Re: Benefits of BGP holding the routing tables [7:70788]

[Thomas Crowe]

Unless you have multiple egress points from your network to the Internet 
(IOW Load Balancing) there is really not a compelling reason to recieve 
full BGP routes, just have your ISP send you defaults via BGP, or even 
simpler set your default to your ISP facing interface.

HTH

Robert Perez wrote:
 Could anyone explain the benefit of using BGP and holding the routing
tables
 on your router versus having the ISP hold the tables and you just receive a
 default-route?  Thanks.
-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master+ Operator
CTS Professional Services, Atlanta




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70791t=70788
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP problem [7:70797]

[Thomas Crowe]

Sorry, I should have done the search first.  Came up first link in google...

padding
padding
padding

http://cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00605.html


 Christopher Dumais wrote:
 
Hi all,
We are having an STP problem where we think a user with an integrated
wireless and LAN NIC is creating a bridge loop and bringing down the entire
network. The problem occurs then goes away after 20 or so minutes unless we
can narrow down which closet it is coming from and reboot the switch. All
 
 of
 
our management tools die during the outage. Does anyone have any ideas on
how we might prevent this from happening or track down the offender? We
 
 have
 
6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are
appreciated. Thanks!

Chris Dumais, CCNP, CNA
Sr. Network Administrator
NSS Customer and Desktop Services Team
Maine Medical Center
(207)871-6940
[EMAIL PROTECTED]
 


-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master+ Operator
CTS Professional Services, Atlanta
Office Phone: 770-664-3900
Cell Phone: 678-521-0360




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70831t=70797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP problem [7:70797]

[Thomas Crowe]

I seem to recall a similar problem when MS released one of the first 
beta versions of XP.  I don't recall the exact details right off but I 
know it involved a laptop (generally) with a wireless NIC and Windows 
XP, resulting in the catastropic meltdown of Cisco switched networks.  I 
will see if I can locate some more details, but it may be something to 
look into.

HTH


 Christopher Dumais wrote:
 
Hi all,
We are having an STP problem where we think a user with an integrated
wireless and LAN NIC is creating a bridge loop and bringing down the entire
network. The problem occurs then goes away after 20 or so minutes unless we
can narrow down which closet it is coming from and reboot the switch. All
 
 of
 
our management tools die during the outage. Does anyone have any ideas on
how we might prevent this from happening or track down the offender? We
 
 have
 
6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are
appreciated. Thanks!

Chris Dumais, CCNP, CNA
Sr. Network Administrator
NSS Customer and Desktop Services Team
Maine Medical Center
(207)871-6940
[EMAIL PROTECTED]
 


-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master+ Operator
CTS Professional Services, Atlanta




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70830t=70797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Tunnel interface Problem [7:70590]

[Thomas Crowe]

Try this URL
pad
pad
pad
http://www.cisco.com/en/US/customer/tech/tk827/tk369/tech_protocol_family_home.html

Skarphedinsson Arni V. wrote:
 Hi all
 
 I am trying to bring up a tunnel interface, I get up and up, but the
 folowing statement is shown when i do a show int tunnel
 
 Tunnel protocol/transport uninitialized
 
 and I can not get any traffic to flow through the tunnel, any thoughts ?
-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master+ Operator
CTS Professional Services, Atlanta
Office Phone: 770-664-3900
Cell Phone: 678-521-0360




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70630t=70590
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Tunnel interface Problem [7:70590]

[Thomas Crowe]

If you could post your configuration, it would be a lot easier for us to 
help you troubleshoot the problem.

Skarphedinsson Arni V. wrote:
 Hi all
 
 I am trying to bring up a tunnel interface, I get up and up, but the
 folowing statement is shown when i do a show int tunnel
 
 Tunnel protocol/transport uninitialized
 
 and I can not get any traffic to flow through the tunnel, any thoughts ?
-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master+ Operator
CTS Professional Services, Atlanta




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70593t=70590
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 10 half or 100 full [7:64482]

[Thomas Crowe]

Wow!, what is that about?  While my personal experience conflicts with 
the content of the email, ( I have never had reliable sucess with 
auto-negotiation in a server or workstation environment) that is no 
reason to be so fundamentaly rude towards the sender.
Peri pointed out that they use very specific cards and drivers in their 
environment, therefore he may very well have sucess with the 
Autonegotiation *feature*.

Ron Beasley wrote:

YOU NEED TO TELL SISCO TO GET YOUR ASS OFF MY EMAIL LIST NOW1
 Peri Sophos  wrote:hI Mike,

my opinion is that a server should be forced to 100mb full duplex and on
the switch side 100mb full duplex ONLY for servers though. On the wkst
side and switch side things should be left on auto auto. I do this in my
company , we have around 3000 users in the building , I don't have a
problem at all.

We have a standard on Intel cards through out the network.Comapaq cards
sometimes seem to give a little bit more trouble when it comes to
forcing the cards to 100mb full duplex . this only really happens when
the drives for the cards are not of the latest.

Thanks

-Original Message-
From: Mike Momb [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 05, 2003 5:25 PM
To: [EMAIL PROTECTED]
Subject: 10 half or 100 full [7:64482]


To all,

I know this subject has been talked about on a workstation level but I
want
to ask it on a network level. We recently replaced our Nortel network
with
Cisco switches and we seem to have a slowness level across the network
at
certain times. We have a raging debate on what speed to set the NIC
cards
and switches. Some folks say set the switches and PCs at 10mb  half
duplex
and others say set them at 100mb  full duplex and still others say auto
on
both ends should work. It has been my experience that auto has never
worked
very well. My question is this, what has been this groups experience on
how
to set the ports for the maximum bandwith. We are using a combination
of
Cat 5  Cat 3 cables. Any advice would be appreciated.

thanks
Mike
NOTICE - This message contains privileged and confidential 
information intended only for the use of the addressee 
named above. Any review, retransmission, dissemination, 
copying, disclosure or other use of, or taking of any 
action in reliance upon, this information by person or 
entities other than the intended recipient is prohibited. 
If you have received this message in error, please notify 
the sender by return email and delete this message. 
This message should not be copied or used for any purpose 
other than intended, nor should it be disclosed to any 
other person. Any views expressed in this message are those 
of the individual sender, except where the sender specifically
states them to be the view of Investec Group, its 
subsidiaries or associates. The Investec Group is not 
liable for the security of information sent by e-mail at 
your request, nor for the proper and complete transmission 
of the information contained in the communication nor for 
any delay in its receipt. Please note that the recipient 
must scan this e-mail and any attached files for viruses 
and the like. The Investec Group accepts no liability of 
whatever nature for any loss, liability, damage or expense 
resulting directly or indirectly from the access of any files 
which are attached to this message.
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, and more
-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master Operator
CTS Professional Services, Atlanta
Yahoo IM:  thomas_crowe
MS Messenger: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64834t=64482
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Configuring CIR on a cisco 2522 FR switch [7:64187]

[Thomas Crowe]

Remember though, that when a sender exceeds the CIR, the frame switch 
only marks the packet's DE flag.  So if the frame switch is not 
congested, then none of the packets will be discarded.

HTH

John Tafasi wrote:

Hi group,

I have a cisco 2522 router that is configured as a frame relay switch. I am
trying to configure CIR on serial 4 so that if the router connected to s4 is
sending more traffic than the configured CIR, packets will be dropped at fhe
frame relay switch. I configured the CIR on the switch but it seems that the
router connected to s4 can still send traffic at rates exceeding the CIR,
and the FR switch will not drop any packet.


