Re: Analog and Digital Calls on 2610 [7:23101]
nobody to answer my query Swapnil Jain Swapnil Jain wrote in message news:[EMAIL PROTECTED]... Dear Friends, I am already using 2610 with PRI NM as a ISDN Access Server. I also want to use it as a Access Server for PSTN analog dialup lines. Can i do this by replacing PRI line with E1 R2 line. or what else i have to do Warm Regards Swapnil Jain Project Consultant Digitec Engineers Computech Pvt Ltd Ph: +91-731-533455 / 268851 Fax: +91-731-435701 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23865t=23101 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
snmp question [7:23866]
Hi to the group I woul like to know which are the limmitations of SNMP regarding the real management of a cisco device using this protocol (be it a Catalyst or a Router), and where I can find some documentation regarding that. Thanks in advance CiscoMan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23866t=23866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Virtual Link Authentication [7:23867]
Not sure if you received any possible issues other than the whitespace. But another common error...there are NO interface commands required for the interfaces into the transit area. The authentication commands are placed at the end of the area x virtual-link command under the ospf process. For instance: Ra-area0-Rb-area1-Rc-area2--Rd If area0 requires authentication, the only commands required to authenticate on the virtual-link transiting area1 are: Rc# router ospf 1 area 1 virtual-link [Rb rtr id] authenticatio-key cisco area 0 authentication AND of course the same commands on the ospf process of Rb also. This example was plain text but the question mark will help get you the md5 commands. The way I remember it...this virtual link IS my interface into the backbone so I ONLY need to configure there. Hope this helps, aloha, Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, October 21, 2001 6:54 PM To: [EMAIL PROTECTED] Subject: OSPF Virtual Link Authentication I was working on Fatkid 401 OSPF lab tonight and I could never get the virtual link authentication to work correctly. No matter what I did, I would get errors stating I had a mismatched authentication key. Well, the key was cisco so that's not too hard to type in correctly. Still, I played with the configs on the two relevant routers and I rebooted them several times, all to no avail. I even changed the authentication type to md5 and got the same message. Very weird. I thought at one point this was an IOS issue because one router was running 11.2(7) and the other 11.2(25a). I upgraded the first one to 11.2(25a) and I still see the same error. I peeked at the solution and saw that I had it configured exactly how they suggested. Then I checked CCO and saw that they suggest the same configuration. Do any of you have any tips for configuring virtual link authentication? This seems to be a pretty simple config and I don't see what I'm missing. Thanks, John ___ http://inbox.excite.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23867t=23867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bad mask /27 [7:23844]
.128 is the network address. First usable address is .129. Range is .129-.158. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of JimYam Sent: Monday, October 22, 2001 9:04 PM To: [EMAIL PROTECTED] Subject: Bad mask /27 [7:23844] I have a Cat 2900XL. If I confg ip add 10.86.115.128 255.255.255.224 on VLAN 1, I will get an error of Bad mask /27 for address 10.86.115.128 Have you encountered this problem and how can I fix it? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23868t=23844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How can it be done? Help [7:23842]
How can they advertise our ip as we have only one BGP peer connection? Best regards, Calvin Calvin Sung wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear all, I am not sure if it work or not. I go through the study material of BGP but I haven't heard of this kind of solution. Would you comment on it? I got a vendor purposing a solution for load balancing internet traffic. Here are the details. We got 2 internet providers. One of them is specialized in Asia regions. We will has eBGP with the specialized provider (BGP with one provider only!). And they will set the if the metric is lower than a threshold, it will use a default route to a general provider. Best regards, Calvin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23869t=23842 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
UDP errors on WAN link [7:23870]
We are using ATM over microwave with E3 link, the link utilization is about 20%, I am not able to use TFTP across the link, after checking I found many UDP errors on the LS1010 device that has the E3 port. how can I check where the problem is? Thanks Osama Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23870t=23870 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP guide [7:23875]
I've pass my CCNA weeks ago, and intended to proceed to next level which is CCNP .Any publisher is mostly recommended for CCNP tracks? Thks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23875t=23875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Securing passwords [7:23876]
Would anyone know how to secure or encrypt passwords on a router/switch that cannot be easily cracked by freeware software? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23876t=23876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Postings [7:23879]
I have been posting and they are not showing up. What is the problem. Mark Bramblett CCNP + Voice Access Specialist, MCSE Sprint NTE Work 703-689-6419 Home 703-729-2791 Cell 703-598-6747 _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23879t=23879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Securing passwords [7:23876]
Use the command service password encryption. Although the type 5 encrypted passwords are not difficult to crack the type 7 are. -- -=Repy to group only... no personal=- wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Would anyone know how to secure or encrypt passwords on a router/switch that cannot be easily cracked by freeware software? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23881t=23876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Flash on a 4500?? [7:23862]
Hello Group,I have a 4500 that I need to upgrade but am not sure how much flash this router has. Here is the output from the sh ver command:cisco 4500 (R4K) processor (revision 0x00) with 32768K/16384K bytes of memo!! output omitted 8192K bytes of processor board System flash (Read/Write) 8M flash for IOS 4096K bytes of processor board Boot flash (Read/Write)Does this mean that the router has 12mb of flash then? Can I upgrade to the 12.1.9 ver. of th instead of boot ROM, the 4x00's use boot flash. it's not the active IOS, so you don't add the two flash areas together. IOS? Please advise.Thank youKind regards. Get your FREE download of MSN Explorer at http://explorer.msn.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23880t=23862 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: snmp question [7:23866]
Go to www.google.com and search for snmp and you'll find all the documentation you need. Also this link might be helpful... http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm -- -=Repy to group only... no personal=- Ciscoman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi to the group I woul like to know which are the limmitations of SNMP regarding the real management of a cisco device using this protocol (be it a Catalyst or a Router), and where I can find some documentation regarding that. Thanks in advance CiscoMan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23882t=23866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CertificationZone OSPF I white paper ? [7:23885]
Just finished reading this white paper by Howard and have the following points to raise. Page 8 (A4 wise) last line states : OSPF does not use a transport protocol like UDP or TCP, but runs directly over the Data Link Layer. This looks like a typo as it runs over IP on port 89. Page 13 presents a table of LSA's type and purpose. Type 2 (network) states that this LSA can be generated by any router. With reference to Doyle, Caslow and RFC 1247 it appears that this LSA can only be generated by the DR for multi-access networks. I appear to have confirmed this also in my lab. Referring to the same table : Type 4 (ABR) states that the contents route to 'Area Border Router' whereas Caslow and RFC 1247 states that they route to AS Boundary routers. Phil. Nokia Game is on again. Go to http://uk.yahoo.com/nokiagame/ and join the new all media adventure before November 3rd. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23885t=23885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: snmp question [7:23866]
Try the links below as a starting point, there is actually very little you can't do with SNMP. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm http://www.cisco.com/warp/public/477/SNMP/snmp_faq.html -Original Message- From: Ciscoman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 2:58 AM To: [EMAIL PROTECTED] Subject: snmp question [7:23866] Hi to the group I woul like to know which are the limmitations of SNMP regarding the real management of a cisco device using this protocol (be it a Catalyst or a Router), and where I can find some documentation regarding that. Thanks in advance CiscoMan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23886t=23866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Securing passwords [7:23876]
1) make the password long, at least 8 character, with alpha numeric, 2) Use TACACS server. Also, lock down this TACACS server. Don't run the tacacs as root. Furthermore, DO NOT RUN TACACS ON MICROSOFT WINDOWS PLATFORMS. FreeBSD or NetBSD is a very good choice, 3) Make users who log onto routers and switches authenticate, authorize via TACACS. Moreover, use AAA accounting to log all activities on routers and switches. 4)Turn off telnet on routers and switches (transport input ssh) and only allow SSH From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Securing passwords [7:23876] Date: Tue, 23 Oct 2001 08:55:27 -0400 Would anyone know how to secure or encrypt passwords on a router/switch that cannot be easily cracked by freeware software? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23884t=23876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Domain for Sale [7:23887]
Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23887t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: snmp question [7:23889]
Sorry but I am asking you about opperations usualy performed using CLI. I know what means SNMP. My seraching proceas reveal I can do: -upload, download configs -upload download images, -restart routers Anything else ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23889t=23889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Virtual Link Authentication [7:23867]
Thanks. I was configuring it as you suggest. I played around with this more last night and I never got it to work. It's frustrating because it seems so simple, yet I must be missing something that's right under my nose. I had some problems with lab equipment last night that I finally resolved. So, tonight I'll rebuild everything from scratch and see if I can make it work. John Frank B 10/23/01 1:10:15 AM Not sure if you received any possible issues other than the whitespace. But another common error...there are NO interface commands required for the interfaces into the transit area. The authentication commands are placed at the end of the area x virtual-link command under the ospf process. For instance: Ra-area0-Rb-area1-Rc-area2--Rd If area0 requires authentication, the only commands required to authenticate on the virtual-link transiting area1 are: Rc# router ospf 1 area 1 virtual-link [Rb rtr id] authenticatio-key cisco area 0 authentication AND of course the same commands on the ospf process of Rb also. This example was plain text but the question mark will help get you the md5 commands. The way I remember it...this virtual link IS my interface into the backbone so I ONLY need to configure there. Hope this helps, aloha, Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, October 21, 2001 6:54 PM To: [EMAIL PROTECTED] Subject: OSPF Virtual Link Authentication I was working on Fatkid 401 OSPF lab tonight and I could never get the virtual link authentication to work correctly. No matter what I did, I would get errors stating I had a mismatched authentication key. Well, the key was cisco so that's not too hard to type in correctly. Still, I played with the configs on the two relevant routers and I rebooted them several times, all to no avail. I even changed the authentication type to md5 and got the same message. Very weird. I thought at one point this was an IOS issue because one router was running 11.2(7) and the other 11.2(25a). I upgraded the first one to 11.2(25a) and I still see the same error. I peeked at the solution and saw that I had it configured exactly how they suggested. Then I checked CCO and saw that they suggest the same configuration. Do any of you have any tips for configuring virtual link authentication? This seems to be a pretty simple config and I don't see what I'm missing. Thanks, John ___ http://inbox.excite.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23891t=23867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Partner Specilization [7:23890]
