Re: A Custom Queuing Question [7:17622]
Ooppps... I think I am still failed to deliver my Q :( My only confusion in this topic is that what Bandwidth we need to consider ,when we do our lab scenerios..Like u consider here 64K...and divide it as per requirement.. Like for eg..I can see that IN FATKID LabA,they r saying that As FR link BW is 64K ,and than diving 64K among different traffic. On the other hand in another Lab(with normal serial link),they are considering 32K as orignal BW and than playing with it.. As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our actual BW.. But When I used Sh interface S0, it shows BW=128K?? This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? Thanks for your help. Cisco Lover From: Tony Medeiros Reply-To: Tony Medeiros To: [EMAIL PROTECTED] Subject: Re: A Custom Queuing Question [7:17622] Date: Wed, 29 Aug 2001 01:52:36 -0400 Assume a 64k link. Custom queueing used Byte counts not bits for it queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES per second link. Right ?? So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: queue-list 10 protocol ip 1 tcp www queue-list 10 protocol ip 2 tcp ftp queue-list 10 default 3 queue-list 10 queue 1 byte-count 2000 queue-list 10 queue 2 byte-count 4000 queue-list 10 queue 3 byte-count 2000 I made 3 queues and divided the 8k of BYTES that I can push through it. Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K bytes. All add up to 8K bytes that we can push through the link. WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes or 50% of the link, and anything else (default, the catch all) gets 2K bytes or 25% Does this help you understand? It's been a while since I wrote one of these so I hope I got all the syntax right. Tony M. #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 9:41 PM Subject: A Custom Queuing Question [7:17622] Hi Friends, Can any one here please explain what should be thebandwidth Value if we need to divide traffic by percentage ,using Custom queuing. As far as I know(IF Im right )during our lab,as we usually take clock as 64Kbps,then we need to divide this factor (64/8) among the traffic. What about othersI m still confused.. HeyCan you please solve my confusion.,.(examples preffered :) Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17632t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
hello everyone.... [7:17633]
I am somewhat new to Cisco and routers. I purchased the Sybex CCNA by todd lammle and I have to say it doesn't go into detail as to where to hook up the cables and which end is going where etc etc. I basically have two 2501 routers on RouterA I have a DTE end connected to serial 0 and on RouterB I have the same cable but with the end labeled DCE running striaght into serial 0. This as far as I found is the way it should be connected. Now my question is this, for the ethernet port I have two LanCast Transceivers I put one transceiver on one router...and the other transceiver on the other router. I have a RJ45 cable running from RouterA to RouterB is this the way its suppose to be? If so for some reason I'm unable to get the ethernet port to workand its causing much confusion. IS the ethernet port for LAN only and the serial ports for WAN...is this how Cisco set this up?? Thank you for reading through this lengthy e-mail and I awaite for your responses. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17633t=17633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2520 cisco router problem [7:17634]
Here i am facing a vey strange problem.we r using 2520 cisco router with 11.3(2) IOS and ser01 r connected to other centre with 2 mbps link. Now we r facing that the router is getting restarted intermittently givving following error. System restarted by error - Zero Divide, PC 0x312455C And when we r shuttting one particular link down it is normal. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17634t=17634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hello everyone.... [7:17633]
You have connected the serial links correctly (just remember to configure the clock rate at the DCE side). As far as the ethernet interfaces are concerned: you must use a crossover cable between the two transceivers in order to get them to communicate. Abraham de Villiers (Diffy) Teltraswitch Facilitator Telkom Centre for Learning Tel : (021) 550 1855 or (021) 550 1800 Fax: (021) 551 4193 Cell: 082 824 9724 eMail : devilla1@telkom. Please Note: The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender by return e-mail. This document could contain proprietary information. The dissemination, copying, disclosure, use or the taking of any action in reliance on the contents thereof without the written consent of Telkom SA Ltd is strictly prohibited. [EMAIL PROTECTED] 08/29/01 08:43AM I am somewhat new to Cisco and routers. I purchased the Sybex CCNA by todd lammle and I have to say it doesn't go into detail as to where to hook up the cables and which end is going where etc etc. I basically have two 2501 routers on RouterA I have a DTE end connected to serial 0 and on RouterB I have the same cable but with the end labeled DCE running striaght into serial 0. This as far as I found is the way it should be connected. Now my question is this, for the ethernet port I have two LanCast Transceivers I put one transceiver on one router...and the other transceiver on the other router. I have a RJ45 cable running from RouterA to RouterB is this the way its suppose to be? If so for some reason I'm unable to get the ethernet port to workand its causing much confusion. IS the ethernet port for LAN only and the serial ports for WAN...is this how Cisco set this up?? Thank you for reading through this lengthy e-mail and I awaite for your responses. [GroupStudy.com removed an attachment of type text/x-vcard] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17635t=17633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hello everyone.... [7:17633]
Make sure you are using a crossover cable if you are going directly between the two ethernet ports. Symon --- I am somewhat new to Cisco and routers. I purchased the Sybex CCNA by todd lammle and I have to say it doesn't go into detail as to where to hook up the cables and which end is going where etc etc. I basically have two 2501 routers on RouterA I have a DTE end connected to serial 0 and on RouterB I have the same cable but with the end labeled DCE running striaght into serial 0. This as far as I found is the way it should be connected. Now my question is this, for the ethernet port I have two LanCast Transceivers I put one transceiver on one router...and the other transceiver on the other router. I have a RJ45 cable running from RouterA to RouterB is this the way its suppose to be? If so for some reason I'm unable to get the ethernet port to workand its causing much confusion. IS the ethernet port for LAN only and the serial ports for WAN...is this how Cisco set this up?? Thank you for reading through this lengthy e-mail and I awaite for your responses. [EMAIL PROTECTED] Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17637t=17633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2501 Acces Pro [7:17414]
hmmm, I have a converted Ciscopro 2503, 16/16 and I am pretty sure I put 12.2 on it. I'll have a look tonight when I get home. Symon --- At 01:22 PM 8/27/01 -0400, you wrote: Has anyone had any experience with these? I just was given two of them for free and want to upgrade them to new code. When I try to upgrade them, I get a message that says wrong software for this platform. I'm not sure if it is because the boot rom is too old, or if it is something else. If I put in new 2500 boot rom and upgrade the memory, will these run the new code? Which version of new code are you attempting to run? If you're thinking 12.1 or 12.2 code, forget it! I'm currently running 12.0-18 code on one nowand I haven't had any luck going any higher than that! And I have the latest bootroms with 16D/16F installed. Stefan [EMAIL PROTECTED] Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17636t=17414 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Learning PIX [7:17639]
Pls recomend me some good reading materials for PIX, I am well versed with Standard extended Access-list ... rgds Tapas Das Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17639t=17639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help needed for Tacacs+ [7:17638]
Hi, Is some body has any idea about configuring Tacacs+ with Ldap Server for Authentication? I would be pleased if any body who has its idea, share his knowledge with me to solve this problem. Thanks, Arshad Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17638t=17638 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: how to connect to token interface on router with IBM 8228 [7:17640]
Use a Type 1 cable. It has a male DB-9 connector that connects to the router on one side, and an IBM Data Connector that plugs into the MAU on the other. - Original Message - From: Omer Ehsan Dar To: Sent: Tuesday, August 28, 2001 9:38 PM Subject: how to connect to token interface on router with IBM 8228 MAU [7:17621] Hi all, If any can help me out I would be grateful Thanks in advance Omer Dar _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17640t=17640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A Custom Queuing Question [7:17622]
The actual bandwidth is the clock rate of the link.period. The bandwidth statment is for other protocols and processes, (IGRP and EIGRP, etc ) to use as a reference in the metric caclulation. OSPF uses it too (I think) to calculate cost. Which just is a derivitive of link bandwidth. You use the bandwidth statment to manaipulate the routing metrics to your desire, for prefered links on equal cost paths, etc. Some queing methods and congestiong avoidance methods use the bandwidth statement for their calculations. But custom queueing is NOT one of them. Base you list on clock rate(or CIR if frame relay and using P toP subinterfaces) of the link. Frame relay is going to make this a little deeper. Good question though !! I going to investigate whether Class based wieghted fair queuing depends on this statment. I know I can specify bandwith on in my prioity maps. Sorry I missed what you were actually asking about. Tony M #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 11:39 PM Subject: Re: A Custom Queuing Question [7:17622] Ooppps... I think I am still failed to deliver my Q :( My only confusion in this topic is that what Bandwidth we need to consider ,when we do our lab scenerios..Like u consider here 64K...and divide it as per requirement.. Like for eg..I can see that IN FATKID LabA,they r saying that As FR link BW is 64K ,and than diving 64K among different traffic. On the other hand in another Lab(with normal serial link),they are considering 32K as orignal BW and than playing with it.. As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our actual BW.. But When I used Sh interface S0, it shows BW=128K?? This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? Thanks for your help. Cisco Lover From: Tony Medeiros Reply-To: Tony Medeiros To: [EMAIL PROTECTED] Subject: Re: A Custom Queuing Question [7:17622] Date: Wed, 29 Aug 2001 01:52:36 -0400 Assume a 64k link. Custom queueing used Byte counts not bits for it queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES per second link. Right ?? So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: queue-list 10 protocol ip 1 tcp www queue-list 10 protocol ip 2 tcp ftp queue-list 10 default 3 queue-list 10 queue 1 byte-count 2000 queue-list 10 queue 2 byte-count 4000 queue-list 10 queue 3 byte-count 2000 I made 3 queues and divided the 8k of BYTES that I can push through it. Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K bytes. All add up to 8K bytes that we can push through the link. WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes or 50% of the link, and anything else (default, the catch all) gets 2K bytes or 25% Does this help you understand? It's been a while since I wrote one of these so I hope I got all the syntax right. Tony M. #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 9:41 PM Subject: A Custom Queuing Question [7:17622] Hi Friends, Can any one here please explain what should be thebandwidth Value if we need to divide traffic by percentage ,using Custom queuing. As far as I know(IF Im right )during our lab,as we usually take clock as 64Kbps,then we need to divide this factor (64/8) among the traffic. What about othersI m still confused.. HeyCan you please solve my confusion.,.(examples preffered :) Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17641t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A Custom Queuing Question [7:17622]
