date:20001003

Exam Help CCIE

2000-10-03 Thread Pieter Jordaan


I am planning on doing My CCIE soon Can anyone recommend good books for the
CCIE Exam and supply sample questions.

Thanks


Pieter Jordaan
The Internet Solution Hosting

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: urgent PIX help AGAIN

2000-10-03 Thread Jim Bond


Thank you!

One more question: when I configure PIX as DHCP
server, it only allows 10 addresses in the pool. 
Here is what I got:

pixfirewall(config)# dhcpd address
10.1.1.101-10.1.1.150 inside
Number of addresses exceeds limit

Is 10 max?

Thanks in advance.



Jim

--- Todd Plambeck <[EMAIL PROTECTED]> wrote:
> In the new version of PIX software 5.2(1) you can
> nat to an interface.
> Instead of the old command "global (outside) 1
> x.x.x.x"  use the command
> " global (outside) 1 interface ". You can read up on
> this new feature at:
> 
>
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.htm#xtocid752631
> 
> I hope this helps.
> 
> Todd
> CCNP/CCDP
> 
> Jim Bond wrote:
> 
> > Hello,
> >
> > I have only 1 ip address assigned by my ISP, how
> can I
> > use PIX to do NAT? Looks like PIX requires at
> least 2
> > outside ip addresses, one for outside interface,
> one
> > for PAT. Is there a way to use only 1 ip address?
> >
> > Thanks in advance.
> >
> > Jim
> >
> > __
> > Do You Yahoo!?
> > Yahoo! Photos - 35mm Quality Prints, Now Get 15
> Free!
> > http://photos.yahoo.com/
> >
> > **NOTE: New CCNA/CCDA List has been formed. For
> more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> 


__
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

leave

2000-10-03 Thread Yong Sang Hew


Dear Sir,

To leave [EMAIL PROTECTED]

Thanks,
Raymond.


Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EXTENDED ACL for distribute-list

2000-10-03 Thread Driessens.Hans


Hi ClueLess

you want to use a standard access-list instead of an extended if you are
doing it like this. You are filtering on source address instead of
destination address and that is no good. Also, your access-list 10 has no
mask and uses the default. If 10.1.1.0 is the only network allowed use the
mask /24...

interface Loopback0
 ip address 10.1.1.1 255.255.255.0
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
! 
router eigrp 90
 network 10.0.0.0
 network 137.20.0.0
 distribute-list 10 out
 no auto-summary
!
ip classless
!
access-list 10 permit 10.1.1.0 255.255.255.0

Hans 

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Verzonden: zondag 1 oktober 2000 4:34
Aan: [EMAIL PROTECTED]
Onderwerp: EXTENDED ACL for distribute-list


Hi all,

Could someone shed some light on how to use EXTENDED ACL for
distribute-list?

I'm trying to allow only 10.1.1.0/24 route to be distributed by eigrp
90.  Below is config and debug ip eigrp output.  I thought ACL 110 is
a bit "relaxed" but should have allow the 10.1.1.0/24 route to be
distribute out.  But it got DENIED.  ACL 10 worked.

Initially, I had "access-list 110 permit ip 10.1.1.0 0.0.0.0
255.255.255.0 0.0.0.0" which I thought would be the most specific.
But this didn't work also.

I found the URL below from Open Forum:
http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/6352
If anyone have some good link on this topic, please kindly send them
in!

Any comment welcome!
ClueLess.


r7#sh ver
Cisco Internetwork Operating System Software 
IOS (tm) 2500 Software (C2500-DS-L), Version 11.3(11a), RELEASE
SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Mon 20-Sep-99 07:43 by jjgreen
Image text-base: 0x03040474, data-base: 0x1000

Partial config:
!
interface Loopback0
 ip address 10.1.1.1 255.255.255.0
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
! 
router eigrp 90
 network 10.0.0.0
 network 137.20.0.0
 distribute-list 110 out
 no auto-summary
!
ip classless
!
access-list 10 permit 10.1.1.0
access-list 110 permit ip 10.1.1.0 0.0.0.255 any

With distribute-list 110 out:
1d21h: IP-EIGRP: 137.20.50.0/24 - denied by distribute list
1d21h: IP-EIGRP: 10.1.1.0/24 - denied by distribute list
1d21h: IP-EIGRP: 10.1.2.0/24 - denied by distribute list

With distribute-list 10 out:
1d21h: IP-EIGRP: 137.20.50.0/24 - denied by distribute list
1d21h: IP-EIGRP: 10.1.1.0/24 - do advertise out Ethernet0
1d21h: IP-EIGRP: Int 10.1.1.0/24 metric 128256 - 256 128000
1d21h: IP-EIGRP: 10.1.2.0/24 - denied by distribute list

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP problem

2000-10-03 Thread Yee, Jason

How did you manage to solve it?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Raymond Mak
Sent: Tuesday, October 03, 2000 11:50 AM
To: [EMAIL PROTECTED]
Subject: Re: BGP problem

I have solved the problem now.

Regards,
Raymond Mak

Raymond Mak wrote:

> Hi,
>
> I have local and global connection to Internet.
> When I trace from local site to internal network, it passes through
> local connection, and when I trace from global site to internal network,
> it can pass through global connection. But the strange thing is when I
> trace from internal network to local site and global site, it all passes
> through global connection.
> How can I configure to make it works when trace from internal network?
> Are the "distribute-list" and "route-map" configuration (not my config.)
> make it bad? Actually what exactly are they?
>
> Thanks
>
> Regards,
> Raymond
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

EIGRP and Hub and Spoke ?

2000-10-03 Thread Phil Barker


Greetings Groupies,

 I have a question concerning  EIGRP configured in
a Hub and Spoke Topology. I have a number of remote
networks that are not worthy of a backup link. i.e
they won't pay for it and I don't like them anyway.

If this link goes down the hub router which feeds into
the rest of the network will kick DUAL off and put the
network into an active state only to find there is no
alternate route.

Can I stop this action in this instance ?
Can anyone confirm if router odr is on or off track ?

Thanks for any assistance.

Phil.




Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: syslog

2000-10-03 Thread A. Geoffrey Cauchi


Hi

Regarding syslog, the document referenced in this link does work with a Sun
Machine.  Anyone configured it for a Linux PC?

Regards
Geoffrey


- Original Message -
From: "Irwin Lazar" <[EMAIL PROTECTED]>
To: "'Stull, Cory'" <[EMAIL PROTECTED]>; "'c.garofalo'" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Monday, October 02, 2000 4:50 PM
Subject: RE: syslog


> Without more info it's difficult to know what your problem is.  However,
> nine times out of ten, I've seen people forget to create the syslog file
> first on their UNIX workstation.  You need to "touch" the file before the
> router can write to it.
>
> irwin
>
> >
> > Hi people,
> > I would to shape the syslog for the Routers of my
> > Organization on th Sun
> > Workstation. I find an article on CISCO site that describe
> > the configuration
> > for the Workstation and the cisco router, but it don't work properly.
> >
> > http://www.cisco.com/warp/public/66/15.html
> >
> > Can you help me?
> > Thanks
> > Carmelo
> >
> >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Exam Help CCIE

2000-10-03 Thread Phil Barker

www.certificationzone.com
www.groupstudy.com

Regs,

Phil.

--- Pieter Jordaan <[EMAIL PROTECTED]> wrote: > I am
planning on doing My CCIE soon Can anyone
> recommend good books for the
> CCIE Exam and supply sample questions.
> 
> Thanks
> 
> 
> Pieter Jordaan
> The Internet Solution Hosting
> 
> **NOTE: New CCNA/CCDA List has been formed. For more
> information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]

Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BOOKS FOR CCIE WRITTEN

2000-10-03 Thread Phil Barker

Try,
   www.groupstudy.com click on books link.

Read and Weep 

Regs,

Phil.

--- "Steven B. Holmes" <[EMAIL PROTECTED]> wrote: > What
are some good books to prepare for the written
> exam?
> 
> Thanks!
> 
> Steven
> 
> [EMAIL PROTECTED]
> 
> 
> **NOTE: New CCNA/CCDA List has been formed. For more
> information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]

Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP and Hub and Spoke ?

2000-10-03 Thread Ejay Hire


Here's what I've been considering for our network.

Each remote site has a Default route to the hub.
The Hub router has a permaanent static route to the remote site.
The static routes are redistributed.

Eigrp is configured normally at the sites that have multiple paths.

Because they are permanent static routes, If there is a down link, it should 
just dump the packets at the router, and not trigger DUAL.

Anybody see a fault with this?

Background:
HUB area 5 2500/2600 series routers, and a AS5300
Remote sites mostly 2500 or 2600's.

Original Message Follows
From: Phil Barker <[EMAIL PROTECTED]>
Reply-To: Phil Barker <[EMAIL PROTECTED]>
To: cisco GroupStudy <[EMAIL PROTECTED]>
Subject: EIGRP and Hub and Spoke ?
Date: Tue, 3 Oct 2000 10:01:02 +0100 (BST)

Greetings Groupies,

  I have a question concerning  EIGRP configured in
a Hub and Spoke Topology. I have a number of remote
networks that are not worthy of a backup link. i.e
they won't pay for it and I don't like them anyway.

If this link goes down the hub router which feeds into
the rest of the network will kick DUAL off and put the
network into an active state only to find there is no
alternate route.

Can I stop this action in this instance ?
Can anyone confirm if router odr is on or off track ?

Thanks for any assistance.

Phil.




Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

TACACS+ and RADIUS

2000-10-03 Thread Roland Mok


Anyone knows the difference b/w RADIUS and TACACS+?

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VLAN

2000-10-03 Thread FRS


Is it possible to bridge inside a VLAN?


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: syslog

2000-10-03 Thread A. Geoffrey Cauchi


Hi

I managed to solve the problem.  The issue was with the syslog server
itself, it was not accepting remote syslog calls

Thanks anyway

Geoffrey


- Original Message -
From: "A. Geoffrey Cauchi" <[EMAIL PROTECTED]>
To: "Irwin Lazar" <[EMAIL PROTECTED]>; "'Stull, Cory'" <[EMAIL PROTECTED]>;
"'c.garofalo'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, October 03, 2000 12:46 PM
Subject: Re: syslog


> Hi
>
> Regarding syslog, the document referenced in this link does work with a
Sun
> Machine.  Anyone configured it for a Linux PC?
>
> Regards
> Geoffrey
>
>
> - Original Message -
> From: "Irwin Lazar" <[EMAIL PROTECTED]>
> To: "'Stull, Cory'" <[EMAIL PROTECTED]>; "'c.garofalo'"
<[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Monday, October 02, 2000 4:50 PM
> Subject: RE: syslog
>
>
> > Without more info it's difficult to know what your problem is.  However,
> > nine times out of ten, I've seen people forget to create the syslog file
> > first on their UNIX workstation.  You need to "touch" the file before
the
> > router can write to it.
> >
> > irwin
> >
> > >
> > > Hi people,
> > > I would to shape the syslog for the Routers of my
> > > Organization on th Sun
> > > Workstation. I find an article on CISCO site that describe
> > > the configuration
> > > for the Workstation and the cisco router, but it don't work properly.
> > >
> > > http://www.cisco.com/warp/public/66/15.html
> > >
> > > Can you help me?
> > > Thanks
> > > Carmelo
> > >
> > >
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TACACS+ and RADIUS

2000-10-03 Thread FRS


http://www.cisco.com/warp/public/480/10.html

"Roland Mok" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Anyone knows the difference b/w RADIUS and TACACS+?
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Firewall problem

2000-10-03 Thread Rajeev Karamchand


 
 

=
Rajeev Karamchand
MCSE,MCSE+I,MCDBA,CCNA

__
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TACACS+ and RADIUS

2000-10-03 Thread George . Adewale


Tacascs+ and Radius are different Database protocols service  that is used
by router using AAA for the security service 

TACACS+ is an existing protocol developed by Cisco Systems in their Routers.
Cisco presently supports two kind of Authentic Protocols the other one is
RADIUS which is also the industry standard, their are also many other
Authentication Protocol

I think if you want more information go to the Cisco website search for the
comparisons of Tacacs

George Adewale

-Original Message-
From: Roland Mok [mailto:[EMAIL PROTECTED]]
Sent: 03 October 2000 12:19
To: [EMAIL PROTECTED]
Subject: TACACS+ and RADIUS


Anyone knows the difference b/w RADIUS and TACACS+?

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]


DISCLAIMER
This e-mail is intended only for the use of the addressees named above and
may be confidential. If you are not an addressee you must not read it and
must not use any information contained in nor copy it nor inform any person
other than TeleCity Limited or the addressees of its existence or contents.
If you have received this email and are not a named addressee, please delete
it and notify the TeleCity IT department on 0161 226 7643 or by email at
[EMAIL PROTECTED]


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Pix Firewall Problem.

2000-10-03 Thread Rajeev Karamchand


Hi All

I am facing a strange problem. I am losing my
connectivity to the pix firewall from inside. If I
power cycle the pix everything is ok. I would
appreciate help in this regards






=
Rajeev Karamchand
MCSE,MCSE+I,MCDBA,CCNA

__
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Layer 2 switching and Layer 3

2000-10-03 Thread Jared Carter

Actually the idea of "Route Once Switch Many" refers to MultiLayer Switching
(MLS).  Layer 3 switching is really just routing... 

-Original Message-
From: William Wong [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 1:39 AM
To: [EMAIL PROTECTED]
Subject: Re: Layer 2 switching and Layer 3

Hi Russ

Layer 3 switching is actually use the concept of "route once, switch many".

Its mean that the first packet is go through the route processor and the
subsequence packets is "switch" over to the destination port.

Layer 3 routing which is every packets is process by the router.