Hi! The company I work for is a cisco premium partner. As I have understood it to keep the partner status the company will have to specialize (take a couple of online courses and a test) to keep the partnerstatus. So we choose wireless specialization.. My question is if anyone has taken the test yet, and if so.. how was it compared to the online courses? best regards Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23890t=23890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switching exam question [7:23497]
I was hoping nobody would answer. ;-) Because actually I don't like my answer. It should read, A hierarchical network design MAY already be a tree! It wouldn't necessarily be a tree. Priscilla At 11:31 PM 10/22/01, Jonathan Hays wrote: Good point. Although I did not originate this thread, a hearty thanks to all posters!! I learned something here... Priscilla Oppenheimer wrote: That makes sense. A hierarchical network design is already a tree! Thanks. Priscilla At 10:55 PM 10/19/01, Leigh Anne Chisholm wrote: Actually, Cisco teaches that in certain circumstances in the Core, you want to disable Spanning Tree Protocol (STP). I don't have the courseware with me at the moment, but I guess the thinking is that with Core layer devices, you don't run anything extraneous that takes away from the primary role of high-speed packet switching. STP is considered extraneous when it's not required. Instead of me posting from Cisco's course material once I'm at home, why not search Cisco for this information... if you're interested in knowing more. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jonathan Hays Sent: Friday, October 19, 2001 2:20 PM To: [EMAIL PROTECTED] Subject: Re: Switching exam question [7:23497] Yes. For the server to have a fully redundant connection it must have a second NIC to another switch and failover software in place. However, you are mistaken that anyone would normally disable STP on any trunk port, regardless of whether the switch is in the Core, Distribution, or Access layer. Piatnitchi Cristian wrote: Please see this link http://www.geocities.com/cristi_piatnitchi/ This is picture from the Cisco site. Could you explain me how the redundacy is achieved for the server present on this scheme ? In my opinion if there is no STP in the L2 core and nor a second connection from the server to the other switch cb there is no protection against of a failure of switch ca. So I consider is useless to have redundancy in the access and distribution layers. Am I wrong ? If yes why ? Thanks in advance Cristian Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23843t=23497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: help with troubleshooting Cisco VPN connection [7:23695]
Looks like you have the NAT 0 in place. I'm wondering about the IP Pool. I see your access-list 101 allows 172.16.1.0 to 172.16.2.0, both subnetted to /24. I wonder if maybe the PIX is looking at the IP Pool as a Class B address since you cannot specify the mask in the IP Pool statement? If so, would it work to do an access-list like: Access-list 101 permit ip 172.16.0.0 255.255.0.0 172.16.0.0 Just a guess. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Anh Lam Sent: Sunday, October 21, 2001 4:01 PM To: [EMAIL PROTECTED] Subject:help with troubleshooting Cisco VPN connection in [7:23695] Can someone in this group help me with this problem? I am trying to setup VPN connections for remote users (people who use laptops on the road or when people to who are on their own corporate network) to connect to my home network using IPSec. I am using a PIX515-UR Firewall at my home network. The external IP address (outside) of the PIX is 66.61.46.240 while the internal IP address (inside) of the PIX is 172.16.1.254. On the PIX, I also setup an IP pool so that the PIX will assign IP address to remote clients when they connect to my home network. This ip pool has ip range of 172.16.2.1-172.16.2.254. On the clients side, everyone is running Cisco VPN client software version 3.0.6.rel2-k9 which I download from Cisco website. The clients are running either WinNT 4.0 workstation, or Win2k Professional or RedHat Linux 7.1 with kernel 2.4.10. When a client attempts to make a VPN connection to the PIX (66.61.46.240), the connection is successfully and the client is also assigned an IP address of 172.16.2.1. So what is the problem you ask? Well, even though the client is successfully authenticated to my home network, he/she can NOT ping any of the devices in the 172.16.1.0/24 network. From the client, I can see the packet gets encrypted before sending out but nothing coming back (the counter on the packet decrypted on the client is zero). Rebooting the PIX several times didnot resolve the situation either. At this point, I decided to replace the PIX515 with a PIX520 with the exact configuration. With the PIX520, everything WORKS. Client can access devices on the 172.16.1.0/24 network. I am running the same PIX IOS code on both the 515 and 520. Am I missing something in the PIX515? I thought since I am running the Un-Restricted(UR) license, VPN is supported. Below is the configuration of the PIX515. Please help. Thanks. Anh ciscopix#sh ver Cisco PIX Firewall Version 6.1(1) Cisco PIX Device Manager Version 1.0(2) Compiled on Tue 11-Sep-01 07:45 by morlee ciscopix up 9 hours 37 mins Hardware: PIX-515, 96 MB RAM, CPU Pentium 200 MHz Flash i28F640J5 @ 0x300, 16MB BIOS Flash AT29C257 @ 0xfffd8000, 32KB 0: ethernet0: address is 0050.54ff.7a24, irq 10 1: ethernet1: address is 0050.54ff.7a25, irq 7 2: ethernet2: address is 00aa.00bc.ba87, irq 11 Licensed Features: Failover: Enabled VPN-DES:Enabled VPN-3DES: Disabled Maximum Interfaces: 6 Cut-through Proxy: Enabled Guards: Enabled Websense: Enabled Inside Hosts: Unlimited Throughput: Unlimited ISAKMP peers: Unlimited ciscopix# wr t Building configuration... : Saved : PIX Version 6.1(1) nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security99 enable password xxx encrypted passwd x encrypted hostname ciscopix domain-name micronet.com fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 no names access-list 101 permit ip 172.16.1.0 255.255.255.0 172.16.2.0 255.255.255.0 access-list 101 permit ip host 66.61.46.240 172.16.2.0 255.255.255.0 access-list 80 permit ip 172.16.1.0 255.255.255.0 172.16.2.0 255.255.255.0 pager lines 24 interface ethernet0 auto interface ethernet1 auto interface ethernet2 100full shutdown mtu outside 1500 mtu inside 1500 mtu dmz 1500 ip address outside 66.61.46.240 255.255.248.0 ip address inside 172.16.1.254 255.255.255.0 ip address dmz 127.0.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool ippool 172.16.2.1-172.16.2.254 no failover failover timeout 0:00:00 failover poll 15 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 failover ip address dmz 0.0.0.0 pdm location 164.109.0.0 255.255.0.0 outside pdm location 172.16.1.0 255.255.255.0 inside pdm history enable arp timeout 14400 nat (inside) 0 access-list 101 conduit permit ip any any route outside 0.0.0.0 0.0.0.0 66.61.40.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius http 172.16.1.0 255.255.255.0 inside
Re: help with troubleshooting Cisco VPN connection [7:23695]
Chris, I don't know how long you have been working with PIX but on the VPN client, the client will get an IP between 172.16.2.1 and 172.16.2.254. The access-list will make the necessary connectivity to 172.16.1.0/24 network. If you've read this post from start to finish, you would know that the exact configuration works on the PIX520 but not the PIX515. Even Cisco TAC guy is also scratching his head over this. From: chris Reply-To: chris To: [EMAIL PROTECTED] Subject: Re: help with troubleshooting Cisco VPN connection [7:23695] Date: Mon, 22 Oct 2001 23:35:41 -0400 In your config below the vpn client is being assigned an address that is on a different subnet than the inside interface of the pix and there is no sign of a router on that subnet (no default inside route to a router). BTW, you may want to get rid of the conduit permit any any! Chris Anh Lam wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can someone in this group help me with this problem? I am trying to setup VPN connections for remote users (people who use laptops on the road or when people to who are on their own corporate network) to connect to my home network using IPSec. I am using a PIX515-UR Firewall at my home network. The external IP address (outside) of the PIX is 66.61.46.240 while the internal IP address (inside) of the PIX is 172.16.1.254. On the PIX, I also setup an IP pool so that the PIX will assign IP address to remote clients when they connect to my home network. This ip pool has ip range of 172.16.2.1-172.16.2.254. On the clients side, everyone is running Cisco VPN client software version 3.0.6.rel2-k9 which I download from Cisco website. The clients are running either WinNT 4.0 workstation, or Win2k Professional or RedHat Linux 7.1 with kernel 2.4.10. When a client attempts to make a VPN connection to the PIX (66.61.46.240), the connection is successfully and the client is also assigned an IP address of 172.16.2.1. So what is the problem you ask? Well, even though the client is successfully authenticated to my home network, he/she can NOT ping any of the devices in the 172.16.1.0/24 network. From the client, I can see the packet gets encrypted before sending out but nothing coming back (the counter on the packet decrypted on the client is zero). Rebooting the PIX several times didnot resolve the situation either. At this point, I decided to replace the PIX515 with a PIX520 with the exact configuration. With the PIX520, everything WORKS. Client can access devices on the 172.16.1.0/24 network. I am running the same PIX IOS code on both the 515 and 520. Am I missing something in the PIX515? I thought since I am running the Un-Restricted(UR) license, VPN is supported. Below is the configuration of the PIX515. Please help. Thanks. Anh ciscopix#sh ver Cisco PIX Firewall Version 6.1(1) Cisco PIX Device Manager Version 1.0(2) Compiled on Tue 11-Sep-01 07:45 by morlee ciscopix up 9 hours 37 mins Hardware: PIX-515, 96 MB RAM, CPU Pentium 200 MHz Flash i28F640J5 @ 0x300, 16MB BIOS Flash AT29C257 @ 0xfffd8000, 32KB 0: ethernet0: address is 0050.54ff.7a24, irq 10 1: ethernet1: address is 0050.54ff.7a25, irq 7 2: ethernet2: address is 00aa.00bc.ba87, irq 11 Licensed Features: Failover: Enabled VPN-DES:Enabled VPN-3DES: Disabled Maximum Interfaces: 6 Cut-through Proxy: Enabled Guards: Enabled Websense: Enabled Inside Hosts: Unlimited Throughput: Unlimited ISAKMP peers: Unlimited ciscopix# wr t Building configuration... : Saved : PIX Version 6.1(1) nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security99 enable password xxx encrypted passwd x encrypted hostname ciscopix domain-name micronet.com fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 no names access-list 101 permit ip 172.16.1.0 255.255.255.0 172.16.2.0 255.255.255.0 access-list 101 permit ip host 66.61.46.240 172.16.2.0 255.255.255.0 access-list 80 permit ip 172.16.1.0 255.255.255.0 172.16.2.0 255.255.255.0 pager lines 24 interface ethernet0 auto interface ethernet1 auto interface ethernet2 100full shutdown mtu outside 1500 mtu inside 1500 mtu dmz 1500 ip address outside 66.61.46.240 255.255.248.0 ip address inside 172.16.1.254 255.255.255.0 ip address dmz 127.0.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool ippool 172.16.2.1-172.16.2.254 no failover failover timeout 0:00:00 failover poll 15 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 failover ip address dmz 0.0.0.0 pdm
Re: Bad mask /27 [7:23844]
have you entered the comand ip classless At 00:03 23-10-01 -0400, JimYam wrote: I have a Cat 2900XL. If I confg ip add 10.86.115.128 255.255.255.224 on VLAN 1, I will get an error of Bad mask /27 for address 10.86.115.128 Have you encountered this problem and how can I fix it? Thanks. D'Wayne Saunders Network Administrator Ph:08 89507742 Fax:08 89521112 Mobile: 0412 832322 www.lasseters.com.au World's First Government Licensed and Regulated Online Casino... *** This email message (and attachments) may contain information that is confidential to Lasseters Online. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Lasseters Online are neither given nor endorsed by it. *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23859t=23844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SPF timer in OSPF [7:23834]
timers spf spf-delay spf-holdtime spf-delay: Delay time (in seconds) between when OSPF receives a topology change and when it starts an SPF calculation. Default 5 seconds. spf-holdtime : Minimum time (in seconds) between two consecutive SPF calculations. The timers are used to reduce SPF calculations therefore increase stability. CCIE Study Professional Checklist http://www.geocities.com/berdde/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of malay patel Sent: Tuesday, October 23, 2001 10:24 AM To: [EMAIL PROTECTED] Subject: Re: SPF timer in OSPF [7:23834] FYI, I belive, SPF algorithms calculates new routing table when ever there are changes. Malay Patel --- Jerry Seven wrote: Hi, In OSPF, is SPF algorithms running periodically or just invoked when route change happens? If the first one is true, what's the command to change it? I saw timer spf in CCO, but seems for other purpose. Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com [EMAIL PROTECTED] __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23883t=23834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Route Reflectors and Peer Groups [7:23725]
