Kelly Cobean""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Based on the fact that you are only using a single VLAN, I would first
> question why you are using using ISL trunking?  Since ISL is used for
> Inter-VLAN routing, it's an unnecessary configuration, unless you are
> preparing for multiple VLAN's down the road.  Have you configured VTP
> appropriately?  Also, I would check for any ARP abnormalities in your CAM
> and ARP tables.
>
> Kelly Cobean
>
> -Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Wednesday, March 13, 2002 4:11 AM
> To: [EMAIL PROTECTED]
> Subject: Etherchannel/ISL trunk failure [7:38085]
>
>
> Hi everyone I have a strange problem I'd like to know if anyone can
explain
> why it happened and how to prevent it happening again. I have two Cat
5500s
> connected using four 10/100 MB port configured as an etherchannel, it was
> also configured as an ISL trunk. It's a very simple network with these two
> switches, a PIX and only VLAN 1 is used.
>
> The problem occurred when clients DNS requests failed. The DNS is an NT
> server which was connected to Switch B, the PIX was connected to Switch A
> and the default gateway for VLAN 1 was on Switch A. From a PC on Switch A
> you could ping the NT server and the default gateway and PIX etc, but the
NT
> server couldn't ping the default gateway. Moving a PC to Switch B
replicated
> the problem, I could ping everything else on the network but not the
default
> gateway. When I checked the switches I could see some errors on the first
> port of the channel, a few align, fcs and runts, I then noticed the port
was
> leaving and joining the spanning tree every 30 seconds or so. Removing the
> cable from the port fixed the problem immediately, when the cable was put
> back the problem occurred after about 3 mins. I removed the ISL trunk and
> put the cable back and it is working and error free for over 12 hours.
>
> I'd love to know exactly what caused this, I think it was the VLAN
> information not being passed down the trunk but I'm not sure and as the
link
> had to be up v.quickly I didn't have time to test a few things out.
>
> cheers
>
> Pat
>
>
> --
>
> email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38104&t=38085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Etherchannel/ISL trunk failure [7:38085]

2002-03-14 Thread Patrick Donlon


Kelly great post and I do appreciate the help, I no think my englesh was
that bad (just kidding), been living in Europe too long obviously. Back to
the problem anyway, I removed the ISL trunk from the etherchannel and it's
all OK now, no errors for the past couple of days. Problem is it's at an
exhibition so it's fairly important it doesn't go down. The reasoning behind
the ISL trunk was an application that couldn't handle an address with any
zeros, so we needed an extra VLAN. The network requirements have a habit of
changing rapidly too so it made sense to implement it at the time.

My skill level? hmm  not sure either, but you're right "keep it simple"
works best for me too.

cheers Pat


--

email me on : [EMAIL PROTECTED]

""Kelly Cobean""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'll make you a deal...I won't pose design questions in response to your
> fault questions when you can criticize me for trying to help you using
> something other than one big, fragmented run-on sentence.  Worse than my
> unsolicited design suggestions are the inability of most people to form a
> coherent thought in writing to convey their point.  It makes it difficult,
> if not impossible to HELP with the problem at hand when you must focus so
> hard on deciphering the broken sentence that you can't focus on the
> technology.
>
> Now, I certainly get your point that I'm not sticking strictly to the
> question at hand, but one of the best design philosophies (which
determines
> in part your troubleshooting methodologies) out there is "Keep It Simple".
> There is no need to apply a technology if it's not going to be used.  I
> suggest this merely because I don't know you, your skill level, or your
> future plans for this network.  My suggesting that you not use ISL if
there
> are no plans for it in the future was an attempt to save you the
heart-ache
> of chasing down a problem that needn't exist, however educational the
answer
> may be.  I also caveated my statement with "unless you are preparing for
> multiple VLAN's down the road", so be as scalable as you want, just don't
> assume that I know your future plans.  I'm merely analyzing the problem in
> front of me.  After all, you did say that you had to get this up very
> quickly.
>
> Also note that I DID included some other thoughts for you to check on if
> diagnosing the problem to resolution is the path you're on, so my message
> wasn't entirely wasted on babbling about my perceived over-engineering of
> your network.
>
> As with all lists, responses to questions are "take it or leave it."  If
you
> don't like mine that's fine, but maybe someone else on the list was able
to
> benefit from it.  In the future, I'll refrain from any attempts to suggest
> alternatives to problematic implementations.
>
> Apparently Arrogant,
> Kelly Cobean
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Wednesday, March 13, 2002 10:46 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Etherchannel/ISL trunk failure [7:38085]
>
>
> I love this group, how's about scalability, new requirements, sorry for
> being sarcastic but it's not about the design, simple as it is, but a
fault
>
> cheers
>
> --
>
> email me on : [EMAIL PROTECTED]
>
> ""Kelly Cobean""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Based on the fact that you are only using a single VLAN, I would first
> > question why you are using using ISL trunking?  Since ISL is used for
> > Inter-VLAN routing, it's an unnecessary configuration, unless you are
> > preparing for multiple VLAN's down the road.  Have you configured VTP
> > appropriately?  Also, I would check for any ARP abnormalities in your
CAM
> > and ARP tables.
> >
> > Kelly Cobean
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Patrick Donlon
> > Sent: Wednesday, March 13, 2002 4:11 AM
> > To: [EMAIL PROTECTED]
> > Subject: Etherchannel/ISL trunk failure [7:38085]
> >
> >
> > Hi everyone I have a strange problem I'd like to know if anyone can
> explain
> > why it happened and how to prevent it happening again. I have two Cat
> 5500s
> > connected using four 10/100 MB port configured as an etherchannel, it
was
> > also configured as an ISL trunk. It's a very simple network with these
two
> > switches, a PIX and only VLAN 1 is used.
> >
> > The problem occurr

Re: VPN using DHCP [7:38670]

2002-03-18 Thread Patrick Donlon


I use a cable modem in Holland and it never changes, but now I've said
that.. Best thing would be to request an address then you know for sure

Cheers

--

email me on : [EMAIL PROTECTED]

""sam sneed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Has anyone ever created a VPN using a cable modem and DHCP? I am assuming
> that once you get the IP using DHCP it will not change for at least a
month.
> If it does change I realize reconfiguration is necessary, this is no big
> deal for me. I know it is not possible with checkpoint 4.1 but is it
> possible with a PIX 501 3DES? I want to connect my home network to the
> corporat network using a PIX 501 and IPSEC.
>
> Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38673&t=38670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP billing [7:38756]

2002-03-19 Thread Patrick Donlon


You can use a radius platform for billing in your VoIP network. For small
scale you can use the CallManager or Cisco ACS server billing, for the
larger stuff you need to use Radius accounting and develop your own scripts
to process the records

Cheers
Pat


""Kiran Kumar M""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks for your reply. Any other external software that will compatible
> with cisco products also ??
>
> Thanks,
> Kiran
>
>
> On Tue, 19 Mar 2002, George Siaw wrote:
>
> > Check out the Avvid product line. I think Cisco Call manager has some
> > functionality for billing.
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> > Kiran Kumar M
> > Sent: 19 March 2002 05:43
> > To: [EMAIL PROTECTED]
> > Subject: VOIP billing [7:38756]
> >
> > Hai,
> >
> > Is there any billing solution available for VOIP in cisco products.??
> >
> > Thanks,
> > Kiran




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38761&t=38756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

7204 vxr boot rom [7:38777]

2002-03-19 Thread Patrick Donlon


Hi All

just wondered if anyone knows where I can find some information about boot
rom versions. I'm looking at loading an  image of IOS on a new 7204 and I'd
like to know what version I should use for the boot rom

cheers

Pat

--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38777&t=38777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: last tip for ccie written [7:11640]

2001-07-10 Thread Patrick Donlon


Is this a study group or what? Dennis get a life

""Dennis H""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> My tip is learn the material like the rest of us...
>
>
>
> ""tim""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > anybody ready to take a 350-001?
> >
> > looking for a ccie written candidate for sharing information with my
> dumps.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=11701&t=11640
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Netmeeting and PIX [7:15002]

2001-08-06 Thread Patrick Donlon


Does anyone know if PIX will work with Netmeeting audio and video traffic
through using NAT? Currently we've upgraded from 5.31 to 6.10(101) on our
PIX, the netmeeting call is set-up and features such as chat work but no
audio and video. We have voip traffic passing through the PIX from CCMs with
out any problems. Any tips or work arounds appreciated

regards

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15002&t=15002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cat 6.5K error messages [7:15241]

2001-08-08 Thread Patrick Donlon


I have a cat' that is giving me these messages on the console:

06:02:18 MET +02:00 %PAGP-5-PORTFROMSTP:Port 8/48 left bridge port 8/48

06:02:35 MET +02:00 %PAGP-5-PORTTOSTP:Port 8/48 joined bridge port 8/48.

