Re: Why dont I see SNMP discussion on this board ??
Maybe its because no one has started a thread about SNMP -- Kevin - Original Message - From: "Pradeep Kumar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, January 06, 2001 11:30 PM Subject: Why dont I see SNMP discussion on this board ?? > Folks, > > Did you notice - in our forum which claims to be addressing 10,000 Network proffessionals , SNMP related discussion does not seem to be too attractive ! not on the forum at least. > > Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > > Is this not a trouble area ? Or is it becoz , there is not much of SNMP topics on any of the CCxx exams ? > > Is there any exams to prove the mettle of SNMP geeks ? > > -Guru > > > > > > > ___ > Visit http://www.visto.com/info, your free web-based communications center. > Visto.com. Life on the Dot. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What is the latest 2924 XL OS ?
If you even bothered to look at the link, you'll notice the m isn't part of the hyper link in the email. "Pradeep Kumar" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Mr Jones, > > That URL still does not lead to the " latest OS od 2924". > It leads to > > " Document not found". > > Thanks for the english typed. > > -Guru > > > > ___ > Visit http://www.visto.com/info, your free web-based communications center. > Visto.com. Life on the Dot. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cisco router 2610 HSRP in Bay switch
What are you asking - it's not that clear. Anyway, HSRP is Cisco propiertary and will not work on a Bay switch (use VRRP). If you have 2 Cisco devices w/HSRP plugged into a Bay switch or hub that shouldn't be a problem since the HSRP packets should just pass through the switch. There was a code issue on the 450 switch (I believe it was the 450) which stopped it from forwarding HSRP packets correctly. It could have been a multicast issue. This has been corrected though. What type of Bay switch do you have and what code? --- eric^_^ <[EMAIL PROTECTED]> wrote: > Hi : > > I can't use the cisco router 2610 HSRP in Bay switch > .HSRP will active > in both route. > So, Now this temp connect in the HUB only. Any > problem in Bay switch ? > > Thanks > Eric __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Security
Does anyone know of any good books for the 4 exams now required for the Security specialisation. I know the Managing Cisco Network Security book by Cisco Press is due out. But what about the PIX and other exams. Also I wonder why they've suddenly increased the exams for this specialistation compared with the others. Thanks Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: x.25 stock exchange system.
in this case, use the bridge method bridge 1 protocl ieee int s 0 no ip add bridge-group 1 int e 0 no ip add bridge-group 1 check the command syntax. since i don;t have the router with me. Sam - Original Message - From: "eric^_^" <[EMAIL PROTECTED]> To: "Sam LI" <[EMAIL PROTECTED]> Sent: Sunday, January 07, 2001 11:48 AM Subject: Re: x.25 stock exchange system. > Hi Sam : > > The stock exchange provide not need any ip address in both interface between stock and > my router, then how to config our router ? > > Thanks ! > eric ^_^ > > > > Sam LI wrote: > > > Well > > to enable the x25 on your router, you need > > > > int s 0 > > encap x25 > > > > if the stock exchange provide ip address, then > > int s 0 > > encap x25 > > ip address A.B.C.E 255. > > > > and forward it to ethernet interface > > int e 0 > > ip address X.Y.Z.Z > > > > then you can enable any routing protocol that you want > > like RIP, > > > > router Rip > > network A.B... > > network X.Y > > > > Sam > > - Original Message - > > From: "eric^_^" <[EMAIL PROTECTED]> > > Newsgroups: groupstudy.cisco > > To: <[EMAIL PROTECTED]>; "charlesw" <[EMAIL PROTECTED]> > > Cc: "Fong Kwok Wai Alvin" <[EMAIL PROTECTED]> > > Sent: Friday, January 05, 2001 12:26 AM > > Subject: x.25 stock exchange system. > > > > > Dear All : > > > > > > I need connect to x.25 stock exchange system. > > > But, I don't know how to connect it with following limit information. > > > And then, How to config our cisco 2610 recervie the x.25 packet and > > > forward the > > > packet to (IP)ethernet interface . > > > (remark : no any config in router include pvc./ x.121 address..etc/ from > > > stock operation > > > staff, ?? PnP ?) > > > > > > * > > > communication line speed : 128 K > > > comm pro : X.25 on a leased line > > > re-transmit time-out (t) : 3 sec > > > re-transmit limit (N2) : 10 > > > frame windows size : 7 > > > > > > X.25 interface > > > > > > x.25 type : x.25(1984) > > > interface(L2/L3) : DTE > > > Windows size(default) : 7 > > > packet (default) : 1024 > > > > > > * x.25 will provide a low level polling mechanism. > > > This form of poling will allow any disconnection of > > > information Vendors to be detected by market datafeed system. > > > > > > Many thanks ^_^ > > > > > > > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Security
Does anyone know of any good books for the 4 exams now required for the Security specialisation. I know the Managing Cisco Network Security book by Cisco Press is due out. But what about the PIX and other exams. Also I wonder why they've suddenly increased the exams for this specialistation compared with the others. Thanks Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson and BSCN
Which Boson is recommended for BSCN? Thanks Tim _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Radius support in cisco routers
hello everyone, As far as I can see there is no Radius support in cisco's 16xx and = 26xx series. Is it a software version limitation ? For example do newer = releases support radius ? Or is it a hardware limitation ? If this was = the case which series supports radius ? Thanks for your help. Nezar _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: eigrp, frame relay, and ISDN
Dear whit, What are u running frame-relay on (ie. frame-relay switch "passport"?) anyways yes ur idea is right u can give floating static routes with higher admin distance but why eigrp why not ospf (my fav ). "Cheers" ""whitaker"" <[EMAIL PROTECTED]> wrote in message 939a8i$cnt$[EMAIL PROTECTED]">news:939a8i$cnt$[EMAIL PROTECTED]... > So here's the scenario...Numerous routers in a central site connected to > other remote sites via frame-relay with backup ISDN. Question: What is the > best way to implement EIGRP in this scenario? My thoughts were to run EIGRP > over the frame, set up the dialer interface / bri as a passive interface, > and use floating static routes (static route with higher administrative > distance for ISDN backup) > > Thoughs, comments, suggestions, ridicules? ;-) > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ospf process re-initialising
hi Mateen, Yes ive tried this in a lab too the thing is it doesnt change even if u delete the loopback interface ,after changing the loopback addy try reload. ""A Mateen"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi ~ > > Once I canged the loopback ip add, how do i reset the > ospf session with my neighbours to make this changes in effect. > I tried clear ip ospf process but it is not working. > > Awaiting an early reply > > _ > Chat with your friends as soon as they come online. Get Rediff Bol at > http://bol.rediff.com > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Security
I think the only good resources is the Documentation. Regards, mak Jon Cuthbert wrote: Does anyone know of any good books for the 4 exams now required for the Security specialisation. I know the Managing Cisco Network Security book by Cisco Press is due out. But what about the PIX and other exams. Also I wonder why they've suddenly increased the exams for this specialistation compared with the others. Thanks Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html">http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ATM
I sure would think you'd see it. It was on the old ACRC, all-be-it simple DXI stuff. I sure would imagine you will see something... .02 Phil - Original Message - From: "Dyland Desmarais" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, January 07, 2001 2:20 AM Subject: ATM > Greet all > > Does ATM pop up anytime during the CCNP course > > If not, don't you think it should? > > Dyland > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco CCNP Preparation Library, Second Edition (Opinions??)
What are all the CCNP and CCNP in-the-making's opinion on the Cisco CCNP Preparation Library, Second Edition for studying for their CCNP? How does it compare to other ones? Are there any other books on top of the library that is recommended to read on top of them for further info? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Security
In case you should stumble upon it, avoid the syngress book "Managing Cisco Network Security." I don't know what the Cisco Press book will be like, but it has to be better than this collection of technical mistakes and bad editing. The IPSec and CBAC chapters from "Enhanced IP Services for Cisco Networks" are excellent, so that should give you a start. Other than that there's nothing but docs and practice. And that is why I believe they increased the requirements for the Security Specialization. The MCNS exam is far too elementary to qualify someone as a security specialist. Tommy "Jon Cuthbert" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know of any good books for the 4 exams now required for > the Security specialisation. > > I know the Managing Cisco Network Security book by Cisco Press is due > out. But what about the PIX and other exams. > > Also I wonder why they've suddenly increased the exams for this > specialistation compared with the others. > > Thanks > > Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Topology Services in CiscoWorks2000
Do you have "Jump Router Boundaries" enabled? Also make sure you have the correct SNMP communities strings installed. What does CiscoView show? This will help in troubleshooting if it is an SNMP problem or not. Paul Borghese - Original Message - From: "Cisco_whizz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, January 06, 2001 2:33 PM Subject: Topology Services in CiscoWorks2000 > Hello Everyone, > > I recently installed CiscoWorks2000 on a network comprising of Catalyst 4908 > and 3500XL. However the campus manager is displaying all the Cisco devices in > the unconnected devices view only and in Resource manager essentials as > generic SNMP devices . does anyone have any ideas > Kindly reply to my address.Iis version 3.1 in CW2K and the switch is running > ios ver 12.0 > > Regards > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multicasting
I would like to experiment switching multicast traffic. My plan right now is using PowerPoint or Windows Media Encoder to generate the traffic. Is there an easier / more controlled way to create multicast streams? Pierre-Alex _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RADIUS + Cat 2924XL
Hello cisco, Is cat 2924XL with ATMuplin support radius ? In aaa command set directive "radius" apperas and can be set-up but no radius-server etc directives in command line This is a bad parser code in (12.0.5) release or just 29..XL doesn;t support radius auth... and tacacs+ only ? -- Regards, Adam ObszyƱski ATM Inc. +48-22-5156418 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
slightly OT----- Modem pool
Hello A friend configured three modems for both dial-in and dial-out capabilities. All three were configured successfully but the NT server sees just the first modem and nothing more. Does anyone have an idea what could probably be causing this? Thanks Madarson _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IS-IS routing domain to look at
Chuck, Could you post some configs? This should be interesting. Thanks. andy On Sat, 6 Jan 2001, Chuck Larrieu wrote: > For those who haven't seen one before, I set up a quick and dirty IS-IS > domain in my home lab. As I will be busy studying some other things the rest > of the weekend, folks on the list here are cordially invited to take a peek. > > Telnet to 64.220.150.11 all passwords are cisco > > Feel free to poke around > > Please play nicely. > > > Chuck > -- > I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as > it has been is over ( if you hope to pass ) From this time forward, you will > study US! > ( apologies to the folks at Star Trek TNG ) > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
I'll start with the obvious: SNMP stands for Simple Network Management Protocol, which is a misnomer because it is not simple excepting for the fact that it has four commands I know of: set, get, trap, and the other one I forget. A better name would Tree-Like Database-Structure Underlying Management Protocol (TDUMP); notice the missing network. SNMP depends on a network to manage its devices; however, it can manage more than network-centric devices. It can also manage computers, servers, printers, coke machines, and pretty much anything that has a network connection. Pretty much all those big name network management packages such Openview, Tivoli, CiscoWorks, JoeSnuff's NetSnuffer, and so on all use SNMP. Had you the time, you actually could manipulate and create your own SNMP code to do your network management. And just to ensure this thread doesn't die and to stimulate discussion, I am going to make some erroneous statements next...here goes (identify the mistakes here and get a fabu No-prize!!) (FX: clears throat) "We should use SNMP on our networks because the TCP traffic it generates causes a great deal of overhead. Instead, if we need SNMP informaiton, we telnet to port 179, and run a get-set command that will dump the SNMP information to a text file, where we can search for what we need. SNMP is not useful because it can only run on routers and switches. There is also a security issue as the community strings on Cisco are stored in plaintext, and can not ever be encrypted.SNMP is enabled by default on all Cisco devices with the RW password of Cisco." I challenge all to find the mistakes, explain why they are wrong, and give us the correct info... There, that should spur some discussion on SNMP... enjoy!! Charles ""Kevin Welch"" <[EMAIL PROTECTED]> wrote in message 013101c07881$76ef9160$2a002a0a@sjc102498">news:013101c07881$76ef9160$2a002a0a@sjc102498... > Maybe its because no one has started a thread about SNMP > > -- Kevin > - Original Message - > From: "Pradeep Kumar" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Saturday, January 06, 2001 11:30 PM > Subject: Why dont I see SNMP discussion on this board ?? > > > > Folks, > > > > Did you notice - in our forum which claims to be addressing 10,000 Network > proffessionals , SNMP related discussion does not seem to be too attractive > ! not on the forum at least. > > > > Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > > > > Is this not a trouble area ? Or is it becoz , there is not much of SNMP > topics on any of the CCxx exams ? > > > > Is there any exams to prove the mettle of SNMP geeks ? > > > > -Guru > > > > > > > > > > > > > > > ___ > > Visit http://www.visto.com/info, your free web-based communications > center. > > Visto.com. Life on the Dot. > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Security
