Re: switches [7:3145]
Free access to 4 switches were posted in the last two days: http://www.groupstudy.com/form/read.php?f=7&i=3093&t=3093 http://www.groupstudy.com/form/read.php?f=7&i=3097&t=3097 ebay/ebay 24.3.233.101 2005 24.3.233.101 2006 24.3.233.101 2007 24.3.233.101 2008 See http://www.firewallking.com/phpnuke/html/layout.php as well. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""John Andrews"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know where any free switches or switching sites are for practice > prior to the test that I can access from home. > > John > > Have a great day! > John A > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3151&t=3145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Seeking opinions on the following hardware for Lab.. [7:3149]
Get a remote power device (APC MasterSwitch) and console terminal server (500-cs or 2509/2511) so you can all access it remotely ;-) -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello All ! > > I'm currently trying to setup a lab with three other friends we've all > decided > to add up all our cisco gear to see if we can put up a CCIE lab for us to > study on, > > We're all working on the CCNP track as of right now but would like to > setup > the lab for CCIE studying...Why not right ?? > > Anyway this is the hardware we've got so far, I know we'll need a switch > or two > but would like some expertise input from you folks that have done this > allready, > > And of course i'd like to try to get by with the least hardware as > possible.. $$$ is tight > right now for all 3 of us shelling out what we have so far.. > > This is what we have : > > (2) 2501'S 2S 1E > (3) 2503'S 2S 1E 1 BRI > (1) 2524 1S 1E 1 BRI > (1) 2513 2S 1E 1 TR > (1) 2610 2S 2E > > And Thanks in advance to all that reply. > > > Sincerely, > > Eric > > GET INTERNET ACCESS FROM JUNO! > Juno offers FREE or PREMIUM Internet access for less! > Join Juno today! For your FREE software, visit: > http://dl.www.juno.com/get/tagj. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3149&t=3149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: static route help: sprint thinks its impossible.... [7:3150]
router rip version 2 no auto-summary Also, turn on some debugs and watch the RIP/OSPF announcements and see what's getting announced. My OSPF knowledge is lacking (memorized and did a few labs for the Routing test, and haven't touched it since, so it grows rusty). 63/8 has been carved up to a ton of major ISPs. Sprint has a ton of blocks in that space as well: Sprint (NETBLK-SPRN-BLKS) SPRN-BLKS 63.160.0.0 - 63.175.255.255 As does my evil ISP PBI/SBC: Pacific Bell Internet Services,Inc. (NETBLK-PBI-NET-7) PBI-NET-7 63.192.0.0 - 63.207.255.255 Now, WYSE needs to be giving that Class B back ;-p How much of that address space is even in use? 5%? 10%? 25% tops? We run RIPv2 internally and have 63/24 blocks from Sprint & UUNET and have no reachability problems to other 63/8 blocks. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Moahzam Durrani"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > my company has just acquired a new company and we are trying to integrate it > in our infrastructure. Our company owns its owns a class B network of > 132.237.0.0/16. We are using a frame relay to connect to various sites > around the world. However the new site we acquired has 2 routable network > address of 63.76.147.0/24 and 63.76.148.0/24 . I am trying to create a > static route between our frame router to the frame router at the new site > which is connected to an old Bay router (original router before acquisition) > . I dot know much about the sprint frame but I do know they are > redristibuting ospf to rip to all existing sites..(not including new one). > I have been informed that the 63.0.0.0 ADDRESS BELONGS TO UUNET and Cbale > and wireless. > > > Lan e0 e0 sj frame router s1 sprint frame --s1 texas frame > router e0e0 Bay router -63.76.147.0/24-internet router > -internet >sj (132.237.x.x) > -63.76.148.0/24 LAN > > > Any way when i created a static route with the two 63 adresses from SJ I > was able to ping the network in Texas , and they vice versa. However I got > calls from poeple saying that they were no longer able to connect to certain > websites , and one of our DS3 went down . The websites we were unable to > get to all had adresses in the 63.x.x.x /8 range. Also the DS3 had a 63 > networrk address. when I did a sh ip route I saw we were learnin the a full > calss A network 63.0.0.0 / 8 subnetted 2 times. > > My static route was ip route 63.76.147.0 255.255.255.0 132.237.x.x (e0 sj > frame router) > . ... 148.0 > 255.255.255.0 > > then from sj fram router sprint added a static for the two networks to the > s1 interface of the texas frame router. > > > We have been on for a while trouble shooting this issue with sprint .. and > they insisted it is not possible to redistribute the two 63 Networks with a > class C due to RIP limitations.. however all our IOS are 11.3 and higher.. > > Eventually after a while we will be replacing the 63 networks with our > network scheme .. cant do it for a while ... Does any one have an idea what > im trying to get to as I dont . > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3150&t=3150 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE depreciation in 2 years [7:1882]
His wife probably took it from his girlfriend, ah, I mean assistant. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of EA Louie Sent: Wednesday, May 02, 2001 11:16 PM To: [EMAIL PROTECTED] Subject: Re: CCIE depreciation in 2 years [7:1882] dang, does that mean "The Dukes of Hazzard" is coming back? (I loved Daisy Duke in dem dere cutoffs...) Did Mayor Brown donate his Porsche to the homeless, or did the CHP confiscate it because he had too many unpaid speeding tickets? -e- - Original Message - From: adam lee To: Sent: Wednesday, May 02, 2001 10:40 PM Subject: RE: CCIE depreciation in 2 years [7:1882] > You haven't heard? Willie traded in his expensive sports car for a classic > used car, THE GENERAL LEE. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > EA Louie > Sent: Wednesday, May 02, 2001 12:30 AM > To: [EMAIL PROTECTED] > Subject: Re: CCIE depreciation in 2 years [7:1882] > > > Jason - I heard that Willie's latest passion is hillbilly music...right > after filling potholes and tossing the homeless out of GG Park ;-) > > -e- > > - Original Message - > From: Jason Roysdon > To: > Sent: Tuesday, May 01, 2001 8:30 PM > Subject: Re: CCIE depreciation in 2 years [7:1882] > > > > Heh, interesting. Of course, my friend is a white oakie who likes his > > country without all that new-fangled hipness (I say stuff like that to > tease > > him). You know, with a banjo, and no drums! Somehow I don't think he has > > any special connections there. > > > > -- > > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > > List email: [EMAIL PROTECTED] > > Homepage: http://jason.artoo.net/ > > > > > > > > ""EA Louie"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > lmao... what timing for that story to come out, just when Jason's > talking > > > about his buddy... > > > > > > -e- > > > > > > - Original Message - > > > From: adam lee > > > To: > > > Sent: Monday, April 30, 2001 8:17 PM > > > Subject: RE: CCIE depreciation in 2 years [7:1882] > > > > > > > > > > Are you sure he's not Willie Brown's friend? > > > > > > > > > > > > > > http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2001/04/30/MN165362.DTL > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > > > Sent: Monday, April 30, 2001 6:03 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: CCIE depreciation in 2 years [7:1882] > > > > > > > > > > > > My friend was hired for the City/County of SF for $96K/year 3 months > ago > > > > with just his CNE. Plus they bought out the rest of his $150K > contract > > > with > > > > his previous employer, and paid for all the training he owned his > former > > > > employer (he'd been working exclusively for this customer anyway for > the > > > > last 6 mos.) > > > > > > > > Granted, he knows ZEN and can image every PC on their entire network > in > > 15 > > > > minutes and replaced 5 help-desk folks who used to do what ZEN does in > a > > > few > > > > clicks of a button (they still kept a few screwdrivers to replace > > > hardware). > > > > And that's just the eye-candy stuff that his manager likes to show > off, > > > he's > > > > got a solid years as a CNE under his belt (and not for mom-and-pop > > > networks, > > > > but for large enterprise clients) plus a year as an understudy before. > > > > > > > > Of course, this guy is sharp as a TAC (pun-intended). He'll pick up > his > > > > MCSE 2000 by the end of the year if he applies himself (he did the > CNE5 > > in > > > 3 > > > > months of self-study and building his own servers, plus hands-on > > > experience > > > > as an understudy to some of our ECNE/MCNE's). That is, if he ever > goes > > > > home. Heh, he even keeps a cot and a change of clothes at the office > > for > > > > those late nights. > > > > > > > > The funniest thing is that his house cost less than 10 months of his > > gross > > > > salary. But then he lives out in sticksville (but they do have > > > > cablemodems). > > > > > > > > I dunno, I find it kinda funny because he's the guy that came over > with > > > RH5 > > > > one day two years ago and said, "Hey, you wanna install this?" and we > > > > proceeded to waste the night away and piss off both of our Wives. > > Hehee. > > > > > > > > -- > > > > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > > > > List email: [EMAIL PROTECTED] > > > > Homepage: http://jason.artoo.net/ > > > > > > > > > > > > > > > > ""Brian"" wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > Novell certification, let's look at what kind of jobs that gets you. > > > > > > > > > > 1 a job at a company which is migrating from Novell to NT, and will > > let > > > > > you go when the transition is complete. > > > > > > > > > > 2 a job at a company that is too cheap to replace its legacy > mishmash > > > > > network. > > > > > >
Re: Passed CCIE written exam [7:3140]
heartiest congratulations Vincent! onto the lab for you... -e- - Original Message - From: Vincent Chong To: Sent: Thursday, May 03, 2001 10:22 PM Subject: Passed CCIE written exam [7:3140] > Hi everyone; > > After 3 days intensive and fast track study, I decided to take > exam today. > > I finally passed the exam. It's my first try, I got a bare > pass. But pass is a just a pass. > > I would like to say thank you to people provide me precious > information. > > The exam is not difficult if you know the things cool. > > Good luck to everyone. > > Vincent Chong > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3148&t=3140 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Serial condition [7:3146]
Can anyone explain this condition!!! SBCEN5_8TH_FLOOR_PHASE1#sh int s0 Serial0 is down, line protocol is up Hardware is HD64570 Description: MSWAP (RMSPEBD6) MTU 1500 bytes, BW 10 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation SDLC, loopback not set Router link station role: PRIMARY (DCE) Router link station metrics: slow-poll 10 seconds T1 (reply time out) 3000 milliseconds N1 (max frame size) 12016 bits N2 (retry count) 20 poll-pause-timer 10 milliseconds poll-limit-value 1 k (windowsize) 7 modulo 8 sdlc vmac: 5043.C2AD.A1-- sdlc addr C6 state is DISCONNECT cls_state is CLS_STN_CLOSED VS 0, VR 0, Remote VR 0, Current retransmit count 0 Hold queue: 0/200 IFRAMEs 0/0 TESTs 0/0 XIDs 0/0, DMs 0/0 FRMRs 0/0 RNRs 0/0 SNRMs 15959/0 DISC/RDs 0/0 REJs 0/0 Poll: clear, Poll count: 0, chain: C6/C6 Last input never, output 00:01:36, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 15959 packets output, 31918 bytes, 0 underruns 0 output errors, 0 collisions, 59 interface resets 0 output buffer failures, 0 output buffers swapped out 244682856 carrier transitions DCD=up DSR=up DTR=down RTS=down CTS=up Mike Hawthorne Johanesburg South Africa __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relating to the official business of Standard Bank Investment Corporation (Stanbic) is proprietary to the company. It is confidential, legally privileged and protected by law.\ Stanbic does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Stanbic. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Stanbic can not assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. __ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3146&t=3146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
switches [7:3145]
Does anyone know where any free switches or switching sites are for practice prior to the test that I can access from home. John Have a great day! John A Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3145&t=3145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffers [7:3035]
The O'Reilly book Internet Core Protocols comes with a CD containing a sniffer app?? It is a good packet header book. Bri - Original Message - From: "Victor Chan" To: Sent: Thursday, May 03, 2001 8:05 AM Subject: Sniffers [7:3035] > Do anyone know of any free sniffers? Is there any web sites you can refer > me to? > > > Thanks. > > Victor > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3144&t=3035 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN [7:3118]
The test is totally based on the Cisco Press BCRAN book. If you know it, you'll do fine. The only advice I could give, is not to study too in-depth. The test is broad, so instead of focusing on minute details... make sure you generally know a little about everything. Don't forget your key commands for trouble shooting each technology. I believe it's the BCRAN book, that had the great end of chapter summaries. Boson's & the Exam Cram helped me prepare, but don't be fooled... it's all in the Cisco Press. Good Luck Phil - Original Message - From: Terence Lee To: Sent: Thursday, May 03, 2001 9:03 PM Subject: BCRAN [7:3118] > I am taking the BCRAN in 2 weeks. What are the main focus point for the test > and what do I need to study the most? Thanks in advance. > > Terence Lee > CCNA > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3143&t=3118 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson for the Lab [7:3053]
Humm... and not a one of them that answer or refer to this question. As to question, I down'ed the first that they have and "played" the demo. There are some good questions there, but if this is a lab prep test, then it will never be a replacement for hands on. It might be very helpful in working on weak areas. I am not too sure about the idea of a Q&A prep for the lab, maybe it has great value, maybe none at all. I guess one uses what one can when learning, each to their own. $0.02 -- John Hardman CCNP MCSE ""Jason Roysdon"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Over 13 posts for April with "Boson;lab" in them. Were you looking for > CCIE-specific lab info? > > > -- > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > List email: [EMAIL PROTECTED] > Homepage: http://jason.artoo.net/ > > > > ""Nick Lesewski"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I saw that Boson had some lab prep materials, but I didn't see anything in > > the archives about it. Has anybody tried it? > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3142&t=3053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX telnet again [7:3003]
I hope I'm reading this correctly, all you should need to do is add telnet xx.xx.xx.xx (ip address ) xx.xx.xx.xx (mask) inside (if_name) ""Jim Bond"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, > > I have an IPSEC between central office router to site > office PIX. Central office uses public IP address, > site office has only 1 public IP address, therefore, > uses NAT. Everything works fines except I can't telnet > from central office to PIX (inside or outside). I can > telnet from central office to servers inside PIX. Is > there any command I need to add on the PIX? According > to CCO, if IPSEC is established, telnet to PIX outside > should work, right? > > Thanks in advance. > > Jim > > __ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great prices > http://auctions.yahoo.com/ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3141&t=3003 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed CCIE written exam [7:3140]
Hi everyone; After 3 days intensive and fast track study, I decided to take exam today. I finally passed the exam. It's my first try, I got a bare pass. But pass is a just a pass. I would like to say thank you to people provide me precious information. The exam is not difficult if you know the things cool. Good luck to everyone. Vincent Chong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3140&t=3140 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Scary Kitty Mutation [7:3097]
On Thu, 3 May 2001, Neal Rauhauser wrote: > If one of you scholars can forward me the pinout needed to cross > token ring on an RJ45 port I'll whip up a cable for them. If I dig a > little more I might find some token ring cables so I can hook a couple > of routers up to these things. OTTOMH, TR uses 36, 45. An archive search should confirm that and give more detailed info about crossing (such as whether it's needed - depending on the port configuration, it might not). -- "Someone approached me and asked me to teach a javascript course. I was about to decline, saying that my complete ignorance of the subject made me unsuitable, then I thought again, that maybe it doesn't, as driving people away from it is a desirable outcome." --Me Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3139&t=3097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: static route help: sprint thinks its impossible.... [7:3138]