Can some one give an advice here?

Below is the configuration of the frame relay switch.




Frame_Relay_Switch#show run
Building configuration...

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Frame_Relay_Switch
!
enable secret 5 $1$dzof$Eb3uuMoHCj2x4/dCZFZ5T.
!
frame-relay switching
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
!
interface Serial1
 no ip address
 shutdown
!
interface Serial2
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 104 interface Serial4 401
 frame-relay route 105 interface Serial5 501
 frame-relay route 106 interface Serial6 601
!
interface Serial3
 no ip address
 shutdown
!
interface Serial4
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay class para
 frame-relay intf-type dce
 frame-relay route 401 interface Serial2 104
 frame-relay route 405 interface Serial5 504
 frame-relay route 406 interface Serial6 604
!
interface Serial5
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 501 interface Serial2 105
 frame-relay route 504 interface Serial4 405
 frame-relay route 506 interface Serial6 605
!
interface Serial6
 no ip address
 encapsulation frame-relay
 clockrate 64000
 frame-relay intf-type dce
 frame-relay route 601 interface Serial2 106
 frame-relay route 604 interface Serial4 406
 frame-relay route 605 interface Serial5 506
!
interface Serial7
 no ip address
 shutdown
!
interface Serial8
 no ip address
 shutdown
!
interface Serial9
 no ip address
 shutdown
!
interface BRI0
 no ip address
 shutdown
!
no ip classless
!
map-class frame-relay parameters
 frame-relay cir 300
!
map-class frame-relay para
 frame-relay traffic-rate 1000
 frame-relay cir 1000
 frame-relay bc 1000
!
line con 0
 exec-timeout 3 0
line aux 0
line vty 0 4
 login
!
end

Frame_Relay_Switch#
-- 
Thomas Crowe
Senior Engineer / Senior Architect
EMC Proven Professional, Master Architect
EMC Proven Professional, Master Operator
CTS Professional Services, Atlanta
Yahoo IM:  thomas_crowe
MS Messenger: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64378t=64187
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Graphical Bandwidth Utilization [7:58819]

[Thomas Crowe]

MRTG would be by far the easiest, and you can't beat the price ;-) 
http://www.google.com/search?hl=enie=UTF-8oe=UTF-8q=MRTG

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
EMC Proven Master Operator
CTS Professional Services - Atlanta
Yahoo IM:  thomas_crowe
MSN IM:  [EMAIL PROTECTED]
__ 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 09, 2002 3:49 PM
To: [EMAIL PROTECTED]
Subject: Graphical Bandwidth Utilization [7:58819]




Does anyone have any sugestions for how I can monitor the port on my router
that is connected to my Internet T1 in a way that I can generate a
graphical
representation of the bandwidth utilization through out a normal business
day??

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58831t=58819
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Would this break the NDA [7:55799]

[Thomas Crowe]

I remember a while back I had the question of which terminal emulator is
being used for the CCIE lab.  Well after taking the Lab (and yes I was
honored with an invitation to come back and try again one day soon :-o ) I
now definitively know the answer to this question.  As I recall others also
had this question, in trying to avoid a flaming war, what is the group's
consensus on this.  Do you feel that it would violate the NDA to disclose
this information, it doesn't address any of the technical content of the lab
(and NO I will not disclose any of those, so please do not ask) so I don't
feel that it would.  This is simply an effort to help out some people with
their studying efforts so that they are not wasting time getting accustomed
to a new and totally different terminal emulator.

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
EMC Proven Master Operator
CTS Professional Services - Atlanta
__

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55799t=55799
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Given some config-register value cannot goto c [7:55798]

[Thomas Crowe]

If you send what you set the config register to, someone on the list, or
myself can decode it and tell you what to set hyperterm (or better yet CRT
:-D ) to.

HTH

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
EMC Proven Master Operator
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com]
Sent: Thursday, October 17, 2002 5:50 AM
To: [EMAIL PROTECTED]
Subject: Given some config-register value cannot goto conso [7:55791]




Hi Friends

In my mc3810 router I changed config-register value to some thing.
After rebooting, in the hyper terminal console I did not get even a single
character. Then tried to find the baud rate. Its 1200.

But after setting to this baud rate 1200 I can see only junk characters in
the console.

Router is working fine. I can ping the interfaces. BGP and OSPF is
working fine.

Because I did not set enable password I cannot enter the enable mode
through
AUX port.

Friends please help me.

thanks in  advance
jagan

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55798t=55798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EIGRP Neighbor issue [7:47030]

[Thomas Crowe]

On p2p frame-relay interfaces, you have to set 
an interface DLCI.  That should resolve your neighbor
problem.

HTH

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
CTS Professional Services - Atlanta
__ 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 20, 2002 12:09 PM
To: [EMAIL PROTECTED]
Subject: Re: EIGRP Neighbor issue [7:47030]




My understanding of P2P Frame-Relay is that you do NOT need map statements.
Unless I'm following an olders IOS behavior as outlined in Caslow, please
correct me if I'm wrong.

- Original Message -
From: Kelly Cobean
To:
Sent: Wednesday, June 19, 2002 11:27 PM
Subject: FW: EIGRP Neighbor issue [7:47030]


 Hey all,
  I'm probably missing some fairly simple concept here, but for some
 reason, I cannot get two routers to establish a neighborship over a
 frame-relay link without manually specifying each as the other's neighbor
in
 the eigrp configuration on each router.  Both routers have frame-relay
map
 statements that include the broadcast keyword.  The spoke router has
 another router connected to it via Ethernet.  It dynamically discovers
this
 other router and establishes adjacency without manual configuration.

 Here's the basics of the config:

 Hub#
 int s0.300 multipoint
  ip address 192.168.1.1 255.255.255.0
  frame-relay map ip 192.168.1.3 301 broadcast
  frame-relay map ip 192.168.1.2 302 broadcast

 router eigrp 100
  no auto-summary
  network 192.168.1.0

 __

 Spoke#
 int s0.103 point-to-point
  ip address 192.168.1.3 255.255.255.0
  frame-relay map ip 192.168.1.1 103 broadcast

 router eigrp 100
  no auto-summary
  network 192.168.1.0
 __

 Unless I add the line neighbor 192.168.1.3 and neighbor 192.168.1.1
to
 each router respectively, the adjacency fails.  My impression of the
 broadcast keyword in the frame-relay map statement was that it would
cause
 the interface to pass broad/multicasts.  So what am I missing?  There is
 nothing in my BSCN book about this (unless I'm blind) and I've had a hard
 time finding anything on Cisco's site about it.  Any input is greatly
 appreciated.  Thanks.

 Kelly

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47094t=47030
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN -- challenge! [7:46496]

[Thomas Crowe]

Could you post the output from a
'debug dialer events' command.  Then 
we can see the reason that routerB 
initiates the call.

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
CTS Professional Services - Atlanta
__ 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 13, 2002 6:34 PM
To: [EMAIL PROTECTED]
Subject: ISDN -- challenge! [7:46496]




Router A and Router B are connected to an Atlas 550 via BRI interfaces

Router A  ATLAS --- ROUTER B

Both router are configured with DDR Dialer maps so that Router A can call
router B or vice-versa (basic stuff).

When Router A is called by Router B, Router A answers normally and the link
goes up, but then (surprisingly), Router A attempts to initiate a
connection
to Router B . This connection fails because I only configured the phone
number for one channel (Isdn error 17: User is busy).