In terms of the access list parts, I still believe that the Gild Held / Keith Huntley book Cisco Access List Field Guide is an excellent source. Hhmmm. can't find it on Amazon. Out of print? Bad news! Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tommy Mitchell Sent: Sunday, January 07, 2001 4:46 AM To: [EMAIL PROTECTED] Subject:Re: CCNP Security In case you should stumble upon it, avoid the syngress book "Managing Cisco Network Security." I don't know what the Cisco Press book will be like, but it has to be better than this collection of technical mistakes and bad editing. The IPSec and CBAC chapters from "Enhanced IP Services for Cisco Networks" are excellent, so that should give you a start. Other than that there's nothing but docs and practice. And that is why I believe they increased the requirements for the Security Specialization. The MCNS exam is far too elementary to qualify someone as a security specialist. Tommy "Jon Cuthbert" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know of any good books for the 4 exams now required for > the Security specialisation. > > I know the Managing Cisco Network Security book by Cisco Press is due > out. But what about the PIX and other exams. > > Also I wonder why they've suddenly increased the exams for this > specialistation compared with the others. > > Thanks > > Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frustrating QoS issue
I'm trying to configure CBWFQ on a 7513 with no VIP cards, just older serial and fast ethernet cards. I have this exact configuration currently running one a 2620 with no problem. Here is the relevant config: class-map video match access-group name videolist ! ! policy-map videoconf class video priority 264 class class-default fair-queue random-detect ! ip access-list extended videolist permit udp any any range 3230 3235 permit udp host 10.1.105.98 any ! interface serial1/1 service-policy output videoconf When I attempt to add that last line--applying the policy to the interface--I get the following error: service-policy is supported only on VIP interfaces with DCEF enabled I can't find anything on CCO that says I have to have a VIP and DCEF running before I can run CBWFQ on an RSP. Do any of you have any experience with this? We have been fighting with IOS upgrades for weeks just so we could get CBWFQ. If I can't make this work, my boss will be seriously ticked to say the least. Any ideas? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ospf process re-initialising
To reallocate a router id, you can 'write mem', go to config mode and do 'no router ospf xx'. Then 'copy start run'. Your OSPF process is back, with the correct RID. It avoids the time cost of a reload. Hope this helps! A Mateen wrote: > > Hi ~ > > Once I canged the loopback ip add, how do i reset the > ospf session with my neighbours to make this changes in effect. > I tried clear ip ospf process but it is not working. > > Awaiting an early reply _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISIS routing domain example
I am assuming that the trashing of my router was intentional. Someone having done it by accident would have notified me by e-mail and let me know what happened. For everyone else, sorry, but the router is down. Chuck -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Saturday, January 06, 2001 7:38 PM To: CCIE_Lab Groupstudy List Subject:ISIS routing domain example For those who haven't seen one before, I set up a quick and dirty IS-IS domain in my home lab. As I will be busy studying some other things the rest of the weekend, folks on the list here are cordially invited to take a peek. Telnet to 64.220.150.11 all passwords are cisco Feel free to poke around Please play nicely. Chuck -- I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as it has been is over ( if you hope to pass ) From this time forward, you will study US! ( apologies to the folks at Star Trek TNG ) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP
There is a free tool for snmpget, walk, and set formerly called UCD-SNMP. It is now called Net-SNMP available here: http://net-snmp.sourceforge.net/ Pierre-Alex wrote: > > I am looking for a free utility that will allow me to experiment querying > the MIB database of a switch. Is there such a thing? > > Pierre-Alex _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF/ DR & BDR election
Check the OSPF election rules. Once a DR and BDR are selected, if a router with a higher priority or IP address is added to the network it will not become the DR. If the DR is goes offline the BDR becomes the DR and a new election for a BDR occurs. Once the DR comes back online, it does not become the DR or BDR even if it has the highest IP address. As Chuck mentioned this keeps the routers from continually changing who is the DR and BDR. -dlb ""Fowler, Joey"" <[EMAIL PROTECTED]> wrote in message E37739B46CE9D311A76700508B6CAF293CAA8B@CORN">news:E37739B46CE9D311A76700508B6CAF293CAA8B@CORN... > I setup OSPF on between two routers, and Router A was elected as the DR > becuase it had the highest IP address. Router B was elected BDR. I ran debug > ip ospf adj on Router B and unplugged the Ethernet connection between the > two. After 40 seconds Router B showed that it promoted itself to DR. Then I > plugged the connection back in, and Router A was now selected as the BDR. > This didn't make sense to me. I know that each time a router is added, that > a new DRand BDR election does NOT take place, however shouldn't Router A > still considered itself as the DR so when the connection was re-established > it would either 1. remain as the DR or more likely 2. rerun the election > since both routers think that they are the DR. I might could understand if > there were multiple routers on the Ethernet connection. Any elightenment > would be greatly appreciated. Meanwhile I'll go look at RFC 2328. > > Joey > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Security
Tommy, Absolutely the best book on IPSec is by Doraswamy/Harkins: http://www.booksamillion.com/ncom/books?isbn=0130118982&AID=42121&PID=216178 Very helpful in preparing for the Security track. Have added the Books A Million link because a search of addall.com shows they have the lowest price on it. The Cisco ACL Field Guide is another winner. Bookpool.com has it as does Barnes & Noble. http://www.bookpool.com/.x/k9wrskqsu1/ss/1?qs=0072123354 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chuck Larrieu Sent: Sunday, January 07, 2001 9:40 AM To: Tommy Mitchell; [EMAIL PROTECTED] Subject: RE: CCNP Security In terms of the access list parts, I still believe that the Gild Held / Keith Huntley book Cisco Access List Field Guide is an excellent source. Hhmmm. can't find it on Amazon. Out of print? Bad news! Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tommy Mitchell Sent: Sunday, January 07, 2001 4:46 AM To: [EMAIL PROTECTED] Subject:Re: CCNP Security In case you should stumble upon it, avoid the syngress book "Managing Cisco Network Security." I don't know what the Cisco Press book will be like, but it has to be better than this collection of technical mistakes and bad editing. The IPSec and CBAC chapters from "Enhanced IP Services for Cisco Networks" are excellent, so that should give you a start. Other than that there's nothing but docs and practice. And that is why I believe they increased the requirements for the Security Specialization. The MCNS exam is far too elementary to qualify someone as a security specialist. Tommy "Jon Cuthbert" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know of any good books for the 4 exams now required for > the Security specialisation. > > I know the Managing Cisco Network Security book by Cisco Press is due > out. But what about the PIX and other exams. > > Also I wonder why they've suddenly increased the exams for this > specialistation compared with the others. > > Thanks > > Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
>Folks, > >Did you notice - in our forum which claims to be addressing 10,000 >Network proffessionals , SNMP related discussion does not seem to be >too attractive ! not on the forum at least. > >Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > >Is this not a trouble area ? Or is it becoz , there is not much of >SNMP topics on any of the CCxx exams ? Pretty much the latter. SNMP, or more properly the MIB, is much more tightly coupled to Bay RS than it is to Cisco IOS. Were this a Bay list, there presumably would be more focus on it. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
Charles, See inline for my answers; hope they are enough to keep the discussion going, without killing the discussion all at once! Cheers! Cthulu wrote: > > I'll start with the obvious: > > SNMP stands for Simple Network Management Protocol, which is a misnomer actually stands for 'simply not my problem' !!! > because it is not simple excepting for the fact that it has four commands I > know of: set, get, trap, and the other one I forget. A better name would ^^ getnext - makes snmpwalk possible > Tree-Like Database-Structure Underlying Management Protocol (TDUMP); notice > the missing network. SNMP depends on a network to manage its devices; > however, it can manage more than network-centric devices. It can also > manage computers, servers, printers, coke machines, and pretty much anything > that has a network connection. > > Pretty much all those big name network management packages such Openview, > Tivoli, CiscoWorks, JoeSnuff's NetSnuffer, and so on all use SNMP. Had you > the time, you actually could manipulate and create your own SNMP code to do > your network management. > > And just to ensure this thread doesn't die and to stimulate discussion, I am > going to make some erroneous statements next...here goes (identify the > mistakes here and get a fabu No-prize!!) > > (FX: clears throat) > > "We should use SNMP on our networks because the TCP traffic it generates UDP, of course. To get one packet reliably delivered with TCP takes seven packets on the network. UDP, while not guranteeing delivery, is WAY faster since it is a single packet without acknowledgement. > causes a great deal of overhead. Instead, if we need SNMP informaiton, we > telnet to port 179, and run a get-set command that will dump the SNMP Heh. I like this one! 179 is, of course, BGP. You would use port 161, but not telnet. And you'd want to use getnext to get the objects in Lexicographical order. > information to a text file, where we can search for what we need. SNMP is > not useful because it can only run on routers and switches. There is also > a security issue as the community strings on Cisco are stored in plaintext, > and can not ever be encrypted.SNMP is enabled by default on all Cisco > devices with the RW password of Cisco." As pointed out before, SNMP can be run on any device attached to the network. But it has to be implemented by the developers of those devices. Community strings for v1 and v2c PDUs are communicated in clear text; v3 allows for encryption of community strings. IOS supports SNMPv3 since, uh, 12-something. Passwords on Cisco routers are encrypted with the 'service password' command, I believe. SNMP is not enabled by default on Cisco devices. A basic config would include the following: snmp-server community public RO Where 'public' is replaced with your read-only community string. > > I challenge all to find the mistakes, explain why they are wrong, and give > us the correct info... > > There, that should spur some discussion on SNMP... enjoy!! > > Charles > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISIS routing domain example
Chuck, That's too bad. I hope it was not someone from this list that did it. Did somebody just hose the config with a wrong command, or was it worse? Can you recover by copying start to run, or tftp an older config to it? I hope this does not kill the spirit of sharing here. It's a really nice thing to be able to see your router, cause most of us never see ISIS until it's too late. Reminds me of one of Murphy's laws... "No good deed goes unpunished". Chuck Larrieu wrote: > > I am assuming that the trashing of my router was intentional. Someone having > done it by accident would have notified me by e-mail and let me know what > happened. > > For everyone else, sorry, but the router is down. > > Chuck > > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Saturday, January 06, 2001 7:38 PM > To: CCIE_Lab Groupstudy List > Subject:ISIS routing domain example > > For those who haven't seen one before, I set up a quick and dirty IS-IS > domain in my home lab. As I will be busy studying some other things the rest > of the weekend, folks on the list here are cordially invited to take a peek. > > Telnet to 64.220.150.11 all passwords are cisco > > Feel free to poke around > > Please play nicely. > > Chuck _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What is the latest 2924 XL OS ?
Make sure that the complete URL is entered. Here it is again: http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xw/index.ht m - Original Message - From: "Pradeep Kumar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, January 06, 2001 11:33 PM Subject: Re: What is the latest 2924 XL OS ? Mr Jones, That URL still does not lead to the " latest OS od 2924". It leads to " Document not found". Thanks for the english typed. -Guru ___ Visit http://www.visto.com/info, your free web-based communications center. Visto.com. Life on the Dot. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall License R or UR ?
No. Your wrong. "ItsMe" <[EMAIL PROTECTED]> wrote in message 938k8p$c9o$[EMAIL PROTECTED]">news:938k8p$c9o$[EMAIL PROTECTED]... > Only the PIX 515 has R and UR. > > ""A.C"" <[EMAIL PROTECTED]> wrote in message > 9384i4$f0a$[EMAIL PROTECTED]">news:9384i4$f0a$[EMAIL PROTECTED]... > > Hi, Does anyone know a command on Pix Firewall 520 that shows what kind > of > > license it has (R -UR license)? > > > > Thank you > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall License R or UR ?