If it is RIP version one, it does not handle variable length subnet masks. It does not include the subnet information in the routes. Not knowing the entire details of the network, however I think the above is a likely cause of your problems. Clayton Price ""Moahzam Durrani"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > my company has just acquired a new company and we are trying to integrate it > in our infrastructure. Our company owns its owns a class B network of > 132.237.0.0/16. We are using a frame relay to connect to various sites > around the world. However the new site we acquired has 2 routable network > address of 63.76.147.0/24 and 63.76.148.0/24 . I am trying to create a > static route between our frame router to the frame router at the new site > which is connected to an old Bay router (original router before acquisition) > . I dot know much about the sprint frame but I do know they are > redristibuting ospf to rip to all existing sites..(not including new one). > I have been informed that the 63.0.0.0 ADDRESS BELONGS TO UUNET and Cbale > and wireless. > > > Lan e0 e0 sj frame router s1 sprint frame --s1 texas frame > router e0e0 Bay router -63.76.147.0/24-internet router > -internet >sj (132.237.x.x) > -63.76.148.0/24 LAN > > > Any way when i created a static route with the two 63 adresses from SJ I > was able to ping the network in Texas , and they vice versa. However I got > calls from poeple saying that they were no longer able to connect to certain > websites , and one of our DS3 went down . The websites we were unable to > get to all had adresses in the 63.x.x.x /8 range. Also the DS3 had a 63 > networrk address. when I did a sh ip route I saw we were learnin the a full > calss A network 63.0.0.0 / 8 subnetted 2 times. > > My static route was ip route 63.76.147.0 255.255.255.0 132.237.x.x (e0 sj > frame router) > . ... 148.0 > 255.255.255.0 > > then from sj fram router sprint added a static for the two networks to the > s1 interface of the texas frame router. > > > We have been on for a while trouble shooting this issue with sprint .. and > they insisted it is not possible to redistribute the two 63 Networks with a > class C due to RIP limitations.. however all our IOS are 11.3 and higher.. > > Eventually after a while we will be replacing the 63 networks with our > network scheme .. cant do it for a while ... Does any one have an idea what > im trying to get to as I dont . > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3138&t=3138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: port number list on DOS [7:2809]
You can check for well-know ports. Also there are various utilities that will allow you to link the ports to the process running on the machine. Most of these utils will work only on NT or W2K since Win9X is somewhat braindead in TCPIP ""Chipps,Ken"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > netstat -a > > If you find out how to track down what the various ports are really being > used for, let me know. I asked about this a while back. So far no one has > suggested anything useful except for monitoring and asking security related > lists. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Priscilla Oppenheimer > Sent: Tuesday, May 01, 2001 4:39 PM > To: [EMAIL PROTECTED] > Subject: port number list on DOS [7:2809] > > > OK, I have a DOS question that really is relevant to Cisco networking (sort > of. ;-) This came up a couple months ago, but I can't find the answer in > the archives. > > What is the DOS command to see port numbers (services) in use on a PC? > Someone posted a command that would let you see the list of TCP and UDP > port numbers. One of my students asked how to do this and I remembered that > there was a command, but I couldn't remember what it was. > > Thanks, > > Priscilla > > > > Priscilla Oppenheimer > http://www.priscilla.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3137&t=2809 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
static route help: sprint thinks its impossible.... [7:3136]
my company has just acquired a new company and we are trying to integrate it in our infrastructure. Our company owns its owns a class B network of 132.237.0.0/16. We are using a frame relay to connect to various sites around the world. However the new site we acquired has 2 routable network address of 63.76.147.0/24 and 63.76.148.0/24 . I am trying to create a static route between our frame router to the frame router at the new site which is connected to an old Bay router (original router before acquisition) . I dot know much about the sprint frame but I do know they are redristibuting ospf to rip to all existing sites..(not including new one). I have been informed that the 63.0.0.0 ADDRESS BELONGS TO UUNET and Cbale and wireless. Lan e0 e0 sj frame router s1 sprint frame --s1 texas frame router e0e0 Bay router -63.76.147.0/24-internet router -internet sj (132.237.x.x) -63.76.148.0/24 LAN Any way when i created a static route with the two 63 adresses from SJ I was able to ping the network in Texas , and they vice versa. However I got calls from poeple saying that they were no longer able to connect to certain websites , and one of our DS3 went down . The websites we were unable to get to all had adresses in the 63.x.x.x /8 range. Also the DS3 had a 63 networrk address. when I did a sh ip route I saw we were learnin the a full calss A network 63.0.0.0 / 8 subnetted 2 times. My static route was ip route 63.76.147.0 255.255.255.0 132.237.x.x (e0 sj frame router) . ... 148.0 255.255.255.0 then from sj fram router sprint added a static for the two networks to the s1 interface of the texas frame router. We have been on for a while trouble shooting this issue with sprint .. and they insisted it is not possible to redistribute the two 63 Networks with a class C due to RIP limitations.. however all our IOS are 11.3 and higher.. Eventually after a while we will be replacing the 63 networks with our network scheme .. cant do it for a while ... Does any one have an idea what im trying to get to as I dont . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3136&t=3136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Seeking opinions on the following hardware for Lab.. [7:3135]
Hello All ! I'm currently trying to setup a lab with three other friends we've all decided to add up all our cisco gear to see if we can put up a CCIE lab for us to study on, We're all working on the CCNP track as of right now but would like to setup the lab for CCIE studying...Why not right ?? Anyway this is the hardware we've got so far, I know we'll need a switch or two but would like some expertise input from you folks that have done this allready, And of course i'd like to try to get by with the least hardware as possible.. $$$ is tight right now for all 3 of us shelling out what we have so far.. This is what we have : (2) 2501'S 2S 1E (3) 2503'S 2S 1E 1 BRI (1) 2524 1S 1E 1 BRI (1) 2513 2S 1E 1 TR (1) 2610 2S 2E And Thanks in advance to all that reply. Sincerely, Eric GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/tagj. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3135&t=3135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
You can run traffic through a Proxy box before it hits the PIX if URL filtering is what you want. Then block all :80 + :443 traffic through the PIX from anything but the Proxy. Or whatever protocols it is you want to URL filter. This way you get the best of both worlds. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Eugene Nine"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > PIX goes up to layer 4, so it won't do things like URL filtering. > Checkpoint (or other SW) can do higher layer protection but may not be as > well at the lower layers (due to security holes in the OS, etc) > Eugene > > ""Chuck Larrieu"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Asked sincerely, what advantages do you see in provisions PIX plus > > checkpoint? > > > > Chuck > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > > [EMAIL PROTECTED] > > Sent: Thursday, May 03, 2001 2:47 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] > > > > It depends on your security policy , design and needs , generally what we > > advice our > > customers is checkpoint + pix together > > > > Hatim badr a icrit : > > > > > Hi , > > > > > > I would like to know the pluses and minuses of each product . Currently > > We > > > are using checkpoint and I want to convince my management to switch to > > cisco > > > PIX firewall . > > > > > > Thanks > > > > > > Hatim > > > > > > > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3134&t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL [7:2882]
Here's what I've got for my IPSEC + NAT-incoming to server + NAT-outgoing for shared access: ACL protecting incoming on outside interface Route-map/ACL on all non-outside interfaces that jump IPSEC traffic around the NAT (via a loopback) Route-map/ACL defining what to NAT (called NoNAT, hehee!) ACL that defines what traffic to tunnel via IPSEC I posted the config a while back: http://www.groupstudy.com/archives/cisco/200104/msg01634.html Hmm, except this config was missing 'ip access-group 101 in' on the BVI1 outside interface. I must have had it disabled for a bit when troubleshooting. It's on there now ;-p What do I have to define all this junk? Well, when a packet is on it's way out from one of your "public" internal servers to a remote IPSEC host, it would first be picked up by the NAT engine. To make it not get NAT'd so that IPSEC can handle it, you've got to get it around that process, so a Route-map to a loopback works. From the loopback to the outside interface and beyond it'll match the ACL for the IPSEC. The NoNAT ACL is basically the reverse of all combined IPSEC ACLs. HTH. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Am I correctly reading that you are terminating your IPSec tunnels on the > same interface where the access-list in question will be applied? Are you > running a router with the IOS firewall / IPSec feature set? > > Look, the rule is one access-list per direction per protocol per interface. > Period. So no, you cannot have several IP access-lists applied in the same > direction on a single interface. Them's the rules. > > That said, there is a separate access-list that defines traffic to be > encrypted and sent through the VPN tunnel. This may be what you have in mind > when you talk about several access-lists, each with a different function. > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Allen May > Sent: Thursday, May 03, 2001 8:52 AM > To: [EMAIL PROTECTED] > Subject: Re: ACL [7:2882] > > I'm sure there are plenty of people who know more about ACLs than I do...I > just use 'em ;) But, correct me if I'm wrong, but doesn't it process every > line in ACLs for the interface it's passing through until it finds a match > for permit/deny? If you separate by ACL numbers you would have a few more > lines...depending on the configuration maybe ALOT more lines...but it would > be easier to manage and maintain in my opinion. > > The thing I'll have to play with this weekend is trying to combine an ACL > for an outside interface that includes IPSec with TACACS+ authentication AND > have regular access to the web servers on port 80 without authentication. > If authenticated on IPSec you would have ports open for ftp. Now before we > get into the fact that when you're authenticated you are on an inside > interface & no longer bound by external interface, consider also having > IPSec router to router or PIX to PIX dedicated tunnels. > > Seems sadistic that I thought this up but it's actually a project I'm > putting myself through...rofl. > > Later > > Allen > - Original Message - > From: "Donald B Johnson jr" > To: "Allen May" ; > Sent: Thursday, May 03, 2001 11:45 AM > Subject: Re: ACL [7:2882] > > > > wouldn't that be a resource hog > > > > - Original Message - > > From: "Allen May" > > To: > > Sent: Wednesday, May 02, 2001 1:55 PM > > Subject: Re: ACL [7:2882] > > > > > > > 1 reason would be to separate acl's per internal IP address you're > > > permitting/denying access to. 101=specific IP allowing ftp and http, > > > 102=different IP allowing http only, etc. It would look cleaner > > anyway > > > > > > - Original Message - > > > From: "Donald B Johnson jr" > > > To: > > > Sent: Wednesday, May 02, 2001 3:19 PM > > > Subject: Re: ACL [7:2882] > > > > > > > > > > Why > > > > - Original Message - > > > > From: "BASSOLE Rock" > > > > To: > > > > Sent: Wednesday, May 02, 2001 7:24 AM > > > > Subject: ACL [7:2882] > > > > > > > > > > > > > Hi, > > > > > > > > > > Can we apply more then one ACL per interface?.. > > > > > > > > > > > > > > > Example: > > > > > > > > > > Interface Serial1 > > > > > ip access-group 102 in > > > > > ip access-group 103 out > > > > > ip access-group 104 in > > > > > ip access-group 105 out > > > > > > > > > > Thank you. > > > > > > > > > > Rock BASSOLE > > > > > Til: +33 (0) 1 45 96 22 03 > > > > > FAQ, list archives, and subscription info: > > > > http://www.groupstudy.com/list/cisco.html > > > > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > FAQ, list archives, and subscription info: >
Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
Up sell, up sell, up sell! Increased revenues! ;-) Seriously, perhaps you could use the PIX to protect the Checkpoint running on NT. Ok, not too serious, hehee ;-p -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Asked sincerely, what advantages do you see in provisions PIX plus > checkpoint? > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > [EMAIL PROTECTED] > Sent: Thursday, May 03, 2001 2:47 PM > To: [EMAIL PROTECTED] > Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] > > It depends on your security policy , design and needs , generally what we > advice our > customers is checkpoint + pix together > > Hatim badr a icrit : > > > Hi , > > > > I would like to know the pluses and minuses of each product . Currently > We > > are using checkpoint and I want to convince my management to switch to > cisco > > PIX firewall . > > > > Thanks > > > > Hatim > > > > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3131&t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Will the NM-4T work on 2600 series routers [7:3056]
NM-4T1-IMA is what is referenced on that URL you've posted http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t5/atm_ima.htm ) NM-4T1-IMA != NM-4T NM-4T1-IMA: Four-port T1 ATM Network Module with IMA The 4-port T1 ATM Network Module with IMA provides access to ATM WAN up-links at fractional T3 bandwidths. Each link provides 4 ports with up to 6 Mbps connectivity. The T1 version provides an RJ-45 connector with integrated CSU/DSU. Click Here for Datasheet. Supported Platforms & Minimum IOS Versions 3660 series - 12.0(5)T 3640 - 12.0(5)T 3620 - 12.0(5)T 2650 - 12.1(3)T 2600 series - 12.0(5)T NM-4T: Four-port Serial Network Module This network module has four synchronous serial interfaces, and supports a total full-duplex throughput of 8 megabits per second (Mbps), which can be realized over one port (at 8Mb/s) or across all four ports (at 2Mb/s on each port). Each port supports full-duplex and half-duplex operation at T1 and E1 speeds. All ports use identical DB-60 connectors that support five interface types (RS-232, RS-449, RS-530, V.35, X.21) in either DTE or DCE mode. Click Here for Datasheet. Supported Platforms & Minimum IOS Versions 3660 series - 12.0(5)T 3640 - 11.2(4)XA 3620 - 11.2(4)XA 2650 - Not Available 2600 series - Not Available -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Jonathan Hays"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The following URL seems to strongly indicate that the NM-4T is supported: > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t5/atm_ima.htm > > > > > Joshua Beining wrote: > > > It seems that there is some confusion wrt network modules and 2600/3600 > > routers. Searching on Ciscos site, they say that the NM-4T is not > supported > > for the 2600 series but I see cisco resellers, and others advertising the > > NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says the > > NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. > > Thanks. > > > > -Joshua > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- > Jonathan Hays > Acropolis Systems, Inc. > (408) 935-3016 > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3133&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial cables... [7:3091]
On Thu, 3 May 2001, Priscilla Oppenheimer wrote: > At 04:22 PM 5/3/01, Rizzo Damian wrote: > >Do they make a serial cable that goes from DB60M to the new High > >Density > > >Smart Serial Male? > > Is there such a thing? The dense part I could believe. Relatively speaking, there is. Serial males are smarter, on average, than parallel males. > Sorry, couldn't resist. ;-) Ditto. -- "Someone approached me and asked me to teach a javascript course. I was about to decline, saying that my complete ignorance of the subject made me unsuitable, then I thought again, that maybe it doesn't, as driving people away from it is a desirable outcome." --Me Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3129&t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1750 defect affecting VWIC modules [7:3127]
