How config changes logged? [7:20968]
Configuration changes are logged, but not what commands were changed. The configuration change log messages are severity 5 (notification), so if your logging only shows warnings and higher, you won't see the notifications. Example of a notification... .Sep 24 10:25:39 EST: %SYS-5-CONFIG_I: Configured from console by vty0 (1.2.99.2) As you can see, it doesn't show what was changed or who changed it (beyond an IP address - I think with tacacs implemented you will see the user), but at least it shows the time. JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 26/09/2001 03:43 pm - Cisco Breaker To: [EMAIL PROTECTED] Subject: How config changes logged? [7:20968] Sent by: nobody@groupst udy.com 25/09/2001 06:00 pm Please respond to Cisco Breaker Hi everyone? Does anybody know how to view the last time the config changed or how to view which commands added at what time to a router? I tried show log I only see updowns etc.. Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21106t=20968 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Is following CCIE written book list enough? [7:21107]
I'm on way to ccie written. Now I am using the clark, jeff, halabi to prepare. Is caslow needed? I also know ATM is part of the exam, which is my weakness. Is it very difficult? Thanks for all rely my question! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21107t=21107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW Confusion:Canonical/noncanonical [7:21109]
Hi guys, Having a very simple confusion about when and where we need to convert canonical/noncanonical addresses ,when dealing with DLSW+?? Like for eg, if the Question ask to use ICANREACH macaddress command on tokenring router to show that this router can reach an ethernet macaddress DO we have to change ethernet address to noncanonical at this stage before specifying with ICANREACh command or ant thing else?? Please solve the confusion. Thanks. Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21109t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: PIX agent for oracle configuration [7:21110]
Hi Gents, I need some assistance in configuring the Cisco PIX agent for oracle to allow SQL*NET request from external network thru the PIX to access internal Oracle database? the pix works fine but the only problem is the oracle side which port does it use.? Thanks Guys Rod Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21110t=21110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sniffing Packet From the router. [7:21111]
Hi, Does anyone know how I can sniff packet from a router. Or can the router redirect the packet to another Ethernet interface. Like Span port on the switch. I need to capture the packet that is going across the WAN interface. Thanks. Ken Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
content service switch 11500? [7:21112]
i want to use 2 web switches 11500 to load-balance 2 pixs , how could i design it ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21112t=21112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice over IP specific [7:21031]
Looking at what your doing you should be able to dial only once and reach the client on the other side. From my experience you would never have to dial an access code at each stage. I've got some sample config's with pots ports and lots of isdn configs, if you have any more specific questions let me know, regards Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, We have a customer that wants a implementation of voice over ip. Their dial plan will be like this. A-clients --pbx--router--voip--router--pbx--Bclients | | router | PBX | Cclients Normally if an A client want to reach a client from B, they dial 66 and from PBX or FXS they get a line and dial 76 and reach the corresponding route rfrom voip and dial 86 to reach PBX and the last step they dial the Bclients expansion number 801. My question is this, Is it possible to only dial once and reach the corresponding Bclient from A without PLar (cause A client will Cclients too)? I want to appoint ony one number and make it dial all 66,76,86,801 with commas ofcourse cause there is a waiting time over PBXs. Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21113t=21031 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
Yes the firewalls are all PIX. For the PIX can I set up the PIX to receive RIP routes redistributed from the EIGRP routers? If so this will save a lot of admin work, but will this be a security risk, ie. someone being able to inject routes into the PIX? regards Carroll Kong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What kind of firewalls? Pix? If so, try RIP v2 with redistribution into your routers. As for discontiguous networks, there are many ways around that, with a different cost associated of course. At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: Hi everyone I've got a project where I have to design and implement EIGRP in a small to medium sized network of about 50 to 70 routers. One of my main problems is what to do with routing updates at the firewalls at each site, should they be allowed to pass through the firewall or should statics be used either side of the firewalls. Another problem I can see is the routes on the firewalls, is there a way to avoid having to type all those route entries in them, the network has many discontiguous networks. And one last point is the redistribution to the BGP routers at the edge of the network I'm after some tips, experiences and URLs so I can read around the subject myself Regards Pat -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21114t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Other Groups [7:21115]
Dear All, This newsgroup has been really helpful and great. Do anyone of you know more groups on Cisco like this ? Mukul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21115t=21115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN support in Tacacs+ ? [7:21118]
Hi, I am trying to configure the Tacacs+ for the ISDN callin Callback, but did'nt find much AV pairs and information regarding this issue. Is anybody knows or has any information regarding this issue? Please share this information with me. Thanks a lot, Arshad Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21118t=21118 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MPLS Beta Exam + Multicast/QOS Beta Exam [7:21116]
Did any who has attended the beta exam for MPLS or QOS Beta Exam.? I would like to know which material can be used to prepare for the exam? Which books should I read? Is the books enough for the exam? Appreciate any recommendation. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21116t=21116 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice over IP specific [7:21031]
I have made the config with num-exp command and it worked. Thanks for the answers. Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, We have a customer that wants a implementation of voice over ip. Their dial plan will be like this. A-clients --pbx--router--voip--router--pbx--Bclients | | router | PBX | Cclients Normally if an A client want to reach a client from B, they dial 66 and from PBX or FXS they get a line and dial 76 and reach the corresponding route rfrom voip and dial 86 to reach PBX and the last step they dial the Bclients expansion number 801. My question is this, Is it possible to only dial once and reach the corresponding Bclient from A without PLar (cause A client will Cclients too)? I want to appoint ony one number and make it dial all 66,76,86,801 with commas ofcourse cause there is a waiting time over PBXs. Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21119t=21031 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed switching [7:20868]
you are not allowed to take anything in the exam room and this should go for all exams! It is not correct...I was allowed to take coca-cola in the exam room :) Ciao, Teresa From: Baker, Jason To: [EMAIL PROTECTED] Sent: Wednesday, September 26, 2001 7:01 AM Subject: RE: Passed switching [7:20868] hmmm you are asking what you are allowed to bring in.. sounds to me you have been doing your exams at dodgy exam centre as well. you are not allowed to take anything in the exam room and this should go for all exams! Jason -Original Message- From: Juan Blanco [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, 26 September 2001 7:43 am To: [EMAIL PROTECTED] Subject: RE: Passed switching [7:20868] The passing score is 699 -Original Message- From: John McCartney To: [EMAIL PROTECTED] Sent: 9/25/2001 2:57 PM Subject: RE: Passed switching [7:20868] What is the passing score for the BCMSN? I'm taking mine in about 3 weeks. Also, what did they let you bring in? Congrats on passing, keep going!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21117t=20868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN [7:21120]
Hey Guys, My setup as follows Internet -- Router PIX -- Internal network We are using a 192.168.x.x network and using NAT to change to valid ip address.So when I need to setup VPN should I use the 192.168.x.x or the Valid Ip address? My internet router config interface FastEthernet0/0 ip address 192.168.y.x 255.255.255.252 ip nat inside interface Serial0/0 ip address 192.168.x.x 255.255.255.240 More which is advisable.. 1)VPN to router or VPN to PIX ? Pls explain in detail... Make a difference, help support the relief efforts in the U.S. http://clubs.lycos.com/live/events/september11.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21120t=21120 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: content service switch 11500? [7:21112]