525 and 535 carry the R and UR licensing scheme as well. ItsMe wrote: > Only the PIX 515 has R and UR. > > ""A.C"" <[EMAIL PROTECTED]> wrote in message > 9384i4$f0a$[EMAIL PROTECTED]">news:9384i4$f0a$[EMAIL PROTECTED]... > > Hi, Does anyone know a command on Pix Firewall 520 that shows what kind > of > > license it has (R -UR license)? > > > > Thank you > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What is the latest 2924 XL OS ?
this is a fine example of word wrap. make sure you enter the rest of the url that wrapped to the next line. Pradeep Kumar wrote: > Mr Jones, > > That URL still does not lead to the " latest OS od 2924". > It leads to > > " Document not found". > > Thanks for the english typed. > > -Guru > > ___ > Visit http://www.visto.com/info, your free web-based communications center. > Visto.com. Life on the Dot. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Router Sim Lab question
Hi: Below is router A#. I have checked all my connections and they are fine. Her is my questions. How come I can Ping a Host fomr Router A, but I cannot Telnet to the Host, it give me the error msg: "[Connection to 172.16.40.2 closed by foreign host]" See Below, TIA, Jess: A#ping 172.16.40.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.40.2, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms A#telnet 172.16.40.2 Trying 172.16.40.2 ... Open Password required, but none set [Connection to 172.16.40.2 closed by foreign host] A# _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router Sim Lab question
The second router must have a password set on the telnet lines. Lika so.. enable configure terminal line vty 0 4 login password letmein exit Fletch <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi: > > Below is router A#. I have checked all my connections and they are fine. > Her is my questions. How come I can Ping a Host fomr Router A, but I cannot > Telnet to the Host, it give me the error msg: "[Connection to 172.16.40.2 > closed by foreign host]" > > See Below, TIA, Jess: > > > A#ping 172.16.40.2 > > Type escape sequence to abort. > Sending 5, 100-byte ICMP Echos to 172.16.40.2, timeout is 2 seconds: > ! > Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms > A#telnet 172.16.40.2 > Trying 172.16.40.2 ... Open > > > Password required, but none set > > [Connection to 172.16.40.2 closed by foreign host] > A# > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay Security
I understand most of the benefits of frame relay, but I am wondering if = there are any security problems assoicated with this protocol? Is it = secure enough for unencrypted transfer of financial or sensitive = information? Any help understanding the security risks associated with = frame relay appreciated. -- Kevin _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay Security
Here is a document that may help answer your question. http://www.cisco.com/warp/public/cc/so/neso/wnso/power/chzsp_wp.htm "Kevin Welch" <[EMAIL PROTECTED]> wrote in message 015f01c078cc$c64bece0$2a002a0a@sjc102498">news:015f01c078cc$c64bece0$2a002a0a@sjc102498... > I understand most of the benefits of frame relay, but I am wondering if = > there are any security problems assoicated with this protocol? Is it = > secure enough for unencrypted transfer of financial or sensitive = > information? Any help understanding the security risks associated with = > frame relay appreciated. > > -- Kevin > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISIS routing domain example
I have a copy of Chuck's config if anyone wanted to see it. At 10:54 AM 1/7/01 -0500, ccarring wrote: >Chuck, > >That's too bad. I hope it was not someone from this list that did it. >Did somebody just hose the config with a wrong command, or was it worse? >Can you recover by copying start to run, or tftp an older config to it? > >I hope this does not kill the spirit of sharing here. It's a really nice >thing to be able to see your router, cause most of us never see ISIS >until it's too late. > >Reminds me of one of Murphy's laws... "No good deed goes unpunished". > > > >Chuck Larrieu wrote: > > > > I am assuming that the trashing of my router was intentional. Someone > having > > done it by accident would have notified me by e-mail and let me know what > > happened. > > > > For everyone else, sorry, but the router is down. > > > > Chuck > > > > -Original Message- > > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, January 06, 2001 7:38 PM > > To: CCIE_Lab Groupstudy List > > Subject:ISIS routing domain example > > > > For those who haven't seen one before, I set up a quick and dirty IS-IS > > domain in my home lab. As I will be busy studying some other things the > rest > > of the weekend, folks on the list here are cordially invited to take a > peek. > > > > Telnet to 64.220.150.11 all passwords are cisco > > > > Feel free to poke around > > > > Please play nicely. > > > > Chuck > >___ >To unsubscribe from the CCIELAB list, send a message to >[EMAIL PROTECTED] with the body containing: >unsubscribe ccielab _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay Security
Most Frame relay connections go through some telco/frame provider and some bigger organizations have their own frame infrastructure. I'm not aware of any security measures at the frame layer. As for securing the information, you can encrypt at layer 3. Most financial software these days has encryption in the software of some sort. This is the best spot to do it. Lets say the router just encrypts then between the PC and the router the data will be unsecure (unless application encrypts) and someone can pick it up with a sniffer. Another example is SSL and HTTPS which are done at the application level. As with anything, if it's sensative - protect it at the source. --- Kevin Welch <[EMAIL PROTECTED]> wrote: > I understand most of the benefits of frame relay, > but I am wondering if = > there are any security problems assoicated with this > protocol? Is it = > secure enough for unencrypted transfer of financial > or sensitive = > information? Any help understanding the security > risks associated with = > frame relay appreciated. > > -- Kevin __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay Security
>I understand most of the benefits of frame relay, but I am wondering if = >there are any security problems assoicated with this protocol? Is it = >secure enough for unencrypted transfer of financial or sensitive = >information? Any help understanding the security risks associated with = >frame relay appreciated. > >-- Kevin Is a dedicated line secure enough for unencrypted transfer of financial or sensitive information? Answer: It depends. People often assume that frame is somehow shared when "dedicated lines" are not. From Chapter 5 of my _WAN Survival Guide_, >All too many users have an intuitive belief that if they were to >pull on the London end of a London to New York circuit, wires would >wiggle in Manhattan. The reality, of course, is that any network of >complexity beyond a very simple LAN involves one or more layers of >virtualization onto real media. At the OSI lower layers, >virtualization usually involves multiplexing, but various name and >address mapping functions provide virtual structure as one moves up >the protocol stack. Typically, frame PVCs and T1's run over exactly the same media from the customer site to the telco end office. Once at the end office, they are multiplexed. T1 is far too slow for economical data transmission between modern telco offices. Both the T1 and the frame circuits typically will be multiplexed onto facilities at least at DS-3, and usually OC-12 to OC-192. So much beyond the local loop, there really isn't much difference between frame and dedicated. Interpretations in the US HIPAA legislation for medical data tend to allow unencrypted traffic to flow over dedicated and frame, but not the public Internet. The Federal Reserve, however, tends to want end-to-end encryption regardless of the media, historically single DES. Military traffic would be bulk encrypted and possibly end-to-end encrypted as well. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay Security
Kevin: No matter the solution, if it's not encrypted it's not secure. In your situation you might also consider certificate-based router authentication. Kathy "Katyusha" M. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Welch Sent: Sunday, January 07, 2001 12:11 PM To: [EMAIL PROTECTED] Subject: Frame Relay Security I understand most of the benefits of frame relay, but I am wondering if = there are any security problems assoicated with this protocol? Is it = secure enough for unencrypted transfer of financial or sensitive = information? Any help understanding the security risks associated with = frame relay appreciated. -- Kevin _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to check IDB?
I think it is also dependant on the router as well as the IOS version. = IIRC a 7200 running 12.0 will support 3000 IDB Probably the best way to find out is to ask a Cisco SE. They have = access to web pages and information that isn't posted on the public = site. That is how we found the limit for the 7200's. "Katson PN Yeung" <[EMAIL PROTECTED]> wrote in message = 936kfm$hiq$[EMAIL PROTECTED]">news:936kfm$hiq$[EMAIL PROTECTED]... > Thanks Chris. >=20 > Your information is very useful. >=20 > Another question is, how can I know the IDB number for each IOS = version? Any > place I can find such info? >=20 > Many thanks to you. >=20 >=20 >=20 > "Chris McCoy" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > There's an undocumented command for showing the IDBs: > > > > [---Snip from Phrack 56---] > > > > @sh idb > > > > This command shows the hardware and software interface > > databases. > > this is cisco's way of keeping track of how many > > interfaces are present > > on the system.. includes hardware and software > > interfaces (physical, > > subinterfaces etc). there is a software limit of 1024 > > i believe in > > ios 11 and 2048 in ios 12. this is a global limit for > > the router. > > > > output: > > > > ctalkb#sh idb > > > > 19 SW IDBs allocated (2296 bytes each) > > > > 9 HW IDBs allocated (4008 bytes each) > > HWIDB#1 1 FastEthernet0/0 (Ether) > > HWIDB#2 2 Serial2/0:0 (Serial) > > HWIDB#3 3 Ethernet3/0 (Ether) > > HWIDB#4 4 Ethernet3/1 (Ether) > > HWIDB#5 5 Ethernet3/2 (Ether) > > HWIDB#6 6 Ethernet3/3 (Ether) > > HWIDB#7 7 Serial4/0 (Serial) > > HWIDB#8 8 Serial5/0 (Serial) > > HWIDB#9 9 Loopback0 > > > > Have fun... > > > > Chris M. > > > > --- Katson PN Yeung <[EMAIL PROTECTED]> wrote: > > > Dear all, > > > > > > When reading Caslow's book, there is a term called > > > IDB (Interface Descriptor > > > Block). It specifies the max number of interface the > > > router can have. > > > > > > Anyone knows which IOS command can check the IDB > > > number of a router? > > > > > > Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help for VOIP!
Hi, members, I have one question about VOIP. Actually, I have two 3600s with three exact modules- Voice card(NM-1V), ATM (1A-OC3MM), and FastEthernet, but no serial ports. The NM-1V has two FXS. Based on these, how do I set up for VOIP lab? I have several 2503, 2513, and 2514. Because I don't have serial ports on 3600s, do I need to use FastEthernet ports or use ATM interface? Please let me have cabling info too. Thanks for your help. = Gene Park [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: fore
Donald, You can use this link to get to the Marconi web site. Create a public account for yourself and you should have access to all of the product manuals. http://tactics.marconi.com/ Donald B Johnson Jr wrote: > Has anyone configured a forerunner ASX-200BX if so could you point me in = > the direction of some documentation. > Thanks=20 > Duck > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
help for VOIP!