""Russell Lusignan"" <[EMAIL PROTECTED]> wrote in message
8r88h9$hp8$[EMAIL PROTECTED]">news:8r88h9$hp8$[EMAIL PROTECTED]...
> Layer 2 switching makes intelligent forwarding decisions based on MAC
> addresses. For example, if HostA is on port 1, and HostB is on port 2, and
> HostA sends a packet for HostB, the switch will only pass the traffic
> between those 2 ports (unless it's a broadcast).
>
> Layer 3 switching is basically a Router. It makes intelligent forwarding
> decisions based on the Network address, ie: IP address or IPX address. A
> layer 3 switch is basically a router with a lot of ethernet ports. Those
> ports can be divided up into VLANs and can route without the help of an
> external router or Route Switch Module for the Catalyst swtich.
>
> There is a lot of confusion out there about layer 3 switching, vendors
will
> brag about their product being able to do layer 3 switching etc..
Basically
> all they mean is that their product has routing (intelligent forwarding of
> layer 3 addresses) built into their box, without the use of an external
> router or module!
>
> Hope that helps!
> Russ..
>
> ""kenny"" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi all ,
> > Anyone care to explain the difference between Layer 2 and Layer 3
> switching ?
> >
> > Regards
> > ken
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Napster Question

2000-10-03 Thread Tom Pruneau


How about just permitting established connections. That should do it, only
allowing responses to you requests


At 12:16 AM 10/03/2000 -0400, Dorroh, Hunter wrote:
>Hello everyone,
>
>I searched through the archives and found lots of good information on
>blocking but I did not see anything on the possibility of allowing users to
>connect to Napster and download music but NOT be permitted to upload.  Any
>thoughts on how to allow this to happen via PIX or IOS FW?  I was thinking
>this might limit a company's legal exposure.
>
>Thanks,
>
>Hunter
>
>-Original Message-
>From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]]
>Sent: Friday, September 29, 2000 3:49 PM
>To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED]
>Subject: RE: Napster Question
>
>
>The list went through this several times already.
>
>Blocking ports , , ,  is useless.. since Beta6, Napster has
>been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would
>have to kill all access to http/tcp80.. NOT good.  Blocking the IPs is the
>best and most thorough solution at this time.
>
>Also, besides blocking the access to the main Napster sites will block most
>users, and for those that go around it, there should be a user policy in
>place.  It is not totally your job to govern what the users do and do not
>do.. the users should also be held responsible.  Put a political policy in
>place, and if it is broken by a user by using something such as opennap,
>discipline from management will solve this issue.
>
> Regards,
>  Trevor Corness, CCNA MCSE MCP+I
>  Network Systems Engineer, DataCom
>  BMS Communications Ltd.
>  http://www.bmscom.com
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Hal White
>Sent: Friday, September 29, 2000 11:55 AM
>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
>Subject: RE: Napster Question
>
>
>Blocking these IP addresses will only block users from accessing the main
>napster servers and will not block access to other napster servers, such as,
>opennap, which can be found easily by using the napigator program.  The best
>way to block Napster is to block the ports that the client uses which are
>,,,.  Don't quote me on these ports because I can't find my
>documentation at the moment, but I think they are right.
>
>
>Hal
>
>>From: "Fowler, Joey" <[EMAIL PROTECTED]>
>>Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]>
>>To: [EMAIL PROTECTED]
>>Subject: RE: Napster Question
>>Date: Fri, 29 Sep 2000 13:15:19 -0400
>>
>>If you search the archives it has some info on this, but I just implemented
>>it this morning and it seems to working here. If you are using PIX firewall
>>(or any other) create an access list using the outbound and apply commands
>>to block the following addresses:
>>
>>208.184.216.0 /24
>>208.178.167.0 /24
>>208.178.163.61
>>208.184.175.130
>>208.184.175.131
>>208.184.175.132
>>208.184.175.134
>>208.49.239.242
>>208.49.239.247
>>208.49.239.248
>>
>>People will start wandering by your desk asking if you've ever heard a
>>program called Napster. I personally like to dumb.
>>
>>Joey
>>
>>-Original Message-
>>From: Tom Pruneau [mailto:[EMAIL PROTECTED]]
>>Sent: Friday, September 29, 2000 12:29 PM
>>To: [EMAIL PROTECTED]
>>Subject: Napster Question
>>
>>
>>Greetings Group
>>
>>Does anyone know what ports Napster usies for handshaking?
>>Inbound, outbound port number?
>>What would it take to block Napster?
>>
>>
>>Thanks
>>
>>Tom Pruneau
>>Trainer Network Operations
>>GENUITY
>>3 Van de Graff Drive Burlington Ma. 01803
>>24 Hr. Network Operations Center 800-436-8489
>>If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri
>>
>>---
>>This email is composed of 82% post consumer recycled data bits
>>---
>>
>>"Once in a while you get shown the light
>>in the strangest of places if you look at it right"
>>
>>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>>http://www.groupstudy.com/list/Associates.html
>>_
>>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>>FAQ, list archives, and subscription info: http://www.groupstudy.com
>>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

RE: yet another new CCNP..

2000-10-03 Thread Ole Drews Jensen


Congratulations Cory,

Way to go!

Ole


 Ole Drews Jensen
 Systems Network Manager
 CCNA, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
 http://www.oledrews.com/ccnp

 NEED A JOB ???
 http://www.oledrews.com/job




-Original Message-
From: Stull, Cory [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2000 4:45 PM
To: '[EMAIL PROTECTED]'
Subject: yet another new CCNP..



Passed CIT today for my CCNP..I would like to thank everyone on this
list that contributes helpful info..   and also including Prescilla for her
wonderful flashcards.


The CIT was very poorly written.  The questions were vague and unclear with
more than one correct answer many times...  Had to sift through the garbage
to find the right answer.  I used the McGraw Hill CIT book and I don't
think it covered all of the material very well.

I had more than I expected on Appletalk and the questions were a little more
in depth than I was expecting but I still passed with a 769...  I'll say
again though I think the test was written poorly... and not because I wasn't
prepared.

Thanks again to everyone on the list that contributes.


Now on to CCDP...  Any good book recommendations or tips or study guides
please forward to me...

Thanks





Cory R. Stull
MCSE, Bay Router Specialist, CCNP,CCDA
Communications Concepts Unlimited
262-814-7214


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Juniper

2000-10-03 Thread Chris Gore


I think you are incorrect! MCI WorldCom is scheduled to deploy some of the
edge stuff soon. It is not in the core yet!!

"Brian" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> On Mon, 2 Oct 2000, Leon Bass wrote:
>
> > Like everything else, When it's new everyone wants a piece, can you talk
> > to anyone who has used it for at least 5 years, I doubt it.
> > Whoever is placing the future of their company on this brand new
> > technology better think twice.
>
> FUD.  Many many backbones rely on JuniperMCI Worldcom..Level
> 3...etc.
>
> > If you are smart, you better have an ole reliable Cisco box sitting
> > close by, just in case Juniper comes up with an error, the technical
> > support has not even seen yet, and You wouldn't know that would you, who
> > can you call and compare with, NOBODY.
>
> Umm, just one problem with that.  Cisco does not make products at this
> time that have the packet processing capibility of Juniper.
>
> > New technology is fine and good, but rest assure there will be bugs,
> > don't even fool yourself, because if you do, YOU won't be in this field
> > very long.
> > Just a thought, a technical ONE.
>
> Many of the very people that made Cisco the de-facto standard are the ones
> behind Juniper..some of the top engineers even.
>
> brian
>
>
>
> >
> > MR wrote:
> >
> > > Juniper products are much faster and cute. Look like your company is
> > > in right direction. Note... routing and session concept is going to go
> > > when optical products available. Cisco do not have time to figure out
> > > new technology...know only buying companies and making CCIE's.Martin
> > >
> > >  "Nova Rich" <[EMAIL PROTECTED]> wrote in message
> > >
news:[EMAIL PROTECTED]
> > >  guys,
> > >
> > >  My company wants to buy Juniper routers instead of Cisco.
> > >  Having never worked with Juniper equipment before I don't
> > >  know why it's so good.
> > >
> > >  I'm told that it's faster, cheaper and has a smaller foot
> > >  print? What's a foot print? Is it really better then Cisco?
> > >
> > >  Nova Rich
> > >
> >
>
> ---
> Brian Feeny, CCNP, CCDA   [EMAIL PROTECTED]
> Network Administrator
> ShreveNet Inc. (ASN 11881)
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Exam Cleared

2000-10-03 Thread Vincent


Hi all;

All professional level exams were cleared today.  Now, I am going to
take my last
cisco written exam (CCIE qualification exam), then I will take CCIE Lab
within 1 year.

Special thnaks to Chuck and Robert advice on CID exam.

Any advice are welcome.

Vincent Chong
Network Engineer



**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Napster Question

2000-10-03 Thread Chuck Church


I think the key is to allow outbound packets to the Napster servers and
other PCs on the Internet, but not allowing external PCs to establish a
connection to your users' PCs.  Find out the ports that a PC running Napster
is listening on, and then block those at the FW.  A PIX should do this by
default, unless you specifically added a conduit statement to allow Napster.
The access list on the outside interface of a router with FW FS should not
allow inbound Napster connections.  On the Napster client, you'll need to
pick the 'I'm behind a firewall, and can't do anything about it' (or
something like that) option.  I'm blocking Napster both ways at work, so I
can't test it for you.

HTH
Chuck Church
CCNP, CCDP, MCNE, MCSE
Sr. Network Engineer
Magnacom Technologies
140 N. Rt. 303
Valley Cottage, NY 10989
845-267-4000 x218



>Hello everyone,
>
>I searched through the archives and found lots of good information on
>blocking but I did not see anything on the possibility of allowing users to
>connect to Napster and download music but NOT be permitted to upload.


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Napster Question

2000-10-03 Thread Spolidoro, Guilherme


Hello Hunter,

You'll need a FW that is Content Aware. PIX is fine, but I don't think the
IOS FW feature can do that at this time.

The reason for that (Content Aware) is because you'll need to look into the
packet (i.e. L5-7) in order to see if the user is doing a "get" or "put"
(for FTP/HTTP for example). 

I'm not sure what protocols NAPSTER uses, but from the previous answers,
it's my understanding that it will use http as one of the options. If so,
depending how your rules look today, you'll need a rule to deny http put or
post to the NAPSTER servers (IPs) before the rule that allows http traffic
to the internet in addition to any other protocol that NAPSTER might use.

I never used PIX (my background is Checkpoint FW-1) so I cannot tell you the
syntax, but the logic is the same for every FW. Checkpoint call it Content
Security.

Good luck.
-Original Message-
From: Dorroh, Hunter [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 12:17 AM
To: [EMAIL PROTECTED]
Subject: RE: Napster Question


Hello everyone,

I searched through the archives and found lots of good information on
blocking but I did not see anything on the possibility of allowing users to
connect to Napster and download music but NOT be permitted to upload.  Any
thoughts on how to allow this to happen via PIX or IOS FW?  I was thinking
this might limit a company's legal exposure.

Thanks,

Hunter

-Original Message-
From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 3:49 PM
To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question


The list went through this several times already.

Blocking ports , , ,  is useless.. since Beta6, Napster has
been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would
have to kill all access to http/tcp80.. NOT good.  Blocking the IPs is the
best and most thorough solution at this time.

Also, besides blocking the access to the main Napster sites will block most
users, and for those that go around it, there should be a user policy in
place.  It is not totally your job to govern what the users do and do not
do.. the users should also be held responsible.  Put a political policy in
place, and if it is broken by a user by using something such as opennap,
discipline from management will solve this issue.

 Regards,
  Trevor Corness, CCNA MCSE MCP+I
  Network Systems Engineer, DataCom
  BMS Communications Ltd.
  http://www.bmscom.com

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hal White
Sent: Friday, September 29, 2000 11:55 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question


Blocking these IP addresses will only block users from accessing the main
napster servers and will not block access to other napster servers, such as,
opennap, which can be found easily by using the napigator program.  The best
way to block Napster is to block the ports that the client uses which are
,,,.  Don't quote me on these ports because I can't find my
documentation at the moment, but I think they are right.


Hal

>From: "Fowler, Joey" <[EMAIL PROTECTED]>
>Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: RE: Napster Question
>Date: Fri, 29 Sep 2000 13:15:19 -0400
>
>If you search the archives it has some info on this, but I just implemented
>it this morning and it seems to working here. If you are using PIX firewall
>(or any other) create an access list using the outbound and apply commands
>to block the following addresses:
>
>208.184.216.0 /24
>208.178.167.0 /24
>208.178.163.61
>208.184.175.130
>208.184.175.131
>208.184.175.132
>208.184.175.134
>208.49.239.242
>208.49.239.247
>208.49.239.248
>
>People will start wandering by your desk asking if you've ever heard a
>program called Napster. I personally like to dumb.
>
>Joey
>
>-Original Message-
>From: Tom Pruneau [mailto:[EMAIL PROTECTED]]
>Sent: Friday, September 29, 2000 12:29 PM
>To: [EMAIL PROTECTED]
>Subject: Napster Question
>
>
>Greetings Group
>
>Does anyone know what ports Napster usies for handshaking?
>Inbound, outbound port number?
>What would it take to block Napster?
>
>
>Thanks
>
>Tom Pruneau
>Trainer Network Operations
>GENUITY
>3 Van de Graff Drive Burlington Ma. 01803
>24 Hr. Network Operations Center 800-436-8489
>If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri
>
>---
>This email is composed of 82% post consumer recycled data bits
>---
>
>"Once in a while you get shown the light
>in the strangest of places if you look at it right"
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list ar

routers for sale

2000-10-03 Thread Csweeting


Before I go to e-bay I am selling two 2500 router, eg A 2503 and 2514.  The pkg 
includes both DTE and DCE cables. In addition, I will throw in 2 transceivers.  If 
interested email me back.  It will be on a first come basis

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Can you bridge inside a VLAN?

2000-10-03 Thread FRS





**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLAN

2000-10-03 Thread Spolidoro, Guilherme


If you have a VLAN implemented on a Switched environment, most switches will
bridge (i.e. do L2 switching) by default on the ports that belong to the
same VLAN.

Does it answer?

Good luck.

-Original Message-
From: FRS [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 7:44 AM
To: [EMAIL PROTECTED]
Subject: VLAN


Is it possible to bridge inside a VLAN?


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PREFIX LISTS

2000-10-03 Thread ANIL.YADAV



Hi! everybody,


Could someone tell me which is the earlieast ios release that  supports
prefix lists.


thanks
anil

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Juniper

2000-10-03 Thread Howard C. Berkowitz


>I could not figured out why Juniper does not allow us to get access to the
>documentation of their OS, we can only read the old version, but no way to
>get the documnetation of the new version, do they want to people to learn it
>and use it or what?
>Unless there is some other reasons, this is so stupid.

While I too wish they published the most recent version, let's look 
at their technical support in a broader context.  There are 
differences in the support needs of most enterprises and those of the 
service providers that can justify Junipers, GSRs, etc.

If an organization believes it can take a well-loaded GSR or Juniper 
and turn it over to junior operations people, other than at the 
minimal level of bringing interfaces up and down, said organization's 
management should be escorted off the premises, using deadly force if 
necessary. By forming such beliefs, they have cast themselves in the 
role of business agents for monkeys.

It has long been theorized that if a million monkeys were placed in 
front of typewriters, they would eventually produce Shakespeare's 
work.

This experiment has now been tried.  It is called the Internet, or 
possibly AOL.  Shakespeare remains safe.

In like manner, the sort of organization that needs a GSR, M40/M160, 
etc., will have the opportunity to screw up the Internet as a whole, 
and/or major private networks.  I was part of a team that developed 
certification requirements for a cancelled carrier router project, 
and the minimal skill level to do much realistic work is around CCNP 
plus CCDP.



>While Cisco just started, the internet was just started for commerical use,
>it was that crusial back then so cisco was lucky to be one of the poineers,
>nowdays I do not think many will risk their stability and waste the
>experience of engineers just for a little faster speed, perhaps not little,
>but still I do not think it outweighs the risk. Espcially, Juniper does not
>look like very inerested in technical support, at least to me.
>
>Thanks
>
>Jack

Cisco certainly has market share.  In some areas, its success 
potentially is its undoing.  A number of the lead high-end router 
designers have left Cisco, the people that established the 
technology.  They have left for assorted reasons, such as the obvious 
cashing in of stock options, but in some cases frustration.  The 
frustration is not knowing whether or not your work will ever be 
productized, or if your effort will be supplanted by a new 
acquisition.

Another success-related issue for Cisco is the baggage of old code. 
"IOS," which really is multiple sets of software, has grown heavy 
with features that may not have anything to do with service provider 
requirements.  But taking out, say, the Apple and Token Ring support, 
may not be transparent. There's a reliability issue whenever software 
grows in complexity.

JunOS is based on BSD UNIX, with kernel and other extensions 
specifically for the large-scale routing problem.  It doesn't have 
enterprise support and it's unlikely it ever will.

In the real world, the customers for Juniper, GSR, etc., deal with 
quite senior vendor engineers, both in systems engineering and 
directly in development. Traditional manuals, courses, etc., may not 
be the most appropriate method of knowledge transfer.