>From the CCO I've read that it could be a duplex mis-match, faulty NIC,
cable or mis-configuration.
How can I find out from the switch stat's which is most likely?

cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15241&t=15241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat 6.5K error messages [7:15250]

2001-08-08 Thread Patrick Donlon


It's a server in the port, and the messages are occurring fairly frequently
in succession. I can see other devices joining and leaving occasionally, I
thought this interface may be flapping,

cheers


""Wilson, Bradley""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I thought these messages appeared whenever a station joins or leaves the
> switch - are you sure someone isn't just rebooting their PC?
>
>
> -Original Message-
> From: Patrick Donlon [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 08, 2001 7:33 AM
> To: [EMAIL PROTECTED]
> Subject: Cat 6.5K error messages [7:15241]
>
>
> I have a cat' that is giving me these messages on the console:
>
> 06:02:18 MET +02:00 %PAGP-5-PORTFROMSTP:Port 8/48 left bridge port 8/48
>
> 06:02:35 MET +02:00 %PAGP-5-PORTTOSTP:Port 8/48 joined bridge port 8/48.
>
> From the CCO I've read that it could be a duplex mis-match, faulty NIC,
> cable or mis-configuration.
> How can I find out from the switch stat's which is most likely?
>
> cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15255&t=15250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat 6.5K error messages [7:15257]

2001-08-08 Thread Patrick Donlon


The switch port set to auto, I don't know about the server. Having looked at
the counters in the past 3 hours they haven't incremented any further, there
were a number of collisions when I first checked. I'm thinking the server
has been restarted a few times as it's not occurring now, looks likely that
will be the problem

thanks



""Wilson, Bradley""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Okay, I see where you're coming from.  Are the switch port and server NIC
> hard-coded at a certain speed and duplex?
>
>
> -Original Message-
> From: Patrick Donlon [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 08, 2001 8:35 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Cat 6.5K error messages [7:15250]
>
>
> It's a server in the port, and the messages are occurring fairly
frequently
> in succession. I can see other devices joining and leaving occasionally, I
> thought this interface may be flapping,
>
> cheers
>
>
> ""Wilson, Bradley""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I thought these messages appeared whenever a station joins or leaves the
> > switch - are you sure someone isn't just rebooting their PC?
> >
> >
> > -Original Message-
> > From: Patrick Donlon [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, August 08, 2001 7:33 AM
> > To: [EMAIL PROTECTED]
> > Subject: Cat 6.5K error messages [7:15241]
> >
> >
> > I have a cat' that is giving me these messages on the console:
> >
> > 06:02:18 MET +02:00 %PAGP-5-PORTFROMSTP:Port 8/48 left bridge port 8/48
> >
> > 06:02:35 MET +02:00 %PAGP-5-PORTTOSTP:Port 8/48 joined bridge port 8/48.
> >
> > From the CCO I've read that it could be a duplex mis-match, faulty NIC,
> > cable or mis-configuration.
> > How can I find out from the switch stat's which is most likely?
> >
> > cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15276&t=15257
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACL log [7:15444]

2001-08-09 Thread Patrick Donlon


I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple that
I must be missing something and it's not even Monday morning. I'm just
trying to log the acl activity for the vty access class but I see nothing on
the console or telnet.
The acl has two lines one to permit a network and one to deny anything else,
both with the log option :

access-list 1 permit X.X.X.0 0.0.0.255 log
access-list 1 deny   any log

line vty 0 4
 access-class 1 in
 exec-timeout 0 0
 logging synchronous

Also debug output works just fine to console or telnet sessions,


cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15444&t=15444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Router spec [7:15471]

2001-08-09 Thread Patrick Donlon


I'm after a rough spec for a router, so far all I know is that it will need
to support 13 serial interfaces of approx 2mb each, with a small number of
FE ports. I know it's not much info' but suggestions will probably narrow
down the research

cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15471&t=15471
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ACL log [7:15444]

2001-08-09 Thread Patrick Donlon


Thanks got that clear now, it logs it in the show access-list output


""Patrick Donlon""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple
that
> I must be missing something and it's not even Monday morning. I'm just
> trying to log the acl activity for the vty access class but I see nothing
on
> the console or telnet.
> The acl has two lines one to permit a network and one to deny anything
else,
> both with the log option :
>
> access-list 1 permit X.X.X.0 0.0.0.255 log
> access-list 1 deny   any log
>
> line vty 0 4
>  access-class 1 in
>  exec-timeout 0 0
>  logging synchronous
>
> Also debug output works just fine to console or telnet sessions,
>
>
> cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15472&t=15444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Router spec [7:15471]

2001-08-09 Thread Patrick Donlon


Yes it's a pretty bad spec' I know,  I'm just working on a request from a
friend. I won't get into a discussion about the type of  links but I agree
with your thinking of a 7K router. I've access to the CCO, but wanted to see
what suggestions everyone has as I wasn't sure at what point the number of
serial links would be to much for the throughput of the 7k. Initially a 3662
was mentioned but I don't think that can handle the ports never mind the
throughput. A bit more reading and spec' is required I think

cheers


""Chuck Larrieu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> if you don't have customer access to CCO, you can use the public
> configuration tool at
>
> http://www.cisco.com/pcgi-bin/front.x/newConfig/config_root.pl
>
> for starters.
>
> 13 serial - want to run external CSU's, or save yourself some trouble by
> using integrated serial/CSU's?
>
> how many is a "small number" of FE ports?
>
> I ask because the 72xx platform is picky about the number of high speed
> ports it will support.
>
> also, depending upon your design requirements, have you looked into
running
> ATM at the core and frame at your remotes? 13 frame circuits terminating
to
> a single ATM or ATM IMA can be very cost effective.
>
> without knowing more, I would guess you should start with a 7206 and see
if
> you can get enough port density there.  the next step up is a 7505.
>
> HTH
>
> Chuck
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Thursday, August 09, 2001 8:25 AM
> To: [EMAIL PROTECTED]
> Subject: Router spec [7:15471]
>
>
> I'm after a rough spec for a router, so far all I know is that it will
need
> to support 13 serial interfaces of approx 2mb each, with a small number of
> FE ports. I know it's not much info' but suggestions will probably narrow
> down the research
>
> cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15477&t=15471
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Certification Library box set? [7:15878]

2001-08-14 Thread Patrick Donlon


The box set has the same titles but they're cheaper as your buying them in
bulk,

regards

Pat

""Walzer Jeff""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Cisco Press's web site they are offering a CCNP Certification boxed
set.
> At the bottom under similiar titles listed are individual books like
"Cisco
> Internetwork Troubleshooting" and "Building Cisco Remote Access Networks,"
> etc. Does the books in the new Certification boxed set take the place of
the
> older books or do these supplement them?
>
> Thanks,
> Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15986&t=15878
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: please i need support [7:15990]

2001-08-14 Thread Patrick Donlon


There are two methods which I have used, first is Cisco Voice Manager which
is very buggy in the older versions I used and on the most recent which came
with Cisco Works 2000 it seemed that the TAC were having difficulty
supporting us because of third part reporting tools which it came with.

The other method is to use a Radius server, every call will send start-stop
records to the radius server. The hard bit is cleaning up the data and then
using some sort of reporting tools to examine the records.

The first method is probably quicker to get some reports up and running but
the last method is more likely to produce tailed reports which suite your
needs.

Regards

Pat


""Yanni Nader""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi dear friend
>
> well i dont know , but i feel kinda sure that you will help me,
> the pleasure of knowledge is free for everybody , today i am student
> asking for information, with ur help i will be professional and provide
> another one like me with help , what a magic circle of unified knowledge
> sharing all around the world, no limits, no barriers, my problem is in ur
> hand u solve it as i will solve someone problem , Life became so easy , i
> really apreciate your superb idea/work
>
> please let me be part of groupstudy.com!!
>
> here is what i am suffering from
>
> I have a cisco router 3661 installed as a gateway between PSTN and the
> internet , i am proccessing voice calls , the router have 24 voice ports
> /peer configurations E1, i am a CCNA student , what i want to do is not
> included in my certefication, thats why i am asking ur valuable help , i
did
> some research , but i get lost with SNMP , MIB , CISCO WORKS and WHATS UP
> GOLD,, , please , what i need is quiet simple , how can i have a report
file
> with all the calls durations and time/date of calls , how do i must
> configure my router to have this report daily ? can i did it by whats up
> gold i have the 4.05 version and Cisco works 5.0 ,
>
> waiting ur answer on fire :))
>
> please feel free emailing me for further informations
>
> take care ,
> Yanni Nader
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15996&t=15990
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Are there any jobs out there? [7:15991]

2001-08-14 Thread Patrick Donlon


No and yes,

sorry I meant yes and no, check out www.jobserve.com for UK/Europe

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Are there any Cisco jobs out there or is all this training a waste of
time?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15997&t=15991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE written advice [7:16188]

2001-08-15 Thread Patrick Donlon


I'm slowly starting to get back into reading for the R&S written exam after
starting a new job and I've made a rough list of what will guide me too and
hopefully through the exam.

I've started on Doyle's Routing TCP/IP vol 1,
next I've got the Token ring white paper from CCprep and OSPF design guide
from CCO,
planning on getting CCIE R&S Exam cram book and Boson tests 1,2 and maybe 3.