Thanks a lot Tony SOme More Q's on your way.. :) From: Tony Medeiros To: Cisco Lover , Subject: Re: A Custom Queuing Question [7:17622] Date: Wed, 29 Aug 2001 00:41:05 -0700 The actual bandwidth is the clock rate of the link.period. The bandwidth statment is for other protocols and processes, (IGRP and EIGRP, etc ) to use as a reference in the metric caclulation. OSPF uses it too (I think) to calculate cost. Which just is a derivitive of link bandwidth. You use the bandwidth statment to manaipulate the routing metrics to your desire, for prefered links on equal cost paths, etc. Some queing methods and congestiong avoidance methods use the bandwidth statement for their calculations. But custom queueing is NOT one of them. Base you list on clock rate(or CIR if frame relay and using P toP subinterfaces) of the link. Frame relay is going to make this a little deeper. Good question though !! I going to investigate whether Class based wieghted fair queuing depends on this statment. I know I can specify bandwith on in my prioity maps. Sorry I missed what you were actually asking about. Tony M #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 11:39 PM Subject: Re: A Custom Queuing Question [7:17622] Ooppps... I think I am still failed to deliver my Q :( My only confusion in this topic is that what Bandwidth we need to consider ,when we do our lab scenerios..Like u consider here 64K...and divide it as per requirement.. Like for eg..I can see that IN FATKID LabA,they r saying that As FR link BW is 64K ,and than diving 64K among different traffic. On the other hand in another Lab(with normal serial link),they are considering 32K as orignal BW and than playing with it.. As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our actual BW.. But When I used Sh interface S0, it shows BW=128K?? This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? Thanks for your help. Cisco Lover From: Tony Medeiros Reply-To: Tony Medeiros To: [EMAIL PROTECTED] Subject: Re: A Custom Queuing Question [7:17622] Date: Wed, 29 Aug 2001 01:52:36 -0400 Assume a 64k link. Custom queueing used Byte counts not bits for it queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES per second link. Right ?? So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: queue-list 10 protocol ip 1 tcp www queue-list 10 protocol ip 2 tcp ftp queue-list 10 default 3 queue-list 10 queue 1 byte-count 2000 queue-list 10 queue 2 byte-count 4000 queue-list 10 queue 3 byte-count 2000 I made 3 queues and divided the 8k of BYTES that I can push through it. Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K bytes. All add up to 8K bytes that we can push through the link. WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes or 50% of the link, and anything else (default, the catch all) gets 2K bytes or 25% Does this help you understand? It's been a while since I wrote one of these so I hope I got all the syntax right. Tony M. #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 9:41 PM Subject: A Custom Queuing Question [7:17622] Hi Friends, Can any one here please explain what should be thebandwidth Value if we need to divide traffic by percentage ,using Custom queuing. As far as I know(IF Im right )during our lab,as we usually take clock as 64Kbps,then we need to divide this factor (64/8) among the traffic. What about othersI m still confused.. HeyCan you please solve my confusion.,.(examples preffered :) Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17642t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BPDUs [7:17607]
I diasagree, I understood that the BPDU has it's own frame format ..the frame format depends on what type of spanning tree is configured.There is no concept of a SAP field. Destination Address The Destination Address field indicates the destination address as specified in the Bridge Group Address table. For IEEE Spanning-Tree Protocol BPDU frames, the address is 0x80014300. For IBM Spanning-Tree Protocol BPDU frames, the address is 0xC100. For Cisco Spanning-Tree Protocol BPDU frames, the address is 0x800778020200. Source Address The Source Address field indicates the base MAC address used by the switch. For Cisco Spanning-Tree Protocol BPDU frames, the multicast bit is set to indicate the presence of a RIF in the header. -Original Message- From: Michael Snyder [mailto:[EMAIL PROTECTED]] Sent: 29 August 2001 04:59 To: [EMAIL PROTECTED] Subject: Re: BPDUs [7:17607] Layer two broadcast. What Sap does it use? Christopher Supino wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All , I came across this question while studying: How are BPDU's propagated amongst switches? Broadcast, multicast, or unicast? Anyone have an explanation? Christopher Supino CCNP, CCDP, MCSE, CNA5, ASE Senior System Engineer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17644t=17607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPPoE sessions supported for 3660 [7:17513]
Yes Sir! Please help. Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I assume that you are asking how many PPPoE sessions can be terminated on this device ? Daigorho wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... HI all, I would like to know how many PPPoE sessions can be supported by 3660 with IOS 12.2(2)T Thanks in advance. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17643t=17513 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Learning PIX [7:17639]
Best starting point IMHO is: Cisco Press, Designing network security. Tony - Original Message - From: Tapas Das To: Sent: Wednesday, August 29, 2001 12:45 AM Subject: Learning PIX [7:17639] Pls recomend me some good reading materials for PIX, I am well versed with Standard extended Access-list ... rgds Tapas Das Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17645t=17639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IPSEC Q's [7:17646]
Hi Guys.. Can you please help for some IPSEC Stuf. Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? Q2. Is there any way to confirm if Our VPN/IPSEC setup is working properly.. I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant see any thing coming.Below is my config and Show command results. My concern is to protect Telnet traffic b/w thess two guys. ISDN1#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN1 ! enable secret 5 $1$LYk/$PJGs8FlVtZXjf/dcBrwcO/ ! ! ! ! ! memory-size iomem 7 ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.3.1 255.255.255.255 crypto isakmp key cisco address 135.25.11.1 255.255.255.252 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.1 set peer 135.25.3.1 set transform-set Cisco2 match address 110 ! ! ! ! interface Loopback0 ip address 135.25.4.1 255.255.255.255 no ip directed-broadcast ! interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside duplex auto speed auto ! interface Serial0/0 ip address 135.25.11.2 255.255.255.252 no ip directed-broadcast ip nat outside no ip mroute-cache no fair-queue crypto map CCIE ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface FastEthernet0/1 ip address 135.25.11.9 255.255.255.252 no ip directed-broadcast duplex auto speed auto ! router ospf 64 network 135.25.4.1 0.0.0.0 area 0 network 135.25.11.2 0.0.0.0 area 0 network 135.25.11.9 0.0.0.0 area 0 ! ip nat pool CCIE 135.25.11.2 135.25.11.2 prefix-length 30 ip nat inside source list 1 pool CCIE overload ip classless no ip http server ! access-list 1 permit 10.1.1.0 0.0.0.255 access-list 110 permit tcp host 135.25.4.1 host 135.25.3.1 eq telnet ! ! voice-port 1/0/0 ! voice-port 1/0/1 ! voice-port 1/1/0 ! voice-port 1/1/1 ! ! ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ISDN2#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN2 ! enable secret 5 $1$so9r$GFjeRLyea2vUgn2HbMvOG1 ! ! ! ! ! ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.11.2 crypto isakmp key cisco address 135.25.4.1 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.2 set peer 135.25.4.1 set transform-set Cisco2 match address 110 partition flash 2 16 8 ! ! ! ! ! ! ! interface Loopback0 ip address 135.25.3.1 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 10.1.1.2 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! interface Serial1/0 ip address 135.25.9.1 255.255.255.252 no ip directed-broadcast fair-queue 64 32 1 clockrate 72000 ip rsvp bandwidth 16 13 ! interface Serial1/1 ip address 135.25.11.1 255.255.255.252 no ip directed-broadcast clockrate 72000 crypto map CCIE ! interface Serial1/2 ip address 135.25.9.5 255.255.255.252 no ip directed-broadcast clockrate 72000 ! interface Serial1/3 no ip address no ip directed-broadcast shutdown ! interface Serial1/4 ip address 135.25.11.5 255.255.255.252 no ip directed-broadcast ! interface Serial1/5 no ip address no ip directed-broadcast shutdown ! interface Serial1/6 no ip address no ip directed-broadcast shutdown ! interface Serial1/7 no ip address no ip directed-broadcast shutdown ! router ospf 64 network 135.25.3.1 0.0.0.0 area 0 network 135.25.9.1 0.0.0.0 area 0 network 135.25.9.5 0.0.0.0 area 0 network 135.25.11.1 0.0.0.0 area 0 network 135.25.11.5 0.0.0.0 area 0 ! ip classless no ip http server ! access-list 110 permit tcp host 135.25.3.1 host 135.25.4.1 eq telnet ! ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ! end ISDN2# sh crypto ipsec sa ISDN2# sh crypto ipsec sa interface: Serial1/1 Crypto map tag: CCIE, local addr. 135.25.11.1 local ident (addr/mask/prot/port): (135.25.3.1/255.255.255.255/6/0) remote ident (addr/mask/prot/port): (135.25.4.1/255.255.255.255/6/23) current_peer: 135.25.11.2 PERMIT,
ccna companion question [7:17648]
CNNA Companion question (obviously I read the answer and I know the command , but I would like to know why...) Which of the following addresses would be require the use of ip subnet-zero command? 156.100.11.37 255.255.240.0 131.64.16.133 255.255.255.128 192.168.36.10 255.255.255.0 205.100.16.3 255.255.255.0 Ciao e grazie, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17648t=17648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
please clear my concept on frame-relay and ISDN [7:17649]
Hi.. Dear all, I don!t understand this. Hope u can clear my concept. I have a 1700 router in remote office(Milan) which is connected to a main router in London via a Frame-relay link in interface s0.1. My IT colleague (Milan) told me that the frame-relay line was cancelled last week by ISP!s mistake and the link has been running on ISDN since the 20th August. Until now it is still in ISDN. Now I found that the Milan(remote) router is still connecting main router via the same interface s0.1. When I type !'sh int s0.1!( shown below, it still show me that it is a frame-relay. 1)How do I know whether it is on ISDN or not, what command? 2)What is the difference between frame-relay line and lease line. Can I say that previously the line is a frame-relay leased line and now it is a frame-relay ISDN line?? 3)How can they change the line into a ISDN using the same interface? I thought it should have a ISDN back up interface?? Can the ISP vendor change the circuit to ISDN at their site without coming the Milan office? Or the Remote(Milan) office change a ISDN!s CSU/DSU and made it to a ISDN line? MILAN1sh int s0.1 Serial0.1 is up, line protocol is up Hardware is PowerQUICC Serial Description: --- Links to LON1, Ser1/0.12 --- Internet address is 60.100.201.152/30 MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17649t=17649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my router [7:17647]
try sh user HTH Fanglo PHIMHONGKONG wrote: HELLO I have a question what COMMAND help me to know what connection in your router . and who is connecting to your router now Like in Window you can use NETSTAT But in Router what command should i type Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17647t=17647 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ebgp multihop values [7:17650]
hi all , anyone know why we put ebgp multi-hop where number can be 1 to 255 if it always work if we put ebg multi-hop without the which by default is 255 ? regards, suaveguru __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17650t=17650 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSEC Q's [7:17646]
The access-list is the important point - if you traffic doesn't get caught by the access-list it wont be encrypted. Your access list encrypts telnet traffic that is sourced from the loopback address. Now I could be wrong, but if you are on router ISDN1 and telnet to the loopback address of ISDN2, the source address will be the ISDN1 routers S0/0 interface IP address, NOT the ISDN1 loopback address. I would change your access-list. You can easily tell if your traffic is matching your access list by doing a 'debug ip packet detail 110'. You can see how many encrypted packets using the 'sh crypto engine connections active' The 3DES IPSEC image is not easy to get a hold of if you're not in the US. -Original Message- From: Cisco Lover [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:51 AM To: [EMAIL PROTECTED] Subject: IPSEC Q's [7:17646] Hi Guys.. Can you please help for some IPSEC Stuf. Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? Q2. Is there any way to confirm if Our VPN/IPSEC setup is working properly.. I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant see any thing coming.Below is my config and Show command results. My concern is to protect Telnet traffic b/w thess two guys. ISDN1#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN1 ! enable secret 5 $1$LYk/$PJGs8FlVtZXjf/dcBrwcO/ ! ! ! ! ! memory-size iomem 7 ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.3.1 255.255.255.255 crypto isakmp key cisco address 135.25.11.1 255.255.255.252 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.1 set peer 135.25.3.1 set transform-set Cisco2 match address 110 ! ! ! ! interface Loopback0 ip address 135.25.4.1 255.255.255.255 no ip directed-broadcast ! interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside duplex auto speed auto ! interface Serial0/0 ip address 135.25.11.2 255.255.255.252 no ip directed-broadcast ip nat outside no ip mroute-cache no fair-queue crypto map CCIE ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface FastEthernet0/1 ip address 135.25.11.9 255.255.255.252 no ip directed-broadcast duplex auto speed auto ! router ospf 64 network 135.25.4.1 0.0.0.0 area 0 network 135.25.11.2 0.0.0.0 area 0 network 135.25.11.9 0.0.0.0 area 0 ! ip nat pool CCIE 135.25.11.2 135.25.11.2 prefix-length 30 ip nat inside source list 1 pool CCIE overload ip classless no ip http server ! access-list 1 permit 10.1.1.0 0.0.0.255 access-list 110 permit tcp host 135.25.4.1 host 135.25.3.1 eq telnet ! ! voice-port 1/0/0 ! voice-port 1/0/1 ! voice-port 1/1/0 ! voice-port 1/1/1 ! ! ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ISDN2#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN2 ! enable secret 5 $1$so9r$GFjeRLyea2vUgn2HbMvOG1 ! ! ! ! ! ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.11.2 crypto isakmp key cisco address 135.25.4.1 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.2 set peer 135.25.4.1 set transform-set Cisco2 match address 110 partition flash 2 16 8 ! ! ! ! ! ! ! interface Loopback0 ip address 135.25.3.1 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 10.1.1.2 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! interface Serial1/0 ip address 135.25.9.1 255.255.255.252 no ip directed-broadcast fair-queue 64 32 1 clockrate 72000 ip rsvp bandwidth 16 13 ! interface Serial1/1 ip address 135.25.11.1 255.255.255.252 no ip directed-broadcast clockrate 72000 crypto map CCIE ! interface Serial1/2 ip address 135.25.9.5 255.255.255.252 no ip directed-broadcast clockrate 72000 !