-- 
"What Problem are you trying to solve?"
***send Cisco questions to the list, so all can benefit -- not 
directly to me***

Howard C. Berkowitz  [EMAIL PROTECTED]
Technical Director, CertificationZone.com
Senior Product Manager, Carrier Packet Solutions, NortelNetworks (for ID only)
   but Cisco stockholder!
"retired" Certified Cisco Systems Instructor (CID) #93005

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EXTENDED ACL for distribute-list

2000-10-03 Thread Brian



access-lists use wildcard masks not netmasks

On Tue, 3 Oct 2000, Driessens.Hans wrote:

> Hi ClueLess
> 
> you want to use a standard access-list instead of an extended if you are
> doing it like this. You are filtering on source address instead of
> destination address and that is no good. Also, your access-list 10 has no
> mask and uses the default. If 10.1.1.0 is the only network allowed use the
> mask /24...
> 
> interface Loopback0
>  ip address 10.1.1.1 255.255.255.0
> !
> interface Loopback1
>  ip address 10.1.2.1 255.255.255.0
> ! 
> router eigrp 90
>  network 10.0.0.0
>  network 137.20.0.0
>  distribute-list 10 out
>  no auto-summary
> !
> ip classless
> !
> access-list 10 permit 10.1.1.0 255.255.255.0
> 
> Hans 
> 
> -Oorspronkelijk bericht-
> Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Verzonden: zondag 1 oktober 2000 4:34
> Aan: [EMAIL PROTECTED]
> Onderwerp: EXTENDED ACL for distribute-list
> 
> 
> Hi all,
> 
> Could someone shed some light on how to use EXTENDED ACL for
> distribute-list?
> 
> I'm trying to allow only 10.1.1.0/24 route to be distributed by eigrp
> 90.  Below is config and debug ip eigrp output.  I thought ACL 110 is
> a bit "relaxed" but should have allow the 10.1.1.0/24 route to be
> distribute out.  But it got DENIED.  ACL 10 worked.
> 
> Initially, I had "access-list 110 permit ip 10.1.1.0 0.0.0.0
> 255.255.255.0 0.0.0.0" which I thought would be the most specific.
> But this didn't work also.
> 
> I found the URL below from Open Forum:
> http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/6352
> If anyone have some good link on this topic, please kindly send them
> in!
> 
> Any comment welcome!
> ClueLess.
> 
> 
> r7#sh ver
> Cisco Internetwork Operating System Software 
> IOS (tm) 2500 Software (C2500-DS-L), Version 11.3(11a), RELEASE
> SOFTWARE (fc1)
> Copyright (c) 1986-1999 by cisco Systems, Inc.
> Compiled Mon 20-Sep-99 07:43 by jjgreen
> Image text-base: 0x03040474, data-base: 0x1000
> 
> Partial config:
> !
> interface Loopback0
>  ip address 10.1.1.1 255.255.255.0
> !
> interface Loopback1
>  ip address 10.1.2.1 255.255.255.0
> ! 
> router eigrp 90
>  network 10.0.0.0
>  network 137.20.0.0
>  distribute-list 110 out
>  no auto-summary
> !
> ip classless
> !
> access-list 10 permit 10.1.1.0
> access-list 110 permit ip 10.1.1.0 0.0.0.255 any
> 
> With distribute-list 110 out:
> 1d21h: IP-EIGRP: 137.20.50.0/24 - denied by distribute list
> 1d21h: IP-EIGRP: 10.1.1.0/24 - denied by distribute list
> 1d21h: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
> 
> With distribute-list 10 out:
> 1d21h: IP-EIGRP: 137.20.50.0/24 - denied by distribute list
> 1d21h: IP-EIGRP: 10.1.1.0/24 - do advertise out Ethernet0
> 1d21h: IP-EIGRP: Int 10.1.1.0/24 metric 128256 - 256 128000
> 1d21h: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

---
Brian Feeny, CCNP, CCDA   [EMAIL PROTECTED]   
Network Administrator 
ShreveNet Inc. (ASN 11881)

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VLAN

2000-10-03 Thread FRS


So you can BRIDGE inside a VLAN and ROUTE between VLANS?
Do you have any examples of bridging inside a VLAN?

""Spolidoro, Guilherme"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you have a VLAN implemented on a Switched environment, most switches
will
> bridge (i.e. do L2 switching) by default on the ports that belong to the
> same VLAN.
>
> Does it answer?
>
> Good luck.
>
> -Original Message-
> From: FRS [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 7:44 AM
> To: [EMAIL PROTECTED]
> Subject: VLAN
>
>
> Is it possible to bridge inside a VLAN?
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Ether Channel is it an issue???

2000-10-03 Thread Lifelong Learner


I thought the three R's were reboot, reinstall, replace:)  I have run into 
problems with an NT domain where a workstation can not find the domain 
controller after a move, even though it can see the network (through 
netrwork neighborhood, ping's, etc).  The quickest solution I have found is 
to have the workstation leave the domain and join a workgroup, reboot, then 
have the workstation re-join the domain (and reboot again).

-Tim Harkin

Original Message Follows
From: "Scott M. Trieste" <[EMAIL PROTECTED]>
Reply-To: "Scott M. Trieste" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Ether Channel is it an issue???
Date: Mon, 2 Oct 2000 13:56:17 -0400

Sandeep,

set spanning-tree portfast on all interfaces that your DC's are connected
to.  Also make sure that your servers and corresponding interfaces are all
set to 100mbs Full Duplex.  I have seen this problem a million times.

Another NT Domain issue that I've seen, in this case is not correlated to
your Cisco gear.  If you can ping your DC's there is obviously Layer 3
connectivity. In this case we need Layer 5/7 connectivity. Remember
Micro$oft'$ triple R.  Restart, Reboot, Reload.  I would try powering down
all your member servers and clients.  Then power up your PDC & BDC's, and
rejoin your domain.  After doing this "clear arp" and "ip route *" on your
6509's.  Using server manager make sure that all your clients/member
servers/dc's are in this new domain.

Power the bad boys up and you should have connectivity.

By the way-- If this is a production network, I wouldn't recommend this
during business hours.

Good Luck,

Scott M. Trieste
CCNP,CCDP, MCSE,RHCE, Bay Router Specialist

"Sandeep Kulkarni" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 > Hi All,
 > Slightly off topic, But i just want to share someone's
 > view on this one.
 > We are in the process of migrating our infrastructure
 > to the Cisco switches. We have a pure NT netowrk with
 > Once PDC & One BDC. I mooved all the users to the new
 > switch with no issues at all. Then started mooving all
 > the NT member Servers, This also went very smmothly.
 > However when i mooved my BDC i am having a nightmare,
 > I am getting all kind's of authentication problem like
 > login script hangs, Or people not able to see the
 > domain controller (Tcpip connectivity is fine) This
 > has started happening only after we mooved the BDC to
 > the new switch. I have Ether Channel on the Servers
 > with the Intel cards. Tcpip connectivity looks fine.
 > This started happening only after i mooved the DC to
 > the new Cisco 6509 switch. I don't know weather it's a
 > coincidence or a problem. Also i have checked the
 > Domain controllers for their sync. issues there are
 > none.
 > I was just wondering if anyone has land up in the same
 > mess as i am & have any resolution to this one. Any
 > help is greatly appriciated
 >
 > thank you in advance
 >
 > Sandeep
 >
 > __
 > Do You Yahoo!?
 > Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
 > http://photos.yahoo.com/
 >
 > **NOTE: New CCNA/CCDA List has been formed. For more information go to
 > http://www.groupstudy.com/list/Associates.html
 > _
 > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
 > FAQ, list archives, and subscription info: http://www.groupstudy.com
 > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
 >


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Juniper

2000-10-03 Thread Patrick A. Morin


I don't think anybody is spitting on Cisco, we're just saying that
for very high speed backbones (i.e. > OC48) Juniper boxes are the best
for that specific job.

Patrick

[Charset iso-8859-1 unsupported, filtering to ASCII...]
> ?
> 
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Shahid Muhammad Shafi
> > Sent: Monday, October 02, 2000 5:28 PM
> > To: Jean Stockton
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: Juniper
> >
> >
> > to me its same like microsoft to Linux. When microsoft
> > NT was leading everybody was following it MCSE stuff
> > etc but always they used to say its Crap now u say
> > cisco is crap and juniper is cool. kindly ack Cisco
> > for becoz ur in Internetworking field. It motivated u
> > to learn. And now juniper is having a free ride on
> > Cisco developerd Engineers
> > I have this
> > --- Jean Stockton <[EMAIL PROTECTED]> wrote:
> > > juniper stock are out performing cisco at this time
> > > - sure cisco does a lot
> > > of acquisitions.206 pr sh  vs   55.5 pr sh is a
> > > significant difference.
> > > my good guess is that there will be enough out there
> > > for all.  as someone
> > > said, be prepared to work with all.
> > >
> > >
> > > m
> > >   .
> > >
> > >
> > >
> > > Original Message-
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of Leon
> > > Bass
> > > Sent: Monday, October 02, 2000 4:27 PM
> > > To: MR
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: Juniper
> > >
> > >
> > >   Like everything else, When it's new everyone wants
> > > a piece, can you talk
> > > to anyone who has used it for at least 5 years, I
> > > doubt it.
> > >   Whoever is placing the future of their company on
> > > this brand new
> > > technology better think twice.
> > >   If you are smart, you better have an ole reliable
> > > Cisco box sitting close
> > > by, just in case Juniper comes up with an error, the
> > > technical support has
> > > not even seen yet, and You wouldn't know that would
> > > you, who can you call
> > > and compare with, NOBODY.
> > >   New technology is fine and good, but rest assure
> > > there will be bugs, don't
> > > even fool yourself, because if you do, YOU won't be
> > > in this field very long.
> > >   Just a thought, a technical ONE.
> > >   MR wrote:
> > >
> > > Juniper products are much faster and cute. Look
> > > like your company is in
> > > right direction. Note... routing and session concept
> > > is going to go when
> > > optical products available. Cisco do not have time
> > > to figure out new
> > > technology...know only buying companies and making
> > > CCIE_s.Martin
> > >   "Nova Rich" <[EMAIL PROTECTED]> wrote in
> > > message
> > >
> > news:[EMAIL PROTECTED]
> om...Help
> > guys,
> >   My company wants to buy Juniper routers
> > instead of Cisco. Having never
> > worked with Juniper equipment before I don't know
> > why it's so good.
> >
> >   I'm told that it's faster, cheaper and has a
> > smaller foot print?
> > What's a foot print? Is it really better then Cisco?
> >
> >   Nova Rich
> >
> >
> >
> 
> 
> =
> Shahid Muhammad Shafi
> BSEE(GIKI),MCSE+I,CNA,CCNA,CCNP,NNCAS
> 
> Please help feed hungry people worldwide http://www.hungersite.com/
> A small thing each of us can do to help others less fortunate than ourselves
> 
> __
> Do You Yahoo!?
> Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
> http://photos.yahoo.com/
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP and Hub and Spoke ?

2000-10-03 Thread Phil Barker


I'm considering the following :-

 Hub Router
configure eigrp as normal
add "router odr"
add "redistribute odr" to eigrp

 Spoke Router :
no ip routing protocol
"ip route 0.0.0.0 0.0.0.0"
"ip classless"

Any comments, issues ???

http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/np1_c/1codr.htm

link : 
--- Ejay Hire <[EMAIL PROTECTED]> wrote: > Here's
what I've been considering for our network.
> 
> Each remote site has a Default route to the hub.
> The Hub router has a permaanent static route to the
> remote site.
> The static routes are redistributed.
> 
> Eigrp is configured normally at the sites that have
> multiple paths.
> 
> Because they are permanent static routes, If there
> is a down link, it should 
> just dump the packets at the router, and not trigger
> DUAL.
> 
> Anybody see a fault with this?
> 
> Background:
> HUB area 5 2500/2600 series routers, and a AS5300
> Remote sites mostly 2500 or 2600's.
> 
> Original Message Follows
> From: Phil Barker <[EMAIL PROTECTED]>
> Reply-To: Phil Barker <[EMAIL PROTECTED]>
> To: cisco GroupStudy <[EMAIL PROTECTED]>
> Subject: EIGRP and Hub and Spoke ?
> Date: Tue, 3 Oct 2000 10:01:02 +0100 (BST)
> 
> Greetings Groupies,
> 
>   I have a question concerning  EIGRP configured
> in
> a Hub and Spoke Topology. I have a number of remote
> networks that are not worthy of a backup link. i.e
> they won't pay for it and I don't like them anyway.
> 
> If this link goes down the hub router which feeds
> into
> the rest of the network will kick DUAL off and put
> the
> network into an active state only to find there is
> no
> alternate route.
> 
> Can I stop this action in this instance ?
> Can anyone confirm if router odr is on or off track
> ?
> 
> Thanks for any assistance.
> 
> Phil.
> 
> 
> 
>

> Do You Yahoo!?
> Get your free @yahoo.co.uk address at
> http://mail.yahoo.co.uk
> or your free @yahoo.ie address at
> http://mail.yahoo.ie
> 
> **NOTE: New CCNA/CCDA List has been formed. For more
> information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> 
>
_
> Get Your Private, Free E-mail from MSN Hotmail at
> http://www.hotmail.com.
> 
> Share information about yourself, create your own
> public profile at 
> http://profiles.msn.com.
> 



Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: urgent PIX help AGAIN

2000-10-03 Thread Greg Reaume


I just installed a PIX-506 and 10 was the max.  I believe, though am not
certain, this is the case accross all hardware platforms running 5.2
software.

HTH

Greg


"Jim Bond" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thank you!
>
> One more question: when I configure PIX as DHCP
> server, it only allows 10 addresses in the pool.
> Here is what I got:
>
> pixfirewall(config)# dhcpd address
> 10.1.1.101-10.1.1.150 inside
> Number of addresses exceeds limit
>
> Is 10 max?
>
> Thanks in advance.
>
>
>
> Jim
>
> --- Todd Plambeck <[EMAIL PROTECTED]> wrote:
> > In the new version of PIX software 5.2(1) you can
> > nat to an interface.
> > Instead of the old command "global (outside) 1
> > x.x.x.x"  use the command
> > " global (outside) 1 interface ". You can read up on
> > this new feature at:
> >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.h
tm#xtocid752631
> >
> > I hope this helps.
> >
> > Todd
> > CCNP/CCDP
> >
> > Jim Bond wrote:
> >
> > > Hello,
> > >
> > > I have only 1 ip address assigned by my ISP, how
> > can I
> > > use PIX to do NAT? Looks like PIX requires at
> > least 2
> > > outside ip addresses, one for outside interface,
> > one
> > > for PAT. Is there a way to use only 1 ip address?
> > >
> > > Thanks in advance.
> > >
> > > Jim
> > >
> > > __
> > > Do You Yahoo!?
> > > Yahoo! Photos - 35mm Quality Prints, Now Get 15
> > Free!
> > > http://photos.yahoo.com/
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For
> > more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines:
> > http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> >
>
>
> __
> Do You Yahoo!?
> Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
> http://photos.yahoo.com/
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco links

2000-10-03 Thread Deloso, Elmer G (WPNSTA Yorktown)

Title: Cisco links





Group,
I hope these links provide answers to questions still banging on many heads
like mine when reviewing for these exams. From Vo-IP to SRB, etc.


Elmer
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/np1_c/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np2_r/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np3_c/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios11/cbook/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/ibm_c/bcprt1/bctb.htm
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2509/acsvrug/techovr.htm
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/ibm_c/bcovervw.htm
http://www.cisco.com/warp/public/473/winnt_dg.htm
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/1750/voipqsg/voipqsg.htm

7206vxr From ATM to Frame????

2000-10-03 Thread Bob Watson


Our company Is currently ordering a ds3 ATM pipe for our Home Office
Backbone to connect several of our  Frame Relay Sites though it.  Does
anyone have experiance configuring the ATM interface to map Frame relay
endpoints?
If so sample configs would be helpfull.
or cisco links I have not found reference configs on the web site to
date.