Obviously everyone has a different approach to an exam but if there are any
major topics I'm missing out on please let me know and also recommendations
on the exam preparation book,

cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16188&t=16188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cisco [7:16263]

2001-08-16 Thread Patrick Donlon


Yes the CIMs are great for the CCNA, I used a number of them and they helped
me through the CCNP as well,

cheers Pat



""ravi sharma""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello Cisco colleagues,
> >I am preparing for the CCNA exam, but I don't have a
> non-production
> >router available for practise purposes. Do you know
> if there is
> >another way to work with and learn the Cisco IOS ? Is
> there something
> >around like a virtual router ? How did you all
> prepare for the exam
> >with regard to the IOS ? Thanks for your kind answers
> in advance !
> >
>
>
> __
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16277&t=16263
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Palm Pilot [7:16555]

2001-08-20 Thread Patrick Donlon


Anyone have any experience of using their Palm to config routers, I'd like
to know what sort of cable should be attached to the hotsync serial lead. I
was unsure whether I'll need a gender converter, modem cable,
rollover/straight through etc., just trying to save some time

thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16555&t=16555
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX design question [7:16801]

2001-08-22 Thread Patrick Donlon


We are in the middle of migrating to a new network, this includes replacing
Checkpoint firewalls with PIX. My question concerns the proposed design of
the Internet and IntrAnet PIX firewalls and in particular a connection
between the two firewalls. It has been suggested that we connect the
IntrAnet firewall's outside interface to one of the Internet firewalls DMZs.
I can see that this may reduce latency for traffic passing to the internet
from our intrAnet but I'd like to hear anyone's thoughts on this one,
routing or security issues perhaps.

Another design issue which was raised was the placement of some servers in
the same outside interface of the intrAnet firewall. These servers would
require access to one of the intrAnet firewall's DMZ and be accessible from
another DMZ on the internet firewall which are in turn are accessible from
the Internet. This seems a bit of a complicated design and could be a
security loophole (??). Thoughts and experiences please

regards Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16801&t=16801
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX design question [7:16801]

2001-08-22 Thread Patrick Donlon

Yes we have already planned for that, we've ordered 4 PIX in total with 8
interfaces in each. What do you mean by double segregate intra/internets?

cheers Pat

- Original Message -
From: "Patrick Ramsey" 
To: ; 
Sent: Wednesday, August 22, 2001 4:00 PM
Subject: Re: PIX design question [7:16801]

If you are goign to buy 2 for sure, why not use them in statefull failover?
And not double segregate intra/internets?

Purchase say 2 525's with 1 fastethernet card per box. (has 4 ports)
Your in and out interfaces can be the built in fastE ports and the remainder
can be for various DMZ's and private networks.

-Patrick

>>> "Patrick Donlon"  08/22/01 09:56AM >>>
We are in the middle of migrating to a new network, this includes replacing
Checkpoint firewalls with PIX. My question concerns the proposed design of
the Internet and IntrAnet PIX firewalls and in particular a connection
between the two firewalls. It has been suggested that we connect the
IntrAnet firewall's outside interface to one of the Internet firewalls DMZs.
I can see that this may reduce latency for traffic passing to the internet
from our intrAnet but I'd like to hear anyone's thoughts on this one,
routing or security issues perhaps.

Another design issue which was raised was the placement of some servers in
the same outside interface of the intrAnet firewall. These servers would
require access to one of the intrAnet firewall's DMZ and be accessible from
another DMZ on the internet firewall which are in turn are accessible from
the Internet. This seems a bit of a complicated design and could be a
security loophole (??). Thoughts and experiences please

regards Pat

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16808&t=16801
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Best study materials to use [7:16946]

2001-08-23 Thread Patrick Donlon


I'd use the Cisco press for CCNP, they are most helpful for get the cert. I
purchased an Osborne study guide and it was absolute rubbish, the volume of
material was twice that in the Cisco press book and the format of the book
changes throughout and the test engine was pathetic, I junked it and borrow
the Cisco one for the exam.

cheers Pat

""Brown G.G.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> For the CCNP/DP.  I have been hearing that the Cisco Press is the best
> source. Please any input would be greatly appreciated. Also I would like
to
> know a few folks opinion on the CCDP/CCNP which one seems to be more
valuable?
>
> Thanks,
> GG




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16964&t=16946
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Logging debug messages [7:17107]

2001-08-24 Thread Patrick Donlon


I'm having a strange problem with a 2600 running 12.2(1a), after a short
period of time (30 to 60 mins) the router will stop logging messages to the
vty lines with terminal monitor. I can perform a show logging history and
see the last message in the history but nothing is display as it happens,
some details below have a look and if anyone can see what's wrong let me
know,

cheers Pat

 #sh logging
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0
flushes, 0 overruns)
Console logging: level debugging, 152 messages logged
Monitor logging: level debugging, 233 messages logged
Logging to: vty66(0)
Buffer logging: disabled
Logging Exception size (4096 bytes)
Trap logging: level informational, 19 message lines logged

#sh logging history
Syslog History Table:1 maximum table entries,
saving level warnings or higher
 16 messages ignored, 0 dropped, 0 recursion drops
 4 table entries flushed
 SNMP notifications not enabled
   entry number 5 : PARSER-3-BADSUBCMD
Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x
x.x.x.x desmd5 '
timestamp: 699958




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17107&t=17107
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Logging debug messages [7:17107]

2001-08-24 Thread Patrick Donlon


Thanks Bill, I'll check this out straight away, was the bug introduced in
12.2? or earlier

cheers Pat


""Bill Carter""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> There is a bug when logging synchronous is used on the vty or console
ports.
>
> I hit this issue also.
>
> ^-^-^-^-^-^-^-^-^-^-^
> Bill Carter
> CCIE 5022
> ^-^-^-^-^-^-^-^-^-^-^
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Friday, August 24, 2001 7:18 AM
> To: [EMAIL PROTECTED]
> Subject: Logging debug messages [7:17107]
>
>
> I'm having a strange problem with a 2600 running 12.2(1a), after a short
> period of time (30 to 60 mins) the router will stop logging messages to
the
> vty lines with terminal monitor. I can perform a show logging history and
> see the last message in the history but nothing is display as it happens,
> some details below have a look and if anyone can see what's wrong let me
> know,
>
> cheers Pat
>
>  #sh logging
> Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0
> flushes, 0 overruns)
> Console logging: level debugging, 152 messages logged
> Monitor logging: level debugging, 233 messages logged
> Logging to: vty66(0)
> Buffer logging: disabled
> Logging Exception size (4096 bytes)
> Trap logging: level informational, 19 message lines logged
>
> #sh logging history
> Syslog History Table:1 maximum table entries,
> saving level warnings or higher
>  16 messages ignored, 0 dropped, 0 recursion drops
>  4 table entries flushed
>  SNMP notifications not enabled
>entry number 5 : PARSER-3-BADSUBCMD
> Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x
> x.x.x.x desmd5 '
> timestamp: 699958




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17111&t=17107
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BOSON FOR CIT and Cisco Training Manuals [7:17149]

2001-08-27 Thread Patrick Donlon


I bought test 1 & 2 for the CIT and found them very useful and very similar
to the real exam


regards

""J. Li""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Two quick questions.
>
> Q1. BOSON CIT
>
> Are BOSON tests good for CIT exam?  I plan to buy 2
> BOSON tests.  Which ones do you recommend?  Should I
> buy test #1 and #2 or test #2 and #3?
>
> Q2. Cisco Training Manuals -- Copyright
>
> I attended all Cisco training classes and have the
> official training manuals.
>
> Cisco says "Cisco and its suppliers grant to you a
> nonexclusive and nontransferable license to use the
> Cisco Materials solely for your own personal use..."
>
> After I finish my CCNP, I don't plan to keep these
> manuals.  If I donate (transfer?) them to our local
> library, does it violate the license/copyright rule?
>
> Regards,
>
> J. Li
>
>
> __
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17373&t=17149
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX design question [7:16801]

2001-08-28 Thread Patrick Donlon


Thanks for the comments, just to clarify things the inside interfaces will
be connected to 6k cats and the connection between the two firewalls ( if it
does happen ) will have a cat 2924.

cheers


""Kent Hundley""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Patrick,
>
> First, I'm generally not a fan of the interface to interface design for
> firewalls for one simple reason: IDS.  If you wanted to deploy any kind of
> IDS, and I highly recommend that you do, you would not be able to place a
> sensor between the Internet and Intranet firewalls.  Switches are cheap
and
> add no amount of latency that will be noticable.  I wouldn't do it this
way.
>
> As to the second question,  it's best to keep servers on protected DMZ's.
I
> would place the servers in question on the Internet firewalls' DMZ for
> consistency and simplicity of design.
>
> HTH,
> Kent
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Donlon
> Sent: Wednesday, August 22, 2001 6:56 AM
> To: [EMAIL PROTECTED]
> Subject: PIX design question [7:16801]
>
>
> We are in the middle of migrating to a new network, this includes
replacing
> Checkpoint firewalls with PIX. My question concerns the proposed design of
> the Internet and IntrAnet PIX firewalls and in particular a connection
> between the two firewalls. It has been suggested that we connect the
> IntrAnet firewall's outside interface to one of the Internet firewalls
DMZs.
> I can see that this may reduce latency for traffic passing to the internet
> from our intrAnet but I'd like to hear anyone's thoughts on this one,
> routing or security issues perhaps.
>
> Another design issue which was raised was the placement of some servers in
> the same outside interface of the intrAnet firewall. These servers would
> require access to one of the intrAnet firewall's DMZ and be accessible
from
> another DMZ on the internet firewall which are in turn are accessible from
> the Internet. This seems a bit of a complicated design and could be a
> security loophole (??). Thoughts and experiences please
>
> regards Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17507&t=16801
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Voice Ports Need to handle?? [7:17523]

2001-08-28 Thread Patrick Donlon


Here's a sample config below, 16k to 32k are for rtp stream and 1k to 16k is
for the control traffic for the call. Hope this is useful





cheers Pat



ip access-list extended voice-rtp

 remark matches out-bound rtp voice traffic

  permit udp host  any range 16384 32768

ip access-list extended voice-ctrl

  permit tcp host  any range 1023 16384


""Cisco Lover""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Guys,
>
> I want to implement Priority/Custom Queuing for Voice in my network.
> Which ports I need to handle with??? I read that voice uses
> UDP ports 16384-16624???
>
> Any suggestions/Corrections??
>
>
>
> Thanks.
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17526&t=17523
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How do I get into the COLT? [7:17531]