RE: please clear my concept on frame-relay and ISDN [7:17649]
i think they put a ta on serial interface and change the layer 2 to isdn instead if u dont have a isdn interface -Original Message- From: Susan Stone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 1:06 PM To: [EMAIL PROTECTED] Subject: please clear my concept on frame-relay and ISDN [7:17649] Hi.. Dear all, I don!t understand this. Hope u can clear my concept. I have a 1700 router in remote office(Milan) which is connected to a main router in London via a Frame-relay link in interface s0.1. My IT colleague (Milan) told me that the frame-relay line was cancelled last week by ISP!s mistake and the link has been running on ISDN since the 20th August. Until now it is still in ISDN. Now I found that the Milan(remote) router is still connecting main router via the same interface s0.1. When I type !'sh int s0.1!( shown below, it still show me that it is a frame-relay. 1)How do I know whether it is on ISDN or not, what command? 2)What is the difference between frame-relay line and lease line. Can I say that previously the line is a frame-relay leased line and now it is a frame-relay ISDN line?? 3)How can they change the line into a ISDN using the same interface? I thought it should have a ISDN back up interface?? Can the ISP vendor change the circuit to ISDN at their site without coming the Milan office? Or the Remote(Milan) office change a ISDN!s CSU/DSU and made it to a ISDN line? MILAN1sh int s0.1 Serial0.1 is up, line protocol is up Hardware is PowerQUICC Serial Description: --- Links to LON1, Ser1/0.12 --- Internet address is 60.100.201.152/30 MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17652t=17649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ccna companion question [7:17648]
The first answer would be correct, because it would require IP subnet-zero to be running. This command allows the router to use the zero subnet (subnet with a base address of 0.0) to be used as a valid subnet. In this example, you have 4 bits of subnetting, which allows for 16 sub-networks(theoretically if the .255 and .0 subnets are valid, but then a again, thats what we are discussing) with 4094 valid hosts per subnet. The first valid subnet would be 156.100.0.0-156.100.15.255 with a base address of 156.100.0.0. Some older network equipment doesn't allow for the use of the zero-subnet, as it is seen as a base(even though it isn't . 0s in the host=base address) or even stranger a brodcast(some older gear from other manufacturers used all 0s as a broadcast, rather than all 1s. Just remember, we are talking about a zero in the network portion, not the host portion. Hope this explanation helps. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Teresa Presutto Sent: Wednesday, August 29, 2001 5:01 AM To: [EMAIL PROTECTED] Subject: ccna companion question [7:17648] CNNA Companion question (obviously I read the answer and I know the command , but I would like to know why...) Which of the following addresses would be require the use of ip subnet-zero command? 156.100.11.37 255.255.240.0 131.64.16.133 255.255.255.128 192.168.36.10 255.255.255.0 205.100.16.3 255.255.255.0 Ciao e grazie, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17653t=17648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSEC Q's [7:17646]
Dion, Thanks a lot for detailed analysis of my problem. In order to match my access lists..I put on both routers the command.. ip telnet source interface loopback0 BUT What happened???Just after putting these Im no more able to telnet from one router to another router Loopback interface,although I can still telnet using interface addresses.Below is debug output.. Please advise... Thanks a lot.:) [Connection to 135.25.11.1 closed by foreign host] ISDN1# telnet 135.25.3.1 Trying 135.25.3.1 ... 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. % Connection timed out; remote host not responding ISDN2#telnet 135.25.4.1 Trying 135.25.4.1 ... 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:29: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational mode failed w ith peer at 135.25.11.2 04:43:30: %CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 135.25.11.2 failed it s sanity check or is malformed 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN % Connection timed out; remote host not responding From: Radford Dion Reply-To: Radford Dion To: [EMAIL PROTECTED] Subject: RE: IPSEC Q's [7:17646] Date: Wed, 29 Aug 2001 05:28:29 -0400 The access-list is the important point - if you traffic doesn't get caught by the access-list it wont be encrypted. Your access list encrypts telnet traffic that is sourced from the loopback address. Now I could be wrong, but if you are on router ISDN1 and telnet to the loopback address of ISDN2, the source address will be the ISDN1 routers S0/0 interface IP address, NOT the ISDN1 loopback address. I would change your access-list. You can easily tell if your traffic is matching your access list by doing a 'debug ip packet detail 110'. You can see how many encrypted packets using the 'sh crypto engine connections active' The 3DES IPSEC image is not easy to get a hold of if you're not in the US. -Original Message- From: Cisco Lover [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:51 AM To: [EMAIL PROTECTED] Subject:IPSEC Q's [7:17646] Hi Guys.. Can you please help for some IPSEC Stuf. Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? Q2. Is there any way to confirm if Our VPN/IPSEC setup is working properly.. I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant see any thing coming.Below is my config and Show command results. My concern is to protect Telnet traffic b/w thess two guys. ISDN1#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN1 ! enable secret 5 $1$LYk/$PJGs8FlVtZXjf/dcBrwcO/ ! ! ! ! !
Re: ccna companion question [7:17648]
Tell a woman there are 300 billion stars in the universe and she'll believe you. Tell her a bench has wet paint on it and she'll have to touch to be sure: Ok for the ip subnet-zero concept, but I still do not understand the answer, this morning I'm more stupid than usual. The first anwer is correct. I know. The first valid subnet would be 156.100.0.0-156.100.15.255 with a base address of 156.100.0.0. If a configure 156.100.11.37 255.255.240.0 without ip subnet-zero what does it happen? Thanks a million in advance, Teresa - Original Message - From: Christopher Supino To: Teresa Presutto ; Cisco Sent: Wednesday, August 29, 2001 11:49 AM Subject: RE: ccna companion question [7:17648] The first answer would be correct, because it would require IP subnet-zero to be running. This command allows the router to use the zero subnet (subnet with a base address of 0.0) to be used as a valid subnet. In this example, you have 4 bits of subnetting, which allows for 16 sub-networks(theoretically if the .255 and .0 subnets are valid, but then a again, thats what we are discussing) with 4094 valid hosts per subnet. The first valid subnet would be 156.100.0.0-156.100.15.255 with a base address of 156.100.0.0. Some older network equipment doesn't allow for the use of the zero-subnet, as it is seen as a base(even though it isn't . 0s in the host=base address) or even stranger a brodcast(some older gear from other manufacturers used all 0s as a broadcast, rather than all 1s. Just remember, we are talking about a zero in the network portion, not the host portion. Hope this explanation helps. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Teresa Presutto Sent: Wednesday, August 29, 2001 5:01 AM To: [EMAIL PROTECTED] Subject: ccna companion question [7:17648] CNNA Companion question (obviously I read the answer and I know the command , but I would like to know why...) Which of the following addresses would be require the use of ip subnet-zero command? 156.100.11.37 255.255.240.0 131.64.16.133 255.255.255.128 192.168.36.10 255.255.255.0 205.100.16.3 255.255.255.0 Ciao e grazie, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17655t=17648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ccna companion question [7:17648]
Have you tried it ? what happens? By default the Cisco IOS rejects an attempt to configure an all zero's subnet as an invalid address/mask pair even if an ip classless pair even if a classless protocol is running -Original Message- From: Teresa Presutto [mailto:[EMAIL PROTECTED]] Sent: 29 August 2001 11:36 To: [EMAIL PROTECTED] Subject: Re: ccna companion question [7:17648] Tell a woman there are 300 billion stars in the universe and she'll believe you. Tell her a bench has wet paint on it and she'll have to touch to be sure: Ok for the ip subnet-zero concept, but I still do not understand the answer, this morning I'm more stupid than usual. The first anwer is correct. I know. The first valid subnet would be 156.100.0.0-156.100.15.255 with a base address of 156.100.0.0. If a configure 156.100.11.37 255.255.240.0 without ip subnet-zero what does it happen? Thanks a million in advance, Teresa - Original Message - From: Christopher Supino To: Teresa Presutto ; Cisco Sent: Wednesday, August 29, 2001 11:49 AM Subject: RE: ccna companion question [7:17648] The first answer would be correct, because it would require IP subnet-zero to be running. This command allows the router to use the zero subnet (subnet with a base address of 0.0) to be used as a valid subnet. In this example, you have 4 bits of subnetting, which allows for 16 sub-networks(theoretically if the .255 and .0 subnets are valid, but then a again, thats what we are discussing) with 4094 valid hosts per subnet. The first valid subnet would be 156.100.0.0-156.100.15.255 with a base address of 156.100.0.0. Some older network equipment doesn't allow for the use of the zero-subnet, as it is seen as a base(even though it isn't . 0s in the host=base address) or even stranger a brodcast(some older gear from other manufacturers used all 0s as a broadcast, rather than all 1s. Just remember, we are talking about a zero in the network portion, not the host portion. Hope this explanation helps. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Teresa Presutto Sent: Wednesday, August 29, 2001 5:01 AM To: [EMAIL PROTECTED] Subject: ccna companion question [7:17648] CNNA Companion question (obviously I read the answer and I know the command , but I would like to know why...) Which of the following addresses would be require the use of ip subnet-zero command? 156.100.11.37 255.255.240.0 131.64.16.133 255.255.255.128 192.168.36.10 255.255.255.0 205.100.16.3 255.255.255.0 Ciao e grazie, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17656t=17648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question about PIX deployment and filtering. [7:17657]
This one is sorta off topic, but I thought I'd ask the world anyway. I don't know how many users on this list are running production networks, but even those of you at home are surely seeing the effects of the Code Red worm. While I know that Cisco has a solution on their site for dropping http requests that are part of the Code Red attack pattern, it only runs on IOS routers. (And it works pretty well.) What my question is most likely is something that Cisco would have to answer, but here goes: I'm running several PIX-515UR firewalls, in conjunction with Websense filtering software. The basic function that is used here is to check the URL of the http request going through the PIX against the Websense server database, and either redirect the requestor to a different page, or drop the connection. I'm wondering two things: 1. Does anyone know if this URL check that passes the request to websense is something that is available elsewhere on the PIX? (Meaning can I code a db/filter app to check the incoming URL requests and drop packets, rather than the outbound requests?) 2. If the answer to 1 is in the negative, has anyone thought of hooking a PIX up backwards and filtering inbound URL's with websense? I don't know if this will work, as websense only looks at the site URL, not the page name, but it's something to look into. Just thoughts, but I'm curious to hear any responses. Andras Bellak Director, WAN Engineering [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17657t=17657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: please clear my concept on frame-relay and ISDN [7:17649]
Susan, Some ways to check if your ISDN is connected are: 1. show dialer Output should look similiar to this: Router #show dialer interface bri 0 BRI0 - dialer type = ISDN DIAL String SuccessessFailures Last called Last status 0 incoming call(s) have been screened. BRI0: B-Channel 1 Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is data link layer up Dial reason: ip (s=6.1.1.8, d=6.1.1.1) Interface bound to profile Dialer0 * Pay attention to this area of the output Time until disconnect 102 secs Current call connected 00:00:19 Connected to 5773872 (system1) ** BRI0: B-Channel 2 Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Also look at your interface itself. If the ISDN is active, the interface will show UP/UP. Rather than UP/DOWN or UP/UP/SPOOFING, depending on how you have the interface configured. Here is a good link on the Cisco web page, that has configuration tips, troubleshooting, etc. http://www.cisco.com/warp/public/471/index.shtml#isdn Good Luck Debbie --- Farhan Ahmed wrote: i think they put a ta on serial interface and change the layer 2 to isdn instead if u dont have a isdn interface -Original Message- From: Susan Stone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 1:06 PM To: [EMAIL PROTECTED] Subject: please clear my concept on frame-relay and ISDN [7:17649] Hi.. Dear all, I don!t understand this. Hope u can clear my concept. I have a 1700 router in remote office(Milan) which is connected to a main router in London via a Frame-relay link in interface s0.1. My IT colleague (Milan) told me that the frame-relay line was cancelled last week by ISP!s mistake and the link has been running on ISDN since the 20th August. Until now it is still in ISDN. Now I found that the Milan(remote) router is still connecting main router via the same interface s0.1. When I type !'sh int s0.1!( shown below, it still show me that it is a frame-relay. 1)How do I know whether it is on ISDN or not, what command? 2)What is the difference between frame-relay line and lease line. Can I say that previously the line is a frame-relay leased line and now it is a frame-relay ISDN line?? 3)How can they change the line into a ISDN using the same interface? I thought it should have a ISDN back up interface?? Can the ISP vendor change the circuit to ISDN at their site without coming the Milan office? Or the Remote(Milan) office change a ISDN!s CSU/DSU and made it to a ISDN line? MILAN1sh int s0.1 Serial0.1 is up, line protocol is up Hardware is PowerQUICC Serial Description: --- Links to LON1, Ser1/0.12 --- Internet address is 60.100.201.152/30 MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17658t=17649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please clear my concept on frame-relay and ISDN [7:17649]
