Re: CCNA 1.0 or CCNA 2.0

[BB]

Hi.
why not go for 2.0?
I think CCNA test isn't too difficult to get pass.

Anyway, cisco still didn't announce when will 1.0 expire.
but it will retire at the end of next month.
BB

""Jaffery, Masood"" <[EMAIL PROTECTED]> wrote in message
14841E0FA7E1D31187CB00805F19FC1101CBA8@NDHS0013">news:14841E0FA7E1D31187CB00805F19FC1101CBA8@NDHS0013...
> Hi All,
> I'm planning to go for ccna v1.0. Can someone guide me wether i should go
> for 1.0 or 2.0. If i go for 1.0 then for how long will it be valid?. Wat's
> the difference b/w 1.0 & 2.0. And where can i get the study material on
> V2.0, any url or book.
>
> thanks in anticipation,
> MAJ
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

e1/r2 and e1/pri

[Chandrakant chowgule]

Hi all ,

I have some fundamental doubts about the E1/PRI and E1/R2 services 
terminating on Access Server ( e.g AS5300 ) . To receive analog modem calls 
on e1/PRi or R2 , do the access server neccesarily have modem cards with ( 
e.g MICA modems cards in other two slots ) with T1/E1 controller card .? 
What if I dont have Modem cards with it ?...I heard multiplexing takes place 
at CO end ..please correct me I am wrong .

Please clarify .


Regards

Chandrakant


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ACRC

[Oladele Ayuba]

No test is hard and no test is easy. Level of preparation determines pass or
fail




jeongwoo park <[EMAIL PROTECTED]> on 05/31/2000 02:24:25 AM

Please respond to jeongwoo park <[EMAIL PROTECTED]>

To:   [EMAIL PROTECTED]
cc:(bcc: Oladele Ayuba/C/Africa/Mobil-Notes)
Subject:  ACRC





Could anybody who had taken ACRC test tell me how hard it is, and what area
I should prepare harder.
I was told that there will be lots of "Fill in the blank" Qs.
Any comments about ACRC would be appreciated.
Thanks.


iWon.com   http://www.iwon.com why wouldn't you?


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]





___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCNA new track

[Namal Perera]

Hi,

I am new to CISCO and I was planning to sit for the CCNA 1 before the exam
is retired in July and after that continue with the new track, but I have
been advised to do the CCNA 2 to start with. If I am to do the CCNA 2 what
books would you recommend as reading material. Can I sit for CCNA 2 by
reading CCNA: Cisco Certified Network Associate Study Guide -- Todd Lammle
which was used for preparation of CCNA 1. 

Thanking you.

Cordial regards, 

Namal Perera
 ITQAN - Al Bawardi Computers

Tel. : 9712 6730202
Fax : 9712 6730323
P.O.Box : 4118 Abu Dhabi, UAE
Email : [EMAIL PROTECTED]


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2611 hardware issue P2

[Buddy Venne]

Brandon -
You said you can't telnet to it;try "show cdp neigbor detail" from a router
near it, maybe you will learn/find the ip address it has. Either that or cut
your losses and send it to me since it doesn't work any more.

Buddy Venne
WAN/LAN Specialist
Onyx Acceptance
(949) 465-3775


-Original Message-
From: Brandon Peyton [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 30, 2000 6:38 PM
To: [EMAIL PROTECTED]
Subject: 2611 hardware issue P2


In addition the activity lights are functioning
and when plugged in to the LAN the activity flashes
the exact same as the other routers on the LAN

thanks in advance,
Brandon

---
  Brandon Peyton   UUNET MCIWorldcom
  Corporate Network Support3069 Williams Dr.
  Senior Network Engineer  Fairfax, VA 22031-4648
  Voice:  703-744-2669 Email:  [EMAIL PROTECTED]
---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PLS HELP - DLSW+ not working, token-ring attached FEP 3746 to a ethernet attached SNA client over Frame-relay...

[Chuck Larrieu]

Lost me someplace along the line, Joe. Step two - read from left to right.

You still on cloud nine, or is it past my bedtime? :->

Chuck

-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joe
Martin
Sent:   Tuesday, May 30, 2000 8:36 PM
To: [EMAIL PROTECTED]
Subject:Re: PLS HELP - DLSW+ not working, token-ring attached FEP 3746 to a
ethernet attached SNA client over Frame-relay...

heres an example of conversion:

0060.035f.0804

write it in binary
  0110  .  0011 0101  .  1000  0100

read it from left to right
0060.0caf.0102

swap the nibbles
0006.c0fa.1020

Thats it

JOE
CCIE 5917


"Mohan" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> joe, can you pls. explain a little more in detail here, and how do i do
the conversion, any doc. on this?
> thanks,
> mohan
>
> -Original Message-
> From: Joe Martin [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 5:15 AM
> To: [EMAIL PROTECTED]
> Subject: Re: PLS HELP - DLSW+ not working, token-ring attached FEP 3746 to
a ethernet attached SNA client over Frame-relay...
>
> MAC addresses are carried in non-canonical format in DLSW.  If your
running
> a protocol converter on the Ethernet segment and have created a peer mac
> address, make sure you do the conversion.  This is also true of any peer
> statements you have in the routers.
>
> I did an install like this about 3 years ago and that was the only "issue"
I
> had.
>
> JOE
> CCIE #5917
>
>
> "Mohan" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > Hi gurus, i have this problem getting a token-ring attached FEP 3746
> > talking to a Ethernet attached SNA client over a back-to-back
frame-relay
> > network configured for DLSW+. I followed the instructions and guidelines
> > provided on the cisco DLSW+ docs, however, i fails to get the
> configuration
> > work. I hope you gurus can shed some light and help me with this.
> >
> > the following are my observations:
> >
> > 1. Initially, the interface and line protocol on to0 (Hostrouter) was
up,
> > however shortly after the client was configured the interface gone into
> > shutdown state and i fail to do a no shut, no response and remained at
> > shutdown state, i'm only able to do a no shut after removing the
> > souce-bridge 9 1 11 statement from the hostrouter. any idea why is this
> > happening. I have even tried upgrading the ios from 11.1 to 11.2 on the
> > hostrouter.
> >
> > 2. I have checked the cables and  cards and confirm to be working fine.
> >
> > 3. on the remote router, the dlsw peer reach output was showing the
client
> > searching for the 3746 MAC but the session never came-up.
> >
> > i have attached the config. and show outputs, pls. help to get this
> problem
> > fixed. PLS. HELP.
> >
> > thank you,
> >
> > mohan
> >
> >   FR
> >Ethernet
> >  |3746||ring 9|-|host router|---|remote
> > R|-|client|
> >
> > sh run
> > Building configuration...
> >
> >
> >
> > Current configuration:
> > !
> > version 11.2
> > no service password-encryption
> > service udp-small-servers
> > service tcp-small-servers
> > !
> > hostname Hostrouter
> > !
> > enable secret 5 $1$Fw2W$g97jlFnPbudx14b2qBeGO.
> > enable password router
> > !
> > source-bridge ring-group 2000
> > dlsw local-peer peer-id 150.150.1.1
> > dlsw remote-peer 0 tcp 150.150.2.1
> > !
> > interface Loopback0
> >  ip address 150.150.1.1 255.255.255.0
> > !
> > interface Serial0
> >  ip address 150.150.100.1 255.255.255.0
> >  encapsulation frame-relay IETF
> >  no fair-queue
> >  frame-relay map ip 150.150.100.2 70
> >  frame-relay lmi-type ansi
> > !
> > interface Serial1
> >  no ip address
> >  shutdown
> > !
> > interface TokenRing0
> >  no ip address
> >  shutdown
> >  ring-speed 16
> >  source-bridge 9 1 2000
> >  source-bridge spanning
> > !
> > no ip classless
> > !
> > !
> > line con 0
> > line aux 0
> > line vty 0 4
> >  password cisco
> >  login
> > !
> > end
> >
> > Hostrouter#sh dlsw peers
> > Peers:state pkts_rx   pkts_tx  type  drops ckts TCP
> >   uptime
> >  TCP 150.150.2.1 DISCONN  0 0  conf  00   -
> >-
> >
> > Hostrouter#sh dlsw peers reach
> > DLSw Local MAC address reachability cache list
> > Mac Addrstatus Loc.port rif
> >
> > DLSw Remote MAC address reachability cache list
> > Mac Addrstatus Loc.peer
> >
> > DLSw Local NetBIOS Name reachability cache list
> > NetBIOS Namestatus Loc.port rif
> >
> > DLSw Remote NetBIOS Name reachability cache list
> > NetBIOS Namestatus Loc.peer
> >
> > Hostrouter#
> >
> >
> > Remote#sh run
> > Building configuration...
> >
> >
> >
> > Current configuration:
> > !
> > version 12.0
> > service timestamps debug uptime
> > service time

Re: Home Lab: ISDN Question

[Brent]

Isn't there a way to simulate having an ISDN connection without having ISDN
lines?

Brent
A+, CCNA, MCP+I, MCSE


""Mark Holloway"" <[EMAIL PROTECTED]> wrote in message
00b701bfcab8$d4aa7f80$[EMAIL PROTECTED]">news:00b701bfcab8$d4aa7f80$[EMAIL PROTECTED]...
> Question - ISDN: I have an ISDN number at work I can dial into, so if I
get
> an ISDN circuit in my house, I should be able to practice DDR by having
the
> circuit at my house dial the circuit at work (instead of having Sprint
> install two ISDN circuits in my house)?
>
>
> Regards,
> Mark
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco and Unix

[Blake Traister]

Yes...it is a good background to complement Cisco.  If you go to work at a
NOC or as a network engineer for a dot com or something, it is inevitable
that you will need to network unix stations.

Linux is a great alternative...I would suggest looking into Solaris 8x86.
its gonna run on your wintel box and I think its only like...20
bucks...definitely worth the price of admission.  Solaris is extremely
robust and I dont know about any of you...but I seem to find the command
line/terminal window interface of unix refreshingly similar to the Cisco
IOS.

My unix experience definitely helped me with the Cisco stuff

AC Schneider wrote:

> As a newbie to these parts, I've recently decided to start my studies for
> the CCNA 2.0.  Out of curiosity, I went to the Cisco web site and noticed
> many positions I looked at had Unix as a requirement.  So my question, in
> general is it good to have a Unix back ground to complement Cisco
> certification?  If so, would Linux do as a substitute?
>
> Your input is appreciated,
> -ACS
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Free T-Shirt

[Makarand Yerawadekar]

Here it is --

http://www.cisco.com/pcgi-bin/lm/buffer/offer/businessdsl/1327_jump/L434-166XB

please watch the wrap.


"Sena, Elver" wrote:

> Hi,
>
> Some days ago someone posted a link to get a free cisco T-Shirt.  Can
> someone please provide me with the link?
>
> Thanks,
> Elver
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

--
-
Click here for Free Video!!
http://www.gohip.com/free_video/


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Home Lab: ISDN Question

[Mark Holloway]

Question - ISDN: I have an ISDN number at work I can dial into, so if I get
an ISDN circuit in my house, I should be able to practice DDR by having the
circuit at my house dial the circuit at work (instead of having Sprint
install two ISDN circuits in my house)?


Regards,
Mark


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

8 port ima card

[shanks]

any one configured 8port e1 ima card in cisco routers

i require sample conf





___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCNA 1.0 or CCNA 2.0

[Jaffery, Masood]

Hi All,
I'm planning to go for ccna v1.0. Can someone guide me wether i should go
for 1.0 or 2.0. If i go for 1.0 then for how long will it be valid?. Wat's
the difference b/w 1.0 & 2.0. And where can i get the study material on
V2.0, any url or book.

thanks in anticipation,
MAJ

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Remote access servers and modems

[shanks]

Any one know about client modem settings inbrief.what strings neeed to add
if connection disconnects very frequntly or not able to connect digital nos



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PLS HELP - DLSW+ not working, token-ring attached FEP 3746 to a ethernet attached SNA client over Frame-relay...

[Joe Martin]

heres an example of conversion:

0060.035f.0804

write it in binary
  0110  .  0011 0101  .  1000  0100

read it from left to right
0060.0caf.0102

swap the nibbles
0006.c0fa.1020

Thats it

JOE
CCIE 5917


"Mohan" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> joe, can you pls. explain a little more in detail here, and how do i do
the conversion, any doc. on this?
> thanks,
> mohan
>
> -Original Message-
> From: Joe Martin [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 5:15 AM
> To: [EMAIL PROTECTED]
> Subject: Re: PLS HELP - DLSW+ not working, token-ring attached FEP 3746 to
a ethernet attached SNA client over Frame-relay...
>
> MAC addresses are carried in non-canonical format in DLSW.  If your
running
> a protocol converter on the Ethernet segment and have created a peer mac
> address, make sure you do the conversion.  This is also true of any peer
> statements you have in the routers.
>
> I did an install like this about 3 years ago and that was the only "issue"
I
> had.
>
> JOE
> CCIE #5917
>
>
> "Mohan" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > Hi gurus, i have this problem getting a token-ring attached FEP 3746
> > talking to a Ethernet attached SNA client over a back-to-back
frame-relay
> > network configured for DLSW+. I followed the instructions and guidelines
> > provided on the cisco DLSW+ docs, however, i fails to get the
> configuration
> > work. I hope you gurus can shed some light and help me with this.
> >
> > the following are my observations:
> >
> > 1. Initially, the interface and line protocol on to0 (Hostrouter) was
up,
> > however shortly after the client was configured the interface gone into
> > shutdown state and i fail to do a no shut, no response and remained at
> > shutdown state, i'm only able to do a no shut after removing the
> > souce-bridge 9 1 11 statement from the hostrouter. any idea why is this
> > happening. I have even tried upgrading the ios from 11.1 to 11.2 on the
> > hostrouter.
> >
> > 2. I have checked the cables and  cards and confirm to be working fine.
> >
> > 3. on the remote router, the dlsw peer reach output was showing the
client
> > searching for the 3746 MAC but the session never came-up.
> >
> > i have attached the config. and show outputs, pls. help to get this
> problem
> > fixed. PLS. HELP.
> >
> > thank you,
> >
> > mohan
> >
> >   FR
> >Ethernet
> >  |3746||ring 9|-|host router|---|remote
> > R|-|client|
> >
> > sh run
> > Building configuration...
> >
> >
> >
> > Current configuration:
> > !
> > version 11.2
> > no service password-encryption
> > service udp-small-servers
> > service tcp-small-servers
> > !
> > hostname Hostrouter
> > !
> > enable secret 5 $1$Fw2W$g97jlFnPbudx14b2qBeGO.
> > enable password router
> > !
> > source-bridge ring-group 2000
> > dlsw local-peer peer-id 150.150.1.1
> > dlsw remote-peer 0 tcp 150.150.2.1
> > !
> > interface Loopback0
> >  ip address 150.150.1.1 255.255.255.0
> > !
> > interface Serial0
> >  ip address 150.150.100.1 255.255.255.0
> >  encapsulation frame-relay IETF
> >  no fair-queue
> >  frame-relay map ip 150.150.100.2 70
> >  frame-relay lmi-type ansi
> > !
> > interface Serial1
> >  no ip address
> >  shutdown
> > !
> > interface TokenRing0
> >  no ip address
> >  shutdown
> >  ring-speed 16
> >  source-bridge 9 1 2000
> >  source-bridge spanning
> > !
> > no ip classless
> > !
> > !
> > line con 0
> > line aux 0
> > line vty 0 4
> >  password cisco
> >  login
> > !
> > end
> >
> > Hostrouter#sh dlsw peers
> > Peers:state pkts_rx   pkts_tx  type  drops ckts TCP
> >   uptime
> >  TCP 150.150.2.1 DISCONN  0 0  conf  00   -
> >-
> >
> > Hostrouter#sh dlsw peers reach
> > DLSw Local MAC address reachability cache list
> > Mac Addrstatus Loc.port rif
> >
> > DLSw Remote MAC address reachability cache list
> > Mac Addrstatus Loc.peer
> >
> > DLSw Local NetBIOS Name reachability cache list
> > NetBIOS Namestatus Loc.port rif
> >
> > DLSw Remote NetBIOS Name reachability cache list
> > NetBIOS Namestatus Loc.peer
> >
> > Hostrouter#
> >
> >
> > Remote#sh run
> > Building configuration...
> >
> >
> >
> > Current configuration:
> > !
> > version 12.0
> > service timestamps debug uptime
> > service timestamps log uptime
> > no service password-encryption
> > !
> > hostname Remote
> > !
> > !
> > ip subnet-zero
> > ip host HQ 150.150.100.1
> > frame-relay switching
> > !
> > !
> > !
> > !
> > source-bridge ring-group 2000
> > dlsw local-peer peer-id 150.150.2.1
> > dlsw remote-peer 0 tcp 150.150.1.1
> > dlsw bridge-group 1
> > !
> > !
> > !
> > interface Loopback0
> >  ip address 150.150.2.1 255.255.255.0
> >  no ip directed-broadcast
>