2001-08-28 Thread Patrick Donlon


Try the link out

cheers Pat


""Ariel""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am studying for my third Cisco exam.  I've heard about taking the Colt
> testing for a practice dry run.  How do I get into the COLT?  I have a CCO
> account, but I can't seem to find the COLT within the CISCO website.
>
> Thanks in advance...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17533&t=17531
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Netmeeting and PIX [7:17540]

2001-08-28 Thread Patrick Donlon


I'm about to do some testing with a PIX 5.3(2) and netmeeting, I can't find
specific URLs for both subject on CCO can anyone help?

thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17540&t=17540
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BMC Patrol [7:17794]

2001-08-30 Thread Patrick Donlon


BMC patrol was used at the last company I worked at, an ISP based in the
Netherlands, it wasn't a project I was working on, as it was used to monitor
the applications and not the network but if you want to email me offline
then send you the company's details so you can get some info or dirt on it

cheers Pat


""350mhz""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Cisco Geeks,
>
>
> We are evaluating a new product from BMC called Patrol DashBoard and
> Patrol Visualis. I am told by the Sales Geeks that this product is
> fairly new; therefore it's been rough getting feed back. So I turn to
> you.  What is the word? Who has used it, what are the Pro and Cons? Is
> this company worth dealing with? They are cutting us a good deal and the
> CIO is about to go for it unless I can dig up some dirt.
>
>
> Thank
> Rob




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17830&t=17794
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: E1 / Voice channel / Voip problem [7:17851]

2001-08-30 Thread Patrick Donlon


Frederick

I've never worked with less than 30 channels when configuring VoIP and E1s,
but here's some config's for the D channel and the controller. The problem
could be the busy-out command what's it being used for?

cheers Pat
interface Serial1/0:15
 no ip address
 no logging event link-status
 isdn switch-type primary-net5
 isdn incoming-voice modem
 isdn sending-complete
 fair-queue 64 256 0
 no cdp enable

controller E1 1/0
 clock source line primary
 line-termination 75-ohm
 pri-group timeslots 1-31



""VAN RYCKEGHEM Fridiric""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> I have a Cisco gtw ( 2610 with an NM-HDV using a EVWIC-1MFTE1) to  the
> PSTN.
>
> the PRI is configured  as follows :
>
> controller E1 1/0
>  framing NO-CRC4
>  pri-group timeslots 1-12,16
>  ds0 busyout 13-31
>  description vers PRA BGC
>
> I only  use the timeslots 1-12 because I  only  have 12 DSP on the card.
>
> the problem is that  when a call from  the PSTN arrives on a channel >=
> 13, it is not  working
>
> 2d01h: ISDN Se1/0:15: RX   RELEASE_COMP pd = 8  callref = 0x802D
> 2d01h: Cause i = 0x80AC18 - Requested circuit/channel not
> available
>
>
> if I  configure the 1-31 timeslots  on the E1, I  have this error at
> the creation of the timeslots :
>
>
> oslo-r1(config-controller)#pri-group  timeslots  1-31
> oslo-r1(config-controller)#
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(1), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(2), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(3), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(4), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(5), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(6), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(7), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(8), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(9), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(10), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(11), changed state to
> up
> 2d01h: %LINK-3-UPDOWN: Interface ISDN-VOICE 1/0:15(12), changed state to
> upvnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 13
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 14
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 15
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 17
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 18
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 19
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 20
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 21
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 22
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 23
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 24
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 25
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 26
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 27
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 28
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 29
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 30
> on port 1/0:15vnm_dsprm_find_free_real_sig_channel: No free channels.
> 2d01h: %DSPRM-3-INSUFFICIENT: Insufficient DSP resources for timeslot 31
> on port 1/0:1
>
>
> and  when th

H323, NAT & PIX [7:17856]

2001-08-30 Thread Patrick Donlon


A simple question, I hope, has anyone successfully had h323 traffic passing
through a PIX with static address translations? If so what code did you use
on the PIX and any other useful info'

cheers Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17856&t=17856
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco ACS and Radius Proxy [7:26826]

2001-11-20 Thread Patrick Donlon


Hi All

has any configured a Cisco ACES server proxy with a Radius server? I've had
a search on the CCO and can't seem to find any useful reading and
configurations, any tips or advice welcome

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26826&t=26826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix question [7:26832]

2001-11-20 Thread Patrick Donlon


Ramesh

No you don't need to config NAT, secondly to open up all ports for a host,
as a source to any where, try this acl
access-list acl_inside permit tcp host 192.10.1.1 any

For some more info have a look at the CCO
http://www.cisco.com/warp/customer/707/

cheers Pat

""Ramesh c""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> 1) I got a pix in test(all internal) environment (configured as
> outside,inside and DMZ).Do I need to use NAT to connect to the outside
> segment from inside  or vice versa.Since Pix can act as a router ,will
> enabling routing solve this purpose without use of NAT.Applying access
list
> later  for security.
>
> 2)I want to open all the ports of TCP connection for a particular host.How
> do I go about?
>
>
> cheers
> Ramesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26833&t=26832
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco TACACS+ Problem [7:26783]

2001-11-20 Thread Patrick Donlon


Have you checked the keys are the same in the server and router, also check
the source IP address the router is using and that which is in your server's
entry for the router. Check the logs on your TACACS server, otherwise I
think more info is needed

cheers


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have configured a number of routers to authenticate to the TACACS+
> server we have on site.  some routers get the login prompt and some dont
> and at time others do.
>
> Has anyone got any ideas to this.
>
> *** Thomas Jreige
> *** Communications Engineer
> *** CSC Network Services, Wollongong




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26834&t=26783
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

What IOS to choose? [7:26852]

2001-11-20 Thread Patrick Donlon


Hi All

I'm looking at upgrading the IOS for a couple of 7204 routers so that they
can support SSH, I'm after a bit of info' on a good method of selecting the
IOS to upgrade to.
I've searched the CCO and found that I need an IPSec version, say the
Enterprise IPsec with 3Des, I then get a list of IOS to choose from, easy
enough. I would like the most stable IOS possible for our situation, so I
picked out an IOS 12.1(5)T9, I choose this on the basis of memory
requirements alone and the presumption that the earlier versions (T - T8)
may have had more bugs. I've then done a search on the bug tool to check for
known bugs, and I didn't get any with this specific version. Can anyone else
help me with the selection of the IOS, like what else to search for or check
before deploying it

cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26852&t=26852
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IOS PROBLEM!! [7:26978]

2001-11-21 Thread Patrick Donlon


Suleman

your IOS probably doesn't support Eigrp, go to the Cisco IOS feature
navigator and do a search on EIGRP and you'll get a list of the IOS that
support EIGRP, if your IOS version is not in there then you'll have to
download a new IOS

Cheers
Pat
""suleman ibrahim aboo""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> just a quick question, I have a small cisco 800 series at
> home, with 4 port hub and a BRI, I've just started to go through the
config
> exercises in the books and one question has cropped up from last night.
> When I try and enable IGRP, 'router(config)#router igrp 20' it tells me
> this is an unknown protocol, what have I done, or what is missing? RIP
> config works, no problem.
>
> I know your going to ask what ver of IOS, as I'm not in front of the
console
> but I know its above 12.
>
> Please advise,
>
> -suleman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26986&t=26978
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OFF TOPIC SHIPPING LAB KIT FROM U.S. TO U.K. [7:26987]

2001-11-21 Thread Patrick Donlon


Micheal

I've not exactly had the same experience but I've had equipment shipped
before from the US where EU duty had to be paid before customs would release
it, the goods were purchased for the company's own use. I had this in
Holland and Germany and  customs won't release it until they get the funds
in their bank or a cheque in hand, hope this helps

cheers

Pat

""Michael Ibidunni""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Folks,
>   I was wondering if any one in the U.K. has bought any cisco kit for
> Lab purposes from the states and had it shipped down here? I want to find
> out what happens at this end with customs.
>
> Thanx in advance
> Michael Ibidunni
> Senior Systems Engineer
> Business Data Services
> City & M25 Team
> NTL:
> Tel:0207 562 5800
> Mobile: 07866 625922
> Email:   [EMAIL PROTECTED]
>
>
>
>
>
> The contents of this email and any attachments are sent for the personal
> attention
> of the addressee(s) only and may be confidential.  If you are not the
> intended
> addressee, any use, disclosure or copying of this email and any
attachments
> is
> unauthorised - please notify the sender by return and delete the message.
> Any
> representations or commitments expressed in this email are subject to
> contract.
>
> ntl Group Limited




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26990&t=26987
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE bootcamps [7:27180]

2001-11-23 Thread Patrick Donlon


Hi everyone

can anyone recommend a boot camp for the UK, I'm thinking about taking one
for the written exam to kick start my studies,

cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27180&t=27180
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: AS5300 problem [7:27432]

2001-11-27 Thread Patrick Donlon


See my comments below

cheers
Pat


""Chong Chun Wei (Central)""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>
> I'm facing some problems with the AS5300 gateway. I suspect there is some
> problem when i try to monitor the resource statistic from the gateway.
Below
> is the output that i get.
>
> Cisco# sh call resource voice stats
>
> DSP statistics:
> total channels: 120
> inuse channels: 34
> disabled channels: 0
> pending channels; 0
> free channels: 86
>
> DS0 Statistics:
> total channels: 124
> addresable channels: 90
> inuse channels: 10
> disabled channels: 0
> free channels: 80
>
> There are few questions pertaining to the above:
>
> 1. why is the inuse channels of DS0 so low compared to the inuse channels
of
> DSP?
> 2. why is the addressable channels for DS0 is 90 only since the total
> channels are 120???
Have you checked the capabilty of the voice cards, you can get medium and
high complexity cards which support different numbers of channels.