If the frame relay is working, a 'sh frame pvc' should show you that the you have an active PVC :- RouterA#sh frame pvc PVC Statistics for interface Serial0 (Frame Relay DTE) Active Inactive Deleted Static Local 1000 Switched 0000 Unused 0000 DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.1 input pkts 5206147 output pkts 5297684 in bytes 1436207836 out bytes 638236681 dropped pkts 73 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 132082out DE pkts 0 out bcast pkts 1911715out bcast bytes 152616993 pvc create time 13w4d, last time pvc status changed 5d07h Susan Stone wrote in message ... Hi.. Dear all, I don!t understand this. Hope u can clear my concept. I have a 1700 router in remote office(Milan) which is connected to a main router in London via a Frame-relay link in interface s0.1. My IT colleague (Milan) told me that the frame-relay line was cancelled last week by ISP!s mistake and the link has been running on ISDN since the 20th August. Until now it is still in ISDN. Now I found that the Milan(remote) router is still connecting main router via the same interface s0.1. When I type !'sh int s0.1!( shown below, it still show me that it is a frame-relay. 1)How do I know whether it is on ISDN or not, what command? 2)What is the difference between frame-relay line and lease line. Can I say that previously the line is a frame-relay leased line and now it is a frame-relay ISDN line?? 3)How can they change the line into a ISDN using the same interface? I thought it should have a ISDN back up interface?? Can the ISP vendor change the circuit to ISDN at their site without coming the Milan office? Or the Remote(Milan) office change a ISDN!s CSU/DSU and made it to a ISDN line? MILAN1sh int s0.1 Serial0.1 is up, line protocol is up Hardware is PowerQUICC Serial Description: --- Links to LON1, Ser1/0.12 --- Internet address is 60.100.201.152/30 MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17660t=17649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
the washington project [7:17659]
has anyone heard of this? if so what does it detail and what exactly must you have to do? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17659t=17659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Setup [7:17399]
I have an Ackermann ISDN PABX (Euracom 262) in my home lab with which I am delighted. It has 3 internal S busses, 6 POTS ports and 1 external (public network facing) S bus. The list price new in the UK is about #750, less if you reduce the number of internal S busses that you wish to use. I hope that when I have passed the IE lab the resale value will be reasonable so the net cost will not be very much and certainly significantly less than the cost of an ISDN2 line from the local Telco. You can connect your routers to the internal S busses. It works very well with 2503, 2504 and WIC-1B ST and will allow all the dial options including multilink. The drawback is the UK version only supports ISDN SWITCH-TYPE BASIC-NET3. So no chance to practice your SPIDS. There is also a German version available, I am not sure if they make a U bus version for the US but it's fine for the rest of the world! They are designed for small branch office use in Germany where ISDN is very common. There are several other manufacturers of similar products. Further details from: http://www.ackermann.co.uk I hope this saves you some money! Peter In article , Dan Faulk writes One way to save a good sum of money is to have the telco pull you a 2B1D(Bri) ISDN line and use one B channel per router. Does everthing except multilink (and that can be done with a willing partner) and costs a lot less than a simulator (most Ive seen run $1500-2500 compared to about $300 in telco charges). Might want to do this towards the end to keep costs down and cancel the service when finished. Anybody know a different way would be great to hear it. html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- Peter Whittle Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17661t=17399 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
bgp flapping [7:17664]
Gentlemen; I am experiencing the flapping of our bgp everytime it hits its maximum bandwidth . The line was BER tested ok, im using 7206 router. do u have any idea why it flaps is it on the router configuration? thank you, kroywen Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17664t=17664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco 2503 [7:17663]
Can an ISDN Cisco 2503 with IOS 10.2 be configured to dial into an ISP that does not assign static IPs on its ISDN dial-in lines? You do not know the next hop router and the ISDN box on the ISPs end may or may not be a Cisco. Andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17663t=17663 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ebgp multihop values [7:17650]
EBGP sends it hellos with a TTL of 1 (1 hop) by default. Specifiying how many hops in the multihop command is a sort of security and traffic managment measure I guess. Don't want your hellos traveling farther than you want and have someone sniff them and peer up with you. Sounds unlikly but I guess they were being paranoid when they wrote the protocol. Just a safety measure I guess I always set the hops to as many needed to get to my peer. Tony M #6172 - Original Message - From: suaveguru To: Sent: Wednesday, August 29, 2001 2:15 AM Subject: ebgp multihop values [7:17650] hi all , anyone know why we put ebgp multi-hop where number can be 1 to 255 if it always work if we put ebg multi-hop without the which by default is 255 ? regards, suaveguru __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17662t=17650 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: the washington project [7:17659]
Can you be a little more specific? There are all kinds of washington projects including a project to build roads in washington state and one to like schools together via the internet in washington dcnot sure that either is what you are looking for patrick marangone To: [EMAIL PROTECTED] Subject: the washington project [7:17659] Sent by: nobody@groups tudy.com 08/29/2001 08:35 AM Please respond to patrick marangone has anyone heard of this? if so what does it detail and what exactly must you have to do? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17665t=17659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3 envelopes [7:17666]
A CEO resigned from a company and left the new CEO 3 envelopes. The new one asked the old one what they were for. He replied open them one at a time when times get tough. A few months later when times were tough the new CEO opened an envelope and it said Blame the economy so he did. A quarter later when things were still bad he opened the second envelope. It said Restructure. A couple of quarters later he opened the third envelope. It said Leave 3 envelopes. How long before Tom Chambers leaves his 3 envelopes? __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17666t=17666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dial in two router PRI [7:17669]
We have two Cisco 3660 with PRI and Mica Modems. We have just one telephone number that switch the call (PSTN and ISDN) on 60 channels (30 on the PRI of the first router and 30 on the PRI of the second). We wish know, what appen if one of the router goes down or if the card whith the Mica modems of one router is broken. Is the system able to switch all the call on the second router PRI? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17669t=17669 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I HAVE QUESTION How can i know who conn to my rout [7:17670]
Thanks Priscilla! I was not familiar with this command. I love this list because I learn something new everyday. Heather -Original Message- From: Priscilla Oppenheimer [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 9:08 PM To: [EMAIL PROTECTED] Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17611] Oh, so you are considering connections TO the router, not connections through the router. You must be asking about Telnet sessions (or HTTP on some routers) used for configuring or managing the router. So, in that case, use the show tcp brief command, as John suggested. Here's an example courtesy of Leigh Anne: RouterD#show tcp brief TCB Local Address Foreign Address(state) 81770CA8 172.16.1.110.23 172.16.1.1.1067ESTAB Priscilla At 07:24 PM 8/28/01, PHIMHONGKONG wrote: MaizeHello Sorry I confuse all you guy Let say In Window xx You Put a command NETSTATS It will OUTPUT some thing like this Active Connections Proto Local Address Foreign AddressState TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = TIME_WAIT TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = ESTABLISHE D TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = ESTABLISHED TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = ESTABLISHE D TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = ESTABLISHED I would like to know !!1 is it possible i can do the same on router = ?? If yes What command !! Thanks If no What the most closest command :-) Thanks IF some hacker log in to your rotuer and network ( he delete history and = log) How can you know your network hacked=20 Thanks [GroupStudy.com removed an attachment of type image/gif which had a name of amaizrul.gif] [GroupStudy.com removed an attachment of type image/jpeg which had a name of Maize Bkgrd.jpg] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17670t=17670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
whats the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher Supino Sent: Tuesday, August 28, 2001 6:35 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17668t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logging traffic [7:17559]
MRTG is one, thats very good, with nice graphs to show visuals of traffic levels. -Original Message- From: cisco skin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:04 PM To: [EMAIL PROTECTED] Subject: Logging traffic [7:17559] Here's what I want to do: Log all traffic (source/destination ip address/port #) from a specific subnet (our HQ) to see what's passing through our external router, and where they're going. Any suggestions? Thanks, Jeff Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17667t=17559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE [7:17671]
Hi, I'am certified CCNP and CCDP. I want became a CCIE but I don't know what mean in term of time and couses necessary to pass the exam. I don't have a laboratory to practice. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17671t=17671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logging traffic [7:17559]
Jeff- Some ideas that might work: 1. Use netflow and one of the free tools (like flowscan rrd tool). Check caida.org 2. Webtrends Firewall suite (this is probably the best app for you, as it has tons of reports, but it can be pricey) 3. Use an IDS system that captures all the packets, then write your own code to parse them. 4. Websense in conjunction with your firewall. What you should look at for a tool depends on the exact requirements of what you need to do. Do you want to capture all traffic, or just web traffic? FTP? Outbound email? Just the port usage through the router? Is knowing where people are going important, or just what they are doing? Are you concerned more about inbound traffic from the Internet, or traffic outbound? All of these questions will help you to decide what you want to capture, and should help you with selecting a tool for the job. Good luck. Andras -Original Message- From: cisco skin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 12:04 PM To: [EMAIL PROTECTED] Subject: Logging traffic [7:17559] Here's what I want to do: Log all traffic (source/destination ip address/port #) from a specific subnet (our HQ) to see what's passing through our external router, and where they're going. Any suggestions? Thanks, Jeff Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17672t=17559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco 2503 [7:17663]
yes. http://www.cisco.com/warp/customer/793/access_dial/ip_nego.html ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of ofalt andy Sent: Wednesday, August 29, 2001 8:22 AM To: [EMAIL PROTECTED] Subject: cisco 2503 [7:17663] Can an ISDN Cisco 2503 with IOS 10.2 be configured to dial into an ISP that does not assign static IPs on its ISDN dial-in lines? You do not know the next hop router and the ISDN box on the ISPs end may or may not be a Cisco. Andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17674t=17663 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
another helpful url is http://www.cisco.com/search ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 8:27 AM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] whats the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher Supino Sent: Tuesday, August 28, 2001 6:35 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17673t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can someone clarify SWIP? [7:17676]
Hi all, Can some clarify SWIP for me please? I know it's an abreviation for shared whois, but what are its implications for instituting BGP? Thanks. Will Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17676t=17676 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hello everyone.... [7:17633]
I have seen several replies to you already, but let me just specify the crossover cable in case you're not familiar with it - that will save you another question. You must cross pin 1 with 3 and 2 with 6. If your cable is made like most, where: 1 is bright orange 2 is orange 3 is bright green 4 is blue 5 is bright blue 6 is green 7 is bright brown 8 is brown ...simply swap the orange wires with the green. You could ofcourse just run down and buy one if you don't have the tools and accessories to make one. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 1:43 AM To: [EMAIL PROTECTED] Subject: hello everyone [7:17633] I am somewhat new to Cisco and routers. I purchased the Sybex CCNA by todd lammle and I have to say it doesn't go into detail as to where to hook up the cables and which end is going where etc etc. I basically have two 2501 routers on RouterA I have a DTE end connected to serial 0 and on RouterB I have the same cable but with the end labeled DCE running striaght into serial 0. This as far as I found is the way it should be connected. Now my question is this, for the ethernet port I have two LanCast Transceivers I put one transceiver on one router...and the other transceiver on the other router. I have a RJ45 cable running from RouterA to RouterB is this the way its suppose to be? If so for some reason I'm unable to get the ethernet port to workand its causing much confusion. IS the ethernet port for LAN only and the serial ports for WAN...is this how Cisco set this up?? Thank you for reading through this lengthy e-mail and I awaite for your responses. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17677t=17633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A Custom Queuing Question [7:17622]