Check this out (I'm always the last to want to blame the hardware, so this amazes me): -Original Message- From: pmok [mailto:***@cisco.com] Sent: Thursday, May 03, 2001 6:03 PM To: j**@netsworkinc.com Subject: Case B385165 - 1750: as soon as pick up phone get loud screaching noise before dialing Hello Jason, according to the information you sent in, SJC has a chassis serial number of JAB044431DX and BFL has a chassis serial number of JAB044431DM. It is as I suspected: these two routers are from a bad manufacturing batch -- the PLL circuitry on the motherboard cannot lock the frequency as required and will not provide a stable clock output. The PLL will generate jitters causing noise or distortion on voice calls. The worst case is that the PLL will provide no clock output resulting in total failure to dial out (no dial tone). The way to recognize such units is via their chassis serial number: This problem will most likely be seen on units manufactured between datecode 0435 and 0448. It maybe seen on units prior to this datecode but this is unlikely. Here is how to decode the Chassis System serial #'s. The serial # has the datecode built into it. The format is LLLYYWW LLL=Location unit was built at. This would be JAB, JMX, or JEU YY =Year. This is from when we started the new serial # system (1997=01, 1998=02, 1999=03, 2000=04, 2001=05). WW= Work Week. This is the week of the year that the system was built. = Serial #. The Chassis Serial Number is located on the back panel of the router. This manufacturing defect is catastrophic -- if you attach an analog phone to an FXS port on the router and then pick up the phone and hear a good dialtone, your chassis is OK. If you have FXO ports, you can hook up the port to the PSTN wall-jack, dial-in over the PSTN, and the router will answer and return dialtone. Again, if the dialtone sounds good your chassis is not affected by this defect. I will have to submit an RMA order to ship you replacement 1750s new from the manufacturing plant. Please send me shipping information and a contact name and phone number at the address. I will make the arrangements and someone from the depot will be in contact to let you know when the replacement chassis should arrive. Please advise, thanks. Peng Mok (***@cisco.com, 919-392-) > SJC is the hub for this FR network. All sites have the same gear. BFL & > SJC have a loud hissing noise even plugging a POTS phone right off the FXS > port. They get this before dialing, and it continues during the whole call > to the point that they can't hear anything. If they call SLO or OAK, the > remote sides can't hear it or tell there is a problem. SLO & OAK do not > have any problems calling between themselves or even detected problems on > their end when they call BFL or SJC. > > What could be affecting this? I've tweaked the settings today (5/3) to kill > all possible VAD/white noise possible, and still the same for those two > sites. Sound like bad hardware? I've also included the configs prior to > this (4/10), which the customer can't tell the difference between. > -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3127&t=3127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Scary Kitty Mutation [7:3097]
TR is going to take a MAU between them, AFAIK. Can't cross 'em like ethernet. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Neal Rauhauser"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I was rooting around in the debris field I call my office looking > for my digital camera so I could auction those Catalyst 2926s and I came > up with a pair of Catalyst 2600s - token ring switches. > > I got these things thinking they might be like the much feared > Catalyst 3900 which has never been sighted anywhere other than a > CCIE lab exam, but I don't think its the same thing - these switches > drive just about like the old Grand Junction Catalyst 1900 switches. > > > Anyway, there are two of them at these locations without any > passwords: > > 24.3.233.101 2005 > 24.3.233.101 2006 > > If one of you scholars can forward me the pinout needed to cross > token ring on an RJ45 port I'll whip up a cable for them. If I dig a > little more I might find some token ring cables so I can hook a couple > of routers up to these things. > > > As always, if you mess it up email me at mailto:[EMAIL PROTECTED] so I > can fix it. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3128&t=3097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interpretation of some BGP commands [7:2997]
This will result in the announcement of 202.161.128.0/19 (128-160), the AGGREGATOR attribute will be set and longer prefixes in this subnet will be suppressed. --trey suaveguru wrote: > hi , > > can anyone tell me what the command below summarises > the address to be ? > > network 202.161.128.0 mask 255.255.224.0 > aggregate-address 202.161.128.0 255.255.224.0 > summary-only > > regards, > > suaveguru > > __ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great prices > http://auctions.yahoo.com/ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3126&t=2997 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Route descriptor blocks???? [7:3104]
Route Descriptor Blocks (and Interface Descriptor Blocks IDBs) are internal data structures that can not be configured directly. They store the necessary information about routes and interfaces in memory. --trey tim sullivan wrote: > All, > Does any have a link to a good explaination of what > a descriptor block is/does/gets config'd...I ahve searched the > CISCO site but do not get a clear pix.Not that I missed the > the doc on that tiny little site of theirs. > > Thanks > Tim > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3125&t=3104 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: 700 rants and other things [Re: BCRAN exam [7:2890]
I have a customer with 20 700s. I can't stand the beasts. They only support IP & IPX to the best of my knowledge. I dislike non-IOS based Cisco routers ;-p I've gotten to know CatOS fairly well, plus that's on switches so I'm already prepared for it when I have to deal with them ;-)' Oh, I should rant about a customer today that has 50 3Com NetBuilder IIs they want me to support. $%(@#%(#$ things. I'll spare you the details. BTW: Did you know that the 10Base-T port on them doesn't support 10/100 autosensing hubs/switches/NICs? Just sits there and keeps resetting. Works fine if you lock the speed on the other device (but that's no good on dumb autosensing hubs/switches), or use a 10base-T device. Wait, did I say I wasn't going to rant? Let me just say that I enjoy learning new things and new technologies. TR & SNA is just killing me having to learn. What I love learning is technology that I'll have my hands on at a fairly regular basis. VoIP has been a blast like that. I haven't even looked deep into the CCIE to see if I need to learn X.25. Gawd, I hope not. Can you even get X.25 anywhere anymore other than third-world countries? The 700s? Well, I just documented the very basic minimal commands to change the IP/IPX info and Spids, and we just don't touch them otherwise ;-) They just look so friendly like an 800, but down deep their evil little beasties. ISDN sucks anyway. One day I think I know about all I need to regarding it, and the next day my carrier is installing NT1s at certain locations! WTF is with that? Since when do NA telco's install NT1s? I had to make them come out and remove them all so my U-port ISDN devices will work (remember that install I talked about at the end of last week? Yeah, took 3 hours to get them to fess up that one site had NT1s and get them removed). Once it was done, everything worked beautifully. Funny thing was that the SPIDs were at locations 40 miles apart, but only the last digit was different and just one lower than the other, and only one SPID per site (which made me think it was a pair of SPIDs for just one side at first). ISDN, geeze. Oh, regarding troubleshooting on the 700s, they suck for that. The 800 series and IOS-based debug kicks, which is yet another reason I hate 700s. I bring my own 804 on 700 installs just so I can debug with a decent router. Finally, the potential for them is so limited. Other than corporate remote small offices, they're not much use (which, granted, has a large base, but ISDN is far to slow for most these days). Step up to an 800 and you can get NAT, QoS, Firewall, and even IPSEC. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""John Starta"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Jason, > > Why do you perceive the 700 series as not being worth your time? Do you > believe that you'll never run into it in the field? Would it surprise you > to learn that several well known Enterprises have very large installed > bases of the 700 series? Given your presence on this mailing list I would > have assumed that you were about learning and acquiring knowledge. This > means knowing how to configure and troubleshoot older protocols such as > AppleTalk, DECNET, IPX and routers such as the 700. Despite claims to the > contrary there are still a large number of networks that aren't entirely IP > or running IOS-driven hardware. > > jas > > At 04:18 PM 5/2/01 -0400, Jason Roysdon wrote: > >It's not worth your time. If you know the other areas, 1-3 questions on it > >won't hurt you (if that, I've heard rumors of 0 questions). > > > >When is Cisco going to EOL those piece of junks? Sure, sure, they're great > >cheap desktop routers (ip & ipx), but the 800 line isn't that much more. > > > >-- > >Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > >List email: [EMAIL PROTECTED] > >Homepage: http://jason.artoo.net/ > > > > > >"""[EMAIL PROTECTED], Michael (CAP, AFS, Contractor)""" > > wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > If this has been asked already forgive me but how much of the Series 700 > >is > > > covered on the BCRAN examI'm guessing not that much... > > > > > > thanks in advance, > > > > > > Mike > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3124&t=2890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT question [7:3050]
Or just provide them with a private internal DNS server that resolves to internal addresses. Much easier than messing with hosts files. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Lupi, Guy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have also had this problem with clients who host web sites internally. > They try to get to the website by name and it of course resolves to the > public address, which they then try to get to from the "inside" network and > it fails. In those cases we have had to put host file entries on the > workstations to resolve the name to the private address for all inside > machines. > > -Original Message- > From: Evans, TJ [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:52 PM > To: [EMAIL PROTECTED] > Subject: RE: NAT question [7:3050] > > > If I recall correctly access to/through > the external addresses of internal machines from internal machines is a > no-no. > > > Internally - all should be well; i.e. - machines are able to communicate > openly with each other > > Internal 2 External systems - all should be well, and if you have static > address assignments they should be used appropriately. > > > External 2 Internal - all should be well; i.e. - systems outside the > firewall can access your internal systems fine > > Internal 2 External address of Internal system - um, no. > > > > Thanks! > TJ > > -Original Message- > From: Greg Smythe [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:10 > To: [EMAIL PROTECTED] > Subject: NAT question [7:3050] > > Hello -- > > I have some static NAT translating going on in my lab, and if I am "inside" > and try to telnet to the "outside" IP address of a machine, I get connection > refused. Telnetting to the "inside" IP address of the machine works. I do > have > an inbound access list on the "outside" interface, but it is allowing telnet > to the machine. Upon doing a show access-list command I see that the line > for > telnet is not even getting hit. So why can't I telnet to an "ouside" IP from > the "inside"? Strange thing is that I can ping the "outside" IP ok, but any > other sort of connections to it fail. > > Thanks! > > > Greg > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > * > The information in this email is confidential and may be legally privileged. > It is intended solely for the addressee. Access to this email by anyone else > is unauthorized. > > If you are not the intended recipient, any disclosure, copying, distribution > or any action taken or omitted to be taken in reliance on it, is prohibited > and may be unlawful. When addressed to our clients any opinions or advice > contained in this email are subject to the terms and conditions expressed in > the governing KPMG client engagement letter. > > * > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3123&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Modem [7:3028]
USR's work great: line aux 0 session-timeout 120 password login modem Dialin modem autoconfigure type usr_sportster transport input all stopbits 1 flowcontrol hardware -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""SH Wesson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > How do I configure a US Robotics modem to work on an AUX port on a router. > What do I have to configure on the AUX port and what do I have to configure > on the modem.I want to connect the US Robotics modem to the AUX port for > dialin. Thanks. > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3120&t=3028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson for the Lab [7:3053]
Over 13 posts for April with "Boson;lab" in them. Were you looking for CCIE-specific lab info? -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""Nick Lesewski"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I saw that Boson had some lab prep materials, but I didn't see anything in > the archives about it. Has anybody tried it? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3122&t=3053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffers [7:3035]
Or just search the archives here. The topic comes up once a month at least. Actually, before posting most questions, a good search of the archive helps. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ ""simonis"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Victor Chan wrote: > > > > Do anyone know of any free sniffers? Is there any web sites you can refer > > me to? > > NetMon on Windows, TCPDump on Linux, BSD, AIX, Snoop on Solaris, > etc etc... a quick web search on this would have saved everyone > some bandwith. Please refrain from laziness. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3121&t=3035 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2924XL for sale [7:2721]
OK, I asked where Tom -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jason Baker Sent: Thursday, May 03, 2001 12:38 AM To: [EMAIL PROTECTED] Subject: Re: 2924XL for sale [7:2721] you can get enterprise versions of the 2900 series well under 1000 new in box type stuff. Regards, Jason Baker - Original Message - From: "Tom" To: Sent: Thursday, May 03, 2001 12:08 PM Subject: RE: 2924XL for sale [7:2721] > List on a WS-C2924-XL-EN is $1995, 38% off is about the best discount a gold > partner can get. That puts it at $1235. Where can you get 'em for $1000? > > > > Tom > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Circusnuts > Sent: Tuesday, May 01, 2001 7:40 PM > To: [EMAIL PROTECTED] > Subject: Re: 2924XL for sale [7:2721] > > > Na- new is closer to a $1000. I paid something like $950 for mine (new 2924 > XL EN), & have definitely seen new models go for more. > > Phil > > - Original Message - > From: Jason Baker > To: > Sent: Tuesday, May 01, 2001 10:59 AM > Subject: Re: 2924XL for sale [7:2721] > > > > Lee, > > > > just helping you with selling the switch most of buy from ebay. > > > > The exact switch you are selling you can pick up for 500 - 700 US dollars. > > > > Regards, > > > > Jason Baker > > > > - Original Message - > > From: "Lee" > > To: > > Sent: Tuesday, May 01, 2001 7:45 PM > > Subject: 2924XL for sale [7:2721] > > > > > > > For sale: > > > > > > Cisco 2924XL EN - $1100US > > > > > > This is a brand new Cisco Catalyst 2924 XL EN switch still in the box. > > > This was intended for a home lab but was never needed. > > > > > > Lee > > > Sydney, Australia > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > [GroupStudy.com removed an attachment of type text/x-vcard which had a name > of Tom McNamara.vcf] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Tom McNamara.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3119&t=2721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN [7:3118]
I am taking the BCRAN in 2 weeks. What are the main focus point for the test and what do I need to study the most? Thanks in advance. Terence Lee CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3118&t=3118 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: UPgrade Cisco 3000 to 2500 Router [7:2303]