Re: CCIE Design Lab and NVT

[David C Prall]

Doing a search for Network Verification Tool brought me 19 possible items.
Of which the first five were useless.

http://www.cisco.com/cpropart/sync-src/ccstcp/cc/serv/mkt/sup/ent/nsahas/wel
come/nhas_ov.htm Once on the page do a search again using CTRL-F.

http://www.cisco.com/cpropart/sync-src/ccstcp/cc/serv/mkt/sup/ent/nsa/welcom
e/nsan_ov.htm


David C Prall, CCDP CCNP MCSE MCNE
[EMAIL PROTECTED]
http://dcp.dcptech.com
- Original Message -
From: "Darren Ward" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, May 27, 2000 3:35 AM
Subject: CCIE Design Lab and NVT


> Hi All,
>
> Does anyone know what software Cisco will be using in their CCIE Design
> Lab that has been finally released?
>
> All it says is :
>
> "Upon completion of the design, a NVT (Network Verification Tool) will
> be used to verify all design requirements are met."
>
> I'd like to look a bit harder into it by trying to obtain a copy of the
> software but when I had called our Cisco Rep he didn't know anything
> about it.
>
> Can anyone shed some light on it for me?
>
> Darren
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: a question about ip connectivity

[Cai, Land]

Bob,

Thanks for your detailed posting. The internal LAN segment has same B class
network  as dial-up, it 's because I dial to our dial in server located in
the other branch office(not dail to internet).  We set the ip network to B
class, while use 24 prefix to subnet it.  Now I have resolved this problem.
I noticed that after dial out, the routing table of the PC be affected, as
follows:

Before dial out
 167.65.104.0   255.255.255.0 167.65.104.42 167.65.104.42 1
after dial our change to
167.65.104.0 255.255.255.0 167.65.104.42 167.65.104.42 2
167.65.104.0 255.255.255.0 167.65.107.12 167.65.107.12 1

note, 167.65.107.12 is gotten from PPP server IP pool.
  167.65.104.42 is Ethernet Card IP addr.
Can you explain why this route table be updated to this appearance. And why
this happen?

Thanks,
Cai, land
CCNA...

 -Original Message-
From:   Bob Vance [mailto:[EMAIL PROTECTED]] 
Sent:   Tuesday, May 30, 2000 10:27 PM
To: CISCO_GroupStudy (E-mail)
Cc: 'Cai, Land'
Subject:RE: a question about ip connectivity

What OS are you running on the desktop?
If Win95, upgrade to MS DUN 1.3.

What does
route print
show, both before and after the dial-up connection.
What is the netmask on your LAN IP address?

You shouldn't have to do anything to have access *to* the Ethernet LAN
*and* the dial-up network at the same time.
You will get a default gateway that will allow access to Internet
sites thru the dial-up, but it shouldn't break access *to* the LAN
side -- you should still be able to access anything on the LAN side.

I do this every day -- in fact that is how I am connected to send this
post.  I am on a PC on the LAN in my house, talking *through* a Win95 PC
(running NAT software) that has a LAN card *and* has made a dial-up
connection to the Internet.  This "NAT" PC talks to both the internal
LAN and the Internet.

The only thing that I see different in your case, is that the LAN is
a subnet of the *same* Class B network as the dial-up.
NIC = 167.65.104.42
PPP = 167.65.107.12
I would assume that both prefixes are /24, but (and I'm not gonna test
it), but perhaps DUN has a problem with using subnets of the same
Classful network for the LAN and the dial-up.
In my case the PPP "network" is 10 and the LAN is 192.168.1 --
totally different and no possibility of confusion.

BTW, how is that your internal LAN has the same Class B network address
as the dial-up?

Now, one final point:
Joe used the word "across" the LAN (while I specifically said, "to"),
and he would obviously be correct.
If you were going to access another "internal" subnet, besides
167.65.104.0/24, say, 167.65.200.0/24, then, of course, you'd need
to have a router on your LAN to that subnet *and* add a static route on
the PC to that subnet (route add ...) thru that router.

>From your post, however, I did not take this last situation to be your
problem.  It seems that you couldn't connect to *other* 167.65.104.X
guys.

-
Tks| 
BV | 
Sr. Technical Consultant,  SBM, A Gates/Arrow Co.
Vox 770-623-3430   11455 Lakefield Dr.
Fax 770-623-3429   Duluth, GA 30097-1511
=





-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Joe Martin
Sent: Wednesday, May 24, 2000 8:42 AM
To: [EMAIL PROTECTED]
Subject: Re: a question about ip connectivity


When you dial-up, a new default gateway is dynamically added into your
workstation to point to the dialup gateway.  To continue to allow access
across your LAN also, you will need to have routes to your lan segments.
These routes could be added statically or could be learned dynamically
thru
a routing protocol.

JOE
CCNP, CCDP, and a few other things...
CCIE Lab - May 27/28


""Cai, Land"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sorry for made a mistake, the IP add of ether Card is 167.65.104.42.
>
>  -Original Message-
> From: Andrew Larkins [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 24, 2000 6:24 PM
> To: Cai, Land
> Subject: RE: a question about ip connectivity
>
> you need a route to the other subnet...
>
> Andrew Larkins
> Usko Communications
> Tel: +2711 236-8000
> Fax: +2711 236-8350
> Cell: +2783-656-7214
> Email: [EMAIL PROTECTED]
>
>
> "This message may contain information which is confidential and
subject to
> legal privilege.  If you are not the intended recipient, you may not
peruse,
> use, disseminate, distribute or copy this message.  If you have
received
> this message in error, please notify the sender immediately by email,
> facsimile or telephone and return and/or destroy the original
message."
>
>
>
>
> -Original Message-
> From: Cai, Land [mailto:[EMAIL PROTECTED]]
> Sent: 24 May 2000 10:57
> To: Cisco (E-mail)
> Subject: a question about ip connectivity
>
>
> Hi,
>
> Supposed t

CCNA study sequence oz

[Oz]

Just looking over the various books out there on CCNA  ..
 I see many different paths ( as in the sequence of study)
Which order did you or would you study in

( )   OSI
( )  Subnetting
( )  Frame Relay
( )  IOS commands
( )  ISDN
( )  Switching
( )  Network protocols
( )  Access Lists
( )  WAN Protocols
( )  Routing protocols

 and part B
Which was the most difficult for you in a scale of 1 thru 10
( )   OSI
( )  Subnetting
( )  Frame Relay
( )  IOS commands
( )  ISDN
( )  Switching
( )  Network protocols
( )  Access Lists
( )  WAN Protocols
( )  Routing protocols

 Also of you have any comments   etc ...
Once I get all the replies I will wait 7 days I will post the results  on my
web site.
  Please don't reply to the list as if I miss your reply it will be one less
to help out

Regards

Oz



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACRC

[jeongwoo park]

Could anybody who had taken ACRC test tell me how hard it is, and what area
I should prepare harder.
I was told that there will be lots of "Fill in the blank" Qs.
Any comments about ACRC would be appreciated.
Thanks.

 
iWon.com   http://www.iwon.com why wouldn't you? 


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Scott Benton]

First of all, are you trying to use an IPSEC or a PPTP
tunnel? Are you terminating the tunnel on the PC or on
the router that is doing translation?
Scott
--- Greg Smythe <[EMAIL PROTECTED]> wrote:
> Hello --
> 
> Has anyone done this before? I'm trying to get a VPN
> connection to work over
> NAT. I see the translation happening, but my PC gets
> as far as "verifying
> username/pass" and then it errors out saying the
> server didn't respond
> (timeout).
> show ip nat tra:
> 
> tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> 1.1.1.1:1723
> 
> 3.3.3.3 is the IP of my router's internet interface.
> 102.153.102.251 is my
> inside IP of my pc. 1.1.1.1 is my VPN server on the
> internet.
> 
> If I give my PC an internet IP then it works, so it
> has something to do with
> the NAT. No filters are in effect on the interfaces
> on my router.
> 
> Thanks!
> 
> 
> Greg
> 
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


__
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Rodgers Moore]

Greg,

Sure you can get an IPSEC tunnel to work through a router doing NAT.  The
problem that normally arises is with PAT.  ISAKMP uses UDP port 500 for the
source and destination.  PAT screws this up, by translating the source port
from 500 to something else and this is invalid.  You also have to configure
passing IPSEC, IP protocols 50 and 51, if you are using any access-lists to
restrict traffic or to define the interesting traffic to the NAT process.

I've done this many times in the past.  Through routers, PIX, Raptor
Firewalls, and Check Point Firewalls.  It's becoming more common that more
organizations are implementing firewalls and require a particular client and
do not allow server to server tunnels for security reasons.

Rodgers Moore

""Greg Smythe"" <[EMAIL PROTECTED]> wrote in message
001701bfca7b$d76398c0$020b010a@ei">news:001701bfca7b$d76398c0$020b010a@ei...
> So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
> Thanks for the info!
>
> Greg
> - Original Message -
> From: "Ric Messier" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, May 30, 2000 2:01 PM
> Subject: Re: VPN through NAT
>
>
> VPNs don't typically work through NAT. The reason is that the packet is
> altered by the router on the way through the network. As a result, the
> signature is altered and the packet is discarded as being corrupt. The
> originating IP is used as part of the authentication mechanism for the
> packets coming through. It's a security feature.
>
> Ric
>
> - Original Message -
> From: "Balharek, Peter" <[EMAIL PROTECTED]>
> To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Tuesday, May 30, 2000 4:31 PM
> Subject: RE: VPN through NAT
>
>
> > Try a crazy search on CCO.
> >
> > Type in "nat vpn".
> > Select to search in support.
> >
> > Ohhh.
> >
> > Rtfm
> >
> >
> >
> > -Original Message-
> > From: Greg Smythe [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, May 30, 2000 12:55 PM
> > To: [EMAIL PROTECTED]
> > Subject: VPN through NAT
> >
> > Hello --
> >
> > Has anyone done this before? I'm trying to get a VPN
> > connection to work over
> > NAT. I see the translation happening, but my PC gets as far
> > as "verifying
> > username/pass" and then it errors out saying the server
> > didn't respond
> > (timeout).
> > show ip nat tra:
> >
> > tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> > 1.1.1.1:1723
> >
> > 3.3.3.3 is the IP of my router's internet interface.
> > 102.153.102.251 is my
> > inside IP of my pc. 1.1.1.1 is my VPN server on the
> > internet.
> >
> > If I give my PC an internet IP then it works, so it has
> > something to do with
> > the NAT. No filters are in effect on the interfaces on my
> > router.
> >
> > Thanks!
> >
> >
> > Greg
> >
> > ___
> > UPDATED Posting Guidelines:
> > http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Load balancing

[Kevin S. Mahler]

What you want to do is rather complex.  You can't really
"load share" between the two.  About the only thing you could
do is request your own AS number and run BGP on your Internet
router with peers on both ISPs.  This would require a good deal
of work on the ISPs part as well.  Most charge for this type of
service.  The last time I did it they charged about $500 each
plus the $500 for the AS number.  You'll need a faster router
than a 4000 and it will need lots of memory.

In a nutshell, it's a good deal of work.

Kevin

At 10:24 AM 5/31/00 +0800, William Wong wrote:
>Hello guys:-
>
>Senario:-
>
>I have a Cisco 4000 router.
>
>Ser 0 is direct connect to ISP through 64 K leased line.
>Now I installed another 128 K leased line which connect to my HQ.  From
>there connect to another ISP.
>
>Lan IP is 192.228.156.0
>Ser0 is 164.142.2.201 (to my ISP)
>Ser1 is 164.147.52.201 (to my HQ)
>
>I want to configure the load balancing.
>What routing protocol I should use?  (OSPF/EGRP/IGRP...)
>
>How should I configure the route table?
>Currently, the default route is route to 164.142.2.202
>
>Hope your guys can help me.
>
>
>Regards
>
>
>William
>
>
>
>
>
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

-
Kevin S. Mahler, CCNP, CCDA, CCSE
Systems Engineer, Cisco Systems
Atlanta, GA

Author of CCNA Training Guide, New Riders, ISBN 0735700516
Tech Editor of CCDA Exam Certification Guide, Cisco Press, ISBN 0735700745
Revision Author of Internetworking Technologies Handbook Third Edition, 
Cisco Press

See my homepage at 
---
 
-

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 2611 Hardware issue

[Todd Plambeck]

>

You can try to ARP an address to one of the ethernet ports ( if you know
the MAC address of the ethernet port ). This will obviously only work if
the ethernet port is up ( link light will tell you ).

Good Luck

Todd

CCNP,CCDP

> Hi guys,
>
> Can anyone tell me what i can do with this router?
>
> I've got a 2611 who's console port seems to have died.
> When i console into it i get strange ascii symbols
> and then hangs.  I cant telnet from ethernet nor can
> i ping its ethernet.
>
> The console port itself is clean and the console cable
> is working fine ( works with other routers )
>
> Any ideas as to what i can do with this ?
>
> Is it fixable?  or trash now?
>
> Thanks
> Brandon
>
> ---
>   Brandon Peyton   UUNET MCIWorldcom
>   Corporate Network Support3069 Williams Dr.
>   Senior Network Engineer  Fairfax, VA 22031-4648
>   Voice:  703-744-2669 Email:  [EMAIL PROTECTED]
> ---
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Load balancing

[William Wong]

Hello guys:-

Senario:-

I have a Cisco 4000 router.

Ser 0 is direct connect to ISP through 64 K leased line.
Now I installed another 128 K leased line which connect to my HQ.  From
there connect to another ISP.