Is this calling of Router A a normal behavior? (I don't think so!)

I fixed the problem by simpling removing the phone number from the map
statement of Router A. I am posting here the debug before and after I
removed the phone number on A. The debug where captured on Router A.

I have spent the day on the apparently trivial question: why is Router A
calling Router B when I have no call back of any sort.
Still no light ...  Want to step up to the challenge? :)

Before:

00:32:45: ISDN BR0/0: RX  on B1 at 64 Kb/s
00:32:45: ISDN BR0/0: Event: Accepting the call id 0xD
00:32:193273528320: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
01:51:113824615516: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:32:45: ISDN BR0/0: TX - CALL_PROC pd = 8  callref = 0x84
00:32:45: Channel ID i = 0x89
00:32:45: ISDN BR0/0: TX - CONNECT pd = 8  callref = 0x84
00:32:45: Channel ID i = 0x89
00:32:45: ISDN BR0/0: RX  SETUP pd = 8  callref = 0x09
00:32:47: Bearer Capability i = 0x8890
00:32:47: Channel ID i = 0x83
00:32:47: Keypad Facility i = '555'
00:32:47: ISDN BR0/0: RX  RELEASE pd = 8  callref = 0x09
00:32:47: ISDN BR0/0: RX  SETUP pd = 8  callref = 0x0A
00:32:49: Bearer Capability i = 0x8890
00:32:49: Channel ID i = 0x83
00:32:49: Keypad Facility i = '555'
00:32:49: ISDN BR0/0: RX  RELEASE pd = 8  callref = 0x0A
00:32:49: ISDN BR0/0: RX  SETUP pd = 8  callref = 0x0B
00:32:51: Bearer Capability i = 0x8890
00:32:51: Channel ID i = 0x83
00:32:51: Keypad Facility i = '555'
00:32:51: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to  isdn3
00:32:51: ISDN BR0/0: RX  RELEASE pd = 8  callref = 0x0B
00:32:51: ISDN BR0/0: RX  SETUP pd = 8  callref = 0x0C
00:32:53: Bearer Capability i = 0x8890
00:32:53: Channel ID i = 0x83
00:32:53: Keypad Facility i = '555'
00:32:53: ISDN BR0/0: RX  RELEASE pd = 8  callref = 0x0C
00:32:53: ISDN BR0/0: RX  on B1 at 64 Kb/s
00:41:53: ISDN BR0/0: Event: Accepting the call id 0x10
00:41:227633266688: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
02:00:14602128: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to
5551234
00:41:53: ISDN BR0/0: TX - CALL_PROC pd = 8  callref = 0x85
00:41:53: Channel ID i = 0x89
00:41:53: ISDN BR0/0: TX - CONNECT pd = 8  callref = 0x85
00:41:53: Channel ID i = 0x89
00:41:53: ISDN BR0/0: RX - CONNECT_ACK pd = 8  callref = 0x05..
02:00:37: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
state to up
00:41:56: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, changed
state to
up.
02:00:40: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5551234
isdn1
00:41:59: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to  isdn3..

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46564t=46496
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Public BGP Peering [7:43175]

[Thomas Crowe]

Is anyone on the list interested in setting up 
public BGP sessions, for training purposes?


__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
CTS Professional Services - Atlanta
__ 

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43175t=43175
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Remote access [7:42310]

[Thomas Crowe]

Do the users *have* to dial-in or would it be possible for 
them to use a VPN connection from any internet dial-up account?
I just did a presentation to a customer comparing the costs 
associated with a dial-in pool vs. VPN.  The price differences
are staggering.  I would really look at a VPN solution if that 
would be possible.

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
CTS Professional Services - Atlanta
__ 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 8:21 AM
To: [EMAIL PROTECTED]
Subject: Remote access [7:42310]




We are starting a new company and will have 500 dial
in remote users. Any thoughts in the best way to
handle this. We are considering ATT or Earthlink or
getting an access server box and doing it ourselves.

Thanks

=
Spencer Plantier
Internet Solutions Engineer
Cell 919-696-8848

__
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42315t=42310
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Need blank plates for Catalyst 5505 [7:41635]

[Thomas Crowe]

Sorry for the off topic post, but does anyone have a power supply and 2 line
card blank cover plates for a catalyst 5505 at a reasonable price?  Thanks!

__

Thomas Crowe
Senior Systems Engineer / Senior Architect
EMC Proven Master Architect
CTS Professional Services - Atlanta
__

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=41635t=41635
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Very Weird Frame Relay Issue [7:36736]

[Thomas Crowe]

If you just deleted the sub-interface the router retains the interface
configurations.  for example if you recreate the interface, all of your
configs will be there.  I would recreate the deleted interface, do a 'no ip
address x.x.x.x y.y.y.y' then delete the sub-interface, and see if that
clears up the problem.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 6:01 PM
To: [EMAIL PROTECTED]
Subject: Very Weird Frame Relay Issue [7:36736]




I'm starting to think this might be a bug in 12.2(3).  I brought up a
new PVC from our hub router to one of our branches.  I was noticing
really high round trip times, usually over one second when it should be
averaging 10ms.

After playing around for a while I noticed that I was only having
problems with _every other_ packet.  If I only sent one ping it would
succeed in about 12 ms.  The second ping would get dropped.  The third
ping would succeed, the fourth would get dropped.  To completely bake
your noodle, I'll include the output of debug ip packet detail:

RNRTH#ping 10.12.10.70

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.12.10.70, timeout is 2 seconds:
!.!.!
Success rate is 60 percent (3/5), round-trip min/avg/max = 12/12/12 ms
RNRTH#un all
All possible debugging has been turned off
RNRTH#sho log
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0
flushes, 0 overruns)
Console logging: disabled
Monitor logging: level debugging, 67 messages logged
Buffer logging: level debugging, 539 messages logged
Logging Exception size (4096 bytes)
Trap logging: level informational, 283 message lines logged

Log Buffer (15000 bytes):

6w5d: IP: s=10.12.10.75 (local), d=10.12.10.70 (Serial0/0.19), len 100,
sending
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.70 (Serial0/0.19), d=10.12.10.75 (Serial0/0.19),
len 100, rcvd 3
6w5d: ICMP type=0, code=0
6w5d: IP: s=10.12.10.75 (local), d=10.12.10.70 (Serial0/0.19), len 100,
sending
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.75 (Serial0/0.19), d=10.12.10.70 (Serial0/0.19),
len 100, rcvd local pkt
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.75 (local), d=10.12.10.70 (Serial0/0.19), len 100,
sending
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.70 (Serial0/0.19), d=10.12.10.75 (Serial0/0.19),
len 100, rcvd 3
6w5d: ICMP type=0, code=0
6w5d: IP: s=10.12.10.75 (local), d=10.12.10.70 (Serial0/0.19), len 100,
sending
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.75 (Serial0/0.19), d=10.12.10.70 (Serial0/0.19),
len 100, rcvd local pkt
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.75 (local), d=10.12.10.70 (Serial0/0.19), len 100,
sending
6w5d: ICMP type=8, code=0
6w5d: IP: s=10.12.10.70 (Serial0/0.19), d=10.12.10.75 (Serial0/0.19),
len 100, rcvd 3
6w5d: ICMP type=0, code=0

As you can see, the first ping succeeds as you'd expect.  But the weird
thing is that the next packet we received *is* the packet we just sent!
Basically, it appears that somehow, somewhere in the frame cloud my
router is having _every other_ packet looped back to itself.  Is that
not one of the weirdest things you've ever seen??