This would be possible, but the only catch is that you'd have to be running RIP, OSPF, or using static routing (since those are the only routing options with the CSS platform). BJ -Original Message- From: steven [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 3:45 AM To: [EMAIL PROTECTED] Subject: content service switch 11500? [7:21112] i want to use 2 web switches 11500 to load-balance 2 pixs , how could i design it ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21122t=21112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Just Passes CCIE Written [7:21121]
Hi Just want to say thanks to every one in this forum, I just came back from writing my CCIE Written. If I have to single out one book it is probably Caslow's Book (v1) It contained all the information I needed to pass the exam. Phantoms Method -- First I did CCNP, Took me 4 Months. After CIT I downloaded Cisco Blueprint and checked what was extra above the CCNP. I then got the exam cram from brainbuzz and went through that. (A few errors in there but well worth the read) I then downloaded all the exam crams for CCNP end went through them as a refresher of what I already new from doing my CCNP. I then worked through Caslows books end referenced my CCNP books every now and then to clarify certain things. I also used the tokenring paper from CCPREP, (a MUST Have) http://www.ccprep.com/resources/news/archives/Token_Ring2.pdf I probably got atleast one question out of each section on the blueprint. Don't know how its going to change at the end of the month though. Now its on to the lab. Phantom Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21121t=21121 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: PIX agent for oracle configuration [7:21110]
It uses tcp port between 1521 and 1571; however, 1521 and 1526 is most commonly used because usually Oracle listener is running on either of these port. Do a netstat -an | grep 1521 or 1526 to check of Oracle listener is running on the box. From: Rod Rodericks Reply-To: Rod Rodericks To: [EMAIL PROTECTED] Subject: re: PIX agent for oracle configuration [7:21110] Date: Wed, 26 Sep 2001 03:29:14 -0400 Hi Gents, I need some assistance in configuring the Cisco PIX agent for oracle to allow SQL*NET request from external network thru the PIX to access internal Oracle database? the pix works fine but the only problem is the oracle side which port does it use.? Thanks Guys Rod Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21110t=21110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21123t=21110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3Com Switch [7:20980]
Dear Mark, Our switch hasnt got a reset button in the back but Bob's advice was great as we solved the problem Thanks anyway Silvia -Original Message- From: Mark Odette II [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, September 25, 2001 7:59 PM To: [EMAIL PROTECTED] Subject: Re: 3Com Switch [7:20980] Another way to recover the password Cisco fashion, is to hook up a null modem cable to the console port, and break out your favorite terminal app. Power off the switch, wait 30 seconds, and while powering it back up, depress the little reset button on the back for 5-10 seconds. This will return the device to its factory defaults, as per 3Com Tech Support and that way, you don't have to RMA the device. They, of course, don't post this tidbit on the website you only learn of it when you call in for a support call with a registered piece of equipment. Mark - Original Message - From: Bob Timmons To: Sent: Tuesday, September 25, 2001 7:35 AM Subject: Re: 3Com Switch [7:20980] Found this on 3com's site: - SolutionID: 2.0.76269083.3278305 Title: SuperStack II Switch 3300 - How to recover lost password on a 1100/3300 switch? Goal How to recover lost password on a 1100/3300 switch? Fact 3C16980 Fact 3C16980A Fact SuperStack II Switch 3300 Fact SuperStack II Switch 3300 Fact SuperStack II Switch 1100 Fact default password Symptom lost password Cause The password was changed and now the switch cannot be accessed. Fix The default password for the admin account is no password (just press enter when prompted for the password). If you can not access the switch try the security account using security as login and security as password. As soon as you gain access to the switch modify the admin account and re-login as administrator. You should avoid to access as security for administrative tasks. If you still have no access to the switch, please, contact 3Com to RMA the unit. - Hi I have a 3Com Switch 3300 - 24 Port Superstack II that unfortunately I dont know the password. Maybe somebody can give advice in how to do a password recovery /hack the device? I have not been able to find in the 3Com site documentation for this purpose. Thanks Sil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21125t=20980 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Aux port - Dialer setup question [7:21088]
Robert, having done this exact same setup in my CCIE lab using a teltone POTS simulator I can verify that this can be done. You were right on in asking about the async port. That will be the physical interface to your dialer1. Your basical config may look something like this interface async1 ip unnumbered ethernet0 no ip directed-broadcast encap ppp no ip route-cache no ip mroute-cache async mode dedicated fair-queue 64 16 0 no cdp enable ppp authentication chap Check out this link as it provides a lot of information for DDR. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12supdoc/dsq cg3/qcddr.htm#xtocid60145 Watch the wrap. Tim -Original Message- From: Robert Fowler [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, September 25, 2001 9:51 PM To: [EMAIL PROTECTED] Subject: Aux port - Dialer setup question [7:21088] While studying for my BCRAN test, I decided to test some of what I learned however I think I may have hit a bump. I think the problem is you can't put an aux port into a dialer pool because it doesn't have a physical interface. However for the purpose of this exercise I let you in on what I have attempted. I have 2 routers, I have a modem connected to each aux port. The 2 routers have a link between them, if that link goes down I want 1 router to call the 2nd and establish a connection using the aux ports. Do I have to have an asynch port in order to accomplish this? Thank You, Robert Fowler Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21124t=21088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Equipment [7:21127]
Hello all I have being reading the posts that have being posted in this list for the last few weeks. If anybody can help me, I am trying to purchase some secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and Lab. At this time I cannot find anywere that resells secondhand equipment. Does anybody from this part of the world have any ideas. Cheers Derek Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21127t=21127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Purchase Routers in Ireland [7:21109]
Hello all I have being reading the posts that have being posted in this list for the last few weeks. If anybody can help me, I am trying to purchase some secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and Lab. At this time I cannot find anywere that resells secondhand equipment. Does anybody from this part of the world have any ideas. Cheers Derek Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21126t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed switching [7:20868]
I heard that if you read a Coca-cola can backwards it has all the answers to the foundation exam! :) -Original Message- From: TP [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 6:23 AM To: [EMAIL PROTECTED] Subject: Re: Passed switching [7:20868] you are not allowed to take anything in the exam room and this should go for all exams! It is not correct...I was allowed to take coca-cola in the exam room :) Ciao, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21128t=20868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
End to end Voip not working [7:21129]
Hello All, I am facing some problems in making an end to end VoIP call over an IPLC.We are using 4 wire em, type 5 signalling The local loopback/ hairpinning is working fine at one of the ends but it fails sometimes at the remote end.The IPLC link is stable and has no errors. Can someone suggest any debugging areas. Could it be some kind of signalling problem. Please suggest. Regards Amit __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21129t=21129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NT Users cannot logon [7:21130]
Do you have WINS server setting configured correctly for the client workstations. Unless u have a domain controller, clients will not know how to contact the domain controller... WINS helps you on that. Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21134t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PRI to BRI BACKUP [7:21136]
Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21136t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need Help on pix [7:21135]
Hi all I am facing the a strange problem. All the site were working fine till yesterday. Now I can just ping from outside both with Ip and name. But cannot bring the site from outside with IP number and site name. DNS is working fine. When I move one site out the firewall the site is up and running. Is it the problem of the pix. Any ideas = Rajeev Karamchand MCSE,MCSE+I,MCDBA,CCNA __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21135t=21135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NT Users cannot logon [7:21130]