Bob Watson
CCNA

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix Firewall Problem.

2000-10-03 Thread Russell Lusignan


Hmm..  what versin of the IOS are you running?

Try upgrading your PIX to 5.2x and see if that helps.  If not post your
config for the list to look at..

Russ..


"Rajeev Karamchand" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All
>
> I am facing a strange problem. I am losing my
> connectivity to the pix firewall from inside. If I
> power cycle the pix everything is ok. I would
> appreciate help in this regards
>
>
>
>
>
>
> =
> Rajeev Karamchand
> MCSE,MCSE+I,MCDBA,CCNA
>
> __
> Do You Yahoo!?
> Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
> http://photos.yahoo.com/
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Layer 3 (2948G-L3) switching question

2000-10-03 Thread Jeff Walzer


I have 4 remote offices that have the 2620 router installed but need the
capability to use and route between VLANs. Being that the lowest router
required to route between VLANs is the 3600 series (please correct me if I
am wrong) I was considering buying the 2948G-L3 for these sites. Would this
be a good solution? These remote offices will have various projects going on
using people from other companies and I want to keep their traffic separate
from our internal network traffic.

Thanks,
Jeff



**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix Firewall Problem.

2000-10-03 Thread FRS


You might want to sanitize your config before posting ... but I'm sure you
knew that :)
"Rajeev Karamchand" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All
>
> I am facing a strange problem. I am losing my
> connectivity to the pix firewall from inside. If I
> power cycle the pix everything is ok. I would
> appreciate help in this regards
>
>
>
>
>
>
> =
> Rajeev Karamchand
> MCSE,MCSE+I,MCDBA,CCNA
>
> __
> Do You Yahoo!?
> Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
> http://photos.yahoo.com/
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Layer 3 (2948G-L3) switching question

2000-10-03 Thread Scott M. Trieste


What kind of link will be connecting you?  If your remote office projects
are being done at remote locations, there probably wouldn't be a reason to
create VLANS.

I could use a little more information on this subject.

Thanks.

-Scott

""Jeff Walzer"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have 4 remote offices that have the 2620 router installed but need the
> capability to use and route between VLANs. Being that the lowest router
> required to route between VLANs is the 3600 series (please correct me if I
> am wrong) I was considering buying the 2948G-L3 for these sites. Would
this
> be a good solution? These remote offices will have various projects going
on
> using people from other companies and I want to keep their traffic
separate
> from our internal network traffic.
>
> Thanks,
> Jeff
>
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BOOKS FOR CCIE WRITTEN

2000-10-03 Thread Russell Lusignan


Use all the fore mentioned books, but this one is a must for your written
prep:

Cisco CCIE All-In-One Study Guide
0071356762

Russ..

""Steven B. Holmes"" <[EMAIL PROTECTED]> wrote in message
8rb3ks$n6e$[EMAIL PROTECTED]">news:8rb3ks$n6e$[EMAIL PROTECTED]...
> What are some good books to prepare for the written exam?
>
> Thanks!
>
> Steven
>
> [EMAIL PROTECTED]
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Juniper

2000-10-03 Thread Nova Rich




Yeah, 
Extreme there is another company. These switches are expensive. We got some of 
these and they have a little problem. A bug that Summit never figured out, where 
all the ports on the left hand side will just shut by itself for no reason. We 
don't even use them now. It's like losing 25% of all your 
ports.
 
Nova 
Rich

  -Original Message-From: hal9001 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, October 02, 2000 6:20 
  PMTo: Leon Bass; MRCc: 
  [EMAIL PROTECTED]Subject: Re: Juniper
  The people I work with rave about Extreme anyone 
  got good opinions about this.  Layer 2/3 switching and Wire Speed seem to 
  be the buzz words.  Anyone seen or have opinions on straightforward 
  reliability, build quality and basic failures like PSU's etc shout 
  out!
   
  Karl
  
- Original Message - 
From: 
Leon Bass 

To: MR 

Cc: [EMAIL PROTECTED] 
Sent: Monday, October 02, 2000 9:26 
PM
Subject: Re: Juniper
Like everything else, When it's new everyone wants a piece, 
can you talk to anyone who has used it for at least 5 years, I doubt it. 
Whoever is placing the future of their company on this brand new 
technology better think twice. If you are smart, you better have an ole 
reliable Cisco box sitting close by, just in case Juniper comes up with an 
error, the technical support has not even seen yet, and You wouldn't know 
that would you, who can you call and compare with, NOBODY. New 
technology is fine and good, but rest assure there will be bugs, don't even 
fool yourself, because if you do, YOU won't be in this field very long. 
Just a thought, a technical ONE. 
MR wrote: 

  
  Juniper products are much faster and cute. Look 
  like your company is in right direction. Note... routing and session 
  concept is going to go when optical products available. Cisco do not have 
  time to figure out new technology...know only buying companies and making 
  CCIE’s.Martin 

  "Nova 
Rich" <[EMAIL PROTECTED]> wrote in 
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...Help guys, 
My company wants to buy Juniper routers instead of 
Cisco. Having never worked with Juniper equipment before I don't know 
why it's so good. 
I'm told that it's faster, cheaper and has a smaller 
foot print? What's a foot print? Is it really better then Cisco? 
Nova 
Rich

policy routing

2000-10-03 Thread Gabriel . Neagoe



Hello,

if you configure policy routing to route certain packets through interface
S0
is there a way to automatically redirect packets through interface S1 if S0
is down ?

thanks,
---
Gabriel Neagoe, GN379-RIPE
Networking solutions consultant
Cisco Certified Network Professional
Cisco Certified Design Associate
S&T Romania
tel: +401 20 40 300
fax: +401 20 40 310
---

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TACACS+ and RADIUS

2000-10-03 Thread whatshakin


Along with what this member said, the TACACS+ philosophy is 'security at any
cost'.  RADIUS is more along the lines of 'good security but good
useability' too.   You will find TACACS+ has a more granular approach
overall and a significant enhancement to Cisco products in general.
Conversely, RADIUS will be generally easier to etc.


- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, October 03, 2000 4:51 AM
Subject: RE: TACACS+ and RADIUS


> Tacascs+ and Radius are different Database protocols service  that is used
> by router using AAA for the security service
>
> TACACS+ is an existing protocol developed by Cisco Systems in their
Routers.
> Cisco presently supports two kind of Authentic Protocols the other one is
> RADIUS which is also the industry standard, their are also many other
> Authentication Protocol
>
> I think if you want more information go to the Cisco website search for
the
> comparisons of Tacacs
>
> George Adewale
>
> -Original Message-
> From: Roland Mok [mailto:[EMAIL PROTECTED]]
> Sent: 03 October 2000 12:19
> To: [EMAIL PROTECTED]
> Subject: TACACS+ and RADIUS
>
>
> Anyone knows the difference b/w RADIUS and TACACS+?
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
> DISCLAIMER
> This e-mail is intended only for the use of the addressees named above and
> may be confidential. If you are not an addressee you must not read it and
> must not use any information contained in nor copy it nor inform any
person
> other than TeleCity Limited or the addressees of its existence or
contents.
> If you have received this email and are not a named addressee, please
delete
> it and notify the TeleCity IT department on 0161 226 7643 or by email at
> [EMAIL PROTECTED]
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ospf bandwidth question

2000-10-03 Thread Mike Parkhurst


CRC errors are a layer one issue, so I would work on them first.  Since they
are layer one, you need to check physical things like cabling and DSUs.  A
call to your frame provider (Bellwhatever, MCI, BTI, etc) might help since
they can do a lot of testing remotely.

Good luck,
Mike

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, October 02, 2000 11:57 PM
To: [EMAIL PROTECTED]
Subject: RE: ospf bandwidth question




"Whenever you have BECNS or FECNS it could be that a powerful link is
sending
data down a not so powerful link , e.g. a T1 link sending data down a 56 K
link and when packets reaches the 56 K side the link may not be able to take
it and hence the BECNS bit is set"

Hmm... not so sure about that.  I'm told by an unreliable source (my telco
:-)
that if you're sending from a large access speed to a smaller access speed,
traffic exceeding the CIR + EIR (i.e traffic that won't 'fit' once it gets
to
the smaller end) will be dropped as soon as it enters the telco network.  It
isn't transmitted across the telco cloud at all, and thus doesn't produce
F/BECNs (or congestion).
This may be telco-dependant behaviour, I guess.

JMcL
-- Forwarded by Jenny Mcleod/NSO/CSDA on 03/10/2000
02:33 pm
---


"Yee, Jason" <[EMAIL PROTECTED]> on 29/09/2000 06:05:13 pm

Please respond to "Yee, Jason" <[EMAIL PROTECTED]>


To:   "'Stull, Cory'" <[EMAIL PROTECTED]>
  "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
cc:(bcc: JENNY MCLEOD/NSO/CSDA)
Subject:  RE: ospf bandwidth question



CRC errors could be due to modem clocking rate not configured properly etc.

FECNs are generated when data is sent out a congested interface; they
indicate to a DTE that congestion was encountered. Traffic is marked with
BECN if the queue for the opposite direction is deep enough to trigger FECNs
at the current time.


BECNs notify the sender to decrease the transmission rate. If the traffic is
one-way only (such as multicast traffic), there is no reverse traffic with
BECNs to notify the sender to slow down. Thus, when a DTE receives an FECN,
it first determines if it is sending any data in return. If it is sending
return data, this data will get marked with a BECN on its way to the other
DTE. However, if the DTE is not sending any data, the DTE can send a Q.922
TEST RESPONSE message with the BECN bit set.



Whenever you have BECNS or FECNS it could be that a powerful link is sending
data down a not so powerful link , e.g. a T1 link sending data down a 56 K
link and when packets reaches the 56 K side the link may not be able to take
it and hence the BECNS bit is set


You may want to implement adaptive traffic-shaping based on BECNS


Jason

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Stull, Cory
Sent: Thursday, September 28, 2000 11:24 PM
To: '[EMAIL PROTECTED]'
Subject: ospf bandwidth question


If I am getting many CRC errors and FECNs and BECNs on the frame-relay
network what would be a cause of that?  Could it be that I didn't have the
bandwidth statement set to the CIR of the PVC???

Thanks

Cory R. Stull
MCSE, Bay Router Specialist, CCNA,CCDA
Communications Concepts Unlimited
262-814-7214




**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLAN

2000-10-03 Thread Spolidoro, Guilherme

FRS, as I mentioned before, bridge (L2 switching) will happend automatically
in most switches. In order to communicate betweeen VLANs you need to route.

Sorry, no config files...

-Original Message-
From: FRS [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 9:44 AM
To: [EMAIL PROTECTED]
Subject: Re: VLAN

So you can BRIDGE inside a VLAN and ROUTE between VLANS?
Do you have any examples of bridging inside a VLAN?

""Spolidoro, Guilherme"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you have a VLAN implemented on a Switched environment, most switches
will
> bridge (i.e. do L2 switching) by default on the ports that belong to the
> same VLAN.
>
> Does it answer?
>
> Good luck.
>
> -Original Message-
> From: FRS [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 7:44 AM
> To: [EMAIL PROTECTED]
> Subject: VLAN
>
>
> Is it possible to bridge inside a VLAN?
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: A golden apple: Frame Relay

2000-10-03 Thread Howard C. Berkowitz


>Here is a better one:
>
>Is Inverse Arp Layer2 or Layer3 and why?


Again, you are getting into areas the original OSI reference model, 
as taught by Cisco, simply does not cover.  More recent OSI documents 
(e.g., Internal Organization of the Network Layer) split the network 
layer into three sublayers, the bottom overlapping many descriptions 
of data link:

 Subnetwork Independent (subnetwork here means type of transmission system)
 Subnetwork Dependent Convergence
 Subnetwork Dependent Access

IP, IPX, etc., are at the subnetwork independent layer.  Frame relay 
(with protocol identification), AAL, LLC, etc., are at the subnetwork 
dependent level.  Subnetwork Dependent Convergence maps from 
independent to dependent, such as ARP.

Therefore, Inverse ARP and regular ARP are layer 3 protocols. I'd 
also argue they are edge signaling (i.e., control) protocols rather 
than end-to-end protocols.

RARP and DHCP, however, are layer 3 management protocols.
>?
>
>
>"JCoyne" <[EMAIL PROTECTED]> wrote 
>in message 
><8r5g57$m0u$[EMAIL PROTECTED]">news:8r5g57$m0u$[EMAIL PROTECTED]>8r5g57$m0u$[EMAIL PROTECTED]">news:8r5g57$m0u$[EMAIL PROTECTED]...
>Correct me if I am wrong...It's a layer 2 protocol. It takes the place of say
>Ethernet (another layer 2 protocol) It supports layer 3 protocols such as
>IP and IPX and is supported by layer 1 protocols such as B8ZS or AMI
>
>
>"Bradley J. Wilson" 
><[EMAIL PROTECTED]> 
>wrote in message 
><002301c02b07$8e0dac00$0200a8c0@bwilson">news:002301c02b07$8e0dac00$0200a8c0@bwilson>002301c02b07$8e0dac00$0200a8c0@bwilson">news:002301c02b07$8e0dac00$0200a8c0@bwilson...
>Here's a question for y'all: Is Frame Relay a Layer 1 or Layer 2 
>protocol, and why? ;-)
>
>
>   

-- 
"What Problem are you trying to solve?"
***send Cisco questions to the list, so all can benefit -- not 
directly to me***

Howard C. Berkowitz  [EMAIL PROTECTED]
Technical Director, CertificationZone.com
Senior Product Manager, Carrier Packet Solutions, NortelNetworks (for ID only)
   but Cisco stockholder!
"retired" Certified Cisco Systems Instructor (CID) #93005

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Layer 2 switching and Layer 3

2000-10-03 Thread Russell Lusignan


Makes sense..  thanks for the tip!

""William Wong"" <[EMAIL PROTECTED]> wrote in message
8rbrjs$8iv$[EMAIL PROTECTED]">news:8rbrjs$8iv$[EMAIL PROTECTED]...
> Hi Russ
>
> Layer 3 switching is actually use the concept of "route once, switch
many".
>
> Its mean that the first packet is go through the route processor and the
> subsequence packets is "switch" over to the destination port.
>
> Layer 3 routing which is every packets is process by the router.
>
>
> ""Russell Lusignan"" <[EMAIL PROTECTED]> wrote in message
> 8r88h9$hp8$[EMAIL PROTECTED]">news:8r88h9$hp8$[EMAIL PROTECTED]...
> > Layer 2 switching makes intelligent forwarding decisions based on MAC
> > addresses. For example, if HostA is on port 1, and HostB is on port 2,
and
> > HostA sends a packet for HostB, the switch will only pass the traffic
> > between those 2 ports (unless it's a broadcast).
> >
> > Layer 3 switching is basically a Router. It makes intelligent forwarding
> > decisions based on the Network address, ie: IP address or IPX address. A
> > layer 3 switch is basically a router with a lot of ethernet ports. Those
> > ports can be divided up into VLANs and can route without the help of an
> > external router or Route Switch Module for the Catalyst swtich.
> >
> > There is a lot of confusion out there about layer 3 switching, vendors
> will
> > brag about their product being able to do layer 3 switching etc..
> Basically
> > all they mean is that their product has routing (intelligent forwarding
of
> > layer 3 addresses) built into their box, without the use of an external
> > router or module!
> >
> > Hope that helps!
> > Russ..
> >
> > ""kenny"" <[EMAIL PROTECTED]> wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Hi all ,
> > > Anyone care to explain the difference between Layer 2 and Layer 3
> > switching ?
> > >
> > > Regards
> > > ken
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PREFIX LISTS

2000-10-03 Thread Andrew Larkins

as far as I know it is ver 12.0

-Original Message-
From: ANIL.YADAV [mailto:[EMAIL PROTECTED]]
Sent: 03 October 2000 15:36
To: [EMAIL PROTECTED]
Subject: PREFIX LISTS

Hi! everybody,

Could someone tell me which is the earlieast ios release that  supports
prefix lists.

thanks
anil

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: urgent PIX help AGAIN

2000-10-03 Thread Sam Munzani


YES. PIX506 is made for small office with less than 10 computers. If you
have more, keep DHCP services on your NT or Novell server.