Lan IP is 192.228.156.0
Ser0 is 164.142.2.201 (to my ISP)
Ser1 is 164.147.52.201 (to my HQ)

I want to configure the load balancing.
What routing protocol I should use?  (OSPF/EGRP/IGRP...)

How should I configure the route table?
Currently, the default route is route to 164.142.2.202

Hope your guys can help me.


Regards


William







___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HTML mail

[Chuck Church]

All,

  I try not to complain, but could we get out of the habit of sending
HTML mail to this list?  It seems like lately there's about 10 pages of





I

in every digest.  If you're using Outlook, just go to 'Format', and pick
'Plain Text'.  'Ok' to any warning, and it'll be plain text.  I've already
warn the letters off my 'page down' key, but maybe it's not too late for
others on this list  :)

Thanks,
Chuck Church
MCNE, MCSE, CCNA



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Simulated wan on 2511 routers

[Dan Heyen]

What specific cables do I need to set up a simulated Wan link between 2 2511 
routers? Please supply the part # and/or a URL where I can order this 
equipment from. In addition, a sample config would be helpful as well, or 
the name of a book or website that explains how to configure a simulated Wan 
on a 2500 router.

Thanks

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CMTD with using BCRAN study material

[Dave]

Dont worry about it, I have taught the BCRAN material to countless people
and they passed the CMTD with flying colors, they all thought it was quite
easy...I myself even did it before teaching it !!

--
Dave
CCNP/CCDP/CCAI
""Chuck Church"" <[EMAIL PROTECTED]> wrote in message
002801bfcaa4$cbde6420$5b122581@superdave">news:002801bfcaa4$cbde6420$5b122581@superdave...
> All,
>
>I'm taking the CMTD 8.0 test on Thursday.  I was unable to find any
> original course material or Cisco Press books for CMTD when I finished
CLSC
> 6 weeks ago.  I didn't want to sit idle waiting for the BCRAN test release
> so I've gone through the new BCRAN Cisco Press book, but since this isn't
> the right book for this test, I'm a little nervous.  I'm getting about 80%
> on the Boson tests I purchased the first time I take them, but they seem
> geared for BCRAN more than CMTD.  Any last minute pointers?  I think I've
> got the CMTD objectives down, but I need a little reassurance.
>
> Thanks,
> Chuck Church
> MCNE, MCSE, CCNA, CCNP hopefully 1 test away after Thursday ;)
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 2611 Hardware issue

[Jay Hennigan]

On Tue, 30 May 2000, Brandon Peyton wrote:

> Hi guys,
> 
> Can anyone tell me what i can do with this router?
> 
> I've got a 2611 who's console port seems to have died.
> When i console into it i get strange ascii symbols 
> and then hangs.  I cant telnet from ethernet nor can
> i ping its ethernet.
> 
> The console port itself is clean and the console cable
> is working fine ( works with other routers ) 
> 
> Any ideas as to what i can do with this ?

Try different speeds on your terminal emulator.  It sounds like the config
register may have gotten hosed.   Did you recently do a password recovery
on this box? 

Sometimes you can guess as to whether your speed is too high or too low
by the length of the lines of garbage.  

What happens if you set your terminal up 9600 N-8-1 and power-cycle the 
router, then send it a BREAK signal about 10 to 20 seconds after it starts 
booting?  Note: use a decent terminal emulator like TeraTerm or CRT, or 
minicom for Linux.  Hyperterminal is broken in various ways depending on 
the version when it comes to sending a BREAK.

> Is it fixable?  or trash now?

If you think it's trash, please deposit it in my trash can.  I'll even
pay the postage.  :-)

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CMTD with using BCRAN study material

[Chuck Church]

All,

   I'm taking the CMTD 8.0 test on Thursday.  I was unable to find any
original course material or Cisco Press books for CMTD when I finished CLSC
6 weeks ago.  I didn't want to sit idle waiting for the BCRAN test release
so I've gone through the new BCRAN Cisco Press book, but since this isn't
the right book for this test, I'm a little nervous.  I'm getting about 80%
on the Boson tests I purchased the first time I take them, but they seem
geared for BCRAN more than CMTD.  Any last minute pointers?  I think I've
got the CMTD objectives down, but I need a little reassurance.

Thanks,
Chuck Church
MCNE, MCSE, CCNA, CCNP hopefully 1 test away after Thursday ;)

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Lab question

[Dale Holmes]

Burned all my notebooks
What good are notebooks?
They won't help me survive...

[=`)

>From: Jae  Kang <[EMAIL PROTECTED]>
>Reply-To: Jae  Kang <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: CCIE Lab question
>Date: Wed, 31 May 2000 08:43:35 +1000
>
>Hi All,
>
>   When you do lab exam, do they provide a notebook or use your own?
>
>   Cheers,
>
>Jae-Joon Kang - Senior Network Integration Engineer.
>Ipex Information Technology Group
>Ph: (07) 3406 5887
>Fax: (07) 3406 5859
>Mobile: 0410 556 107
>mailto:[EMAIL PROTECTED]
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Value of Cisco certifications

[Sam . Ng]

 if you don't discuss the questions how could we learn.. if cisco doesn't have
enough questions to ask then
 ask the group member to provide one question each every day or every month..
how many member do we have
. ??? How many day per month

Cheers
Sam



>From David <[EMAIL PROTECTED]> on 31 May 2000 0:36:39
To : [EMAIL PROTECTED]
Copy To : (bcc: Sam Ng)
Subject : Re: Value of Cisco certifications



I think this issue can be taken in a much more practical sense.  It's
quite obvious that a very large majority of the people on this list
already work in the technology field, some of which have contacts inside
Cisco.  If anyone from Cisco is monitoring this list, or gets copies of
emails that may violate NDA's, it would not be difficult for them to
contact one of the individuals cc'd on the message, or contact the list
owner and track down received: headers from the originating poster.  If
you have concerns about NDA violation in what you're posting and don't
want to have your certifications revoked for any reason, then you
probably shouldn't post your question in this public forum.

David

-

 -Original Message-
 From: TyRhon144000
 To: [EMAIL PROTECTED]
 Sent: 5/30/00 2:47 PM
 Subject: Value of Cisco certifications

 Is there any way Cisco can make their certifications
challenging enough,
 that they can give a realistic estimate of a person's skills?
 I really don't believe that there is such a thing as
 paper-certification,
 everyone's certification comes on paper and everyone has to do
some
 amount
 of study to get certified. Yet, as a CCNA myself, I would like
for all
 of
 Cisco certifications to reflect real world knowledge.
 I applaud Cisco for making the CCIE as challenging as it is. I
am also
 happy
 that just about every CCIE lives up to the NDA. If only those
who have
 obtained other certifications from Cisco lives up to the NDA,
then maybe
 some of their other certifications will not lose credibility.
 Is there anything, that we can do to preserve the credibility
of Cisco
 certifications?
 T. Knox

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ccie written

[Sam . Ng]

 Thank mate,, i'm bit upset but my objective been achieved to see what kind of
questions would be
  i'd say this group do give me a lot of supports and helps for sure..


cisco device question 57
network theory83
bridging & lan switching  75
tcp/ip   62  --> why ??? i though i was good at that.. well
ticky you really need to do it at lab..
ip routing protocol  70
desktop protocols87 --> why ???  i'm ok with ipx
performance management   0   --> why ???  it's easy but PLEASE read it & don't
miss it , i remember it's only two questions and i got zero
WAN 66 --> why ???  i still don't know
LAN 40 --> why ??? not many questions but the question would
kill you ( minor thing you've never thought of e.g. claim token stuff
& fddi
Security33 --> why ??? not many questions ( about 3 questions) but
you have to exactly answer it.. not just say i know its name ( TACAS &
  Radius ) very basic concept but have to answer exactly
what the question wants (not vigous)
Multiservice 100 --> this is a joke , two questions to tell how you
know multiservice concept...better cancell it from syllabus..


Cheers
Sam


>From "Chuck Larrieu" <[EMAIL PROTECTED]> on 31 May 2000 0:56:00
To : Sam Ng
Subject : RE: ccie written



Next time, Tiger!

Chuck

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, May 30, 2000 5:28 PM
To:  [EMAIL PROTECTED]
Subject:  ccie written




  Hi guys, i took my ccie written examin yesterday but unfortunately i got
68%
(i.e. not pass)
  Anyone wants to know about the test, pls send me mail.. and if anyone can
answer my questions
  below it would be appreciated

   i remember the questions but i couldn't remember the answer how could i
know
that i picked the
   right answer.. if i could not know where & why i did it wrong, i might do
it
wrong again & no improvement
   particular to those tricky questions

   Cheers
   Sam


  Sita Equant Operation
  Fault Management Unit
  Phone  : 61-02-92401408
  CVN : 72391408


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP + VLAN

[David C Prall]

> Hi Group,
>
> How does having 1 STP per VLAN create load-balancing and path-redundancy??
> What would happen if you have 1 STP for all distributed vlan's?
>
> Thanks.
>
> Dave.
>

Having 1 Spanning Tree Port per VLAN allows you to configure switches at the
Access Layer which have multiple VLANS and two trunk ports going back to the
Distribution Layer. Should one of the connections to the core fail the
second link will take over for all VLAN's. While both connections are active
half the VLANs use one pipe and the other half the other pipe.

In concept

Distribution: 2 - 6509's with 16 port Gigabit Modules.
Access: 16 - 2948G's each linked back to the Distribution 6509's

All odd VLANs have a lower priority on 6509 #1
All even VLANs have a lower priority on 6509 #2

Should 6509 #1 fail, then the links to 6509 #2 take over for all VLANs.

If all VLAN's use the link to 6509 #1, then you have a Gigabit of access
total. But by spreading the VLAN's across both ports you get to use 2
Gigabits of access.

David C Prall, CCDP CCNP MCSE MCNE
[EMAIL PROTECTED]
http://dcp.dcptech.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

2611 Hardware issue

[Brandon Peyton]

Hi guys,

Can anyone tell me what i can do with this router?

I've got a 2611 who's console port seems to have died.
When i console into it i get strange ascii symbols 
and then hangs.  I cant telnet from ethernet nor can
i ping its ethernet.

The console port itself is clean and the console cable
is working fine ( works with other routers ) 

Any ideas as to what i can do with this ?

Is it fixable?  or trash now?

Thanks
Brandon

---
  Brandon Peyton   UUNET MCIWorldcom
  Corporate Network Support3069 Williams Dr.
  Senior Network Engineer  Fairfax, VA 22031-4648
  Voice:  703-744-2669 Email:  [EMAIL PROTECTED]
---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

2611 hardware issue P2

[Brandon Peyton]

In addition the activity lights are functioning
and when plugged in to the LAN the activity flashes
the exact same as the other routers on the LAN

thanks in advance,
Brandon

---
  Brandon Peyton   UUNET MCIWorldcom
  Corporate Network Support3069 Williams Dr.
  Senior Network Engineer  Fairfax, VA 22031-4648
  Voice:  703-744-2669 Email:  [EMAIL PROTECTED]
---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

(No Subject)

[alex ang]

Hi,

I have cisco 7200 Atm router. I like to know how to calculate the vbr-ntr for ATM with 
45Mb bandwidth.

cheer,
alex


Get your FREE Email at http://mailcity.lycos.com
Get your PERSONALIZED START PAGE at http://my.lycos.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ccie written

[faris Broussard]

What did the test cover? how hard was it? Im taking mine june 30
<[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
>
>
>   Hi guys, i took my ccie written examin yesterday but unfortunately i got
68%
> (i.e. not pass)
>   Anyone wants to know about the test, pls send me mail.. and if anyone
can
> answer my questions
>   below it would be appreciated
>
>i remember the questions but i couldn't remember the answer how could i
know
> that i picked the
>right answer.. if i could not know where & why i did it wrong, i might
do it
> wrong again & no improvement
>particular to those tricky questions
>
>Cheers
>Sam
>
>
>   Sita Equant Operation
>   Fault Management Unit
>   Phone  : 61-02-92401408
>   CVN : 72391408
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network test and mesurment - All say

[Jorge Rodriguez]

EnterprisePro can give you LAN/WAN  performance, not only that but also can
give you performance matrix per Network device as well as per port.
Includes in the daily,weekly,monthly, yearly reports per device, per ports
are collisions, errors, utilization, graphically.
EnterprisePro makers are Lucent Technologies. This is the best I have seen,
I have used HP OV hummingbird, and nothing compares to Epro.
www.ins.com





Jorge Rodriguez /CCNA
Network Services Analyst
R&S Networks Inc
1112 Boylston Street #222
Boston, MA 02115
1-781-614-1294
http://www.netwire.n3.net/
http://www.learncisco.n3.net/






- Original Message -
From: "kaushik khakhar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, May 29, 2000 10:52 AM
Subject: Network test and mesurment - All say


> Hi group,
>
> Since last few days I have been looking around for some Network Assessment
> tools. I have got to know and work on 2 at this stage:-
> 1. Whats UP Gold ( Good for Network Monitoring)
> 2. MRTG( Serves  the purpose to some extent)
>
> I need to measure performance on LAN ports, and WAN ports and also log the
> availabilty staus. In this regard I got one reference of "Agilent
Netmatrix
> Performance Centre Product Family(HP OV NetMatrix). I need to have more
> information on  this product.
>
> Also, do send me what softwares are used by you and ofcourse, your
comments
> on that.
>
> Thanks,
>
> Kaushik
> 
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cat5 utp pinouts

[Jorge Rodriguez]

I don't know of any graphical pin outs out there but do have instructions
which is easy to follow:

UTP CAT-5 wiring specs:

Four pair wire is the standard with Pair 1 as Blue, Pair 2 as
Orange, Pair 3 as Green and Pair 4 as Brown.  Colors are always
shown with the Base Color first, then the Stripe Color.  The
RJ-45 is wired as follows:

Pin 1White/OrangeTransmit -
Pin 2Orange/WhiteTransmit +
Pin 3White/Green Receive -
Pin 4Blue/White
Pin 5White/Blue
Pin 6Green/White Receive +
Pin 7White/Brown
Pin 8Brown/White

Two notes - First, holding the cable in your left hand, with the
RJ-45 pins facing up, Pin 1 is the furthest away from you.  Second,
the blue and brown pair are unused and there is a big discussion
on whether you can use them or not.  The feeling seems to be that
digital telephone is OK, but analog telephone (modem, fax) is not
due to the high ring voltage.  I am running digital phone in the
blue and some System 36 emulation in the brown without problems but
most of my stations are on short ( < 150 feet ) cables.  Still, the
safe money says to use the cable solely for one 10BaseT node and
put everything else in another cable.

To make a Cross Over patch cable for hub to hub connections, wire
one end as follows:

One EndThe Other End
Pin 1 White/Orange Pin 1 White/Green
Pin 2 Orange/White Pin 2 Green/White
Pin 3 White/Green  Pin 3 White/Orange
Pin 6 Green/White  Pin 6 Orange/White

Hope this helps

Rgrds

Jorge Rodriguez /CCNA
Network Services Analyst
R&S Networks Inc
1112 Boylston Street #222
Boston, MA 02115
1-781-614-1294
http://www.netwire.n3.net/
http://www.learncisco.n3.net/





- Original Message -
From: "Justin Marcus" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 6:11 AM
Subject: cat5 utp pinouts


> hey :)
>
> does anyone no where to get a graphical picture of the pinouts for
> normal(hub) and x-over cat5 cabling ?
>
> thanks :)
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Value of Cisco certifications

[David]

I think this issue can be taken in a much more practical sense.  It's
quite obvious that a very large majority of the people on this list
already work in the technology field, some of which have contacts inside
Cisco.  If anyone from Cisco is monitoring this list, or gets copies of
emails that may violate NDA's, it would not be difficult for them to
contact one of the individuals cc'd on the message, or contact the list
owner and track down received: headers from the originating poster.  If
you have concerns about NDA violation in what you're posting and don't
want to have your certifications revoked for any reason, then you
probably shouldn't post your question in this public forum.