All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21130t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
I think if you configure the router for 'ip dhcp-server' you are configuring the router as a dhcp server. If you want to do that you need to configure a address pool as well. -Eric -Original Message- From: khramov [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:24 AM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21137t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Telnet listening port [7:21138]
Sorry in advance for the monkey question...I'd like to Pat the 23 port of my Dialer interface (ip negotiated) to the inside lan. I am able to do this, but obviosly I lost the connection with the router from outside. There's a command to change the listening telnet port on the vty lines? I have a 827 with 12.0(3). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21138t=21138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Quick TFTP question [7:21139]
I would like to know about the tftp server for back ups- how does the router know the location on the machine used for the storages of images. I know you give the address- ie domain name or IP address but what about the directory? Thanks in advance suleman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21139t=21139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which layer do the ospf bgp rip work on [7:20953]
Ya that may be been since when has ANSI been the authoritative source for correct spelling, I trust Merriam-Webster more... http://www.m-w.com/cgi-bin/dictionary fibre is a variant of fiber Dave Dr Rita Puzmanova wrote: Keeping myself - hopefully - unbiased in this spelling discussion (not being native English speaker) I would like to point out - FYI - that FIBRE CHANNEL is the ANSI standard?! Rita MADMAN wrote: Ah yes I should have known it was a British spelling, like centre, fibre, behaviour etc... When they gonna learn some good English ;) David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21141t=20953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE-Security Written [7:21140]
Group, Is there anyone out there who is preparing to write CCIE-Security? Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21140t=21140 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW Confusion:Canonical/noncanonical [7:21109]
I have done many DLSW configs including what used to be refered to as translational bridging and had never had to worry about canonical, non-canonical. Now ring numbers in hex vs. dec is another story... Dave Cisco Lover wrote: Hi guys, Having a very simple confusion about when and where we need to convert canonical/noncanonical addresses ,when dealing with DLSW+?? Like for eg, if the Question ask to use ICANREACH macaddress command on tokenring router to show that this router can reach an ethernet macaddress DO we have to change ethernet address to noncanonical at this stage before specifying with ICANREACh command or ant thing else?? Please solve the confusion. Thanks. Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21143t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can I configure 2 leased line for single channel ? [7:21142]
You can use ppp multilink but as I have said in the past, why bother with the extra configs and overhead when you can simply enable CEF and load share per packet or destination, your choice... Dave [EMAIL PROTECTED] wrote: Hello all I have 128 KBPS leased line between 2 routers and I want to enhance the performance of the same using one more leased line . Can anyboby suggest me whether is there any command which will make these 2 lines to work as 1 logical line as is the case with etherchannel ? Thanks in advance. -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21142t=21142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 6509 L 3 module [7:20997]
i9f i get what you ask correctly ... the L3 module is a MSFC/RSM this is either a daughterboard on the supervisor cards or a seperate card.. basically they are a 2600 router on a card here are some links to cisco configs http://www.cisco.com/warp/public/473/23.html http://www.cisco.com/warp/customer/473/35.html From: chris Reply-To: chris To: [EMAIL PROTECTED] Subject: 6509 L 3 module [7:20997] Date: Tue, 25 Sep 2001 10:41:56 -0400 Where can I find well documented configuration information about the 6509 with Layer 3 module? E.g. like routing between 2 6509 with layer L3 modules. I believe it is a little different than connecting two 3600 back to back because they are switched ports first. Any info will help. Thanks Chris _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21145t=20997 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffing Packet From the router. [7:21111]
You can easily hedge your bets against crashing the router by using an extended access-list with ip packet debuging. Dave Dennis wrote: debug ip packet... use with extreme care, you could crash the router if you have lots of traffic... Ken wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Does anyone know how I can sniff packet from a router. Or can the router redirect the packet to another Ethernet interface. Like Span port on the switch. I need to capture the packet that is going across the WAN interface. Thanks. Ken -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21144t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Alex, Ip dhcp-server should be sufficient for your needs. Nothing else should need to be enabled. Try it out. Tim Booth - Original Message - From: khramov To: Sent: Wednesday, September 26, 2001 8:24 AM Subject: Re: DHCP [7:21051] Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21146t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can I configure 2 leased line for single channel ? [7:21147]
not as far as i am aware What you COULD do ..is set them up as seperate lines ...and then run eigrp/ospf betweeen them ...this will load balance the lines.. you could just upgrade your one line to 256k...also but there is no serial etherchannel varient.. you can do it with isdn using dialer channel`s HTH steve From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Can I configure 2 leased line for single channel ? [7:21105] Date: Wed, 26 Sep 2001 02:26:48 -0400 Hello all I have 128 KBPS leased line between 2 routers and I want to enhance the performance of the same using one more leased line . Can anyboby suggest me whether is there any command which will make these 2 lines to work as 1 logical line as is the case with etherchannel ? Thanks in advance. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21147t=21147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3524 - Gigabit Etherchannel [7:21149]
Is Gigabit Etherchannel available on the 3524 and/or 4006? I have some documentation and it only mentions the Catalyst 5000 line. TIA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21149t=21149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PRI to BRI BACKUP [7:21136]
Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21150t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can I configure 2 leased line for single channel ? [7:21105]
If you change the encap to ppp, you can build a multilink bundle, and have a pipe going between you routers. Do search on configuring virtual template on cisco.com Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21151t=21105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
AW: PRI to BRI BACKUP [7:21136]
thanks tim, but how it is possible to assign channel-groups ? best regards -Urspr|ngliche Nachricht- Von: Tim Booth [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 26. September 2001 16:17 An: [EMAIL PROTECTED] Betreff: Re: PRI to BRI BACKUP [7:21136] Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21153t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can I configure 2 leased line for single channel ? [7:21154]
Could he set the encapsulation of each serial int to be ppp, and use ppp multilink on them?? - Original Message - From: Stephen Skinner To: Sent: Thursday, September 27, 2001 12:28 AM Subject: Re: Can I configure 2 leased line for single channel ? [7:21147] not as far as i am aware What you COULD do ..is set them up as seperate lines ...and then run eigrp/ospf betweeen them ...this will load balance the lines.. you could just upgrade your one line to 256k...also but there is no serial etherchannel varient.. you can do it with isdn using dialer channel`s HTH steve From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Can I configure 2 leased line for single channel ? [7:21105] Date: Wed, 26 Sep 2001 02:26:48 -0400 Hello all I have 128 KBPS leased line between 2 routers and I want to enhance the performance of the same using one more leased line . Can anyboby suggest me whether is there any command which will make these 2 lines to work as 1 logical line as is the case with etherchannel ? Thanks in advance. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21154t=21154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which layer do the ospf bgp rip work on [7:20953]
You may trust Merriam-Webster, but if you want to find things in standards documents, I suggest you follow their rules. Ya that may be been since when has ANSI been the authoritative source for correct spelling, I trust Merriam-Webster more... http://www.m-w.com/cgi-bin/dictionary fibre is a variant of fiber Dave Dr Rita Puzmanova wrote: Keeping myself - hopefully - unbiased in this spelling discussion (not being native English speaker) I would like to point out - FYI - that FIBRE CHANNEL is the ANSI standard?! Rita MADMAN wrote: Ah yes I should have known it was a British spelling, like centre, fibre, behaviour etc... When they gonna learn some good English ;) David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21156t=20953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PRI to BRI BACKUP [7:21136]