You just need to burn the latest 2500 code to EPROM's and install. There use to be an article on dejanews that detailed the process. I've got 3 - 3102's and a 3204 that this has been done to. Once, completed you can installed the 8MB Flash Simms (max of 8MB) and 16MB of RAM for the feel of a 2500. I've got an EPROM burner and PLCC adapter. Doing the whole process doesn't take all that long. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com - Original Message - From: "Neil Schneider" To: Sent: Thursday, May 03, 2001 6:06 PM Subject: Re: UPgrade Cisco 3000 to 2500 Router [7:2303] > I didn't know this was possible. Can anyone provide more detail? > > Neil Schneider > > > ""Carl Hensley"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Does anyone know how to upgrade a 3000 Router to a Cisco 2501. > > What Boot Proms do I need. Where can I purchase the boot Proms. > > And Flash memory. > > > > > > > > -- > > Carl Hensley > > [EMAIL PROTECTED] - email > > (703) 234-3987 x1268 - voicemail/fax > > > > > > > > __ > > FREE voicemail, email, and fax...all in one place. > > Sign Up Now! http://www.onebox.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3117&t=2303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Route descriptor blocks???? [7:3104]
The following discription came from CCO: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fint er_c/icfgenrl.htm#xtocid2802 IDB Scalability Cisco IOS Software uses interface descriptor blocks (IDBs) to store interface-specific information, such as protocols configured and timers, so that Cisco IOS device drivers can interact efficiently with various types of interfaces. IDBs are an exhaustable resource tied to the memory available on the router. Each physical interface comprises a hardware IDB and at least one software IDB, although more than one software IDB may be supported and mapped to the same physical interface. An IDB is used for each of these types of interfaces: 7 Physical 7 Dialer 7 Virtual 7 Hidden 7 Subinterface 7 Tunnel 7 Loopback HTH Darren At 06:05 PM 05/03/2001 -0400, tim sullivan wrote: >All, >Does any have a link to a good explaination of what >a descriptor block is/does/gets config'd...I ahve searched the >CISCO site but do not get a clear pix.Not that I missed the >the doc on that tiny little site of theirs. > >Thanks >Tim >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] *** Darren S. Crawford Lucent Technologies Worldwide Services 2377 Gold Meadow WayPhone: (916) 859-5200 x310 Suite 230 Fax: (916) 859-5201 Sacramento, CA 95670Pager: (800) 467-1467 Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] http://www.lucent.com Network Systems Consultant - CCNA, CCIE Written "Providing the Power Operable Networks." *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3116&t=3104 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
PIX goes up to layer 4, so it won't do things like URL filtering. Checkpoint (or other SW) can do higher layer protection but may not be as well at the lower layers (due to security holes in the OS, etc) Eugene ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Asked sincerely, what advantages do you see in provisions PIX plus > checkpoint? > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > [EMAIL PROTECTED] > Sent: Thursday, May 03, 2001 2:47 PM > To: [EMAIL PROTECTED] > Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] > > It depends on your security policy , design and needs , generally what we > advice our > customers is checkpoint + pix together > > Hatim badr a icrit : > > > Hi , > > > > I would like to know the pluses and minuses of each product . Currently > We > > are using checkpoint and I want to convince my management to switch to > cisco > > PIX firewall . > > > > Thanks > > > > Hatim > > > > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3115&t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco router difference [7:3114]
Can anyone please tell me what is the difference between Cisco 4000 router and Cisco 4000M? Which one is more expensive? How much does 16DRAM cost? I also wants to know how much does it cost for the following modules: 1 X NP-2T ? 1 X NP-1R ? 1 X NP-1E ? Four port ISDN BRI (I don't know what this is called?) Thanks in advance. Regards, Hunt Lee IP Solution Analyst Cable and Wireless Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3114&t=3114 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DLSW questions, another idea .... ~o \.i./o~ ...... [7:3112]
Nizar, When I do show dl reach at r1. I am not able to see PC name Beta which is on r3 t0. I need to make sure the configs are good for task 2 requirement. I dont have a way to test this. I have netbios-name Alpha on r2 and netbios-name Beta on r3. I only see Alpha is reacable through r2 when I do show dlsw reac on r1. I am not sure this is the right way to approach task 2. Read the task 2 requirement. Thankx Regards, Shahzad -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hedhili Nizar Sent: Thursday, May 03, 2001 5:10 PM To: [EMAIL PROTECTED] Subject: Re: DLSW questions, another idea ~o \.i./o~ .. [7:3107] What is the problem if a problem exists ShahzaD Ali a icrit : > Hi folks, > > I am working on HaiBo DLSw+ Scenario > > t0 r1 - r2 --- r3 t0 > |t0 > > Task 1 > configure such that host at [r2] t0 can access host at [r3] t0. The > answer is quite obvious. > > Task 2 (this is the tricky one) > configure [r1] such that host at [r2] and [r3] can access host at [r1]. > Only ONE peer connection is allowed. Border peer command is not allowed. > > I am thinking to use remote peer Passthru between r1--r2 and r2--r3 which > will provide me the same > virtual-ring group to use between r1--r2 and r2--r3. But I am not able to > see Beta on r1. > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_ > c/bcprt2/bcddlsw.htm#21315 > > Any comments, suggestions on these configs. > > r1 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.1.1 > dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 > > r1#sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > Alpha UNCONFIRM REMOTE 140.1.2.2(2065) > > r2 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.2.2 > dlsw remote-peer 0 tcp 140.1.1.1 rif-passthru 100 > dlsw remote-peer 0 tcp 140.1.3.3 rif-passthru 100 > dlsw icanreach netbios-exclusive > dlsw icanreach netbios-name Alpha > ! > > r2# sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > BetaUNCONFIRM REMOTE 140.1.3.3(2065) > > r3 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.3.3 > dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 > dlsw icanreach netbios-exclusive > dlsw icanreach netbios-name Beta > > ! > r3#sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > Alpha UNCONFIRM REMOTE 140.1.2.2(2065) > > Regards, > > ShahzaD > > -Original Message- > From: ShahzaD Ali [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 20, 2001 6:53 PM > To: Huang HaiBo > Subject: RE: DLSW questions, another idea > > Did you get any feedback on this ??? > > Regards, > > sa > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Huang HaiBo > Sent: Wednesday, April 18, 2001 11:37 PM > To: simplimarvelous > Cc: [EMAIL PROTECTED] > Subject: Re: DLSW questions, another idea > > could you give details? > > - Original Message - > From: simplimarvelous > To: Michel GASPARD ; Huang HaiBo > Cc: > Sent: Thursday, April 19, 2001 11:37 AM > Subject: Re: DLSW questions, another idea > > > Is it possible to do it like this? > > > > Put R2 and R3 in a cluster leave R1 on its own. It would seem that R1 > would > > only need to make a connection to the clusters ring, and would not need to > > have a connection to both routers in the cluster. I would think that the > > cluster internal routers would communicate fine, and any traffic from r3 > to > > r1 would only have to make one connection via the clusters virtual ring. > > > > sounds good in theory... > > > > > > Gerald > > > > - Original Message - > > From: "Michel GASPARD" > > To: "Huang HaiBo" > > Cc: > > Sent: Wednesday, April 18, 2001 8:07 AM > > Subject: Re: DLSW questions, another idea > > > > > > > Dear all, > > > > > > I though about another possibility, but I do not manage to make it work. > > > > > > I assume that to solve point 1), I used "promiscuous" in R2. > > > > > > My idea was: why not create a second DLSW tunnel, between R1 and R2 > > > (just a simple remote-peer statement is enough on R1, nothing on R2 nor > > > R3). > > > > > > In that way, frames from R2 ro R1 are OK (simple DLSW). > > > > > > For frames from R3, I thought that they might be bridged R3-R2 with the > > > first DLSW tunnel, and then bridged again if necessary into the second > > > DLSW tunnel. > > > > > > But it seems it is not working that well (well, not at all..) in > > > reality. > > > > > > Does anybody have experience of "double DLSW" bridging, i.e. frames that > > > would arrive in a router DLSW, and would be bridged again though DLSW??? > > > > > > Eventhough, this exercice was good to think "one step further"!! > > > > > > Regards, > > > > > > Michel > > > > > > Huang HaiBo wrote: > > > > > > >
Re: ACL problem [7:3039]
Hi, Am I reading what you have correctly, It seems to me on one line you have the source address of 192.168.5.xxx and in the next statement 192.168.10.xxx. My guess is the second line should be more like access-list 110 permit tcp host 192.168.5.65 192.168.10.0 0.0.0.255 eq 1433 Or the first line to be the other way around depending on how you have the access-list applied to your interface. Just a thought Teunis Hobart, Tasmania Australia On Thursday, May 03, 2001 at 11:17:41 AM, Dwayne Saunders wrote: > Hi all, > Just wondering if you can help me I have a small problem with a ACL, > below you see that ip from 192.168.5.0 network is allowed to send to > anything and the next line > allows the 10 network to send to 5.65 on port 1433. My problem is that with > this in place I can get from the 5 network to the 10 but I do not get a > reply. I have another box with the ip of 192.168.5.66 with exactly the same > rule as the 192.168.5.65 box and this works. > Would anyone have any ideas on this > > access-list 110 permit ip 192.168.5.0 0.0.0.255 any > access-list 110 permit tcp 192.168.10.0 0.0.0.255 host 192.168.5.65 eq 1433 > > > D'Wayne Saunders > Senior MIS Operator, CCNA > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3113&t=3039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDA [7:3109]
www.examcram.com www.ccprep.com Hedhili Nizar CCNP and CCDP "[EMAIL PROTECTED]" a icrit : > I'm lookin for some CCDA free study stuff, if you have any links > please forward them (LABS would be good) thanking you in advance,, kind > regards, John [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type text/x-vcard which had a name of hedhili.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3111&t=3109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab in TOKYO [7:2489]
""Brian"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Brian "Sonic" Whalen > Success = Preparation + Opportunity Your sig is very similar to a line I came up with one time in response to a question about why I do not believe in 'luck.' My response was, "Luck is the convergence of opportunity and preparation." ---JRE--- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3110&t=2489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCDA [7:3109]
I'm lookin for some CCDA free study stuff, if you have any links please forward them (LABS would be good) thanking you in advance,, kind regards, John [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3109&t=3109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Will the NM-4T work on 2600 series routers [7:3056]
The following URL seems to strongly indicate that the NM-4T is supported: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/atm_ima.htm Joshua Beining wrote: > It seems that there is some confusion wrt network modules and 2600/3600 > routers. Searching on Ciscos site, they say that the NM-4T is not supported > for the 2600 series but I see cisco resellers, and others advertising the > NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says the > NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. > Thanks. > > -Joshua > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- Jonathan Hays Acropolis Systems, Inc. (408) 935-3016 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3108&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW questions, another idea .... ~o \.i./o~ ...... [7:3107]
What is the problem if a problem exists ShahzaD Ali a icrit : > Hi folks, > > I am working on HaiBo DLSw+ Scenario > > t0 r1 - r2 --- r3 t0 > |t0 > > Task 1 > configure such that host at [r2] t0 can access host at [r3] t0. The > answer is quite obvious. > > Task 2 (this is the tricky one) > configure [r1] such that host at [r2] and [r3] can access host at [r1]. > Only ONE peer connection is allowed. Border peer command is not allowed. > > I am thinking to use remote peer Passthru between r1--r2 and r2--r3 which > will provide me the same > virtual-ring group to use between r1--r2 and r2--r3. But I am not able to > see Beta on r1. > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_ > c/bcprt2/bcddlsw.htm#21315 > > Any comments, suggestions on these configs. > > r1 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.1.1 > dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 > > r1#sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > Alpha UNCONFIRM REMOTE 140.1.2.2(2065) > > r2 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.2.2 > dlsw remote-peer 0 tcp 140.1.1.1 rif-passthru 100 > dlsw remote-peer 0 tcp 140.1.3.3 rif-passthru 100 > dlsw icanreach netbios-exclusive > dlsw icanreach netbios-name Alpha > ! > > r2# sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > BetaUNCONFIRM REMOTE 140.1.3.3(2065) > > r3 > ! > source-bridge ring-group 100 > dlsw local-peer peer-id 140.1.3.3 > dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 > dlsw icanreach netbios-exclusive > dlsw icanreach netbios-name Beta > > ! > r3#sh dl rea > DLSw Remote NetBIOS Name reachability cache list > NetBIOS Namestatus Loc.peer > Alpha UNCONFIRM REMOTE 140.1.2.2(2065) > > Regards, > > ShahzaD > > -Original Message- > From: ShahzaD Ali [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 20, 2001 6:53 PM > To: Huang HaiBo > Subject: RE: DLSW questions, another idea > > Did you get any feedback on this ??? > > Regards, > > sa > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Huang HaiBo > Sent: Wednesday, April 18, 2001 11:37 PM > To: simplimarvelous > Cc: [EMAIL PROTECTED] > Subject: Re: DLSW questions, another idea > > could you give details? > > - Original Message - > From: simplimarvelous > To: Michel GASPARD ; Huang HaiBo > Cc: > Sent: Thursday, April 19, 2001 11:37 AM > Subject: Re: DLSW questions, another idea > > > Is it possible to do it like this? > > > > Put R2 and R3 in a cluster leave R1 on its own. It would seem that R1 > would > > only need to make a connection to the clusters ring, and would not need to > > have a connection to both routers in the cluster. I would think that the > > cluster internal routers would communicate fine, and any traffic from r3 > to > > r1 would only have to make one connection via the clusters virtual ring. > > > > sounds good in theory... > > > > > > Gerald > > > > - Original Message - > > From: "Michel GASPARD" > > To: "Huang HaiBo" > > Cc: > > Sent: Wednesday, April 18, 2001 8:07 AM > > Subject: Re: DLSW questions, another idea > > > > > > > Dear all, > > > > > > I though about another possibility, but I do not manage to make it work. > > > > > > I assume that to solve point 1), I used "promiscuous" in R2. > > > > > > My idea was: why not create a second DLSW tunnel, between R1 and R2 > > > (just a simple remote-peer statement is enough on R1, nothing on R2 nor > > > R3). > > > > > > In that way, frames from R2 ro R1 are OK (simple DLSW). > > > > > > For frames from R3, I thought that they might be bridged R3-R2 with the > > > first DLSW tunnel, and then bridged again if necessary into the second > > > DLSW tunnel. > > > > > > But it seems it is not working that well (well, not at all..) in > > > reality. > > > > > > Does anybody have experience of "double DLSW" bridging, i.e. frames that > > > would arrive in a router DLSW, and would be bridged again though DLSW??? > > > > > > Eventhough, this exercice was good to think "one step further"!! > > > > > > Regards, > > > > > > Michel > > > > > > Huang HaiBo wrote: > > > > > > > > Here is an interesting scenario I got from a practice lab. > > > > > > > >e0s0 s0s1 s0 e0 > > > > ---[r1]--[r2]-[r3]- > > > > | > > > > |e0 > > > > Task 1 > > > > configure such that host at [r2] e0 can access host at [r3] e0. The > > answer > > > > is quite obvious. > > > > > > > > Task 2 (this is the tricky one) > > > > configure [r1] such that host at [r2] and [r3] can access host at > [r1]. > > > > Only ONE peer connection is allowed. Border peer command is not > allowed. > > > > > > > > The initial thot I have is to configure [r2] as border pe
RE: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
Asked sincerely, what advantages do you see in provisions PIX plus checkpoint? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, May 03, 2001 2:47 PM To: [EMAIL PROTECTED] Subject:Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] It depends on your security policy , design and needs , generally what we advice our customers is checkpoint + pix together Hatim badr a icrit : > Hi , > > I would like to know the pluses and minuses of each product . Currently We > are using checkpoint and I want to convince my management to switch to cisco > PIX firewall . > > Thanks > > Hatim > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3106&t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: UPgrade Cisco 3000 to 2500 Router [7:2303]