David

-

 -Original Message- 
 From: TyRhon144000 
 To: [EMAIL PROTECTED] 
 Sent: 5/30/00 2:47 PM 
 Subject: Value of Cisco certifications 

 Is there any way Cisco can make their certifications
challenging enough, 
 that they can give a realistic estimate of a person's skills? 
 I really don't believe that there is such a thing as 
 paper-certification, 
 everyone's certification comes on paper and everyone has to do
some 
 amount 
 of study to get certified. Yet, as a CCNA myself, I would like
for all 
 of 
 Cisco certifications to reflect real world knowledge. 
 I applaud Cisco for making the CCIE as challenging as it is. I
am also 
 happy 
 that just about every CCIE lives up to the NDA. If only those
who have 
 obtained other certifications from Cisco lives up to the NDA,
then maybe 
 some of their other certifications will not lose credibility. 
 Is there anything, that we can do to preserve the credibility
of Cisco 
 certifications? 
 T. Knox

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Passive-interface

[Dave]

yes, but there is no reason for OSPF routers to know about each other unless
they are going to exchange topology databases.  Look it up in Cisco
Documentation, Hello's will not be passed on a passive-interface.

--
Dave
CCNP/CCDP/CCAI
""Deepak Ravindra"" <[EMAIL PROTECTED]> wrote in message
8h092q$8qc$[EMAIL PROTECTED]">news:8h092q$8qc$[EMAIL PROTECTED]...
> was wondering...as Cisco says...passive interface is there to block
routing
> updates from going across.
> Hello packets do not contain  routing updates...they are a mechanism of
> keeping a router connected  and alive in  the OSPF n/w
>
> Deepak Ravindra
> CCNA,ACRC...
>
>
> "Dave" <[EMAIL PROTECTED]> wrote in message
> 8gmhrl$hg6$[EMAIL PROTECTED]">news:8gmhrl$hg6$[EMAIL PROTECTED]...
> > Yes it will stop Hello's there are no reason for them if the interface
is
> > passive, as it cannot form an ajacency anyways...
> >
> >
> > --
> > Dave
> > CCNP/CCDP/CCAI
> > ""Thorne, Magnus"" <[EMAIL PROTECTED]> wrote in message
> > 8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01">news:8B5B58F220FCD311879600508B652072478AB7@ev-cal-ex01...
> > > Will the passive-interface command stop OSPF's hellos?
> > >
> > > -Magnus
> > >
> > > 
> > > Magnus Thorne
> > > eVoice, Inc.
> > > 1394 Williow Road
> > > Menlo Park, CA 94025
> > > Direct: 650.330.3974
> > > Main: 650.330.3700
> > > Fax: 650.330.3901
> > > 
> > > eVoice. The best voicemail you can buy is free.
> > > Sign up at www.evoice.com or call 1.800.GET.EVOICE
> > >
> > > ___
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > > ---
> >
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > ---
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ccie written

[Sam . Ng]

  Hi guys, i took my ccie written examin yesterday but unfortunately i got 68%
(i.e. not pass)
  Anyone wants to know about the test, pls send me mail.. and if anyone can
answer my questions
  below it would be appreciated

   i remember the questions but i couldn't remember the answer how could i know
that i picked the
   right answer.. if i could not know where & why i did it wrong, i might do it
wrong again & no improvement
   particular to those tricky questions

   Cheers
   Sam


  Sita Equant Operation
  Fault Management Unit
  Phone  : 61-02-92401408
  CVN : 72391408


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Lab question

[Core]

No, You have to use the PC in the lab, they have cisco doc cd for you
and bunch of cisco documents . 

> 
> Hi All,
> 
>   When you do lab exam, do they provide a notebook or use your own?
> 
>   Cheers,
> 
> Jae-Joon Kang - Senior Network Integration Engineer.
> Ipex Information Technology Group
> Ph: (07) 3406 5887
> Fax: (07) 3406 5859
> Mobile: 0410 556 107 
> mailto:[EMAIL PROTECTED] 
> 
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: value of cisco cert

[Trevor Corness]

This is why positions require experience.. companies have seen what it takes
to "pass the exam".  Don't get me wrong, I've been in the exam situation, I
know it takes some time and understanding to pass these exams.. but I also
know, from personal experience in the exam situation, that it doesn't take
experience on the actual equipment.. this is why "Certification" isn't "God"
in the job hunt.. it helps, yes.. but is only one factor.  When it comes
down to 2 CCNP/CCDP candidates for a job, the next place the employer will
look, is on-the-job experience..

What next?  a lab for A+? a lab for every MCSE exam? a lab for Programmers?
a lab for Network+?  then that would degrade the CCIE.. the lab is what sets
these people apart from the rest of the world..  a lab is not feesible.. but
maybe a few simulations within the written exams.  I hear this is what
Microsoft is starting on, MMC simulations.. "complete this task".. and at
the end, you better have had a clue on what to do.

Trevor Corness, CCNA MCSE MCP+Internet

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Justin Marcus
Sent: Tuesday, May 30, 2000 3:10 PM
To: [EMAIL PROTECTED]
Subject: RE: value of cisco cert


i think every exam... thats involved with routers/switches/hardware should
have a lab exam as well as a writen one.

:)

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CIT 4.0

[Ryan LaTorre]

For the record, I took the BCRAN test 640-505 (not beta) on March 12, 2000.
I don't know why the Sylvan rep would tell you to wait until June...

I used the Paquet book for prep, and it was quite adequate. A little
hands-on never hurts though :)

- Original Message -
From: "monian" <[EMAIL PROTECTED]>
To: "groupstudy" <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 11:27 AM
Subject: CIT 4.0


Hi Guys,

Next is CMTD/BCRAN. Is BCRAN already available.The local test center
said it would available from Ist week of June. If some one has already taken
it
pls advise whether BCRAN by Catherine Paquet is enough. Is Cisco training &
course
material a must.
Special tks to Chuck.
Rgds
Monian



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLANs and SC0!

[Bartlett, DS1]

Cristina,

After you change the ports on a device don't forget to do a 

"Clear cache"  command on the router.  Your routes will still be in a
routing table for incorrect MAC ports on the Catalyst switch.  These can
take an inordinate amount of time to clear out, especially if they have been
tweeked by someone.  I believe the default is 30 minutes.

Good luck
Daryn

-Original Message-
From:   Cristina Hoselins [SMTP:[EMAIL PROTECTED]]
Sent:   Friday, May 26, 2000 5:29 PM
To: [EMAIL PROTECTED]
Subject:VLANs and SC0!

All,

This is a stupid question:
I have recently run into some information that has caused me to
doubt
the way a switch works.

SITUATION:
R1(E0)--(2/6)Cat5500(2/7)--(e0)R2
A catalyst 5500 (no RSM) with 2 VLAN's configured: Vlan 1, Vlan
2,and 2 
routers, both routers configured for VLAN 1 with 24 bit subnet mask,
SC0 is 
part of VLAN1
by default
R1 pings R2 OK
R2 pings R1 OK
Cat5500 pings both routers OK
SO far so good...
Now I moved 2/6 and 2/7 to VLAN 2, set the vtp domain name XY and
try to 
ping
R1 pings R2 OK
R2 pings R1 OK
Cat5500 cannot ping the routers,neither the routers can ping the
Cat5500..
when you do a SH CDP NEIGH it sees both routers, SCO is still in
VLAN1...I 
moved SC0 into VLAN 2, doesn't make a difference... DOes anybody
know why

It's much appreciated.
Thank you
Cristina



Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com

___
UPDATED Posting Guidelines:
http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Value of Cisco certifications

[TyRhon144000]

Title: RE: Value of Cisco certifications



I agree with you totally. Additionally, I think it 
also would be helpful if those who have gotten certified adhered to the 
NDA.
T. Knox

  - Original Message - 
  From: 
  Prather, Aaron 
  To: '[EMAIL PROTECTED]' 
  Sent: Tuesday, May 30, 2000 4:02 PM
  Subject: RE: Value of Cisco 
  certifications
  
  I know this isnt really cost effective, but it would be nice 
  to have a lab for your final test for your CCNP, make it not neary as hard or 
  as expensive as the CCIE lab, but still should test your knowledge of actually 
  configuring devices.  Make it a virtual lab, because there is no way 
  every testing center will be able to house equipment, it can be done if cisco 
  really wants to... I think this would be a good test of actual knowledge and 
  not just memorizing test questions.
  Aaron -Original 
  Message- From: TyRhon144000 To: [EMAIL PROTECTED] Sent: 5/30/00 2:47 
  PM Subject: Value of Cisco certifications 
  Is there any way Cisco can make their certifications 
  challenging enough, that they can give a realistic 
  estimate of a person's skills? I really don't believe 
  that there is such a thing as paper-certification, everyone's certification 
  comes on paper and everyone has to do some amount of study to get certified. Yet, as a 
  CCNA myself, I would like for all of Cisco certifications to reflect real world knowledge. I applaud Cisco for making the CCIE as challenging as it is. I am 
  also happy that just about 
  every CCIE lives up to the NDA. If only those who have obtained other certifications from Cisco lives up to the NDA, then 
  maybe some of their other certifications will not lose 
  credibility. Is there anything, that we can do to 
  preserve the credibility of Cisco certifications? T. Knox 
  ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report 
  misconduct and Nondisclosure violations to [EMAIL PROTECTED] 

Re: CCIE Lab question

[Greg Myran]

Short answer, they provide you with paper.

Long answer, straight from Cisco

CCIE LAB Code of Conduct

The following rules apply to the conduct of the 2-day CCIE lab exam.
Please be prepared to follow these rules.

1.)  DO NOT bring any notes or documentation into the lab.  All the Cisco
documentation you
  require to complete the lab tests is provided in the lab in hardcopy
and CD-Rom media.
  The lab engineer is a resource: you are free to ask for assistance in
locating material
  inside the lab.

2.)  DO NOT confer or consult with anyone but the lab engineer about the
tests for the duration
  of the 2-day exam or after the examination.

3.)  No Pagers or mobile phones allowed within the lab.
  Urgent messages can be left with our main telephone number.

These rules are important to the integrity of the CCIE program.  The lab
engineer will disqualify
anyone who violates these rules and that person will not be admitted to the
lab again
for at least one year.


At 05:43 PM 5/30/2000 , Jae Kang wrote:
>Hi All,
>
> When you do lab exam, do they provide a notebook or use your own?
>
> Cheers,
>
>Jae-Joon Kang - Senior Network Integration Engineer.
>Ipex Information Technology Group
>Ph: (07) 3406 5887
>Fax: (07) 3406 5859
>Mobile: 0410 556 107
>mailto:[EMAIL PROTECTED]
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN through NAT

[Chuck Larrieu]

I believe Cisco's preferred method for this is through specific products
designed for VPN router to router communication

700, 800, 1600 and 1700 series.

In theory, an IPSec compliant box on your side should be able to talk to an
IPSec compliant box on the Corporate side. These things are not necessarily
so at this time.

The idea being that if you had a Cisco router with the firewall and IPSec
feature set, you could configure the router such that your VPN traffic would
go to the designated tunnel device at corporate, and the rest of your
internet traffic would go as it pleased. I did a lab on this a ways back and
published the generic configs to show how the principal works.

Otherwise, the way I have seen most designs, someone with a DSL connection
installs client VPN software on their machine, using that means to create
the secure tunnels. This is actually one of the security concerns, in that
the presence of this shim software does nothing to ensure that the machine
itself is secure.

In your configuration, the preferred manner would be to run the VPN tunnel
from edge to edge, and leave the PC client untouched. There are any number
of known issues with PC shims anyway.

I look forward to hearing what TAC says. Secure VPN client to a Pix?

Chuck

-Original Message-
From:   Greg Smythe [mailto:[EMAIL PROTECTED]]
Sent:   Tuesday, May 30, 2000 3:12 PM
To: Chuck Larrieu; [EMAIL PROTECTED]
Subject:Re: VPN through NAT

I'm trying to VPN from my Home, through a NAT router, over the internet, and
into a VPN server on the corporate network:

This is what I have:

PC ---| 
|
  nat rtr
| 
 internet
|
 VPN server
|
| 

If that's not readable: PC  --NAT
Router--Internet--VPN Server (NT)--Corp LAN

On my NAT router I see it trying to connect but something not passing over
the router correctly.

As a last resort I have just opened a case with the TAC (I decided to try on
here first to see if I could get a fast response ). I'll let the list
know what they say. My case was just dispatched to a tech.

Greg

- Original Message -
From: "Chuck Larrieu" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; "Ric Messier"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:56 PM
Subject: RE: VPN through NAT


To bring this back into the realm of education and enlightenment, let's look
at the design issue.

You are going VPN, ie secure tunnel from where to where?

Homeinternet-firewall-inside_network is the "standard"
configuration, with you the user wanting to work from home for some perverse
reason. ;->

But in the case you state, it would appear that you the user are in the
office, and want to VPN to some other place?

Corp_net-internet-some_other_place

Now as a matter of security policy, does corp_net want to allow people on
the inside to connect snug and secure and private to some unknown place on
the outside... say a competitor's network, where you will then transfer
company secrets?

As a matter of policy, companies might not want traffic whose contents
cannot be inspected to be passing through their firewalls.

Yes there are all in one products, such as the Checkpoint VPN firewall,
which operate in such a manner.

Insidecheckpoint-(VPN/NATtunnel/non-tunnel)-internet-someplace_e
lse

But as a matter of design, NAT not withstanding, it is in my opinion at
least, not a good idea to permit unrestricted VPNs from inside to outside.
If there are extranets to be considered, then one should design a routing
situation in which those who need to connect to particular VPN devices would
be routed to particular pieces of equipment, from which the extranet VPN
would be established.

Inside-firewall---internet
 |-VPN/extranetbusiness_partner

Hey, guys, have I muddied this up enough?  :->

Chuck


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg
Smythe
Sent: Tuesday, May 30, 2000 2:13 PM
To: Ric Messier; [EMAIL PROTECTED]
Subject: Re: VPN through NAT

So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
Thanks for the info!

Greg
- Original Message -
From: "Ric Messier" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:01 PM
Subject: Re: VPN through NAT


VPNs don't typically work through NAT. The reason is that the packet is
altered by the router on the way through the network. As a result, the
signature is altered and the packet is discarded as being corrupt. The
originating IP is used as part of the authentication mechanism for the
packets coming through. It's a security feature.

Ric

- Original Message -
From: "Balharek, Peter" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 4:31 PM
Subject: RE: VPN through NAT


> Try a crazy search on CCO.
>
> Type in "nat vpn".
> Select t

Re: frame relay newbie question

[Kevin S. Mahler]

Yes it is common to run IP and IPX on the same
frame relay subinterface.  The real advantage to using
subinterfaces on frame is to fix some headaches with
routing protocols in a NBMA network.