Michael, Per-PRI interface...(controller T1 or maybe E1 command) then set up the framing and linecode, then set up channel-groups with the channel-group command. Tim Booth - Original Message - From: Michael Dungl To: Tim Booth ; Sent: Wednesday, September 26, 2001 9:44 AM Subject: AW: PRI to BRI BACKUP [7:21136] thanks tim, but how it is possible to assign channel-groups ? best regards -Urspr|ngliche Nachricht- Von: Tim Booth [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 26. September 2001 16:17 An: [EMAIL PROTECTED] Betreff: Re: PRI to BRI BACKUP [7:21136] Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21155t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Quick TFTP question [7:21139]
It sends it to wherever you created the default TFTP directory on that server. -Original Message- From: suleman ibrahim aboo [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 10:15 AM To: [EMAIL PROTECTED] Subject: Quick TFTP question [7:21139] I would like to know about the tftp server for back ups- how does the router know the location on the machine used for the storages of images. I know you give the address- ie domain name or IP address but what about the directory? Thanks in advance suleman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21157t=21139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: content service switch 11500? [7:21112]
A couple of solutions off the head include using Stonebeat to cluster the firewalls or reviewing some docs at Cisco's site.. Refer to http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/advcfggd/firewa ll.htm or http://www.cisco.com/warp/public/117/cdn_top_issues/issue_loadbal.html HTH Kelly This would be possible, but the only catch is that you'd have to be running RIP, OSPF, or using static routing (since those are the only routing options with the CSS platform). BJ -Original Message- From: steven [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 3:45 AM To: [EMAIL PROTECTED] Subject: content service switch 11500? [7:21112] i want to use 2 web switches 11500 to load-balance 2 pixs , how could i design it ? Thanks Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21158t=21112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Support 640-506 exam difficulty [7:21060]
the support exam is as hard as your support knowledge is week...( a crsap answer i know).. i spent most of my time supporting networks and i found it quite easy.. you will get lots of question about reading sniffer`s ,,basic fault finding..and so on the lamme series is OK...but i like the support exam cram(it`s all i used to pass and ofcourse the mighty boson) HTH steve From: Tim Booth Reply-To: Tim Booth To: [EMAIL PROTECTED] Subject: CCNP Support 640-506 exam difficulty [7:21060] Date: Tue, 25 Sep 2001 17:07:02 -0400 Hello, I have taken Routing, Switching, and Remote Access. I am wondering about the difficulty level of the Support exam as compared to the others. I feel as though I know most of the material when reading through the Support book (Lammle series). Also, I'd like to know if the CCIE book (Lammle series) is sufficient to pass the CCIE *written* exam. Thanks, Tim Booth _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21160t=21060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PRI to BRI BACKUP [7:21136]
An alternative method... If you configure the PRI using a dialer profile for every remote site and make each Dialer interface the backup route (using floating statics) or backup-interface for the remote sites you can instruct the interface to use a maximum of 2 channels. I'm not going to go into dialer profile config here - it's easy to find on cisco.com but the command you need in the Dialer Interface config is dialer max-calls 2. Alternatively you can configure dialer pool-member # max-link 2 on the physical interface. they do the same job but there are reasons why you may need to use one rather than the other. Have a go at it and let us know if you still have problems. regards Charlie --- Tim Booth wrote: Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21159t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: policy route [7:21044]
i have to diasgreeevery 3 secs a pulse is sent from the active to standby.even if you have a route connected to your standbywhen thestandby gets any routed packets HSRP (which is layer 1/2) will send it to the active master..this wil then route the packets accordingly... i`m told ther is a way around this but you will have to search the archives...it was only a couple of weeks ago Cheers steve From: Jim Bond Reply-To: Jim Bond To: [EMAIL PROTECTED] Subject: RE: policy route [7:21044] Date: Tue, 25 Sep 2001 17:15:07 -0400 I have to disagree. The standby router has static route point to the other side. Once traffic gets to standby, it should route... Jim --- Liang Mark J Civ AFRL/PROI wrote: Standby is stanby, it doesn't do any routing until the active router goes down. Regards, Mark, -Original Message- From: Jim Bond [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 25, 2001 11:52 AM To: [EMAIL PROTECTED] Subject: policy route [7:21044] Hello, I have 2 routers running HSRP in a small office. I want SMTP traffic go through standby router so I configured policy route on active router that all SMTP traffic, send to standby router. But it doesn't work. I'm wondering if policy route will work this way? At active router: interface e0 ip address 10.1.1.2 255.255.255.0 ip policy route-map SMTP standby ip 10.1.1.1 ... route-map SMTP permit 10 match ip address 102 set ip next-hop 10.1.1.3 !standby router ethernet ... access-list 102 permit tcp any any eq 25 Thanks in advance. Jim __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com [EMAIL PROTECTED] __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21161t=21044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3524 - Gigabit Etherchannel [7:21149]
4006 yes, 3500, i doubt it. Dave Provost, Robert wrote: Is Gigabit Etherchannel available on the 3524 and/or 4006? I have some documentation and it only mentions the Catalyst 5000 line. TIA -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21163t=21149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Purchase Routers in Ireland [7:21109]
www.network-sol.com From: Derek Gaff Reply-To: Derek Gaff To: [EMAIL PROTECTED] Subject: Purchase Routers in Ireland [7:21109] Date: Wed, 26 Sep 2001 07:39:35 -0400 Hello all I have being reading the posts that have being posted in this list for the last few weeks. If anybody can help me, I am trying to purchase some secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and Lab. At this time I cannot find anywere that resells secondhand equipment. Does anybody from this part of the world have any ideas. Cheers Derek _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21167t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quick TFTP question [7:21139]
if you have downloaded the cisco tftp server you have the choice to select a local/network drive and folder...# the cisco box just sends itits upto the tftp server to put the file in a directory hth steve From: suleman ibrahim aboo Reply-To: suleman ibrahim aboo To: [EMAIL PROTECTED] Subject: Quick TFTP question [7:21139] Date: Wed, 26 Sep 2001 10:15:25 -0400 I would like to know about the tftp server for back ups- how does the router know the location on the machine used for the storages of images. I know you give the address- ie domain name or IP address but what about the directory? Thanks in advance suleman _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21164t=21139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PRI to BRI BACKUP [7:21136]
Actually it's much simpler than that. You set up your T1 controller, D channel and pool and usernames and passwords for authentication. The remotes simply dial the PRI number when they, preferbly, loose a route. Of coarse there are other more convoluted ways but I like to KISS it. (Keep It Simple Stupid:) username remoteA password letmein ! controller T1 0 framing esf clock source line primary linecode b8zs pri-group timeslots 1-24 interface Serial0:23 ip unnumbered FastEthernet0 no ip directed-broadcast encapsulation ppp no keepalive autodetect encapsulation ppp v120 isdn switch-type primary-5ess isdn incoming-voice modem peer default ip address pool DIALIN no fair-queue compress stac ppp authentication chap pap callin ppp multilink ! ip local pool DIALIN 172.16.200.150 172.16.200.254 Tim Booth wrote: Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21166t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
AW: PRI to BRI BACKUP [7:21136]