Hi, members, I have one question about VOIP. Actually, I have two 3600s with three exact modules- Voice card(NM-1V), ATM (1A-OC3MM), and FastEthernet, but no serial ports. The NM-1V has two FXS. Based on these, how do I set up for VOIP lab? I have several 2503, 2513, and 2514. Because I don't have serial ports on 3600s, do I need to use FastEthernet ports or use ATM interface? Please let me have cabling info too. Thanks for your help. = Gene Park [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP
Hi, GetIF I tend to use for small things in a rush as a trouble discovery tool. I find it excellent. It allows you to get into devices you have little details on. gxsnmp is another "free" management tool. This is far more complicated but allows you to do stuff more in the lines of HP Openview or Cabletrons Spectrum. MG-Soft also have some excellent products that make it easier to generate the sort of MIB trees you might want to design for particular applications. As more discussion on SNMP seems to be requested here are some little findings I have made over the years. Of all the SNMP managers I found Spectrum whilst the most cost expensive in the intitial stages I found it was easier to use and provided better models than any of the other products I tried. I found the secret to any management was understand what it is you want to manage, what you were going to do with the data, how you were going to lay out the model and to whom the reports would be sent. Without these things you could waste hours producing useless pictures, graphs and stats. You would feel good and nobody else could care less. Just some thoughts Teunis Hobart, Tasmania Australia On Saturday, January 06, 2001 at 07:44:19 PM, David C Prall wrote: > Use Getif on a Windows Environment to browse the MIB's. > http://www.geocities.com/SiliconValley/Hills/8260/ > > It's free and works wonderfully for walking the tree. > > David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > - Original Message - > From: "Pierre-Alex" <[EMAIL PROTECTED]> > To: "Cisco" <[EMAIL PROTECTED]> > Sent: Saturday, January 06, 2001 5:38 PM > Subject: SNMP > > > > I am looking for a free utility that will allow me to experiment querying > > the MIB database of a switch. Is there such a thing? > > > > Pierre-Alex > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay Security
Hi, Once the data gets from your physical link into the Telco end it is usually re-multiplexed into other physical links to go onto the next site. This may go on for a number of times depending on where the logical link goes. For example, a trace route may indicate 6 hops to a site to get to the site may require going through 20 physical links. You message get remixed (multiplexed) on each physical link. That has been my understanding. Teunis Hobart, Tasmania Australia On Sunday, January 07, 2001 at 01:37:09 PM, Howard C. Berkowitz wrote: > >I understand most of the benefits of frame relay, but I am wondering if = > >there are any security problems assoicated with this protocol? Is it = > >secure enough for unencrypted transfer of financial or sensitive = > >information? Any help understanding the security risks associated with = > >frame relay appreciated. > > > >-- Kevin > > Is a dedicated line secure enough for unencrypted transfer of > financial or sensitive information? > > Answer: It depends. > > People often assume that frame is somehow shared when "dedicated > lines" are not. From Chapter 5 of my _WAN Survival Guide_, > > >All too many users have an intuitive belief that if they were to > >pull on the London end of a London to New York circuit, wires would > >wiggle in Manhattan. The reality, of course, is that any network of > >complexity beyond a very simple LAN involves one or more layers of > >virtualization onto real media. At the OSI lower layers, > >virtualization usually involves multiplexing, but various name and > >address mapping functions provide virtual structure as one moves up > >the protocol stack. > > Typically, frame PVCs and T1's run over exactly the same media from > the customer site to the telco end office. Once at the end office, > they are multiplexed. T1 is far too slow for economical data > transmission between modern telco offices. Both the T1 and the frame > circuits typically will be multiplexed onto facilities at least at > DS-3, and usually OC-12 to OC-192. So much beyond the local loop, > there really isn't much difference between frame and dedicated. > > Interpretations in the US HIPAA legislation for medical data tend to > allow unencrypted traffic to flow over dedicated and frame, but not > the public Internet. The Federal Reserve, however, tends to want > end-to-end encryption regardless of the media, historically single > DES. Military traffic would be bulk encrypted and possibly > end-to-end encrypted as well. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Weekend funnies
LOL, I usually don't advocate non-technical discussions on this board(I think I need to lighten up), but this is TOO funny! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Natasha Sent: Saturday, January 06, 2001 11:49 PM To: CCIE Group study list Subject: Weekend funnies Some years ago, the Sultan of Brunei was becoming angry as he had 6 children, all girls, and therefore had no son and heir. Imagine his joy when one of his wives finally presented him with his only son and heir. Just before his son's sixth birthday, the Sultan took him to one side and said, "Son, I am very proud of you. Anything you want, I shall get for you." His son replied, "Daddy, I would like to have my own airplane." Not wanting to do anything halfway, his father bought him American Airlines. Just before his son's seventh birthday, the Sultan took him to one side. "Son, you are my pride and joy. Anything you want, I shall get for you." His son replied, "Daddy, I would like a boat. " Not wanting to do anything halfway, his father bought him The Princess Cruise Lines. Just before his son's eighth birthday, the Sultan took him to one side. "Son, you bring so much happiness into my life. Anything you want, I shall get for you." His son replied, "Daddy, I would like to be able to watch cartoons." Not wanting to do anything halfway, his father bought him Disney Studios and their theaters, where he watched all his favorite cartoons. Just before his son's ninth birthday, the Sultan took him to one side, "Son, you are an inspiration to us all. Anything you want, I shall get it for you." His son, who had really gotten into the Disney cartoons, replied, "Daddy, I would like a Mickey Mouse outfit." Not wanting to do anything halfway, his father went and bought him Microsoft. -- Natasha Flazynski http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development A bus station is where a bus stops. A train station is where a train stops. On my desk, I have a work station... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Security
Thats out of print? Too bad, Kent Hundley and Gil Held are favorites of mine as well. Their IOS IP Field Guide is also a handy little book to have around. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chuck Larrieu Sent: Sunday, January 07, 2001 8:40 AM To: Tommy Mitchell; [EMAIL PROTECTED] Subject: RE: CCNP Security In terms of the access list parts, I still believe that the Gild Held / Keith Huntley book Cisco Access List Field Guide is an excellent source. Hhmmm. can't find it on Amazon. Out of print? Bad news! Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tommy Mitchell Sent: Sunday, January 07, 2001 4:46 AM To: [EMAIL PROTECTED] Subject:Re: CCNP Security In case you should stumble upon it, avoid the syngress book "Managing Cisco Network Security." I don't know what the Cisco Press book will be like, but it has to be better than this collection of technical mistakes and bad editing. The IPSec and CBAC chapters from "Enhanced IP Services for Cisco Networks" are excellent, so that should give you a start. Other than that there's nothing but docs and practice. And that is why I believe they increased the requirements for the Security Specialization. The MCNS exam is far too elementary to qualify someone as a security specialist. Tommy "Jon Cuthbert" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know of any good books for the 4 exams now required for > the Security specialisation. > > I know the Managing Cisco Network Security book by Cisco Press is due > out. But what about the PIX and other exams. > > Also I wonder why they've suddenly increased the exams for this > specialistation compared with the others. > > Thanks > > Jon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN (i still "really" dont KNow)
Hi, A coup[le of days ago I put out a thing on valid hostnames. I indicated on this there can be issues with invalid names. I think you will find the Cisco doco says AlphjaNumeric and the first character should be Alpha. In the past I have run into this problem it turned out to be the "-" in the hostname. The Chap authentication happens at login but the recheck on hostname on the "B" channel data fails. User is logged in fine but no comms will take place. Teunis Hobart, Tasmania Australia On Friday, January 05, 2001 at 12:30:27 PM, Craig Columbus wrote: > > >Ran into a case of this recently. Everything authenticated OK, but no IP > >traffic would pass over some of the BRI interfaces. Resolution was to add > >the word broadcast to the dialer map statements. I've never had to do > >this before, so I assume that it's a bug in the version of IOS that the > >clients were usingsorry, it escapes me what the IOS was...may have > >been 12.0(8). We ended up changing to 12.0.(7)T since it seems to be solid. > > > Craig > > > > Dear all, > > > > > > i am setting up an end-to-end isnd connection between two routers using > >CHAP > > > athuentication.i seem to make a connection but cant ping even the local > >side > > > the show ip route shows it as directly connected interface,when i do show > > > int bri 0 i see (spoofing)what actually does it mean and how to get rid > >of > > > it ??i have checked the configurations and searched on net a lot > > > configuration seems alright.if possible can someone send me a practical > > > working config (offcourse ips and passwords omitted).?? > > > > > > i realy would appreciate it.following is a general skecth just for > >refernce. > > > > > > > > > following is the configuration > > > > > > Router 1: > > > > > > hostname 3600-1 > > > username 2600-1 password google > > > > > > int bri 0 > > > ip address 10.10.10.1 255.255.255.0 > > > encapsulation ppp > > > dialer map ip 10.10.10.2 name 2600-1 > > > ppp authentication chap > > > - > > > > > > Router 2: > > > > > > hostname 2600-1 password google > > > > > > int bri 0 > > > ip address 10.10.10.2 255.255.255.0 > > > encapsulation ppp > > > dialer map ip 10.10.10.1 name 3600-1 1267126 > > > ppp authentication chap > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A question regarding private addressing
At 10:37 PM 1/6/01, John Nemeth wrote: >On May 29, 5:24am, Craig Columbus wrote: >} >} OK. I can accept that Microsoft (or Apple for that matter) would do >} something like this and then expect the world to revolve around > > Actually, as Howard mentioned, neither of these companies >initiated the protocol It can be argued that Apple initiated the particular protocol that we have been discussing, that is, the Microsoft Automatic Private IP Addressing method. The client sends a gratuitous ARP 10 times broadcasting the network-layer address that it wants to use. If the address is in use, the client selects another address. The creators of AppleTalk, including Gursharan Sidhu, Ron Hochsprung, and Alan Oppenheimer own a patent that reads essentially just like that. The patent is from 1984. At that time IP networks were managed by computer scientists. Apple had the brilliant idea that ordinary people could set up and manage networks. I think we should give credit where credit is due. As Chuck mentioned, in the 1990s Microsoft also tried to make file and print sharing easy, but the majority of the credit should go to Apple. Apple could have imposed the dynamic network-layer addressing patent on the industry but perhaps it was too specific. (It has a bunch of LocalTalk specifics in it.) Also, they probably let it go because they recognize the value of furthering the ease of use of IP networks. People who will be connecting their home appliances together don't want to understand IP addressing, subnet masks, etc.! And how about ad hoc networks in training classes, on long plane rides, in hotel lobbies, on the beach, etc. &;-) John makes some other very good points below. I don't want to detract from them, but I just had to make the point again about AppleTalk. It's unfair to not do so. Priscilla >} them. However, I'm confused as to the benefit. Why would anyone want a >} non-assigned default IP address to appear on their network? Do they really >} think that people will implement a non-RFC1918 compliant address space just >} to save configuration time? (Actually, I can think of several cases where > > It does save configuration time, since this is for cases where no >configuration at all happens, most likely due to the lack of a real >administrator. > >} How do Internet backbone routers (BGP ASs) deal with this traffic? > > They don't. There is a reason why this address range is called >"link local". It's only useful within a single network segment that >isn't connected to any other networks. > >} Let's say that I want to take the easy way out and I connect a small >} network to the Internet via an ISP. I'm not running NAT, but I'm running >} the 169.254 addresses inside my network. If I've got a static route to an > > Then, you're SOL. To connect to the Internet, some kind of >configuration must happen (even, if it is just a box running NAT on the >outside interface and a DHCP server on the inside interface). > >} ISP public address, and we're not exchanging routing information, I can't >} see how this traffic would ever get back to my network. If I'm exchanging > > It wouldn't. > >} routes with an ISP (via BGP or some other interior protocol), where and how >} do the 169.254 routes get filtered? There has to be some mechanism, or > > It should be filtered at the network ingress point. > >} there would be thousands of summary routes back to 169.254 showing up on >} the Internet table. > > 169.254 should never ever show up on the Internet, although I >wouldn't be surprised if it did. I've seen some pretty large ISP's put >RFC-1918 addresses on the global Internet, which is also a no-no. > >} Any help in understanding this is appreciated. > > The purpose of this is to setup small impromptu isolated networks >which often don't have an administrator with no configuration at all >required. Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Security
On May 30, 1:15am, "Chuck Larrieu" wrote: } } In terms of the access list parts, I still believe that the Gild Held / } Keith Huntley book Cisco Access List Field Guide is an excellent source. } Hhmmm. can't find it on Amazon. Out of print? Bad news! Really?!? I found it pretty much instantly and I was using Lynx, a text only browser. Anyways, here's the URL (watch the wrap): http://www.amazon.com/exec/obidos/ASIN/0072123354/sr=1-1/ref=sc_b_1/103-3059403-1667860 }-- End of excerpt from "Chuck Larrieu" _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATQ0H0
I've been working with an older Catalyst 1900 switch (firmware ver 5.37) We can't get any management console output. We are able to bring up the diagnostic console by holding in the mode button on the front of the switch while turning on the power. After upgrading the firmware via xmodem, the switch will POST and then leave us with a blsnk screen except for modem strings ATQ0H0. Anyone ever experienced the same issue? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
eigrp, frame relay, and ISDN
So here's the scenario...Numerous routers in a central site connected to other remote sites via frame-relay with backup ISDN. Question: What is the best way to implement EIGRP in this scenario? My thoughts were to run EIGRP over the frame, set up the dialer interface / bri as a passive interface, and use floating static routes (static route with higher administrative distance for ISDN backup) Thoughs, comments, suggestions, ridicules? ;-) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tacacs-server last-resort command and Cat2900XL (IOS12.0(5.2)XU)