> 3. why is the total channels of DS0 is 124, shouldn't it be 120???

Presumably the 4 channels are used for signalling

>

> Cheers,
> Alvin Chong
> CCNA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27435&t=27432
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP telephony [7:27533]

2001-11-29 Thread Patrick Donlon


As Matthew said looks like you've got every thing already, all you have to
do is set up the call routing, simple

Cheers

""Anil Kumar""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> For a customer i have implemented an Voip and Ip telephony
> between two office with Cisco Call Manager 3.0. I need to
> intergrate the CCM with Normal PBX phones, so that users
> can dail to the normal telephone to Ip telephone.
>
> For the Voip i am using Cisco 3640 and 3660 Routers with
> NM-HDV cards and both the HDV cards are connected to Nortel
> PBX.
>
> Need help/sugesstion on this.
>
> Thanks in Advance.
>
> Regards.. Anil
>
>
> =
> Thanks & Regards
>
> V Anil Kumar
>
> __
> Do You Yahoo!?
> Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
> http://geocities.yahoo.com/ps/info1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27661&t=27533
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP telephony [7:27533]

2001-11-30 Thread Patrick Donlon


Anil

First thing, are you connecting you PBX to the routers via fxs/fxo ports?
are they already in place?
As for MGCP and H323, I don't know too much about MGCP and I think it's used
for controlling gateways and higher layers features than H323 ( anyone
please feel free to comment), so go for H323 as you just want to originate
and terminate H323 traffic between your routers and CMs.

Have a look at this url on the cco for config's
http://www.cisco.com/univercd/cc/td/doc/product/access/nubuvoip/voip5300/ind
ex.htm
it's mainly about AS5300s but the platform doesn't really matter once the
interfaces are configured. Let me know if you need more info,

cheers

Pat


""Anil Kumar""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> This is the Voice network  i am implementing.
> Voip on this network is working.
>
> Analog PhoneAnalog Phone
>   |  |
>   |  |
>   |  |
>
> IPtelphone->CCM3.0->3660 Router-->3640 Router-->IPtelephone
>With NM-HDVWith NM-HDV
>   (Main Office)  (Remote Office)
>
>
>
> The problem which i am facing is the call routing between
> the IP telephone & the Analog phones to both locations.
> I am bit confused, and not sure to use which type of
> Gateway Types ( MGCP, or H.323) for the 3660 Routers.
> I read that MGCP is being used for mainly FXS/ FXO ports.
>
> I am using an R2 Digital Signalling for the NM-HDV card.
> I have enclosed the config of the main location, the same
> carries for the remote location too.
>
> Request your sugesstion / Comments on this.
>
> Regards.. Anil
>
>
>
> Current configuration:
> !
> version 12.1
> service timestamps debug datetime msec
> service timestamps log uptime
> no service password-encryption
> service udp-small-servers max-servers no-limit
> !
>
> !
> enable secret 5 $1$QdNt$.YqZyaiFoHfFW.ZP1yHzG/
>
> !
> !
> !
> !
> !
> memory-size iomem 10
> voice-card 2
> !
> ip subnet-zero
> ip dhcp ping timeout 2000
> ip dhcp relay information option
> !
> ip dhcp-server 179.65.51.20
> lane client flush
> isdn switch-type primary-net5
> cns event-service server
> !
> !
> voice class permanent 10
> signal pattern idle transmit 0001
> signal pattern idle receive 0001
> !
> !
> !
> !
> !
> !
> controller E1 1/0
>  framing NO-CRC4
>  clock source internal
>  channel-group 1 timeslots 1-31
>  description connected to Branch
> !
> controller E1 2/0
>  framing NO-CRC4
>  clock source internal
>  ds0-group 0 timeslots 1-15,17-31 type r2-digital dtmf dnis
>  description CONNECTED TO NORTEL EPABX
> !
> !
> !
> interface Multilink1
>  ip address 192.168.0.2 255.255.255.252
>  ip helper-address 179.65.51.20
>  ip directed-broadcast
>  ip tcp header-compression iphc-format
>  no ip mroute-cache
>  fair-queue 2048 2048 1000
>  no cdp enable
>  ppp multilink
>  ppp multilink fragment-delay 20
>  ppp multilink interleave
>  multilink-group 1
>  ip rtp header-compression iphc-format
>  ip rtp priority 16384 16383 1488
> !
> interface FastEthernet0/0
>  ip address 179.65.51.1 255.255.0.0
>  ip helper-address 179.65.51.20
>  ip directed-broadcast
>  no ip mroute-cache
>  speed auto
>  half-duplex
>  no cdp enable
> !
> interface Serial1/0:1
>  no ip address
>  ip helper-address 179.65.51.20
>  ip directed-broadcast
>  encapsulation ppp
>  ip mroute-cache
>  no fair-queue
>  ppp multilink
>  multilink-group 1
> !
> ip classless
> ip route 0.0.0.0 0.0.0.0 192.168.0.1
> no ip http server
> !
> dialer-list 1 protocol ip permit
> dialer-list 1 protocol ipx permit
> no cdp advertise-v2
> !
> snmp-server engineID local 000902024B24BF30
> snmp-server community public RO
> snmp-server packetsize 2048
> !
> voice-port 2/0:0
>  no modem passthrough
>  cptone GB
> !
> dial-peer voice 100 voip
>  destination-pattern 125T
>  session target ipv4:192.168.0.1
>  codec g711alaw
>  ip precedence 5
> !
> dial-peer voice 10 pots
>  destination-pattern 116T
>  port 2/0:0
>  forward-digits all
> !
> !
> line con 0
>  transport input none
> line aux 0
> line vty 0 4
>  exec-timeout 20 0
>  login
> !
> end
>
> HO#
>
>
> __
> Do You Yahoo!?
> Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
> http://geocities.yahoo.com/ps/info1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27781&t=27533
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN DDR Question [7:28257]

2001-12-06 Thread Patrick Donlon


dialer idle-timeout seconds



Have a look at this link it's got lots of info on PPP and multilink

http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Internetworking:PPP&s
=Implementation_and_Configuration



Cheers

Pat

""Sam Deckert""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> hey all,
>
> just wondering if anyone knows how to extend the amount of time it takes
> before the second channel comes down after the traffic level drops below
the
> load threshold, when using multilink isdn with 2 channels?
>
> Any help would be great!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28265&t=28257
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP Problem: Billing Triggered Before Authentication [7:28273]

2001-12-06 Thread Patrick Donlon


What billing system are you using? Is it based on the PSTN Switches or do
you use Radius accounting?

cheers Pat


""Chong Chun Wei (Central)""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
> Pls help.
>
> Scenario:
>
> 2 AS 5300 acting as the originating and terminating gateway on each
> side of the network. The originating AS5300 is connected to the PSTN
switch
> ( SW A ) using PRI signaling while the terminating AS 5300 is connected to
> the PSTN switch ( SW B) using R2 signaling. The customer will dial a
> specific number to access the SW A and then enter the account and pin
> number. After the authentication, there will a beep tone follow by the
> message which prompt the user to enter the destination phone number.
>
>
> For a normal scenario,
>
> After the entering of the destination phone number, there will be ringing
> tone. When B-party picked up the phone, there will be a second beep tone
> which will trigger the billing system to start the billing.
>
> However, what actually happens is that,
>
> After the entering of the destination phone number, just right before the
> ringing tone, there is a "click" sound immediately before the ringing tone
> which undesirably, trigger the billing system. This creates problem
because
> even before the call get connected, the customer has already been charged.
>
> The Attempted Solutions include
> 1. Program the progress indicator at the terminating gateway's dial-peer
> 2. check the output of the "debug isdn a931" (looks fine)
>
> However, the problem still haven't been solved. Please help.
>
> rgds
> Alvin Chong
> CCNA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28273&t=28273
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP and memory allocation errros [7:28819]

2001-12-11 Thread Patrick Donlon


Hi All

I have a problem with a router running BGP. I have two 7204vxr's running BGP
connecting to two different service providers, I upgraded the IOS of one the
routers with version 12.1(5)T10 (IP PLUS IPSEC 3DES) and the boot image, it
ran for a week with no problems. I upgraded the other router with the same
images and as got memory allocation errors when it established adjacency
with the BGP neighbours, see the output below. I'm no BGP expert and I
believe there is enough memory in the router, so any suggestions will be
appreciated

Regards

Pat

*Nov 25 15:55:29: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up
*Nov 25 15:55:31: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up
*Nov 25 15:55:41: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up
*Nov 25 15:56:07: %SYS-2-MALLOCFAIL: Memory allocation of 65496 bytes failed
from

0x606BE0F4, pool Processor, alignment 0
-Process= "BGP Router", ipl= 0, pid= 118
-Traceback= 606C1450 606C38B0 606BE0FC 606BE8F0 6082D330 6082D578 6082EA84