I didn't know this was possible. Can anyone provide more detail? Neil Schneider ""Carl Hensley"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know how to upgrade a 3000 Router to a Cisco 2501. > What Boot Proms do I need. Where can I purchase the boot Proms. > And Flash memory. > > > > -- > Carl Hensley > [EMAIL PROTECTED] - email > (703) 234-3987 x1268 - voicemail/fax > > > > __ > FREE voicemail, email, and fax...all in one place. > Sign Up Now! http://www.onebox.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3105&t=2303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Route descriptor blocks???? [7:3104]
All, Does any have a link to a good explaination of what a descriptor block is/does/gets config'd...I ahve searched the CISCO site but do not get a clear pix.Not that I missed the the doc on that tiny little site of theirs. Thanks Tim _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3104&t=3104 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ACL [7:2882]
Am I correctly reading that you are terminating your IPSec tunnels on the same interface where the access-list in question will be applied? Are you running a router with the IOS firewall / IPSec feature set? Look, the rule is one access-list per direction per protocol per interface. Period. So no, you cannot have several IP access-lists applied in the same direction on a single interface. Them's the rules. That said, there is a separate access-list that defines traffic to be encrypted and sent through the VPN tunnel. This may be what you have in mind when you talk about several access-lists, each with a different function. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Allen May Sent: Thursday, May 03, 2001 8:52 AM To: [EMAIL PROTECTED] Subject:Re: ACL [7:2882] I'm sure there are plenty of people who know more about ACLs than I do...I just use 'em ;) But, correct me if I'm wrong, but doesn't it process every line in ACLs for the interface it's passing through until it finds a match for permit/deny? If you separate by ACL numbers you would have a few more lines...depending on the configuration maybe ALOT more lines...but it would be easier to manage and maintain in my opinion. The thing I'll have to play with this weekend is trying to combine an ACL for an outside interface that includes IPSec with TACACS+ authentication AND have regular access to the web servers on port 80 without authentication. If authenticated on IPSec you would have ports open for ftp. Now before we get into the fact that when you're authenticated you are on an inside interface & no longer bound by external interface, consider also having IPSec router to router or PIX to PIX dedicated tunnels. Seems sadistic that I thought this up but it's actually a project I'm putting myself through...rofl. Later Allen - Original Message - From: "Donald B Johnson jr" To: "Allen May" ; Sent: Thursday, May 03, 2001 11:45 AM Subject: Re: ACL [7:2882] > wouldn't that be a resource hog > > - Original Message - > From: "Allen May" > To: > Sent: Wednesday, May 02, 2001 1:55 PM > Subject: Re: ACL [7:2882] > > > > 1 reason would be to separate acl's per internal IP address you're > > permitting/denying access to. 101=specific IP allowing ftp and http, > > 102=different IP allowing http only, etc. It would look cleaner > anyway > > > > - Original Message - > > From: "Donald B Johnson jr" > > To: > > Sent: Wednesday, May 02, 2001 3:19 PM > > Subject: Re: ACL [7:2882] > > > > > > > Why > > > - Original Message - > > > From: "BASSOLE Rock" > > > To: > > > Sent: Wednesday, May 02, 2001 7:24 AM > > > Subject: ACL [7:2882] > > > > > > > > > > Hi, > > > > > > > > Can we apply more then one ACL per interface?.. > > > > > > > > > > > > Example: > > > > > > > > Interface Serial1 > > > > ip access-group 102 in > > > > ip access-group 103 out > > > > ip access-group 104 in > > > > ip access-group 105 out > > > > > > > > Thank you. > > > > > > > > Rock BASSOLE > > > > Til: +33 (0) 1 45 96 22 03 > > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3103&t=2882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
It depends on your security policy , design and needs , generally what we advice our customers is checkpoint + pix together Hatim badr a icrit : > Hi , > > I would like to know the pluses and minuses of each product . Currently We > are using checkpoint and I want to convince my management to switch to cisco > PIX firewall . > > Thanks > > Hatim > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3102&t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial cables... [7:3091]
At 04:22 PM 5/3/01, Rizzo Damian wrote: >Do they make a serial cable that goes from DB60M to the new High >Density >Smart Serial Male? Is there such a thing? The dense part I could believe. Sorry, couldn't resist. ;-) Priscilla > > Thanks! > >-Rizzo >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3101&t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Decnet to SNA [7:2961]
I need a detailled drawing of your installation and your desired design send me mail at [EMAIL PROTECTED] "Puckett, Larry (TIFPC)" a icrit : > Hi all, I have a challenge that I could use some good advice to design. > > I have a present topology of a DEC box that has a SNA gateway installed to > translate Decnet to SNA and the send through a modem eliminator (to provide > clock at 9.6k :~}) to an IBM3745 FEP. Those FEP services are being moved to > our central location in another city but the DEC services are staying put. > There is a Cisco routed network already in place between these two sites > with a 2502 on one end and a 3640 on the other. The 3640 is at the central > data center and has an OSA attachment to the mainframe. As I understand it, > OSA is layer 3 and depends on IP addresses but Decnet's addressing is layer > 2 using the MAC address. The DEC box is Ethernet connected but the 2502 at > that site is a Token Ring router. There is existing bridging between Token > Ring and Ethernet segments at that site but I'm not sure if the DEC segment > is already bridged. > > What I think I would like to do is to remove that SNA gateway from that DEC > box and depend on the LAN/WAN to get Decnet to the central site. I'm pretty > sure that the two routers will do this but once we get the information to > the central site, I'm not sure how to get it out of the router and into the > mainframe. We have thought of putting an SNA gateway at the central site and > basically recreating what they had up there but I'm hoping that we can use > the OSA instead. > > I do understand that the configuration of the routers is more than just > enabling Decnet, but I don't see any insurmountable hurdles there. Please > correct me if I'm wrong. > > Any advise will be greatly appreciated!! > > A point to point leased line is undesirable because of the costs. Telco's > pricing has a full T1 cheaper than a 9.6 circuit but we don't need that > bandwidth and equipment to throttle down seems a waste. > > Thank you, > Larry Puckette > Network Analyst CCNA,MCP,LANCP > Temple Inland > 1300 S. Mopac Expressway > Austin TX 78746 > [EMAIL PROTECTED] > (512)434-1838 > cell - (512)751-8315 > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3100&t=2961 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DLSW questions, another idea .... ~o \.i./o~ ...... [7:3099]
Hi folks, I am working on HaiBo DLSw+ Scenario t0 r1 - r2 --- r3 t0 |t0 Task 1 configure such that host at [r2] t0 can access host at [r3] t0. The answer is quite obvious. Task 2 (this is the tricky one) configure [r1] such that host at [r2] and [r3] can access host at [r1]. Only ONE peer connection is allowed. Border peer command is not allowed. I am thinking to use remote peer Passthru between r1--r2 and r2--r3 which will provide me the same virtual-ring group to use between r1--r2 and r2--r3. But I am not able to see Beta on r1. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_ c/bcprt2/bcddlsw.htm#21315 Any comments, suggestions on these configs. r1 ! source-bridge ring-group 100 dlsw local-peer peer-id 140.1.1.1 dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 r1#sh dl rea DLSw Remote NetBIOS Name reachability cache list NetBIOS Namestatus Loc.peer Alpha UNCONFIRM REMOTE 140.1.2.2(2065) r2 ! source-bridge ring-group 100 dlsw local-peer peer-id 140.1.2.2 dlsw remote-peer 0 tcp 140.1.1.1 rif-passthru 100 dlsw remote-peer 0 tcp 140.1.3.3 rif-passthru 100 dlsw icanreach netbios-exclusive dlsw icanreach netbios-name Alpha ! r2# sh dl rea DLSw Remote NetBIOS Name reachability cache list NetBIOS Namestatus Loc.peer BetaUNCONFIRM REMOTE 140.1.3.3(2065) r3 ! source-bridge ring-group 100 dlsw local-peer peer-id 140.1.3.3 dlsw remote-peer 0 tcp 140.1.2.2 rif-passthru 100 dlsw icanreach netbios-exclusive dlsw icanreach netbios-name Beta ! r3#sh dl rea DLSw Remote NetBIOS Name reachability cache list NetBIOS Namestatus Loc.peer Alpha UNCONFIRM REMOTE 140.1.2.2(2065) Regards, ShahzaD -Original Message- From: ShahzaD Ali [mailto:[EMAIL PROTECTED]] Sent: Friday, April 20, 2001 6:53 PM To: Huang HaiBo Subject: RE: DLSW questions, another idea Did you get any feedback on this ??? Regards, sa -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Huang HaiBo Sent: Wednesday, April 18, 2001 11:37 PM To: simplimarvelous Cc: [EMAIL PROTECTED] Subject: Re: DLSW questions, another idea could you give details? - Original Message - From: simplimarvelous To: Michel GASPARD ; Huang HaiBo Cc: Sent: Thursday, April 19, 2001 11:37 AM Subject: Re: DLSW questions, another idea > Is it possible to do it like this? > > Put R2 and R3 in a cluster leave R1 on its own. It would seem that R1 would > only need to make a connection to the clusters ring, and would not need to > have a connection to both routers in the cluster. I would think that the > cluster internal routers would communicate fine, and any traffic from r3 to > r1 would only have to make one connection via the clusters virtual ring. > > sounds good in theory... > > > Gerald > > - Original Message - > From: "Michel GASPARD" > To: "Huang HaiBo" > Cc: > Sent: Wednesday, April 18, 2001 8:07 AM > Subject: Re: DLSW questions, another idea > > > > Dear all, > > > > I though about another possibility, but I do not manage to make it work. > > > > I assume that to solve point 1), I used "promiscuous" in R2. > > > > My idea was: why not create a second DLSW tunnel, between R1 and R2 > > (just a simple remote-peer statement is enough on R1, nothing on R2 nor > > R3). > > > > In that way, frames from R2 ro R1 are OK (simple DLSW). > > > > For frames from R3, I thought that they might be bridged R3-R2 with the > > first DLSW tunnel, and then bridged again if necessary into the second > > DLSW tunnel. > > > > But it seems it is not working that well (well, not at all..) in > > reality. > > > > Does anybody have experience of "double DLSW" bridging, i.e. frames that > > would arrive in a router DLSW, and would be bridged again though DLSW??? > > > > Eventhough, this exercice was good to think "one step further"!! > > > > Regards, > > > > Michel > > > > Huang HaiBo wrote: > > > > > > Here is an interesting scenario I got from a practice lab. > > > > > >e0s0 s0s1 s0 e0 > > > ---[r1]--[r2]-[r3]- > > > | > > > |e0 > > > Task 1 > > > configure such that host at [r2] e0 can access host at [r3] e0. The > answer > > > is quite obvious. > > > > > > Task 2 (this is the tricky one) > > > configure [r1] such that host at [r2] and [r3] can access host at [r1]. > > > Only ONE peer connection is allowed. Border peer command is not allowed. > > > > > > The initial thot I have is to configure [r2] as border peer and then > > > both r1 and r3 will peer with the border peer. But this will > > > violate the rules becos no border peer command should be in r1. > > > > > > Another thot that came across my mind is to configure > > > r1 in prosmicuous mode. Then r2 and r3 will peer with r1. > > > Doing this will violate the rule again becos there will be 2 peer > connect
Radius ACL [7:3098]
I would like to apply a RADIUS access list to a Dial up interface. I know how to apply, but I4d like to know how to specify the direction of an access lists aplied to the interfaces. -- Eng. Paulo Roque Network Engineer [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3098&t=3098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Scary Kitty Mutation [7:3097]
I was rooting around in the debris field I call my office looking for my digital camera so I could auction those Catalyst 2926s and I came up with a pair of Catalyst 2600s - token ring switches. I got these things thinking they might be like the much feared Catalyst 3900 which has never been sighted anywhere other than a CCIE lab exam, but I don't think its the same thing - these switches drive just about like the old Grand Junction Catalyst 1900 switches. Anyway, there are two of them at these locations without any passwords: 24.3.233.101 2005 24.3.233.101 2006 If one of you scholars can forward me the pinout needed to cross token ring on an RJ45 port I'll whip up a cable for them. If I dig a little more I might find some token ring cables so I can hook a couple of routers up to these things. As always, if you mess it up email me at mailto:[EMAIL PROTECTED] so I can fix it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3097&t=3097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial cables... [7:3091]
Rizzo, Do you mean Smart Serial WIC2/T to WIC1/T? If so, you can get them at www.pacificcable.com for $52.00. (There is a picture of the cable at the bottom of their home page). HTH, Julie - Original Message - From: "Rizzo Damian" To: Sent: Thursday, May 03, 2001 4:22 PM Subject: Serial cables... [7:3091] > Do they make a serial cable that goes from DB60M to the new High > Density Smart Serial Male? > > Thanks! > >-Rizzo > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3096&t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Serial cables... [7:3091]
Try www.stonewallcable.com. They have that in their catalog. Prices are in the $65 range IIRC so check if someone else has it for less. > -Original Message- > From: Rizzo Damian [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 3:22 PM > To: [EMAIL PROTECTED] > Subject: Serial cables... [7:3091] > > > Do they make a serial cable that goes from DB60M to the new High > Density Smart Serial Male? > > Thanks! > >-Rizzo > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3095&t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT address in router arp-cache won't update [7:3094]
I recently removed a PIX 520 replaced it with a PIX 515. The problem was that the PIX's NAT address did not update on the router's arp cache (which is on the PIX's outside subnet). Of course, using the command "clear arp-cache" on the router fixes the problem. The question is, if the router updated the PIX's outside address arp cache entry (after a ping or two) why wouldn't the router update the NAT address arp cache entry? Below is a more detailed discussion (the repetition in some places may seem excessive but I find it helps some people). The .22 address was used by the PIX's NAT pool for ping from the inside workstation to the router and the .7 address in the arp cache is the PIX's outside interface (which is a result of pinging the router from the PIX's outside interface). PIX NAT address = 209.247.48.22 PIX outside = 209.247.48.7 Again, the partial router arp cache shown below is the result of two different pings. 1. Ping the router from the PIX's outside interface (.7) 2. Ping the router from a workstation on the PIX's inside subnet. The packet goes from the workstation to the inside PIX interface, out of the PIX's outside interface and to the router (and returns, if ping is successful). router#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 209.247.48.22 3 00e0.b600.8f13 ARPA Ethernet0/1 Internet 209.247.48.7 72 00e0.b600.8f13 ARPA Ethernet0/1 I swapped the PIX 520 with a PIX 515 (identical PIX config). See the second output below. 1. I first pinged the router's interface from the PIX 515, which worked fine, and you can see the Hardware Address changed for the router's .7 entry. 2. However, pinging from the workstation on the PIX's inside subnet to anything outside the PIX will not work. The router refuses to change its arp cache for .22 (you must use "clear arp-cache"). Why? PIX 515 outside = 209.247.48.7 (instead of PIX 520) router#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 209.247.48.22 5 00e0.b600.8f13 ARPA Ethernet0/1 Internet 209.247.48.71 0050.54ff.0f23 ARPA Ethernet0/1 To restate, the question: although I recognize that the router has an arp-cache age time of 4 hours, I don't see why it won't update the arp cache when a new packet comes in with the same .22 IP address and a different hardware address, like it did for the .7 IP address from the PIX outside interface. My readings on CCO regarding arp have not illuminated this problem for me. -- Jonathan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3094&t=3094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mo' Better Kitty Rides Again! [7:3093]