I'm awaiting a call back from Qwest.  They probably won't believe me.
I asked someone else here who is more senior than I and he said he's
never seen anything like this either.  The reason I think it might be a
bug is that the local IP address--10.12.10.75--was originally on a
different subinterface.  I deleted that subinterface and put the IP
address on the new interface.  I'm wondering if internally it is
confused.  I'm tempted to reboot it just to find out but I'd really
rather not since it's a production router.

Okay, back to work. I'll let you all know what I find out.

John

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36747t=36736
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Teltone setup/NT1 setup question... [7:35439]

[Thomas Crowe]

Actually the Teltone connections are for S/T interfaces.  So you can remove
the Adtran ACEs and plug your routers directly into the Teltone.  The ACE's
are just to convert the U interface to a S/T interface.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 14, 2002 4:43 PM
To: [EMAIL PROTECTED]
Subject: Teltone setup/NT1 setup question... [7:35439]




Hello everyone...

Okay this is the first time I've setup ISDN simulator so bare with me.  I
basically have TWO cisco routers.  A 2503 and a 2522 both of which have a
BRI.  I also have two
Adtran NT1's ACE..on the back of these...there are TWO S/T(Local) ports and
to the right of it there is a Network U port.  On the side of it there are
two LOCAL BUS switches.  On one switch it says configuration and switch
options are: SHORT and LONG...and the other switch is the Termination:
Options are NONE...50100.

Im assuming the NT1 setup should be like this, but I'm not sure:

On the Teltone Simulator: PORT 1 goes to NETWORK port on Adtran ...and then
from Adtran S/T port to the BRI port on the Routerhowever what would be
the setup on the adtrans since I get an illuminated ERROR light with the
READY light blinking once every second.  If anyone knows please let me know

thank you

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35512t=35439
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco web product catalog [7:33926]

[Thomas Crowe]

The part number that ends with the = is s 'spare' part.  IOW if you are
ordering a configured Cat8510MSR, and you specify all = P/N's you will get
many little boxes for you to put together, whereas *typically* if you order
the P/N's without the = Cisco will ship you an integrated box.  Also some
of the = have a different price structure, because they are meant to be
'spare' parts that will be sitting on a shelf, and not in a network.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 31, 2002 2:34 PM
To: [EMAIL PROTECTED]
Subject: Cisco web product catalog [7:33926]




Hi All ,

In the Cisco web site product catalog there are two identical entry for
each
and every part # / description, namely the first one without = sign and the
second one with = sign.What exactly id the differnence between those two ??

For instance for 3620 IOS IP has the following two entries ??

Cisco 3620 Series IOS IP S362C-12104
Cisco 3620 Series IOS IP S362C-12104=
Thanks,
Muthu

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33965t=33926
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Recent One-Day Lab Takers?? [7:33592]

[Thomas Crowe]

Does anyone know what telnet client you get to use in the lab?  That could
make a BIG difference in how well you are able to work?

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 29, 2002 11:54 PM
To: [EMAIL PROTECTED]
Subject: RE: Recent One-Day Lab Takers?? [7:33592]




I had asked for some honest advice as to what router models I needed to
'simulate' the actual lab at home but alas...some people seem to have
wasted their time in replying some irrelevant answers.  Sad..

From: Louie Belt Reply-To: Louie Belt To: [EMAIL PROTECTED]
Subject: RE: Recent One-Day Lab Takers?? [7:33592] Date: Tue, 29 Jan
2002 19:57:21 -0500  You'll go blind if you touch your flux capacitor
too much.  -Original Message- From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of c1sc0k1d Sent: Tuesday,
January 29, 2002 6:35 PM To: [EMAIL PROTECTED] Subject: Re: Recent
One-Day Lab Takers?? [7:33592]   I saw my gear in RTP as well. Except
in RTP they said not to touch the flux capacitor as the proctor already
calibrated it before the lab started. Hire, Ejay wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...   I'm surprised.
In san Jose, they are in big red/orange cabinets next to the   cubicle
you work in. You have to go over to the rack to check dial   tone/ring
on your VoIp Phone... and to align the flux capacitor. -Ejay  
  -Original Message-   From: McCallum, Robert
[mailto:[EMAIL PROTECTED]]   Sent: Tuesday, January 29, 2002 3:52
PM   To: [EMAIL PROTECTED]   Subject: RE: Recent One-Day Lab
Takers?? [7:33592]   I never actually saw any equipment just a
monitor and keyboard. I could   hazzard a guess though that most of the
equipment was Cisco. ;- -Original Message-   From:
Cisco Nuts [mailto:[EMAIL PROTECTED]]   Sent: 29 January 2002 19:29
  To: [EMAIL PROTECTED]   Subject: Recent One-Day Lab Takers??
[7:33592]   Hello, Has anyone is this group taken the
new one-day lab recently? Wanted to know   what kind of routers did
you see, I mean is it now more than 6 routers or   still just 6? What
models? Is it 2 2513's or 2 2504's etc? And the switch,   is it still
the Cat5? Just wanted to gather this info. to build a lab and   work on
it..visualize that I am actually working on the real lab and  
busting my brains. Thank you Cisco :-) Thanks!   
 _  
Join the worlds largest e-mail service with MSN Hotmail.  
http://www.hotmail.com
_ Do You
Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com   
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



MSN Photos is the easiest way to share and print your photos: Click Here

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33690t=33592
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Recent One-Day Lab Takers?? [7:33592]

[Thomas Crowe]

Several, working on routers, servers, etc every day I have come to really
appreciate a good telnet client!  Some clients have better scroll back
buffers, better aesthetics, adjustable fonts and sizes, etc etc.  I could
easily see that having a 25% affect in the time it takes to complete some
tasks.  I base that on how long it takes me to do things using my preferred
client vs. CLI telnet or for console access Hyperterm (yuck yuck).  Now that
the lab is only one day, time is critical!

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
*** Note New Cell Number ***
Cell: 678-521-0360
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 30, 2002 1:54 PM
To: [EMAIL PROTECTED]
Subject: Re: Recent One-Day Lab Takers?? [7:33592]




idle curiousity - in what way(s) would you expect that the telnet client
would effect your work in the lab?

Chuck

Thomas Crowe  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Does anyone know what telnet client you get to use in the lab?  That
could
 make a BIG difference in how well you are able to work?

 __

 Thomas Crowe
 Senior Systems Engineer / Architect
 CTS Professional Services - Atlanta
 __

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 29, 2002 11:54 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Recent One-Day Lab Takers?? [7:33592]




 I had asked for some honest advice as to what router models I needed to
 'simulate' the actual lab at home but alas...some people seem to have
 wasted their time in replying some irrelevant answers.  Sad..