Sam
> Thank you!
>
> One more question: when I configure PIX as DHCP
> server, it only allows 10 addresses in the pool.
> Here is what I got:
>
> pixfirewall(config)# dhcpd address
> 10.1.1.101-10.1.1.150 inside
> Number of addresses exceeds limit
>
> Is 10 max?
>
> Thanks in advance.
>
>
>
> Jim
>
> --- Todd Plambeck <[EMAIL PROTECTED]> wrote:
> > In the new version of PIX software 5.2(1) you can
> > nat to an interface.
> > Instead of the old command "global (outside) 1
> > x.x.x.x"  use the command
> > " global (outside) 1 interface ". You can read up on
> > this new feature at:
> >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn522.h
tm#xtocid752631
> >
> > I hope this helps.
> >
> > Todd
> > CCNP/CCDP
> >
> > Jim Bond wrote:
> >
> > > Hello,
> > >
> > > I have only 1 ip address assigned by my ISP, how
> > can I
> > > use PIX to do NAT? Looks like PIX requires at
> > least 2
> > > outside ip addresses, one for outside interface,
> > one
> > > for PAT. Is there a way to use only 1 ip address?
> > >
> > > Thanks in advance.
> > >
> > > Jim
> > >
> > > __
> > > Do You Yahoo!?
> > > Yahoo! Photos - 35mm Quality Prints, Now Get 15
> > Free!
> > > http://photos.yahoo.com/
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For
> > more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines:
> > http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to
> > [EMAIL PROTECTED]
> >
>
>
> __
> Do You Yahoo!?
> Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
> http://photos.yahoo.com/
>
> ___
> To unsubscribe from the CCIELAB list, send a message to
> [EMAIL PROTECTED] with the body containing:
> unsubscribe ccielab
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Layer 2 switching and Layer 3

2000-10-03 Thread Russell Lusignan


Ahh yes. now the confusion starts on layer 3 switching.. :)

"Jared Carter" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Actually the idea of "Route Once Switch Many" refers to MultiLayer
Switching
> (MLS).  Layer 3 switching is really just routing...
>
> -Original Message-
> From: William Wong [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 1:39 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Layer 2 switching and Layer 3
>
>
> Hi Russ
>
> Layer 3 switching is actually use the concept of "route once, switch
many".
>
> Its mean that the first packet is go through the route processor and the
> subsequence packets is "switch" over to the destination port.
>
> Layer 3 routing which is every packets is process by the router.
>
>
> ""Russell Lusignan"" <[EMAIL PROTECTED]> wrote in message
> 8r88h9$hp8$[EMAIL PROTECTED]">news:8r88h9$hp8$[EMAIL PROTECTED]...
> > Layer 2 switching makes intelligent forwarding decisions based on MAC
> > addresses. For example, if HostA is on port 1, and HostB is on port 2,
and
> > HostA sends a packet for HostB, the switch will only pass the traffic
> > between those 2 ports (unless it's a broadcast).
> >
> > Layer 3 switching is basically a Router. It makes intelligent forwarding
> > decisions based on the Network address, ie: IP address or IPX address. A
> > layer 3 switch is basically a router with a lot of ethernet ports. Those
> > ports can be divided up into VLANs and can route without the help of an
> > external router or Route Switch Module for the Catalyst swtich.
> >
> > There is a lot of confusion out there about layer 3 switching, vendors
> will
> > brag about their product being able to do layer 3 switching etc..
> Basically
> > all they mean is that their product has routing (intelligent forwarding
of
> > layer 3 addresses) built into their box, without the use of an external
> > router or module!
> >
> > Hope that helps!
> > Russ..
> >
> > ""kenny"" <[EMAIL PROTECTED]> wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Hi all ,
> > > Anyone care to explain the difference between Layer 2 and Layer 3
> > switching ?
> > >
> > > Regards
> > > ken
> > >
> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > > http://www.groupstudy.com/list/Associates.html
> > > _
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Just PAssed BCMSN, Preparing for BSCN

2000-10-03 Thread Anthony Awatefe




I've just passed the BCMSN exam I score 814... the 
main areas that came up,VLAN, VTP, MLS, Multicasting.I used the 
ciscopress BCMSN book and also Boson test question (which wereprobably 
harder then the actual exam)...   Now to complete the 
restI've got the ACRC Exam certification guide from Cisco press, 
what else do Ineed to studying for BSCN, or should I wait for the new BSCN 
book from CiscoPressAny 
Ideas??Anthony

RE: Napster Question

2000-10-03 Thread Lowell Sharrah


I just want to configure my client to connect to the napster server.   

>>> "Spolidoro, Guilherme" <[EMAIL PROTECTED]> 10/03/00 09:20AM >>>
Hello Hunter,

You'll need a FW that is Content Aware. PIX is fine, but I don't think the
IOS FW feature can do that at this time.

The reason for that (Content Aware) is because you'll need to look into the
packet (i.e. L5-7) in order to see if the user is doing a "get" or "put"
(for FTP/HTTP for example). 

I'm not sure what protocols NAPSTER uses, but from the previous answers,
it's my understanding that it will use http as one of the options. If so,
depending how your rules look today, you'll need a rule to deny http put or
post to the NAPSTER servers (IPs) before the rule that allows http traffic
to the internet in addition to any other protocol that NAPSTER might use.

I never used PIX (my background is Checkpoint FW-1) so I cannot tell you the
syntax, but the logic is the same for every FW. Checkpoint call it Content
Security.

Good luck.
-Original Message-
From: Dorroh, Hunter [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, October 03, 2000 12:17 AM
To: [EMAIL PROTECTED] 
Subject: RE: Napster Question


Hello everyone,

I searched through the archives and found lots of good information on
blocking but I did not see anything on the possibility of allowing users to
connect to Napster and download music but NOT be permitted to upload.  Any
thoughts on how to allow this to happen via PIX or IOS FW?  I was thinking
this might limit a company's legal exposure.

Thanks,

Hunter

-Original Message-
From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 29, 2000 3:49 PM
To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] 
Subject: RE: Napster Question


The list went through this several times already.

Blocking ports , , ,  is useless.. since Beta6, Napster has
been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would
have to kill all access to http/tcp80.. NOT good.  Blocking the IPs is the
best and most thorough solution at this time.

Also, besides blocking the access to the main Napster sites will block most
users, and for those that go around it, there should be a user policy in
place.  It is not totally your job to govern what the users do and do not
do.. the users should also be held responsible.  Put a political policy in
place, and if it is broken by a user by using something such as opennap,
discipline from management will solve this issue.

 Regards,
  Trevor Corness, CCNA MCSE MCP+I
  Network Systems Engineer, DataCom
  BMS Communications Ltd.
  http://www.bmscom.com 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hal White
Sent: Friday, September 29, 2000 11:55 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED] 
Subject: RE: Napster Question


Blocking these IP addresses will only block users from accessing the main
napster servers and will not block access to other napster servers, such as,
opennap, which can be found easily by using the napigator program.  The best
way to block Napster is to block the ports that the client uses which are
,,,.  Don't quote me on these ports because I can't find my
documentation at the moment, but I think they are right.


Hal

>From: "Fowler, Joey" <[EMAIL PROTECTED]>
>Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED] 
>Subject: RE: Napster Question
>Date: Fri, 29 Sep 2000 13:15:19 -0400
>
>If you search the archives it has some info on this, but I just implemented
>it this morning and it seems to working here. If you are using PIX firewall
>(or any other) create an access list using the outbound and apply commands
>to block the following addresses:
>
>208.184.216.0 /24
>208.178.167.0 /24
>208.178.163.61
>208.184.175.130
>208.184.175.131
>208.184.175.132
>208.184.175.134
>208.49.239.242
>208.49.239.247
>208.49.239.248
>
>People will start wandering by your desk asking if you've ever heard a
>program called Napster. I personally like to dumb.
>
>Joey
>
>-Original Message-
>From: Tom Pruneau [mailto:[EMAIL PROTECTED]] 
>Sent: Friday, September 29, 2000 12:29 PM
>To: [EMAIL PROTECTED] 
>Subject: Napster Question
>
>
>Greetings Group
>
>Does anyone know what ports Napster usies for handshaking?
>Inbound, outbound port number?
>What would it take to block Napster?
>
>
>Thanks
>
>Tom Pruneau
>Trainer Network Operations
>GENUITY
>3 Van de Graff Drive Burlington Ma. 01803
>24 Hr. Network Operations Center 800-436-8489
>If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri
>
>---
>This email is composed of 82% post consumer recycled data bits
>---
>
>"Once in a while you get shown the light
>in the strangest of places if you look at it right"
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.group

Voice/BRi

2000-10-03 Thread Olden Pieterse


Hi there gang 
Does anyone have sample configs for Voice/Bri ?
Our config can get the pabx up on the one side (A) initiates the call and
sends it over the WAN to B.
When it gets to the other side B)  it registers, but doesn't pick up .
By the way we are working with 26xx & 36XX .
Voice(A)--WAN--(B)(Voice)

Any help would be greatly appreciated !!
Thanks in advance .

Cheers

Olden Pieterse
Pre-Sales Consultant
Westcon
Tel:   +27 21 415 7211
Fax:  +27 21 419 7537
Mobile:  +27 82 564 0709
Email:  [EMAIL PROTECTED]
Web:http://www.westcon.co.za  

Remember, our product range includes:
3Com, Addtron, APC, IMC, Cisco, Extreme, Lucent, Motorola, Nortel-Networks
and Ramp.

E-mail Disclaimer: 

Any email message from a WESTCON employee, and all attached thereto ("the
message") may contain confidential information, and is intended for a
specific addressee and purpose.  If you are not the addressee

*   you may not use, disclose, copy, distribute, retransmit, review,
disseminate or take any action based on the contents thereof;
*   kindly inform the sender immediately and destroy all copies thereof.

Any copying, publication, dissemination, retransmission or
disclosure of this message, or part thereof, in any form whatsoever, without
the sender's expressed written consent, is prohibited.  No opinion expressed
or implied by the sender necessarily constitutes the opinion of WESTCON.
This message does not constitute a guarantee or proof of the facts mentioned
therein.  WESTCON accepts no responsibility or liability in respect of:-

*   any opinion or guarantee of fact, whether expressed or implied; or
any action or failure to act as a result of any information contained in
this message, unless such information or opinion has been confirmed in
writing by an authorised WESTCON director.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX firewall resources....

2000-10-03 Thread Derrenbacker, L. Jonathan


Hi,

Someone posted info about a cdrom from cisco about learning the PIX
firewall.
I can't seem to find it.
Does anyone know what the exact name of it is?
Also what are some other good resources to learn PIX.

Thanks,
Jon

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EXTENDED ACL for distribute-list

2000-10-03 Thread Driessens.Hans


hi brian

oops, you're right about the mask. Did you try the normal acl?? I got it
working with the extended acl

try this:

interface Loopback0
 ip address 10.1.1.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 150.55.241.199 255.255.255.0
 no ip directed-broadcast
!
interface Serial0
 ip address 2.1.1.1 255.255.255.252
 no ip directed-broadcast
 no ip mroute-cache
 no fair-queue
 clockrate 64000
!
router eigrp 90
 network 2.0.0.0
 network 10.0.0.0
 network 137.20.0.0
 network 150.55.0.0
 distribute-list 110 out
 no auto-summary
!
!
access-list 110 permit ip any 10.1.1.0 0.0.0.255


debug says:
00:10:09: IP-EIGRP: 10.1.1.0/24 - do advertise out Serial0
00:10:09: IP-EIGRP: Int 10.1.1.0/24 metric 128256 - 256 128000
00:10:09: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:10:09: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:10:09: IP-EIGRP: 2.1.1.0/30 - denied by distribute list

so that's working fine, the same as with a normal acl



if the config was something like
interface Loopback0
 ip address 10.1.1.1 255.255.255.128
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback3
 ip address 10.1.1.129 255.255.255.128
 no ip directed-broadcast

with the extended acl, both routes are advertised (so not as discribed in
the open forum doc)
see debug output

with extended acl:
00:21:17: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:21:17: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:21:17: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:21:17: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
<
00:21:17: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:21:17: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
<


with normal acl:
00:24:54: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:24:54: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:24:54: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:24:54: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
<
00:24:54: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:24:54: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
00:24:54: IP-EIGRP: Int 10.1.1.128/25 metric 128256 - 256 128000
<

Same output with both acl's
with another acl
access-list 115 permit ip 255.255.0.0 0.0.0.0 10.1.1.0 0.0.0.255

gives the right output
00:37:11: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:37:11: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:37:11: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:37:11: IP-EIGRP: 10.1.1.0/25 - denied by distribute list
<--- only /24 allowed
00:37:11: IP-EIGRP: 10.1.1.128/25 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:37:13: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:37:13: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.1.0/25 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.1.128/25 - denied by distribute list

access-list 115 permit ip 255.255.128.0 0.0.0.0 10.1.1.0 0.0.0.255
 gives the same result

as well as
access-list 116 permit ip 255.255.255.128 0.0.0.127 10.1.1.0 0.0.0.255

so it seems that it just does not work with an extended acl to check the
mask


Hans 


-Oorspronkelijk bericht-
Van: Brian [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 3 oktober 2000 15:33
Aan: Driessens.Hans
CC: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Onderwerp: RE: EXTENDED ACL for distribute-list



access-lists use wildcard masks not netmasks

On Tue, 3 Oct 2000, Driessens.Hans wrote:

> Hi ClueLess
> 
> you want to use a standard access-list instead of an extended if you are
> doing it like this. You are filtering on source address instead of
> destination address and that is no good. Also, your access-list 10 has no
> mask and uses the default. If 10.1.1.0 is the only network allowed use the
> mask /24...
> 
> interface Loopback0
>  ip address 10.1.1.1 255.255.255.0
> !
> interface Loopback1
>  ip address 10.1.2.1 255.255.255.0
> ! 
> router eigrp 90
>  network 10.0.0.0
>  network 137.20.0.0
>  distribute-list 10 out
>  no auto-summary
> !
> ip classless
> !
> access-list 10 permit 10.1.1.0 255.255.255.0
> 
> Hans 
> 
> -Oorspronkelijk bericht-
> Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Verzonden: zondag 1 oktober 2000 4:34
> Aan: [EMAIL PROTECTED]
> Onderwerp: EXTENDED ACL for distribute-list
> 
> 
> Hi all,
> 
> Could someone shed some light on how to use EXTENDED ACL for
> distribute-list?
> 
> I'm trying to allow only 10.1.1.0/24 route to be distributed by eigrp
> 90.  Below is config and debug ip eigrp output.  I thought ACL 110 is
> a bit "relaxed" but should have allow the 10.1.1.0/24 route to be
> distribute out.  But it got DENIED.  ACL 10 worked.
> 
> Initially, I had "access-list 110 permit ip 10.1.1.0 0.0.0.0
> 25

RE: VLAN

2000-10-03 Thread Ole Drews Jensen


I think FRS's question is if you can do with VLAN as with LAN, where you can
put a branch office on the same LAN as the campus by setting up the routers
to act like bridges.