You want to consider the actual usable bandwidth of the link. If you have a T-1 point to point circuit then use 1.544 Mbps. If you have a 256k fractional T-1 frame relay line with one PVC that has a CIR of 192Kbps, you might consider using 192K as your reference. Remember that you don't necessarily need to have your individual bandwidth allotments add up to 100% of the bandwidth of the link. You can go higher or lower and it will stil work, it just might have some other implications. For most purposes, Tony's example is the way to go. What might be confusing you is that there is no hard and fast rule to choose your total byte count. It really depends on the specifics of your situation and what you're trying to accomplish by adding CQ. For most cases, though, I see no reason not to use the actual available bandwidth as your reference. Regards, John Cisco Lover 8/29/01 12:39:42 AM Ooppps... I think I am still failed to deliver my Q :( My only confusion in this topic is that what Bandwidth we need to consider ,when we do our lab scenerios..Like u consider here 64K...and divide it as per requirement.. Like for eg..I can see that IN FATKID LabA,they r saying that As FR link BW is 64K ,and than diving 64K among different traffic. On the other hand in another Lab(with normal serial link),they are considering 32K as orignal BW and than playing with it.. As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our actual BW.. But When I used Sh interface S0, it shows BW=128K?? This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? Thanks for your help. Cisco Lover From: Tony Medeiros Reply-To: Tony Medeiros To: [EMAIL PROTECTED] Subject: Re: A Custom Queuing Question [7:17622] Date: Wed, 29 Aug 2001 01:52:36 -0400 Assume a 64k link. Custom queueing used Byte counts not bits for it queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES per second link. Right ?? So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: queue-list 10 protocol ip 1 tcp www queue-list 10 protocol ip 2 tcp ftp queue-list 10 default 3 queue-list 10 queue 1 byte-count 2000 queue-list 10 queue 2 byte-count 4000 queue-list 10 queue 3 byte-count 2000 I made 3 queues and divided the 8k of BYTES that I can push through it. Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K bytes. All add up to 8K bytes that we can push through the link. WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes or 50% of the link, and anything else (default, the catch all) gets 2K bytes or 25% Does this help you understand? It's been a while since I wrote one of these so I hope I got all the syntax right. Tony M. #6172 - Original Message - From: Cisco Lover To: Sent: Tuesday, August 28, 2001 9:41 PM Subject: A Custom Queuing Question [7:17622] Hi Friends, Can any one here please explain what should be thebandwidth Value if we need to divide traffic by percentage ,using Custom queuing. As far as I know(IF Im right )during our lab,as we usually take clock as 64Kbps,then we need to divide this factor (64/8) among the traffic. What about othersI m still confused.. HeyCan you please solve my confusion.,.(examples preffered :) Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17678t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2520 cisco router problem [7:17634]
The problem is directly associated with the router's processor try adding more RAM ... i thing the router is getting overloaded. -Mamoor Tapas Das wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here i am facing a vey strange problem.we r using 2520 cisco router with 11.3(2) IOS and ser01 r connected to other centre with 2 mbps link. Now we r facing that the router is getting restarted intermittently givving following error. System restarted by error - Zero Divide, PC 0x312455C And when we r shuttting one particular link down it is normal. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17680t=17634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:03 AM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] another helpful url is http://www.cisco.com/search ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 8:27 AM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] whats the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher Supino Sent: Tuesday, August 28, 2001 6:35 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17682t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bgp flapping [7:17664]
BGP peers send a keepalive to each other every 60 seconds by default. If you are experiencing severe congestion issues, I suppose it's possible that those keepalives are being missed. If so, that would cause the BGP session to drop and then come back up. This *really* creates more congestion problems if you're passing a lot of routes because the peers have to pass their entire tables every single time the line flaps. If you're having bandwidth issues this will make things much worse. I'd first try to address the traffic issue. Is all of this traffic necessary or can you filter out some of it to relieve congestion? If it's all necessary, is some higher priority? Can you configure local policy routing to make BGP information high priority? You can set its IP precedence to critical or higher and that might help. You might also try to change your queueing mechanism. Is this a T-1 or lower? Perhaps try some form of WFQ or CBWFQ. If it's faster than T-1 make sure you're using FIFO as your queuing mechanism. Are you fast-switching traffic from a high-speed interface to a low-speed interface? If so, if you have the CPU available, turn off fast switching. That might slow things down a bit. You actually have a lot of options depending on the specific cause of the problem and your desired end result. HTH a little, John KroyweN 8/29/01 7:23:39 AM Gentlemen; I am experiencing the flapping of our bgp everytime it hits its maximum bandwidth . The line was BER tested ok, im using 7206 router. do u have any idea why it flaps is it on the router configuration? thank you, kroywen Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17685t=17664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSEC Q's [7:17646]
Hi, Try removing the set peer 135.25.3.1 under crypto map of isdn1, and also set peer 135.25.4.1 on isdn2. They are not necessary and make you confused. Your purpose is to protect the telnet traffic on the link between the 2 routers. Hence just creating ipsec tunnel between the 2 routers should be fairly enough. Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Cisco Lover Sent: Wednesday, August 29, 2001 6:28 PM To: [EMAIL PROTECTED] Subject: RE: IPSEC Q's [7:17646] Dion, Thanks a lot for detailed analysis of my problem. In order to match my access lists..I put on both routers the command.. ip telnet source interface loopback0 BUT What happened???Just after putting these Im no more able to telnet from one router to another router Loopback interface,although I can still telnet using interface addresses.Below is debug output.. Please advise... Thanks a lot.:) [Connection to 135.25.11.1 closed by foreign host] ISDN1# telnet 135.25.3.1 Trying 135.25.3.1 ... 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. % Connection timed out; remote host not responding ISDN2#telnet 135.25.4.1 Trying 135.25.4.1 ... 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:29: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational mode failed w ith peer at 135.25.11.2 04:43:30: %CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 135.25.11.2 failed it s sanity check or is malformed 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN % Connection timed out; remote host not responding From: Radford Dion Reply-To: Radford Dion To: [EMAIL PROTECTED] Subject: RE: IPSEC Q's [7:17646] Date: Wed, 29 Aug 2001 05:28:29 -0400 The access-list is the important point - if you traffic doesn't get caught by the access-list it wont be encrypted. Your access list encrypts telnet traffic that is sourced from the loopback address. Now I could be wrong, but if you are on router ISDN1 and telnet to the loopback address of ISDN2, the source address will be the ISDN1 routers S0/0 interface IP address, NOT the ISDN1 loopback address. I would change your access-list. You can easily tell if your traffic is matching your access list by doing a 'debug ip packet detail 110'. You can see how many encrypted packets using the 'sh crypto engine connections active' The 3DES IPSEC image is not easy to get a hold of if you're not in the US. -Original Message- From: Cisco Lover [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:51 AM To: [EMAIL PROTECTED] Subject:IPSEC Q's [7:17646] Hi Guys.. Can you please help for some IPSEC Stuf. Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? Q2. Is there any way to confirm if Our VPN/IPSEC
RE: Passed Written [7:17466]
^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:03 AM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] another helpful url is http://www.cisco.com/search ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 8:27 AM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] whats the web site. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher Supino Sent: Tuesday, August 28, 2001 6:35 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17683t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Offtopic: Sun Solaris Admin [7:17684]
hi all, do you know of a similar discussion group dedicated to Unix/Sun Solaris Admin certification ? have to get solaris admin cert to retain my job. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17684t=17684 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17686]
This is most likely a bug in how the ftp server wokrs with XP. (if I understoood correctly and the ftp server is running on XP, not the ftp client). I assumed you did a netstat on the ftp server and so no active established connections. Trying stop and starting the ftp server if you can. If it still says their is a user connected you know its a bug and the OS is not freeing up the emory it allocated the the ftp service. Checking the router will do no good because it is stateless so it will not give you the state of the connection. An equivalent of netstat for the router would not help because all netstat does is give you info about connections made to listening ports on the device that issues the command. You're trying to ask the router to give info on connections that pass through it which is not the same. PHIMHONGKONG wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hehehe Sorry it is not what i want to know Let me say I have a Router with 2 E I run a Ftp for 50 user download to my server I use to shut down my computer ( server) at night when i going to shut it off The computer promt me a message some one connecting and it wont shut down The OS is Window XP Professional I check the Servu Ftp and all clear + i turn off the FTP At that time there is no more connection to my computer But the Computer keep telling me ther is some one on computer and it wont shut down .. My Computer run Os and didnot set any fancy thing except a Servu Ftp port 21 I knew some one on my computer and Xp wont shut down I have to press Turn off button to turn it off :-0 ANy suggestion ? I want to know the command show who conn to your router when ever u want to check how many conn from outside to your router... any suggestion ?? Thanks Donny Mateo wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe another command would also accomplish the same thing, correct me if I'm wrong : show users Donny From: Priscilla Oppenheimer Reply-To: Priscilla Oppenheimer To: [EMAIL PROTECTED] Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17611] Date: Tue, 28 Aug 2001 22:08:17 -0400 Oh, so you are considering connections TO the router, not connections through the router. You must be asking about Telnet sessions (or HTTP on some routers) used for configuring or managing the router. So, in that case, use the show tcp brief command, as John suggested. Here's an example courtesy of Leigh Anne: RouterD#show tcp brief TCB Local Address Foreign Address(state) 81770CA8 172.16.1.110.23 172.16.1.1.1067ESTAB Priscilla At 07:24 PM 8/28/01, PHIMHONGKONG wrote: MaizeHello Sorry I confuse all you guy Let say In Window xx You Put a command NETSTATS It will OUTPUT some thing like this Active Connections Proto Local Address Foreign AddressState TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = TIME_WAIT TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = ESTABLISHE D TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = ESTABLISHED TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = ESTABLISHE D TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = ESTABLISHED I would like to know !!1 is it possible i can do the same on router = ?? If yes What command !! Thanks If no What the most closest command :-) Thanks IF some hacker log in to your rotuer and network ( he delete history and = log) How can you know your network hacked=20 Thanks [GroupStudy.com removed an attachment of type image/gif which had a name of amaizrul.gif] [GroupStudy.com removed an attachment of type image/jpeg which had a name of Maize Bkgrd.jpg] Priscilla Oppenheimer http://www.priscilla.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17686t=17686 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hello everyone.... [7:17633]
Or he could just use a cheap hub. -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 9:22 AM To: [EMAIL PROTECTED] Subject: RE: hello everyone [7:17633] I have seen several replies to you already, but let me just specify the crossover cable in case you're not familiar with it - that will save you another question. You must cross pin 1 with 3 and 2 with 6. If your cable is made like most, where: 1 is bright orange 2 is orange 3 is bright green 4 is blue 5 is bright blue 6 is green 7 is bright brown 8 is brown ...simply swap the orange wires with the green. You could ofcourse just run down and buy one if you don't have the tools and accessories to make one. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 1:43 AM To: [EMAIL PROTECTED] Subject: hello everyone [7:17633] I am somewhat new to Cisco and routers. I purchased the Sybex CCNA by todd lammle and I have to say it doesn't go into detail as to where to hook up the cables and which end is going where etc etc. I basically have two 2501 routers on RouterA I have a DTE end connected to serial 0 and on RouterB I have the same cable but with the end labeled DCE running striaght into serial 0. This as far as I found is the way it should be connected. Now my question is this, for the ethernet port I have two LanCast Transceivers I put one transceiver on one router...and the other transceiver on the other router. I have a RJ45 cable running from RouterA to RouterB is this the way its suppose to be? If so for some reason I'm unable to get the ethernet port to workand its causing much confusion. IS the ethernet port for LAN only and the serial ports for WAN...is this how Cisco set this up?? Thank you for reading through this lengthy e-mail and I awaite for your responses. Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17688t=17633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE [7:17671]
you need to pass the ccie written test, which consist of 100 questions. after that you can schedule the lab portion. there are many books that will assist you in becoming a ccie like glaslow , or cisco press tc/ip -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Picciani Francesco Saverio Sent: Wednesday, August 29, 2001 6:45 AM To: [EMAIL PROTECTED] Subject: CCIE [7:17671] Hi, I'am certified CCNP and CCDP. I want became a CCIE but I don't know what mean in term of time and couses necessary to pass the exam. I don't have a laboratory to practice. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17687t=17671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA Bootcamp [7:17689]