As for IPX being an issue much longer... That depends on
your customers.  Even Novell has indicated that IPX is
going the way of Disco.

Kevin


At 03:32 AM 5/30/00 -0700, Dan West wrote:
>Is it common/practical to run IP and IPX over the same
>frame relay subinterface?
>
>I am only asking because in Lammle's CCNA prep book it
>is mentioned that one of the advantages of
>subinterfaces is that you can run IP on one and IPX on
>another. BUT, the example directly following that
>statement shows IP and IPX running on the same
>subinterfaces.
>
>More importantly, is IPX even going to be an issue
>much longer?
>
>Thanks.
>
>__
>Do You Yahoo!?
>Kick off your party with Yahoo! Invites.
>http://invites.yahoo.com/
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

-
Kevin S. Mahler, CCNP, CCDA, CCSE
Systems Engineer, Cisco Systems
Atlanta, GA

Author of CCNA Training Guide, New Riders, ISBN 0735700516
Tech Editor of CCDA Exam Certification Guide, Cisco Press, ISBN 0735700745
Revision Author of Internetworking Technologies Handbook Third Edition, 
Cisco Press

See my homepage at 
---
 
-

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

STP + VLAN

[Luong, David]

Title: STP + VLAN 





Hi Group,


How does having 1 STP per VLAN create load-balancing and path-redundancy?? What would happen if you have 1 STP for all distributed vlan's?

Thanks.


Dave.

RE: VPN through NAT

[Kevin S. Mahler]

This is not always the case.  Many Cable Modem providers are running
NAT for some reason.  This can cause grief when trying to work from home
with the office.

I posted a response earlier but don't see it.  I must have used the wrong email
address.

The only VPN client I know of that will work through NAT is the Altiga (Cisco)
VPN Client.  It does a raindance around NAT using UDP packets.

Kevin


At 02:56 PM 5/30/00 -0700, Chuck Larrieu wrote:
>To bring this back into the realm of education and enlightenment, let's look
>at the design issue.
>
>You are going VPN, ie secure tunnel from where to where?
>
>Homeinternet-firewall-inside_network is the "standard"
>configuration, with you the user wanting to work from home for some perverse
>reason. ;->
>
>But in the case you state, it would appear that you the user are in the
>office, and want to VPN to some other place?
>
>Corp_net-internet-some_other_place
>
>Now as a matter of security policy, does corp_net want to allow people on
>the inside to connect snug and secure and private to some unknown place on
>the outside... say a competitor's network, where you will then transfer
>company secrets?
>
>As a matter of policy, companies might not want traffic whose contents
>cannot be inspected to be passing through their firewalls.
>
>Yes there are all in one products, such as the Checkpoint VPN firewall,
>which operate in such a manner.
>
>Insidecheckpoint-(VPN/NATtunnel/non-tunnel)-internet-someplace_e
>lse
>
>But as a matter of design, NAT not withstanding, it is in my opinion at
>least, not a good idea to permit unrestricted VPNs from inside to outside.
>If there are extranets to be considered, then one should design a routing
>situation in which those who need to connect to particular VPN devices would
>be routed to particular pieces of equipment, from which the extranet VPN
>would be established.
>
>Inside-firewall---internet
>  |-VPN/extranetbusiness_partner
>
>Hey, guys, have I muddied this up enough?  :->
>
>Chuck
>
>
>-Original Message-
>From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg
>Smythe
>Sent:   Tuesday, May 30, 2000 2:13 PM
>To: Ric Messier; [EMAIL PROTECTED]
>Subject:Re: VPN through NAT
>
>So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
>Thanks for the info!
>
>Greg
>- Original Message -
>From: "Ric Messier" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Tuesday, May 30, 2000 2:01 PM
>Subject: Re: VPN through NAT
>
>
>VPNs don't typically work through NAT. The reason is that the packet is
>altered by the router on the way through the network. As a result, the
>signature is altered and the packet is discarded as being corrupt. The
>originating IP is used as part of the authentication mechanism for the
>packets coming through. It's a security feature.
>
>Ric
>
>- Original Message -
>From: "Balharek, Peter" <[EMAIL PROTECTED]>
>To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Tuesday, May 30, 2000 4:31 PM
>Subject: RE: VPN through NAT
>
>
> > Try a crazy search on CCO.
> >
> > Type in "nat vpn".
> > Select to search in support.
> >
> > Ohhh.
> >
> > Rtfm
> >
> >
> >
> > -Original Message-
> > From: Greg Smythe [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, May 30, 2000 12:55 PM
> > To: [EMAIL PROTECTED]
> > Subject: VPN through NAT
> >
> > Hello --
> >
> > Has anyone done this before? I'm trying to get a VPN
> > connection to work over
> > NAT. I see the translation happening, but my PC gets as far
> > as "verifying
> > username/pass" and then it errors out saying the server
> > didn't respond
> > (timeout).
> > show ip nat tra:
> >
> > tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> > 1.1.1.1:1723
> >
> > 3.3.3.3 is the IP of my router's internet interface.
> > 102.153.102.251 is my
> > inside IP of my pc. 1.1.1.1 is my VPN server on the
> > internet.
> >
> > If I give my PC an internet IP then it works, so it has
> > something to do with
> > the NAT. No filters are in effect on the interfaces on my
> > router.
> >
> > Thanks!
> >
> >
> > Greg
> >
> > ___
> > UPDATED Posting Guidelines:
> > http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>___
>UPDATED Posting Guid

CCIE Lab question

[Jae Kang]

Hi All,

When you do lab exam, do they provide a notebook or use your own?

Cheers,

Jae-Joon Kang - Senior Network Integration Engineer.
Ipex Information Technology Group
Ph: (07) 3406 5887
Fax: (07) 3406 5859
Mobile: 0410 556 107 
mailto:[EMAIL PROTECTED] 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: NO PRVIOUS BUTTON?

[Rodrigo Larrabure]

My CCNA and CCDA were without previous button.

At 20:27 29/05/00 +0900, K.FUJIWARA wrote:
>>
>
>I failed CCNP ACRC today at 698/790.
>It's my first time to take exam WITHOUT "PREVIOUS" BUTTON.
>Does CCNP, CCDA and CCDP EXAM have no PREVIOUS button?
>Or is it Russian-roulette style?
>Did I eventually meet it?
>
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NO PRVIOUS BUTTON?

[K.FUJIWARA]

>

I failed CCNP ACRC today at 698/790.
It's my first time to take exam WITHOUT "PREVIOUS" BUTTON.
Does CCNP, CCDA and CCDP EXAM have no PREVIOUS button?
Or is it Russian-roulette style?
Did I eventually meet it?



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: source quench

[Jorge Rodriguez]

Source Quench is intergrated within ICMP and IP. ICMP is used to control and
managed information that are transmited bewteen nodes to share status and
error information. When a router bigins to to buffer to many packets because
of the inability to to transmit them as fast as they are being received it
will generate an ICMP source quench messages which will be sent to the
sender to then slow down the rate of packet transmission. All this functions
at
layer 3.

Hope this helps


--Original Message--
From: "kenny" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Sent: May 30, 2000 7:59:34 PM GMT
Subject: source quench


Hi all ,
Any body can help ?
What does source quench means ? ( reply when ping to destination )

Thanks
ken

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Jorge Rodriguez /CCNA
Network Analyst
R&S Networks Inc
1112 Boylston Street
Suite 222
Boston, MA 02115
1-781-614-1294
http://www.netwire.n3.net/
 
iWon.com   http://www.iwon.com why wouldn't you? 


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Greg Smythe]

I'm trying to VPN from my Home, through a NAT router, over the internet, and
into a VPN server on the corporate network:

This is what I have:

PC ---| 
|
  nat rtr
| 
 internet
|
 VPN server
|
| 

If that's not readable: PC  --NAT
Router--Internet--VPN Server (NT)--Corp LAN

On my NAT router I see it trying to connect but something not passing over
the router correctly.

As a last resort I have just opened a case with the TAC (I decided to try on
here first to see if I could get a fast response ). I'll let the list
know what they say. My case was just dispatched to a tech.

Greg

- Original Message -
From: "Chuck Larrieu" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; "Ric Messier"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:56 PM
Subject: RE: VPN through NAT


To bring this back into the realm of education and enlightenment, let's look
at the design issue.

You are going VPN, ie secure tunnel from where to where?

Homeinternet-firewall-inside_network is the "standard"
configuration, with you the user wanting to work from home for some perverse
reason. ;->

But in the case you state, it would appear that you the user are in the
office, and want to VPN to some other place?

Corp_net-internet-some_other_place

Now as a matter of security policy, does corp_net want to allow people on
the inside to connect snug and secure and private to some unknown place on
the outside... say a competitor's network, where you will then transfer
company secrets?

As a matter of policy, companies might not want traffic whose contents
cannot be inspected to be passing through their firewalls.

Yes there are all in one products, such as the Checkpoint VPN firewall,
which operate in such a manner.

Insidecheckpoint-(VPN/NATtunnel/non-tunnel)-internet-someplace_e
lse

But as a matter of design, NAT not withstanding, it is in my opinion at
least, not a good idea to permit unrestricted VPNs from inside to outside.
If there are extranets to be considered, then one should design a routing
situation in which those who need to connect to particular VPN devices would
be routed to particular pieces of equipment, from which the extranet VPN
would be established.

Inside-firewall---internet
 |-VPN/extranetbusiness_partner

Hey, guys, have I muddied this up enough?  :->

Chuck


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg
Smythe
Sent: Tuesday, May 30, 2000 2:13 PM
To: Ric Messier; [EMAIL PROTECTED]
Subject: Re: VPN through NAT

So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
Thanks for the info!

Greg
- Original Message -
From: "Ric Messier" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:01 PM
Subject: Re: VPN through NAT


VPNs don't typically work through NAT. The reason is that the packet is
altered by the router on the way through the network. As a result, the
signature is altered and the packet is discarded as being corrupt. The
originating IP is used as part of the authentication mechanism for the
packets coming through. It's a security feature.

Ric

- Original Message -
From: "Balharek, Peter" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 4:31 PM
Subject: RE: VPN through NAT


> Try a crazy search on CCO.
>
> Type in "nat vpn".
> Select to search in support.
>
> Ohhh.
>
> Rtfm
>
>
>
> -Original Message-
> From: Greg Smythe [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 12:55 PM
> To: [EMAIL PROTECTED]
> Subject: VPN through NAT
>
> Hello --
>
> Has anyone done this before? I'm trying to get a VPN
> connection to work over
> NAT. I see the translation happening, but my PC gets as far
> as "verifying
> username/pass" and then it errors out saying the server
> didn't respond
> (timeout).
> show ip nat tra:
>
> tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> 1.1.1.1:1723
>
> 3.3.3.3 is the IP of my router's internet interface.
> 102.153.102.251 is my
> inside IP of my pc. 1.1.1.1 is my VPN server on the
> internet.
>
> If I give my PC an internet IP then it works, so it has
> something to do with
> the NAT. No filters are in effect on the interfaces on my
> router.
>
> Thanks!
>
>
> Greg
>
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guideli

RE: value of cisco cert

[Justin Marcus]

i think every exam... thats involved with routers/switches/hardware should
have a lab exam as well as a writen one.

:) 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN through NAT

[Chuck Larrieu]

To bring this back into the realm of education and enlightenment, let's look
at the design issue.

You are going VPN, ie secure tunnel from where to where?

Homeinternet-firewall-inside_network is the "standard"
configuration, with you the user wanting to work from home for some perverse
reason. ;->

But in the case you state, it would appear that you the user are in the
office, and want to VPN to some other place?

Corp_net-internet-some_other_place

Now as a matter of security policy, does corp_net want to allow people on
the inside to connect snug and secure and private to some unknown place on
the outside... say a competitor's network, where you will then transfer
company secrets?

As a matter of policy, companies might not want traffic whose contents
cannot be inspected to be passing through their firewalls.

Yes there are all in one products, such as the Checkpoint VPN firewall,
which operate in such a manner.

Insidecheckpoint-(VPN/NATtunnel/non-tunnel)-internet-someplace_e
lse

But as a matter of design, NAT not withstanding, it is in my opinion at
least, not a good idea to permit unrestricted VPNs from inside to outside.
If there are extranets to be considered, then one should design a routing
situation in which those who need to connect to particular VPN devices would
be routed to particular pieces of equipment, from which the extranet VPN
would be established.

Inside-firewall---internet
 |-VPN/extranetbusiness_partner

Hey, guys, have I muddied this up enough?  :->

Chuck


-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg
Smythe
Sent:   Tuesday, May 30, 2000 2:13 PM
To: Ric Messier; [EMAIL PROTECTED]
Subject:Re: VPN through NAT

So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
Thanks for the info!

Greg
- Original Message -
From: "Ric Messier" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:01 PM
Subject: Re: VPN through NAT


VPNs don't typically work through NAT. The reason is that the packet is
altered by the router on the way through the network. As a result, the
signature is altered and the packet is discarded as being corrupt. The
originating IP is used as part of the authentication mechanism for the
packets coming through. It's a security feature.

Ric

- Original Message -
From: "Balharek, Peter" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 4:31 PM
Subject: RE: VPN through NAT


> Try a crazy search on CCO.
>
> Type in "nat vpn".
> Select to search in support.
>
> Ohhh.
>
> Rtfm
>
>
>
> -Original Message-
> From: Greg Smythe [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 12:55 PM
> To: [EMAIL PROTECTED]
> Subject: VPN through NAT
>
> Hello --
>
> Has anyone done this before? I'm trying to get a VPN
> connection to work over
> NAT. I see the translation happening, but my PC gets as far
> as "verifying
> username/pass" and then it errors out saying the server
> didn't respond
> (timeout).
> show ip nat tra:
>
> tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> 1.1.1.1:1723
>
> 3.3.3.3 is the IP of my router's internet interface.
> 102.153.102.251 is my
> inside IP of my pc. 1.1.1.1 is my VPN server on the
> internet.
>
> If I give my PC an internet IP then it works, so it has
> something to do with
> the NAT. No filters are in effect on the interfaces on my
> router.
>
> Thanks!
>
>
> Greg
>
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Walk-In Router/Switch Labs

[derek lewinson]

Anyone know whether there are any walk-in/remote access network labs in the
UK,
housing Cisco hardware that you can rent to practice on?

If not, would anyone be interested if one was available @ a very reasonable
rate for
Either remote or walk-in access?

All constructive feedback will be considered.

Regards,

Derek

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NTP Timings

[Prather, Aaron]

Title: RE: NTP Timings





try a "show ntp associations detail"


ex.
Switch# show ntp associations detail
160.89.32.2 configured, insane, invalid, stratum 5
ref ID 160.89.32.1, time AFE252C1.6DBDDFF2 (00:12:01.428 PDT Fri Apr 4 1997)
our mode active, peer mode active, our poll intvl 1024, peer poll intvl 64



Aaron


-Original Message-
From: Khalid Ahmed
To: [EMAIL PROTECTED]
Sent: 5/30/00 3:47 PM
Subject: NTP Timings


Hi Folk,


    Would you folks know by any chance what is teh Polling interval for
NTP
peers. We have configured a 7513 as a NTP master and was wondering how
often
does the polling happen by the peer. Is there a way to change the
Polling
interval.
We do not have a NTP Server or third party tools.