thanks a lot! Seems to be working. And now i have to configure on each timeslot the neccessary dialer map. i am right or ? many thanks for you help Michael channel-group 1 timeslots 1-2 ! interface serial 4/1:0 encapsulation ppp dialer map multilink ppp ! Serial0/0:1 is reset, line protocol is down Hardware is DSX1 MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Closed, multilink Closed Closed: CDPCP Last input never, output never, output hang never Last clearing of show interface counters 00:12:59 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 12 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions Timeslot(s) Used:1-2, Transmitter delay is 0 flags -Urspr|ngliche Nachricht- Von: Tim Booth [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 26. September 2001 16:38 An: [EMAIL PROTECTED] Betreff: Re: PRI to BRI BACKUP [7:21136] Michael, Per-PRI interface...(controller T1 or maybe E1 command) then set up the framing and linecode, then set up channel-groups with the channel-group command. Tim Booth - Original Message - From: Michael Dungl To: Tim Booth ; Sent: Wednesday, September 26, 2001 9:44 AM Subject: AW: PRI to BRI BACKUP [7:21136] thanks tim, but how it is possible to assign channel-groups ? best regards -Urspr|ngliche Nachricht- Von: Tim Booth [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 26. September 2001 16:17 An: [EMAIL PROTECTED] Betreff: Re: PRI to BRI BACKUP [7:21136] Michael, You need to configure your PRI interface and I believe create one to many channel-groups on that interface as needed; One for every pair of lines that will run to your remote sites, so say 13 channel-groups. Hope this helps, Tim Booth - Original Message - From: michael To: Sent: Wednesday, September 26, 2001 8:54 AM Subject: PRI to BRI BACKUP [7:21136] Dear all, could somone help me with my following question how to configure ISDN PRI to BRI ? I would like to configure the following szenario: 1 central site : 1x PRI 13 remote site: 1x BRI If our frame goes down or one of the PVC to the remote site i would like to activate ISDN Backup with 128kb from the centrale site to the remote side and the other way arround. But how it is possible to configure the central site using 128kb (2 timeslots) for calling the remote site ? I have got 30B Channels (30 timeslots) on the central side. Please help me best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21165t=21136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which layer do the ospf bgp rip work on [7:20953]
HorrayTally-ho.Chin-chin and all that ..us brits are first at something Marvelous... From: MADMAN Reply-To: MADMAN To: [EMAIL PROTECTED] Subject: Re: which layer do the ospf bgp rip work on [7:20953] Date: Wed, 26 Sep 2001 10:17:16 -0400 Ya that may be been since when has ANSI been the authoritative source for correct spelling, I trust Merriam-Webster more... http://www.m-w.com/cgi-bin/dictionary fibre is a variant of fiber Dave Dr Rita Puzmanova wrote: Keeping myself - hopefully - unbiased in this spelling discussion (not being native English speaker) I would like to point out - FYI - that FIBRE CHANNEL is the ANSI standard?! Rita MADMAN wrote: Ah yes I should have known it was a British spelling, like centre, fibre, behaviour etc... When they gonna learn some good English ;) David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21169t=20953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mac address [7:21170]
Is there any way to config you switch/router to prompt you when a certain Mac address is plugged in or online. Rather than setting the cam table aging to 3 days. -Original Message- From: dragi radovanovic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 10:45 AM To: [EMAIL PROTECTED] Subject: RE: Can I configure 2 leased line for single channel ? [7:21105] If you change the encap to ppp, you can build a multilink bundle, and have a pipe going between you routers. Do search on configuring virtual template on cisco.com Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21170t=21170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3524 - Gigabit Etherchannel [7:21149]
The 3500 does support Gigabit Etherchannel. Follow this link: http://www.cisco.com/warp/public/cc/pd/si/casi/ca3500xl/tech/c3500_wp.htm (watch for word wrap). It's about 4/5 through the document. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 10:21 AM To: [EMAIL PROTECTED] Subject: Re: 3524 - Gigabit Etherchannel [7:21149] 4006 yes, 3500, i doubt it. Dave Provost, Robert wrote: Is Gigabit Etherchannel available on the 3524 and/or 4006? I have some documentation and it only mentions the Catalyst 5000 line. TIA -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21171t=21149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Two more to GO...... [7:21172]
Team, I just passed the Switching testnow to start working on the Remote Access I want to thank first GOD, second every one in this group and third to OLE DREWS JENSEN for a well develop free software(CATALYST 5000 SET-BASED COMMAND TRAINER)...his web site is www.routerchief.com Now for the remote access test which book is recommended(it should help me to learn properly the material and at the same time to prepare me for the CCIE(one day). Which test from Bosson. GOD BLESS AMERICA...STRONGER THAN EVER. JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21172t=21172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Schedule for Lab?? [7:20732]
I believe Cisco is switching their 2 day lab test to one day starting October 1st. Maybe that's why your confirmation is delayed. Good Luck Cheers -Original Message- From: Cisco Nuts [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 6:29 PM To: [EMAIL PROTECTED] Subject: Schedule for Lab?? [7:20732] Hi,How long does it take for one to schedule the Lab after having passed the Written? I passed it more than 2 weeks back and till today I have not received any email from Prometric or Cisco regarding scheduling the lab. I was told 3 days!!Any ideas?Thank you. Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21173t=20732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which layer do the ospf bgp rip work on [7:20953]
Yes of coarse but I was refering to spelling of fiber/fibre etc. not the standards describing there use and it was light hearted, I'm not going to worry about it much... Dave Howard C. Berkowitz wrote: You may trust Merriam-Webster, but if you want to find things in standards documents, I suggest you follow their rules. Ya that may be been since when has ANSI been the authoritative source for correct spelling, I trust Merriam-Webster more... http://www.m-w.com/cgi-bin/dictionary fibre is a variant of fiber Dave Dr Rita Puzmanova wrote: Keeping myself - hopefully - unbiased in this spelling discussion (not being native English speaker) I would like to point out - FYI - that FIBRE CHANNEL is the ANSI standard?! Rita MADMAN wrote: Ah yes I should have known it was a British spelling, like centre, fibre, behaviour etc... When they gonna learn some good English ;) David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21174t=20953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3524 - Gigabit Etherchannel [7:21149]
Thanks Ole for the clarification, I doubt no more :^) Dave Ole Drews Jensen wrote: The 3500 does support Gigabit Etherchannel. Follow this link: http://www.cisco.com/warp/public/cc/pd/si/casi/ca3500xl/tech/c3500_wp.htm (watch for word wrap). It's about 4/5 through the document. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 10:21 AM To: [EMAIL PROTECTED] Subject: Re: 3524 - Gigabit Etherchannel [7:21149] 4006 yes, 3500, i doubt it. Dave Provost, Robert wrote: Is Gigabit Etherchannel available on the 3524 and/or 4006? I have some documentation and it only mentions the Catalyst 5000 line. TIA -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21175t=21149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Other Groups [7:21115]
there are a few others...Brainbuzz actually has quite a few- here are 2 examples Cisco CCNA/CCIE/NP/DA/DP Discussion Board http://boards.brainbuzz.com/boards/vbt.asp?b=78 Cisco Certified Internetworking Expert Board http://boards.brainbuzz.com/boards/vbt.asp?b=716 2 newsgroups (check your newsreader) news:comp.sys.dcom.cisco news:alt.certification.cisco and there is also a CCNA discussion list on www.groupstudy.com -e- - Original Message - From: MJ To: Sent: Wednesday, September 26, 2001 2:53 AM Subject: Other Groups [7:21115] Dear All, This newsgroup has been really helpful and great. Do anyone of you know more groups on Cisco like this ? Mukul _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21162t=21115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Mac address [7:21170]
On a switch you can configure port level security: Dave chris wrote: Is there any way to config you switch/router to prompt you when a certain Mac address is plugged in or online. Rather than setting the cam table aging to 3 days. -Original Message- From: dragi radovanovic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 10:45 AM To: [EMAIL PROTECTED] Subject: RE: Can I configure 2 leased line for single channel ? [7:21105] If you change the encap to ppp, you can build a multilink bundle, and have a pipe going between you routers. Do search on configuring virtual template on cisco.com Dragi -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21176t=21170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fastethernet failover [7:21177]
Hey gang this may sound strange but it was just a thought. I have a 3640 that has two separate Ethernet interfaces. I have one that runs into one of our cats running HSRP. Is there a way to run the second one to the other cat as a fail over path? Can this be done with weights or anything like that? Thanks in advance! Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21177t=21177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet listening port [7:21138]
Fabio, If you want to telnet the router you have to know the dialer ip address (after negotiation). In the following expample you are opening a telnet session to 1660 port: ip nat inside source list # inferface dialer0 overload ip nat inside source static tcp (eth0 ip address) 23 (dialer0 ip address) 1600 extendable This is the configuration I set for Balassone, for troubleshooting purposes, maybe we are talking about the same customer: isn't it? Ciao, Teresa P.S. keep in mind: dialer interface will negotiate a different IP address to the next connection - Original Message - From: FC To: [EMAIL PROTECTED] Sent: Wednesday, September 26, 2001 4:13 PM Subject: Telnet listening port [7:21138] Sorry in advance for the monkey question...I'd like to Pat the 23 port of my Dialer interface (ip negotiated) to the inside lan. I am able to do this, but obviosly I lost the connection with the router from outside. There's a command to change the listening telnet port on the vty lines? I have a 827 with 12.0(3). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21178t=21138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP network design [7:21019]