 From: Louie Belt Reply-To: Louie Belt To: [EMAIL PROTECTED]
 Subject: RE: Recent One-Day Lab Takers?? [7:33592] Date: Tue, 29 Jan
 2002 19:57:21 -0500  You'll go blind if you touch your flux capacitor
 too much.  -Original Message- From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of c1sc0k1d Sent: Tuesday,
 January 29, 2002 6:35 PM To: [EMAIL PROTECTED] Subject: Re: Recent
 One-Day Lab Takers?? [7:33592]   I saw my gear in RTP as well. Except
 in RTP they said not to touch the flux capacitor as the proctor already
 calibrated it before the lab started. Hire, Ejay wrote in
 message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...   I'm surprised.
 In san Jose, they are in big red/orange cabinets next to the   cubicle
 you work in. You have to go over to the rack to check dial   tone/ring
 on your VoIp Phone... and to align the flux capacitor. -Ejay  
   -Original Message-   From: McCallum, Robert
 [mailto:[EMAIL PROTECTED]]   Sent: Tuesday, January 29, 2002 3:52
 PM   To: [EMAIL PROTECTED]   Subject: RE: Recent One-Day Lab
 Takers?? [7:33592]   I never actually saw any equipment just a
 monitor and keyboard. I could   hazzard a guess though that most of the
 equipment was Cisco. ;- -Original Message-   From:
 Cisco Nuts [mailto:[EMAIL PROTECTED]]   Sent: 29 January 2002 19:29
   To: [EMAIL PROTECTED]   Subject: Recent One-Day Lab Takers??
 [7:33592]   Hello, Has anyone is this group taken the
 new one-day lab recently? Wanted to know   what kind of routers did
 you see, I mean is it now more than 6 routers or   still just 6? What
 models? Is it 2 2513's or 2 2504's etc? And the switch,   is it still
 the Cat5? Just wanted to gather this info. to build a lab and   work on
 it..visualize that I am actually working on the real lab and  
 busting my brains. Thank you Cisco :-) Thanks!   
  _  
 Join the worlds largest e-mail service with MSN Hotmail.  
 http://www.hotmail.com
 _ Do You
 Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com   
 misconduct and Nondisclosure violations to [EMAIL PROTECTED]

 

 MSN Photos is the easiest way to share and print your photos: Click Here

 [GroupStudy.com removed an attachment of type text/x-vcard which had a
name
 of Thomas Crowe.vcf]

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33767t=33592
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP and one backup link [7:33433]

[Thomas Crowe]

Why not just use floating static routes?  With only one active exit point, I
don't see the reason for burdening your router with the BGP routing table,
unless you are just receiving aggregates from your provider.  Even then the
floating static's should work.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 28, 2002 10:36 AM
To: [EMAIL PROTECTED]
Subject: BGP and one backup link [7:33433]




Hi all,
  I have a BGP question.
  In this moment we have one Internet link with just one provider, now, we
have got a second link  just for backup. I mean, we can only use it for 180
hrs per month.
  I can easily manage my outgoing traffic (using local preferece or
weight),
however the incomming traffic in more difficult. I added many prepends (9)
in the publication of the second link but there still few traffic on it.
  There is not IBGP between my two providers.

  Any ideas?

Thks in advanced.

Alejandro Acosta

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33449t=33433
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2926 VS 5500 Teletone VS Adtran 500 [7:32966]

[Thomas Crowe]

When I was putting together my lab, I tried to figure out what would be the
best device for ISDN, and maybe voice.  I chose the Adtran Atlas 550 even
though right now it is the most expensive part of my lab ;-)  The advantages
of it are:
4 Port ISDN BRI
4 Port FXS
2 port V.35
1 port T-1
The best part is it acts as a CO in a box. Complete with dial plans and
everything.  It will also function as a Frame Relay switch, and router.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
*** Note New Cell Number ***
Cell: 678-521-0360
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 23, 2002 12:32 PM
To: [EMAIL PROTECTED]
Subject: 2926 VS 5500 Teletone VS Adtran 500 [7:32966]




Just want some opinions on equipment purchases. Is there any real
difference
as far a lab practice goes between the 2926 and 5500 switches? I know they
run the same IOS I am just not sure what supervisor capability is necessary
for the CCIE lab. Also is the Adtran 500 better/worse than the Teletone?
How
about a POTS simulator? Do any of these do both ISDN and POTS.  I also read
in some posts that one of the IBM token Ring switches(8270?) can actually
run the Cisco 3920 IOS.Thanks in advance.

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33160t=32966
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: What frame format used by TCP/IP? [7:25924]

[Thomas Crowe]

TCP/IP doesn't use a frame type per se.  Frame types are set at the Data
Link Layer (Layer 2).  For example TCP/IP can run over Token Ring (802.5),
FDDI, Fast Ethernet, etc etc, and all of these Link Layer topologies each
have their own frame type.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 12, 2001 8:55 AM
To: [EMAIL PROTECTED]
Subject: What frame format used by TCP/IP? [7:25924]




Compared with IPX/SPX, what type of frames does TCP/IP use?

Thanks @ Regards to all

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=25977t=25924
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Auto sensing mode... [7:24375]

[Thomas Crowe]

You need to first set the speed to 100 vs. auto-neg.
set port xx speed 100
Then you will be able to force the duplex setting.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
__ 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, October 27, 2001 8:43 PM
To: [EMAIL PROTECTED]
Subject: Auto sensing mode... [7:24375]




Have discovered some packet loss on our network and figured it out to a
duplex setting mismatch between two FE ports on Catalyst 5500 and a 7206.

The 5500 is set to auto mode for both the duplex and speed. The speed is
ok but it autoed to half instead of full.

When I try to put the port in full duplex I get this:

Cisco 5500 (enable) set port duplex 10/11 full
Port 10/11 is in auto-sensing mode.

The port is in use obviously. How to pull this FE port from auto into
manual settings?

Ive looked the set port commands but none seem to relate to autosensing.

Thanks,
Keith

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24385t=24375
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: which layer do the ospf bgp rip work on [7:20953]

[Thomas Crowe]

Priscilla;

Couldn't it be argued that the *act* of routing is actually a layer 3
activity, however the routing protocols actually reside at the application
layer.  My reasoning for this, is if you look at the various routing
protocols, their function is to exchange information, and it is a different
process that actually forwards the packets.  For example, you can configure
a cisco router with static routes to build its routing table *or* you can
configure OSPF, RIP, EIGRP, etc.  Which results in new process running on
the router to manage the information exchange, yet the actual routing of the
packets are still managed by the same process that static routes uses.  I am
not necessarily disagreeing with you, just trying to start some conversation
on the subject.

Thanks

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
*** Note New Cell Number ***
Cell: 678-521-0360
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 11:27 PM
To: [EMAIL PROTECTED]
Subject: Re: which layer do the ospf bgp rip work on [7:20953]




Network layer. Routing is a fundamental component of the network layer.

At 10:14 PM 9/24/01, lhill peng wrote:
which layer do the routing protocol such as ospf rip bgp eigrp work on?
sb said that they are on application, others on network
what is the right answer??


Priscilla Oppenheimer
http://www.priscilla.com

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20990t=20953
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: SecureID on Cisco [7:20438]

[Thomas Crowe]

I don't know of a way to directly configure a cisco device to authenticate
against a SecureID server, however SecureID integrates very well with most
RADIUS implementations.  Once that is configured, you can then configure AAA
on your cisco device to authenticate against your RADIUS server.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, September 19, 2001 2:56 PM
To: [EMAIL PROTECTED]
Subject: SecureID on Cisco [7:20438]


Greetings all,

Looking for reference/ideas on how to configure RSA SecureID on Cisco's
routers.  Any ideas would be great.