Hi, This is the relevant stuff we have in a working TACACS Config. All this works a treat. Bits of the config are missing for obvious reasons. ! CONFIG STUFF ! ! SERVICE STUFF ! aaa new-model aaa authentication login default tacacs+ enable aaa authentication enable default none aaa accounting exec start-stop tacacs+ aaa accounting commands 1 start-stop tacacs+ aaa accounting commands 15 start-stop tacacs+ aaa accounting network start-stop tacacs+ aaa accounting connection start-stop tacacs+ aaa accounting system start-stop tacacs+ ! ! PASSWORD STUFF ! ! "INTERFACE STUFF" ! . ! ip default-gateway xxx.xxx.xxx.xxx ! ! "SNMP Stuff" ! tacacs-server host xxx.xxx.xxx.xxx tacacs-server host xxx.xxx.xxx.xxx tacacs-server key theKeytosuccess ! ! NTP STUFF... ! !line con 0 password 7 andfunnynumber (inHex) stopbits 1 line vty 0 4 password 7 evenphunniernumber line vty 5 15 password 7 thisnumberhexesall Hope this helps. Teunis Hobart, Tasmania Australia On Friday, January 05, 2001 at 11:19:11 AM, Piatnitchi Cristian wrote: > Hi all > > I am playing in the lab with a Cat2900XL (IOS12.05.2) XU) 24 ports. > I am a little confused with IOSs and command lists from Cisco site. Cisco > web site says that > Catalyst 2900 and 3500 XL have the same IOS. So I read this page to see the > complete list of command. > It is strange that the page show me the command > > tacacs-server last-resort > > here : > http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/cmdref/m > acrcli.htm#xtocid24729124 > > > but the Cat2900 seems to do not know about the command. Any explanation for > that ? > Thanks in advance. > > Cristian > > Ps. I would like to know the way to find the complete set of commands for a > specific device on Cisco site. > Could anybody help me ? > Thanks again > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
Good show Kevin and Charles.Did you notice some one having said " SNMP would be more focusssed by the Bay Network folks. Kevin- Good start ! If you read the SNMP related RFC , note the statement - SNMP RFC's are still a controversial subject. There has been no standardisation yet. -Guru -Original Message- From:Cthulu [EMAIL PROTECTED] Sent:Sun, 7 Jan 2001 08:33:58 -0600 To: [EMAIL PROTECTED] Subject: Re: Why dont I see SNMP discussion on this board ?? I'll start with the obvious: SNMP stands for Simple Network Management Protocol, which is a misnomer because it is not simple excepting for the fact that it has four commands I know of: set, get, trap, and the other one I forget. A better name would Tree-Like Database-Structure Underlying Management Protocol (TDUMP); notice the missing network. SNMP depends on a network to manage its devices; however, it can manage more than network-centric devices. It can also manage computers, servers, printers, coke machines, and pretty much anything that has a network connection. Pretty much all those big name network management packages such Openview, Tivoli, CiscoWorks, JoeSnuff's NetSnuffer, and so on all use SNMP. Had you the time, you actually could manipulate and create your own SNMP code to do your network management. And just to ensure this thread doesn't die and to stimulate discussion, I am going to make some erroneous statements next...here goes (identify the mistakes here and get a fabu No-prize!!) (FX: clears throat) "We should use SNMP on our networks because the TCP traffic it generates causes a great deal of overhead. Instead, if we need SNMP informaiton, we telnet to port 179, and run a get-set command that will dump the SNMP information to a text file, where we can search for what we need. SNMP is not useful because it can only run on routers and switches. There is also a security issue as the community strings on Cisco are stored in plaintext, and can not ever be encrypted.SNMP is enabled by default on all Cisco devices with the RW password of Cisco." I challenge all to find the mistakes, explain why they are wrong, and give us the correct info... There, that should spur some discussion on SNMP... enjoy!! Charles ""Kevin Welch"" <[EMAIL PROTECTED]> wrote in message 013101c07881$76ef9160$2a002a0a@sjc102498">news:013101c07881$76ef9160$2a002a0a@sjc102498... > Maybe its because no one has started a thread about SNMP > > -- Kevin > - Original Message - > From: "Pradeep Kumar" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Saturday, January 06, 2001 11:30 PM > Subject: Why dont I see SNMP discussion on this board ?? > > > > Folks, > > > > Did you notice - in our forum which claims to be addressing 10,000 Network > proffessionals , SNMP related discussion does not seem to be too attractive > ! not on the forum at least. > > > > Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > > > > Is this not a trouble area ? Or is it becoz , there is not much of SNMP > topics on any of the CCxx exams ? > > > > Is there any exams to prove the mettle of SNMP geeks ? > > > > -Guru > > > > > > > > > > > > > > > ___ > > Visit http://www.visto.com/info, your free web-based communications > center. > > Visto.com. Life on the Dot. > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Visit http://www.visto.com/info, your free web-based communications center. Visto.com. Life on the Dot. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP
Teunis, I just found GetIF this weekend and think it is definitely an excellent tool for troubleshooting. Small, light-weight and very easily understood. I really like being able to do traceroutes between two devices without having to telnet to either device. Other cool things: -Graph values in real time (like mapping real time packets going into an interface -Check routing tables -Look at the ARP table When it comes to Cisco routers it is frequently easier to telnet to the device and use the corresponding Cisco command. But when I have to deal with Bay routers it is very difficult for me because I haven't mastered the Bay command line. GetIF puts everything in simple easy to understand format. I can see this tool is going to slow down my efforts for learning Bay commandsnot sure if that's a good thing or a bad thing... The only thing I don't like about it, is that you can't make the window bigger. You can only see about 8 - 12 lines on any single tab. However, if that's my only complaint..I'd say its pretty good. :-) Later, AQ At 04:27 PM 1/7/01, Tony van Ree wrote: >Hi, > >GetIF I tend to use for small things in a rush as a trouble discovery >tool. I find it excellent. It allows you to get into devices you have >little details on. > >gxsnmp is another "free" management tool. This is far more complicated >but allows you to do stuff more in the lines of HP Openview or Cabletrons >Spectrum. > >MG-Soft also have some excellent products that make it easier to generate >the sort of MIB trees you might want to design for particular applications. > >As more discussion on SNMP seems to be requested here are some little >findings I have made over the years. > >Of all the SNMP managers I found Spectrum whilst the most cost expensive >in the intitial stages I found it was easier to use and provided better >models than any of the other products I tried. > >I found the secret to any management was understand what it is you want to >manage, what you were going to do with the data, how you were going to >lay out the model and to whom the reports would be sent. Without these >things you could waste hours producing useless pictures, graphs and >stats. You would feel good and nobody else could care less. > >Just some thoughts > >Teunis >Hobart, Tasmania >Australia > >On Saturday, January 06, 2001 at 07:44:19 PM, David C Prall wrote: > > > Use Getif on a Windows Environment to browse the MIB's. > > http://www.geocities.com/SiliconValley/Hills/8260/ > > > > It's free and works wonderfully for walking the tree. > > > > David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > > - Original Message - > > From: "Pierre-Alex" <[EMAIL PROTECTED]> > > To: "Cisco" <[EMAIL PROTECTED]> > > Sent: Saturday, January 06, 2001 5:38 PM > > Subject: SNMP > > > > > > > I am looking for a free utility that will allow me to experiment querying > > > the MIB database of a switch. Is there such a thing? > > > > > > Pierre-Alex > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > >-- >www.tasmail.com > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ** Adam Quiggle Senior Network Engineer MCI Worldcom/NOC/BP Amoco [EMAIL PROTECTED] ** _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A question regarding private addressing
Agreed. Apple has never truly received the credit that they deserve for most of their offerings. Simplicity and functionality are attributes that help make Apple who they are, and their innovative spirit did spark inspiration in the PC world. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Sunday, January 07, 2001 4:27 PM To: [EMAIL PROTECTED] Subject: RE: A question regarding private addressing At 10:37 PM 1/6/01, John Nemeth wrote: >On May 29, 5:24am, Craig Columbus wrote: >} >} OK. I can accept that Microsoft (or Apple for that matter) would do >} something like this and then expect the world to revolve around > > Actually, as Howard mentioned, neither of these companies >initiated the protocol It can be argued that Apple initiated the particular protocol that we have been discussing, that is, the Microsoft Automatic Private IP Addressing method. The client sends a gratuitous ARP 10 times broadcasting the network-layer address that it wants to use. If the address is in use, the client selects another address. The creators of AppleTalk, including Gursharan Sidhu, Ron Hochsprung, and Alan Oppenheimer own a patent that reads essentially just like that. The patent is from 1984. At that time IP networks were managed by computer scientists. Apple had the brilliant idea that ordinary people could set up and manage networks. I think we should give credit where credit is due. As Chuck mentioned, in the 1990s Microsoft also tried to make file and print sharing easy, but the majority of the credit should go to Apple. Apple could have imposed the dynamic network-layer addressing patent on the industry but perhaps it was too specific. (It has a bunch of LocalTalk specifics in it.) Also, they probably let it go because they recognize the value of furthering the ease of use of IP networks. People who will be connecting their home appliances together don't want to understand IP addressing, subnet masks, etc.! And how about ad hoc networks in training classes, on long plane rides, in hotel lobbies, on the beach, etc. &;-) John makes some other very good points below. I don't want to detract from them, but I just had to make the point again about AppleTalk. It's unfair to not do so. Priscilla >} them. However, I'm confused as to the benefit. Why would anyone want a >} non-assigned default IP address to appear on their network? Do they really >} think that people will implement a non-RFC1918 compliant address space just >} to save configuration time? (Actually, I can think of several cases where > > It does save configuration time, since this is for cases where no >configuration at all happens, most likely due to the lack of a real >administrator. > >} How do Internet backbone routers (BGP ASs) deal with this traffic? > > They don't. There is a reason why this address range is called >"link local". It's only useful within a single network segment that >isn't connected to any other networks. > >} Let's say that I want to take the easy way out and I connect a small >} network to the Internet via an ISP. I'm not running NAT, but I'm running >} the 169.254 addresses inside my network. If I've got a static route to an > > Then, you're SOL. To connect to the Internet, some kind of >configuration must happen (even, if it is just a box running NAT on the >outside interface and a DHCP server on the inside interface). > >} ISP public address, and we're not exchanging routing information, I can't >} see how this traffic would ever get back to my network. If I'm exchanging > > It wouldn't. > >} routes with an ISP (via BGP or some other interior protocol), where and how >} do the 169.254 routes get filtered? There has to be some mechanism, or > > It should be filtered at the network ingress point. > >} there would be thousands of summary routes back to 169.254 showing up on >} the Internet table. > > 169.254 should never ever show up on the Internet, although I >wouldn't be surprised if it did. I've seen some pretty large ISP's put >RFC-1918 addresses on the global Internet, which is also a no-no. > >} Any help in understanding this is appreciated. > > The purpose of this is to setup small impromptu isolated networks >which often don't have an administrator with no configuration at all >required. Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP & Multi VLAN's
Hi guys, I have been trying to locate info on how to utilize one DHCP server for multiple VLAN's on campus. So far I have come across utilizing a multi-vlan port configuration and IP helper addresses, but I am using 3524's and 6506 w/MSFC. If you have had any experience with this, I would appreciate hearing from you. Thanks Robert _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN (i still "really" dont KNow)
Hi, I trust this is not the complete bri set-up. As well as the Username/Hostname validity I would also suggest a dialer-group dialer-list combination might also do some good. Just a thought Teunis, Hobart, Tasmania Australia On Friday, January 05, 2001 at 07:10:41 PM, ahmad wrote: > Dear all, > > i am setting up an end-to-end isnd connection between two routers using CHAP > athuentication.i seem to make a connection but cant ping even the local side > the show ip route shows it as directly connected interface,when i do show > int bri 0 i see (spoofing)what actually does it mean and how to get rid of > it ??i have checked the configurations and searched on net a lot > configuration seems alright.if possible can someone send me a practical > working config (offcourse ips and passwords omitted).?? > > i realy would appreciate it.following is a general skecth just for refernce. > > > following is the configuration > > Router 1: > > hostname 3600-1 > username 2600-1 password google > > int bri 0 > ip address 10.10.10.1 255.255.255.0 > encapsulation ppp > dialer map ip 10.10.10.2 name 2600-1 > ppp authentication chap > - > > Router 2: > > hostname 2600-1 password google > > int bri 0 > ip address 10.10.10.2 255.255.255.0 > encapsulation ppp > dialer map ip 10.10.10.1 name 3600-1 1267126 > ppp authentication chap > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: eigrp, frame relay, and ISDN
"backup" also works very nicely in this senario also, with the dialer interfaces. ""whitaker"" <[EMAIL PROTECTED]> wrote in message 939a8i$cnt$[EMAIL PROTECTED]">news:939a8i$cnt$[EMAIL PROTECTED]... > So here's the scenario...Numerous routers in a central site connected to > other remote sites via frame-relay with backup ISDN. Question: What is the > best way to implement EIGRP in this scenario? My thoughts were to run EIGRP > over the frame, set up the dialer interface / bri as a passive interface, > and use floating static routes (static route with higher administrative > distance for ISDN backup) > > Thoughs, comments, suggestions, ridicules? ;-) > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: eigrp, frame relay, and ISDN
While I haven't set this scenario up in production, I have played with a simlar configuration in my home lab using async dial backup. I configured the async interface with a dialer watch-group and (of course) a matching dialer watch-list for the desired subnet. (The dialer-watch monitors the routing table for the specified route(s) and kicks off the dialer if this route disappears (i.e. the primary connection fails)). To keep the EIGRP hello's from keeping my link up I used the a dialer-list commands which referenced an extended access-list similar to the following: int async 1 dialer-group 1 dialer-list 1 protocol ip list 100 access-list 100 deny eigrp any any access-list 100 permit ip any any Remember the dialer-list specifies interesting traffic and *not* what traffic is actually allowed to cross the link. Once the dialer watch-group brings up the link the EIGRP hellos will be allowed and the routers should establish neighbor relationships. One thing to remember is that your dialer map statement should reference the subnet that you are watching. There is also a "dialer watch-disable" that lets you specifiy how the primary link must be up before the dial-backup connection is dropped. You may want to search the archives for the CCIELAB mailing list .. there is some excellent information relating to EIGRP and ISDN there. Hope this helps, Sandy Turnage whitaker wrote: > So here's the scenario...Numerous routers in a central site connected to > other remote sites via frame-relay with backup ISDN. Question: What is the > best way to implement EIGRP in this scenario? My thoughts were to run EIGRP > over the frame, set up the dialer interface / bri as a passive interface, > and use floating static routes (static route with higher administrative > distance for ISDN backup) > > Thoughs, comments, suggestions, ridicules? ;-) > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall License R or UR ?