RIPv1 sends to 255.255.255.255. RIPv2 sends to 224.0.0.9. They both use UDP port 520. Both the source and dest ports are 520. Are you sure static routes wouldn't be the best bet, though? I haven't followed the entire discussion, so if that's off the wall, just ignore it. Priscilla At 09:09 AM 9/26/01, Carroll Kong wrote: Hm. If you are that worried about internal security, you should probably make an ACL that allows only the redistributing router's ip, deny all other udp port 520 reqs (for ripv1, or multicast 224.0.0.5? re-check what it uses). Also, you might need to write some no nat rules to avoid nat. That might be more work than statics. Yes, IPs are spoofable, and so are MAC addresses. If your internal security helps avoid this (easy to do), then an ACL for Rip updates should be fairly secure. At 04:41 AM 9/26/01 -0400, Patrick Donlon wrote: Yes the firewalls are all PIX. For the PIX can I set up the PIX to receive RIP routes redistributed from the EIGRP routers? If so this will save a lot of admin work, but will this be a security risk, ie. someone being able to inject routes into the PIX? regards Carroll Kong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What kind of firewalls? Pix? If so, try RIP v2 with redistribution into your routers. As for discontiguous networks, there are many ways around that, with a different cost associated of course. At 12:52 PM 9/25/01 -0400, Patrick Donlon wrote: Hi everyone I've got a project where I have to design and implement EIGRP in a small to medium sized network of about 50 to 70 routers. One of my main problems is what to do with routing updates at the firewalls at each site, should they be allowed to pass through the firewall or should statics be used either side of the firewalls. Another problem I can see is the routes on the firewalls, is there a way to avoid having to type all those route entries in them, the network has many discontiguous networks. And one last point is the redistribution to the BGP routers at the edge of the network I'm after some tips, experiences and URLs so I can read around the subject myself Regards Pat -Carroll Kong -Carroll Kong Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21180t=21019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21181t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: can you block code red [7:21073]
George, The below URL's might help... How to Filter Code Red on Cisco Cache and Content Engines http://www.cisco.com/warp/public/117/cache_engine/code_red_cache_engine. html Using Network-Based Application Recognition and Access Control Lists for Blocking the Code Red Worm at Network Ingress Points http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml How to protect from the Nimda Virus http://www.cisco.com/warp/public/63/nimda.shtml Cisco Code Red Technical Tips http://www.cisco.com/warp/public/63/codered_index.shtml SAFE Code-Red Attack Mitigation http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/scdam_wp.htm I am sure there are other ways, do a little research at cert.org, and Cisco.com. :) Cheers, Michael Vaughan Senior Network Engineer Predator-Hunter.com Inc. [EMAIL PROTECTED] The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs and comes short again and again, who knows the great enthusiasms, the great devotions, and spends himself in a worthy cause; who at best, knows the triumph of high achievement; and who, at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who know neither victory nor defeat. -Theodore Roosevelt, Citizen in a Republic, April 23, 1910 [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21179t=21073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Lab Info [7:21067] (and more CCIE information) [7:21168]
As a follow up to my previous comments about CCIE lab equipment... Cisco says that yes they will be replacing the Cat 5000's some time in the future and will post a notice beforehand. When that's to occur, I don't think even they know but it's definitely not October 1st. They've also indicated that there will be no PIX on the routing and switching exam. On the security exam -- yes, and that makes sense. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Leigh Anne Chisholm Sent: Tuesday, September 25, 2001 4:32 PM To: [EMAIL PROTECTED] Subject: RE: Cisco Lab Info [7:21067] (and more CCIE information) [7:21078] Interesting. 19. Will I need to prepare any differently for the new format exams? No. Only the format of the exam itself has changed. The knowledge and skills required to pass are the same in the old and new formats. There's no reference to the fact that the equipment list is being revised as was reported earlier by Brad Ellis (http://www.groupstudy.com/archives/cisco/200108/msg03300.html) so I wouldn't necessarily think that you should run out and buy a PIX and try and get some hands-on on a 6509. I've got an email into Cisco asking if the equipment is changing as was rumored. There has been another question circulating around this list--specifically, what happens if you lose your CCIE certification--does your number get released back into the pool or do you get to keep that number if you end up recertifying again. The answer according to the people I've emailed at Cisco is that the number is yours. If you recertify, you get it back. The other question I asked Cisco was about whether you could call yourself a CCIE if you have a status of suspended (your two years has elapsed and you're in the 1 year grace period to complete the recertification exam) or inactive (you've failed to successfully complete the recertification exam). Again, the answer I received was that once you're a CCIE, you're always a CCIE. You must however clarify your status so that you don't mislead anyone. If you're inactive, you must clarify that fact. If you're suspended, likewise. Hope that helps answer all of those CCIE mysteries... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wright, Jeremy Sent: Tuesday, September 25, 2001 3:43 PM To: [EMAIL PROTECTED] Subject: Cisco Lab Info [7:21067] Team, thought you might be interested in some of this info if you weren't already aware... http://www.cisco.com/warp/public/625/ccie/ccie_program/new_format.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21168t=21168 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Schedule for Lab?? [7:20732]
I passed Written last Wednesday and I was able to register this Monday. Perhaps you should check with Cisco. I got a confirm e-mail from this e-mail address ([EMAIL PROTECTED]). Hope it helps. Ed -Original Message- From: George Aslanishvili [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: RE: Schedule for Lab?? [7:20732] I believe Cisco is switching their 2 day lab test to one day starting October 1st. Maybe that's why your confirmation is delayed. Good Luck Cheers -Original Message- From: Cisco Nuts [mailto:[EMAIL PROTECTED]] Sent: Friday, September 21, 2001 6:29 PM To: [EMAIL PROTECTED] Subject: Schedule for Lab?? [7:20732] Hi,How long does it take for one to schedule the Lab after having passed the Written? I passed it more than 2 weeks back and till today I have not received any email from Prometric or Cisco regarding scheduling the lab. I was told 3 days!!Any ideas?Thank you. Get your FREE download of MSN Explorer at http://explorer.msn.com * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21182t=20732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question and also some information too - VoIP [7:21183]
What is the default interval between pings from a 6509 w/msfc? The reason I ask is that I just got an email from a cisco tac dude. We're having issues at one of our sites where we can only ping a Cisco 7960 IP phone 60% of the time. This is true when pings are performed from the core 6509 switch/router. When I goto the access layer device which is just a 6509 with no msfc, the pings are 100% successful. When I ping from the callmanager, 100% replies. The cisco tac guy said that the IP phones will not respond to more than one ping per 10ms for security reasons?. The weird part about this is that the phones that are not working are running a new version of code ( load =P003D310) and the phones that are working are running P003Q301. Therefor, new code = 60% ping, old load = 100% ping. Ping from MSFC = 60%, ping from anywhere else including access switch the phone is connected to or ping from any other pc and it works 100% Can anyone shed some light please? Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21183t=21183 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: policy route [7:21044]