Regards.
Khalid Ahmed.
[EMAIL PROTECTED]


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cat5 utp pinouts

[Edward Solomon]

http://www.whcs.com.au/services/network/rj45_connector.htm

--

Edward Solomon
CCNA, CCSI
Senior I/T Specialist
Networking Solutions
IBM Canada Ltd. - Learning Services
Tel.: (905) 316-3241  Fax: (905) 316-3101
E-mail: [EMAIL PROTECTED]
Internet: http://www.can.ibm.com/services/learning/net_internet.html



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN through NAT

[Balharek, Peter]

Try a crazy search on CCO.

Type in "nat vpn".
Select to search in support.

Ohhh.

Rtfm



-Original Message-
From:   Greg Smythe [mailto:[EMAIL PROTECTED]]
Sent:   Tuesday, May 30, 2000 12:55 PM
To: [EMAIL PROTECTED]
Subject:VPN through NAT

Hello --

Has anyone done this before? I'm trying to get a VPN
connection to work over
NAT. I see the translation happening, but my PC gets as far
as "verifying
username/pass" and then it errors out saying the server
didn't respond
(timeout).
show ip nat tra:

tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
1.1.1.1:1723

3.3.3.3 is the IP of my router's internet interface.
102.153.102.251 is my
inside IP of my pc. 1.1.1.1 is my VPN server on the
internet.

If I give my PC an internet IP then it works, so it has
something to do with
the NAT. No filters are in effect on the interfaces on my
router.

Thanks!


Greg

___
UPDATED Posting Guidelines:
http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info:
http://www.groupstudy.com
Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Greg Smythe]

So I can't make a VPN connection to my NT box over NAT.. Well that sucks.
Thanks for the info!

Greg
- Original Message -
From: "Ric Messier" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 2:01 PM
Subject: Re: VPN through NAT


VPNs don't typically work through NAT. The reason is that the packet is
altered by the router on the way through the network. As a result, the
signature is altered and the packet is discarded as being corrupt. The
originating IP is used as part of the authentication mechanism for the
packets coming through. It's a security feature.

Ric

- Original Message -
From: "Balharek, Peter" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 4:31 PM
Subject: RE: VPN through NAT


> Try a crazy search on CCO.
>
> Type in "nat vpn".
> Select to search in support.
>
> Ohhh.
>
> Rtfm
>
>
>
> -Original Message-
> From: Greg Smythe [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 12:55 PM
> To: [EMAIL PROTECTED]
> Subject: VPN through NAT
>
> Hello --
>
> Has anyone done this before? I'm trying to get a VPN
> connection to work over
> NAT. I see the translation happening, but my PC gets as far
> as "verifying
> username/pass" and then it errors out saying the server
> didn't respond
> (timeout).
> show ip nat tra:
>
> tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
> 1.1.1.1:1723
>
> 3.3.3.3 is the IP of my router's internet interface.
> 102.153.102.251 is my
> inside IP of my pc. 1.1.1.1 is my VPN server on the
> internet.
>
> If I give my PC an internet IP then it works, so it has
> something to do with
> the NAT. No filters are in effect on the interfaces on my
> router.
>
> Thanks!
>
>
> Greg
>
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: source quench

[Prather, Aaron]

Title: RE: source quench





Q. When does a Cisco router generate a source quench? 


A. Prior to Cisco IOS (r) version 11.3 and 12.0, a Cisco router generates a source quench only if it does not have the buffer space needed to queue the packet. If the router can't queue the routed packet onto the output interface's queue, it generates a source quench and registers an output drop against the output interface. If the router isn't congested, it won't generate a source quench. 

  
You can look at the show ip traffic command output for source quenches sent. Also look at show interface to see if there are any drops. If there are none, then you shouldn't see any source quench. 

  
IOS versions 11.3 and 12.0 don't include the source quench feature. 



-Original Message-
From: kenny
To: [EMAIL PROTECTED]
Sent: 5/30/00 2:59 PM
Subject: source quench


Hi all , 
Any body can help ?
What does source quench means ? ( reply when ping to destination )


Thanks
ken


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Greg Smythe]

Tried that already. Only info I found on there is configuring a PIX firewall
VPN tunnel. Searching the CCO is a major pain; you get soo many unrelated
hits..


Greg

- Original Message -
From: "Balharek, Peter" <[EMAIL PROTECTED]>
To: "Greg Smythe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 30, 2000 1:31 PM
Subject: RE: VPN through NAT


Try a crazy search on CCO.

Type in "nat vpn".
Select to search in support.

Ohhh.

Rtfm



-Original Message-
From: Greg Smythe [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 30, 2000 12:55 PM
To: [EMAIL PROTECTED]
Subject: VPN through NAT

Hello --

Has anyone done this before? I'm trying to get a VPN
connection to work over
NAT. I see the translation happening, but my PC gets as far
as "verifying
username/pass" and then it errors out saying the server
didn't respond
(timeout).
show ip nat tra:

tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723
1.1.1.1:1723

3.3.3.3 is the IP of my router's internet interface.
102.153.102.251 is my
inside IP of my pc. 1.1.1.1 is my VPN server on the
internet.

If I give my PC an internet IP then it works, so it has
something to do with
the NAT. No filters are in effect on the interfaces on my
router.

Thanks!


Greg

___
UPDATED Posting Guidelines:
http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info:
http://www.groupstudy.com
Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CIT 4.0 help

[Clark, Jason]

Are the Boson tests helpful in preparing for the CIT?  Boson has 3 separate
sets of practice tests for the CIT exam.  Any recommendations on which one
to purchase (1,2, or 3) as I don't want to shell out $90 for all three?


TIA 

Jason

> -Original Message-
> From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 3:27 PM
> To: 'CiscoGroupStudy'
> Subject: Re: CIT 4.0 help
> 
> 
> The course manual and/or the book format, edited by Dan 
> Farkas and Laura
> Chappell, are the best way to study for CIT.
> 
> Nobody will give you a list of questions from the exam, (see 
> other threads
> ;-), but I did make some flash cards to help study for the 
> test. When I
> wrote them, I had not taken the exam but after taking the exam, I have
> concluded that they are very close to the exam. See:
> 
> 
> http://www.priscilla.com/cit/toc.html
> 
> Priscilla
> 
> At 12:57 PM 5/30/2000 -0700, Shumake, Derrick wrote:
> >What is the recommend train material for CIT 4.0? Does 
> anyone have a list of
> >sample question that will be on the test? thanks for your 
> help in advance.
> >
> >N. Derrick Shumake
> >Network Consultant
> >Main:303.488.3405
> >Mobile:  303.906.2900
> >Fax: 303.488.3406
> >
> >NETIGY
> >The World's premier Architect of eBusiness-Ready Networks
> >5445 DTC Parkway, Penthouse Four
> >Englewood, CO  80111
> >http://www.netigy.com
> >
> >
> >
> >___
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to 
> [EMAIL PROTECTED]
> > 
> 
> __
> Priscilla Oppenheimer
> Phone 541-482-5685
> Fax   541-488-1708
> Web   http://www.priscilla.com
> 
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New CCIE

[AWTroxell]

Joe;

Many congrats and great advice!

I am printing your post in large print and keeping it in my prep binder as a 
reminder and an inspiration.

Now go give your family some much-needed attention!

:)

-Austin

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN through NAT

[Greg Smythe]

Hello --

Has anyone done this before? I'm trying to get a VPN connection to work over
NAT. I see the translation happening, but my PC gets as far as "verifying
username/pass" and then it errors out saying the server didn't respond
(timeout).
show ip nat tra:

tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723 1.1.1.1:1723

3.3.3.3 is the IP of my router's internet interface. 102.153.102.251 is my
inside IP of my pc. 1.1.1.1 is my VPN server on the internet.

If I give my PC an internet IP then it works, so it has something to do with
the NAT. No filters are in effect on the interfaces on my router.

Thanks!


Greg

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NTP Timings

[Khalid Ahmed]

Hi Folk,

Would you folks know by any chance what is teh Polling interval for NTP
peers. We have configured a 7513 as a NTP master and was wondering how often
does the polling happen by the peer. Is there a way to change the Polling
interval.
We do not have a NTP Server or third party tools.


Regards.
Khalid Ahmed.
[EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Paper Vs hands on

[AWTroxell]

Dear "Dick":

I thought your posting started off rather well but it rapidly turned 
mean-spirited and was not conducive to an open exchange of ideas and 
encouragement.

For you to say "I get tired of reading about all the elitist who worry about 
the certifications becoming worthless.  That's Cisco's worry.  And if you cry 
about how you worked hard to get your ccxx.  Well so did the guy above."  
belies a lack of understanding and empathy for those of us who've obtained 
other certifications only to see their marketability, and thus our 
*earnability*, seriously impacted.

In 1994, I could make $60,000 a year as a CNE. Wanna guess what that cert 
will earn me now?

"And to all of you who like to flame those who don't agree with you, well 
pretend you can read sign language and imagine the sign I am giving you."

"Dick," I'm not flaming you - I am respectfully disagreeing with you.  I can 
read sign language (after all, I *am* a native Noo Yawkuh), but I prefer to 
communicate in an open, honest, friendly and -are you ready?- professional 
manner.

Let's be the mature, intelligent professionals we claim to be!

-Austin
CCNP, Recovering MCNE. MCSE

PS: Any flames may be directed to me personally.  Let's keep this LIST free 
of acrimony.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CIT 4.0 help

[Priscilla Oppenheimer]

The course manual and/or the book format, edited by Dan Farkas and Laura
Chappell, are the best way to study for CIT.

Nobody will give you a list of questions from the exam, (see other threads
;-), but I did make some flash cards to help study for the test. When I
wrote them, I had not taken the exam but after taking the exam, I have
concluded that they are very close to the exam. See:


http://www.priscilla.com/cit/toc.html

Priscilla

At 12:57 PM 5/30/2000 -0700, Shumake, Derrick wrote:
>What is the recommend train material for CIT 4.0? Does anyone have a list of
>sample question that will be on the test? thanks for your help in advance.
>
>N. Derrick Shumake
>Network Consultant
>Main:  303.488.3405
>Mobile:303.906.2900
>Fax:   303.488.3406
>
>NETIGY
>The World's premier Architect of eBusiness-Ready Networks
>5445 DTC Parkway, Penthouse Four
>Englewood, CO  80111
>http://www.netigy.com
>
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

__
Priscilla Oppenheimer
Phone 541-482-5685
Fax   541-488-1708
Web   http://www.priscilla.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Lab Study Guide and SNA

[Darren Ward]

Hi All,

Does anyone find it strange that this guide has no SNA Labs at all, not
even DLSW+?

Is this a hint or an exclusion?

I realise that Voice was announced while it was going to print but SNA
has been a requirement for a while I thought.

Does anyone have any references to some SNA Practice Labs and Scenarios?

Darren

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

sample config for 3640 remote access server?

[Stull, Cory]

Cisco Guru's

  Does anyone have sample configs for using a Cisco 3640 remote access
server for allowing remote users to dial into it using analog modems?  It
has a PRI using a hunt group...  Authentication done on the router...
Preferrably CHAP...  IP only...Cisco had some samples that I saw on the
cisco.com but not for 3640 with analog dial-in users.


Thanks in advance...


Cory R. Stull
MCSE, Bay Router Specialist, CCNA,CCDA
Communications Concepts Unlimited
262-814-7214


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN through NAT

[Rodgers Moore]

NAT or PAT.  You can't do a VPN tunnel with PAT.

Rodgers Moore, CCDP, CCNP-Security


""Greg Smythe"" <[EMAIL PROTECTED]> wrote in message
000501bfca70$edb82740$020b010a@ei">news:000501bfca70$edb82740$020b010a@ei...
> Hello --
>
> Has anyone done this before? I'm trying to get a VPN connection to work
over
> NAT. I see the translation happening, but my PC gets as far as "verifying
> username/pass" and then it errors out saying the server didn't respond
> (timeout).
> show ip nat tra:
>
> tcp 3.3.3.3:1056  102.153.102.251:1056 1.1.1.1:1723 1.1.1.1:1723
>
> 3.3.3.3 is the IP of my router's internet interface. 102.153.102.251 is my
> inside IP of my pc. 1.1.1.1 is my VPN server on the internet.
>
> If I give my PC an internet IP then it works, so it has something to do
with
> the NAT. No filters are in effect on the interfaces on my router.
>
> Thanks!
>
>
> Greg
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Value of Cisco certifications

[Prather, Aaron]

Title: RE: Value of Cisco certifications





I know this isnt really cost effective, but it would be nice to have a lab for your final test for your CCNP, make it not neary as hard or as expensive as the CCIE lab, but still should test your knowledge of actually configuring devices.  Make it a virtual lab, because there is no way every testing center will be able to house equipment, it can be done if cisco really wants to... I think this would be a good test of actual knowledge and not just memorizing test questions.

Aaron
-Original Message-
From: TyRhon144000
To: [EMAIL PROTECTED]
Sent: 5/30/00 2:47 PM
Subject: Value of Cisco certifications


Is there any way Cisco can make their certifications challenging enough,
that they can give a realistic estimate of a person's skills?
I really don't believe that there is such a thing as
paper-certification,
everyone's certification comes on paper and everyone has to do some
amount
of study to get certified. Yet, as a CCNA myself, I would like for all
of
Cisco certifications to reflect real world knowledge.
I applaud Cisco for making the CCIE as challenging as it is. I am also
happy
that just about every CCIE lives up to the NDA. If only those who have
obtained other certifications from Cisco lives up to the NDA, then maybe
some of their other certifications will not lose credibility.
Is there anything, that we can do to preserve the credibility of Cisco
certifications?
T. Knox



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

snmp message suppression from line vty

[Quadri, Habeeb]

Hi all,

I need to suppress messages going out from line vty virtual terminal to snmp
server. This router is host for x.25 connectvity and translates a x.25
session to a ip session using "translate" command. Each time a session is
started or closed a snmp trap is sent to the snmp server. I don't have any
interfaces to apply "no snmp trap link-status" command as it will work if an
interface exist, for ex. Group-Async as in configuration for AS5200. This is
a line vty configuration issue and i don't see any snmp commands when i go
to config t - line vty XX configuration mode. 

Appreciate any thoughts.

Thanks.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CIT 4.0 help

[Shumake, Derrick]

What is the recommend train material for CIT 4.0? Does anyone have a list of
sample question that will be on the test? thanks for your help in advance.

N. Derrick Shumake
Network Consultant
Main:   303.488.3405
Mobile: 303.906.2900
Fax:303.488.3406

NETIGY
The World's premier Architect of eBusiness-Ready Networks
5445 DTC Parkway, Penthouse Four
Englewood, CO  80111
http://www.netigy.com



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

source quench

[kenny]

Hi all , 
Any body can help ?
What does source quench means ? ( reply when ping to destination )

Thanks
ken

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Value of Cisco certifications

[TyRhon144000]

Is there any way Cisco can make their certifications challenging enough,
that they can give a realistic estimate of a person's skills?
I really don't believe that there is such a thing as paper-certification,
everyone's certification comes on paper and everyone has to do some amount
of study to get certified. Yet, as a CCNA myself, I would like for all of
Cisco certifications to reflect real world knowledge.
I applaud Cisco for making the CCIE as challenging as it is. I am also happy
that just about every CCIE lives up to the NDA. If only those who have
obtained other certifications from Cisco lives up to the NDA, then maybe
some of their other certifications will not lose credibility.
Is there anything, that we can do to preserve the credibility of Cisco
certifications?
T. Knox


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE lab question

[Dale Holmes]

Let's put it this way, the instructions are clear enough that you will know 
what you are expected to do, but vague enough to give you enough rope to 
hang yourself if you are not totally prepared.