Yes, there are still openings for the free ccna bootcamp. At this point enrollment is of 0 students! I need to have a full class to be able to rent the equipment/classroom. Unfortunately, I will have to cancel I don't get any students by the 10th of September, the date on which I must confirm the room/equipment rental. Please advise! Pierre-Alex -Original Message- From: LaVillie Tate [mailto:[EMAIL PROTECTED]] Sent: Monday, August 27, 2001 11:15 AM To: Pierre-Alex Subject: Re: CCNA Bootcamp [7:16958] Are there still any openings for the free ccna bootcamp? --- Pierre-Alex wrote: In honor of my appointment as faculty, I am offering a free boot camp to 16 students on the 17 of September 2001. If you are interested please contact me. Pierre-Alex [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17689t=17689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP on Ethernet or Fastethernet [7:17690]
How Can someone help me how i can configured a ethernet or a fastethernet interface as a DHCP client, for that the interface gets a ip address from the DHCP server. This is actually a new features but i dont know on which IOS version. When someone has a idea that would be very great. Regards philipp Philipp Hagedorn Network Integration System Engineer CCNP / VOICE/ IP Telephony Tel:+41 (0) 1 839 19 17 Mobile: +41 (0) 76 382 14 59 mailto:[EMAIL PROTECTED] Getronics (Schweiz) AG Industriestrasse 50a CH-8304 Wallisellen Tel:+41 (0) 1 839 16 11 Fax:+41 (0) 1 839 17 85 URL:http://www.getronics.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17690t=17690 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Adding NIC to the PIX ?? [7:17691]
I have search the Cisco web site for information on adding interfaces to the PIX firewall but have come up short. Do you guys know how to (what changes I need to make to the config) or where I can find the info? Rodney Jackson Dallas Semiconductor Network Engineer (972) 371-4824 [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Rodney Jackson.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17691t=17691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
could someone tell me if this excerpt of a bri config would be [7:17693]
Hi, This is the first time setting up dial up through ISDN and would like some advice NOTE: EIGRP has also been enabled. hostname test-router logging buffered 4096 debugging ! ! username is the remote router and the password must be the same ! on both ends. Username password enable secret 5 111 enable password 7 111 ! ! interface Bri0 ! This is the Dial out line when the primary fails ip address encapsulation ppp ppp authentication chap dialer idle-timeout 30 dialer watch disable 15 ! add dialer map for remote routers BRI int dialer map ip ?.?.?.? name broadcast ! dialer map for network being watched dailer map ip ?.?.?.? name broadcast ! ! ! dialer watch-group 8 ! This specifies the route to watch dialer group 1 ! Specifies the interesting traffic in the dialer list ! isdn switch type basic-ni isdn spid 1 1 isdn spid 2 2 ! ! this is the exact network route being watched dialer watch-list 8 ip access-list 101 permit ip any any access-list 101 deny eigrp any any dialer-list 1 protocol ip list 101 Bob Perez EPX Network Support CCNA, CCNP, MCSE 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17693t=17693 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN and Outlook [7:17692]
I have a VPN 3000 concentrator installed. When Microsoft Outlook is launched with the VPN client connection, Outlook is extremely slow. Has anyone encounter this or have any insight on this. Thanks. Tom _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17692t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 envelopes [7:17666]
Well, John Chambers is the CEO of Cisco Systems so I don't think he's at all bothered about the career of this Tom Chambers you mention. Speaking of John Chambers - I expect he's quite happy at the moment. Since Cisco announced a restructure program (the details of which elude me) the share price has risen slightly and the long term outlook is better. I hope they do manage to turn it around because Cisco are often seen as the yard arm as far as telecomms prospects go and that's my business too! I kinda like my job so good luck to them. Anyway, apart from being out of date and incorrect, it's quite a funny story. ;) Regards Charlie --- netm thru wrote: A CEO resigned from a company and left the new CEO 3 envelopes. The new one asked the old one what they were for. He replied open them one at a time when times get tough. A few months later when times were tough the new CEO opened an envelope and it said Blame the economy so he did. A quarter later when things were still bad he opened the second envelope. It said Restructure. A couple of quarters later he opened the third envelope. It said Leave 3 envelopes. How long before Tom Chambers leaves his 3 envelopes? __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17694t=17666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Work-related ACL problem [7:17695]
Okay gang, this one's work-related so don't feel obligated to help. ;-) I think it's an interesting thought problem though: The Problem I'm Trying To Solve: allow access to a particular website (2.2.2.2) from users on a particular subnet. Do NOT allow them to access any *other* website. Allow them to access other resources within your internal network (172.0.0.0). Here's the ACL I came up with: access-list 101 permit ip any host 167.216.138.4 access-list 101 deny tcp any eq www any access-list 101 permit ip any 172.0.0.0 0.255.255.255 access-list 101 permit ip any any This list was created on an MSFC card running in a 6509 chassis, and has been applied to interface Vlan1 inbound (I tried outbound as well just for kicks). The (unintended) result is that users can access both the target website, as well as other websites on the Internet. Any ideas? Bradley J. Wilson CCNP CCDP MCSE NNCSS CNX MCT CTT EDS/Boston Scientific Account (508) 650-8739 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17695t=17695 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Adding NIC to the PIX ?? [7:17691]
Here is the link for the hardware portion: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/install/boa rd.htm Watch the wrap. This covers the 535, 525, 520, 515 for upgrading circuit boards (NICs). In a pinch I have used standard Intel NICs in the PIX 520 to get it up and going and swapped them out after the offical parts came in. I believe to keep your SmartNET contract it requires that you have Cisco purchased parts. They give you Intel NICs in the PIX anyway so you should be safe. I have no idea if there is a change in licensing or not. Regards, Ed Rodney Jackson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have search the Cisco web site for information on adding interfaces to the PIX firewall but have come up short. Do you guys know how to (what changes I need to make to the config) or where I can find the info? Rodney Jackson Dallas Semiconductor Network Engineer (972) 371-4824 [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Rodney Jackson.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17696t=17691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bgp flapping [7:17664]
KroyweN, What we normally use as a good indicator of line quality is the input and output errors on the interface. Typically if you're having problems at the physical layer then this as well as taking CRC errors would be a possible clue as to where exactly the problem is located. You mentioned flapping and BGP so I'm more incliened to think this could be a reachabilty issue with route information BGP is advertising. A good thing to check would be the routes you identified as flapping with a show ip bgp . Take note if it mentions inaccessible. This is the cause of your problem, but would suggest that another problem exist. HTH Nigel Reply-To: KroyweN To: [EMAIL PROTECTED] Subject: bgp flapping [7:17664] Date: Wed, 29 Aug 2001 09:23:39 -0400 Gentlemen; I am experiencing the flapping of our bgp everytime it hits its maximum bandwidth . The line was BER tested ok, im using 7206 router. do u have any idea why it flaps is it on the router configuration? thank you, kroywen Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17664t=17664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17697t=17664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Slightly OT: 7500 Single Slot Reload [7:17699]
We may need to upgrade our CIP software on a production 7513 during the day. We've been having some issues over the last couple of days and if things go south again we want to upgrade. In the past we haven't been able to do this on the fly without reloading the entire router. Now that single-slot reload is available I'd like to make use of it if it's safe. Have any of you had any experience with single-slot reloads? Do they work as advertised or do they tend to hose up your router anyway? Are there any caveats I need to be aware of? I see that I have to use the command service single-slot-reload-enable to turn on the feature, but what is the command to actually do the reload? I haven't found that yet and it's not in the Related Commands section of the 12.0 command reference. Any advice would be appreciated! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17699t=17699 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Work-related ACL problem [7:17695]
A fast try: access-list 101 permit tcp (vlan subnet) (vlan subnet re-mask) host 2.2.2.2 eq www access-list 101 permit ip (vlan subnet) (vlan subnet re-mask) 172.0.0.0 0.255.255.255 access-list 101 deny ip any any apply outbound to the VLAN subnet you are trying to control (i.e. VLAN 30) Don't know what your VLAN is so that is the reason for the vlan labels above. Ed Wilson, Bradley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Okay gang, this one's work-related so don't feel obligated to help. ;-) I think it's an interesting thought problem though: The Problem I'm Trying To Solve: allow access to a particular website (2.2.2.2) from users on a particular subnet. Do NOT allow them to access any *other* website. Allow them to access other resources within your internal network (172.0.0.0). Here's the ACL I came up with: access-list 101 permit ip any host 167.216.138.4 access-list 101 deny tcp any eq www any access-list 101 permit ip any 172.0.0.0 0.255.255.255 access-list 101 permit ip any any This list was created on an MSFC card running in a 6509 chassis, and has been applied to interface Vlan1 inbound (I tried outbound as well just for kicks). The (unintended) result is that users can access both the target website, as well as other websites on the Internet. Any ideas? Bradley J. Wilson CCNP CCDP MCSE NNCSS CNX MCT CTT EDS/Boston Scientific Account (508) 650-8739 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17698t=17695 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN from 2600 routers to PIX 525 Question [7:17700]
I am looking for someone who is running VPN's between 2621 routers and PIX 525 on IOS 6.0 to campare notes with. How are they working for You? Thanks Thank you, Rob Mears III, CCNA, MSCE, CNE, NNCDS, NNCSS, A+ Technical Mercenary Valor Telecom Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17700t=17700 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
is this excerpt of a bri config correct syntax? [7:17693]
-Original Message- From: Robert Perez [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 11:55 AM To: [EMAIL PROTECTED] Subject: could someone tell me if this excerpt of a bri config would be [7:17693] Hi, This is the first time setting up dial up through ISDN and would like some advice NOTE: EIGRP has also been enabled. hostname test-router logging buffered 4096 debugging ! ! username is the remote router and the password must be the same ! on both ends. Username password enable secret 5 111 enable password 7 111 ! ! interface Bri0 ! This is the Dial out line when the primary fails ip address encapsulation ppp ppp authentication chap dialer idle-timeout 30 dialer watch disable 15 ! add dialer map for remote routers BRI int dialer map ip ?.?.?.? name broadcast ! dialer map for network being watched dailer map ip ?.?.?.? name broadcast ! ! ! dialer watch-group 8 ! This specifies the route to watch dialer group 1 ! Specifies the interesting traffic in the dialer list ! isdn switch type basic-ni isdn spid 1 1 isdn spid 2 2 ! ! this is the exact network route being watched dialer watch-list 8 ip access-list 101 permit ip any any access-list 101 deny eigrp any any dialer-list 1 protocol ip list 101 Bob Perez EPX Network Support CCNA, CCNP, MCSE 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17701t=17693 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Work-related ACL problem [7:17695]
The problem is in your second line. You are denying traffic *sourced* from port 80 (www), not traffic destined for port 80. Change the line to: access-list 101 deny tcp any any eq www I would even consider adding eq www to the first line since you only want to allow web traffic to that host, right? HTH, John Wilson, Bradley 8/29/01 10:03:33 AM Okay gang, this one's work-related so don't feel obligated to help. ;-) I think it's an interesting thought problem though: The Problem I'm Trying To Solve: allow access to a particular website (2.2.2.2) from users on a particular subnet. Do NOT allow them to access any *other* website. Allow them to access other resources within your internal network (172.0.0.0). Here's the ACL I came up with: access-list 101 permit ip any host 167.216.138.4 access-list 101 deny tcp any eq www any access-list 101 permit ip any 172.0.0.0 0.255.255.255 access-list 101 permit ip any any This list was created on an MSFC card running in a 6509 chassis, and has been applied to interface Vlan1 inbound (I tried outbound as well just for kicks). The (unintended) result is that users can access both the target website, as well as other websites on the Internet. Any ideas? Bradley J. Wilson CCNP CCDP MCSE NNCSS CNX MCT CTT EDS/Boston Scientific Account (508) 650-8739 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17702t=17695 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Adding NIC to the PIX ?? [7:17691]
Does Intel make a four port NIC -Original Message- From: Ed Horley [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 11:09 AM To: [EMAIL PROTECTED] Subject: Re: Adding NIC to the PIX ?? [7:17691] Here is the link for the hardware portion: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/install/boa rd.htm Watch the wrap. This covers the 535, 525, 520, 515 for upgrading circuit boards (NICs). In a pinch I have used standard Intel NICs in the PIX 520 to get it up and going and swapped them out after the offical parts came in. I believe to keep your SmartNET contract it requires that you have Cisco purchased parts. They give you Intel NICs in the PIX anyway so you should be safe. I have no idea if there is a change in licensing or not. Regards, Ed Rodney Jackson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have search the Cisco web site for information on adding interfaces to the PIX firewall but have come up short. Do you guys know how to (what changes I need to make to the config) or where I can find the info? Rodney Jackson Dallas Semiconductor Network Engineer (972) 371-4824 [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Rodney Jackson.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17703t=17691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Re: Subject: Re: Subject: Re: TCP/IP question [7:17704]