Thanks..Nabil

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20545t=20438
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: catalyst 6000 [7:20244]

[Thomas Crowe]

This sounds like a classical auto-negotiation issue.  If the server is
capable of supporting 100FDX then hard code it as well as the Catalyst, and
the messages should stop.  Another thing to look at, is the port counters,
if you see lots of FCS errors, that is usually a tell-tell sign.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
ndabarasa michel
Sent: Tuesday, September 18, 2001 3:39 AM
To: [EMAIL PROTECTED]
Subject: catalyst 6000 [7:20244]


hello,
i need a help from the list.
i have a switch (catalyst6000) as a central node in a
physical star topology.
the other nodes are three catalyst2948.
they are connected to the central catalyst6000 with optic
fiber.

i have spanning tree disabled cause we don't have redundancy
links yet,thus no loops.

now one server connected with optic fiber is periodically
unreachable(every 2 minutes).

i log into the console and i found this error message

PAGP-5-PORTTOSTP : port 2/4 left bridge port 2/4

PAGP-5-PORTTOSTP : port 2/4 joined bridge port 2/4

 does it have anything to do with STP ?

who can help ?

  /'^ ^'\
 ((o)-(o))
 |oOOO--(_)--OOOo--|-|-
 |  Ndabarasa Michel...   |
 |  CCNA,CCAI..  |
 |  cell   (+250)08510951..|
 |   .oooO   |
 |  (  )Oooo.  |
 |---\ (--- (  )---|-|
  \_)   ) /|-|
   (_/



--
FREE! The Best in Rwanda Email Address @mail.rw
Reserve your name right now at http://mail.rw

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20258t=20244
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Access lists or inbound/outbound statements [7:20250]

[Thomas Crowe]

I just did a PIX install, and I don't recall the inbound / outbound
statements, I do recall applying the ACL's with an inbound statement.  I
even remember that ACL's can only be applied inbound, which I thought of as
a limitation, though I can't come up with a scenario off the top of my head
to support my position ;-.  The PIX with the last couple of code rev's is
moving (well pushing) towards the use of ACL's vs. the legacy conduit
statements.  Once you have the NAT concepts nailed, setting up the ACL's on
the PIX is pretty much like doing it in Cisco IOS.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Langa Kentane
Sent: Tuesday, September 18, 2001 6:18 AM
To: [EMAIL PROTECTED]
Subject: Access lists or inbound/outbound statements [7:20250]


Greetz,
I am new to the world of Pix firewalls. I would just like to get your
opinion on which is better to use, normal extended access lists or
inbound/outbound statements.

I have experience with extended access lists on cisco routers but I only
just got to know about inbound/outbound statements...

What does the list recommend and why!

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20260t=20250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Memory Need for GSR's [7:20233]

[Thomas Crowe]

Tony;

One possible point could be;

I would assume that you would be using CEF, for the best forwarding
performance.  With that said, CEF maintains the FIB which can use a sizable
amount of memory.  Also, assuming that they are wanting to traffic engineer
the multiple OC-12's (even if they don't plan on it now, they will), they
will need to run MPLS (tag switching) on top of CEF, even more memory
demands.

Their possible comebacks could be that these are just core routers that will
be acting as BGP route reflectors, and so all they have to do is route
traffic based on the current BGP table.  If this is the case then they could
have tremendous performance gains by not running BGP in the core, and simply
let MPLS handle the switching.  This has a net result of simplifying the
configuration, improving performance, and reducing memory requirements.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Tony Medeiros
Sent: Monday, September 17, 2001 11:48 PM
To: [EMAIL PROTECTED]
Subject: Memory Need for GSR's [7:20233]


Hello everybody,
I have to spec. a few 12008's for a customer.  When I configured them, I
maxed
out the memory for the GRP and the line cards at 256 meg.  The customer
would
like to know why I am doing this as the memory for the puppy's is gawd awful
expensive.  The router will be doing BGP and has a lot of OC-12 interfaces.

Question:  Can any of you Provider gurus recommend the correct memory for
the
current BGP table.  Is 256 too much?  Is 128 going to be too small soon?

Thanks in advance and GOD BLESS AMERICA !
Tony M.
#6172

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20261t=20233
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Serial is reset? [7:20255]

[Thomas Crowe]

Are you by chance running channelized T-1's.  That looks like a channel
configuration mis-match between the ends of the T-1 (i.e. site a is
configured to use channels 1-23 and site b is only configured to use
channels 1-22)?

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ouellette, Tim
Sent: Tuesday, September 18, 2001 8:09 AM
To: [EMAIL PROTECTED]
Subject: Serial is reset? [7:20255]


After look at some of the t1's in one of my boxes. I see the following

Serial2/0:23 is reset, line protocol is down

After looking on cisco, I couldn't find an exact description of what this
means. Can anyone provide some insight?

May god have mercy on the souls of those who betray him.

Tim

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20264t=20255
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to NAT [7:17499]

[Thomas Crowe]

Hi, one problem with the config that you listed below, is that you have 2
different interface in the same subnet as far as the Cisco goes.  Unless
your doing IRB and the interfaces share the same bridge-group, you cannot
have multiple interfaces in the same subnet.  Another problem that you will
run into is routing, You can only have one path to a subnet (with obvious
exceptions being made with certain routing protocols) in the config that you
listed, the Cisco will have what looks (to the cisco) like 2 paths to the
same subnet.

For this to work IMHO , you actually need to put at one intermediary router
to do the NAT for one of the 10.1.3.0/24 networks.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS Professional Services - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Nelluri Reddy
Sent: Tuesday, August 28, 2001 2:17 AM
To: [EMAIL PROTECTED]
Subject: How to NAT [7:17499]


I hope that some one out there can help me with a NAT problem

1) The router has a FA0/0 which connects to my internal network using
10.0.0.0/8
2) It has a s0/0 interface connecting to Minot, which has PC's on
10.1.3.0/24
3) It has s0/1 interface connecting to Bismarck, which also has PC's on
10.1.3.0/24

Both sets of PC's need to connect to servers on my internal network
which uses 10.1.3.0/24 as well. Luckily the servers are not on
10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use
NAT. So far I have come up with the following.

int fa0/0
ip address 10.121.5.135 255.255.255.240 (part of a vlan)
ip nat inside

int s0/0
ip address 10.121.40.1 255.255.255.252
ip nat outside
ip access-group minot in

int s0/1
ip address 10.121.40.5 255.255.255.252
ip nat outside
ip access-group bismarck in

ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128
ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128
ip nat outside source list minot pool minot
ip nat outside source list bismarck pool bismarck

ip access-list extended minot
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0

ip access-list extended bismarck
permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0

ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network)
ip route 10.121.52.0 255.255.255.128 int s0/0
ip route 10.121.52.128 255.255.255.128 int s0/1

First, this won't work because the two access lists are the same. How
about the IP ROUTE statements for the serial interfaces? Do I use real
addresses or translated addresses?

Any help would be appreciated. Thanks in anticipation.

Nelluri

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17502t=17499
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: High FCS errors on cat5505 [7:15885]

[Thomas Crowe]

Check for a duplex mis-match on the interface.  It is a fairly well know
issue that Sun and Cisco's don't auto negotiate well.  Hard code the speed
and duplex on preferably both sides, and you should the FCS errors go away.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
David Eitel
Sent: Monday, August 13, 2001 1:05 PM
To: [EMAIL PROTECTED]
Subject: RE: High FCS errors on cat5505 [7:15885]


Thanks Frank. You wouldn't happen to have sun boxes giving you problems?

-Original Message-
From: David Eitel
Sent: Monday, August 13, 2001 12:30 PM
To: [EMAIL PROTECTED]
Subject: High FCS errors on cat5505 [7:15885]


Hello. I'm experiencing huge amounts of fcs errors on my switch.
3/1 91521 fcs errors
3/2 28078 fcs errors
These counters were cleared Friday. I understand that these errors are
usually media related. I've swapped cables so far which has not seemed to
help. I can tell you there is a  sun e450 and e250 attached to these ports.
Do you know of any interoperability issues with the cat 5505 and sun NICS?