I have two Catalyst 2926s that are ebay bound but I don't have time to put the auctions up at the moment so I put them up for a few days so some of you aspiring CCNPs who can't afford these toys get a chance to play. They can be reached at these locations with the userid and password both being 'ebay'. The switches themselves have no passwords for access or enable. 24.3.233.101 2007 24.3.233.101 2008 The switches are cabled back to back to each other via the first ethernet port on their supervisor engines and the unit at port 2007 has its 24th fast ethernet port plugged into my other ethernet stuff. I was in Optimum Data the other day and I saw a Cisco 4700 with a fast ethernet port in it. I am going to visit those guys later today and I'll see if I can borrow that box for a few days so this will be a complete lab. If I do borrow a router it'll be placed at 24.3.233.1001 2006. Play nice! That means no changing the passwords, no access lists so others can't play, no messing with the other stuff thats hooked to my 2511, etc. If you accidentally dork it up send me email at mailto: [EMAIL PROTECTED] - I don't read my groupstudy mailbox much any more since I finished my CCNP/CCDP six months ago - this mailbox has 18,000 unread messages in it :-( Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3093&t=3093 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last minute Tips on CCIE written Exam [7:3085]
THINK! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Vincent Chong Sent: Thursday, May 03, 2001 11:55 AM To: [EMAIL PROTECTED] Subject:Last minute Tips on CCIE written Exam [7:3085] Hi; I will take CCIE written exam tomorrow morning. Any last minutes tips. I have been worked thry boson exam 1 and 2, bootcamp material, ccprep. I am fully understand all the materials, I do not know how much boson close to real exam. Just want last minutes advice. It will be my last Cisco paper exam. TIA Vincent Chong FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3092&t=3085 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Serial cables... [7:3091]
Do they make a serial cable that goes from DB60M to the new High Density Smart Serial Male? Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3091&t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP NAT Issue [7:3073]
I suspect it is to prevent a DoS type attack; something like the PIX not responding to ARP's that it announces. It would make my life a lot easier if the PIX would be smart enough to resolve it internally; we are having an issue now with inter-interface communication that I suspect is related. to IF100 you use external addresses and all ACL's are applied .. however going from IF100 to IF20 you need to set a NAT statement and a global statement and then use INTERNAL addresses. ... I wish there was a way to use external addresses in both 'directions' ... or to have the PIX act as above and accept these connections>. If I am incorrect *please* let me know ... would make my life easier in so many ways ... Thanks! TJ -Original Message- From: Justin Emilio [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 14:53 To: [EMAIL PROTECTED] Subject:Re: IP NAT Issue [7:3073] I still don't understand why I shouldn't be able to translate an address from one interface and out the same interface. I use that interface as my gateway for private addresses, so it will obviously will not be able to use the hub to get out on the internet. It seems like a limitation from Cisco that will not allow the "ip nat inside" and "ip nat outside" command to be placed on one interface. If I am wrong and this logically cannot work please fill me in. I just don't understand why I couldn't do that. Justin Emilio Tech Support CCNP, CCNA, CCDA, CSE MM Internet 888-654-4971 - Original Message - From: "Daniel Cotts" To: Sent: Thursday, May 03, 2001 11:10 AM Subject: RE: IP NAT Issue [7:3073] > No you can't. The hub is just that - a hub. There is only one interface. If > you connected to the Internet via your serial port then the following config > should work. If you need ethernet on the Internet side, then time to buy a > router with two ethernet interfaces. > > ip nat inside source list 1 interface Serial0 overload > > interface serial 0 > ip address aaa.xxx.yyy.zzz 255.255.255.0 > ip nat outside > > interface Ethernet0 > ip address 9.114.11.39 255.255.255.0 > ip nat inside > > access-list 1 permit 9.114.11.0 0.0.0.255 > > > -Original Message- > > From: Justin Emilio [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, May 03, 2001 12:46 PM > > To: [EMAIL PROTECTED] > > Subject: IP NAT Issue [7:3073] > > > > > > I am using a Cisco 2505 router which has a built in 8 port > > hub. This hub > > acts as 1 ethernet interface and I would like to use NAT to > > allow a network > > that is connected to the built in hub to be able to connect out to the > > internet through another port on the hub using 1 globally > > routable address > > with overloading. I tried using both "ip nat inside" and "ip > > nat outside" on > > the ethernet interface, but you can only use one of those > > commands on an > > interface. I played with different configurations yesterday > > and couldn't get > > any to work correctly. Should I be able to accomplish this? > > If anyone could > > help that would be greatly appreciated. Thanks > > > > > > Justin Emilio > > Tech Support > > CCNP, CCNA, CCDA, CSE > > MM Internet 888-654-4971 > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct > > and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3090&t=3073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Arrowpoint port assignment [7:3020]
Create a L3 rule to allow all ports and protocols then use an ACL to block the ports and protocols that you do not want to hit the rule. "Bradley J. Wilson" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It sounds like you want to create a VLAN, assign ports to the VLAN, and then > assign a single IP address to the VLAN. If this is the case, try this: > > int 1/1 [repeat on whichever interfaces you want] >bridge vlan 1 > > circuit VLAN1 >ip address 192.168.1.1 /24 > > > That should pretty much do it - you can then add services and content rules > from there. Don't forget a default route, too. > > > > - Original Message - > From: George Dodds > To: [EMAIL PROTECTED] > Sent: Thursday, May 03, 2001 7:11 AM > Subject: OT: Arrowpoint port assignment [7:3020] > > > I've got a pre cisco arrowpoint 800 and i'm wondering > if it's possible to assign a group of ports to an ip > address, currently i'm having to create individual > rules with a single port assigned to the ip address. > > Cheers > > George > > > = > George Dodds > > CCNA, MCP > > __ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great prices > http://auctions.yahoo.com/ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3089&t=3020 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
solution lab vs. ccbootcamp lab [7:3088]
anyone are subscriber to both labs and can give some comparison? the solution lab have about 17 labs, yet cheaper then ccbootcamp. how about the level of difficulty? _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3088&t=3088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last minute Tips on CCIE written Exam [7:3085]
It's not your last paper exam, Just the last exam for 2 years until Re-certification time comes. Ejay Hire -Original Message- From: Vincent Chong [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 2:55 PM To: [EMAIL PROTECTED] Subject: Last minute Tips on CCIE written Exam [7:3085] Hi; I will take CCIE written exam tomorrow morning. Any last minutes tips. I have been worked thry boson exam 1 and 2, bootcamp material, ccprep. I am fully understand all the materials, I do not know how much boson close to real exam. Just want last minutes advice. It will be my last Cisco paper exam. TIA Vincent Chong FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3087&t=3085 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Will the NM-4T work on 2600 series routers [7:3056]
- Original Message - From: "Daniel Cotts" > Joshua; > >From the Modularity Cafe area: > NM-4T: Four-port Serial Network Module 2600 series - Not Available > >From the pricing area (DPRG) NM-4T is not listed for the 2600s. > I seem to remember that someone plugged one into a 2600 and it wasn't > recognized. If that has changed and someone knows from experience then let > us know. We use in our environment some 2600 with NM-2W + 2x WIC-2T for almost same price as NM-4T. (for new pieces) This is more flexible that we can equip six serial ports if needed. The only potential advantage (if NM-4T would be supported in 2600) is the command show controller serial x/y showing actual clock rate provided by DCE. Probably negative answer for the subject could have the cause in some problems in different implementation of PCI buses in 2600 versus 3600 architectures. (old PCI bridge or so on) Note that NM-4T is very similar - PCB, chips, connector, with PA-4T for 7200 series. Pawel/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3086&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Last minute Tips on CCIE written Exam [7:3085]
Hi; I will take CCIE written exam tomorrow morning. Any last minutes tips. I have been worked thry boson exam 1 and 2, bootcamp material, ccprep. I am fully understand all the materials, I do not know how much boson close to real exam. Just want last minutes advice. It will be my last Cisco paper exam. TIA Vincent Chong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3085&t=3085 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP NAT Issue [7:3073]
I still don't understand why I shouldn't be able to translate an address from one interface and out the same interface. I use that interface as my gateway for private addresses, so it will obviously will not be able to use the hub to get out on the internet. It seems like a limitation from Cisco that will not allow the "ip nat inside" and "ip nat outside" command to be placed on one interface. If I am wrong and this logically cannot work please fill me in. I just don't understand why I couldn't do that. Justin Emilio Tech Support CCNP, CCNA, CCDA, CSE MM Internet 888-654-4971 - Original Message - From: "Daniel Cotts" To: Sent: Thursday, May 03, 2001 11:10 AM Subject: RE: IP NAT Issue [7:3073] > No you can't. The hub is just that - a hub. There is only one interface. If > you connected to the Internet via your serial port then the following config > should work. If you need ethernet on the Internet side, then time to buy a > router with two ethernet interfaces. > > ip nat inside source list 1 interface Serial0 overload > > interface serial 0 > ip address aaa.xxx.yyy.zzz 255.255.255.0 > ip nat outside > > interface Ethernet0 > ip address 9.114.11.39 255.255.255.0 > ip nat inside > > access-list 1 permit 9.114.11.0 0.0.0.255 > > > -Original Message- > > From: Justin Emilio [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, May 03, 2001 12:46 PM > > To: [EMAIL PROTECTED] > > Subject: IP NAT Issue [7:3073] > > > > > > I am using a Cisco 2505 router which has a built in 8 port > > hub. This hub > > acts as 1 ethernet interface and I would like to use NAT to > > allow a network > > that is connected to the built in hub to be able to connect out to the > > internet through another port on the hub using 1 globally > > routable address > > with overloading. I tried using both "ip nat inside" and "ip > > nat outside" on > > the ethernet interface, but you can only use one of those > > commands on an > > interface. I played with different configurations yesterday > > and couldn't get > > any to work correctly. Should I be able to accomplish this? > > If anyone could > > help that would be greatly appreciated. Thanks > > > > > > Justin Emilio > > Tech Support > > CCNP, CCNA, CCDA, CSE > > MM Internet 888-654-4971 > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct > > and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3084&t=3073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN exam [7:2890]
Jason, Why do you perceive the 700 series as not being worth your time? Do you believe that you'll never run into it in the field? Would it surprise you to learn that several well known Enterprises have very large installed bases of the 700 series? Given your presence on this mailing list I would have assumed that you were about learning and acquiring knowledge. This means knowing how to configure and troubleshoot older protocols such as AppleTalk, DECNET, IPX and routers such as the 700. Despite claims to the contrary there are still a large number of networks that aren't entirely IP or running IOS-driven hardware. jas At 04:18 PM 5/2/01 -0400, Jason Roysdon wrote: >It's not worth your time. If you know the other areas, 1-3 questions on it >won't hurt you (if that, I've heard rumors of 0 questions). > >When is Cisco going to EOL those piece of junks? Sure, sure, they're great >cheap desktop routers (ip & ipx), but the 800 line isn't that much more. > >-- >Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ >List email: [EMAIL PROTECTED] >Homepage: http://jason.artoo.net/ > > >"""[EMAIL PROTECTED], Michael (CAP, AFS, Contractor)""" > wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > If this has been asked already forgive me but how much of the Series 700 >is > > covered on the BCRAN examI'm guessing not that much... > > > > thanks in advance, > > > > Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3083&t=2890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade via console modem/ console port... [7:3074]
hmm, seems my "left-arrow break right-arrow" didn't show up for some reason, let's try that again: execute a break during bootup - Alt-B or from the toolbar Control then Send-Break under teraterm Andy - Original Message - From: "andyh" To: Sent: Thursday, May 03, 2001 7:02 PM Subject: Re: IOS upgrade via console modem/ console port... [7:3074] > execute a during bootup > > - Original Message - > From: > To: > Sent: Thursday, May 03, 2001 6:50 PM > Subject: IOS upgrade via console modem/ console port... [7:3074] > > > > Group- > > > > I'm trying to upgrade the IOS on a 2500 series router via > > the console port using a dial up modem, According to the Cisco > > website you have to be in the rommon> mode to accomplish this using the > > xmodem command... > > > > However I can't seem to get this 2501 to go into rommon, I've changed the > > > > > > config-register setting to 0x0, 0x1, & 0x3 > > > > Theses only put me into the boot mode & the old > mode. > > > > Can't seem to get to the rommon 1> mode though .. > > > > Any ideas ?? > > > > Thanks in advance.. > > > > GET INTERNET ACCESS FROM JUNO! > > Juno offers FREE or PREMIUM Internet access for less! > > Join Juno today! For your FREE software, visit: > > http://dl.www.juno.com/get/tagj. > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3082&t=3074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP NAT Issue [7:3073]
No you can't. The hub is just that - a hub. There is only one interface. If you connected to the Internet via your serial port then the following config should work. If you need ethernet on the Internet side, then time to buy a router with two ethernet interfaces. ip nat inside source list 1 interface Serial0 overload interface serial 0 ip address aaa.xxx.yyy.zzz 255.255.255.0 ip nat outside interface Ethernet0 ip address 9.114.11.39 255.255.255.0 ip nat inside access-list 1 permit 9.114.11.0 0.0.0.255 > -Original Message- > From: Justin Emilio [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:46 PM > To: [EMAIL PROTECTED] > Subject: IP NAT Issue [7:3073] > > > I am using a Cisco 2505 router which has a built in 8 port > hub. This hub > acts as 1 ethernet interface and I would like to use NAT to > allow a network > that is connected to the built in hub to be able to connect out to the > internet through another port on the hub using 1 globally > routable address > with overloading. I tried using both "ip nat inside" and "ip > nat outside" on > the ethernet interface, but you can only use one of those > commands on an > interface. I played with different configurations yesterday > and couldn't get > any to work correctly. Should I be able to accomplish this? > If anyone could > help that would be greatly appreciated. Thanks > > > Justin Emilio > Tech Support > CCNP, CCNA, CCDA, CSE > MM Internet 888-654-4971 > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3081&t=3073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please help me set up multiple VLANs [7:2993]