Stephen, Your statement is incorrect. Enabling HSRP on a router does not cause the standby router to send all packets to the primary. The only things that enabling HSRP does is: 1) Enable the primary router to answer arp replies and accept/return packets for the virtual IP address (it does this by creating a virtual MAC to match the virtual IP) 2) Enable a hearbeat signal so that secondaries can takeover for the primary in the event of failure Neither of these things has any effect on the backup HSRP routers ability to forward IP packets as it normally would. You can still use the secondary HSRP router as you normally would by sending packets to its real IP. The secondary routers will forward packets sent to them based on the contents of their routing table, they will not simply send all traffic over to the primary router. I've tested this in real world scenarios before and just re-confirmed it in my lab. -Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stephen Skinner Sent: Wednesday, September 26, 2001 8:12 AM To: [EMAIL PROTECTED] Subject: RE: policy route [7:21044] i have to diasgreeevery 3 secs a pulse is sent from the active to standby.even if you have a route connected to your standbywhen thestandby gets any routed packets HSRP (which is layer 1/2) will send it to the active master..this wil then route the packets accordingly... i`m told ther is a way around this but you will have to search the archives...it was only a couple of weeks ago Cheers steve From: Jim Bond Reply-To: Jim Bond To: [EMAIL PROTECTED] Subject: RE: policy route [7:21044] Date: Tue, 25 Sep 2001 17:15:07 -0400 I have to disagree. The standby router has static route point to the other side. Once traffic gets to standby, it should route... Jim --- Liang Mark J Civ AFRL/PROI wrote: Standby is stanby, it doesn't do any routing until the active router goes down. Regards, Mark, -Original Message- From: Jim Bond [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 25, 2001 11:52 AM To: [EMAIL PROTECTED] Subject: policy route [7:21044] Hello, I have 2 routers running HSRP in a small office. I want SMTP traffic go through standby router so I configured policy route on active router that all SMTP traffic, send to standby router. But it doesn't work. I'm wondering if policy route will work this way? At active router: interface e0 ip address 10.1.1.2 255.255.255.0 ip policy route-map SMTP standby ip 10.1.1.1 ... route-map SMTP permit 10 match ip address 102 set ip next-hop 10.1.1.3 !standby router ethernet ... access-list 102 permit tcp any any eq 25 Thanks in advance. Jim __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com [EMAIL PROTECTED] __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21184t=21044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21185t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need Help on pix [7:21135]
If your saying you can't connect to outside networks from the inside of the PIX, check your 'nat' and 'global' commands. If those look correct, make sure there is no access-list applied on the inside interface and/or check for 'outbound' and 'apply' statements that may be blocking traffic. If you still cannot figure it out, post your sanitized config. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rajeev Karamchand Sent: Wednesday, September 26, 2001 6:54 AM To: [EMAIL PROTECTED] Subject: Need Help on pix [7:21135] Hi all I am facing the a strange problem. All the site were working fine till yesterday. Now I can just ping from outside both with Ip and name. But cannot bring the site from outside with IP number and site name. DNS is working fine. When I move one site out the firewall the site is up and running. Is it the problem of the pix. Any ideas = Rajeev Karamchand MCSE,MCSE+I,MCDBA,CCNA __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21187t=21135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN [7:21120]
The addresses assigned to the VPN client will typically come from a pool of addresses from the inside network. It's also typical to terminate VPN clients on your firewall, so in this case you would terminate them on the PIX. There are examples on Cisco's web site for configuring client to PIX VPN. Just do a search on PIX technical tips and you should find all the info you need. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ramesh c Sent: Wednesday, September 26, 2001 3:26 AM To: [EMAIL PROTECTED] Subject: VPN [7:21120] Hey Guys, My setup as follows Internet -- Router PIX -- Internal network We are using a 192.168.x.x network and using NAT to change to valid ip address.So when I need to setup VPN should I use the 192.168.x.x or the Valid Ip address? My internet router config interface FastEthernet0/0 ip address 192.168.y.x 255.255.255.252 ip nat inside interface Serial0/0 ip address 192.168.x.x 255.255.255.240 More which is advisable.. 1)VPN to router or VPN to PIX ? Pls explain in detail... Make a difference, help support the relief efforts in the U.S. http://clubs.lycos.com/live/events/september11.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21186t=21120 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NT Users cannot logon [7:21130]
Sounds like a name resolution issue. (Netbios name resolution, not DNS) Do you have a WINS server? You typically will need a WINS server for Netbios name resolution across subnets. (and hence logon capability) HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Santosh Koshy Sent: Wednesday, September 26, 2001 6:07 AM To: [EMAIL PROTECTED] Subject: NT Users cannot logon [7:21130] All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21188t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21189t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NT Users cannot logon [7:21130]
Try this: 1) Can you ping server on subnet A by it's name from a workstation on subnet B? Example: ping acct_svr_1 2) Do you have any access lists on the router? If you do, try to disable them 3) Can you from the workstation click Start - Find and find the server by its IP address? Let me know, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Santosh Koshy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:07 AM To: [EMAIL PROTECTED] Subject: NT Users cannot logon [7:21130] All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21190t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21191t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NT Users cannot logon [7:21130]
More... If you can ping a server by its IP address but not its name, try to add it in the workstations hosts file. The hosts file is in C:\windows on 95 an 98 computers, but I can't remember where it is on NT/2000 computers. It might not even be there, so search for hosts.sam which is a sample file. If you in the same folder can see hosts (without any extension) edit it, else create it. Add the following line to it and save it: 192.168.1.19 Acct_Svr_1 #pre #dom:JoesShoeShop where 192.168.1.19is the IP Acct_Svr_1 is the server name JoesShoeShopis the domain name See if it works now. If that helps, you are not getting any name resolution from neither WINS nor DNS. Let me know, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Santosh Koshy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:07 AM To: [EMAIL PROTECTED] Subject: NT Users cannot logon [7:21130] All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21192t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Equipment [7:21127]
Derek, Hi! We ship second hand hardware worldwide. Is there something in particular you are looking for? If so, please email me offline. We've helped quite a few groupstudy students get great hardware at great prices! :) thanks, -Brad Ellis CCIE#5796 Network Learning Inc [EMAIL PROTECTED] used Cisco: www.optsys.net Derek Gaff wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all I have being reading the posts that have being posted in this list for the last few weeks. If anybody can help me, I am trying to purchase some secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and Lab. At this time I cannot find anywere that resells secondhand equipment. Does anybody from this part of the world have any ideas. Cheers Derek Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21193t=21127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
whats the difference [7:21195]
im currently studying for the ccie written and dont know which one will help me along with the books i have already purchased. there are several and was wondering which one have people used before CCIE Qualification Exam Workbook Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21195t=21195 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Right on Dave! And on top of that don't forget your global config: dhcp exclude-address 2.2.2.1 2.2.2.15 (if you need some static addresses). -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 1:47 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21194t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Hey Dave, forgot 1 line: ip dhcp excluded-address 10.0.0.1 Thanks Buddy! ;^) -Eric -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 1:47 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21197t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NT Users cannot logon [7:21130]
this syntax is for the lmhosts file, instead of the hosts file. the hosts file is just like in unix, a local static mapping of hostnames to ip addresses so the domain info doesn't apply. lmhosts is what you want to give a windows machine a local mapping of computernames for domain controllers, domains etc... on my w2k system it's located in c:\winnt\system32\drivers\etc dave h -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 3:08 PM To: [EMAIL PROTECTED] Subject: RE: NT Users cannot logon [7:21130] More... If you can ping a server by its IP address but not its name, try to add it in the workstations hosts file. The hosts file is in C:\windows on 95 an 98 computers, but I can't remember where it is on NT/2000 computers. It might not even be there, so search for hosts.sam which is a sample file. If you in the same folder can see hosts (without any extension) edit it, else create it. Add the following line to it and save it: 192.168.1.19 Acct_Svr_1 #pre #dom:JoesShoeShop where 192.168.1.19is the IP Acct_Svr_1 is the server name JoesShoeShopis the domain name See if it works now. If that helps, you are not getting any name resolution from neither WINS nor DNS. Let me know, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Santosh Koshy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:07 AM To: [EMAIL PROTECTED] Subject: NT Users cannot logon [7:21130] All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21196t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