Thanks In Advance,
Dave

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=15920t=15885
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IBM printer question [7:13992]

[Thomas Crowe]

You might want to check is the port is going into errordisable mode.
Usually when this happens, the switch is either set to or detecting
full-duplex, when in fact the printer is only working in half-duplex.  That
could explain the reset when you log into the switch.  I have seen this A
LOT with HP printers and Catalyst switches.

HTH

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS - Atlanta
Phone: 770-664-3900
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sites, Bob
Sent: Friday, July 27, 2001 2:11 PM
To: [EMAIL PROTECTED]
Subject: IBM printer question [7:13992]


Question for all you IBM printer gurus.  I have the following small office
connected to my hospital.

HOSPITAL-AIRONET340OFFICE-AIRONET340---C1924IBM AFP
Printer.

Here is the problem. After about 15-30 minutes the printer is no longer
visible or pingable from the network. It seems to time out from the switch
connection. If I log into the switch and ping this printer it comes back up
and is then visible on the network again, until it times out? Any known
conflicts with the C1900's or the Aironets and this particular printer?
Anyone know of any timeout parameter changes that might take care of this?
There isn't a whole lot of commands on the 1900 to use.

Bob Sites
System Engineer
Valley Health System, IS Dept.
[EMAIL PROTECTED]



Confidentiality Notice:

This e-mail message, including any attachments, is for the sole use of the
intended recipients and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited. If
you are not the intended recipient, please contact the sender by reply
e-mail and destroy all copies of the original message.

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=13994t=13992
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: RE: Net Appliance vs. Cisco [7:11831]

[Thomas Crowe]

Ok, I don't want to start a flame war here, but.

Firstly, NetApp's are not SAN, they are NAS.  They are good at NFS, when I
was using them the CIFS was pretty weak.  Very similar to SunOS (Yes SunOS
not Solaris, there is a difference) but that is because the lead engineers
were former Sun Fellows.

Secondly, EMC being cost effective??  Ok, don't get me wrong, EMC makes the
best storage array out there, and they pretty good at SAN and NAS too.  But
cost effective they are not.  Generally they have the highest ticket price
of any solution in the industry.  The EMC SAN (They call it an ESN) solution
is very strong!  There NAS offering (The Celerra) is pretty good too.
Apparently it outperforms the NetApp for NFS and CIFS, but it also costs
allot more.

Finally, the SN5420 is an IP Storage Router, it is for bridging SANs with
NAS.  Basically it is the first Cisco offering out of the IETF IPS (IP
Storage) working group.  aka: iSCSI

If anyone would like to discuss the SN5420 and its completers, I would love
to.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS - Atlanta
Phone: 770-664-3900 ext 45
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Frank Kim
Sent: Tuesday, July 10, 2001 7:33 PM
To: [EMAIL PROTECTED]
Subject: Re: Net Appliance vs. Cisco [7:11831]


I used to deploy massive F760 netapps.  They were great for NFSing; but
they were also very heat-sensitive.  You may check your
datacenter/computer room to make sure it provides enough cooling before
throwing those netapps in there.  As far as pricing for netapps, they are
'expensive'.  For SAN solution, I would look at EMC/Storagetek because it
is more cost efficient compared to netapps.

-Frank


On Tue, 10 Jul 2001, Cisco Skin wrote:

 Anyone have any experience/recommendations setting up a Net Appliance SAN
 using the F800 Filer? The reason I'm asking is that we're getting ready to
 purchase one from Net App and my boss just showed me the new Cisco SN
5420.
 Just want to get some input from anyone who's using either of these.

 Thanks

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=11847t=11831
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RouterSim 3.0 [7:11342]

[Thomas Crowe]

Yes, I have that configuration at a customer's site that I configured. (Dual
MSFC's in a HSRP pair on Cat 6509's) It has been working well.  Let me know
what your questions are, and maybe I can help.

__

Thomas Crowe
Senior Systems Engineer / Architect
CTS - Atlanta
Phone: 770-664-3900 ext 45
Cell: 404-277-4089
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Lopez, Robert
Sent: Monday, July 09, 2001 12:50 PM
To: [EMAIL PROTECTED]
Subject: RE: RouterSim 3.0 [7:11342]


Has anyone configured dual MSFC's on a 6509 with HA, HSRP capabilities with
success.  I'm reading through this document...
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd
/redund.htm#49378

It seems somewhat straight forward.  Any opinions



Robert

-Original Message-
From: Steve Smith [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 09, 2001 11:35 AM
To: [EMAIL PROTECTED]
Subject: RE: RouterSim 3.0 [7:11342]


Yeah Jen is staying!!!

Now could someone please give me some tips on how to take my two 4006
with RSM and make them as close to redundant as possible. I need to run
HSRP on the RSM if possible.

Thanks,
Steve

-Original Message-
From: Jennifer Cribbs [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 09, 2001 10:13 AM
To: [EMAIL PROTECTED]
Subject: Re: RouterSim 3.0 [7:11342]


I have worked so hard studying and have loved all the wonderful
contributions from the people that make this site
special.  But I am not a thief Phil...I really am not.  We bought the
disk..We didn't steal it.  We all paid money that we
had saved so we could study and pass our tests.  We had a wonderful
instructor that cared  about us and helped us.
They had special group studies on varied topics that people could
participate in if they chose.  We had dinners
together.  We were all involved together on a common mission of getting
through our classes and passing our first cert
together.  I was not trying to implicate anything or anybody.
Academically,
it was a great environment and too bad more
aren't the same and are conductive to learning.

Since those times are past, this group, without it being a formal
classroom
is the closest thing I have to college.  And
right now, I am just discouraged...

It is greatly distracting me from what my goals are.  I do not mind a
debate
but over pertinent issues that matter in the
long run from a 'cert viewpoint' but this is not one of those issues,
but it
is, like I said, very distracting for me from a
personal standpoint regarding my studying.  I have never even read one
of
Howards, Priscilla's or Tom's books, but I
bet they are good.  Of course, I am only assuming that based on the
answers
I have seen posted by them on this site
and the 'free' study material compiled by them posted on
certificationzone.com that is available on a monthly basis that I
have read.  Those people are why I stayed, because you can learn from
them.
But I have not stolen anything from
them Phil as was implied by Wigle.

And you are right..this is ridiculousI enjoy this site too much for
one
Wigle to run me off.
I guess I will just wait for the dark blue sedan to pull up with all the
haggling lawyers 

Jenn





7/9/2001 9:30:48 AM, Circusnuts  wrote:

What !!!

Now this is ridiculous   Jennifer- unless you're getting hate mail
the
rest us are not seeing, no one else on this list cares.

I enjoy you posts  am surprised Kevin has carried things this far...
Phil

- Original Message -
From: Jennifer Cribbs
To:
Sent: Monday, July 09, 2001 10:18 AM
Subject: Re: RouterSim 3.0 [7:11342]


 Rational or otherwise, an already convicted thief or not, I have
withdrawn
 my subscription from groupstudy..

 7/9/2001 8:42:33 AM, Kevin Wigle  wrote:

 Jennifer,
 
 I'm not condemning you.  I've read your posts and I thought you a
rational
 person.
 
 But just read this
 
 We couldn't afford it otherwise.  None of us.  We all copied it to
 use from our school burner.  It was registered in
 a co-instructors name.  It was all about wanting to pass and
learning and
 him helping us.  Not cheating or pirating.
 Right or wrong, that's what we did.  
 