Thank you for the explanation, that helps a lot. -Original Message- From: JffryH(Yahoo) [mailto:[EMAIL PROTECTED]] Sent: Monday, October 22, 2001 11:35 PM To: [EMAIL PROTECTED] Subject: RE: Route Reflectors and Peer Groups [7:23725] 1. You don't need to worry about this issue after IOS 12.0. Some version of 11.3 also support that and Also have no such problem. Just discard all the restriction and you will be OK. http://www.cisco.com/warp/public/459/29.html 2. The restriction is now a history. If you want to know: it is because that BGP implement poison reverse mechanism to prevent route feedback. That it, when a router learn route from neighbor A, it will send withdraw to neighbor A. This ensure A will not learn route back from our router. But when configured with beer-group, all outbound updates are built once. So our router will also withdraw the route from other neighbor in the same peer-group, like neighbor B. If so, B will have no route because it was withdrawn. Newer version of IOS is clever enough to detect that and keep them from happening. CCIE Study Professional Checklist http://www.geocities.com/berdde/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Lupi, Guy Sent: Monday, October 22, 2001 8:43 AM To: [EMAIL PROTECTED] Subject: Route Reflectors and Peer Groups [7:23725] Below is an excerpt from a Cisco case study on multiple route reflectors withing a cluster: An important thing to note, is that peer-groups were not used in the above configuration. If the clients inside a cluster do not have direct IBGP peers among one another and they exchange updates through the RR, peer-goups should not be used. If peer groups were to be configured, then a potential withdrawal to the source of a route on the RR would be sent to all clients inside the cluster and could cause problems. The router sub-command bgp client-to-client reflection is enabled by default on the RR. If BGP client-to-client reflection were turned off on the RR and redundant BGP peering was made between the clients, then using peer groups would be alright. Does anyone know what they mean? I know in IOS versions 12.0 and lower there were issues with route reflection using peer groups, but I am trying to figure out what they are trying to say here. What do they mean by a potential withdrawal to the source of a route on the RR? Any help would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23874t=23725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP default-originate bug [7:23847]
I am not using vpnv4. According to the command reference, this is off by default, and I sure didn't turn it on! Nope - all I was dong was testing various neighbor commands, one of which is the default-originate. Guess I should report the experience to TAC and see if they admit to a bug not yet on their list. As I said, I can find no reference to this phenomenon other than what I reported below. thanks. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Cohen Sent: Monday, October 22, 2001 11:05 PM To: [EMAIL PROTECTED] Subject: RE: BGP default-originate bug [7:23847] Just out of curiousity why would you want a default-originate command on an VPNv4 neighbor. If you're trying to originate a default route into a particular VRF I would think you should use the IPv4 VRF address families. Is this just something you tried since the command was available and found these interesting results or was there actually a specific purpose for it? Thanks, -Michael Cohen -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chuck Larrieu Sent: Monday, October 22, 2001 11:27 PM To: [EMAIL PROTECTED] Subject: BGP default-originate bug [7:23847] found a good one yesterday while going through a series of BGP neighbor options entering the command neighbor a.b.c.d default-originate causes a router reload. every time. I did a search on CCO and came up with Bug Id : CSCdr53754, which states that: The default originate command is deprecated for the VPNv4 address family. Workaround: Do not use this command under address-family vpnv4 mode. the bug is reported to occur in 12.1T 12.1(2)T 12.1(2) and is supposed to be fixed in 12.1(3.4) 12.1(3.4)T 12.1(3.4)AA 12.1(3.4)PI 12.0(11.6)ST 12.1(4)DB 12.1(4)DC well, I spent some time upping IOS images, and I found that in 12.1.5 and 12.1.9 the same event happens every time. I reread the big report, which states this happens in IOS images for the c7200 series. I have only my humble 25xx's. So I guess Cisco has not fixed this for us students. :- Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23892t=23847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: snmp question [7:23889]
well...by definition, snmp is Simple Network Management Protocol. Follow this link for a cisco detailed explanation. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm Ciscoman 10/23/01 09:36AM Sorry but I am asking you about opperations usualy performed using CLI. I know what means SNMP. My seraching proceas reveal I can do: -upload, download configs -upload download images, -restart routers Anything else ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23893t=23889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE lab feedback request!! [7:23894]
Hi all tech people, i'm preparing my Lab that will be to the end of the next month, I would like if someone who already tested could tell me some feedback from the lab, about question, how many router are involved, how are the question clear or tricky Everything else, I need to collect more information as possible... P.S. If someone's preparing the Lab as me, I would like also try to study together, so we can exchange our doubt and solution. Thanks... Bye Maury Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23894t=23894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP guide [7:23875]
Ciscopress is usually the front runner and they have a complete CCNP library package www.bn.com Tam Alan wrote: I've pass my CCNA weeks ago, and intended to proceed to next level which is CCNP .Any publisher is mostly recommended for CCNP tracks? Thks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23896t=23875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CertificationZone OSPF I white paper ? [7:23885]
Phil, OSPF does not use tcp or udp, which are IP types 6 17 respectively or vice-versa, it uses IP type 89, not port. Jeff From: Phil Barker Reply-To: Phil Barker To: [EMAIL PROTECTED] Subject: CertificationZone OSPF I white paper ? [7:23885] Date: Tue, 23 Oct 2001 09:20:30 -0400 Just finished reading this white paper by Howard and have the following points to raise. Page 8 (A4 wise) last line states : OSPF does not use a transport protocol like UDP or TCP, but runs directly over the Data Link Layer. This looks like a typo as it runs over IP on port 89. Page 13 presents a table of LSA's type and purpose. Type 2 (network) states that this LSA can be generated by any router. With reference to Doyle, Caslow and RFC 1247 it appears that this LSA can only be generated by the DR for multi-access networks. I appear to have confirmed this also in my lab. Referring to the same table : Type 4 (ABR) states that the contents route to 'Area Border Router' whereas Caslow and RFC 1247 states that they route to AS Boundary routers. Phil. Nokia Game is on again. Go to http://uk.yahoo.com/nokiagame/ and join the new all media adventure before November 3rd. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23898t=23885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
How much do you think I can get in each router?? What about the catalysts 1200?? Dennis Laganiere wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My advice Sell all but the 2501 and one of the 2511's and use that to outfit a useful lab. You can easily buy two routers for each 2511 you get rid of... --- Dennis -Original Message- From: Alexandre Carvalho [mailto:[EMAIL PROTECTED]] Sent: Monday, October 22, 2001 7:10 PM To: [EMAIL PROTECTED] Subject: Help in setting up a lab!! [7:23836] Dear Router/switches gurus!! Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. I also would like to setup a lab where people could telnet in .. Any comments would be welcome!! Thanks , Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23901t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23900t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
which is the best [7:23902]
In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23902t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23904t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Domain for Sale [7:23887]
hmmm peoples Farhan Ahmed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23905t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which is the best [7:23902]
This usually depends on your topology and the stability of your network. Is there any rhyme or reason to the layout? Is this hub-and-spoke? Is it already laid out in a fashion that would facilitate breaking it up into areas if you wanted to? Either protocol should work just fine with only 50 routers. You may even be able to use OSPF with a single area if your network is pretty stable. I'd probably divide it into areas anyway if your topology allows you to do so in a way that makes some rational sense. Which protocol do you feel more comfortable with? The configuration of eigrp is simpler, but basic ospf isn't very difficult either. With 50 routers, I'd suggest using whichever you are most familiar with. regards, John [EMAIL PROTECTED] 10/23/01 8:53:00 AM In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23906t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: which is the best [7:23902]
I prefer OSPF, only because if you decide to put a device that is not a Cisco on the network you don't have to run 2 routing protocols. Your decision would have to be based on your needs also, EIGRP has a couple of features that OSPF does not that you may want, such as load balancing across links that do not have equal metrics. Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 10:53 AM To: [EMAIL PROTECTED] Subject: which is the best [7:23902] In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23908t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which is the best [7:23902]
It's my personal opinion that It will never be a good practice to use proprietery protocols such as igrp or eigrp. even though it may be tempting because of the features, I would stay away from it. There's no telling what you or your company will be doing 2 years from now which means there's noway of knowing who is goign to be in bed with who. Which means the possible addition of non cisco devices could create more work in the future. Stick with OSPF. -Patrick [EMAIL PROTECTED] 10/23/01 10:53AM In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23909t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Async dial access parameters [7:23910]
I have a 2600 w/ NM16AM, I have it configured and it works like a champ except for one thing. How do I pass network parameters to the client? I need to specify the subnet mask, default gw, dns, etc. I tried the async-bootp command from global config, but that didnt work. I created the ip pool just fine, but I cant find where to set the rest of the info. TIA. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23910t=23910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23911t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SPF timer in OSPF [7:23834]
Actually my question comes from one scenario of ipexpert lab, it's http://www.ipexpert.net/products/pdf/Section203Portion.pdf You could see in OSPF part Change SPF on R5 so if will only occur every 30 seconds. If it's happens only route changes, what this every means? J - Original Message - From: malay patel To: Jerry Seven ; Sent: Monday, October 22, 2001 7:26 PM Subject: Re: SPF timer in OSPF [7:23834] FYI, I belive, SPF algorithms calculates new routing table when ever there are changes. Malay Patel --- Jerry Seven wrote: Hi, In OSPF, is SPF algorithms running periodically or just invoked when route change happens? If the first one is true, what's the command to change it? I saw timer spf in CCO, but seems for other purpose. Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com [EMAIL PROTECTED] __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23912t=23834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Routing [7:23913]
Okay I've heard that the CCNP Routing exam 640-503 is a bear. I passed the Switching and BCRAN already, but I hear this one is the toughest. I've been using the ExamCram books and Boson's for the other two. Is there anything else I should be studying to nail this exam? Thanks, jd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23913t=23913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Partner Specilization [7:23890]