Cool, should of known, money to be made..IOS got to upgrade! Thanks "Nick Brooks" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > 525 and 535 carry the R and UR licensing scheme as well. > > ItsMe wrote: > > > Only the PIX 515 has R and UR. > > > > ""A.C"" <[EMAIL PROTECTED]> wrote in message > > 9384i4$f0a$[EMAIL PROTECTED]">news:9384i4$f0a$[EMAIL PROTECTED]... > > > Hi, Does anyone know a command on Pix Firewall 520 that shows what kind > > of > > > license it has (R -UR license)? > > > > > > Thank you > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > _ > > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP & Multi VLAN's
On the VLAN interfaces that are used for the end-users, you will want to implement the ip-helper command to forward the DHCP/BOOTP packets to the DHCP server. That would be a better configuration than using a multi-port VLAN approach, IMHO. The interface config below shows the IP address of the DHCP server... interface Vlan101 ip address 10.10.101.3 255.255.255.0 ip helper-address 10.10.5.36 no ip redirects ip directed-broadcast standby 101 priority 108 preempt standby 101 ip 10.10.101.1 The global config parameters below prevent to forwarding of the following broadcast traffic that would otherwise be forwarded with the use of the ip-helper command. no ip forward-protocol udp tftp no ip forward-protocol udp netbios-ns no ip forward-protocol udp netbios-dgm no ip forward-protocol udp tacacs Hope this helps. -Brant. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Robert Cabeca Sent: Sunday, January 07, 2001 7:07 PM To: groupstudy Subject: DHCP & Multi VLAN's Hi guys, I have been trying to locate info on how to utilize one DHCP server for multiple VLAN's on campus. So far I have come across utilizing a multi-vlan port configuration and IP helper addresses, but I am using 3524's and 6506 w/MSFC. If you have had any experience with this, I would appreciate hearing from you. Thanks Robert _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #926
I just wanted to apologize to everyone for my countless email auto-reply bombs. You will all be happy to know that I am indeed back from my vacation and I promise to never again do this to you. I hope you can all find it in your hearts to forgive my retardedness. Sorry again, Dan Keller CCNP, CCDP, CCIE# 6489 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Simple modem connections
Hi all, Here I am sitting a work thinking just how simple it is to look after dial-up services. I have a person that calls into a router, connects, authenticates all seems fine. When I ping him I lose pings between the access router and the client. He connects a 48K I have had him remove compression and error correction from the modem this stops him dropping. OK. the fault seems to be on the line at his end I have some 200+ other dialups into the access router with no worries. I have the line checked out the tests come up fine. What's more the same person can dial into another service using the same equipment at his end but different equipment at the service provider end and all is fine I am assured. My next thing is to move the service to another access router only to find the problem is still there. He is the only one having trouble yet we seem to be the onlyones having trouble with him. EASY ISN'T IT. If it wasn't for little things like this I'd be unemployable. Teunis Hobart, Tasmania Australia -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Scores on Boson's and Colts - BCMSN
For folks who did Boson and Colts and passed BCMSN: How well do the scores on the Boson's and Colts predict success on the real BCMSN? For example, I took Boson BCMSN Test #2 quiz A, B, and C and got 77, 75, and 69 (I don't like that trend!). Then I took Colt "BCMSN post assessment" and got 48/63 (passing score 47-ouch!). With scores like that, do you think I'd pass by a comfortable margin, or maybe just barely pass, or maybe not pass at all? - Jennifer Mellone _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Simulator
Hi, all I know this has been discussed, and after spending my free time this weekend searching high and low for a reasonably priced ISDN simulator, I am forced to conclude there is no such beast. EBAY is a bust thus far, and the best price I have found is for a Teltone (www.teltone.com) ISDN simulator at http://www.bigdcom.com/teleline.html. Big D is a Groupstudy recommended site; they sell the ISDN simulator about 1600 bucks, give or take some change. Now to the crux of my dilemma: do I or don't I? That is, ask my Mistress for this for Christmas, Halloween, and so forth. She is standing here reading this, so I appreciate how wonderful she is! So beautiful with great taste in men! Also, very heroic: she kept me from drinking a coffee flavored Slim Fast (we were out of beer). Before I approach the checkbook with hat in hand, is this best price? I mean, really? Has anyone else had better luck? I hate the thought of spending 1600 bucks on a 100 bucks worth of wiring and chips. Perhaps is it time for Groupstudy to form a buyer's union, where we can pool our money and buy in bulk at almost wholesale prices. Good idea? Bad idea? Too much headache potential? Luckily for me, Big D is in the Dallas area so I plan on there in person and talking to them about these simulators and their prices. If interested, I will let the group know what happens. If not, I'll keep mum. Flames, comments all welcome! Charles _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Simulator
Depending upon your location maybe you could order a couple of ISDN lines. Where I'm at, for residental, they are $40 flat rate monthly. You could have them installed for nearly two years before they approached the cost of the simulator. andy On Sun, 7 Jan 2001, Cthulu wrote: > Hi, all > > I know this has been discussed, and after spending my free time this weekend > searching high and low for a reasonably priced ISDN simulator, I am forced > to conclude there is no such beast. EBAY is a bust thus far, and the best > price I have found is for a Teltone (www.teltone.com) ISDN simulator at > http://www.bigdcom.com/teleline.html. Big D is a Groupstudy recommended > site; they sell the ISDN simulator about 1600 bucks, give or take some > change. > > Now to the crux of my dilemma: do I or don't I? That is, ask my Mistress > for this for Christmas, Halloween, and so forth. She is standing here > reading this, so I appreciate how wonderful she is! So beautiful with great > taste in men! Also, very heroic: she kept me from drinking a coffee > flavored Slim Fast (we were out of beer). > > Before I approach the checkbook with hat in hand, is this best price? I > mean, really? Has anyone else had better luck? I hate the thought of > spending 1600 bucks on a 100 bucks worth of wiring and chips. Perhaps is it > time for Groupstudy to form a buyer's union, where we can pool our money and > buy in bulk at almost wholesale prices. Good idea? Bad idea? Too much > headache potential? > > Luckily for me, Big D is in the Dallas area so I plan on there in person and > talking to them about these simulators and their prices. If interested, I > will let the group know what happens. If not, I'll keep mum. > > Flames, comments all welcome! > > Charles > > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Simple modem connections
As someone that ran a dialup ISP for a number of years I have learned that sometimes you just need to refer them to the competition. Don't get me wrong. We usually would schedule a tech to head out and give it his best, but if he couldn't rattle something loose we would assume it was just a fluke between switching offices. Sometimes it simply does not work... andy On Mon, 8 Jan 2001, Tony van Ree wrote: > Hi all, > > Here I am sitting a work thinking just how simple it is to look after dial-up >services. > > I have a person that calls into a router, connects, authenticates all seems fine. >When I ping him I lose pings between the access router and the client. He connects a >48K I have had him remove compression and error correction from the modem this stops >him dropping. > > OK. the fault seems to be on the line at his end I have some 200+ other dialups into >the access router with no worries. I have the line checked out the tests come up >fine. What's more the same person can dial into another service using the same >equipment at his end but different equipment at the service provider end and all is >fine I am assured. > > My next thing is to move the service to another access router only to find the >problem is still there. > > He is the only one having trouble yet we seem to be the onlyones having trouble with >him. > > EASY ISN'T IT. If it wasn't for little things like this I'd be unemployable. > > Teunis > Hobart, Tasmania > Australia > > > > > -- > www.tasmail.com > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
A clearer statement about the level of involvement that SNMP might have within postings on a (clearly) hypothetical bay/nortel newsgroup is that it would be a recurring topic, with a fairly high percentage of specific implementation questions. This has to do with the ineffably sluggish nature of their graphical configuration tool, the lateness-to-market of their non-script-driven cli (bcc) and the fact that snmp gets & sets are incorporated into the TI that appears upon the establishment of a console or telnet session. Extremely cursory comparisons with mg-soft and similar browsing tools lead me to believe that the wellfleet mibs are significantly better documented than their cisco counterparts. They also appear to me to be easier to navigate, but that might have more to do with relative inexperience than anything else. "Pradeep Kumar" <[EMAIL PROTECTED]>@groupstudy.com on 01/07/2001 06:10:42 PM Please respond to "Pradeep Kumar" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] cc:(bcc: Kevin Cullimore) Subject: Re: Why dont I see SNMP discussion on this board ?? Good show Kevin and Charles.Did you notice some one having said " SNMP would be more focusssed by the Bay Network folks. Kevin- Good start ! If you read the SNMP related RFC , note the statement - SNMP RFC's are still a controversial subject. There has been no standardisation yet. -Guru -Original Message- From:Cthulu [EMAIL PROTECTED] Sent:Sun, 7 Jan 2001 08:33:58 -0600 To: [EMAIL PROTECTED] Subject: Re: Why dont I see SNMP discussion on this board ?? I'll start with the obvious: SNMP stands for Simple Network Management Protocol, which is a misnomer because it is not simple excepting for the fact that it has four commands I know of: set, get, trap, and the other one I forget. A better name would Tree-Like Database-Structure Underlying Management Protocol (TDUMP); notice the missing network. SNMP depends on a network to manage its devices; however, it can manage more than network-centric devices. It can also manage computers, servers, printers, coke machines, and pretty much anything that has a network connection. Pretty much all those big name network management packages such Openview, Tivoli, CiscoWorks, JoeSnuff's NetSnuffer, and so on all use SNMP. Had you the time, you actually could manipulate and create your own SNMP code to do your network management. And just to ensure this thread doesn't die and to stimulate discussion, I am going to make some erroneous statements next...here goes (identify the mistakes here and get a fabu No-prize!!) (FX: clears throat) "We should use SNMP on our networks because the TCP traffic it generates causes a great deal of overhead. Instead, if we need SNMP informaiton, we telnet to port 179, and run a get-set command that will dump the SNMP information to a text file, where we can search for what we need. SNMP is not useful because it can only run on routers and switches. There is also a security issue as the community strings on Cisco are stored in plaintext, and can not ever be encrypted.SNMP is enabled by default on all Cisco devices with the RW password of Cisco." I challenge all to find the mistakes, explain why they are wrong, and give us the correct info... There, that should spur some discussion on SNMP... enjoy!! Charles ""Kevin Welch"" <[EMAIL PROTECTED]> wrote in message 013101c07881$76ef9160$2a002a0a@sjc102498">news:013101c07881$76ef9160$2a002a0a@sjc102498... > Maybe its because no one has started a thread about SNMP > > -- Kevin > - Original Message - > From: "Pradeep Kumar" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Saturday, January 06, 2001 11:30 PM > Subject: Why dont I see SNMP discussion on this board ?? > > > > Folks, > > > > Did you notice - in our forum which claims to be addressing 10,000 Network > proffessionals , SNMP related discussion does not seem to be too attractive > ! not on the forum at least. > > > > Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > > > > Is this not a trouble area ? Or is it becoz , there is not much of SNMP > topics on any of the CCxx exams ? > > > > Is there any exams to prove the mettle of SNMP geeks ? > > > > -Guru > > > > > > > > > > > > > > > ___ > > Visit http://www.visto.com/info, your free web-based communications > center. > > Visto.com. Life on the Dot. > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscrip
Re: Scores on Boson's and Colts - BCMSN
Based on my experience (similar to yours, except that i took all of the boson BCMSN tests dozens of times) and the postings since august, the boson tests appear to have something to do with reality, and some semblance of correlation with test results whereas the colt tests appear to serve primarily as a mechanism by which cisco can frustrate and scare certification candidates. I'd hold out for higher scores on the boson before I would feel comfortable signing up for the exam. "Jennifer Mellone" <[EMAIL PROTECTED]>@groupstudy.com on 01/07/2001 09:49:34 PM Please respond to "Jennifer Mellone" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] To: <[EMAIL PROTECTED]> cc:(bcc: Kevin Cullimore) Subject: Scores on Boson's and Colts - BCMSN For folks who did Boson and Colts and passed BCMSN: How well do the scores on the Boson's and Colts predict success on the real BCMSN? For example, I took Boson BCMSN Test #2 quiz A, B, and C and got 77, 75, and 69 (I don't like that trend!). Then I took Colt "BCMSN post assessment" and got 48/63 (passing score 47-ouch!). With scores like that, do you think I'd pass by a comfortable margin, or maybe just barely pass, or maybe not pass at all? - Jennifer Mellone _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] +-+ | This message may contain confidential and/or privileged | | information. If you are not the addressee or authorized to | | receive this for the addressee, you must not use, copy, | | disclose or take any action based on this message or any| | information herein. If you have received this message in | | error, please advise the sender immediately by reply e-mail | | and delete this message. Thank you for your cooperation. | +-+ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay Security
Group, Which then I believe should obviously lead into the discussion- if VPN's are today's PVC's then would it be appropriate to say that traffic transported over the public internet with such a protocol as IPSec is just as safe? and how do you know your enemies aren't working for that frame provider -if they are using single DES they had better hope not. Are there protocols now capable of providing enough security encryption for extremely sensitive traffic to transit the public internet? >>>Brian >From: "Howard C. Berkowitz" <[EMAIL PROTECTED]> >Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: Frame Relay Security >Date: Sun, 7 Jan 2001 13:37:09 -0500 > > >I understand most of the benefits of frame relay, but I am wondering if = > >there are any security problems assoicated with this protocol? Is it = > >secure enough for unencrypted transfer of financial or sensitive = > >information? Any help understanding the security risks associated with = > >frame relay appreciated. > > > >-- Kevin > >Is a dedicated line secure enough for unencrypted transfer of >financial or sensitive information? > >Answer: It depends. > >People often assume that frame is somehow shared when "dedicated >lines" are not. From Chapter 5 of my _WAN Survival Guide_, > > >All too many users have an intuitive belief that if they were to > >pull on the London end of a London to New York circuit, wires would > >wiggle in Manhattan. The reality, of course, is that any network of > >complexity beyond a very simple LAN involves one or more layers of > >virtualization onto real media. At the OSI lower layers, > >virtualization usually involves multiplexing, but various name and > >address mapping functions provide virtual structure as one moves up > >the protocol stack. > >Typically, frame PVCs and T1's run over exactly the same media from >the customer site to the telco end office. Once at the end office, >they are multiplexed. T1 is far too slow for economical data >transmission between modern telco offices. Both the T1 and the frame >circuits typically will be multiplexed onto facilities at least at >DS-3, and usually OC-12 to OC-192. So much beyond the local loop, >there really isn't much difference between frame and dedicated. > >Interpretations in the US HIPAA legislation for medical data tend to >allow unencrypted traffic to flow over dedicated and frame, but not >the public Internet. The Federal Reserve, however, tends to want >end-to-end encryption regardless of the media, historically single >DES. Military traffic would be bulk encrypted and possibly >end-to-end encrypted as well. > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWorks & HP Openview in multiple VLAN.