OK, I'm starting to see where the confusion is coming from. The ip dhcp-server command can be used on dial-up PPP links. It specifies the IP address of a DHCP server for the PPP client to use. It was almost impossible to find in the documentation. Most of the ip dhcp commands relate to telling your router to be a DHCP server, which is a completely different solution, of course. Are you using PPP, Khramov? The general-purpose way to tell your router the address of your DHCP server is the ip helper-address command. Priscilla At 01:54 PM 9/26/01, Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21199t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need Help on pix [7:21135]
You said everything was working fine. What changed? From: Rajeev Karamchand Reply-To: Rajeev Karamchand To: [EMAIL PROTECTED] Subject: Need Help on pix [7:21135] Date: Wed, 26 Sep 2001 09:53:49 -0400 Hi all I am facing the a strange problem. All the site were working fine till yesterday. Now I can just ping from outside both with Ip and name. But cannot bring the site from outside with IP number and site name. DNS is working fine. When I move one site out the firewall the site is up and running. Is it the problem of the pix. Any ideas = Rajeev Karamchand MCSE,MCSE+I,MCDBA,CCNA __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21198t=21135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID 3.0 Exam [7:21200]
Hi All, I would appreciate any suggestions/tips on CID 3.0 exam. I will be taking the exam next week and am using mainly the CCO for preparation. Any input would be highly appreciated. Regards, Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21200t=21200 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: whats the difference [7:21195]
My recommendation for a primary study source for CCIE written would be the Caslow book. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21201t=21195 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Their must be more than one way to foreword DHCP requests. Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr _c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21202t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Aironet vs Lucent ORiNOCO [7:20954]
We {USCG} use the 350s to provide connectivities to the Boats in the NY harbor. Its a great solution if your standing still but watch out if you rock.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allen May Sent: Tuesday, September 25, 2001 12:12 PM To: [EMAIL PROTECTED] Subject: Re: Cisco Aironet vs Lucent ORiNOCO [7:20954] rofl...my badI thought it said Arrowpoint...not Aironet. *slap self* - Original Message - From: Murphy, Brian J SITI-ISET-31 To: 'Allen May' ; Sent: Tuesday, September 25, 2001 10:43 AM Subject: RE: Cisco Aironet vs Lucent ORiNOCO [7:20954] Iassumes he means driver support... This is the list from linux 2.4.10 [*] Wireless LAN (non-hamradio) x x STRIP (Metricom starmode radio IP) (NEW)x x ATT WaveLAN DEC RoamAbout DS support (NEW) x x Aironet Arlan 655 IC2200 DS support (NEW) x x Aironet 4500/4800 series adapters (NEW) x x Cisco/Aironet 34X/35X/4500/4800 ISA and PCI cards (NEW) -Original Message- From: Allen May [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 25, 2001 5:43 PM To: [EMAIL PROTECTED] Subject: Re: Cisco Aironet vs Lucent ORiNOCO [7:20954] It works via IP addresses...so yes. - Original Message - From: Steiven Poh-(Jaring MailBox) To: Sent: Tuesday, September 25, 2001 9:03 AM Subject: Re: Cisco Aironet vs Lucent ORiNOCO [7:20954] Is both work with Linux OS? Steiven - Original Message - From: netman To: Sent: Tuesday, September 25, 2001 8:21 PM Subject: Re: Cisco Aironet vs Lucent ORiNOCO [7:20954] I don't know about the Lucent stuff, but I installed some Cisco Aironet 340 series equipment last summer (99), and I have not had one trouble call at all. These are used constantly for classes and haven't had one probem. In fact I almost forgot we had them installed. You can't beat that :-) Donman - Original Message - From: Steiven Poh-(Jaring MailBox) To: Sent: Monday, September 24, 2001 9:25 PM Subject: Cisco Aironet vs Lucent ORiNOCO [7:20954] Hello Folks, Any one got idea about above comparison? Rgds, Steiven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21204t=20954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Aironet 350 authenication using RADIUS [7:20974]
we are using the cisco radius server its extremely simple to setup. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of dovelet Sent: Tuesday, September 25, 2001 6:54 AM To: [EMAIL PROTECTED] Subject: Aironet 350 authenication using RADIUS [7:20974] Hi all, Our company just wants to implement wireless LAN and we will go for Cisco Aironet 350. In authenication, the Cisco guy told us that we need to use their ACS RADIUS server. My question is: can I use another RADIUS server for it? What is the requirement? Can anyone suggest a RADIUS server to me? Thanks a lot. Dovelet Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21205t=20974 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT pool timeout [7:21206]
Hi, I am running out of addresses in nat pool. I understand that after certain time period of inactivity addresses are timed out and return to the pool. I would like to know, what is the default timeout for inactive addresses in pool and how to reduce/manage timeout after a certain period of inactivity. I researched CCO but things are not clear!!. Any comments are appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21206t=21206 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Priscilla, I think that you are right about the ip dhcp-server command. I looked it up on Cisco's web site. It seems that it can be used only with dial up to tell the client where dhcp server is. Priscilla Oppenheimer wrote: Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications
RE: DHCP [7:21051]
Try this again. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial _r/drdreip.htm#xtocid1564817 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:40 PM To: [EMAIL PROTECTED] Subject: RE: DHCP [7:21051] Their must be more than one way to foreword DHCP requests. Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr _c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at:
RE: NT Users cannot logon [7:21130]
You can put it in your hosts file too - try it if you do not believe me. It also depends on what mode it's setup to use. Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Hennen, David [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:26 PM To: [EMAIL PROTECTED] Subject: RE: NT Users cannot logon [7:21130] this syntax is for the lmhosts file, instead of the hosts file. the hosts file is just like in unix, a local static mapping of hostnames to ip addresses so the domain info doesn't apply. lmhosts is what you want to give a windows machine a local mapping of computernames for domain controllers, domains etc... on my w2k system it's located in c:\winnt\system32\drivers\etc dave h -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 3:08 PM To: [EMAIL PROTECTED] Subject: RE: NT Users cannot logon [7:21130] More... If you can ping a server by its IP address but not its name, try to add it in the workstations hosts file. The hosts file is in C:\windows on 95 an 98 computers, but I can't remember where it is on NT/2000 computers. It might not even be there, so search for hosts.sam which is a sample file. If you in the same folder can see hosts (without any extension) edit it, else create it. Add the following line to it and save it: 192.168.1.19 Acct_Svr_1 #pre #dom:JoesShoeShop where 192.168.1.19is the IP Acct_Svr_1 is the server name JoesShoeShopis the domain name See if it works now. If that helps, you are not getting any name resolution from neither WINS nor DNS. Let me know, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Santosh Koshy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:07 AM To: [EMAIL PROTECTED] Subject: NT Users cannot logon [7:21130] All, we have a situation where the users and the nt servers are on different subnets divided by a L3 router that switches / routes information between them. Everything seems to work perfectly fine. The user gets an IP address via DHCP, he can ping and trace everywhere, as well as browse the web. Although all this is happenning, the user cannot logon to the NT server (v4). All workstations, servers and routers are running only IP. Netbios is encapsulated within IP. Thanks, Santosh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21209t=21130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Way OT but pretty funny.... [7:21210]
Sorry, this really struck me as funny and I didn't have anyone else to share it with.I'm hoping that this--while not hilarious--will give someone a few laughs. The humor should be apparent. http://accessories.us.dell.com/sna/productdetail.asp?Sku=97580customer_id=19spagenum=5page=dellitems.aspicompatid=108891docid=6158 Long link, sorry Regards, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21210t=21210 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]