609FA5EC 609FB2B8 61476248 609FB35C 609D61F0 606B7DA4 606B7D90
*Nov 25 15:56:08: %BGP-5-ADJCHANGE: neighbor *.*.*.* Down No memory
*Nov 25 15:56:08: %BGP-5-ADJCHANGE: neighbor *.*.*.* Down No memory
*Nov 25 15:56:08: %BGP-5-ADJCHANGE: neighbor *.*.*.*Down No memory
*Nov 25 15:56:11: %BGP-3-NOTIFICATION: sent to neighbor *.*.*.* 3/1 (update

malformed) 0 bytes
*Nov 25 15:56:37: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up
*Nov 25 15:56:37: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up
*Nov 25 15:56:51: %BGP-5-ADJCHANGE: neighbor *.*.*.* Up




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28819&t=28819
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

3rd party Flash memory [7:28823]

2001-12-11 Thread Patrick Donlon


Hi everyone

I am looking at purchasing flash memory cards for Cat6Ks from Kingston, I'd
just like to hear from anyone who has done the same and whether the flash
cards worked OK

cheers




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28823&t=28823
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACS radius attributes [7:29043]

2001-12-13 Thread Patrick Donlon


Hi

just a quick question does anyone know who to set the radius attribute 80 in
the ACS server. I can't find it anywhere in the web configuration tool,

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29043&t=29043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP dial plan [7:31487]

2002-01-10 Thread Patrick Donlon


No, not if you specify how many digits will follow the 2.
Check this link for some general voip stuff
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
t/120t3/voip5300/voip53_1.htm

cheers Pat


""Jim Bond""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> I've got a question on dial plan. We've got (208)
> 472- as DID numbers in our campus, I'd like to use
> the last 5 digits: 2 in our campus VOIP and 7
> digits (no area code) in other offices. In our NY
> office, we have (845) 288- as regular DID numbers.
> Is it possible to make 288- goes to NY and 2
> stays in our campus? Will the beginning number 2
> create any conflict?
>
> Thanks in advance.
>
> Jim
>
> __
> Do You Yahoo!?
> Send FREE video emails in Yahoo! Mail!
> http://promo.yahoo.com/videomail/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31522&t=31487
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Content Switch and Secure Content Accelerator management [7:66144]

2003-03-25 Thread Patrick Donlon

Hi All

long time since I've been at groupstudy, I need to do some serious study too
and hopefully I can answer (or try too) some q's. First off I've this
problem with a content switch CSS and ssl accelerator SCA. I want to be able
to manage the SCA using the web interface, this works fine on port 80 but
for added security I want to use https. I've enabled the port on the SCA and
created a certificate too. My ssl server for web management is set up like
this

  1 _webManagement_ Server Type: Normal
I.P. Address: 192.168.1.1
SSL Port: 443
Clear-Text Port: 449
Transparent Mode: off
 Status: Enabled
Private Key: _webManagement_
Certificate: _webManagement_
Security Policy: default
Certificate Chain: N/A




On my CSS I've set up service for port 443 and 449. When I try to view the
page I get the Security Alert for the private cert then nothing happens. If
anyone would like to see the CSS config I can paste that too

Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66144&t=66144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX and AAA [7:42302]

2002-04-23 Thread Patrick Donlon


Hi All

hopefully someone can help, is it possible to use AAA to authenticate users
on my PIX firewalls?

Cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42302&t=42302
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX and AAA [7:42302]

2002-04-24 Thread Patrick Donlon


Thanks for the replies, I only want to authenticate admininistrators on the
PIX, will let you know how I get on

Cheers

Pat



--

email me on : [EMAIL PROTECTED]

""nrf""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> In such a situation, authorization would be achieved by writing a bunch of
> access-lists on the Pix.  Then, you designate those particular
access-lists
> within the radius server for individual users.  For example, let's say you
> have a user called billclinton, and you want to restrict his access to
> certain websites.  So you write an access-list that does that, and then in
> his radius profile, you "call" that access-list.
>
> This works when you are doing straight authentication through the Pix
> directly.  I have never tried it through a VPN.
>
>
> ""Darren Mitchelmore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > NRF.
> >
> > I am just about to setup a PIX 515 with the Cisco VPN client and the ias
(
> > WIN2K RADIUS SERVER ). From my understanding the VPN client has a group
> > login then the user will be prompted for a username/password that the
> > PIX will pass to the IAS server using Radius. That will be authenticated
> > against the Win username / password database (used to be called SAM ??)
on
> > the IAS server.
> >
> > I believe that this is authentication. Not sure how authorisation is
> > achieved. How do you tie in the access-list
> > to that individual user ??
> >
> > Is this the setup you have got going ??
> >
> > Do you have any problems implementing it ??
> >
> > PS - I have setup PIXs before but only with simple policies...
> >
> > Best Regards,
> > Darren M
> >
> >
> >
> >
> > > -Original Message-
> > > From: nrf [SMTP:[EMAIL PROTECTED]]
> > > Sent: Wednesday, April 24, 2002 3:57 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: PIX and AAA [7:42302]
> > >
> > > Well, actually, the Pix does support a very limited amount of Radius
> > > authorization.  It's only for users going through the Pix, not
> > > administrators of the Pix.  And the authorization 'capabilities' only
> > > allow
> > > you to invoke existing access-lists on the Pix for certain users, so,
> like
> > > I
> > > said, it's very limited.  Still, the capability exists.
> > >
> > >
> http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/mn
> > > ga
> > > cl.htm#xtocid10
> > >
> > >
> > > ""Georg Pauwen""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Paul, Tim, Patrick,
> > > >
> > > > you guys are good ! You are right, I wasn4t specific enough in what
I
> > > said:
> > > > PIX does support RADIUS, but it does NOT support RADIUS
Authorization
> :)
> > > >
> > > > Regards,
> > > >
> > > > Georg
> > > >
> > > >
> > > > >From: "Paul Borghese"
> > > > >To: "Georg Pauwen" ,
> > > > >Subject: Re: PIX and AAA [7:42302]
> > > > >Date: Tue, 23 Apr 2002 10:03:43 -0400
> > > > >
> > > > >The pix does support radius.  I am using it for a small client to
> > > > >authenticate PPTP connections using the Microsoft 2000 Radius
server.
> > > > >
> > > > >Paul Borghese
> > > > >- Original Message -
> > > > >From: "Georg Pauwen"
> > > > >To:
> > > > >Sent: Tuesday, April 23, 2002 7:16 AM
> > > > >Subject: RE: PIX and AAA [7:42302]
> > > > >
> > > > >
> > > > > > Hi Patrick,
> > > > > >
> > > > > > yes, aaa is fully supported on the PIX (remember, though, that
the
> > > PIX
> > > > >does
> > > > > > not support RADIUS). Follow this link for a command overview of
> aaa
> > > on
> > > > >the
> > > > > > PIX:
> > > > > >
> > > > > >
> > > >
> > >
> >http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/a
> > > b.
> > > h
> > > > >tm#xtocid3
> > > > > >
> > > > > > Regards,
> > > > > >
> > > > > > Georg
> > > > _
> > > > Chat with friends online, try MSN Messenger:
http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42417&t=42302
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Questions about PIX firewall [7:24634]

2002-04-29 Thread Patrick Donlon

Hi
backing up what's already been posted, we've changed from Checkpoint on
Solaris to PIX.
For the last 6 months we have had a very stable environment with failover
implemented
too. The cli is excellent if your familiar with IOS, it doesn't have the
overhead and
terrible sluggish response of the Checkpoint GUI -try remote logging on
Checkpoints
GUI,

For most things PIX  check http://www.cisco.com/warp/customer/707/#pix

cheers

Pat

dovelet wrote:

> Hi all,
>
> Our company wants to use PIX 515 firewall but I never use it before. I have
> some questions and I hope someone can help me.
>
> 1. To configure a PIX, is there any GUI interface or need to use Command
> Line Interface? If it has GUI interface, is it bundle with a PIX or need to
> purchase separately?
> 2. We plan to use 2 PIX for HA solution. Is it stable?
> 3. Is there any materials to describe the PIX failover?
>
> Regards,
> Dovelet

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42819&t=24634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Content Switching and Keepalives [7:43141]

2002-05-02 Thread Patrick Donlon


Hi All

I have two web servers which are being load balanced behind a CSS, this
is working fine. Currently we're using the default ICMP keepalive, this
is OK if the failure is at this level but when the web services process
is stopped by the DBA the CSS thinks it's up and running. I've seen the
different options, tcp, http gets, etc, and would like to know anyone
else's experience in what is the best balance over performance and
detecting the lost of service

Cheers

Pat


[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43141&t=43141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX and AAA [7:42302]

2002-05-02 Thread Patrick Donlon


Thanks again for the replies everyone it worked just fine




Patrick Donlon wrote:

> Thanks for the replies, I only want to authenticate admininistrators on the
> PIX, will let you know how I get on
>
> Cheers
>
> Pat
>
> --
>
> email me on : [EMAIL PROTECTED]
>
> ""nrf""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > In such a situation, authorization would be achieved by writing a bunch
of
> > access-lists on the Pix.  Then, you designate those particular
> access-lists
> > within the radius server for individual users.  For example, let's say
you
> > have a user called billclinton, and you want to restrict his access to
> > certain websites.  So you write an access-list that does that, and then
in
> > his radius profile, you "call" that access-list.
> >
> > This works when you are doing straight authentication through the Pix
> > directly.  I have never tried it through a VPN.
> >
> >
> > ""Darren Mitchelmore""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > NRF.
> > >
> > > I am just about to setup a PIX 515 with the Cisco VPN client and the
ias
> (
> > > WIN2K RADIUS SERVER ). From my understanding the VPN client has a group
> > > login then the user will be prompted for a username/password that the
> > > PIX will pass to the IAS server using Radius. That will be
authenticated
> > > against the Win username / password database (used to be called SAM ??)
> on
> > > the IAS server.
> > >
> > > I believe that this is authentication. Not sure how authorisation is
> > > achieved. How do you tie in the access-list
> > > to that individual user ??
> > >
> > > Is this the setup you have got going ??
> > >
> > > Do you have any problems implementing it ??
> > >
> > > PS - I have setup PIXs before but only with simple policies...
> > >
> > > Best Regards,
> > > Darren M
> > >
> > >
> > >
> > >
> > > > -Original Message-
> > > > From: nrf [SMTP:[EMAIL PROTECTED]]
> > > > Sent: Wednesday, April 24, 2002 3:57 AM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: PIX and AAA [7:42302]
> > > >
> > > > Well, actually, the Pix does support a very limited amount of Radius
> > > > authorization.  It's only for users going through the Pix, not
> > > > administrators of the Pix.  And the authorization 'capabilities' only
> > > > allow
> > > > you to invoke existing access-lists on the Pix for certain users, so,
> > like
> > > > I
> > > > said, it's very limited.  Still, the capability exists.
> > > >
> > > >
> >
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/mn
> > > > ga
> > > > cl.htm#xtocid10
> > > >
> > > >
> > > > ""Georg Pauwen""  wrote in message
> > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > > Paul, Tim, Patrick,
> > > > >
> > > > > you guys are good ! You are right, I wasn4t specific enough in what
> I
> > > > said:
> > > > > PIX does support RADIUS, but it does NOT support RADIUS
> Authorization
> > :)
> > > > >
> > > > > Regards,
> > > > >
> > > > > Georg
> > > > >
> > > > >
> > > > > >From: "Paul Borghese"
> > > > > >To: "Georg Pauwen" ,
> > > > > >Subject: Re: PIX and AAA [7:42302]
> > > > > >Date: Tue, 23 Apr 2002 10:03:43 -0400
> > > > > >
> > > > > >The pix does support radius.  I am using it for a small client to
> > > > > >authenticate PPTP connections using the Microsoft 2000 Radius
> server.
> > > > > >
> > > > > >Paul Borghese
> > > > > >- Original Message -
> > > > > >From: "Georg Pauwen"
> > > > > >To:
> > > > > >Sent: Tuesday, April 23, 2002 7:16 AM
> > > > > >Subject: RE: PIX and AAA [7:42302]
> > > > > >
> > > > > >
> > > > > > > Hi Patrick,
> > > > > > >
> > > > > > > yes, aaa is fully supported on the PIX (remember, though, that
> the
> > > > PIX
> > > > > >does
> > > > > > > not support RADIUS). Follow this link for a command overview of
> > aaa
> > > > on
> > > > > >the
> > > > > > > PIX:
> > > > > > >
> > > > > > >
> > > > >
> > > >
> >
>http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/a
> > > > b.
> > > > h
> > > > > >tm#xtocid3
> > > > > > >
> > > > > > > Regards,
> > > > > > >
> > > > > > > Georg
> > > > > _
> > > > > Chat with friends online, try MSN Messenger:
> http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43143&t=42302
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Content Switching and Keepalives [7:43141]

2002-05-03 Thread Patrick Donlon


Hi

I tested it and for some reason it didn't work,  I configured the following
on the
service:

keepalive port 81,
keepalive method get,
keepalive type http
keepalive frequency 25,
keepalive retry 25
keepalive uri  "www.blahblah.com/index.html"

I then activated the service (and re-activated it a few times just in case)
Any thing
obviously wrong and  what should I check in the log

cheers

Pat




Patrick Donlon wrote:

> Hi All
>
> I have two web servers which are being load balanced behind a CSS, this
> is working fine. Currently we're using the default ICMP keepalive, this
> is OK if the failure is at this level but when the web services process
> is stopped by the DBA the CSS thinks it's up and running. I've seen the
> different options, tcp, http gets, etc, and would like to know anyone
> else's experience in what is the best balance over performance and
> detecting the lost of service
>
> Cheers
>
> Pat
>
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43232&t=43141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Content Switching and Keepalives [7:43141]

2002-05-06 Thread Patrick Donlon


Hi Dave

I've not had chance to test the keepalive yet but I see you mention using
head or get
can depend on the page type. Can you explain further or do you have any
links?

Cheers

Pat

David Harrison wrote:

> This is correct. The domain name is not necessary. Since the CSS knows
> the ip address of the box it's watching it doesn't have to rely on a
> domain name to find the location of the server.
>
> However it is important that the css know the path to reach the
> reference page.
>
> I've used the following:
> service blah_blah
>   ip address 10.1.1.1
>   keepalive frequency 8
>   keepalive type http
>   keepalive uri "/.reference/arrowpoint-keepalive.html"
>   active
>
> I usually use the default "head" method vs the "get". Depends on whether
> the file you are watching is static or dynamic.
>
> Dave
>
> -Original Message-
> From: John Neiberger [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 03, 2002 12:19 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Content Switching and Keepalives [7:43141]
>
> I'm not positive about this but I don't believe you're supposed to
> include the domain name in the URI.  We simply use 'keepalive uri
> "/index.htm"' and that works well.  Give that a shot and see if it works
> for you.
>
> John
>
> >>> "Patrick Donlon"  5/3/02 9:54:47 AM >>>
> Hi
>
> I tested it and for some reason it didn't work,  I configured the
> following
> on the
> service:
>
> keepalive port 81,
> keepalive method get,
> keepalive type http
> keepalive frequency 25,
> keepalive retry 25
> keepalive uri  "www.blahblah.com/index.html"
>
> I then activated the service (and re-activated it a few times just in
> case)
> Any thing
> obviously wrong and  what should I check in the log
>
> cheers
>
> Pat
>
> Patrick Donlon wrote:
>
> > Hi All
> >
> > I have two web servers which are being load balanced behind a CSS,
> this
> > is working fine. Currently we're using the default ICMP keepalive,
> this
> > is OK if the failure is at this level but when the web services
> process
> > is stopped by the DBA the CSS thinks it's up and running. I've seen
> the
> > different options, tcp, http gets, etc, and would like to know
> anyone
> > else's experience in what is the best balance over performance and
> > detecting the lost of service
> >
> > Cheers
> >
> > Pat
> >
> > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43380&t=43141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Content Switching and Keepalives [7:43141]

2002-05-07 Thread Patrick Donlon


Thanks for the info everyone, I tested it last night and it worked great, we
now have
load balancing and the keepalive running. Here's the config for one of the
services

Cheers
Pat


service portal2
  ip address 172.16.10.12
  string portal2
  protocol tcp
  keepalive port 81
  keepalive type http
  keepalive uri "/index.html"
  active

sam sneed wrote:

> There are 2 methods of keepalives, get and head.
>
> get:
> CSS gets the web page, computes a hash based on the page and stores it for
> reference. The next time the CSS gets the webpage it looks for 200 OK and
> stauts and compares the new hash with the hash stored for reference. If
they
> are different the CSS marks the service as down. So you can conclude this
> method only works well for static content on pages.
>
> Head:
> CSS only issues an HTTP head on the service and looks for 200 OK status ,
if
> it gets it service is marked up other wise its down. Less overhead than get
> method and good for Dynamic content as well.
>
> hope that helped a bit.
>
> ""Patrick Donlon""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi Dave
> >
> > I've not had chance to test the keepalive yet but I see you mention using
> > head or get
> > can depend on the page type. Can you explain further or do you have any
> > links?
> >
> > Cheers
> >
> > Pat
> >
> > David Harrison wrote:
> >
> > > This is correct. The domain name is not necessary. Since the CSS knows
> > > the ip address of the box it's watching it doesn't have to rely on a
> > > domain name to find the location of the server.
> > >
> > > However it is important that the css know the path to reach the
> > > reference page.
> > >
> > > I've used the following:
> > > service blah_blah
> > >   ip address 10.1.1.1
> > >   keepalive frequency 8
> > >   keepalive type http
> > >   keepalive uri "/.reference/arrowpoint-keepalive.html"
> > >   active
> > >
> > > I usually use the default "head" method vs the "get". Depends on
whether
> > > the file you are watching is static or dynamic.
> > >
> > > Dave
> > >
> > > -Original Message-
> > > From: John Neiberger [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, May 03, 2002 12:19 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: Content Switching and Keepalives [7:43141]
> > >
> > > I'm not positive about this but I don't believe you're supposed to
> > > include the domain name in the URI.  We simply use 'keepalive uri
> > > "/index.htm"' and that works well.  Give that a shot and see if it
works
> > > for you.
> > >
> > > John
> > >
> > > >>> "Patrick Donlon"  5/3/02 9:54:47 AM >>>
> > > Hi
> > >
> > > I tested it and for some reason it didn't work,  I configured the
> > > following
> > > on the
> > > service:
> > >
> > > keepalive port 81,
> > > keepalive method get,
> > > keepalive type http
> > > keepalive frequency 25,
> > > keepalive retry 25
> > > keepalive uri  "www.blahblah.com/index.html"
> > >
> > > I then activated the service (and re-activated it a few times just in
> > > case)
> > > Any thing
> > > obviously wrong and  what should I check in the log
> > >
> > > cheers
> > >
> > > Pat
> > >
> > > Patrick Donlon wrote:
> > >
> > > > Hi All
> > > >
> > > > I have two web servers which are being load balanced behind a CSS,
> > > this
> > > > is working fine. Currently we're using the default ICMP keepalive,
> > > this
> > > > is OK if the failure is at this level but when the web services
> > > process
> > > > is stopped by the DBA the CSS thinks it's up and running. I've seen
> > > the
> > > > different options, tcp, http gets, etc, and would like to know
> > > anyone
> > > > else's experience in what is the best balance over performance and
> > > > detecting the lost of service
> > > >
> > > > Cheers
> > > >
> > > > Pat
> > > >
> > > > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43475&t=43141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX and MS Active Directory [7:44797]