Good day, It seems that I'm stuck with a problem on my customer network. I doesn't have much idea about LANE and their existing network setup since it is managed by other vendors so the bottom line is that I cannot view their cisco router configuration at all. However base on their existing updated network schematic design, they have 4 core catalyst switches with RSM module and few distribution & floor switches. My current HP Openview and CiscoWorks configuration pointing the address of the local catalyst RSM IP with SNMP read-only enabled. I'm expecting that the HP Openview to discover all the devices in the network while the CiscoWorks discover all the routers in the network by looking on the routing table in RSM. At the end, it turns up that both of the network management software didn't discover any devices in the network even the after 2 days leaving it on my table to discover. Do you guys think that I should replicate/mirror all the other VLANs traffic into my network management port (SPAN)? Any idea or improvement should I look forward in case I left our any of requirements? Thanks in advance. p/s: I'll be appreciate that if you intend to asked a question, please reply to my email and I will reply to your query to the group again to illuminate unnecessary flooding. Best wishes, Ryan _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why dont I see SNMP discussion on this board ??
Charles you said: SNMP is enabled by default on all Cisco devices with the RW password of Cisco. SNMP is not enabled by default- Cisco feels this is a security risk and notes the most secure option is to not enable it at all. About the RW password do you mean the default RW community string? The default value of the read-write community string on a Cisco router is- private >>>Brian >From: [EMAIL PROTECTED] >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Re: Why dont I see SNMP discussion on this board ?? >Date: Sun, 7 Jan 2001 22:25:35 -0500 > >A clearer statement about the level of involvement that SNMP might have >within postings on a (clearly) hypothetical bay/nortel newsgroup is that it >would be a recurring topic, with a fairly high percentage of specific >implementation questions. This has to do with the ineffably sluggish nature >of their graphical configuration tool, the lateness-to-market of their >non-script-driven cli (bcc) and the fact that snmp gets & sets are >incorporated into the TI that appears upon the establishment of a console >or telnet session. >Extremely cursory comparisons with mg-soft and similar browsing tools lead >me to believe that the wellfleet mibs are significantly better documented >than their cisco counterparts. They also appear to me to be easier to >navigate, but that might have more to do with relative inexperience than >anything else. > > > > > >"Pradeep Kumar" <[EMAIL PROTECTED]>@groupstudy.com on 01/07/2001 >06:10:42 PM > >Please respond to "Pradeep Kumar" <[EMAIL PROTECTED]> > >Sent by: [EMAIL PROTECTED] > >To: [EMAIL PROTECTED], [EMAIL PROTECTED] >cc:(bcc: Kevin Cullimore) >Subject: Re: Why dont I see SNMP discussion on this board ?? > > >Good show Kevin and Charles.Did you notice some one having said " SNMP >would be more focusssed by the Bay Network folks. > >Kevin- Good start ! > >If you read the SNMP related RFC , note the statement - SNMP RFC's are >still a controversial subject. There has been no standardisation yet. > >-Guru > > > >-Original Message- >From:Cthulu [EMAIL PROTECTED] >Sent:Sun, 7 Jan 2001 08:33:58 -0600 >To: [EMAIL PROTECTED] >Subject: Re: Why dont I see SNMP discussion on this board ?? > > >I'll start with the obvious: > >SNMP stands for Simple Network Management Protocol, which is a misnomer >because it is not simple excepting for the fact that it has four commands I >know of: set, get, trap, and the other one I forget. A better name would >Tree-Like Database-Structure Underlying Management Protocol (TDUMP); >notice >the missing network. SNMP depends on a network to manage its devices; >however, it can manage more than network-centric devices. It can also >manage computers, servers, printers, coke machines, and pretty much >anything >that has a network connection. > >Pretty much all those big name network management packages such Openview, >Tivoli, CiscoWorks, JoeSnuff's NetSnuffer, and so on all use SNMP. Had >you >the time, you actually could manipulate and create your own SNMP code to do >your network management. > >And just to ensure this thread doesn't die and to stimulate discussion, I >am >going to make some erroneous statements next...here goes (identify the >mistakes here and get a fabu No-prize!!) > >(FX: clears throat) > >"We should use SNMP on our networks because the TCP traffic it generates >causes a great deal of overhead. Instead, if we need SNMP informaiton, we >telnet to port 179, and run a get-set command that will dump the SNMP >information to a text file, where we can search for what we need. SNMP is >not useful because it can only run on routers and switches. There is also >a security issue as the community strings on Cisco are stored in plaintext, >and can not ever be encrypted.SNMP is enabled by default on all Cisco >devices with the RW password of Cisco." > >I challenge all to find the mistakes, explain why they are wrong, and give >us the correct info... > >There, that should spur some discussion on SNMP... enjoy!! > >Charles > > > > >""Kevin Welch"" <[EMAIL PROTECTED]> wrote in message >013101c07881$76ef9160$2a002a0a@sjc102498">news:013101c07881$76ef9160$2a002a0a@sjc102498... > > Maybe its because no one has started a thread about SNMP > > > > -- Kevin > > - Original Message - > > From: "Pradeep Kumar" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Saturday, January 06, 2001 11:30 PM > > Subject: Why dont I see SNMP discussion on this board ?? > > > > > > > Folks, > > > > > > Did you notice - in our forum which claims to be addressing 10,000 >Network > > proffessionals , SNMP related discussion does not seem to be too >attractive > > ! not on the forum at least. > > > > > > Why dont I see discussion on Cisco MIB's, SNMP, RMON ? > > > > > > Is this not a trouble area ? Or is it becoz , there is not much of >SNMP > > topics on any of the CCxx exams ? > > > > > > Is there any exams to prove the mettle of SNMP
Repost: CiscoWorks & HP Openview in multiple VLAN.
Repost. -Original Message- From: Post Master ** Do Not Use ** [mailto:[EMAIL PROTECTED]] Sent: Monday, January 08, 2001 12:25 PM To: Ryan Ngai Hon Kong Subject: Mail failure [008] Failure delivering user mail due to mailbag contention. Mail item was not delivered to: -- Microsoft Mail v3.0 (MAPI 1.0 Transport) IPM.Microsoft Mail.Note From: Ryan Ngai Hon Kong To: '[EMAIL PROTECTED]' Subject: CiscoWorks & HP Openview in multiple VLAN. Date: 2001-01-07 23:12 Priority: 3 Message ID: 7D8056F1D9E4D4118BB800A0C9EA57D7 Good day, It seems that I'm stuck with a problem on my customer network. I doesn't have much idea about LANE and their existing network setup since it is managed by other vendors so the bottom line is that I cannot view their cisco router configuration at all. However base on their existing updated network schematic design, they have 4 core catalyst switches with RSM module and few distribution & floor switches. My current HP Openview and CiscoWorks configuration pointing the address of the local catalyst RSM IP with SNMP read-only enabled. I'm expecting that the HP Openview to discover all the devices in the network while the CiscoWorks discover all the routers in the network by looking on the routing table in RSM. At the end, it turns up that both of the network management software didn't discover any devices in the network even the after 2 days leaving it on my table to discover. Do you guys think that I should replicate/mirror all the other VLANs traffic into my network management port (SPAN)? Any idea or improvement should I look forward in case I left our any of requirements? Thanks in advance. p/s: I'll be appreciate that if you intend to asked a question, please reply to my email and I will reply to your query to the group again to illuminate unnecessary flooding. Best wishes, Ryan _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A question regarding private addressing
Let me make some comments fundamentally for background. It's increasingly considered useful to minimize the amount of configuration that an end station needs to do before becoming active. Servers and routers are special cases. DHCP is stateful: the DHCP server remembers what addresses have been assigned. Apple and Microsoft alternatives are dynamic stateless alternatives. They select a tentative name, and then broadcast sequentially selected addresses until they find one with no conflict. CLNS and IPv6 alternatives listen for a high-order prefix defining alink-local or site-local part, and prefix these part(s) in front of universal MAC lists. Still mostly stateless, but more coooperative. >At 10:37 PM 1/6/01, John Nemeth wrote: >>On May 29, 5:24am, Craig Columbus wrote: >>} >>} OK. I can accept that Microsoft (or Apple for that matter) would do >>} something like this and then expect the world to revolve around >> >> Actually, as Howard mentioned, neither of these companies >>initiated the protocol > >It can be argued that Apple initiated the particular protocol that we have >been discussing, that is, the Microsoft Automatic Private IP Addressing >method. The client sends a gratuitous ARP 10 times broadcasting the >network-layer address that it wants to use. If the address is in use, the >client selects another address. The creators of AppleTalk, including >Gursharan Sidhu, Ron Hochsprung, and Alan Oppenheimer own a patent that >reads essentially just like that. > >The patent is from 1984. At that time IP networks were managed by computer >scientists. Apple had the brilliant idea that ordinary people could set up >and manage networks. I think we should give credit where credit is due. As >Chuck mentioned, in the 1990s Microsoft also tried to make file and print >sharing easy, but the majority of the credit should go to Apple. > >Apple could have imposed the dynamic network-layer addressing patent on the >industry but perhaps it was too specific. (It has a bunch of LocalTalk >specifics in it.) Also, they probably let it go because they recognize the >value of furthering the ease of use of IP networks. People who will be >connecting their home appliances together don't want to understand IP >addressing, subnet masks, etc.! And how about ad hoc networks in training >classes, on long plane rides, in hotel lobbies, on the beach, etc. &;-) > >John makes some other very good points below. I don't want to detract from >them, but I just had to make the point again about AppleTalk. It's unfair >to not do so. > >Priscilla > > >>} them. However, I'm confused as to the benefit. Why would anyone want a >>} non-assigned default IP address to appear on their network? Do they really >>} think that people will implement a non-RFC1918 compliant address space just >>} to save configuration time? (Actually, I can think of several cases where >> >> It does save configuration time, since this is for cases where no >>configuration at all happens, most likely due to the lack of a real >>administrator. >> >>} How do Internet backbone routers (BGP ASs) deal with this traffic? >> >> They don't. There is a reason why this address range is called >>"link local". It's only useful within a single network segment that >>isn't connected to any other networks. >> >>} Let's say that I want to take the easy way out and I connect a small >>} network to the Internet via an ISP. I'm not running NAT, but I'm running >>} the 169.254 addresses inside my network. If I've got a static route to an >> >> Then, you're SOL. To connect to the Internet, some kind of >>configuration must happen (even, if it is just a box running NAT on the >>outside interface and a DHCP server on the inside interface). >> >>} ISP public address, and we're not exchanging routing information, I can't >>} see how this traffic would ever get back to my network. If I'm exchanging >> >> It wouldn't. >> >>} routes with an ISP (via BGP or some other interior protocol), where and how > >} do the 169.254 routes get filtered? There has to be some mechanism, or >> >> It should be filtered at the network ingress point. >> >>} there would be thousands of summary routes back to 169.254 showing up on >>} the Internet table. >> >> 169.254 should never ever show up on the Internet, although I >>wouldn't be surprised if it did. I've seen some pretty large ISP's put >>RFC-1918 addresses on the global Internet, which is also a no-no. >> >>} Any help in understanding this is appreciated. >> >> The purpose of this is to setup small impromptu isolated networks >>which often don't have an administrator with no configuration at all >>required. > > > > >Priscilla Oppenheimer >http://www.priscilla.com > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _
Re: Repost: CiscoWorks & HP Openview in multiple VLAN.
