Confused about BGP NEXT_HOP attribute [7:24406]

[[EMAIL PROTECTED]]

Hi,

I'm a little confused about what contains and do the NEXT_HOP attribut.
I thought it holds the address of the next border router. But I read in the
boson test the following:
The NEXT_HOP is set to the ip address of the _sending router_ ???

What happens ?? Any help

Thanks

Udo

Udo Konstantin / koud , GS KA
NEEF-Elektrotechnik GmbH
Systemhaus f|r Gebdude- und Kommunikationstechnik
Windeckstrasse 8  76135 Karlsruhe
Tel: +49 721/8606-215  Mobil: +49 172/7271578   *215
Fax: +49 721/8606-264
E-Mail/Internet: [EMAIL PROTECTED]
Website: http://www.neef.de/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24406&t=24406
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

350AP:How to vary cell size??? [7:24408]

[IT Guy]

Hi guys,

Need your help!
As per my knowledge,350 AP provides cell range of 39.6 m at 11 mbps..
But what If  I want to decrease the cell size and limit this range to 15 or 
20 m??
Can we get this done by decreasing power??IF yes how??
Is there any criteria what range we can  get at certain power levels.

Thanks for help.



_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24408&t=24408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 350AP:How to vary cell size??? [7:24408]

[JG]

I am by no means a wireless, or 820.11, or an Aironet expert, but I will
take a stab at this one just the same.
You can adjust the size of your cells by various means.

 The easiest would be to adjust the 'Transmit Power' (the mW setting on the
APs) to one of the lower values that are available from the AP under the
radio port hardware settings.

 Another way is to set your AP and clients on 1MB ONLY, or 2MB ONLY etc
effectively minimizing your cells to that range.

 Ultimately, one could (and should) re-consider the antennae choice that was
made, to select a new antenna that fits the requirements better. Both Gain
and Direction paterns of the antenna should be considered.

This last, expenscive solution, shouldn't be considered unless you are
'showering' RF all around your neighbors and they are complaining, but if
all your RF is in your premises, the first two solutions, can and will
suffuce.

 Hope I was of assistance, good luck.
--


 Rgrds'
 JG

---==  Success, is where preparation, meets opportunity  ==---


""IT Guy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi guys,
>
> Need your help!
> As per my knowledge,350 AP provides cell range of 39.6 m at 11 mbps..
> But what If  I want to decrease the cell size and limit this range to 15
or
> 20 m??
> Can we get this done by decreasing power??IF yes how??
> Is there any criteria what range we can  get at certain power levels.
>
> Thanks for help.
>
>
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24409&t=24408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 350AP:How to vary cell size??? [7:24408]

[Jason]

What is your objective here ?

""IT Guy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi guys,
>
> Need your help!
> As per my knowledge,350 AP provides cell range of 39.6 m at 11 mbps..
> But what If  I want to decrease the cell size and limit this range to 15
or
> 20 m??
> Can we get this done by decreasing power??IF yes how??
> Is there any criteria what range we can  get at certain power levels.
>
> Thanks for help.
>
>
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24410&t=24408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: is it really bad market for ccie ? [7:24297]

[RB Jón Eggert Guðmundsson]

I personally think that the downturn is an opportunity to study. Contractors
are going to face longer delays between projects and those of us that have a
steady job will face a cut in overtime. That means that you have more time
to study. It is good to use this extra time that you get to broaden your
knowledge beyond CCIE like taking MBA or go into more academic studies like
the BSc or the MSc or even PhD. Then you are more repaired for the next
upturn when it happens.
Regards
Jon Gudmundsson


-Original Message-
From: nrf [mailto:[EMAIL PROTECTED]] 
Sent: 27. oktsber 2001 10:44
To: [EMAIL PROTECTED]
Subject: Re: is it really bad market for ccie ? [7:24297]

I don't like discouraging anybody or making anybody feel bad.  But on the
other hand, I would be doing everybody here a disservice if I didn't report
honestly on what's really going on.  I believe it is better for everybody to
find out what the state of the program is now than to discover things the
hard way later.