2002-05-23 Thread Patrick Donlon


The company I work for are looking to deploy Microsoft's Active Directory
across the intranet. Most sites have a PIX firewall running 5.3(2) and will
have many clients per site using AD. The problem seems to be that when
clients pass through the PIX and are assigned a global address/PAT AD is not
working. Static NAT translations work but due to the number of clients per
site it's not feasible to use static translations. Has anyone done this or
know any good links, can't find a thing on it at the CCO

Cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44797&t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX and MS Active Directory [7:44797]

2002-05-23 Thread Patrick Donlon


Brian
I've just found out from the guy testing the AD stuff that it doesn't even
work with static NAT translations, it'll only work with a static mapping
with the same address across the firewall. The bit that isn't working is the
replication between the servers

Cheers

Pat
--
email me on : [EMAIL PROTECTED]


""Brian Hill"" <> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Pat,
>
> Are the clients having the problem, or are the servers having the problem?
> If it's the servers, it's probably just RPC, but if it's the clients, it
> could be lots of things. What exactly "isn't working"?
>
> Brian Hill
> CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0),
> MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
> Lead Technology Architect, TechTrain
> Author: Cisco, The Complete Reference
> http://www.alfageek.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44820&t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX and MS Active Directory [7:44797]

2002-05-24 Thread Patrick Donlon


Thanks Brian, just in case any ones else is interested here's a useful link
for the microsoft stuff
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/ittasks/t
asks/adrepfir.asp


Cheers

Pat

--

email me on : [EMAIL PROTECTED]

""Brian Hill""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> John,
>
> SMTP only works if you have two sites in two different domains. In
addition,
> you have to have an exchange server with KMS and a CA to encrypt. Pat, I
> would suggest creating a tunnel from pix to pix and running the
replication
> through there. AD uses RPC, which doesn't translate due to the fact that
it
> uses random port numbers after the initial session establishment.
>
> Brian Hill
> CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0),
> MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
> Lead Technology Architect, TechTrain
> Author: Cisco, The Complete Reference
> http://www.alfageek.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44937&t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco ACS Server Problem [7:46193]

2002-06-10 Thread Patrick Donlon


Jimmy have you checked the ACS logs? Have you created an entry for the
router in the ACS server? Also it could just be the IP address of the router
if it has multiple interfaces,

Cheers



--

email me on : [EMAIL PROTECTED]

""Jimmy"" <> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>I am configuring a Cisco ACS server as a TACACS+
> server. I have a router will use ACS server for
> authentication. At the router, all parameters like
> tacacs host , tacacs key has been configured. ACS
> server is located inside the Firewall. Few username
> are created in ACS server.
>
>From router , I am able to ping to the ACS server
> and able to telnet to ACS server port 49. Firewall log
> show that packets are accepted. However no
> authentication can be done. I got "access denied".
>
>I have done a debug aaa authentication.
>
>  Jun 10 20:39:07: AAA/AUTHEN: create_user user=''
> ruser='' port='tty3' rem_addr='
> 102.102.118.66' authen_type=1 service=1 priv=1
> Jun 10 20:39:07: AAA/AUTHEN/START (0): port='tty3'
> list='' action=LOGIN service=
> LOGIN
> Jun 10 20:39:07: AAA/AUTHEN/START (0): using "default"
> list
> Jun 10 20:39:07: AAA/AUTHEN/START (410787771):
> Method=TACACS+
> Jun 10 20:39:07: AAA/AUTHEN (410787771): status =
> ERROR
> Jun 10 20:39:07: AAA/AUTHEN/START (410787771):
> Method=LOCAL
> Jun 10 20:39:07: AAA/AUTHEN (410787771): status =
> GETUSER
> Jun 10 20:39:10: AAA/AUTHEN/CONT (410787771):
> continue_login
> Jun 10 20:39:10: AAA/AUTHEN (410787771): status =
> GETUSER
> Jun 10 20:39:10: AAA/AUTHEN/CONT (410787771):
> Method=LOCAL
> Jun 10 20:39:10: AAA/AUTHEN (410787771): status =
> GETPASS
> Jun 10 20:39:12: AAA/AUTHEN/CONT (410787771):
> continue_login
> Jun 10 20:39:12: AAA/AUTHEN (410787771): status =
> GETPASS
> Jun 10 20:39:12: AAA/AUTHEN/CONT (410787771):
> Method=LOCAL
> Jun 10 20:39:12: AAA/AUTHEN (410787771): password
> incorrect
> Jun 10 20:39:12: AAA/AUTHEN (410787771): status = FAIL
> Jun 10 20:39:14: AAA/AUTHEN: free user='test1'
> ruser='' port='tty3' rem_addr='10
> 2.102.118.66' authen_type=1 service=1 priv=1
> Jun 10 20:39:14: AAA/AUTHEN: create_user user=''
> ruser='' port='tty3' rem_addr='
> 102.102.118.66' authen_type=1 service=1 priv=1
> Jun 10 20:39:14: AAA/AUTHEN/START (0): port='tty3'
> list='' action=LOGIN service=
> LOGIN
> Jun 10 20:39:14: AAA/AUTHEN/START (0): using "default"
> list
> Jun 10 20:39:14: AAA/AUTHEN/START (440731952):
> Method=TACACS+
> Jun 10 20:39:14: AAA/AUTHEN (440731952): status =
> ERROR
>
>
>Does anyone has any idea ?
>
>
> regards
> Jimmy
>
>
> __
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46205&t=46193
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

3600 10MB port duplex? [7:46250]

2002-06-11 Thread Patrick Donlon


Hi All

I've a dead simple question for anyone with a 3610 at their disposal, I'd
like to know whether the built in 10MB ethernet port will run at full
duplex. Reason why is I don't have a 3610 with one of these I can access and
I've been told by AT&T that their router will only run at half-duplex and
10MB

Cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46250&t=46250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN problem from Pix to VPN concentrator 3030 [7:46343]

2002-06-12 Thread Patrick Donlon


I have a problem with a ipsec tunnel across the internet from a PIX to a
3030 vpn concentrator. The tunnel occasionally  stops routing IP traffic and
then starts again without any intervention from anyone. The tunnel is still
up when I check both the 3030 and the pix but no IP traffic is sent across
the link.

I've checked the logs on the 3030 and see the following message :
Mismatch: Configured LAN-to-LAN proposal differs from negotiated
proposal.
Verify local and remote LAN-to-LAN connection lists.

I see this message when the tunnel is re-connected and traffic is or is not
routed, but it looks like it should be corrected.
Any ideas??


Cheers

Pat




--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46343&t=46343
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN problem from Pix to VPN concentrator 3030 [7:46343]

2002-06-13 Thread Patrick Donlon


I don't have both the isakmp statements in my PIX, why do I need it on both
interfaces when the crypto map is on only the outside? Also I have two other
PIX working OK with the only the one statement

Cheers

Pat






--

email me on : [EMAIL PROTECTED]

""Brunner Joseph""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> on the 3030 make sure you are manually specifying lan to lan
> (Local Network and Remote Network) using "USE IP ADDRESS/WILDCARD
> MASK BELOW).
>
> While you normally don't have to do this (you can "autodiscover")
> Just do it to test if this is the problem.
>
> Also make sure you have both
>
> isakmp enable outside
> isakmp enable inside
>
> yes i mean both.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46440&t=46343
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco Works 2000 [7:46446]

2002-06-13 Thread Patrick Donlon


I've just started to use CW2000 after it had been installed by a
colleague. I have a Sun workstation and Netscape 4.78, the problem
I have is that Netscape doesn't display all the frames sometimes or the
data in a page. I do have a Windows machine and it does display the
pages but very slowly. What do other people use with CW2000??


Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46446&t=46446
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco ACS db corrupt?? [7:46882]

2002-06-18 Thread Patrick Donlon


I have a problem with the local database on a 2.6(6) ACS server. All
users use an external database  for authentication (NT or RSA) but I
want to create a user with a password stored in the ACS server. I can
create a new user and assign all the correct attributes without any
errors, however when I try to login with the user they are rejected. The
logs show the user is rejected due to the CS password : "CS password
invalid" .
I have tried to create other users and also to change users account
setting so that they authenticate using the CS password, with no luck.
So I think there is a problem with the passwords stored in the ACS
server
We have upgraded the server twice in the past 8 months for new features
and bug fixes whether this has caused the problem I don't know. Any
ideas on how to verify or fix this?

Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46882&t=46882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

1 2 >

1 - 100 of 165 matches

Mail list logo