I do not know, but if the routers are VLAN capable or if you're using MLS's
it should be possible, however I am not sure enough on that to make a firm
statement.

Maybe someone can comment on this.

Thanks,

Ole


 Ole Drews Jensen
 Systems Network Manager
 CCNA, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
 http://www.oledrews.com/ccnp

 NEED A JOB ???
 http://www.oledrews.com/job




-Original Message-
From: Spolidoro, Guilherme [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 9:32 AM
To: 'FRS'; [EMAIL PROTECTED]
Subject: RE: VLAN


FRS, as I mentioned before, bridge (L2 switching) will happend automatically
in most switches. In order to communicate betweeen VLANs you need to route.

Sorry, no config files...

-Original Message-
From: FRS [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 9:44 AM
To: [EMAIL PROTECTED]
Subject: Re: VLAN


So you can BRIDGE inside a VLAN and ROUTE between VLANS?
Do you have any examples of bridging inside a VLAN?

""Spolidoro, Guilherme"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you have a VLAN implemented on a Switched environment, most switches
will
> bridge (i.e. do L2 switching) by default on the ports that belong to the
> same VLAN.
>
> Does it answer?
>
> Good luck.
>
> -Original Message-
> From: FRS [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 7:44 AM
> To: [EMAIL PROTECTED]
> Subject: VLAN
>
>
> Is it possible to bridge inside a VLAN?
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Traffic shapping,

2000-10-03 Thread Michael Dungl


Dear Group,

i've got the following problem.or question
May your experience helps.

We have running  an new INTRNET server wich is also used by or Internationl
users worldwide. I dont want that the use more than 10 to 20% of the max
line speed (512kb)to
the WAN Provider for downloading HTTP, FTP  from the INTRANET Server into
the WAN.



INTRANET SERVER --Ethernet---Router 3620 -512kb LL co-located Router
3620 --FRAME RELAY 128kb LL- Router 3620---USERS


I am sure that there is a possibility to keep this traffic low. But i dont
no how to configure that on the cisco router. As i rember
is should work with custom queuing for instance. May somebody can help with
same config examples.


many many thank in advance

regards
Michael
from Austria






**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: policy routing

2000-10-03 Thread Ejay Hire


Not using policy routing, it's actually much simpler than that.

...
ip classless
ip subnet-zero

int serial 0
ip addr 10.0.0.1 255.255.255.0
backup-interface serial 1
!
int serial 1
ip addr 10.0.1.1 255.255.255.0
...

Alternately, you can have a route with a higher administrative distance than 
the normal route for Destination XXX, and if the connection to destination 
XXX evaporates, then the new route will enter the routing table.  This is 
popular when migrating routing protocols.



Original Message Follows
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: policy routing
Date: Tue, 3 Oct 2000 17:16:38 +0200


Hello,

if you configure policy routing to route certain packets through interface
S0
is there a way to automatically redirect packets through interface S1 if S0
is down ?

thanks,
---
Gabriel Neagoe, GN379-RIPE
Networking solutions consultant
Cisco Certified Network Professional
Cisco Certified Design Associate
S&T Romania
tel: +401 20 40 300
fax: +401 20 40 310
---

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: policy routing

2000-10-03 Thread Gabriel . Neagoe


this is basic setup :-)
i'm thinking on something more complicated so i want to keep policy routing
:-)

---
Gabriel Neagoe, GN379-RIPE
Networking solutions consultant
Cisco Certified Network Professional
Cisco Certified Design Associate
S&T Romania
tel: +401 20 40 300
fax: +401 20 40 310
---

> -Original Message-
> From: Ejay Hire [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 5:11 PM
> To:   [EMAIL PROTECTED]
> Cc:   [EMAIL PROTECTED]
> Subject:  Re: policy routing
> 
> Not using policy routing, it's actually much simpler than that.
> 
> ...
> ip classless
> ip subnet-zero
> 
> int serial 0
> ip addr 10.0.0.1 255.255.255.0
> backup-interface serial 1
> !
> int serial 1
> ip addr 10.0.1.1 255.255.255.0
> ...
> 
> Alternately, you can have a route with a higher administrative distance
> than 
> the normal route for Destination XXX, and if the connection to destination
> 
> XXX evaporates, then the new route will enter the routing table.  This is 
> popular when migrating routing protocols.
> 
> 
> 
> Original Message Follows
> From: [EMAIL PROTECTED]
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: policy routing
> Date: Tue, 3 Oct 2000 17:16:38 +0200
> 
> 
> Hello,
> 
> if you configure policy routing to route certain packets through interface
> S0
> is there a way to automatically redirect packets through interface S1 if
> S0
> is down ?
> 
> thanks,
> ---
> Gabriel Neagoe, GN379-RIPE
> Networking solutions consultant
> Cisco Certified Network Professional
> Cisco Certified Design Associate
> S&T Romania
> tel: +401 20 40 300
> fax: +401 20 40 310
> ---
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
> 
> Share information about yourself, create your own public profile at 
> http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: New! Study forum just for BCRAN. Hope this helps out.

2000-10-03 Thread Robert . Schussler


RE:  seneca.com/boards/541, "The page cannot be found"

Bob Schussler
Sales Engineer
Broadwing / Indianapolis
317-469-3719


-Original Message-
From: Ariel Banzon [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2000 9:54 AM
To: [EMAIL PROTECTED]
Subject: New! Study forum just for BCRAN. Hope this helps out.


Go to http://seneca.com/boards/541


This is new, you may be the first to post.  Please be supportive.  This
should gain popularity.  This will condense and bring us all together.

Please have respect for others while posting messages.

Ariel


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MRTG - Individual switch ports

2000-10-03 Thread GNOME


just do a cfgmaker will do

"Dave Santeramo" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have some Cisco 3548 switches that I want to pull the individual stats
> for each interface.  Does anyone have any examples on how to do this?
>  I have looked in the docs and cannot seem to find the appropriate
changes.
>
>
>
>
>
> ___
> To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax,
> all in one place - sign up today at http://www.zdnetonebox.com
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VLAN

2000-10-03 Thread Ejay Hire



A VLAN is a single broadcast domain.  Bridges do not segment Broadcast 
domains.  The job of the switch is to _bridge_ the ports assigned to the 
VLAN.

If you wanted to bridge between VLAN's, then you could use a router with 
trunking, or... Just make them all part of the same VLAN.

I reccomend you take a look at the Sybex CCNA 2.0 book, and read some more 
about switching/Vlans/Bridging.

Good Luck,
[EMAIL PROTECTED]



Original Message Follows
From: "FRS" <[EMAIL PROTECTED]>
Reply-To: "FRS" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: VLAN
Date: Tue, 3 Oct 2000 07:43:30 -0400

Is it possible to bridge inside a VLAN?


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Juniper

2000-10-03 Thread Brian


On Tue, 3 Oct 2000, Chris Gore wrote:

> I think you are incorrect! MCI WorldCom is scheduled to deploy some of the
> edge stuff soon. It is not in the core yet!!

Cable & Wireless USA, Frontier Global Center, MCI WorldCom's vBNS,
UUNET and Verio are all using Juniper routers at places in their network.

UUNet and vBNS are part of MCI/Worldcom.

Is the above not a true statment?  I never did say "core", however, would
bet you would find some juniper in the core in some of these networks
since thats what it was designed to do.

http://www.juniper.net/company/customers.htm

you think people like Randy Bush and Vint Cerf would know where the future
is going and what its going to take to run backbones.


Brian


> 
> "Brian" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> > On Mon, 2 Oct 2000, Leon Bass wrote:
> >
> > > Like everything else, When it's new everyone wants a piece, can you talk
> > > to anyone who has used it for at least 5 years, I doubt it.
> > > Whoever is placing the future of their company on this brand new
> > > technology better think twice.
> >
> > FUD.  Many many backbones rely on JuniperMCI Worldcom..Level
> > 3...etc.
> >
> > > If you are smart, you better have an ole reliable Cisco box sitting
> > > close by, just in case Juniper comes up with an error, the technical
> > > support has not even seen yet, and You wouldn't know that would you, who
> > > can you call and compare with, NOBODY.
> >
> > Umm, just one problem with that.  Cisco does not make products at this
> > time that have the packet processing capibility of Juniper.
> >
> > > New technology is fine and good, but rest assure there will be bugs,
> > > don't even fool yourself, because if you do, YOU won't be in this field
> > > very long.
> > > Just a thought, a technical ONE.
> >
> > Many of the very people that made Cisco the de-facto standard are the ones
> > behind Juniper..some of the top engineers even.
> >
> > brian
> >
> >
> >
> > >
> > > MR wrote:
> > >
> > > > Juniper products are much faster and cute. Look like your company is
> > > > in right direction. Note... routing and session concept is going to go
> > > > when optical products available. Cisco do not have time to figure out
> > > > new technology...know only buying companies and making CCIE's.Martin
> > > >
> > > >  "Nova Rich" <[EMAIL PROTECTED]> wrote in message
> > > >
> news:[EMAIL PROTECTED]
> > > >  guys,
> > > >
> > > >  My company wants to buy Juniper routers instead of Cisco.
> > > >  Having never worked with Juniper equipment before I don't
> > > >  know why it's so good.
> > > >
> > > >  I'm told that it's faster, cheaper and has a smaller foot
> > > >  print? What's a foot print? Is it really better then Cisco?
> > > >
> > > >  Nova Rich
> > > >
> > >
> >
> > ---
> > Brian Feeny, CCNP, CCDA   [EMAIL PROTECTED]
> > Network Administrator
> > ShreveNet Inc. (ASN 11881)
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> 
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

---
Brian Feeny, CCNP, CCDA   [EMAIL PROTECTED]   
Network Administrator 
ShreveNet Inc. (ASN 11881)

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

GRE Tunneling

2000-10-03 Thread Larsen, Scott/COR/INV


Referred to this group by a Cisco friend...  I apologize in advance if this
message does not fall within the parameters of the group, but after reading
the guidelines, I think it does.

I'm doing quite a bit of research on VPN architecture, and can not confirm
from the information I have found, that the GRE protocol operates at layer 2
and is specifically for tunneling, and does not do encryption.  Can someone
confirm this?

Thanks for your time!

Scott Larsen
Sr. Network Engineer
CH2M Hill
[EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Switch reboots when a laptop is connected

2000-10-03 Thread hmalmgren


Has anyone seen an issue with some of the 3500XL, 2924XL, or 2916s where
they reboot if they are connected to a laptop running Windows 2000 while the
laptop is booting?  It didn't happen under windows 98, but for some reason
2000 sends some weird signals out the serial port that causes Cisco switches
to reboot.  

Henry Malmgren
Network Engineer
TManage Inc.
(512) 794-6531
[EMAIL PROTECTED]
www.tmanage.com

By the way, our legal department wants me to tell you that:
Privileged/confidential information may be contained in this message.  It is
not for use or disclosure outside TManage without a written proprietary
agreement.  If you are not the addressee indicated in this message, or agent
responsible for delivery, you may not copy or deliver this message to
anyone.  Please notify the sender as soon as possible and immediately
destroy this message and its attachments in its entirety.
You can't say I didn't warn you

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EXTENDED ACL for distribute-list

2000-10-03 Thread Driessens.Hans


as I sended the message I saw the fluke

this is the acl you want
access-list 116 permit ip 0.0.0.0 255.255.255.128 10.1.1.0 0.0.0.255

Router#
00:45:32: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:45:32: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:45:32: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:45:32: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
00:45:32: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:45:32: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
00:45:32: IP-EIGRP: Int 10.1.1.128/25 metric 128256 - 256 128000
00:45:34: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:45:34: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:45:34: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:45:34: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
00:45:34: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:45:34: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
checked mask and network

cheers
Hans Driessens


Van: Driessens.Hans 
Verzonden: dinsdag 3 oktober 2000 16:48
Aan: 'Brian'
CC: '[EMAIL PROTECTED]'
Onderwerp: RE: EXTENDED ACL for distribute-list


hi brian

oops, you're right about the mask. Did you try the normal acl?? I got it
working with the extended acl

try this:

interface Loopback0
 ip address 10.1.1.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 150.55.241.199 255.255.255.0
 no ip directed-broadcast
!
interface Serial0
 ip address 2.1.1.1 255.255.255.252
 no ip directed-broadcast
 no ip mroute-cache
 no fair-queue
 clockrate 64000
!
router eigrp 90
 network 2.0.0.0
 network 10.0.0.0
 network 137.20.0.0
 network 150.55.0.0
 distribute-list 110 out
 no auto-summary
!
!
access-list 110 permit ip any 10.1.1.0 0.0.0.255


debug says:
00:10:09: IP-EIGRP: 10.1.1.0/24 - do advertise out Serial0
00:10:09: IP-EIGRP: Int 10.1.1.0/24 metric 128256 - 256 128000
00:10:09: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:10:09: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:10:09: IP-EIGRP: 2.1.1.0/30 - denied by distribute list

so that's working fine, the same as with a normal acl



if the config was something like
interface Loopback0
 ip address 10.1.1.1 255.255.255.128
 no ip directed-broadcast
!
interface Loopback1
 ip address 10.1.2.1 255.255.255.0
 no ip directed-broadcast
!
interface Loopback3
 ip address 10.1.1.129 255.255.255.128
 no ip directed-broadcast

with the extended acl, both routes are advertised (so not as discribed in
the open forum doc)
see debug output

with extended acl:
00:21:17: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:21:17: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:21:17: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:21:17: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
<
00:21:17: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:21:17: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
<


with normal acl:
00:24:54: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:24:54: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:24:54: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:24:54: IP-EIGRP: 10.1.1.0/25 - do advertise out Serial0
<
00:24:54: IP-EIGRP: Int 10.1.1.0/25 metric 128256 - 256 128000
00:24:54: IP-EIGRP: 10.1.1.128/25 - do advertise out Serial0
00:24:54: IP-EIGRP: Int 10.1.1.128/25 metric 128256 - 256 128000
<

Same output with both acl's
with another acl
access-list 115 permit ip 255.255.0.0 0.0.0.0 10.1.1.0 0.0.0.255

gives the right output
00:37:11: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:37:11: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:37:11: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:37:11: IP-EIGRP: 10.1.1.0/25 - denied by distribute list
<--- only /24 allowed
00:37:11: IP-EIGRP: 10.1.1.128/25 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.2.0/24 - denied by distribute list
00:37:13: IP-EIGRP: 150.55.241.0/24 - denied by distribute list
00:37:13: IP-EIGRP: 2.1.1.0/30 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.1.0/25 - denied by distribute list
00:37:13: IP-EIGRP: 10.1.1.128/25 - denied by distribute list

access-list 115 permit ip 255.255.128.0 0.0.0.0 10.1.1.0 0.0.0.255
 gives the same result

as well as
access-list 116 permit ip 255.255.255.128 0.0.0.127 10.1.1.0 0.0.0.255

so it seems that it just does not work with an extended acl to check the
mask


Hans 


-Oorspronkelijk bericht-
Van: Brian [mailto:[EMAIL PROTECTED]]
Verzonden: dinsdag 3 oktober 2000 15:33
Aan: Driessens.Hans
CC: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Onderwerp: RE: EXTENDED ACL for distribute-list



access-lists use wildcard masks not netmasks

On Tue, 3 Oct 2000, Driessens.Hans wrote:

> Hi ClueLess
> 
> you want to use a standard access-list instead of an extended if you are
> doing it like this. You are filtering on source address

Re: Can you bridge inside a VLAN?