Does that help?


>From: "Brad Ellis" <[EMAIL PROTECTED]>
>Reply-To: "Brad Ellis" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: CCIE lab question
>Date: Tue, 30 May 2000 14:00:56 -0400
>
>definitely breaks the NDA!!!
>
>:)
>-Brad
>""Richard Holland"" <[EMAIL PROTECTED]> wrote in message
>00e401bfca60$7039a380$bb01a8c0@RICHARD">news:00e401bfca60$7039a380$bb01a8c0@RICHARD...
>Ladies and Gentleman,
>
>   I don't see this violating the NDA, but if so.. I apologize.
>
>   When you take the lab, do they give you a block of ips for IP, and cable
>ranges for appletalk and let you address the devices the way you and the
>directions dictate?  Is your topology created by you, or do they tell you
>"hook router 1 into router 2 , using both Serial 0 interfaces"?
>
>I'm just trying to find out how you know what topology you're drawing out
>and how much design in the addressing they do for ya.
>
>My thoughts are they give you address space, you address devices based on
>the lab's needs, and they tell you in the directions what cables go where,
>then you can draw the topology out.
>
>Richard Holland
>CCNP,MCSE
>OpenBSD
>
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Firewall show connection counters

[Pete Ruttman (adminpr)]

>Is there any commands to clear the counters on a PIX ?
>I amtrying to reset to 0 the numbers displayed by
>"show connections".
>
>It seems, the only way is a F/W reboot, to clear the
>`show connections` counters in order to monitor max
>number of TCP/IP connection through the PIX 
>
My gut reaction is that isn't possible since the show connections is totaling the 
current xlate connections the PIX is doing.  You can use clear xlate to clear out the 
xlate connections but then of course you are knocking people off so you might as well 
reboot.

pete

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

cisco 2620 (ISL trunking capable)

[Brad Ellis]

hey gang. Im going to list a Cisco 2620 on ebay...but I thought I'd give
this group a crack at it first.  I'd like $2000 for it.  If anyone is
interested, let me know.  This is the router I used to practice ISL trunking
with my Cat5k switch.

ttyl,
Brad Ellis
CCIE#5796


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: New CCIE

[Lugo, Ramon]

Joe, C O N G R A T U L A T I O N S. Thanks for sharing your experience with
us.

Ramon Lugo

-Original Message-
From: Joe Martin [mailto:[EMAIL PROTECTED]]
Sent: Sunday, May 28, 2000 7:58 PM
To: [EMAIL PROTECTED]
Subject: New CCIE


H  e  l  l  o   from Sunny San Jose.

I've just arrived back in my hotel after sucessfully completing the CCIE R/S
lab.

My brain isn't quite functioning correctly yet, but I wanted to pass along a
great deal of thanks to everyone in the group.  I have learned so much from
each of you.  I'll try to continue to lurk and help when I can.

Here's a bit of my story:

I'm 33.  Got my first computer when I was 13.  20 years.  Wow!!!  Fell in
love with programming.  At 17, I got a job teaching college and was building
custom IBM compatibles for a friends business.  I taught continuing
education computer classes.  Did that for three years to help pay for my own
college.  By my third year of college I burned out on programming.  I'd
finally come out of my shell and found that I didn't want to sit in a cube
all day and write code.  I then went to work for a small telcom interconnect
and learned all about PBXs.  Did that for 7 years.  I decided to make the
leap back into "real" computers and data.  I went to work for the phone
company as a field data technician.  Did that for 1 1/2 years and then
became a Sales Engineer.  Been doing that for about 3 years now.  I've got
lots of hands on and plenty of different certifications(Cisco, Bay/Nortel,
Fore/Marconi, etc...).  Last year, I decided to work towards my CCIE.  I
also decided to get all the intermediate certifications along the way.
Starting from last April to November, I did my CCNA, CCDA, CCNP, CCDP.  In
January of this year I did my Voice access specialization.  In February I
passed the CCIE written.  I've been hitting my engineering lab at work ever
since.  I did 4 hours a nite every day of the week and 12 hours each day of
the weekend since then.  Its been 3 1/2 months of hell.  My wife has been
very understanding.

Boy, was that a long rambling paragraph.  Hope my highschool english teacher
isn't reading this!

Thanks again,
Joe Martin
CCIE#5917, and a couple of other things...


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DCN test format question

[Stephen Hoover]

Does the DCN (640-441 for CCDA) test tell you how many answers to give on
the multiple answer questions, or does it simply say "Choose all the apply"?
Or is it a combination of the two?

Thanks!

Stephen
Dallas, Texas


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNA

[Lugo, Ramon]

If you study hard and practice, you can pass the test.

-Original Message-
From: Brett Hairbottle [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 29, 2000 4:35 PM
To: [EMAIL PROTECTED]
Subject: CCNA


Hi All

I am planning on doing my CCNA 2.0. The new exam 640-507 is out. Cisco
recommends that i do the ICND course before i write the exam. If i get the
ICND book from Cisco and study it really hard will i be able to pass the
exam ?

Can anybody give me some suggestions or maybe links where i can find some
free material to study for CCNA 2.0

Thanks

Brett Hairbottle
Computer Systems Engineer
South Africa


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNA 1.0 vs. 2.0

[Awalt, Andrew]

Don't worry about it.  The 2.0 exam was easy I passed it Friday while only
studying for 2 weeks.  There is a lot less subnetting then 1.0 and more lan
technologies (ie. vlan, trunking, etc...). I got a 946.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ted Nugent
Sent: Saturday, May 27, 2000 3:14 PM
To: [EMAIL PROTECTED]
Subject: CCNA 1.0 vs. 2.0


OK...  I've been studying now for almost 4 months.  I just want to make sure
I do really well though and I don't feel like I'm quite ready just yet.  But
my concern is that I've been studying all of the 1.0 material and I've only
got another month left to take it yes?  So my question is this, is the 2.0
exam really THAT much more material?  Is it significantly more
difficult/tricky?  I'm just trying to decide if I should rush in and take
the 1.0 because it's what I know, or whether I should take a couple months
more to learn the added 2.0 material.


Any thoughts?  Thanks all


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: The Failings of IPsec

[Chuck Larrieu]

Thanks, John. Good topic for all of us who need to be aware of these things.

Warning - this sucker comes out to about 300K, and is also a PS ( not PDF )
file, in case you have problems or real slow connections.

Chuck

-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John
Neiberger
Sent:   Tuesday, May 30, 2000 10:31 AM
To: [EMAIL PROTECTED]
Subject:The Failings of IPsec

Here is a VERY interesting article on IPsec and its inherent problems  that
I thought some of you might be interested in.

http://www.counterpane.com/ipsec.html






___
Get 100% FREE Internet Access powered by Excite
Visit http://freelane.excite.com/freeisp

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Recommended schooling?

[Dave Kemper]

I am presently MCSE & CCNA. I am going to aggresively persue CCDA then CCNP.
I am considering Global Knowledges CD based CBT. I am also considering
e-learning versus Class room training.

Can anyone offer there insights or resources where I could get a good
comparism of the different schools and types of training.

Please reply to this news group and to my personal email. I often can't get
to my email several days at a time.

Thank you.

Dave Kemper
[EMAIL PROTECTED]



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP and chances of finding a job

[Billy Monroe]

Great opinion, TyRhon144000. Exactly what I have been doing and I have got
good results...



""TyRhon144000"" <[EMAIL PROTECTED]> wrote in message
000b01bfc7c2$ba30b3c0$a896113f@0016553832">news:000b01bfc7c2$ba30b3c0$a896113f@0016553832...
>
> - Original Message -
> From: "TyRhon144000" <[EMAIL PROTECTED]>
> To: "ken" <[EMAIL PROTECTED]>
> Sent: Thursday, May 25, 2000 5:21 PM
> Subject: Re: CCNP and chances of finding a job
>
>
> > Don't feel bad. You just have to persevere that's all. When you try for
a
> > job, you should list your skills, what you KNOW. When you go for an
> > interview, and if they ask you something that you do not know tell them.
> > Since you do have routers you can get some hands-on, you just have to
> > enhance your skills, and they will get better with time. Look at it this
> > way, when you learn to play an instrument the more you practice the
better
> > you get, and when you practice a lot, like to the point when you get
sick
> of
> > it, you can play it in your sleep.
> > A lot of people feel that people who are certified without experience
are
> > less qualified, but I feel that when you get certified it definitely
> proves
> > that you: (1) Understand the material, and (2)you know how to perform
> > certain configurations. But in the real world, you need to know how and
> when
> > to use different configurations and how to make them work with other
> > technologies.
> > But being certified is definitely a plus. Your only handicap is that,
you
> do
> > not know certain things. For instance, let's say you are working with a
T1
> > line on your serial interface, and it's not up and running, how do you
> > troubleshoot it, in fact what would be the first thing you would do? Now
> to
> > a CCNA (or CCNP, for that matter) with no experience, he would probrably
> be
> > perplexed, but with something like that, the interviewer would figure
that
> > you don't know anything. (Which really is not your problem but his.  :0)
> > To anyone just starting out, I strongly suggest that you get to know
> people
> > who are working in the field, and find out what are the most marketable
> > skills. Even when you are going on the interview, and it seems like it
> isn't
> > going well and you think you might not get the job, ask the interviewer
> for
> > some suggestions. Ask him how he got started, and what would he suggest
> for
> > a newcomer to do.
> > Bottom line is this; the industry is starving. A few places, are smart
and
> > are willing to train, but for the most part, schedules are so tight that
> the
> > companies want you to be able to work on your own from day one. Hence
the
> > paper certification. In a perfect world once you get certified, someone
> > would take you under his wing, and help you enhance your skills; but
this
> is
> > not a perfect world, this is a "DOG EAT DOG" world. Your playing with
the
> > big boy's now.
> > All-in-all you are on the right track, always remember this saying,
> > "Forwards ever, backwards never". No matter what anyone say's, DO NOT GO
> > BACK and start over, (ie. get your A+, or CNA). Just keep moving
forward.
> > I have heard of one "paper CCIE" who is only 23 yrs. old. He had a
friend
> > who had a home lab, he banged away on the equipment, and was able to
make
> > heads and tails of the material, and successfully PASSED the CCIE, and
is
> > currently working. Can you imagine how good he will be in XX amount of
> > years?
> > So stay by the things that you have learned and you will get better, get
> > your CCNP, but don't market yourself as a CCNP, just put CCNA on your
> > resume, and if you get the job THEN say I've got my CCNP. It's always a
> > little better to be over qualified.
> > Hope I have helped
> > Ty
> > - Original Message -
> > From: "ken" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Thursday, May 25, 2000 2:52 PM
> > Subject: Re: CCNP and chances of finding a job
> >
> >
> > > the biggest problem I have, is  finding a job where I can gain
> experience
> > > with cisco routers.  I have had 3 prior jobs dealing with PC's and
> > internet
> > > tech support but it's pretty tough to get my foot in the door with
just
> a
> > > CCNA.  My goal here is to just be able to get a job, and what I'm
> > wondering
> > > is if a CCNP will land me one, because it seems like the ccna wont
> really
> > > help much here.  Not necessarily one that will pay me a good lump but
> one
> > > where I can at least start to get some experience with routers.
> currently
> > I
> > > only have a 2501 here at home that my parents got for me.
> > > - Original Message -
> > > From: "Dollard Morgan" <[EMAIL PROTECTED]>
> > > To: "'K Sacca'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
> > > <[EMAIL PROTECTED]>
> > > Sent: Thursday, May 25, 2000 2:24 AM
> > > Subject: RE: CCNP and chances of finding a job
> > >
> > >
> > > Ken, WOW, congrats for that :) (thats the ken at cisco)
> > >
> > > the other ken, yammy,
> > > im sorry befo

Re: Seven Habits: WAS: New CCIE

[Thomas Lisa]

Chuck,

Your item 4 is especially important.  It is one of the things we emphasize in our
Academies.  Students are taught from the very beginning to record all their lab
experiments in an Engineering Journal.  This ensures that they actually understand
what they have done and documents all the problems/resolutions encountered along
the way.

Tom Lisa, Instructor, CCNA, CCAI
Community College of Southern Nevada
Cisco Regional Networking Academy

Chuck Larrieu wrote:

> I've been tossing this around for a bit now. Even posted a preliminary on
> the cciecert list. I call it The Seven Habits of Highly Successful CCIE's"
>  my apologies to a good writer of a good book )
>
> But from my early days on this list I have been saving the words and wisdom
> of folks who have attained the prize, and have offered their advice. My self
> help guru, after all, maintains that one secret to success is modeling. Find
> someone who has what you want, find out those things that person does
> consistently, do those things yourself, and you can't help but attain the
> same success.
>
> So far, here are things I have gleaned:
>
> 1) Love what you do. Seems silly, but I have noticed that folks whom I
> admire who have attained the prize really love what they do.  So much so
> that they are able to leverage that love into the hours necessary to master
> the material.
> 2) Learn something new every day. One command. One subtlety. One concept.
> 3) Help others.  In teaching another one can find clarity in one's own
> thinking
> 4) Document everything. Practice documentation when you read a lab, when you
> set up a lab, when you try different show and debugs. Document the results.
> Compare those results with what you predicted when you first read the lab
> and drew out your sketches.
>
> There will be more.
>
> But I have to say, recent posts by our newer CCIE's, have only reinforced
> the value and the importance of good study habits, and good work habits. No
> one that I have known who has attained the CCIE did so by accident. Or got
> lucky. All have done so with focus, determination, and a lot of structured
> work.
>
> My congratulations to all who have made it. And all who will  soon.
>
> -Original Message-
> From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg
> Myran
> Sent:   Monday, May 29, 2000 6:40 PM
> To: [EMAIL PROTECTED]
> Subject:Re: New CCIE
>
> This is excellent advice, and virtually identical to the method I found
> successful when I passed last week in Halifax..
>
> It is unfortunate Bruce Caslow is not on this list to see how well his
> methodology is helping people get through the CCIE lab..
>
> Greg Myran
> CCIE# 5906
>
> At 08:00 PM 5/29/2000 , Joe Martin wrote:
> >I have a method that I used for the lab.  Mostly developed by Bruce Caslow
> >and specified in his book.  Here's how I start things out.  This is all
> >generic information that I used for all my prep work.  None of this
> material
> >is specific to the CCIE lab.
> >
> >1-Read the entire lab.  Think of all the issues involved with the protocols
> >and the topology.
> >2-Write down specific info in a list regarding IP addressing and interfaces
> >and summarization.
> >3-Draw a REALLY nice drawing of the network.  Leave plenty of room to write
> >in addressing info.
> >4-Label the drawing with all the interface number.
> >5-Use different colored pencils for different routing and routed protocols
> >6-Fill in all the IPs from the list you created.
> >7-Then fill in the rest of the IPs from the allowed block.
> >8-As you read the exam, look to see if they specify summarizing so that you
> >create an IP scheme that can be summarized.
> >look at each router and write down the type/IOS version/IOS name
> >9-Create a script in notepad with all the common commands that you want on
> >each router and paste this onto each one.  Put the command "hostname " last
> >so you can just type in the name of your router and your finished.
> >10-Next, put the IP addressing on all of the routers.  As you do this do
> >whats necesary to turn up the interfaces.  Frame Relay/mapping, clock
> rates,
> >ISDN/ppp/username/dialer-list.
> >11-After doing this on each router, go thru and ping each interface, local
> >and neighbor.  Make sure they are all reachable.  Doing this now keeps you
> >from wondering if you have a layer 1,2,3 problem and not a routing problem
> >that may show up in the steps to come.  Remember to that many multipoint
> >interface types don't allow you to ping your local interface without some
> >extra programming.  Also remember spoke to spoke reachability in partially
> >meshed NBMA networks.
> >12-After doing this, start the main portion of the lab.
> >13-Try to save access lists to the end.  Remember what access lists will do
> >to your network.  It can block DLSW, or routing protocols or AURP appletalk
> >tunnels, etc...
> >14-Try to get done early enough that you can reload your routers and make
> >sure everythin

RE: design question (long post)

[Albert Ip]

Jeff,

I don't have as much experience as you but would like to give it a try and
bring up a few points.
Pleas see inline.