Comments within and below. Actually, you and I are not as much in disagreement as it might seem at first. Unfortunately, the reality is that some RFCs don't track industry practice. I would say 1812 is the definitive document, but I would also agree this is largely by reference rather than official supercession. We agree. At the London IETF a couple of weeks ago, some people (I'd have to dig up names, but I think they are at USC/ISI, where the RFC Editor function lives) said they are actively working on an update to the host requirements document. I didn't have a chance to ask whether they are also thinking of an 1812 update so the pair of documents are again more or less in sync. I do plan to follow up on this. The discussion was in the PTOMAINE BOF, so it isn't even a WG yet that could act as a home for these documents. I'd suspect they would be directly overseen by the IESG. Maybe it's just my feeble impression, but it seems that a lot of what was previously done at the ISI when John Postel was there is languishing now. RFC 1700 is a good example. It was semi-regularly updated (previous editions were 1340, 1060, 1010, 990, 960, etc.) and now it ot stalled in a 1994 edition that is for all intents and purposes obsolete without replacement. I know what is posted on the web site. It indicates that the protocols and ports page is the current practice for what was covered by RFC 1700, but that misses a salient point. RFCs were meant to be very portable. They were meant to be read by ASCII text readers of all flavors. HTML, while very good for many things, is probably not the best medium of transport for RFCs. That's just my silly opinion and nothing else. In the same vein. Another person posted a request/comment regarding ports and what is used for a particular application. The issue is not one easily and readily resolved. If you go to RFC 1700, all ports are listed as registered for both TCP and UDP. I believe Jon Postel originally did it this way so as not to constrain an application on a given port to use one transport mechanism only. Somebody could come along a few years later and invent a better mousetrap and redesign a protocol to use the other transport method (TACACS and TACACS+ come to mind in this regard). Still, with a few notable exceptions, most applications out there use either TCP or UDP for the transport layer. There should be a readily available document, such as RFC 1700 or its successor, that clearly distinguishes the transport layer in use for the application. There should be a * placed by TCP or UDP registration to signify the assigned protocol for use. Placing a * next to both, as in the case of DNS, would signify that both TCP and UDP are used. For those apps out there that are not readily identifiable as to their preferred transport layer function, then assign a value of U for unknown until somebody can step up to the plate and say one way or another. That would make RFC 1700's successor document truly useful. v/r, Paul Werner Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17704t=17704 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
lesson learned [7:17705]
Pour coffee down throat before posting in the morning. John and not Tom is correct. __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17705t=17705 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT: 7500 Single Slot Reload [7:17699]
On Wed, Aug 29, 2001 at 12:19:41PM -0400, John Neiberger wrote: We may need to upgrade our CIP software on a production 7513 during the day. We've been having some issues over the last couple of days and if things go south again we want to upgrade. In the past we haven't been able to do this on the fly without reloading the entire router. Now that single-slot reload is available I'd like to make use of it if it's safe. Have any of you had any experience with single-slot reloads? Do they work as advertised or do they tend to hose up your router anyway? Are there any caveats I need to be aware of? I see that I have to use the command service single-slot-reload-enable to turn on the feature, but what is the command to actually do the reload? I haven't found that yet and it's not in the Related Commands section of the 12.0 command reference. I've found any type of OIR or similar work on the 7500 series to have about a 50% success rate. To execute a single slot reload, try: conf t mic rel --phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17706t=17699 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Work-related ACL problem [7:17695]
It may not be the syntax of your ACL's at all. Are you using MLS to do L3 switching with the 6509? If you are then you need the Policy Feature Card (PFC) on your Sup blade. It works like this: A packet hits the switch which records the destination IP address in the CAM table and forwards it to the router.(it records more but not important here) The router applies any policy, strips the old destination MAC address (it's own) and replaces it with the next hop router's(or destination#8217;s) and sends it back to the switch. If this packet was for one of the denied www servers it would be dropped. If it is forwarded, the switch compares the destination IP with those in its CAM table. If it finds the original listing (hasn't timed out) it will add the current destination MAC address of the packet. When the next packet to that destination IP hits the switch it will do a lookup, find an associated MAC address, and merrily rewrite the header and send the packet on it's way without consulting the router. Here's the problem: This works fine for L3 switching. To do L4 security, however, you need the PFC. With the set mls flow full command the switch will also record the protocol port, but without the PFC its only good for accounting. Solution: Buy a PFC and use IP-flow mask or turn off multi-layer switching and route every packet. read more at: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_3/msfc/acc_list.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17707t=17695 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN and Outlook [7:17692]
Are you using Outlook w/ Exchange or POP/IMAPing? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17708t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ebgp multihop values [7:17650]
Remember, if you use the Loopback address, that counts as another hop. You use the command in the syntax: neighbor [ip-address|peer group] ebgp-multihop [ttl] If you don't specify a ttl it assumes 255. If you don't enter the command is defaults to 1. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17710t=17650 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: the washington project [7:17659]
The Washington Project is a Threaded Case Study that is part of the Cisco Networking Academy Program. It is a student project that spans two semesters in which the students design a enterprise wide network for a school district (modeled after one of Phoenix, AZ districts I think) that includes multiple lans and wans. It gives the students the opportunity to work with all aspects of the OSI model, from specifying physical layer infrastructure to configuring routers, switches, vlans, wans security. HTH, Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco Regional Networking Academy patrick marangone wrote: has anyone heard of this? if so what does it detail and what exactly must you have to do? [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17709t=17659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Advance Routing Test [7:17711]
I've been working with the Boson study questions. In the actual exam, do they ask you for the exact command to display or configure something or is it multiple choice? Thanks in advance, Rick D. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17711t=17711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Advance Routing Test [7:17711]
It really depends on the test. For routing, they give you a list of about 20 commands with numbers next to them, and you have to choose the correct number. Other tests you have to pick the correct command from the list. And yet others, you just have to know the command. Good Luck, -Original Message- From: D Rick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 2:15 PM To: [EMAIL PROTECTED] Subject: Advance Routing Test [7:17711] I've been working with the Boson study questions. In the actual exam, do they ask you for the exact command to display or configure something or is it multiple choice? Thanks in advance, Rick D. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17712t=17711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed BSCN [7:17522]
Does the test has any fill-ins like the Boson practice question? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17714t=17522 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
I need help [7:17713]
I want to get a IP address or small block of IP's that are registered. I'm not sure exactly how to do this and what it will cost. I own a domain already but it is hosted by a service provider. I know have dsl and a static IP for that but I will want to host my own stuff soon. Don't know how to do it. I have knowledge here and there but feel there are wholes. Can some please describe what I must do to get 3 -5 legal ip's and eventually setup my own site and host my own services Thanks Keith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17713t=17713 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNA Bootcamp [7:17715]
Here are the details of the free CCNA Bootcamp: Location is Fairfield, IA Starting Date : September 17, 2001 Duration is 5 Days Hours: 9:00 am - 4:00 pm Material you bring: The CCNA preparation library (Cisco CCNA #640-507 Preparation Library -- Cisco Systems Inc., Stephen McQuerry) Material we provide: 1 Cisco Router/student with inferfaces: fast-ethernet/isdn bri/2 serial (IOS 12.0) 1 Cisco 1912XL-EN /student One ISDN Teltone simulator for the class (to test isdn) One class-router (acting as a frame-relay switch) One core switch (2924XL-EN) Class format: Bootcamp (Short lectures + Lots of Hands/on + Test Preparation) Enrollement: For the bootcamp to run I must have a minimum of 8 students registered. Contribution: I have to pay to use the equipment and the training room if we have 8 students registered (minimum needed for the bootcamp to run) you need to bring $575 If we have 16 students registered you only need to bring $510 Pierre-Alex - Original Posting: In honor of my appointment as faculty, I am offering a free boot camp to 16 students on the 17 of September 2001. If you are interested please contact me. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17715t=17715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Yet another silly CCIE lab prep question [7:17716]
I apologize in advance for posting this. I know we get a couple of these a week, it seems, but I don't want to leave any bases uncovered. Here is what it looks like I'm going to end up with at home: (2) 2501 2504 2513 2522 4000 (with two serial interfaces) Catalyst 1200 (yes, that's right, I said a 1200!!) Token Ring MAU Blackbox switch (instead of 2509 or 2511) I'm hoping that the 1200 will be able to handle most of the switching chores. It can't do ISL trunking and it's only low speed, but I get experience with that kind of stuff at work. I won't be able to do etherchannel, but I don't have any routers or other switches so that's not relevant here. I still plan on getting a day or two of lab time up at University of Colorado at $500/day. I also may get in a day or two at the local Cisco office (keep your fingers crossed). For my home lab, though, if I manage to find some lab scenarios to study with that only use a few routers, have I already shot myself in the foot? Will I *need* to get more or will this suffice? I will also be getting an ISDN simulator but that's going to have to wait for a few months. Any advice? Thanks! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17716t=17716 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I need help [7:17713]
you might begin here... http://www.arin.net/index.html -Original Message- From: Keith J. [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 11:29 To: [EMAIL PROTECTED] Subject: I need help [7:17713] I want to get a IP address or small block of IP's that are registered. I'm not sure exactly how to do this and what it will cost. I own a domain already but it is hosted by a service provider. I know have dsl and a static IP for that but I will want to host my own stuff soon. Don't know how to do it. I have knowledge here and there but feel there are wholes. Can some please describe what I must do to get 3 -5 legal ip's and eventually setup my own site and host my own services Thanks Keith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17718t=17713 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN and Outlook [7:17692]
Judging from the fact that Tom's doing VPN, I'd say 'with Exchange.' I realize that you already have VPN 3000 Concentrator; but, try Netscreen VPN, it's lightening fast. Randall -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 10:42 AM To: [EMAIL PROTECTED] Subject: RE: VPN and Outlook [7:17692] Are you using Outlook w/ Exchange or POP/IMAPing? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Richs Sent: Wednesday, August 29, 2001 08:55 AM To: [EMAIL PROTECTED] Subject: VPN and Outlook [7:17692] I have a VPN 3000 concentrator installed. When Microsoft Outlook is launched with the VPN client connection, Outlook is extremely slow. Has anyone encounter this or have any insight on this. Thanks. Tom _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17719t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 envelopes [7:17666]
who is Tom Chambers? - Original Message - From: netm thru To: Sent: Wednesday, August 29, 2001 6:25 AM Subject: 3 envelopes [7:17666] A CEO resigned from a company and left the new CEO 3 envelopes. The new one asked the old one what they were for. He replied open them one at a time when times get tough. A few months later when times were tough the new CEO opened an envelope and it said Blame the economy so he did. A quarter later when things were still bad he opened the second envelope. It said Restructure. A couple of quarters later he opened the third envelope. It said Leave 3 envelopes. How long before Tom Chambers leaves his 3 envelopes? __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17721t=17666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I need help [7:17713]