Hi Johan , Our company and the staff members have appeared and fulfilled the requirements for the Voice Specialization , we have cleared the online tests required from certification.net , as per the feedback it is fairly easy to clear if you have gone through the TRNC_ _ Cds offered by Cisco thru the Marketplace . By next year we shall be preparing for the Security and VPN specialization as well. thanks, Navin Parwal CCNP, CCDP , MCSE Technosys Premier certified Partner -Cisco johan ericsson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi! The company I work for is a cisco premium partner. As I have understood it to keep the partner status the company will have to specialize (take a couple of online courses and a test) to keep the partnerstatus. So we choose wireless specialization.. My question is if anyone has taken the test yet, and if so.. how was it compared to the online courses? best regards Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23914t=23890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Async dial access parameters [7:23910]
I'm guessing you're going to need to implement DHCP to do all that... NetEng wrote: I have a 2600 w/ NM16AM, I have it configured and it works like a champ except for one thing. How do I pass network parameters to the client? I need to specify the subnet mask, default gw, dns, etc. I tried the async-bootp command from global config, but that didnt work. I created the ip pool just fine, but I cant find where to set the rest of the info. TIA. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23918t=23910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Routing [7:23913]
Just make sure you have your BGP, EIGRP and OSPF down cold. -- Brad Nixon Nothing is fool proof to a sufficiently talented fool. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23917t=23913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switching exam question [7:23497]
Not being trained in topological mathematics I am geussing that you are telling us that there are other common hierarchical forms. The tree is the only one I hear about. What are the others you have in mind? Priscilla Oppenheimer wrote: I was hoping nobody would answer. ;-) Because actually I don't like my answer. It should read, A hierarchical network design MAY already be a tree! It wouldn't necessarily be a tree. Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23915t=23497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Routing [7:23913]
JD, I cannot tell you what to read, because each individual has different book levels that matches their learning methods. Some gotta have the study guides because they provide a more clear language like way of explaining the stuff, and others like the more technical written books like Cisco Press' course books. I personally likes to get one of each, so what I did not get in the first book, I have a chance to get in the second. Anyway, as one of my golden rules: Take all three Boson demo-tests and buy the one you scored worst in. Then when you can nail those four test in it with a score of 90% or more, you are ready for the exam. If you score lower than 90%, it's back to the books, CCO, your practice lab, etc... Feel free to read about what I used on my Router Chief site (link is below). Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 11:05 AM To: [EMAIL PROTECTED] Subject: CCNP Routing [7:23913] Okay I've heard that the CCNP Routing exam 640-503 is a bear. I passed the Switching and BCRAN already, but I hear this one is the toughest. I've been using the ExamCram books and Boson's for the other two. Is there anything else I should be studying to nail this exam? Thanks, jd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23919t=23913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23920t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Routing [7:23913]
For this test and many others I would recommend you get Routing TCP/IP Vol. 1 by Jeff Doyle and Internet Routing Architectures 2nd edition by Basaam (Sam) Halabi. John [EMAIL PROTECTED] 10/23/01 10:05:00 AM Okay I've heard that the CCNP Routing exam 640-503 is a bear. I passed the Switching and BCRAN already, but I hear this one is the toughest. I've been using the ExamCram books and Boson's for the other two. Is there anything else I should be studying to nail this exam? Thanks, jd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23921t=23913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Flash on a 4500?? [7:23862]
Hi, Your 4500 router only has 8MB flash for IOS upgrades. The other 4 MB are the boot flash and you can't use it to store IOS. The IOS that can fit on your 8MB flash is: 12.1.9 IP Filename: c4500-i-mz.121-9.bin Minimum Recommended Memory to download image - 8 MB Flash and 32 MB RAM Hth, Angel Leiva - MCSE, CCNA, CCNP-WAN -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Cisco Nuts Sent: Tuesday, October 23, 2001 12:42 AM To: [EMAIL PROTECTED] Subject: Flash on a 4500?? [7:23862] Hello Group,I have a 4500 that I need to upgrade but am not sure how much flash this router has. Here is the output from the sh ver command:cisco 4500 (R4K) processor (revision 0x00) with 32768K/16384K bytes of memo!! output omitted 8192K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write)Does this mean that the router has 12mb of flash then? Can I upgrade to the 12.1.9 ver. of th IOS? Please advise.Thank youKind regards. Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23922t=23862 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help in setting up a lab!! [7:23836]
I agree with John. You get pretty bored with 2501 pretty quick. I'd keep my eyes open for good deals on some 2513's and 2503's just to mix things up. You'll also need something with a bunch of serial ports for a frame switch, either a 2522 or a 4000 with at lest 4 ports... --- Dennis -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 9:32 AM To: [EMAIL PROTECTED] Subject: Re: Help in setting up a lab!! [7:23836] Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23923t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX DOS protection [7:23924]
I am looking for a document that describes all DOS protection features of PIX Firewall 6.x, as well as guides and suggestions on implementing the above features. Eugene [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23924t=23924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Changing LSA types [7:23925]
Scenario: R1--(RIP)--R2--(OSPF0)--R3--(OSPF6, NSSA)--R4--(EIGRP)--R5 By default RIP will get distributed into Area 0 as a type 5 LSA, which will not be allowed into the NSSA and those routes will not make it to R5. Can I Redistribute RIP into one OSPF process on R2 and then redistribute between the OSPF processes to change the RIP networks into a different LSA type to allow them to flow into the NSSA? Is there a better way to accomplish this? - Jon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23925t=23925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Alberta Study Partners [7:23926]
Members; I am looking for committed people :) to form a small study group.I'm located in north central Alberta.Presently I have my CCNP, CCDP and will be doing the CCIE written in a month or so. I have a small lab (3 routers, hubs etc.) and a modest budget to buy more equipment. Would like to pool my resources with serious CCIE candidates.Please contact me at [EMAIL PROTECTED] if you are interested. Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23926t=23926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX with PAT and VPN [7:23490]
I have seen this working. You have to use nat (inside) 0 access-list 101. The IPSec IKE negotiation is between public IP address. So the question of port limitation does not arise. The internal IP addresses are not involved in IPSec negotiation. You use above statement to avoid routing problem between two LAN segments. Just make sure access-list is mirror image on both peers. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, October 22, 2001 1:41 AM To: [EMAIL PROTECTED] Subject: Re: PIX with PAT and VPN [7:23490] I tried this and it did not work. When IPSEC negociates a VPN session between the two PIX's, it will PAT an internal device from Network A as 206.112.71.5 and use 206.112.71.5:500 for the negociation. Once another device wishes to access a device behind 206.112.71.6, it will have to use 206.112.71.5:500 as well. Cisco IPSEC will only allow one port 500 per IP. This means the original device will be moved from port 500 to a different port. IPSEC only uses port 500 for the negociation and therefore the original connection fails. I did as you said but I added another command like this. Global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0. Nat (inside) 0 access-list 101 Access-list 101 is the traffic to be encrypted. I have tried not to use PAT with encrypted data because of the IP:Port limitation problem. However, it still won't work. Any more suggestions?[EMAIL PROTECTED] wrote: With PIX you must have one legal address for the outside interface on BOTH PIXs. That's actually enough to do what you want to do. Say that your legal address on PIX1 is 206.112.71.5/30. Go to PIX2 startup ipsec and input isakmp key 'your key' address 206.112.71.5. Then input crypto map 'your map-name' 'your sequence number' set peer 206.112.71.5 Say that your legal address on PIX2 is 206.112.71.6/30. Go to PIX1 startup ipsec and input isakmp key 'your key' address 206.112.71.6 Then input crypto map 'your map-name' 'your sequence number' set peer 206.112.71.6 Now on PIX1 input nat (inside) 1 0.0.0.0 0.0.0.0 0 0.Then input global (outside) 1 206.112.71.5 Now on PIX2 input nat (inside) 1 0.0.0.0 0.0.0.0 0 0.Then input global (outside) 1 206.112.71.6 Now just complete your isakmp and crypto-map settings and you will be doing one single VPN between peers and PAT to the Internet. That's the best you can do on PIX with only a 30 bit legal subnet mask. John Squeo Technical Specialist Papa John's Corporation (502) 261-4035 Theodore stout To: [EMAIL PROTECTED] cc: tudy.comSubject: PIX with PAT and VPN [7:23490] Sent by: nobody@groupst udy.com 10/19/01 02:23 AM Please respond to Theodore stout Hello everyone. I am trying to implement 2 Internet connectivity solutions while at the same time creating 2 VPN solutions between two sites. What I would like to do it use a PIX 515 at both sites, tunnel IPSEC between the sites and still have normal access to the Internet. What my problem is that I only have one IP address per-site. In all of the solutions provided by Cisco, I would need a pool of registered IP addresses for NAT. PAT is not even possible. I know that this VPN-PAT-FW1FW1-PAT-VPN solution is available with Checkpoint. However, I would prefer a Cisco only solution. Any suggestions? Theodore Stout Security Engineer CCSE, CCNA, MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23927t=23490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Vlan Design [7:23928]
I have worked with Vlans for another company that used a different Vlan for every department and then had a Vlan for the servers. This goes along with most design concepts except that at least 2 or more departments often shared a wiring closet. When tech support would plug in PCs, they often would not call and the PC would end up being put in Vlan 1 or a different department's Vlan. Obviously labeling the ports would be helpful but the way things changed it would never be accurate. Then everytime the PCs had to access a server, they had to hit the 5500 RSM. I have heard so many suggestions such as use a different Vlans for servers, printers, and PCs. I strongly disagree about putting printers in a different Vlan because there is no reason for a traffic to hit a router when the PC and printer are next to each other. What I am thinking about doing is putting groups of closets in Vlans, use Vlan capable NICs in shared servers, and put other servers that are dedicated to departments in their Vlan. For the most part, departments all go into the same closet. I am wondering is what logic are other people using for Vlans. I know traffic flow is a big consideration which I will break up by groups of closets. I average about 20-40 connections per closet. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23928t=23928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Securing passwords [7:23876]
You are indeed correct. I got em backwards. That's for the input! -- -=Repy to group only... no personal=- Gardner, Brent wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe you have the two confused. Type 7 passwords use a simple two-way encryption algorithm called Vigenere cipher that can be cracked with any number of decryption programs available on the Internet. Type 5 uses a much more secure one-way MD5 hash. Without a super computer, it is almost impossible to crack a type 5 password. This is why is so important to use an enable secret password instead of an enable password password. For more info: http://www.cisco.com/warp/public/707/21.html Thanks, Brent Gardner -Original Message- From: Dennis [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 7:15 AM To: [EMAIL PROTECTED] Subject: Re: Securing passwords [7:23876] Use the command service password encryption. Although the type 5 encrypted passwords are not difficult to crack the type 7 are. -- -=Repy to group only... no personal=- wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Would anyone know how to secure or encrypt passwords on a router/switch that cannot be easily cracked by freeware software? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23929t=23876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Routing [7:23913]