except that all ports default to VLAN1, so if you're in, say, an ISP hosting environment (ie semi-public rather than private, enterprise-type), then do you really want your management interfaces in the default VLAN? I would much rather have management iterfaces specifically configured to a non-default VLAN, so that there's no danger of well-meaning customers "having a look". Personally I don't use VLAN1 at all. Andy - Original Message - From: "Peter Van Oene" To: Sent: Thursday, May 03, 2001 6:40 PM Subject: Re: please help me set up multiple VLANs [7:2993] > Although you don't have to use VLAN 1 for management, it is highly suited > for this purpose. For example, you cannot delete VLAN 1, you cannot Prune > VLAN 1 from VTP advertisements, you cannot remove VLAN 1 from ISL/802.1q > trunks, CDP runs on VLAN 1 (as far as I recall), the default native VLAN > for trunks is VLAN one etc etc. > > Hence, in my opinion, it makes tremendous sense to leave VLAN 1 for > management and assign other VLANs for user traffic. Its a nice marriage :) > > Pete > > > *** REPLY SEPARATOR *** > > On 5/3/2001 at 1:02 PM Darren Crawford wrote: > > >I agree with Pete but your management VLAN doesn't have to be VLAN 1. For > >example, I implemented a DMZ for a client where we used VLAN 999 for the > >management "rail". > > > >Darren > > > >At 12:03 PM 05/03/2001 -0400, Peter Van Oene wrote: > >>Interface sc0 is not all that relevant here as far as I recall. You need > >to > >>simply set the interfaces you connect to on each router to a similar trunk > >>mode (ISL vs dot1q etc) and things should happen naturally. Your sc0 > >>interface is simply the management interface on the 5500 which should be > >>left in your management VLAN which is hopefully vlan 1. Keep in mind that > >>VLANS and Trunks etc are a layer 2 concept and do not involve or require > >IP > >>addressing. IP routing will certainly necessitate that you configure the > >>right subnets on each VLAN(broadcast domain) but the functionality of the > >>trunk itself is not dependant on that configuration. > >> > >>HTH > >> > >>Pete > >> > >> > >> > >> > >>*** REPLY SEPARATOR *** > >> > >>On 5/2/2001 at 11:36 PM Rich Chang wrote: > >> > >>>Dear CiscoGroupstudy.com > >>> > >>> I am having trouble getting the trunk up between a Cisco 7513 Router > >>> and a Cisco Switch 5500 so that VLAN's 10 and 20 can cross it. It > >may > >>> be because I can't set interface sc0 on the 5500 switch correctly. > >>> > >>> Assume VLAN 10 is 10.10.0.0/16 port 2/1 on Cisco 5500 switch > >>>VLAN 20 is 10.20.0.0/16 port 2/2 on Cisco 5500 switch > >>> > >>> Assume ISL Trunk 1/1 connected between 1/1 on Cisco 5500 switch to > >>> FastEthernet 3/0/0 to Cisco 7513 Router > >>> > >>> FastEthernet3/0/0.10 = 10.10.1.1 > >>> FastEthernet3/0/0.20 = 10.20.1.1 > >>> > >>> what should I use for the address for interface sc0 on the Switch? > >>> > >>> Interface sc0 determines port 1/1 address on the switch-- > >>>FAQ, list archives, and subscription info: > >>>http://www.groupstudy.com/list/cisco.html > >>>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >>FAQ, list archives, and subscription info: > >>http://www.groupstudy.com/list/cisco.html > >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > >*** * > >*** > >Darren S. Crawford > >Lucent Technologies Worldwide Services > >2377 Gold Meadow WayPhone: (916) 859-5200 x310 > >Suite 230 Fax: (916) 859-5201 > >Sacramento, CA 95670Pager: (800) 467-1467 > >Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] > >http://www.lucent.com Network Systems > >Consultant - CCNA, CCIE Written > > > >"Providing the Power Operable Networks." > > > >*** * > >*** > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3080&t=2993 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI wesite [7:3051]
My lawn needs mowing if you could come over I will pay you five dollars. You will have to bring your own water and you can't use the bathroom either. My wife doesn't let the help in the house. E-mail me if we're on. Thank You, Don Johnson - Original Message - From: "Eric Rivard" To: Sent: Thursday, May 03, 2001 9:13 AM Subject: OSI wesite [7:3051] > documentation of the OSI model, not from Cisco or anyone else, but the > actual documentation that states what each layer does from the ISO. I > found www.iso.ch, but to get anything you have to pay for it. I was > wondering if anyone could help. Thanks > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3079&t=3051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade via console modem/ console port... [7:3074]
execute a during bootup - Original Message - From: To: Sent: Thursday, May 03, 2001 6:50 PM Subject: IOS upgrade via console modem/ console port... [7:3074] > Group- > > I'm trying to upgrade the IOS on a 2500 series router via > the console port using a dial up modem, According to the Cisco > website you have to be in the rommon> mode to accomplish this using the > xmodem command... > > However I can't seem to get this 2501 to go into rommon, I've changed the > > > config-register setting to 0x0, 0x1, & 0x3 > > Theses only put me into the boot mode & the old > mode. > > Can't seem to get to the rommon 1> mode though .. > > Any ideas ?? > > Thanks in advance.. > > GET INTERNET ACCESS FROM JUNO! > Juno offers FREE or PREMIUM Internet access for less! > Join Juno today! For your FREE software, visit: > http://dl.www.juno.com/get/tagj. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3077&t=3074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Support [7:3052]
IP Plus and above - Original Message - From: "Gavin Wilson" To: Sent: Thursday, May 03, 2001 5:15 PM Subject: IOS Support [7:3052] > Hi there > > Can anyone tell me what version of IOS for the3640 will support vlan > trunking. > > Cheers Gavin > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3078&t=3052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT question [7:3050]
A better solution is to use the alias command as already mentioned. In order for this to work inside workstations, servers, etc must use a DNS server that is either in a DMZ or on the outside. ""Lupi, Guy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have also had this problem with clients who host web sites internally. > They try to get to the website by name and it of course resolves to the > public address, which they then try to get to from the "inside" network and > it fails. In those cases we have had to put host file entries on the > workstations to resolve the name to the private address for all inside > machines. > > -Original Message- > From: Evans, TJ [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:52 PM > To: [EMAIL PROTECTED] > Subject: RE: NAT question [7:3050] > > > If I recall correctly access to/through > the external addresses of internal machines from internal machines is a > no-no. > > > Internally - all should be well; i.e. - machines are able to communicate > openly with each other > > Internal 2 External systems - all should be well, and if you have static > address assignments they should be used appropriately. > > > External 2 Internal - all should be well; i.e. - systems outside the > firewall can access your internal systems fine > > Internal 2 External address of Internal system - um, no. > > > > Thanks! > TJ > > -Original Message- > From: Greg Smythe [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:10 > To: [EMAIL PROTECTED] > Subject: NAT question [7:3050] > > Hello -- > > I have some static NAT translating going on in my lab, and if I am "inside" > and try to telnet to the "outside" IP address of a machine, I get connection > refused. Telnetting to the "inside" IP address of the machine works. I do > have > an inbound access list on the "outside" interface, but it is allowing telnet > to the machine. Upon doing a show access-list command I see that the line > for > telnet is not even getting hit. So why can't I telnet to an "ouside" IP from > the "inside"? Strange thing is that I can ping the "outside" IP ok, but any > other sort of connections to it fail. > > Thanks! > > > Greg > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > * > The information in this email is confidential and may be legally privileged. > It is intended solely for the addressee. Access to this email by anyone else > is unauthorized. > > If you are not the intended recipient, any disclosure, copying, distribution > or any action taken or omitted to be taken in reliance on it, is prohibited > and may be unlawful. When addressed to our clients any opinions or advice > contained in this email are subject to the terms and conditions expressed in > the governing KPMG client engagement letter. > > * > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3076&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Will the NM-4T work on 2600 series routers [7:3056]
Joshua; >From the Modularity Cafe area: NM-4T: Four-port Serial Network Module 2600 series - Not Available >From the pricing area (DPRG) NM-4T is not listed for the 2600s. I seem to remember that someone plugged one into a 2600 and it wasn't recognized. If that has changed and someone knows from experience then let us know. > -Original Message- > From: Kevin Wigle [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 03, 2001 12:21 PM > To: [EMAIL PROTECTED] > Subject: Re: Will the NM-4T work on 2600 series routers [7:3056] > > > Geesh. you can't win, this list is for questions - > checking CCO > isn't all that friendly very often, but having said > that the > more you use it the more "manageable" it becomes. > > I also have lots of problems with "official" statements of > what module is > available for which router when talking about the 2600/3600 families. > > Anybody on this list should remember the threads not too long > ago about > Fastethernet "modules" for the 2600. One lister said he is > actually using > it but Cisco says it is not supported. > > Anyway, go to http://www.cisco.com/go/module > (I understand that url's get filtered if they're the first > thing so this > should work ... ) > > We'll see: if the url is stripped then go to www . cisco . > com / go / module > Take out all the spaces if you have to use this. > > Select the "Solution Finder" tab on the left and then "Search > Now" on the > next screen. > > For Search #1 select "ATM Edge Connectivity" > 2600 series > ATM > ATM > > and click on "Click Here for Search#1" > > Sorry, I can't help much more than that. > > I just checked and there are many listed but need IOS > 12.0(5)T or higher > > Kevin Wigle > > - Original Message - > From: Vincent Chong > To: > Sent: Thursday, May 03, 2001 12:37 PM > Subject: Re: Will the NM-4T work on 2600 series routers [7:3056] > > > > Yes it will, please checked with cisco web site before you post this > > question. > > > > ""Joshua Beining"" It seems that there is some confusion > wrt network > > modules and 2600/3600 > > > routers. Searching on Ciscos site, they say that the NM-4T is not > > supported > > > for the 2600 series but I see cisco resellers, and others > advertising > the > > > NM-4T for 2600/3600 routers. Am I missing the doc from > Cisco that says > > the > > > NM-4T is now supported on the 2600 sereis? Can anyone > provide some > imput. > > > Thanks. > > > > > > -Joshua Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3075&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS upgrade via console modem/ console port... [7:3074]
Group- I'm trying to upgrade the IOS on a 2500 series router via the console port using a dial up modem, According to the Cisco website you have to be in the rommon> mode to accomplish this using the xmodem command... However I can't seem to get this 2501 to go into rommon, I've changed the config-register setting to 0x0, 0x1, & 0x3 Theses only put me into the boot mode & the old > mode. Can't seem to get to the rommon 1> mode though .. Any ideas ?? Thanks in advance.. GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/tagj. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3074&t=3074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IP NAT Issue [7:3073]
I am using a Cisco 2505 router which has a built in 8 port hub. This hub acts as 1 ethernet interface and I would like to use NAT to allow a network that is connected to the built in hub to be able to connect out to the internet through another port on the hub using 1 globally routable address with overloading. I tried using both "ip nat inside" and "ip nat outside" on the ethernet interface, but you can only use one of those commands on an interface. I played with different configurations yesterday and couldn't get any to work correctly. Should I be able to accomplish this? If anyone could help that would be greatly appreciated. Thanks Justin Emilio Tech Support CCNP, CCNA, CCDA, CSE MM Internet 888-654-4971 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3073&t=3073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please help me set up multiple VLANs [7:2993]
Although you don't have to use VLAN 1 for management, it is highly suited for this purpose. For example, you cannot delete VLAN 1, you cannot Prune VLAN 1 from VTP advertisements, you cannot remove VLAN 1 from ISL/802.1q trunks, CDP runs on VLAN 1 (as far as I recall), the default native VLAN for trunks is VLAN one etc etc. Hence, in my opinion, it makes tremendous sense to leave VLAN 1 for management and assign other VLANs for user traffic. Its a nice marriage :) Pete *** REPLY SEPARATOR *** On 5/3/2001 at 1:02 PM Darren Crawford wrote: >I agree with Pete but your management VLAN doesn't have to be VLAN 1. For >example, I implemented a DMZ for a client where we used VLAN 999 for the >management "rail". > >Darren > >At 12:03 PM 05/03/2001 -0400, Peter Van Oene wrote: >>Interface sc0 is not all that relevant here as far as I recall. You need >to >>simply set the interfaces you connect to on each router to a similar trunk >>mode (ISL vs dot1q etc) and things should happen naturally. Your sc0 >>interface is simply the management interface on the 5500 which should be >>left in your management VLAN which is hopefully vlan 1. Keep in mind that >>VLANS and Trunks etc are a layer 2 concept and do not involve or require >IP >>addressing. IP routing will certainly necessitate that you configure the >>right subnets on each VLAN(broadcast domain) but the functionality of the >>trunk itself is not dependant on that configuration. >> >>HTH >> >>Pete >> >> >> >> >>*** REPLY SEPARATOR *** >> >>On 5/2/2001 at 11:36 PM Rich Chang wrote: >> >>>Dear CiscoGroupstudy.com >>> >>> I am having trouble getting the trunk up between a Cisco 7513 Router >>> and a Cisco Switch 5500 so that VLAN's 10 and 20 can cross it. It >may >>> be because I can't set interface sc0 on the 5500 switch correctly. >>> >>> Assume VLAN 10 is 10.10.0.0/16 port 2/1 on Cisco 5500 switch >>>VLAN 20 is 10.20.0.0/16 port 2/2 on Cisco 5500 switch >>> >>> Assume ISL Trunk 1/1 connected between 1/1 on Cisco 5500 switch to >>> FastEthernet 3/0/0 to Cisco 7513 Router >>> >>> FastEthernet3/0/0.10 = 10.10.1.1 >>> FastEthernet3/0/0.20 = 10.20.1.1 >>> >>> what should I use for the address for interface sc0 on the Switch? >>> >>> Interface sc0 determines port 1/1 address on the switch-- >>>FAQ, list archives, and subscription info: >>>http://www.groupstudy.com/list/cisco.html >>>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >*** >Darren S. Crawford >Lucent Technologies Worldwide Services >2377 Gold Meadow WayPhone: (916) 859-5200 x310 >Suite 230 Fax: (916) 859-5201 >Sacramento, CA 95670Pager: (800) 467-1467 >Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] >http://www.lucent.com Network Systems >Consultant - CCNA, CCIE Written > >"Providing the Power Operable Networks." > > >*** >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3072&t=2993 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI wesite [7:3051]
so pay for it already, you cheapskate! ;-) and then you can share it with the rest of our studygroup...and maybe we'll even contribute our $0.02 to it... j/k...howdy, bud!!! have a great day -e- - Original Message - From: "Eric Rivard" To: Sent: Thursday, May 03, 2001 9:13 AM Subject: OSI wesite [7:3051] > documentation of the OSI model, not from Cisco or anyone else, but the > actual documentation that states what each layer does from the ISO. I > found www.iso.ch, but to get anything you have to pay for it. I was > wondering if anyone could help. Thanks > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3071&t=3051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
interesting rip behaviour [7:3070]
I have notice something interesting when doing a rip scenario on a frame-relay hub-spoke setup. I had just turned off split-horizon on the hub. When I did a 'ip route clear *' on one of the spokes to force the removal of the rip routes, I noticed the following debug trace on this spoke. Ie. the hub 172.16.0.1 replied to a rip route query, even though this broke the split-horizon rule. RIP: sending general request on Serial0.1 to 255.255.255.255 RIP: sending general request on Serial0.1 to 224.0.0.9 RIP: received v1 update from 172.16.0.1 on Serial0.1 172.16.0.0 in 1 hops 1.0.0.0 in 2 hops Lateron, rip entries are getting old and go through proper hold-down and flush. See below R1.0.0.0/8 [120/2] via 172.16.0.1, 00:01:47, Serial0.1 172.16.0.0/24 is subnetted, 1 subnets C 172.16.0.0 is directly connected, Serial0.1 Is this proper behaviour? Wouldn't this allow for an infinity-race for a short time? (all routers are 2500 series, running 11.2 desktop) Thanks, Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3070&t=3070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco networking position in NJ [7:2989]
my mistake ;-) and it should have been "sink my fangs", right? -e- - Original Message - From: "Howard C. Berkowitz" To: Sent: Thursday, May 03, 2001 7:52 AM Subject: Re: Cisco networking position in NJ [7:2989] > >ohhh i'd love to dig my teeth into this one, but I don't have the energy > >after today ;-) > > > >-e- > > > Please. The advertisement is for an ASP. Hence, fangs, not teeth. > > > > >- Original Message - > >From: Raul F. Fernandez > >To: > >Sent: Wednesday, May 02, 2001 8:38 PM > >Subject: RE: Cisco networking position in NJ [7:2989] > > > > > >> Rut Ro > >> > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >> Ruihai An > >> Sent: Wednesday, May 02, 2001 10:27 PM > >> To: [EMAIL PROTECTED] > >> Subject: Cisco networking position in NJ [7:2989] > >> > >> > >> ASP company in Parsippany NJ is looking for junior to middle level Cisco > >> network enginner. Contact me if you are interested. > >> > >> Ruihai > >> FAQ, list archives, and subscription info: > >> http://www.groupstudy.com/list/cisco.html > >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >> FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3069&t=2989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Last minute advice for CCIE exam [7:3059]