Call your DSL provider and ask them for a small block of IP addresses - let them know your requirements and they'll probably assign you a small subnet (/248 which is 6 IP addresses) instead of a single address. They'll also be able to give you a price for that block of address space. Once you have the address space assigned at your new host location, you can host your own applications by having the servers setup and by requesting a DNS change from your exising service provider or your DSL provider, which will move the IP addresses associated with your domain names from the service provider to your new addresses. -e- - Original Message - From: Keith J. To: Sent: Wednesday, August 29, 2001 11:29 AM Subject: I need help [7:17713] I want to get a IP address or small block of IP's that are registered. I'm not sure exactly how to do this and what it will cost. I own a domain already but it is hosted by a service provider. I know have dsl and a static IP for that but I will want to host my own stuff soon. Don't know how to do it. I have knowledge here and there but feel there are wholes. Can some please describe what I must do to get 3 -5 legal ip's and eventually setup my own site and host my own services Thanks Keith _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17720t=17713 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN and Outlook [7:17692]
Is your VPN client using NAT? If so, disable Allow IPSec through NAT (yes, disable). I had same problem with VPN client 3.0 beta, not sure if it's fixed in 3.1... --- Tom Richs wrote: I have a VPN 3000 concentrator installed. When Microsoft Outlook is launched with the VPN client connection, Outlook is extremely slow. Has anyone encounter this or have any insight on this. Thanks. Tom _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp [EMAIL PROTECTED] __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17722t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question about new lab format. [7:17723]
Folks, Is there any other sources besides the CISCO site to read up on the new CCIE lab format? Thanks in advance, Raul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17723t=17723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN and Outlook [7:17692]
I would also look at your MTU setting on the clientwith the overhead the IPSEC puts on the packet some transmissions will be slow1400 seemed to work the best for us Thanks, Chris Boyd Network Support Alex Lee, Inc. 828-485-4803 120 4th St SW Hickory, NC 28602 www.alexlee.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Randall Yoo Sent: Wednesday, August 29, 2001 3:26 PM To: [EMAIL PROTECTED] Subject: RE: VPN and Outlook [7:17692] Judging from the fact that Tom's doing VPN, I'd say 'with Exchange.' I realize that you already have VPN 3000 Concentrator; but, try Netscreen VPN, it's lightening fast. Randall -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 10:42 AM To: [EMAIL PROTECTED] Subject: RE: VPN and Outlook [7:17692] Are you using Outlook w/ Exchange or POP/IMAPing? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Richs Sent: Wednesday, August 29, 2001 08:55 AM To: [EMAIL PROTECTED] Subject: VPN and Outlook [7:17692] I have a VPN 3000 concentrator installed. When Microsoft Outlook is launched with the VPN client connection, Outlook is extremely slow. Has anyone encounter this or have any insight on this. Thanks. Tom _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17724t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3524s and Spanning tree [7:17725]
Using the GigaStack GBICs and cables you can cluster up to 16 3524 switches. Is there a limit to how many switches you can run spanning tree on with the GigaStack GBICs? For some reason I thought I read 7 as a limit, but I cannot verify that. Any help would be appreciated. Thanks, Rob Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17725t=17725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
newsgroups block behind pix [7:17727]
im unable to reach any newsgroups from behind my pix, do i have to specify a port? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17727t=17727 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPSEC Q's [7:17646]
Q1 - crypto ipsec transform-set [your parameters] esp-3des WARNING - if you don't have the triple-DES version of IOS on your router, then 3des won't be available. Q2 - show crypto ipsec sa will show all the inbound and outbound security associations (tunnels) when a tunnel does indeed come up. COMMENTS: If you do a show access list and don't see any hits on ACL 101, that would be a indicator of where your problem lies. No matches to the 'match address 110' = no tunnel. -e- - Original Message - From: Cisco Lover To: Sent: Wednesday, August 29, 2001 1:50 AM Subject: IPSEC Q's [7:17646] Hi Guys.. Can you please help for some IPSEC Stuf. Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? Q2. Is there any way to confirm if Our VPN/IPSEC setup is working properly.. I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant see any thing coming.Below is my config and Show command results. My concern is to protect Telnet traffic b/w thess two guys. ISDN1#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN1 ! enable secret 5 $1$LYk/$PJGs8FlVtZXjf/dcBrwcO/ ! ! ! ! ! memory-size iomem 7 ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.3.1 255.255.255.255 crypto isakmp key cisco address 135.25.11.1 255.255.255.252 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.1 set peer 135.25.3.1 set transform-set Cisco2 match address 110 ! ! ! ! interface Loopback0 ip address 135.25.4.1 255.255.255.255 no ip directed-broadcast ! interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside duplex auto speed auto ! interface Serial0/0 ip address 135.25.11.2 255.255.255.252 no ip directed-broadcast ip nat outside no ip mroute-cache no fair-queue crypto map CCIE ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface FastEthernet0/1 ip address 135.25.11.9 255.255.255.252 no ip directed-broadcast duplex auto speed auto ! router ospf 64 network 135.25.4.1 0.0.0.0 area 0 network 135.25.11.2 0.0.0.0 area 0 network 135.25.11.9 0.0.0.0 area 0 ! ip nat pool CCIE 135.25.11.2 135.25.11.2 prefix-length 30 ip nat inside source list 1 pool CCIE overload ip classless no ip http server ! access-list 1 permit 10.1.1.0 0.0.0.255 access-list 110 permit tcp host 135.25.4.1 host 135.25.3.1 eq telnet ! ! voice-port 1/0/0 ! voice-port 1/0/1 ! voice-port 1/1/0 ! voice-port 1/1/1 ! ! ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ISDN2#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN2 ! enable secret 5 $1$so9r$GFjeRLyea2vUgn2HbMvOG1 ! ! ! ! ! ip subnet-zero no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key cisco address 135.25.11.2 crypto isakmp key cisco address 135.25.4.1 ! ! crypto ipsec transform-set Cisco ah-md5-hmac esp-des crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac ! ! crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.2 set peer 135.25.4.1 set transform-set Cisco2 match address 110 partition flash 2 16 8 ! ! ! ! ! ! ! interface Loopback0 ip address 135.25.3.1 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 10.1.1.2 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! interface Serial1/0 ip address 135.25.9.1 255.255.255.252 no ip directed-broadcast fair-queue 64 32 1 clockrate 72000 ip rsvp bandwidth 16 13 ! interface Serial1/1 ip address 135.25.11.1 255.255.255.252 no ip directed-broadcast clockrate 72000 crypto map CCIE ! interface Serial1/2 ip address 135.25.9.5 255.255.255.252 no ip directed-broadcast clockrate 72000 ! interface Serial1/3 no ip address no ip directed-broadcast shutdown ! interface Serial1/4 ip address 135.25.11.5 255.255.255.252 no ip directed-broadcast ! interface Serial1/5 no ip address no ip directed-broadcast shutdown ! interface Serial1/6 no ip address no ip
Re: Adding NIC to the PIX ?? [7:17691]
First make sure your license supports another interface. Second, it's just another interface that needs a name, IP, and subnet like the other 2. Don't forget to set the security level. Usually people set outside to 0, inside to 100, and 3rd interface to something like 50 so inside can get to it without security settings and outside users still needs statics and conduits/acl's to access that network. Allen - Original Message - From: Rodney Jackson To: Sent: Wednesday, August 29, 2001 10:49 AM Subject: Adding NIC to the PIX ?? [7:17691] I have search the Cisco web site for information on adding interfaces to the PIX firewall but have come up short. Do you guys know how to (what changes I need to make to the config) or where I can find the info? Rodney Jackson Dallas Semiconductor Network Engineer (972) 371-4824 [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Rodney Jackson.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17728t=17691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NetBios Header [7:17371]
Here's some info. http://www.protocols.com/pbook/ibm.htm http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg242009.pdf (Chapter 4) HTH, Karen *** REPLY SEPARATOR *** On 8/27/2001 at 5:35 AM Lists Wizard wrote: Hello Group, I tried my best to find information about NetBios header format, but I could not. Could you please send me any useful link regarding this matter. Thanks Lw Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17729t=17371 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN and Outlook [7:17692]
I have the same problem, but its due to the fact that users are pulling so much data from exchange over a 56k link latency is expected. My users that have dsl and cable modems have no complaints. Kevin From: Randall Yoo Reply-To: Randall Yoo To: [EMAIL PROTECTED] Subject: RE: VPN and Outlook [7:17692] Date: Wed, 29 Aug 2001 15:26:11 -0400 Judging from the fact that Tom's doing VPN, I'd say 'with Exchange.' I realize that you already have VPN 3000 Concentrator; but, try Netscreen VPN, it's lightening fast. Randall -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 10:42 AM To: [EMAIL PROTECTED] Subject: RE: VPN and Outlook [7:17692] Are you using Outlook w/ Exchange or POP/IMAPing? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Richs Sent: Wednesday, August 29, 2001 08:55 AM To: [EMAIL PROTECTED] Subject: VPN and Outlook [7:17692] I have a VPN 3000 concentrator installed. When Microsoft Outlook is launched with the VPN client connection, Outlook is extremely slow. Has anyone encounter this or have any insight on this. Thanks. Tom _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17730t=17692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
syslog debug [7:17731]
Hello, I have a syslog server and I turned on some debugs on a Cisco router. But the syslog server didn't get any debug information. Do I need to do anything on syslog server or router? Thanks in advance. Jim __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17731t=17731 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Yet another silly CCIE lab prep question [7:17716]
Nah, that's a great setup John. You have 5 routers there, and a possible 6th with the 4000. Start looking at fatkid.com and his smaller labs (400 and below), and see how well you line up with those (we're forever substituting Ethernet for Token Ring and vice-versa in my partner's lab setups to make due with our equipment on those labs) The 2522 is a great frame relay switch and can double as a 1E/2T/1BRI router... 2513 give you SR/TLB You can add some NPs to your 4000 (I'd suggest the NP-2E and NP-2R) You'll need a bunch of DTE/DCE cables (mostly 60-pin variety...and a couple of 60-pin to 50-pin for the NP-2T in the 4000) If trunking is only worth one or two points on the exam, it's worth knowing but not sweating - just think sub-interfaces on the router, and know the encapsulation commands on the router and switch interfaces I'd be a bit more concerned with flash/DRAM - 12.1 Enterprise requires 16/16, and you could use mzmaker if you have 8/16, but we've run into a few problems with that lately (routers crashing because of MALLOC problems) - Original Message - From: John Neiberger To: Sent: Wednesday, August 29, 2001 11:41 AM Subject: Yet another silly CCIE lab prep question [7:17716] I apologize in advance for posting this. I know we get a couple of these a week, it seems, but I don't want to leave any bases uncovered. Here is what it looks like I'm going to end up with at home: (2) 2501 2504 2513 2522 4000 (with two serial interfaces) Catalyst 1200 (yes, that's right, I said a 1200!!) Token Ring MAU Blackbox switch (instead of 2509 or 2511) I'm hoping that the 1200 will be able to handle most of the switching chores. It can't do ISL trunking and it's only low speed, but I get experience with that kind of stuff at work. I won't be able to do etherchannel, but I don't have any routers or other switches so that's not relevant here. I still plan on getting a day or two of lab time up at University of Colorado at $500/day. I also may get in a day or two at the local Cisco office (keep your fingers crossed). For my home lab, though, if I manage to find some lab scenarios to study with that only use a few routers, have I already shot myself in the foot? Will I *need* to get more or will this suffice? I will also be getting an ISDN simulator but that's going to have to wait for a few months. Any advice? Thanks! John _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17732t=17716 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 envelopes [7:17666]
marilyn's husband - Original Message - From: EA Louie To: Sent: Wednesday, August 29, 2001 12:29 PM Subject: Re: 3 envelopes [7:17666] who is Tom Chambers? - Original Message - From: netm thru To: Sent: Wednesday, August 29, 2001 6:25 AM Subject: 3 envelopes [7:17666] A CEO resigned from a company and left the new CEO 3 envelopes. The new one asked the old one what they were for. He replied open them one at a time when times get tough. A few months later when times were tough the new CEO opened an envelope and it said Blame the economy so he did. A quarter later when things were still bad he opened the second envelope. It said Restructure. A couple of quarters later he opened the third envelope. It said Leave 3 envelopes. How long before Tom Chambers leaves his 3 envelopes? __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17734t=17666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 envelopes [7:17666]
He used to play basketball for the Phoenix Suns about 10 years ago. He was a great 3 point shooter and a pretty good dunker for a white guy.. http://global.nba.com/history/chambers_bio.html sam sneed EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... who is Tom Chambers? - Original Message - From: netm thru To: Sent: Wednesday, August 29, 2001 6:25 AM Subject: 3 envelopes [7:17666] A CEO resigned from a company and left the new CEO 3 envelopes. The new one asked the old one what they were for. He replied open them one at a time when times get tough. A few months later when times were tough the new CEO opened an envelope and it said Blame the economy so he did. A quarter later when things were still bad he opened the second envelope. It said Restructure. A couple of quarters later he opened the third envelope. It said Leave 3 envelopes. How long before Tom Chambers leaves his 3 envelopes? __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17735t=17666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]