I just passed the exam this morning in an effort to keep the CCNP certification current. The content is heavily biased towards OSPF, BGP and EIGRP. The Boson software seems pretty accurate in representing the format and some of the content of the exam. Also pick up a copy of Cisco Certification by Caslow. While targeted towards the CCIE prep, it is an excellent resource for the CCNP track. From my perspective, this was a much easier exam than the routing 1.0 series. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23931t=23913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Vlan Design [7:23928]
I understand your traffic flow perspective, but I must state that it is not in alignment with modern data flow. That vast majority of traffic nowadays seems to be moving toward Enterprise applications i.e. PeopleSoft, LotusNotes, Oracle Financials located on hosts that serve multiple applications i.e. application servers.Therefore, I belong to the school of thought that VLANs should be laid out with a security and accounting perspective. I divide my clients into VLANs based on functional business unit. The underlying assumption is that Finance people generally have a similar security profile and differ from the security profile of say, manufacturing staff. The security profile is based on what special application servers these groups access. For instance, the Finance people may use Oracle Financials. If the manufacturing people never access Oracle Financials, then a clever hacker on the manufacturing VLAN, should not be allowed to connect to a volume share, or the Check printer in the Finance department. By segmenting these two distinct groups into VLANs, they acquire different IP subnets and that allows you to either control their network resource access to other VLANs via Access Control Lists on the router, or at least log out the activity if you choose not to restrict their connections. Secondly, the datacenter hosts should be in their own VLAN. A better solution is to group the hosts into separate VLANs based on risk assessment. For instance, if you have three or more interfaces on your Firewall, you should create a Outside DMZ for your web servers, ftp servers, mail servers, Citrix Servers, etc., and a Inner DMZ for less risky servers, possibly servers that are accessed through the Internet via a VPN or Dial-up. Lastly, your financial servers, RD, servers and Human Resources servers should be inside the Inside Interface of your Firewall on a separate Datacenter VLAN. These are just a few examples of how you can begin to leverage VLANs for the purpose of protecting your data. Segmentation into functional groups sometimes include an Executive VLAN so that your can enable priority queuing to the Internet or other network resources based on the Executives subnet range. Etc., Etc., Etc. Hope this helps.most of this is not in any Cisco textbook because they seem to not to want to impose design options on Network Engineers, however it is based on my experience with reviewing Best Industry Practices. John Squeo Technical Specialist Papa John's Corporation (502) 261-4035 Doug Korell cc: Sent by: Subject: Vlan Design [7:23928] nobody@groupst udy.com 10/23/01 01:41 PM Please respond to Doug Korell I have worked with Vlans for another company that used a different Vlan for every department and then had a Vlan for the servers. This goes along with most design concepts except that at least 2 or more departments often shared a wiring closet. When tech support would plug in PCs, they often would not call and the PC would end up being put in Vlan 1 or a different department's Vlan. Obviously labeling the ports would be helpful but the way things changed it would never be accurate. Then everytime the PCs had to access a server, they had to hit the 5500 RSM. I have heard so many suggestions such as use a different Vlans for servers, printers, and PCs. I strongly disagree about putting printers in a different Vlan because there is no reason for a traffic to hit a router when the PC and printer are next to each other. What I am thinking about doing is putting groups of closets in Vlans, use Vlan capable NICs in shared servers, and put other servers that are dedicated to departments in their Vlan. For the most part, departments all go into the same closet. I am wondering is what logic are other people using for Vlans. I know traffic flow is a big consideration which I will break up by groups of closets. I average about 20-40 connections per closet. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23932t=23928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Alberta Study Partners [7:23926]
Jim, I think I'm the only other Albertan on the list. Just you and me kid. For the information you're asking for, contact Gerry Draganiuk at the local Cisco office in Edmonton, or Wayne Mah at the local Cisco office in Calgary (but I suspect since you said north central Alberta, you're more likely to be located in, or close to Edmonton). -- Leigh Anne PS. There was a Daniel somebodyorother on here a couple months ago from Edmonton and someone from Calgary, but I think they're long gone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Mayoh Sent: Tuesday, October 23, 2001 11:31 AM To: [EMAIL PROTECTED] Subject: Alberta Study Partners [7:23926] Members; I am looking for committed people :) to form a small study group.I'm located in north central Alberta.Presently I have my CCNP, CCDP and will be doing the CCIE written in a month or so. I have a small lab (3 routers, hubs etc.) and a modest budget to buy more equipment. Would like to pool my resources with serious CCIE candidates.Please contact me at [EMAIL PROTECTED] if you are interested. Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23930t=23926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CAT 2950 switches [7:23933]
Hi All, Does Cisco 2950 switches support VoIP or IP phones? I quickly went over some overview of these 2950s and it seemed that they don't support voice VLAN, though they have QoS. So if I would like hardware that support both H323 (audio, video) and VoIP traffic, can I use this 2950 to substitude with 3500XL models? Thanks! Thomas N. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23933t=23933 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
Thanks john, but for the CCNP, do I need right now a router with token ring ?? And thw switchws, which one shoul i get?? Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23934t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
I think I have a 4000 series , i will check the config. How much that 4000 with 4 ports, can be worth ?? Dennis Laganiere wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I agree with John. You get pretty bored with 2501 pretty quick. I'd keep my eyes open for good deals on some 2513's and 2503's just to mix things up. You'll also need something with a bunch of serial ports for a frame switch, either a 2522 or a 4000 with at lest 4 ports... --- Dennis -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 9:32 AM To: [EMAIL PROTECTED] Subject: Re: Help in setting up a lab!! [7:23836] Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23935t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
setting the Time question from the CLI [7:23936]
Hi, I have kind of a stupid question but I am trying to set the time on a catalyst 3548 Ex: clock set hh:mm:ss date month year? When I go to do the time it is ok and I always get unrecognized command entering the dat. I have tried every combination and can't get it to work. I did clock set 10:23:23 23 1? to get help completing the command and it says %unrecognized command%. I then did clock set 10:23:23 23 10 2001 and no works. Any suggestions? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23936t=23936 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CertificationZone OSPF I white paper ? [7:23885]
We recently had a discussion on Groupstudy as to where in the OSI model routing protocols existed. Essentially, routing protocols are Network layer entities. To quote from the previous discussion: They are layer management protocols at the network layer. This is not covered in the basic OSI Reference Model, but in the Management Annex to it, and the OSI Routeing Architecture document, both from ISO. Just because a protocol is transmitted using a protocol at layer (N) doesn't make the payload protocol layer (N+1). - Howard Berkowitz If we think about it, there are other examples of this being true besides management protocols. It's pretty common to see the session-layer NetBIOS protocol running on top of LLC, for example. (It's sometimes called NetBEUI in this case, but it still has session-layer behavior.) - Priscilla Oppenheimer Pretty awesome having such resources on the list, eh? A long time ago I learned my layers properly, but once I got into looking at sniffer traces, my layers got all mixed up. It's nice having people that keep things straight to set us straight! -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Smith Sent: Tuesday, October 23, 2001 8:38 AM To: [EMAIL PROTECTED] Subject: Re: CertificationZone OSPF I white paper ? [7:23885] Phil, OSPF does not use tcp or udp, which are IP types 6 17 respectively or vice-versa, it uses IP type 89, not port. Jeff From: Phil Barker Reply-To: Phil Barker To: [EMAIL PROTECTED] Subject: CertificationZone OSPF I white paper ? [7:23885] Date: Tue, 23 Oct 2001 09:20:30 -0400 Just finished reading this white paper by Howard and have the following points to raise. Page 8 (A4 wise) last line states : OSPF does not use a transport protocol like UDP or TCP, but runs directly over the Data Link Layer. This looks like a typo as it runs over IP on port 89. Page 13 presents a table of LSA's type and purpose. Type 2 (network) states that this LSA can be generated by any router. With reference to Doyle, Caslow and RFC 1247 it appears that this LSA can only be generated by the DR for multi-access networks. I appear to have confirmed this also in my lab. Referring to the same table : Type 4 (ABR) states that the contents route to 'Area Border Router' whereas Caslow and RFC 1247 states that they route to AS Boundary routers. Phil. Nokia Game is on again. Go to http://uk.yahoo.com/nokiagame/ and join the new all media adventure before November 3rd. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23937t=23885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CertificationZone OSPF I white paper ? [7:23885]
Thanks, Phil. I am copying Certzone so the corrections can be made. Just finished reading this white paper by Howard and have the following points to raise. Page 8 (A4 wise) last line states : OSPF does not use a transport protocol like UDP or TCP, but runs directly over the Data Link Layer. This looks like a typo as it runs over IP on port 89. Yes. My fingers were thinking ISIS. Page 13 presents a table of LSA's type and purpose. Type 2 (network) states that this LSA can be generated by any router. With reference to Doyle, Caslow and RFC 1247 it appears that this LSA can only be generated by the DR for multi-access networks. I appear to have confirmed this also in my lab. By any router, I was referring to the box. A box can have zero or more designated routers. I believe the statement is correct that any router -- interior, backbone, ABR, or ASBR can generate it. Incidentally, if you want to check the RFC, use RFC2328, 1247 is ancient. Referring to the same table : Type 4 (ABR) states that the contents route to 'Area Border Router' whereas Caslow and RFC 1247 states that they route to AS Boundary routers. You are correct. Phil. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23938t=23885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
You won't need hands-on token ring knowledge for the CCNP tests but you'll definitely want to have some for CCIE studies. For switches, you might try to pick up a 2901 or 5000. I'm using a 1200, as well, but it was free.It can't run any recent software releases so you'll want to get some more experience on newer switches if you can. We have a couple 5000s at work so I get to tinker around with them here. You might want to check with Brad Ellis at www.optsys.net. He can probably hook you up with what you need based on what you can afford. John Alex Carvalho 10/23/01 12:49:10 PM Thanks john, but for the CCNP, do I need right now a router with token ring ?? And thw switchws, which one shoul i get?? Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23939t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: setting the Time question from the CLI [7:23936]
I do not have a 3548, by my 2924 switch and all of my routers use the 3 letter abbreviation for the month, not the numeric. clock set XX:XX:XX 23 oct 2001. Give that a try. David Toalson 816-701-4142 -- From: bob Perez[SMTP:[EMAIL PROTECTED]] Reply To: bob Perez Sent: Tuesday, October 23, 2001 1:52 PM To: [EMAIL PROTECTED] Subject: setting the Time question from the CLI [7:23936] Hi, I have kind of a stupid question but I am trying to set the time on a catalyst 3548 Ex: clock set hh:mm:ss date month year? When I go to do the time it is ok and I always get unrecognized command entering the dat. I have tried every combination and can't get it to work. I did clock set 10:23:23 23 1? to get help completing the command and it says %unrecognized command%. I then did clock set 10:23:23 23 10 2001 and no works. Any suggestions? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23940t=23936 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [ospf point-to-multipoint [7:23655]