2000-10-03 Thread Jay Hennigan


On Tue, 3 Oct 2000, FRS wrote:

(subject is "Can you bridge inside a VLAN?")

Yes!  This is the default behavior.  

-- 
Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED] 
NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

checkpoint firewall to cisco router vpn help needed!!!

2000-10-03 Thread Tayo Dada


hi all,


i am trying to create a vpn between checkpoint fw1 version 4.0 and cisco
2503 ios jos56i-1.bin. i am getting these areas when i use a crypto
debug:

Router1#
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1
Router1#
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1


any ideas

i can not see a log in the checkpoint to say that it is being encrypted.

Tayo

p.s it is not as easy as it looks, please remember


---  
"This email and any files transmitted with it are confidential, may be
privileged or otherwise protected from disclosure, and are intended
solely for the use of the individual or entity to whom they are
addressed. Any unauthorised disclosure, use or dissemination, either
whole or partial, is prohibited. 

If you have received this communication in error, please contact the
sender by telephone on +44 (0)20 7292 1900 or by replying to this email
and delete this message and any attachment from your system. If you are
not the intended recipent you must not copy this message or attachment
or disclose the contents to any other person. 

Opinions expressed are those of the sender and not necessarily those of
Trizechahn Europe."  
--- 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: routers for sale

2000-10-03 Thread Csweeting


I am sorry. both routers asking $2300 including cables.  16ram 8 flash and ios 11.x 
and 12.x

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TACACS+ and RADIUS

2000-10-03 Thread dacarl4


Two major differences that I have always remembered are:

TACACS encrypts the entire packet, where RADIUS only encrypte the password
portion.  This makes TACACS more secure.

TACACS uses TCP and RADIUS uses UDP as a transport layer protocol.

One other thing is that Authentication and Authorization are combined in
RADIUS, but in TACACS they are seperated. The seperation of AAA
functionality makes TACACS a little more flexible.

Hope this helps

David

-Original Message-
From: whatshakin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 9:32 AM
To: [EMAIL PROTECTED]
Subject: Re: TACACS+ and RADIUS


Along with what this member said, the TACACS+ philosophy is 'security at any
cost'.  RADIUS is more along the lines of 'good security but good
useability' too.   You will find TACACS+ has a more granular approach
overall and a significant enhancement to Cisco products in general.
Conversely, RADIUS will be generally easier to etc.


- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, October 03, 2000 4:51 AM
Subject: RE: TACACS+ and RADIUS


> Tacascs+ and Radius are different Database protocols service  that is used
> by router using AAA for the security service
>
> TACACS+ is an existing protocol developed by Cisco Systems in their
Routers.
> Cisco presently supports two kind of Authentic Protocols the other one is
> RADIUS which is also the industry standard, their are also many other
> Authentication Protocol
>
> I think if you want more information go to the Cisco website search for
the
> comparisons of Tacacs
>
> George Adewale
>
> -Original Message-
> From: Roland Mok [mailto:[EMAIL PROTECTED]]
> Sent: 03 October 2000 12:19
> To: [EMAIL PROTECTED]
> Subject: TACACS+ and RADIUS
>
>
> Anyone knows the difference b/w RADIUS and TACACS+?
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
> DISCLAIMER
> This e-mail is intended only for the use of the addressees named above and
> may be confidential. If you are not an addressee you must not read it and
> must not use any information contained in nor copy it nor inform any
person
> other than TeleCity Limited or the addressees of its existence or
contents.
> If you have received this email and are not a named addressee, please
delete
> it and notify the TeleCity IT department on 0161 226 7643 or by email at
> [EMAIL PROTECTED]
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PASSED BSCN WITH A 963!

2000-10-03 Thread Daniel Boutet





Congratulation,
 
I will  start to study for this exam next week. I saw 
your mark (impressive! and I do not think that it has to do with 
photo...memory)
and the CCIE Lab book you used. What is the ISBN # Please! 


  ""rtc9"" <[EMAIL PROTECTED]> wrote 
  in message 002101c02c29$8d487070$d2c70818@CG716727A">news:002101c02c29$8d487070$d2c70818@CG716727A...
   I only studied for two weeks, i guess one 
  advantage is that i have a photographic memory.

Questions re Doyle ch. 3

2000-10-03 Thread Bradley J. Wilson




Couple of questions from the exercises at the end 
of Chapter 3 of Doyle's TCP/IP book:
 
1) Configuration problem #2: the answer to RTC 
lists six static routes.  Aren't the 5th and 6th entries already covered in 
the 2nd entry?
 
2) Troubleshooting problem #2: the answer lists the 
second entry of RTC as an error.  Is it really?  Doesn't RTB also need 
a listing for the "208" network?
 
Thanks in advance -
 
Bradley Wilson
CCNA, CCDA, MCSE, NNCSS, CNX-A, MCT, 
CTT

RE: checkpoint firewall to Cisco router vpn help needed!!!

2000-10-03 Thread Jim Brown


Tayo,

Check out this link on IPSec Encryption between Cisco and CheckPoint.

http://www.imtek.com/IPSec.html

This question shows up on the CheckPoint list every couple of months. The
link above details someone's successful application.

-Original Message-
From: Tayo Dada [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 9:42 AM
To: '[EMAIL PROTECTED]'
Subject: checkpoint firewall to cisco router vpn help needed!!!


hi all,


i am trying to create a vpn between checkpoint fw1 version 4.0 and cisco
2503 ios jos56i-1.bin. i am getting these areas when i use a crypto
debug:

Router1#
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1
Router1#
1w3d: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet.
(ip) dest_addr= 10.1.0.3, src_addr= 10.4.0.2, prot= 1


any ideas

i can not see a log in the checkpoint to say that it is being encrypted.

Tayo

p.s it is not as easy as it looks, please remember


---  
"This email and any files transmitted with it are confidential, may be
privileged or otherwise protected from disclosure, and are intended
solely for the use of the individual or entity to whom they are
addressed. Any unauthorised disclosure, use or dissemination, either
whole or partial, is prohibited. 

If you have received this communication in error, please contact the
sender by telephone on +44 (0)20 7292 1900 or by replying to this email
and delete this message and any attachment from your system. If you are
not the intended recipent you must not copy this message or attachment
or disclose the contents to any other person. 

Opinions expressed are those of the sender and not necessarily those of
Trizechahn Europe."  
--- 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: routers for sale

2000-10-03 Thread Scott M. Trieste


That is way over priced.  25xx boxes are discontinued.  We can do much
better on Ebay.
<[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am sorry. both routers asking $2300 including cables.  16ram 8 flash and
ios 11.x and 12.x
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: GRE Tunneling

2000-10-03 Thread Leonard Ong


Hello,

yes it doesn't do encryption... encryption available at IPSEC and others


Regards,
Leonard Ong, ST, CCNP R&S+Voice, CCDP R&S, CSE, SAIR&GNU LCP, MCP, BCP
   (Íõ¶°ºÀ) | [EMAIL PROTECTED]  -  Share Knowledge together!
| ICQ : 1041402 == http://www.poboxes.com/Leonard_Ong


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switch reboots when a laptop is connected

2000-10-03 Thread Dave Hennen


I have a dell 3500 laptop running win2k pro that I have used to configure a
half dozen 3500 and a few 2924 switches and I have been connected to the
console port while booting and have not noticed anything like this
happening.  perhaps it is a manufacturer specific issue

daveh

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 11:46 AM
To: [EMAIL PROTECTED]
Subject: Switch reboots when a laptop is connected


Has anyone seen an issue with some of the 3500XL, 2924XL, or 2916s where
they reboot if they are connected to a laptop running Windows 2000 while the
laptop is booting?  It didn't happen under windows 98, but for some reason
2000 sends some weird signals out the serial port that causes Cisco switches
to reboot.  

Henry Malmgren
Network Engineer
TManage Inc.
(512) 794-6531
[EMAIL PROTECTED]
www.tmanage.com

By the way, our legal department wants me to tell you that:
Privileged/confidential information may be contained in this message.  It is
not for use or disclosure outside TManage without a written proprietary
agreement.  If you are not the addressee indicated in this message, or agent
responsible for delivery, you may not copy or deliver this message to
anyone.  Please notify the sender as soon as possible and immediately
destroy this message and its attachments in its entirety.
You can't say I didn't warn you

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Intermittent ISDN connections

2000-10-03 Thread Niraj Palikhey


Yes, the access list specifies ip any any
dialer idle-timeout is set to 360 on both routers.
When we do an extended ping and tell it to ping 2000 times, it pings 
initially, then stops and then pings once again. During the stop period, we 
cannot type any commands on the router. It just freezes. Then once ping 
works again, we are able to work on the router


>From: "Ejay Hire" <[EMAIL PROTECTED]>
>Reply-To: "Ejay Hire" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>CC: [EMAIL PROTECTED]
>Subject: Re: Intermittent ISDN connections
>Date: Mon, 02 Oct 2000 16:23:10 CDT
>
>Are your pings interesting?  What is your Idle-timeout?
>
>
>Original Message Follows
>From: "Niraj Palikhey" <[EMAIL PROTECTED]>
>Reply-To: "Niraj Palikhey" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Intermittent ISDN connections
>Date: Mon, 02 Oct 2000 12:49:21 EDT
>
>Hi,
>Need help in trying to trouble-shoot an isdn pri E1 connection problem b/w 
>2
>3640 routers using DDR b/w our two sites, one in Paris and one in Morocco.
>The call connection drops after about a minute. I can do an extended ping 
>to
>the Morocco router from Paris. It works initially, but the link drops after
>a couple of pings.
>Does the dialer hold-queue have to be the same values on both routers to
>keep the link up? I have 2 different values now, one at 75 and the other at
>100.
>I also have the dialer load-threshold 10 either command both routers. 
>Should
>this values be higher?
>Also the hold-queue for the s0/0:15 interface is set for 75 on one router
>and 150 in and 150 out on the other router. Should both these values be the
>same?
>Is there any special tweaking that needs to be done because these channels
>are used for voice traffic?
>
>Any help is gratefully appreciated.
>Thank you.
>Kind regards,
>Niraj
>
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN Cisco - Concentrator 3000

2000-10-03 Thread Whaley, Chris


Hi,
Has anyone managed to get w2k pro working with the concentrator using l2tp?
The VPN client is only compatible with NT4..?? Any advice would be good!
thanks,
Chris..

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Hardware Question???

2000-10-03 Thread Alex


Hi
If I have two WIC-1DSU-56/64K Modules in two different routers can I use a
crossover cable between them, or will I need a some sort of switching
device.

Thank you.
Alex



**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Douglas Comer

2000-10-03 Thread mamo


They are good book, but I prefer Stevens TCP/IP illustrated series.

They are the best technical book I have.

Mamo

DS> I'm sure there was some discussion before in group about Douglas Comer,
DS> however I was unable to relocate it.

DS> Question:

DS> Has anyone an opinion on his three volume series:
DS> TCP/IP Vol. I

DS> Internetworking With TCP/IPVol II

DS> Internetworking With TCP/IPVol III

DS> Any knowledgeable feedback appreciated.  Thanks.

DS> [EMAIL PROTECTED]


DS> **NOTE: New CCNA/CCDA List has been formed. For more information go to
DS> http://www.groupstudy.com/list/Associates.html
DS> _
DS> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
DS> FAQ, list archives, and subscription info: http://www.groupstudy.com
DS> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]



-- 
Best regards,
 mamomailto:[EMAIL PROTECTED]


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

modem on aux

2000-10-03 Thread Hans Schimek


if i would like to connect a modem ( elsa microlink 33.6 )
to the aux port which cables to i have to use ?

aux (RJ45) --straight RJ45 cable  DB25Connector(DB25-DB9
Converter)-:Modem


is that right ?

thanx
hans


and reverse telnet to port 2001 ? isn`t it ?

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: major BCMSN(504) question who passed it?

2000-10-03 Thread STRAND Scott

I passed about a month ago. The exam is not product intensive but more conceptual. You 
should be familiar with both set based and
IOS based switch commands. Concentrate on the main points: VTP, Trunking, MLS, Vlans, 
Multicasting, and definately STPyou'll do
fine.

--Scott

Favio T wrote:

> I went to brainbuzz.com and printed out there cramsession sheet (640-504)
> when I looked at it, it said that I have to know Catalyst 3000 switches
>
> BUT I have the BCMSN Cisco press book by Karen WEbb and Catalyst start at
> 4000
> not one  word on 3000 switches
>
> should I tell brainbuzz  to buzz off or what ?
>
> thanks for your help can't wait to pass this test any tips on study material
> thanks a million
>
> [EMAIL PROTECTED]
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: modem on aux

2000-10-03 Thread Ejay Hire


The port number varies by model.  It's 2000+ whatever the router says the 
AUX port is in the "show Line" command.

Which Cable to use has always confused me until I stopped to really think 
about it.  The AUX/CON port expects Clocking from the Terminal/computer 
connected to it.  For it to connect to a modem, It supplies the clocking.  
If it supplies the clocking, then it needs a Null modem cable.  The way I 
have mine hooked up is:

Cisco rj-45 to 9 adapt (Console cable) -> Null modem adapter -> DB9 to DB25 
serial adapter -> Gender changer -> Modem.

It works, but a more elegant solution is the cisco Cable/Adapter
CAB-25AS-MMOD.

I'm assuming you want to connect it to a RJ45 style Aux port.

Anyway, the Cisco Site has a good reference on this.
http://www.cisco.com/warp/public/76/9.html

Good Luck.

Original Message Follows
From: "Hans Schimek" <[EMAIL PROTECTED]>
Reply-To: "Hans Schimek" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: modem on aux
Date: Tue, 3 Oct 2000 20:01:58 +0200

if i would like to connect a modem ( elsa microlink 33.6 )
to the aux port which cables to i have to use ?

aux (RJ45) --straight RJ45 cable  DB25Connector(DB25-DB9
Converter)-:Modem


is that right ?

thanx
hans


and reverse telnet to port 2001 ? isn`t it ?

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Switch reboots when a laptop is connected

2000-10-03 Thread OpTech


Sounds like you have something in the startup up that sends a signal to the
serial port, possibly something like a PalmPilot Sync software or along
those lines.


E
- Original Message -
From: "Dave Hennen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, October 03, 2000 11:57 AM
Subject: RE: Switch reboots when a laptop is connected


> I have a dell 3500 laptop running win2k pro that I have used to configure
a
> half dozen 3500 and a few 2924 switches and I have been connected to the
> console port while booting and have not noticed anything like this
> happening.  perhaps it is a manufacturer specific issue
>
> daveh
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 11:46 AM
> To: [EMAIL PROTECTED]
> Subject: Switch reboots when a laptop is connected
>
>
> Has anyone seen an issue with some of the 3500XL, 2924XL, or 2916s where
> they reboot if they are connected to a laptop running Windows 2000 while
the
> laptop is booting?  It didn't happen under windows 98, but for some reason
> 2000 sends some weird signals out the serial port that causes Cisco
switches
> to reboot.
>
> Henry Malmgren
> Network Engineer
> TManage Inc.
> (512) 794-6531
> [EMAIL PROTECTED]
> www.tmanage.com
>
> By the way, our legal department wants me to tell you that:
> Privileged/confidential information may be contained in this message.  It
is
> not for use or disclosure outside TManage without a written proprietary
> agreement.  If you are not the addressee indicated in this message, or
agent
> responsible for delivery, you may not copy or deliver this message to
> anyone.  Please notify the sender as soon as possible and immediately
> destroy this message and its attachments in its entirety.
> You can't say I didn't warn you
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Just PAssed BCMSN, Preparing for BSCN

2000-10-03 Thread Mark




You should have no problem using the ACRC book as 
long as you follow the guide fom Cisco.  I used the ACRC and the course 
books and did just fine.  I do think the new BSCN book may have just hit 
the bricks but I am not sure.
 