Albert


***
Here's the scenario I proposed:

We would get an OC-3 pipe from MCI-WorldCom here at our main site, which
would then in turn connect to a Cisco 6000-series switch w/ a router module
in it.  The main OC pipe would then be broken into T1 links and sent out to
each site via MCI's frame cloud.  Each site will have a Cisco 2610 router
that will connect to a lower-end switch, probably a Catalyst 1900, to allow
all users at each site (usually between 30-60 people) to connect to the
internet and be in touch w/ the home office.  I want to set up queuing on
the router to allow video traffic to have the highest priority.  In effect,
I'm setting up the main office as sort of an ISP--this is the way it has to
be, for political and financial reasons.  All the satellite sites must
connect back to us, and then go out to the internet.  All sites run only
TCP/IP.

Now, here are my questions.

1.  From what MCI tells me, OC-x links are ATM.  I want to use frame relay
to connect the remote sites, rather than have the 2610's at each site have
to perform LANE--I don't even know if they do LANE or not.  The 6000-series
switch is a pretty powerful piece of equipment, but am I asking too much of
it to handle all the work here?  I've scoured Cisco's website, and I can't
find out if the 6000 will do LANE either.  How would I go about translating
ATM cells to Frame Relay frames?

>>>I see that Cat6000 has blade for OC-12ATM. You can also use the FlexWAN
module, it allow you to use any of the 7200/7500 WAN port adapters.
http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/6000/prodlit/c6ins_
ds.htm
 You can use the OC3 (PA-POS-OC3MM) and 2-port T-3 (PA-2T3).

2.  What sort of routing protocol should I use?  I was thinking of OSPF,
simply because I don't want to clog up the links w/ routing table
advertisements.  The remote sites won't be talking to each other all that
much--I'm envisioning more of a "hub-and-spoke" kind of arrangement.  Also,
will I need to use BGP at the main site, and make one big AS out of my home
site and all my remote sites?

>>>how about static routing for internal?  If all your site will be
connecting to one location only, there is no need for the other site to know
any route but to main office.  The main office will know all the route
because it has direct connection to all of your offices.  I am not sure
about your connection to the internet, just make it the default gateway.

3.  Where would you put a firewall in this design?

>>>In this design, you will be running the firewall in your Cat6000.  I am
not sure if you can run the Firewall feature pack on the WAN module.
Firewall always goes between your internal and external network.

4.  Is the 6000 switch/router idea the best way to go here, or should I have
a pure router, like a 7000-series?

>>>You are putting a lot of faith into one box.  I am not worry about the
6000 being powerful enough but what happen if that one box fail. By putting
the firewall, router, switching into one box; you are creating weakness into
your network.   All of your locations will have no communication if one
thing break. I think that you have to put some thought into backup.  Can you
imagine having 200+ locations calling you because of no connection to email?
Some idea, use a phone line at each satellite location as backup (low speed
but cheaper than ISDN) Or use xDSL with PPTP/IPsec.  FrameRelay does go
down.  If you are using only the Cat6000 as your main office switch, the
office will come to a complete stop if it go down.

>>>Have fun, this looks very interesting.


OK, that's all.  Thanks for reading this far.  All comments welcome, feel
free to pick this design apart if you wish.  Like I said, I've been doing
this for nearly 2 years, but nothing on this sort of scale, and I'm feeling
a bit overwhelmed, and I really don't want to screw this up, so all
suggestions are welcome.

Thanks in advance,

Jeff DeLoach

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE lab question

[Richard Holland]

Ladies and Gentleman,
 
  I don't see this violating the NDA, but if 
so.. I apologize.
 
  When you take the lab, do they give you a 
block of ips for IP, and cable ranges for appletalk and let you address the 
devices the way you and the directions dictate?  Is your topology created 
by you, or do they tell you "hook router 1 into router 2 , using both Serial 0 
interfaces"?
 
I'm just trying to find out how you know what 
topology you're drawing out and how much design in the addressing they do for 
ya.
 
My thoughts are they give you address space, you 
address devices based on the lab's needs, and they tell you in the directions 
what cables go where, then you can draw the topology out.
 
Richard Holland
CCNP,MCSEOpenBSD

Re: CCIE lab question

[Brad Ellis]

definitely breaks the NDA!!!

:)
-Brad
""Richard Holland"" <[EMAIL PROTECTED]> wrote in message
00e401bfca60$7039a380$bb01a8c0@RICHARD">news:00e401bfca60$7039a380$bb01a8c0@RICHARD...
Ladies and Gentleman,

  I don't see this violating the NDA, but if so.. I apologize.

  When you take the lab, do they give you a block of ips for IP, and cable
ranges for appletalk and let you address the devices the way you and the
directions dictate?  Is your topology created by you, or do they tell you
"hook router 1 into router 2 , using both Serial 0 interfaces"?

I'm just trying to find out how you know what topology you're drawing out
and how much design in the addressing they do for ya.

My thoughts are they give you address space, you address devices based on
the lab's needs, and they tell you in the directions what cables go where,
then you can draw the topology out.

Richard Holland
CCNP,MCSE
OpenBSD



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

The Failings of IPsec

[John Neiberger]

Here is a VERY interesting article on IPsec and its inherent problems  that
I thought some of you might be interested in.

http://www.counterpane.com/ipsec.html






___
Get 100% FREE Internet Access powered by Excite
Visit http://freelane.excite.com/freeisp

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: default gateway during setup on 3548

[Atif Awan]

I think i am not quite clear about what you are trying to ask but if you
want to ask whether configuring a default gateway on the switch will effect
your E0 and E1 networks ... the answer is no .. it will not ..


Regards
Atif

-Original Message-
From: Dave Santeramo <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Tuesday, May 30, 2000 10:15 PM
Subject: default gateway during setup on 3548


>
>
>I have a bit of problem with the default gateway on the 3548. Currently,
>I have a 1605 with 2 class C's assigned.  If I apply a default gateway
>to the switch is this going to create a problem with the other network?
>One network runs to E0 and the other runs to E1.  Can I simply reply
>no to the default gateway without any problems?
>
>
>
>
>
>
>___
>To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax,
>all in one place - sign up today at http://www.zdnetonebox.com
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco and HPOV Ping

[Quadri, Habeeb]

I think HP Openview uses snmp for ping instead of regular ICMP. Use icmp
ping which should also be available on the box. Check access list for snmp
on the routers.

> -Original Message-
> From: John Neiberger [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, May 30, 2000 9:11 AM
> To:   [EMAIL PROTECTED]
> Subject:  Re: Cisco and HPOV Ping
> 
> If you're getting a GPF, I don't see how it could possibly be the fault of
> the router.  That would have to be an application problem.
> 
> IIRC, there is a difference between a standard cisco ping and an HP NNM
> ping.  I think NNM uses alternating ones and zeroes in its standard ping. 
> I'm not really sure, but I remember someone on an OpenView mailing list
> discovering an interesting problem where one type of ping would fail, but
> the other type worked just fine.  This turned out to be a problem with
> their
> T1.
> 
> In your case, I'm officially guessing application problem and you should
> place a call with HP tech support.  You can also check here to see if your
> problem is listed:
> 
> http://ovweb1.external.hp.com/servlet/kpr
> 
> Good luck!
> 
> John Neiberger, CCNA/CCDA 
> 
> >  Hello People
> >  We have a perculiar problem with a ping application on HP Openview to a
> 
> >  ethernet interface on a 7206 router that we use for our backbone.
> Basically 
> >  we can carry out a single ping to the router's Ethernet interface fine,
> also 
> >  ping from DOS ok. However when we attempt to do a continous ping from
> HPOV 
> >  we get an Application Error window with a General protection Fault in
> module 
> >  OVPING.exe at 0001:4578.
> >  
> >  We then set up new clean install of HPOV and a 2503 to replicate the
> fault 
> >  on the bench. We found that once we got past administering more than 13
> 
> >  sub-interfaces on the router the same thing happened again.
> >  3Com say that the problem is likely to be with the router but i'm not 
> >  convinced.
> >  We run 11.2(16).
> >  Any clues or views would be gratrefully accepted.
> >  Many thanks
> >  Paul Doyle
> >  
> >
> 
> >  Get Your Private, Free E-mail from MSN Hotmail at
> http://www.hotmail.com
> >  
> >  ___
> >  UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >  FAQ, list archives, and subscription info: http://www.groupstudy.com
> >  Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> 
> 
> 
> 
> ___
> Get 100% FREE Internet Access powered by Excite
> Visit http://freelane.excite.com/freeisp
> 
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Written

[Ward Spangenberg]

Title: RE: CCIE Written



I hate people that get their panties in a wad 
because they feel they must police NDA violations. These aren't the exact 
questions that you see on the test. Similar but not exact. 
Guess what you can go out and buy books that have similar but not exact 
questions for taking the test. I bet you even used these books to help 
study for your certifications exams. 
 
ward
 

  - Original Message - 
  From: 
  Prather, Aaron 
  To: '[EMAIL PROTECTED]' 
  Sent: Tuesday, May 30, 2000 6:41 AM
  Subject: RE: CCIE Written
  
  I hate people that gripe about the NDA but this, in my 
  opinion, needs some attention.  These are almost exact questions from the 
  test and these questions need not be shown the the public.  Now, all a 
  person has to do to get atleast these questions right is to go look them up, 
  or wait for someone to answer them from this list.  I suggest that you go 
  look them up yourself, you might find the answers to the other 30 questions 
  that you missed in the process of looking these answers up.  Please dont 
  post specific test questions from the CCIE written test.
  Aaron Prather CCNP, CCDP, CCIE 
  written, etc. 
  -Original Message- From: Lee 
  (Citlink) To: 'Cisco Group Study' Sent: 5/30/00 7:04 AM Subject: CCIE 
  Written 
  Help, 
  Just passed last CCNP and took my CCIE Written.  Would 
  you believe I got a 68% and 
  needed a 70% to pass, I was one unhappy camper.  But the reason 
  I am writting this is, 

  1) does any one know if you remove keep alives from a token 
  ring interface (no keepalive) 
  what will happen? 
  2) In a point to multi-point frame relay config if all remote 
  sites can get to the hub site 
  in a hub and spoke scenerio but the remote sites can't get to each other what is the most likely 
  cause. 
  I don't know if I missed these, but I was uncertain if I got 
  them right. 
  Also it is a good idea to know your RIF backwards and 
  forwards. 
  Thanks, Lee 
  ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report 
  misconduct and Nondisclosure violations to [EMAIL PROTECTED] 

Catalyst 5002 Question (10/100, ATM)

[Mark Holloway]

Since the Catalyst 5002 only has 2 slots, one for 
the Supervisor module and another for whatever module you want, I was going to 
use multiple blades and interchange them after using each.  For example, 
let's say I own a WS-X5225R Ethernet 10/100 blade and a WS-X5155 ATM LANE card 
(talking to a 3Com Corebuilder 7000 running LANE).  Well, I can only use 
one at a time, so would it be just as beneficial to spend x number of weeks 
learning 802.1q and ISL, then removing that blade and using the ATM LANE, or 
would it make more sense to use it all on a bigger chasis that can house all the 
blades at one time?  The reason why I ask is that a 5002 chasis w/power 
supply is just $639, a Supervisor one is $789, and this all makes for a cheap 
Cat5k to build on.  Most of the used Cat5k 6 slot chasis' I've seen come 
with a Supervisor one, non-ISL 10/100 blade, and sell for around 
$2800-$3000.  That's too much being that the 10/100 is useless for the CCIE 
lab unless it does ISL and 802.1q. 
 
Regards,
Mark
 

Re: fatkid question

[Kent]

you should be able to verify this from a router with a
couple of ?, right?

--- adrian smith <[EMAIL PROTECTED]> wrote:
> hi.  i was looking over fatkids dlsw 401 lab when i
> noticed that in the R4 
> config, the translational bridging command differs
> from Caslow 626-627.  
> Fatkid shows:
> 
> source-bridge transparent 400 50 4 1
> 
> should this in fact be:
> 
> source-bridge transparent 400 50 1 4
> 
> since bridge 4 is in the ethernet domain.
> 
> any help is appreciated.
>

> Get Your Private, Free E-mail from MSN Hotmail at
> http://www.hotmail.com
> 
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


__
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: design question (long post)

[David C Prall]

> I am not very good at designing but here goes my try ..
>
> 1. Well, OC-x does not necessarily run ATM. There is a technology called
POS
> ( Packet over SONET) and i have heard that MCI will be shifting over to
POS
> soon. And who said oyu would have to run LANE ?
>
> 2. I will go for OSPF too and since it is a hub and spoke topology why
dont
> you look into ODR ( On Demand Routing ). Whats bothering me is that how
will
> you terminate all the WAN connections to a single Cat 6000.
> You do not need your own AS unless you plan to have a redundant ISP
> connection from another carrier. In that case you will need to do some
> extensive BGP policy making. If, however, you have no such plans then a
> static default route will do <-- tell me guys if i am missing something
> here..
>
> 3. the firewall needs to be in between the router that connects to the
> outside world ( the internet ) and your internal network.
>
> 4. Not sure about that to be honest but i dont think a cat 6000 can
> terminate all the T1s u r looking at but if it can then its the best
choice.
>
> Regards
> Atif
>
>

The CAT 6000 should be able to handle this, the Router PAM supports two
PA's. You'll only be using a single PA for the OC-3 interface. ATM to Frame
Relay (FRASI) is handled by the service provider. MCI will supply you with
VPI/VCI numbers that map to DLCI's on the far end. I would definately look
into ODR, with the newer 12.0.5T or higher code. I would have a Cisco
Engineer confirm that it will work with the CAT 6000 series. ODR will supply
a default route to the far end, and add the addresses to the local routing
table. You can take a look at inARP and other things that will allow you to
send out the routers without any configuration required for the far end.
Thus, all configs are done at the central office, making it so that you can
keep a warm spare on standby ready to go anywhere.

David C Prall, CCDP CCNP MCSE MCNE
[EMAIL PROTECTED]
http://dcp.dcptech.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]