Following the spec it should be unicast. Keep in mind that non-broadcast networks (point-to-multipoint) don't support multicasting, that's why you have to manually configure your neighbors. As far as whether broadcast networks that are set to point-to-multipoint via the Cisco command use unicast or multicast I'm not sure since this is not part of the standard. I would guess that they still use unicast since it is trying to pretend like it's a point-to-multipoint network. Jim Bond wrote: Hello, On Jeff Doyle's TCP/IP volume I, P417 it says point-to-multipoint is multicast; P433 it says it's unicast. Which one is correct? Thanks in advance. Jim -- [EMAIL PROTECTED] OSPF/BGP Practice Exams www.boson.com\tests\Advanced.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23942t=23655 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Setting up TACACs on catalyst switches [7:23944]
I have intstalled a couple of switches (6509,5500,4000,3548,2924)in my network a couple of months ago and would now like to add tacacs to the switches for AAA. Does anyone have any ideas with regards to the set commands and as well not letting me lock myself out of the switch. Thanks in advance _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23944t=23944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: setting the Time question from the CLI [7:23936]
Big thing is to keep using the question mark. See below: 2924-5D#clock ? set Set the time and date 2924-5D#clock set ? hh:mm:ss Current Time 2924-5D#clock set 14:44:44 ? Day of the month MONTH Month of the year 2924-5D#clock set 14:44:44 23 Oct % Incomplete command. 2924-5D#clock set 14:44:44 23 October ? Year 2924-5D#clock set 14:44:44 23 October 2001 2924-5D# 2924-5D#show clock 14:46:23.315 UTC Tue Oct 23 2001 -Original Message- From: bob Perez [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 1:53 PM To: [EMAIL PROTECTED] Subject: setting the Time question from the CLI [7:23936] Hi, I have kind of a stupid question but I am trying to set the time on a catalyst 3548 Ex: clock set hh:mm:ss date month year? When I go to do the time it is ok and I always get unrecognized command entering the dat. I have tried every combination and can't get it to work. I did clock set 10:23:23 23 1? to get help completing the command and it says %unrecognized command%. I then did clock set 10:23:23 23 10 2001 and no works. Any suggestions? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23943t=23936 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SPF timer in OSPF [7:23834]
They use pretty cryptic instructions in the lab. I think you're supposed to know that what they mean is configure it so that the minimum time between two consecutive SPF calculations (if they were to occur) is 30 seconds. A CCIE candidate knows how OSPF works and when it calculates SPF. Priscilla At 12:04 PM 10/23/01, Jerry Seven wrote: Actually my question comes from one scenario of ipexpert lab, it's http://www.ipexpert.net/products/pdf/Section203Portion.pdf You could see in OSPF part Change SPF on R5 so if will only occur every 30 seconds. If it's happens only route changes, what this every means? J - Original Message - From: malay patel To: Jerry Seven ; Sent: Monday, October 22, 2001 7:26 PM Subject: Re: SPF timer in OSPF [7:23834] FYI, I belive, SPF algorithms calculates new routing table when ever there are changes. Malay Patel --- Jerry Seven wrote: Hi, In OSPF, is SPF algorithms running periodically or just invoked when route change happens? If the first one is true, what's the command to change it? I saw timer spf in CCO, but seems for other purpose. Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com [EMAIL PROTECTED] __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23945t=23834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
I got some 1200's free as well.. But I will look further I will call this guy later.. I might trade most of my 2511's router. I want to do a lab that I can telnet in from outside as well. I know I need the access servers routers.. Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You won't need hands-on token ring knowledge for the CCNP tests but you'll definitely want to have some for CCIE studies. For switches, you might try to pick up a 2901 or 5000. I'm using a 1200, as well, but it was free.It can't run any recent software releases so you'll want to get some more experience on newer switches if you can. We have a couple 5000s at work so I get to tinker around with them here. You might want to check with Brad Ellis at www.optsys.net. He can probably hook you up with what you need based on what you can afford. John Alex Carvalho 10/23/01 12:49:10 PM Thanks john, but for the CCNP, do I need right now a router with token ring ?? And thw switchws, which one shoul i get?? Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
SARASOTA studygroup [7:23947]
I'm interested in either joining a studygroup in Sarasota,FL or creating one. Anyone in this area studying or working with Cisco equipment interested leave a message or email me. cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23947t=23947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switching exam question [7:23497]
Having given it more thought I decided that a hierarchy doesn't have to be a tree. A tree is a diagram or graph that branches from a single stem without forming loops or polygons. A hierarchy could have loops or polygons. In other words, there could be more than one way to get between layers in the hierarchy. Think of the dotted lines we so often see on org charts. When you look at examples of Cisco's hierarchical design, in most cases they aren't actually trees. There are, of course, redundant ways to get between layers. Hierarchy just implies layers and that each layer has a particular job and ranking. I don't think it has a mathematical meaning. In fact (and Howard will like this because it goes with his 7 deadly sins ;-) most of the meanings for hierarchy have to do with the church: 1 a division of angels 2 a ruling body of clergy organized into orders or ranks each subordinate to the one above it; especially : the bishops of a province or nation b : church government by a hierarchy So, it was an off-the-wall comment that made sense when in a hurry and not when given some thought. (Although a lot of systems analysis techniques do assume that hierarchy means tree!??) Did anyone every use IBM's HIPO method: Hierarchy, Input, Process, Output. It worked extremely well. I don't think it would let you use a hierarchy that wasn't also a tree, although I can't remember for sure. Priscilla At 12:17 PM 10/23/01, Jonathan Hays wrote: Not being trained in topological mathematics I am geussing that you are telling us that there are other common hierarchical forms. The tree is the only one I hear about. What are the others you have in mind? Priscilla Oppenheimer wrote: I was hoping nobody would answer. ;-) Because actually I don't like my answer. It should read, A hierarchical network design MAY already be a tree! It wouldn't necessarily be a tree. Priscilla Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23948t=23497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: which is the best [7:23902]
If it is cisco only environment, I would prefer EIGRP. Less CPU and Memory requirement (which means less expensive routers in some cases and also more free CPU and Memory for the routers). Also I believe they have better convergence time than OSPF. As Mr. Lupi mentioned, while OSPF's metric is based on bandwidth, the EIGRP can be based on (bandwidth, delay and also MTU, load, reliability as necessary). For example, if you have F/R of 512K and 256K, OSPF will use the 512K. You could make it to use the 256K to load balance by the bandwidth statement but it won't be really true load balancing. EIGRP can via variance and other ways. Con is the proprietary Routing protocol. In the future if you acquire non cisco network, you could still use the redistribution. So if you have only cisco network, I would prefer EIGRP. Lastly, OSPF's more hierarchical design than EIGRP(OSPF areas, stubby, total and not so stubby, etc) can scale better in bigger network, but for the given router numbers (50), EIGRP fits better in my opinion. I don't know what I'm trying to say here... For the given condition, I would go with EIGRP, but if you are planning to expand and also possibly acquire non-cisco routers OSPF might be better. Sorry for the confusion. My .02 cents. Ed -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 11:21 AM To: [EMAIL PROTECTED] Subject: RE: which is the best [7:23902] I prefer OSPF, only because if you decide to put a device that is not a Cisco on the network you don't have to run 2 routing protocols. Your decision would have to be based on your needs also, EIGRP has a couple of features that OSPF does not that you may want, such as load balancing across links that do not have equal metrics. Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 10:53 AM To: [EMAIL PROTECTED] Subject: which is the best [7:23902] In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23949t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MAC address and VLANs [7:23950]
Here's my situtation. I have a corporate PC with an IP address of 10.10.x.x and in the same office (and same physical network) another device with an IP address of 192.168.100.x Both devices are connected to a small hub/switch which in turn is connected to a cisco switch. Can I have the 10.10.x.x be apart of one vlan and the 192.168.100.x be a member of another or the default vlan? Can cisco switches recognize multiple MAC addresses on a single switch port (if so, how many?) and be smart enough to know which vlan which MAC address belongs to? This would save me hours (otherwise I have to run cable for connections to our corporate network and connections to our test network in every cube :-( ). TIA PS I understand the best way to do this would be to connect each device into the cisco switch, but I only have a single cable run to each cube/office (corporate pc)10.10.x.x | PC PC (test network) 192.168.100.x | | \/ \ / SWITCH/HUB (non-cisco) | | CISCO SWITCH VLANs -- | || | | corp || test | --- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23950t=23950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help in setting up a lab!! [7:23836]
I have my lab set up so that I can telnet in from out side by simply setting a win2000 server on my rr service and installing 2 nics. one picks up an rr ip and the other is hooked to my internal network. Start the telnet service on the 2000 box. Now you will be able to telnet into the server and from that telnet session you can access any server from the internal network. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Alex Carvalho Sent: Tuesday, October 23, 2001 3:50 PM To: [EMAIL PROTECTED] Subject: Re: Help in setting up a lab!! [7:23836] I got some 1200's free as well.. But I will look further I will call this guy later.. I might trade most of my 2511's router. I want to do a lab that I can telnet in from outside as well. I know I need the access servers routers.. Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You won't need hands-on token ring knowledge for the CCNP tests but you'll definitely want to have some for CCIE studies. For switches, you might try to pick up a 2901 or 5000. I'm using a 1200, as well, but it was free.It can't run any recent software releases so you'll want to get some more experience on newer switches if you can. We have a couple 5000s at work so I get to tinker around with them here. You might want to check with Brad Ellis at www.optsys.net. He can probably hook you up with what you need based on what you can afford. John Alex Carvalho 10/23/01 12:49:10 PM Thanks john, but for the CCNP, do I need right now a router with token ring ?? And thw switchws, which one shoul i get?? Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms
Re: Domain for Sale [7:23887]
HA! Wojtek Zlobicki 10/23/01 04:15PM Somes peoples wills nevers learns Jason wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hmmm peoples Farhan Ahmed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23953t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed CSPFA (my thoughts) [7:23954]
Just made it! Make sure you know the commands (no selection from a menu like other Cisco tests). Some drag and place questions. Overall the questions were well written but this test is far from easy. George Yiannibas MCSE CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23954t=23954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Domain for Sale [7:23887]
OK... I totally expect to get flamed for this, but is this guy really from aba daba doo (think Fred Flintstone)? (see original e-mail)... --- Dennis -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 1:59 PM To: [EMAIL PROTECTED] Subject: Re: Domain for Sale [7:23887] HA! Wojtek Zlobicki 10/23/01 04:15PM Somes peoples wills nevers learns Jason wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hmmm peoples Farhan Ahmed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23955t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MAC address and VLANs [7:23950]
Cisco will recognize multiple macs on a single port but they must all be in
the same vlan. Vlan assignment is per port. Your other option would be to
replace the non cisco hub with a cisco switch which is trunked to the main
switch.