The message made it to the list. Because no one is really managing the addresses on this list, whenever you send a message to the list you will usually get a couple of bounces from bad addresses. andy On Mon, 8 Jan 2001, Ryan Ngai Hon Kong wrote: > Repost. > > -Original Message- > From: Post Master ** Do Not Use ** > [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 08, 2001 12:25 PM > To: Ryan Ngai Hon Kong > Subject: Mail failure > > > > [008] Failure delivering user mail due to mailbag contention. > Mail item was not delivered to: > > > > -- > Microsoft Mail v3.0 (MAPI 1.0 Transport) IPM.Microsoft Mail.Note > From: Ryan Ngai Hon Kong > To: '[EMAIL PROTECTED]' > Subject: CiscoWorks & HP Openview in multiple VLAN. > Date: 2001-01-07 23:12 > Priority: 3 > Message ID: 7D8056F1D9E4D4118BB800A0C9EA57D7 > > > > > Good day, > > It seems that I'm stuck with a problem on my customer network. I doesn't > have much > idea about LANE and their existing network setup since it is managed by > other vendors > so the bottom line is that I cannot view their cisco router configuration at > all. > However base on their existing updated network schematic design, they have 4 > core > catalyst switches with RSM module and few distribution & floor switches. > > My current HP Openview and CiscoWorks configuration pointing the address of > the local > catalyst RSM IP with SNMP read-only enabled. I'm expecting that the HP > Openview > to discover all the devices in the network while the CiscoWorks discover all > the routers > in the network by looking on the routing table in RSM. > > At the end, it turns up that both of the network management software didn't > discover > any devices in the network even the after 2 days leaving it on my table to > discover. > Do you guys think that I should replicate/mirror all the other VLANs traffic > into my network > management port (SPAN)? > > Any idea or improvement should I look forward in case I left our any of > requirements? > > Thanks in advance. > > p/s: I'll be appreciate that if you intend to asked a question, please reply > to my email and I > will reply to your query to the group again to illuminate unnecessary > flooding. > > Best wishes, > Ryan > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2600 Route Processor
I find on Cisco's web page that the 2600 series routers are capable of inter-vlan routing. Does this mean that a 2600 can be used as a route processor for an MLS? Or does it just mean that it can route between vlans because it can has to Ethernet ports? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Scores on Boson's and Colts - BCMSN
I just took BCMSN last week and got a 912. Until the last couple days (before the test) I was only getting scores in the 80's on Boson #2. Although my real test was similar (in subject matter) to #2 it wasn't as similar as the Boson CCNA vs. Cisco CCNA. I was pleasantly surprised when I hit the finished button, well, actually, more like ecstatic. I thought the test was challenging but no walk in the park. I was sure I was in the low 800's. As always, read the questions very carefully ;-) Passing score for my test (64 questions) was 699. As for study materials, I used the Sybex and Cisco Press books. They are very similar except on two points: The Sybex goes way into detail on Multicasting, this level of detail WASN'T necessary for my test. The Cisco Press book spends alot of time on the Campus model and the different models of switches, this WAS necessary for my test. Hope that helps, Tim ""Jennifer Mellone"" <[EMAIL PROTECTED]> wrote in message 000e01c0791d$a287dfc0$965cfea9@mellonj">news:000e01c0791d$a287dfc0$965cfea9@mellonj... > For folks who did Boson and Colts and passed BCMSN: > > How well do the scores on the Boson's and Colts predict success on the real > BCMSN? > > For example, I took Boson BCMSN Test #2 quiz A, B, and C and got 77, 75, and > 69 (I don't like that trend!). > Then I took Colt "BCMSN post assessment" and got 48/63 (passing score > 47-ouch!). > > With scores like that, do you think I'd pass by a comfortable margin, or > maybe just barely pass, or maybe not pass at all? > > - Jennifer Mellone > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: ATQ0H0
Yes, I have experienced this several times. It is the dreaded Catalyst switch who thinks it is talking to a modem :-) Here are my recommended fixes in this order: 1. Get a known good black console cable. Get several. Try each one out and see if any will get the console to come up other than ATQ commands. 2. Change out your DB-9 to RJ-45 converters with others that are known/good. See if that works. 3. Finally, and lastly, change out to other COM ports/other PC COM ports to see if that will help. In the three times I had this scenario, only once did I have to go to step 3. Obviously, it goes without saying that you need to ensure you have the correct COM port settings(9600,8,N,1,) particularly with flow control turned *off*. 4. If all else fails, upgrade the firmware to something older/newer (experiment here). Yes, I know it is fun sucking a 1MB image through a 9600bps line, but that's what a cup of coffee is for 8-) 5. If this one is so old that it has one of those DB-9 console connectors on the back of the switch (vice the newer RJ-45), you may need to order Cisco's OEM console cable for that box, or you will need to build a null modem cable as specced out here (watch wrap): http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/192 8v5x/icg5x/csspec.htm#41267 You are on the right track if you can access the diagnostic console. Lastly, strongly resist the temptation to throw the switch against the wall. It may be needed for an RMA:-) Best of luck, Paul Werner > Date: Sun, 7 Jan 2001 17:45:17 -0500 > From: "Jon O'Nan" <[EMAIL PROTECTED]> > Subject: ATQ0H0 > > I've been working with an older Catalyst 1900 switch (firmware ver 5.37) > We > can't get any management console output. We are able to bring up the > diagnostic console by holding in the mode button on the front of the > switch > while turning on the power. After upgrading the firmware via xmodem, the > switch will POST and then leave us with a blsnk screen except for modem > strings ATQ0H0. Anyone ever experienced the same issue? Get your own "800" number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2600 Route Processor
You can setup an ethernet port on the 2600 to run ISL or dot1q (802.1q) VLAN trunking. This is down by creating subinterfaces for the ethernet port. Here's a quick example: interface FastEthernet0/0 no ip address no shutdown ! interface FastEthernet0/0.1 description Subinterface for VLAN 1 running ISL ip address 1.1.1.1 255.255.255.0 encapsulation isl 1 ! interface FastEthernet0/0.2 description Subinterface for VLAN 2 running ISL ip address 2.1.1.1 255.255.255.0 encapsulation isl 2 At 12:18 AM 1/8/01 -0500, Rick Holden wrote: >I find on Cisco's web page that the 2600 series routers are capable of >inter-vlan routing. Does this mean that a 2600 can be used as a route >processor for an MLS? Or does it just mean that it can route between vlans >because it can has to Ethernet ports? > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sample paper CCIE R/S written
Hi Where can i get a sample paper of CCIE R/S written. I checked colt but there is nothing... Regards Gautam _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help for VOIP!
Hi, You may use 3600 and 2500. Let voice backhaul throu FE of 3600s for both end. On 2500 you may want to config for QoS. On 2500 you would use standard cables, if connecting back to back then DTE and DCE cables. For VIC-2FXS it is usual RJ-11. Bye -Mak Gene Park wrote: > Hi, members, > > I have one question about VOIP. > Actually, I have two 3600s with three exact modules- > Voice card(NM-1V), ATM (1A-OC3MM), and FastEthernet, > but no serial ports. The NM-1V has two FXS. > > Based on these, how do I set up for VOIP lab? > I have several 2503, 2513, and 2514. > Because I don't have serial ports on 3600s, do I > need to use FastEthernet ports or use ATM interface? > Please let me have cabling info too. > > Thanks for your help. > > = > Gene Park > [EMAIL PROTECTED] > > __ > Do You Yahoo!? > Yahoo! Photos - Share your holiday photos online! > http://photos.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help for lab setup!
Gene, Hi! You could have a (2) Port frame-switch with one of your routers...although that doesnt do you much justice for practicing FR. You could put a module in the 36xx or get a cheap 25xx (2521) that has (4) serial ports. I'm not sure which ATM module that you have. To do some real useful ATM, you'll need an ATM switch that will do SVCs and PVCs (ie LS1010). For the VoIP, what VIC modules do you have? Hopefully you have a couple VIC-2FXS modules in your NM-2Vs. If that's the case, you'll just need a couple of analog phone to plug into them. The only other thing I see missing from your hardware is a Cat5k and an ISDN simulator. Other than that, it looks great!!! Good luck. -Brad Ellis CCIE#5796 [EMAIL PROTECTED] used cisco hardware: www.optsys.net "Gene Park" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear Members: > > I've given following hardware to set up CCIE lab for a group of people. So I'm looking for tips > for topology. Any ideas would be appreciated. And I have some questions. > > 1. With the routers provided, I don't think I can make frame relay switch. My guess is that I have > to insert 4-port serial network module in an available slot on 3600. Am I right or any other > suggestions? > 2. In ATM module, what do I have to plug into ATM0? Is it an ATM switch or some other gear to have > practices? I'm not sure on this. I heard that ATM LANE is no longer tested in the lab. > 3. For the voice, 2 channel voice module is installed. I think two phones are required. What else > do I need? I never had practice on the VOIP. Please help. > > 2 of 2503 > 2 of 2513 > 4 of 2514 > 1 of 2509 > 2 of 3600(3 modules in there) > 2-channel voice network(voice 2v) > ATM IA-OC3MM > FastEthernet 1 FE-TX > > 1 of 2900XL Cat > 1 of MAU > > Thank you for your help. > > Gene > [EMAIL PROTECTED] > > = > Gene Park > [EMAIL PROTECTED] > > __ > Do You Yahoo!? > Yahoo! Photos - Share your holiday photos online! > http://photos.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Troubleshooting 102 - "password recovery"
Well that wasn't nearly so bad as it could have been. The low life who trashed my router, not to mention spoiled it for a lot of folks on these lists, could have been more malicious. But he was deliberate. No doubt about it. So here is today's troubleshooting lesson - not really password recovery, but configuration register setting recovery. I have done a bit of password recovery practice, but not much. 1) cannot get into rommon mode. Not that I can tell. Gibberish of various sorts on screen. Check to be sure my version of HyperTerminal sends the correct control-break sequence, using another router. it does. I was sure I had upgraded this particular version, but these days, when moving between so many different computers at home and on the job, one never can tell. 2) Ok, with gibberish on the screen, what are some things to check? A quick look through CCO confirms that baud rate is the only terminal setting that can be changed in the register. Thank goodness one cannot also change the data, stop, and parity. 3) OK. Brute force this thing. 9600 does not work. Let's work down the scale, and see. 4800 does not work. 1200 did not work earlier this afternoon. But 2400 does work. I see clear text and I see I am in rommon after all. 4) Check the current config register setting. E/s 202 [enter] reveals the setting as 0x3942 you bad boy! 5) Use the o/r 0x2102 to reset the register and reload. 6) Rommon again! Hhmmm. 7) OK, this time do a config mem ( I probably should have looked at this last time anyway, but I did not ) 8) Well, what did the yo-yo do here? Hostname rommon> interesting. Certainly explains the console message I was seeing last time I reloaded. Well, I don't have time to fool around any more. Erase start, reload, things come up ok. I will copy my saved configuration later. 9) Too bad garbage-head inserted himself into this weekend. Someone was doing a very interesting IPSec tunnel between my pod and theirs. I was looking forward to seeing the result. 10) End result - learned a few more things which will be valuable in the lab - troubleshooting portion. Extra credit - with a configuration register setting of 0x3942, what was happening at boot time? Chuck -- I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as it has been is over ( if you hope to pass ) From this time forward, you will study US! ( apologies to the folks at Star Trek TNG ) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Radius support in cisco routers
Nezar, We needed to go to IP/Plus on a 1600 to get Radius support. This required more flash than the 4mb we originally purchased. Steve ""Nezar Ahmed"" <[EMAIL PROTECTED]> wrote in message 01f101c0788d$fa57bdf0$09e37ad4@nezar">news:01f101c0788d$fa57bdf0$09e37ad4@nezar... > hello everyone, > As far as I can see there is no Radius support in cisco's 16xx and = > 26xx series. Is it a software version limitation ? For example do newer = > releases support radius ? Or is it a hardware limitation ? If this was = > the case which series supports radius ? > Thanks for your help. > Nezar > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]