Good Luck

  ""Anthony Awatefe"" <[EMAIL PROTECTED]> wrote in 
  message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I've just passed the BCMSN exam I score 814... 
  the main areas that came up,VLAN, VTP, MLS, Multicasting.I used the 
  ciscopress BCMSN book and also Boson test question (which wereprobably 
  harder then the actual exam)...   Now to complete the 
  restI've got the ACRC Exam certification guide from Cisco press, 
  what else do Ineed to studying for BSCN, or should I wait for the new BSCN 
  book from CiscoPressAny 
  Ideas??Anthony

RE: Intermittent ISDN connections

2000-10-03 Thread Spolidoro, Guilherme


Niraj, we recently noticed a problem on one of our overseas ISDN PRI not
very similar to yours, but we were using external TA with Bonding-1.

Anyway, the problem is that AT&T was connecting each B channel through
different paths on their network. That was causing each B channel having a
different delay. On Bonding-1, there is a maximum difference of time
acceptable for receiving the packets from different B channels (I think it's
40ms). I never had to look for the Multilink PPP specifications, but I
really suspect that there are similar rules. 

My suggestion for you in order to verify if this is the problem is to start
doing calls using one single B channel (just remove the MPPP config from the
interface). If it works fine (try to call several times), add MPPP back and
do a debug ppp multilink and send the output to the list. That will probably
give some clue of what is going on.

Also, another problem that I had on the past (on an overseas ISDN BRI backup
connection) was that it would work only if I configure the data channel to
56K. With 64K, it would drop the call as soon as I start sending some
traffic (maybe I should mentione that I was using an Adtran ISU128 TA). My
conclusion was that there was a switch on the path that was unable to handle
64K channels.

Good luck.

-Original Message-
From: Niraj Palikhey [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 12:56 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Intermittent ISDN connections


Yes, the access list specifies ip any any
dialer idle-timeout is set to 360 on both routers.
When we do an extended ping and tell it to ping 2000 times, it pings 
initially, then stops and then pings once again. During the stop period, we 
cannot type any commands on the router. It just freezes. Then once ping 
works again, we are able to work on the router


>From: "Ejay Hire" <[EMAIL PROTECTED]>
>Reply-To: "Ejay Hire" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>CC: [EMAIL PROTECTED]
>Subject: Re: Intermittent ISDN connections
>Date: Mon, 02 Oct 2000 16:23:10 CDT
>
>Are your pings interesting?  What is your Idle-timeout?
>
>
>Original Message Follows
>From: "Niraj Palikhey" <[EMAIL PROTECTED]>
>Reply-To: "Niraj Palikhey" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Intermittent ISDN connections
>Date: Mon, 02 Oct 2000 12:49:21 EDT
>
>Hi,
>Need help in trying to trouble-shoot an isdn pri E1 connection problem b/w 
>2
>3640 routers using DDR b/w our two sites, one in Paris and one in Morocco.
>The call connection drops after about a minute. I can do an extended ping 
>to
>the Morocco router from Paris. It works initially, but the link drops after
>a couple of pings.
>Does the dialer hold-queue have to be the same values on both routers to
>keep the link up? I have 2 different values now, one at 75 and the other at
>100.
>I also have the dialer load-threshold 10 either command both routers. 
>Should
>this values be higher?
>Also the hold-queue for the s0/0:15 interface is set for 75 on one router
>and 150 in and 150 out on the other router. Should both these values be the
>same?
>Is there any special tweaking that needs to be done because these channels
>are used for voice traffic?
>
>Any help is gratefully appreciated.
>Thank you.
>Kind regards,
>Niraj
>
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>_
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.ht

Re: Questions re Doyle ch. 3

2000-10-03 Thread Hubert Pun




See comments below
Bradley J. Wilson wrote:

Couple
of questions from the exercises at the end of Chapter 3 of Doyle's TCP/IP
book: 1) Configuration
problem #2: the answer to RTC lists six static routes.  Aren't the
5th and 6th entries already covered in the 2nd entry? 
My answer key only have four static routes. and the second and third
one have some errors.
 
 2) Troubleshooting problem #2:
the answer lists the second entry of RTC as an error.  Is it really? 
Doesn't RTB also need a listing for the "208" network? 
I find the answer key to be ok here.

R1R2 Lab

2000-10-03 Thread cpasq


Is the r1r2 lab working?  Im unable to get on  (r1r2.com)?
Anyone else having success?

Or if there's any other free simular router simulators where
are they?

Thanks.


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: modem on aux

2000-10-03 Thread cwcollins


Use the cable kit that comes with every router.  Using the DB-25 connector that says 
modem.

Doing a reverse telnet to 2XXX depends on the type of router you have. If it is a 
router with async lines then you have to use the last line availabe.  If there are no 
async interfaces then yes 2001 should be the one.

Chuck

==

if i would like to connect a modem ( elsa microlink 33.6 ) to the aux port which 
cables to i have to use ?
aux (RJ45) --straight RJ45 cable  DB25Connector(DB25-DB9
Converter)-:Modem

is that right ?
thanx
hans


and reverse telnet to port 2001 ? isnt it ?
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: modem on aux

2000-10-03 Thread cwcollins


Use the cable kit that comes with every router.  Using the DB-25 connector that says 
modem.

Doing a reverse telnet to 2XXX depends on the type of router you have. If it is a 
router with async lines then you have to use the last line availabe.  If there are no 
async interfaces then yes 2001 should be the one.

Chuck

if i would like to connect a modem ( elsa microlink 33.6 ) to the aux port which 
cables to i have to use ?
aux (RJ45) --straight RJ45 cable  DB25Connector(DB25-DB9
Converter)-:Modem

is that right ?
thanx
hans


and reverse telnet to port 2001 ? isnt it ?
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Napster Question

2000-10-03 Thread Ejay Hire


I know very little about the PIX firewalls, (Though I'd love to learn!)  
What we've done at our location is to Block all of the Ip's belonging to 
Napster.com, and we scan the users home directories for MP3's at night when 
we do the backup.  If any are found, the owner of the file is contacted, 
Warned that they are in violation of the Microcomputer Standards Agreement, 
and give them the opportunity to contribute to the "Buy more Internet 
Bandwidth" fund.

(Then we randomly delete files from their PC over the next few weeks  
without their knowledge.  When it breaks, we blame Napster!)

Wait, no... that's what I wish we could do.  Really we just block the 
napster.com Ip's.

Good luck
[EMAIL PROTECTED]



Original Message Follows
From: "Dorroh, Hunter" <[EMAIL PROTECTED]>
To: 'Ejay Hire' <[EMAIL PROTECTED]>
Subject: RE: Napster Question
Date: Tue, 3 Oct 2000 11:06:33 -0400

Ejay,

Using the PIX 520 would I be able to use content checking i.e. L5-7 and stop
it then?  That darn tricky software... we must stop it now :)

Hunter

-Original Message-
From: Ejay Hire [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 11:00 AM
To: [EMAIL PROTECTED]
Subject: RE: Napster Question


Napster is a very dynamic piece of software.  If you deny incoming
connections on the napster File Transfer ports, but allow established, then
the Napster software inside your network will open a connection for the
transfer and then let the client download.  Very sneaky/cool.


Original Message Follows
From: "Dorroh, Hunter" <[EMAIL PROTECTED]>
Reply-To: "Dorroh, Hunter" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: RE: Napster Question
Date: Tue, 3 Oct 2000 00:16:48 -0400

Hello everyone,

I searched through the archives and found lots of good information on
blocking but I did not see anything on the possibility of allowing users to
connect to Napster and download music but NOT be permitted to upload.  Any
thoughts on how to allow this to happen via PIX or IOS FW?  I was thinking
this might limit a company's legal exposure.

Thanks,

Hunter

-Original Message-
From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 3:49 PM
To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question


The list went through this several times already.

Blocking ports , , ,  is useless.. since Beta6, Napster has
been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would
have to kill all access to http/tcp80.. NOT good.  Blocking the IPs is the
best and most thorough solution at this time.

Also, besides blocking the access to the main Napster sites will block most
users, and for those that go around it, there should be a user policy in
place.  It is not totally your job to govern what the users do and do not
do.. the users should also be held responsible.  Put a political policy in
place, and if it is broken by a user by using something such as opennap,
discipline from management will solve this issue.

   Regards,
Trevor Corness, CCNA MCSE MCP+I
Network Systems Engineer, DataCom
BMS Communications Ltd.
http://www.bmscom.com

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hal White
Sent: Friday, September 29, 2000 11:55 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question


Blocking these IP addresses will only block users from accessing the main
napster servers and will not block access to other napster servers, such as,
opennap, which can be found easily by using the napigator program.  The best
way to block Napster is to block the ports that the client uses which are
,,,.  Don't quote me on these ports because I can't find my
documentation at the moment, but I think they are right.


Hal

  >From: "Fowler, Joey" <[EMAIL PROTECTED]>
  >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]>
  >To: [EMAIL PROTECTED]
  >Subject: RE: Napster Question
  >Date: Fri, 29 Sep 2000 13:15:19 -0400
  >
  >If you search the archives it has some info on this, but I just
implemented
  >it this morning and it seems to working here. If you are using PIX
firewall
  >(or any other) create an access list using the outbound and apply 
commands
  >to block the following addresses:
  >
  >208.184.216.0 /24
  >208.178.167.0 /24
  >208.178.163.61
  >208.184.175.130
  >208.184.175.131
  >208.184.175.132
  >208.184.175.134
  >208.49.239.242
  >208.49.239.247
  >208.49.239.248
  >
  >People will start wandering by your desk asking if you've ever heard a
  >program called Napster. I personally like to dumb.
  >
  >Joey
  >
  >-Original Message-
  >From: Tom Pruneau [mailto:[EMAIL PROTECTED]]
  >Sent: Friday, September 29, 2000 12:29 PM
  >To: [EMAIL PROTECTED]
  >Subject: Napster Question
  >
  >
  >Greetings Group
  >
  >Does anyone know what ports Napster usies for handshaking?
  >Inbound, outbound port number?
  >What would it take to block Napster?
  >

Re: Douglas Comer

2000-10-03 Thread Dale Holmes


The Stevens series is outstanding as well, but in a different way. If you 
are looking for a hands-on, UNIX-centric, in depth analysis of the TCP/IP 
suite, then the Stevens series is for you. If you want a full treatment of 
the protocols from a purely theoretical perspective, then you want Comer's 
Volume 1. If you want to understand how to implement these protocols in code 
(and perhaps get a perspective on how vendors do this), then you want 
Comer's Volumes 2 and 3.

I say, get all 6! I did, and it was the loneliest year of my life, but damn 
did I learn something! [=`)

Dale
[=`)


>From: mamo <[EMAIL PROTECTED]>
>Reply-To: mamo <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: Douglas Comer
>Date: Tue, 3 Oct 2000 20:01:04 +0200
>
>They are good book, but I prefer Stevens TCP/IP illustrated series.
>
>They are the best technical book I have.
>
>Mamo
>
>DS> I'm sure there was some discussion before in group about Douglas Comer,
>DS> however I was unable to relocate it.
>
>DS> Question:
>
>DS> Has anyone an opinion on his three volume series:
>DS> TCP/IP Vol. I
>
>DS> Internetworking With TCP/IPVol II
>
>DS> Internetworking With TCP/IPVol III
>
>DS> Any knowledgeable feedback appreciated.  Thanks.
>
>DS> [EMAIL PROTECTED]
>
>
>DS> **NOTE: New CCNA/CCDA List has been formed. For more information go to
>DS> http://www.groupstudy.com/list/Associates.html
>DS> _
>DS> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>DS> FAQ, list archives, and subscription info: http://www.groupstudy.com
>DS> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
>
>--
>Best regards,
>  mamomailto:[EMAIL PROTECTED]
>
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Telnet Display

2000-10-03 Thread cpasq


Is there a way to print the Telnet Display (command line interface)?


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: urgent PIX help AGAIN

2000-10-03 Thread Asbjorn Hojmark


> One more question: when I configure PIX as DHCP server, it
> only allows 10 addresses in the pool.

> Is 10 max?

Yes, 10 is max. It's in the command reference.

The PIX wasn't meant to be a large-scale DHCP server. It's a
firewall and if you need extensive DHCP server capabilities,
you should run that on another platform.

-A
--
Heroes: Vint Cerf & Bob Kahn, Leonard Kleinrock, Robert Metcalfe
Links : http://www.hojmark.org/networking/


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Layer3 switching

2000-10-03 Thread NetEng




What are the benefits of layer3 switching 
(versus layer2)? Can I create VLAN's w/o using a router on a layer3 
switch?

RE: Douglas Comer

2000-10-03 Thread sdonoho



 I have both books and I find the Stevens book to be very readable and
informative. The Stevens book is by far superior. Stevens had a rare gift
for explaining complex and obscure details in a very enjoyable style. One
caveat though, the book uses the UNIX freeware command "tcpdump", so the
book is best used in conjunction with a UNIX system on a live network. By
using "tcpdump" the reader can view live network traffic and understand at a
deeper level what the Author is trying to explain. The book explains how to
get tcpdump. Better yet, if you have Linux or BSD it comes already
installed!

  As for obtaining volume II(Comer or Stevens), get it only if you are
willing to invest a lot of time on TCP/IP internals(i.e. you better know how
to read C syntax). Volume II is not pertinent to the pursuit of the
CC[IE/NP/NA] Certs. But if you want to know TCP/IP inside and out, this is
where you go.

Scott Donoho
[EMAIL PROTECTED]



> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> mamo
> Sent: Tuesday, October 03, 2000 11:01 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Douglas Comer
>
>
> They are good book, but I prefer Stevens TCP/IP illustrated series.
>
> They are the best technical book I have.
>
> Mamo
>
> DS> I'm sure there was some discussion before in group about
> Douglas Comer,
> DS> however I was unable to relocate it.
>
> DS> Question:
>
> DS> Has anyone an opinion on his three volume series:
> DS> TCP/IP Vol. I
>
> DS> Internetworking With TCP/IPVol II
>
> DS> Internetworking With TCP/IPVol III
>
> DS> Any knowledgeable feedback appreciated.  Thanks.
>
> DS> [EMAIL PROTECTED]
>
>
> DS> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> DS> http://www.groupstudy.com/list/Associates.html
> DS> _
> DS> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> DS> FAQ, list archives, and subscription info: http://www.groupstudy.com
> DS> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
>
> --
> Best regards,
>  mamomailto:[EMAIL PROTECTED]
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

KnowledgeNet e-learning

2000-10-03 Thread Lance Hubbard


Group,

Has anyone used KnowledgeNet's e-learning for the CCNA or CCNP courses?  Let 
me know what your impressions are.

Cheers,

Lance
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: major BCMSN(504) question who passed it?

2000-10-03 Thread Jim Haynes


I passed this test yesterday. Just as the previous post said it's mainly a
conceptual test. Know your MLS, VTP, STP, and VLAN stuff. You'll do fine.

Jim

""Favio T"" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I went to brainbuzz.com and printed out there cramsession sheet (640-504)
> when I looked at it, it said that I have to know Catalyst 3000 switches
>
> BUT I have the BCMSN Cisco press book by Karen WEbb and Catalyst start at
> 4000
> not one  word on 3000 switches
>
> should I tell brainbuzz  to buzz off or what ?
>
> thanks for your help can't wait to pass this test any tips on study
material
> thanks a million
>
> [EMAIL PROTECTED]
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

1 2 >

1 - 100 of 165 matches

Mail list logo