--
-=Repy to group only... no personal=-
NetEng wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Here's my situtation. I have a corporate PC with an IP address of
10.10.x.x
and in the same office (and same physical network) another device with an
IP
address of 192.168.100.x Both devices are connected to a small hub/switch
which in turn is connected to a cisco switch. Can I have the 10.10.x.x be
apart of one vlan and the 192.168.100.x be a member of another or the
default vlan? Can cisco switches recognize multiple MAC addresses on a
single switch port (if so, how many?) and be smart enough to know which
vlan
which MAC address belongs to? This would save me hours (otherwise I have
to
run cable for connections to our corporate network and connections to our
test network in every cube :-( ). TIA
PS I understand the best way to do this would be to connect each device
into
the cisco switch, but I only have a single cable run to each cube/office
(corporate pc)10.10.x.x
|
PC PC (test network) 192.168.100.x
| |
\/
\ /
SWITCH/HUB (non-cisco)
|
|
CISCO SWITCH
VLANs
--
| || |
| corp || test |
---
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=23957t=23950
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Setting up TACACs on catalyst switches [7:23944]
A handy tip for not locking yourself out is to open one terminal session with no exec timeout and place it in the background, open another terminal session to make your changes. Log out of the second session and attempt to log back in. If you can't log back in you still have the first session open to go back and fix it! Dennis -- -=Repy to group only... no personal=- Shane Stockman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have intstalled a couple of switches (6509,5500,4000,3548,2924)in my network a couple of months ago and would now like to add tacacs to the switches for AAA. Does anyone have any ideas with regards to the set commands and as well not letting me lock myself out of the switch. Thanks in advance _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23959t=23944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Domain for Sale [7:23887]
You guys crack me up! I'm still chuckling... jd -Original Message- From: dennisl [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 4:21 PM To: cisco Subject: RE: Domain for Sale [7:23887] OK... I totally expect to get flamed for this, but is this guy really from aba daba doo (think Fred Flintstone)? (see original e-mail)... --- Dennis -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 1:59 PM To: [EMAIL PROTECTED] Subject: Re: Domain for Sale [7:23887] HA! Wojtek Zlobicki 10/23/01 04:15PM Somes peoples wills nevers learns Jason wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hmmm peoples Farhan Ahmed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23958t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [ospf point-to-multipoint [7:23655]
In a point to multipoint OSPF network configuration the links are treated as point to point and you do not need neighbor statements. -- -=Repy to group only... no personal=- Curtis Call wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Following the spec it should be unicast. Keep in mind that non-broadcast networks (point-to-multipoint) don't support multicasting, that's why you have to manually configure your neighbors. As far as whether broadcast networks that are set to point-to-multipoint via the Cisco command use unicast or multicast I'm not sure since this is not part of the standard. I would guess that they still use unicast since it is trying to pretend like it's a point-to-multipoint network. Jim Bond wrote: Hello, On Jeff Doyle's TCP/IP volume I, P417 it says point-to-multipoint is multicast; P433 it says it's unicast. Which one is correct? Thanks in advance. Jim -- [EMAIL PROTECTED] OSPF/BGP Practice Exams www.boson.com\tests\Advanced.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23960t=23655 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [Re: [ospf point-to-multipoint [7:23655]
I'm thinking of Juniper's configuration which always requires the neighbor command. Looks like prior to 12.1 Cisco didn't require the neighbor command, but 12.1 and beyond they do require it when using true non-broadcast point-to-multipoint mode. Dennis wrote: In a point to multipoint OSPF network configuration the links are treated as point to point and you do not need neighbor statements. -- -=Repy to group only... no personal=- Curtis Call wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Following the spec it should be unicast. Keep in mind that non-broadcast networks (point-to-multipoint) don't support multicasting, that's why you have to manually configure your neighbors. As far as whether broadcast networks that are set to point-to-multipoint via the Cisco command use unicast or multicast I'm not sure since this is not part of the standard. I would guess that they still use unicast since it is trying to pretend like it's a point-to-multipoint network. Jim Bond wrote: Hello, On Jeff Doyle's TCP/IP volume I, P417 it says point-to-multipoint is multicast; P433 it says it's unicast. Which one is correct? Thanks in advance. Jim -- [EMAIL PROTECTED] OSPF/BGP Practice Exams www.boson.com\tests\Advanced.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23961t=23655 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: which is the best [7:23902]
With EIGRP you can implement areas similar to OSPF or ISIS. You would want to keep subnets with in the same EIGRP area. Just configure routers with different EIGRP #'s and send summary updates into the different areas. I know a very very very large network doing this. ^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^- Bill Carter CCIE 5022 To accomplish great things, we must not only act, but also dream; not only plan, but also believe. -Anatole France ^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^-^- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kim Edward B Sent: Tuesday, October 23, 2001 3:06 PM To: [EMAIL PROTECTED] Subject: RE: which is the best [7:23902] If it is cisco only environment, I would prefer EIGRP. Less CPU and Memory requirement (which means less expensive routers in some cases and also more free CPU and Memory for the routers). Also I believe they have better convergence time than OSPF. As Mr. Lupi mentioned, while OSPF's metric is based on bandwidth, the EIGRP can be based on (bandwidth, delay and also MTU, load, reliability as necessary). For example, if you have F/R of 512K and 256K, OSPF will use the 512K. You could make it to use the 256K to load balance by the bandwidth statement but it won't be really true load balancing. EIGRP can via variance and other ways. Con is the proprietary Routing protocol. In the future if you acquire non cisco network, you could still use the redistribution. So if you have only cisco network, I would prefer EIGRP. Lastly, OSPF's more hierarchical design than EIGRP(OSPF areas, stubby, total and not so stubby, etc) can scale better in bigger network, but for the given router numbers (50), EIGRP fits better in my opinion. I don't know what I'm trying to say here... For the given condition, I would go with EIGRP, but if you are planning to expand and also possibly acquire non-cisco routers OSPF might be better. Sorry for the confusion. My .02 cents. Ed -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 11:21 AM To: [EMAIL PROTECTED] Subject: RE: which is the best [7:23902] I prefer OSPF, only because if you decide to put a device that is not a Cisco on the network you don't have to run 2 routing protocols. Your decision would have to be based on your needs also, EIGRP has a couple of features that OSPF does not that you may want, such as load balancing across links that do not have equal metrics. Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 10:53 AM To: [EMAIL PROTECTED] Subject: which is the best [7:23902] In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23962t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Domain for Sale [7:23887]
Farhan... I hate to tell you but that domain isn't worth the cost of registration... -- -=Repy to group only... no personal=- Farhan Ahmed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all, I m selling one of my domain name www.certifiedpeoples.com If somebody is interested in setting up a knowledge website or groupdiscussion or a database of certified cisco peoples etc etc. pls cc me at [EMAIL PROTECTED] ;;; Farhan Ahmed MCSE+I, MCP Win2k, CCA, CCDA, CCNA, CSE , CCNP Network Engineer Mideast Data Systems Abu Dhabi Uae. ;;; Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23963t=23887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Committed Access Rate calculations [7:23839]
Use the following formula: average rate = x normal burst = x*0.1875 extended burst = x*0.375 ie. for an 8Mb average rate, use: rate-limit output 800 150 300 conform-action exceed-action This is detailed in the following link: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos _c/fqcprt4/qcfpolsh.htm - xtocid163302 Jon Tucker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... rate-limit output access-group 101 2000 24000 32000 conform-action set-prec- transmit 5 exceed-action set-prec-transmit 0 rate-limit output access-group 102 1000 24000 32000 conform-action set-prec-transmit 5 exceed-action drop rate-limit output 800 16000 24000 conform-action set-prec-transmit 5 exceed-action drop I grabbed these three examples from CCO. Is there a rule for the calculation of the normal burst and maximum burst values if we are not told explicitly what those values should be? In the three examples above, only the last one had explicit values defined. These examples were found at Thanks, - Jon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23964t=23839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MAC address and VLANs [7:23950]
Actually, that's not correct. The original specification for VLANs from
what I understand mandates that only one VLAN can be assigned to a port, but
manufacturers such as 3COM decided to do otherwise and support multiple
VLANs per port. Cisco responded by creating (on certain switches such as
the Catalyst 2900XL) an administrator to configure a port to be a member of
more than one VLAN at a time when using a membership mode known as
Multi-VLAN. A Multi-VLAN port can belong to up to 250 VLANs; the actual
number of VLANs to which the port can belong depends on the capability of
the switch itself. Although the concept is similar, this membership mode is
different than trunking. The caveat to this feature is that the
Multi-VLAN membership mode cannot be configured on a switch if one or more
ports on the switch have been configured to trunk.
For more information on this feature, search Cisco's website using the
keyword phrase switchport multi.
As for answering NetEng's question--I can't quite determine where multiple
MAC addresses share the same switch port. Could you identify which switch
that is?
-- Leigh Anne
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Dennis
Sent: Tuesday, October 23, 2001 3:48 PM
To: [EMAIL PROTECTED]
Subject: Re: MAC address and VLANs [7:23950]
Cisco will recognize multiple macs on a single port but they must
all be in
the same vlan. Vlan assignment is per port. Your other option
would be to
replace the non cisco hub with a cisco switch which is trunked to the main
switch.
--
-=Repy to group only... no personal=-
NetEng wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Here's my situtation. I have a corporate PC with an IP address of
10.10.x.x
and in the same office (and same physical network) another
device with an
IP
address of 192.168.100.x Both devices are connected to a small
hub/switch
which in turn is connected to a cisco switch. Can I have the
10.10.x.x be
apart of one vlan and the 192.168.100.x be a member of another or the
default vlan? Can cisco switches recognize multiple MAC addresses on a
single switch port (if so, how many?) and be smart enough to know which
vlan
which MAC address belongs to? This would save me hours (otherwise I have
to
run cable for connections to our corporate network and
connections to our
test network in every cube :-( ). TIA
PS I understand the best way to do this would be to connect each device
into
the cisco switch, but I only have a single cable run to each cube/office
(corporate pc)10.10.x.x
|
PC PC (test network) 192.168.100.x
| |
\/
\ /
SWITCH/HUB (non-cisco)
|
|
CISCO SWITCH
VLANs
--
| || |
| corp || test |
---
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=23965t=23950
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MAC address and VLANs [7:23950]
Interesting... looked it up on Cisco's site... thanks...
--
-=Repy to group only... no personal=-
Leigh Anne Chisholm wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Actually, that's not correct. The original specification for VLANs from
what I understand mandates that only one VLAN can be assigned to a port,
but
manufacturers such as 3COM decided to do otherwise and support multiple
VLANs per port. Cisco responded by creating (on certain switches such as
the Catalyst 2900XL) an administrator to configure a port to be a member
of
more than one VLAN at a time when using a membership mode known as
Multi-VLAN. A Multi-VLAN port can belong to up to 250 VLANs; the actual
number of VLANs to which the port can belong depends on the capability of
the switch itself. Although the concept is similar, this membership mode
is
different than trunking. The caveat to this feature is that the
Multi-VLAN membership mode cannot be configured on a switch if one or more
ports on the switch have been configured to trunk.
For more information on this feature, search Cisco's website using the
keyword phrase switchport multi.
As for answering NetEng's question--I can't quite determine where multiple
MAC addresses share the same switch port. Could you identify which switch
that is?
-- Leigh Anne
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Dennis
Sent: Tuesday, October 23, 2001 3:48 PM
To: [EMAIL PROTECTED]
Subject: Re: MAC address and VLANs [7:23950]
Cisco will recognize multiple macs on a single port but they must
all be in
the same vlan. Vlan assignment is per port. Your other option
would be to
replace the non cisco hub with a cisco switch which is trunked to the
main
switch.