gee, I'm almost tempted to say.. Go to CCO and download the CCIE blueprint! Don't ask that question here. but I won't Kevin Wigle - Original Message - From: Vincent Chong To: Sent: Thursday, May 03, 2001 12:49 PM Subject: Last minute advice for CCIE exam [7:3059] > Hi; > > I studied thruough the Bootcamp CCIE written material, Boson > CCIE written 1 and 2, > CCPrep token ring white paper. > > I would like to know what do I need to study, please give me an > advice. > How much does the real exam compare to Bosn and / bootcamp material. > > Any advice will be welcome! > > Thanks > Vincent Chong > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3068&t=3059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Will the NM-4T work on 2600 series routers [7:3056]
Geesh. you can't win, this list is for questions - checking CCO isn't all that friendly very often, but having said that the more you use it the more "manageable" it becomes. I also have lots of problems with "official" statements of what module is available for which router when talking about the 2600/3600 families. Anybody on this list should remember the threads not too long ago about Fastethernet "modules" for the 2600. One lister said he is actually using it but Cisco says it is not supported. Anyway, go to http://www.cisco.com/go/module (I understand that url's get filtered if they're the first thing so this should work ... ) We'll see: if the url is stripped then go to www . cisco . com / go / module Take out all the spaces if you have to use this. Select the "Solution Finder" tab on the left and then "Search Now" on the next screen. For Search #1 select "ATM Edge Connectivity" 2600 series ATM ATM and click on "Click Here for Search#1" Sorry, I can't help much more than that. I just checked and there are many listed but need IOS 12.0(5)T or higher Kevin Wigle - Original Message - From: Vincent Chong To: Sent: Thursday, May 03, 2001 12:37 PM Subject: Re: Will the NM-4T work on 2600 series routers [7:3056] > Yes it will, please checked with cisco web site before you post this > question. > > ""Joshua Beining"" It seems that there is some confusion wrt network > modules and 2600/3600 > > routers. Searching on Ciscos site, they say that the NM-4T is not > supported > > for the 2600 series but I see cisco resellers, and others advertising the > > NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says > the > > NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. > > Thanks. > > > > -Joshua > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3067&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed CCIE written on first try this morning [7:3066]
Passed the written on the first try this morning with flying colors. Very, very tricky exam. I used Routing TCP/IP by Doyle, TR white paper by Rossi, Boson 1 and 2, and various info. from CCO. THEIR IS NO SHORTCUT TO THIS EXAM! Don't rely on the Boson exams--they are good to get you in the right frame of mind, but won't do much else for you. Study the recommended reading list and info. on CCO. On to the lab exam. . . Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3066&t=3066 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT question [7:3050]
I have also had this problem with clients who host web sites internally. They try to get to the website by name and it of course resolves to the public address, which they then try to get to from the "inside" network and it fails. In those cases we have had to put host file entries on the workstations to resolve the name to the private address for all inside machines. -Original Message- From: Evans, TJ [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 12:52 PM To: [EMAIL PROTECTED] Subject: RE: NAT question [7:3050] If I recall correctly access to/through the external addresses of internal machines from internal machines is a no-no. Internally - all should be well; i.e. - machines are able to communicate openly with each other Internal 2 External systems - all should be well, and if you have static address assignments they should be used appropriately. External 2 Internal - all should be well; i.e. - systems outside the firewall can access your internal systems fine Internal 2 External address of Internal system - um, no. Thanks! TJ -Original Message- From: Greg Smythe [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 12:10 To: [EMAIL PROTECTED] Subject:NAT question [7:3050] Hello -- I have some static NAT translating going on in my lab, and if I am "inside" and try to telnet to the "outside" IP address of a machine, I get connection refused. Telnetting to the "inside" IP address of the machine works. I do have an inbound access list on the "outside" interface, but it is allowing telnet to the machine. Upon doing a show access-list command I see that the line for telnet is not even getting hit. So why can't I telnet to an "ouside" IP from the "inside"? Strange thing is that I can ping the "outside" IP ok, but any other sort of connections to it fail. Thanks! Greg FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3065&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please help me set up multiple VLANs [7:2993]
I agree with Pete but your management VLAN doesn't have to be VLAN 1. For example, I implemented a DMZ for a client where we used VLAN 999 for the management "rail". Darren At 12:03 PM 05/03/2001 -0400, Peter Van Oene wrote: >Interface sc0 is not all that relevant here as far as I recall. You need to >simply set the interfaces you connect to on each router to a similar trunk >mode (ISL vs dot1q etc) and things should happen naturally. Your sc0 >interface is simply the management interface on the 5500 which should be >left in your management VLAN which is hopefully vlan 1. Keep in mind that >VLANS and Trunks etc are a layer 2 concept and do not involve or require IP >addressing. IP routing will certainly necessitate that you configure the >right subnets on each VLAN(broadcast domain) but the functionality of the >trunk itself is not dependant on that configuration. > >HTH > >Pete > > > > >*** REPLY SEPARATOR *** > >On 5/2/2001 at 11:36 PM Rich Chang wrote: > >>Dear CiscoGroupstudy.com >> >> I am having trouble getting the trunk up between a Cisco 7513 Router >> and a Cisco Switch 5500 so that VLAN's 10 and 20 can cross it. It may >> be because I can't set interface sc0 on the 5500 switch correctly. >> >> Assume VLAN 10 is 10.10.0.0/16 port 2/1 on Cisco 5500 switch >>VLAN 20 is 10.20.0.0/16 port 2/2 on Cisco 5500 switch >> >> Assume ISL Trunk 1/1 connected between 1/1 on Cisco 5500 switch to >> FastEthernet 3/0/0 to Cisco 7513 Router >> >> FastEthernet3/0/0.10 = 10.10.1.1 >> FastEthernet3/0/0.20 = 10.20.1.1 >> >> what should I use for the address for interface sc0 on the Switch? >> >> Interface sc0 determines port 1/1 address on the switch-- >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] *** Darren S. Crawford Lucent Technologies Worldwide Services 2377 Gold Meadow WayPhone: (916) 859-5200 x310 Suite 230 Fax: (916) 859-5201 Sacramento, CA 95670Pager: (800) 467-1467 Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] http://www.lucent.com Network Systems Consultant - CCNA, CCIE Written "Providing the Power Operable Networks." *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3063&t=2993 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Will the NM-4T work on 2600 series routers [7:3056]
To repeat: You can check out the Cisco config tool at http://www.cisco.com/pcgi-bin/front.x/newConfig/config_root.pl for the most part, this will give you accurate information about what cards are supported on which platform. It is also a good way to check the IOS image required to support various cards. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joshua Beining Sent: Thursday, May 03, 2001 9:37 AM To: [EMAIL PROTECTED] Subject:Will the NM-4T work on 2600 series routers [7:3056] It seems that there is some confusion wrt network modules and 2600/3600 routers. Searching on Ciscos site, they say that the NM-4T is not supported for the 2600 series but I see cisco resellers, and others advertising the NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says the NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. Thanks. -Joshua FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3062&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT question [7:3050]
If I recall correctly access to/through the external addresses of internal machines from internal machines is a no-no. Internally - all should be well; i.e. - machines are able to communicate openly with each other Internal 2 External systems - all should be well, and if you have static address assignments they should be used appropriately. External 2 Internal - all should be well; i.e. - systems outside the firewall can access your internal systems fine Internal 2 External address of Internal system - um, no. Thanks! TJ -Original Message- From: Greg Smythe [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 12:10 To: [EMAIL PROTECTED] Subject:NAT question [7:3050] Hello -- I have some static NAT translating going on in my lab, and if I am "inside" and try to telnet to the "outside" IP address of a machine, I get connection refused. Telnetting to the "inside" IP address of the machine works. I do have an inbound access list on the "outside" interface, but it is allowing telnet to the machine. Upon doing a show access-list command I see that the line for telnet is not even getting hit. So why can't I telnet to an "ouside" IP from the "inside"? Strange thing is that I can ping the "outside" IP ok, but any other sort of connections to it fail. Thanks! Greg FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3061&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Last minute advice for CCIE exam [7:3059]
Hi; I studied thruough the Bootcamp CCIE written material, Boson CCIE written 1 and 2, CCPrep token ring white paper. I would like to know what do I need to study, please give me an advice. How much does the real exam compare to Bosn and / bootcamp material. Any advice will be welcome! Thanks Vincent Chong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3059&t=3059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI wesite [7:3051]
>documentation of the OSI model, not from Cisco or anyone else, but the >actual documentation that states what each layer does from the ISO. I >found www.iso.ch, but to get anything you have to pay for it. I was >wondering if anyone could help. Thanks You are correct. ISO/ITU documents are not free. My copy of ISO 7498, the reference model, is actually a hard copy -- no downloading, free or not, was available when I was involved in OSI development. Arguably, that's one of the reason the Internet protocols had more success -- the free availability of RFCs. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3060&t=3051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT question [7:3050]
Are you talking about a box that has a static translation for an external IP address and trying to telnet to that IP from the inside? If so, use an alias. - Original Message - From: "Greg Smythe" To: Sent: Thursday, May 03, 2001 11:09 AM Subject: NAT question [7:3050] > Hello -- > > I have some static NAT translating going on in my lab, and if I am "inside" > and try to telnet to the "outside" IP address of a machine, I get connection > refused. Telnetting to the "inside" IP address of the machine works. I do > have > an inbound access list on the "outside" interface, but it is allowing telnet > to the machine. Upon doing a show access-list command I see that the line for > telnet is not even getting hit. So why can't I telnet to an "ouside" IP from > the "inside"? Strange thing is that I can ping the "outside" IP ok, but any > other sort of connections to it fail. > > Thanks! > > > Greg > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3058&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Will the NM-4T work on 2600 series routers [7:3056]
Yes it will, please checked with cisco web site before you post this question. ""Joshua Beining"" It seems that there is some confusion wrt network modules and 2600/3600 > routers. Searching on Ciscos site, they say that the NM-4T is not supported > for the 2600 series but I see cisco resellers, and others advertising the > NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says the > NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. > Thanks. > > -Joshua > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3057&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Will the NM-4T work on 2600 series routers [7:3056]
It seems that there is some confusion wrt network modules and 2600/3600 routers. Searching on Ciscos site, they say that the NM-4T is not supported for the 2600 series but I see cisco resellers, and others advertising the NM-4T for 2600/3600 routers. Am I missing the doc from Cisco that says the NM-4T is now supported on the 2600 sereis? Can anyone provide some imput. Thanks. -Joshua Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3056&t=3056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDA [7:2971]
Yeah, the CCDA is good for that; but the payoff is in the case studies because it forces you to approach things from a different perspective -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Traceroute Sent: Thursday, May 03, 2001 1:32 AM To: [EMAIL PROTECTED] Subject: Re: CCDA [7:2971] I am enjoying studying for it now after obtaining CCNP. It is required for CCDP, and is reminding me of how important the basics are in designing. Its an easy one after the CCNP track but wheeew the case studies. My eyes burn every night... - Original Message - From: "Kevin Wigle" To: Sent: Wednesday, May 02, 2001 6:31 PM Subject: CCDA [7:2971] > Dear Group, > > I guess I've been sleeping again.. > > It used to be the case that getting CCDA meant that you have passed CCNA and > DCN. > > However looking at CCO, it seems that CCDA is now a one exam cert also - > although: > > CCDA Prerequisites > > Knowledge and skills to install, configure, and operate small networks. CCNA > certification is highly recommended. > Making it easier to get the junior certs I guess. Whether that is a good > thing > > > Kevin Wigle > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3055&t=2971 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX telnet again [7:3003]
Use SSH ... I don't believe the PIX supports telnet sessions on the outside interface, something about security risks ... ;) = FOR SSH: http://www.cisco.com/warp/public/110/authtopix.shtml#localSSH slightly modified excerpt: authentication> hostname THISISMYHOSTNAME !--- should already be set!! domain-name THISISMYDOMAIN !---may or may not be set already!! ca gen rsa key 1024 !---generates your key-pair if you do not have on already ssh timeout 60 !---set s disconnect timer ... always a good idea! passwd THISISMYPASSWORD ssh 0.0.0.0 0.0.0.0 outside !--- this allows anyone, anywhere to SSH to your PIX ... obviously can/should be changed ca save all !--- as a wr mem does *NOT* save the key info!! wr mem = And now you can use any one of the free SSH clients out there to securely connect to your PIX :). Thanks! TJ -Original Message- From: Jim Bond [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 02:08 To: [EMAIL PROTECTED] Subject:PIX telnet again [7:3003] Hello, I have an IPSEC between central office router to site office PIX. Central office uses public IP address, site office has only 1 public IP address, therefore, uses NAT. Everything works fines except I can't telnet from central office to PIX (inside or outside). I can telnet from central office to servers inside PIX. Is there any command I need to add on the PIX? According to CCO, if IPSEC is established, telnet to PIX outside should work, right? Thanks in advance. Jim __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3054&t=3003 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson for the Lab [7:3053]
I saw that Boson had some lab prep materials, but I didn't see anything in the archives about it. Has anybody tried it? _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3053&t=3053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS Support [7:3052]
Hi there Can anyone tell me what version of IOS for the3640 will support vlan trunking. Cheers Gavin Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3052&t=3052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSI wesite [7:3051]
documentation of the OSI model, not from Cisco or anyone else, but the actual documentation that states what each layer does from the ISO. I found www.iso.ch, but to get anything you have to pay for it. I was wondering if anyone could help. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3051&t=3051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT question [7:3050]
Hello -- I have some static NAT translating going on in my lab, and if I am "inside" and try to telnet to the "outside" IP address of a machine, I get connection refused. Telnetting to the "inside" IP address of the machine works. I do have an inbound access list on the "outside" interface, but it is allowing telnet to the machine. Upon doing a show access-list command I see that the line for telnet is not even getting hit. So why can't I telnet to an "ouside" IP from the "inside"? Strange thing is that I can ping the "outside" IP ok, but any other sort of connections to it fail. Thanks! Greg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3050&t=3050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