 Can't get much closer to a confession than that.  We normally
includes
the
 person talking but I'll let the lawyers haggle that one.
 
 Anyway, think of all the people on this list that make this list
such a
 great place for learning.
 
 Howard Berkowitz, Author and Instructor
 
 Tom Lisa, Author and Instructor
 
 Priscilla Oppenheimer, Author and Instructor
 
 Not to mention the many CCIE's on the list.
 
 They give their time freely to the list which is as good as it gets.
 
 On the other hand, some people still want to steal from them and
others.
 
 I just can't seem to reconcile how anybody can steal their work and
then
 post to a mailing list where they contribute freely.  The
Transcenders
are
 not their work but the pricipal is the same

RE: Access list problem [7:9939]

[Thomas Crowe]

If you are trying to let everyone out to surf the web, and assuming that you
ACL is applied to inbound traffic on your internet facing interface.  You
are missing a rule to allow established tcp sessions back in:
permit tcp any any eq estab
Since this will probably be the rule that gets the most matches I would
place it as rule 1.  Let me know if this works for you.

__

Thomas Crowe
Technical Director
Research  Development
CTS - Atlanta
Phone: 770-664-3900 ext 45
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
John Brandis
Sent: Tuesday, June 26, 2001 4:26 AM
To: [EMAIL PROTECTED]
Subject: Access list problem [7:9939]


Hi All,

I thought I was on top of access lists, until today. When ever I apply
this particualr access list in IOS 11.2 , nothing on the network can
view internet pages. They can ping no problem but nothing else. Please
advise if you can, on which line the error is.
Thanks all, I appreciate it.

Extended IP access list 110
deny   tcp any any eq 139
permit udp any any eq domain
permit tcp any any eq domain
permit icmp any any
permit tcp any host 203.111.42.200 eq ftp-data
permit tcp any host 203.111.42.200 eq ftp
permit tcp any host 203.111.42.200 eq 22
permit tcp any host 203.111.42.204 eq ftp-data
permit tcp any host 203.111.42.204 eq ftp
permit tcp any host 203.111.42.204 eq www
permit tcp any host 203.111.42.204 eq 3389
permit tcp any host 203.111.42.215 eq smtp
permit tcp any host 203.111.42.215 eq www
permit tcp any host 203.111.42.215 eq 3389
permit ip host 203.111.42.224 any
permit ip host 203.111.42.225 any
permit ip host 203.111.42.226 any

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=10049t=9939
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE lab prep. Is there a syllabus? [7:8385]

[Thomas Crowe]

I have this book, and I confess that I have not totaly picked through it
yet.  What errors are you referring to?

__

Thomas Crowe
Technical Director
Research  Development
CTS - Atlanta
Phone: 770-664-3900 ext 45
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, June 16, 2001 6:29 PM
To: [EMAIL PROTECTED]
Subject: Re: CCIE lab prep. Is there a syllabus? [7:8385]


This is a very good book for lab practise, however understand there are alot
of errors in the book.


 Check out:

 http://www.amazon.com/exec/obidos/ASIN/007212766X/groupstudycom

 This book gives detailed CCIE practice labs and more importantly, also
 offers an analysis of the solution.  $47.99 from Amazon.com

 Take care,

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=8943t=8385
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to know the duplex and speed setting of Solaris NIC?? [7:4633]

[Thomas Crowe]

That setting can be done 2 different ways (which both end up doing the same
thing)

On demand you can issue a 'ndd' command against the NIC driver (i.e.
/dev/hme or /dev/qfe)
like so:

ndd /dev/qfe -set adv_autoneg_cap=0
ndd /dev/qfe -set adv_100fdx_cap=1
ndd /dev/qfe -set adv_100hdx_cap=1
ndd /dev/qfe -set adv_10fdx_cap=1
ndd /dev/qfe -set adv_10hdx_cap=1

The first ndd command turns off autonegotiation, this is needed
Then you would enter ONE of the following commands to set the hard coded
settings (100Full-Duplex, 100Half-duplex etc)
This helps for the immediate but not on subsequent reboots, to fix that you
need to a set of similar lines to your /etc/system file
like so:

set qfe:qfe_adv_autoneg_cap = 0
set qfe:qfe_adv_100fdx_cap = 1
set qfe:qfe_adv_100hdx_cap = 0
set qfe:qfe_adv_10fdx_cap = 0
set qfe:qfe_adv_10hdx_cap = 0

I always put all of these entries in my /etc/system.

Doing the HME interfaces are very similar, just replace the qfe with hme.
Also note this changes ALL instances of the driver type (i.e. all 4 ports on
a qfe, or every hme interface in a box)

Hope this help.
__

Thomas Crowe
Technical Director
Research  Development
CTS - Atlanta
Phone: 770-664-3900 ext 45
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 15, 2001 9:22 PM
To: [EMAIL PROTECTED]
Subject: How to know the duplex and speed setting of Solaris NIC??
[7:4626]




Hi..
How to know the duplex and speed setting of Solaris NIC??

Many thanks
Tong


==
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
de afzender direct te informeren door het bericht te retourneren.
==
The information contained in this message may be confidential
and is intended to be exclusively for the addressee. Should you
receive this message unintentionally, please do not use the contents
herein and notify the sender immediately by return e-mail.


==
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4633t=4633
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Download new image [7:2120]

[Thomas Crowe]

You need to format the flash card.  On the 6500 you do it with format:x
where x is the location of the flash card (i.e. format:flash to format
the internal flash card and format:slot0 to format the flash card in slot 0)

__

Thomas Crowe
Technical Director
Research  Development
CTS - Atlanta
Phone: 770-664-3900 ext 45
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 26, 2001 11:41 AM
To: [EMAIL PROTECTED]
Subject: Download new image [7:2120]




Hello,


I'am presently working on a Cisco 4500 router. I want to download a new
image the router. But the image size is larger than the size on the flash
memory card. So I bought new flash memory cards. I inserted the new falsh
(empty) cards on the router and now I can't download the image . I get an
error  not valid magic number???. Can somebody tell me how I can proceed
to succeed?. All suggestions are welcome.

Rock BASSOLE
Til: +33 (0) 1 45 96 22 03
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=2160t=2120
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: trunking [7:1098]

[Thomas Crowe]

I would look at the spannig tree state when the 2nd Linux server comes up.
I am not a Linux expert, but it sounds like it may be running spanning tree
instance that is causing the 3512's gig port to go into blocking mode.  Does
the Linux server have more than one NIC?  Just a thought.

__

Thomas Crowe
Technical Director
Research  Development
CTS - Atlanta
Phone: 770-664-3900 ext 45
__

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 18, 2001 11:53 AM
To: [EMAIL PROTECTED]
Subject: trunking [7:1098]




We have a 3512 switching dot1q trunking to a 5500. The 3512 has a linux
server attached to the 3512 on a vlan. We have another linux server
attached
to the 5500 on the same vlan. The linux server on then  5500 works fine
until the 3512 linux server comes up and then we lose connectivity to 5500
linux server. We cannot ping either box when they are both connected. In a
quick fix we took off the trunking and put both gig port on the same vlan
and now it works fine. Any thoughts why trunking causes a problem.

Thanks

Wm. Spencer Plantier
LAN Engineer
(919) 474-1300 ext 0873 Office
(919) 474-1056 Fax
(919)696-8848 Cell
[EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Thomas Crowe.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=1122t=1098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]