--
-=Repy to group only... no personal=-
NetEng wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Here's my situtation. I have a corporate PC with an IP address of
10.10.x.x
and in the same office (and same physical network) another
device with an
IP
address of 192.168.100.x Both devices are connected to a small
hub/switch
which in turn is connected to a cisco switch. Can I have the
10.10.x.x be
apart of one vlan and the 192.168.100.x be a member of another or the
default vlan? Can cisco switches recognize multiple MAC addresses on a
single switch port (if so, how many?) and be smart enough to know
which
vlan
which MAC address belongs to? This would save me hours (otherwise I
have
to
run cable for connections to our corporate network and
connections to our
test network in every cube :-( ). TIA
PS I understand the best way to do this would be to connect each
device
into
the cisco switch, but I only have a single cable run to each
cube/office
(corporate pc)10.10.x.x
|
PC PC (test network) 192.168.100.x
| |
\/
\ /
SWITCH/HUB (non-cisco)
|
|
CISCO SWITCH
VLANs
--
| || |
| corp || test |
---
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=23968t=23950
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
fast switching [7:23969]
Something odd is happening on my network... (not that that's unusual...) I have a couple of 7507s connected by two E1 links. For various reasons, the links are set up with fast switching disabled (mainly because there are single sessions with enough traffic to flood a single link). The 7507 on one side is running IOS 11.2. Last weekend the 7507 on the other side was upgraded to 12.1(10). According to 'show ip int', fast switching and flow switching are disabled (on both links at both ends). However, MRTG shows that the traffic from the 12.1 router to the 11.2 router is not balanced evenly across the two links. Traffic from the 11.2 router to the 12.1 router is balanced. Any guesses as to why this is so? Bug (surely not, this is Cisco...:-)? Is a reboot or shut/no shut required to change switching states (I didn't do the upgrade myself and I'm not sure what exact configuration sequence was used)? Something really obvious I'm missing here? Ta, JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23969t=23969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE written exam format [7:23970]
Hi everybody! Can someone tell me what the format is for the CCIE written? I've heard that you can go back and change you answers. I've also heard that they don't tell you how many answers there are on the multiple choice. Thanks! -junovtv Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23970t=23970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Virtual Link Authentication [7:23867]
Don't you think fixing up the router-id in this scenario is better to ensure consistent virtual link and since you keep rebooting the router? Just an opinion. :) Regards, Ryan -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 10:06 PM To: [EMAIL PROTECTED] Subject: RE: OSPF Virtual Link Authentication [7:23867] Thanks. I was configuring it as you suggest. I played around with this more last night and I never got it to work. It's frustrating because it seems so simple, yet I must be missing something that's right under my nose. I had some problems with lab equipment last night that I finally resolved. So, tonight I'll rebuild everything from scratch and see if I can make it work. John Frank B 10/23/01 1:10:15 AM Not sure if you received any possible issues other than the whitespace. But another common error...there are NO interface commands required for the interfaces into the transit area. The authentication commands are placed at the end of the area x virtual-link command under the ospf process. For instance: Ra-area0-Rb-area1-Rc-area2--Rd If area0 requires authentication, the only commands required to authenticate on the virtual-link transiting area1 are: Rc# router ospf 1 area 1 virtual-link [Rb rtr id] authenticatio-key cisco area 0 authentication AND of course the same commands on the ospf process of Rb also. This example was plain text but the question mark will help get you the md5 commands. The way I remember it...this virtual link IS my interface into the backbone so I ONLY need to configure there. Hope this helps, aloha, Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, October 21, 2001 6:54 PM To: [EMAIL PROTECTED] Subject: OSPF Virtual Link Authentication I was working on Fatkid 401 OSPF lab tonight and I could never get the virtual link authentication to work correctly. No matter what I did, I would get errors stating I had a mismatched authentication key. Well, the key was cisco so that's not too hard to type in correctly. Still, I played with the configs on the two relevant routers and I rebooted them several times, all to no avail. I even changed the authentication type to md5 and got the same message. Very weird. I thought at one point this was an IOS issue because one router was running 11.2(7) and the other 11.2(25a). I upgraded the first one to 11.2(25a) and I still see the same error. I peeked at the solution and saw that I had it configured exactly how they suggested. Then I checked CCO and saw that they suggest the same configuration. Do any of you have any tips for configuring virtual link authentication? This seems to be a pretty simple config and I don't see what I'm missing. Thanks, John ___ http://inbox.excite.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23971t=23867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Partner Specilization [7:23890]
Take it offline and drop me a mail. Regards, Ryan -Original Message- From: johan ericsson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 10:04 PM To: [EMAIL PROTECTED] Subject: Partner Specilization [7:23890] Hi! The company I work for is a cisco premium partner. As I have understood it to keep the partner status the company will have to specialize (take a couple of online courses and a test) to keep the partnerstatus. So we choose wireless specialization.. My question is if anyone has taken the test yet, and if so.. how was it compared to the online courses? best regards Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23972t=23890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: which is the best [7:23902]
May I offer an alternative to the routing protocol school of thought? In a hub and spoke environment, why not consider static routes? Quad zero from the branches to the hub. statics on the hub to the branches? I appreciate that the routing protocol school talks about statics as not being scalable, but really - after an initial setup, what's to maintain? So you add a few routers a year. how much work does adding a few more statics really involve? In all seriousness, what advantage does ANY routing protocol offer in a hub and spoke of fewer than a hundred or so routers? ( and I have customer networks that do exactly this. including a major tech company whose name is familiar to anyone familiar with any aspect of technology products and services these days, and whose RLAN / VPN network consist of two ATM DS3 hubs and several thousand spokes ) Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, October 23, 2001 7:53 AM To: [EMAIL PROTECTED] Subject: which is the best [7:23902] In a medium (50 routers) cisco only environment which routing protocol would be prefered ... EIGRP or OSPF ? What are the pros and cons ? Thanks Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23973t=23902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help in setting up a lab!! [7:23836]
You'll want a set-based switch, either a 2901 (not a switch in the XL series) or a Catalyst 5000 series. I would lean towards the Catalyst 5000 because it's modular. As I mentioned offline to you, www.ccxxproductions.com has a link called Build a Home Lab that has some good information. -Original Message- From: Alex Carvalho [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 2:49 PM To: [EMAIL PROTECTED] Subject: Re: Help in setting up a lab!! [7:23836] Thanks john, but for the CCNP, do I need right now a router with token ring ?? And thw switchws, which one shoul i get?? Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Go to www.kg2.com to get really inexpensive flash memory. I just bought three sets from there myself. As far as routers, you won't want to get all 2501s. A couple of those would be good but maybe you should get some other 2500 series routers that have some token ring like a 2504 or 2513. Then try to pick up a router with a bunch of serial interfaces that you can use as a frame relay switch. A 2520 would work for a small lab but you should probably get a 2522 or 2523. The 2523 is hard to find but less expensive. Regards, John Alex Carvalho 10/23/01 9:54:13 AM Thanks John, I will have to market now 8mb flash memory, any idea how much do they cost?? About selling all of them and getting 2501's , I will increase the number of routers and maybe I can have 2 of them... I am getting more stuffs like the 7000 series ...I just have to test all the boards and market them..I don;t think it is a good idea to have them installed in a lab.. As far as Switch goes which is the best cost/benefit to have some of them.. Thanks, Alex John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, why not? You may want to upgrade to 16M flash and a version of 12.1 for the IOS. A very important thing to remember--which I learned the hard way last night--is that you may need to upgrade your boot roms to allow the router to accept more memory. In my case, I had 10.2(5) boot roms and they won't accept AMD 8M flash sticks. I need, at minimum, 10.2(7a). Apparently, Cisco will send you new boot roms for free as long as you pay shipping. Somewhere in the archives is the phone number to call for this. You may also want to get a token ring MAU and two routers with token ring interfaces. You'll need these more for CCIE studies. HTH, John Alexandre Carvalho 10/23/01 8:39:00 AM So Can I use them or not?? EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) Your grandma is only 9 years old? ;-) of course, the 'Crescendo' 1200 was 2 generations of switch ago... I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. You might want one more router with 4 or more serial interfaces so you can simulate a frame relay network. A 2521, 2523, or Cisco 4000 with an NP-4T, and you could conceivably get one of either for $500. A little more flash wouldn't hurt you either - 8 8M flash simms would be great (crack the cases to see if the routers have an open flash SIMM slot because your 8M flash could be made up of 2 4M flash SIMMs) I also would like to setup a lab where people could telnet in .. If you set up one terminal server that is accessible via the Internet and connect the async interfaces to the console ports of the other routers, you'll have that handled. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23941t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to use end-to-end keepalive feature? [7:23832]
If your FR cross several hops, that's in control of service provider and may be you never know, you will need this to know what really the state of PVC. Some backup strategies like backup interface, are based on the state of interface to determine path selection. Routing may have their mechanism like hello or rupdate timer, but layer 2 state will help router to determine problem more quickly in some case. May be you will not need that in lab environment because your local interface always reflect actual state of PVC. CCIE Study Professional Checklist http://www.geocities.com/berdde/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of john zou Sent: Tuesday, October 23, 2001 9:35 AM To: [EMAIL PROTECTED] Subject: how to use end-to-end keepalive feature? [7:23832] Hi, Refer to the link: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_ c/wcdfrely.htm#xtocid2218540 Frame Relay end-to-end keepalives enable monitoring of PVC status for network monitoring or backup applications and are configurable on a per-PVC basis with configurable timers But I cann't understand how to use this feature for backup. Could any one tell me? -- ShanJun Zou Wafer Systems(China) Limited Tel:020-87520011 FAx:020-87520021 Mobil:13822152240 E-mail: [EMAIL PROTECTED] Web: www.wafersystems.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23903t=23832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help in setting up a lab!! [7:23836]
Nope , It wasn't me But I intend to sell some of them on ebay... Kevin Campbell wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... didn't you just ask me this on ebay -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Alexandre Carvalho Sent: Monday, October 22, 2001 10:10 PM To: [EMAIL PROTECTED] Subject: Help in setting up a lab!! [7:23836] Dear Router/switches gurus!! Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. I also would like to setup a lab where people could telnet in .. Any comments would be welcome!! Thanks , Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23899t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help in setting up a lab!! [7:23836]
Go to ebay and search the closed items... That should give you a good idea... --- Dennis -Original Message- From: Alexandre Carvalho [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 7:41 AM To: [EMAIL PROTECTED] Subject: Re: Help in setting up a lab!! [7:23836] How much do you think I can get in each router?? What about the catalysts 1200?? Dennis Laganiere wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My advice Sell all but the 2501 and one of the 2511's and use that to outfit a useful lab. You can easily buy two routers for each 2511 you get rid of... --- Dennis -Original Message- From: Alexandre Carvalho [mailto:[EMAIL PROTECTED]] Sent: Monday, October 22, 2001 7:10 PM To: [EMAIL PROTECTED] Subject: Help in setting up a lab!! [7:23836] Dear Router/switches gurus!! Here goes a simple question that will help me out a lot from now one.. I just bought the following equipments from a company that ran out of business: 4 2511 3 AS2511RJ 1 2501 3 catalyst 1200 (older than my grandma!!!) I heard that the IOS of the 1200 is similar to the 5000 , that is much more expensive!! All of them are running 11.x and has 8MB flash I have got most of those cables like the octal (2 of them) and I have to get some back to back cables. I am working towards my CCNP and future CCIE and I would like to know what else should I buy to make my lab or labs up and running. And how much would that cost to me??. I also would like to setup a lab where people could telnet in .. Any comments would be welcome!! Thanks , Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23907t=23836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