""Muralidhar A.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> This no Good for the spirits of those who r preparing for CCIE Like me
:-(((
>
> Well trust What ever happens Happens for Good.
>
> Murali
>
> -Original Message-
> From: nrf [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, October 27, 2001 5:25 AM
> To: [EMAIL PROTECTED]
> Subject: Re: is it really bad market for ccie ? [7:24297]
>
>
> Here's my thoughts
>
> * Yes, I know several CCIE's who are having trouble finding work.  And
yes,
> I know one guy who has 2 CCIE's (R/S and ISPDial) who is having trouble
> finding work.  For those of you who think it might be due to lack of
> experience, the guys I am talking about have at least 5 years of
experience,
> and the dual-guy has more than 10, including more than 5 at Cisco as an
SE.
>
> * My understanding is that the one-day lab is significantly harder than
the
> older 2-day lab.  But of course, this might be compensated for by the fact
> that the wait list will be shorter (eventually).
>
> * I don't know that Cisco has too many CCIE tracks.  Right now there are 3
> active tracks.  This is like the old days of the program, when they also
> used to have 3 (R/S, ISP-Dial, WAN) [Note, Ok, in the really old days, I
> know there used to be only the R/S].  But I remember at one point last
year
> or so, there were actually 5 active tracks (R/S, ISP-Dial, WAN, Design,
> SNA/IP).   Now that really was too many tracks.
>
> * You're right, why bother (esp. with the R/S)?  Sorry guys,  I know this
> sounds harsh, and I know that I'm going to get flamed for this, but if I
had
> to do it all over again, I don't know that I would try to get the R/S.
>
> Now by that, let me be clear.  There is nothing wrong with learning the
R/S
> material.  That is always good.  Everybody should learn the material that
> the R/S guy knows.But as far as doing actual test prep - getting my
> typing and configuration speed up so that I can set up BGP and OSPF in 10
> minutes, actually paying for the test and travelling to the test site, I
> don't know that I would put myself through that again unless it was worth
> it.  Let's face it.  This isn't 1998-1999 anymore.  Who knows when, or
even
> if, things will  get better?  Particularly when there is probably a much
> more valuable cert program out there.  Which is why I am moving on to ...
>
> * Juniper.  I don't think the same market forces hold for Juniper, at
least
> not to the same degree.  The Juniper market is much less saturated than
the
> Cisco market.  Consider this - there are about 6650 CCIE's out there, of
> which probably about 6400 are R/S'ers.  Right now there are 20 JNCIE's.
So
> despite the fact that the demand for Juniper skills is smaller, I have a
> very difficult time believing it is 320 times smaller.You can check
out
> my old post (7:3485, posted 10/1/01, on Re:Is the CCIE really worth it),
> where I discuss this subject at length.
>
>
> ""Chuck Larrieu""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > for those who've never seen one in their adult working lives, yeah,
> > this
> is
> > a serious downturn, and yeah, the economy is bad right now. Don't
> > worry - skilled people can always find work. there are going to be a
> > lot of structural changes over the next few years. Keep your skills
> > up. Keep a
> good
> > attitude. Keep reading, and practicing and thinking.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, October 26, 2001 3:30 PM
> > To: [EMAIL PROTECTED]
> > Subject: is it really bad market for ccie ? [7:24297]
> >
> >
> > some one (lots of them ) said it's really hard to find job in
> > networking even for ccie or dual ccie ,is it really true people ? the
> > 1 day lab is really getting harder (much harder than the 2 day) and
> > cisco has to many ccie track now ,why bother getting ccie security or
> > com when one can not get a job, ccie of ...hope maybe  

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[nrf]

Thank you.Now that is an intelligent response that actually engages me
on the actual issues.  I must commend you  for sticking to the subject
rather than engaging in personal attacks, as a lot of  people apparently
feel the need to do (what's up with that attitude anyway?  It's almost like
some people think I'm somehow insulting their religion, and since when did
Cisco become a religion?).

Some points for you to consider

* Yes you are correct to say that that there is no such thing as "basic
Juniper or beginning Juniper".  Such a thing is indeed an oxymoron due to
the nature of Juniper's targeted market.  So let me revise me argument
slightly and say that my argument only applies to intermediate and
expert-level skills.  For networking newbies, the CCNA, I concede is the
only reasonable game in town.   But for intermediate level people, I believe
that now you can start comparing Juniper and, say the CCNP,  to a reasonable
degree.  It is my gut feeling that the ratio is indeed somwhere around 330:1
for CCNP's to "JNCNP's" (if such a thing existed).  Now it is true that I do
not have any hard numbers to back that up (and nobody has any hard numbers
that disprove it), but I appeal to the fact that the CCNP is fairly
well-known, and has already attained  semi-paper-cert status, in the sense
that CCNP braindumps are out there and pretty easy to find.  This therefore
means there is a great deal of extra competition for the "real" CCNP's' (the
ones who can back up their cert with actual experience).   Whereas it is
much more difficult to fake your way around the Juniper world, such that
anybody who has even 1 year of Juniper experience does in fact know a fairly
good amount, under the notion that if he was true dummy, he would never be
allowed the chance to touch any Juniper stuff in the first place.   It is
the extra competition, in the Cisco world, of paper-certs and people who are
only lab rats and no practical experience, that is what really screws things
up for the Cisco people.  Juniper doesn't suffer from this problem (at
least, not yet).

* Competition.Anybody who reads my arguments carefully will see that my
entire thesis rests on the notion of competition - the fact that there is
substantially more competition for every Cisco job opening than there is for
a Juniper job.  For example, I appeal to the cashier vs. lawyer argument.
Clearly there is more demand for cashiers than lawyers, because how many
times do you buy something vs. how many times do you sue somebody?  But does
it then follow that cashiers are paid better than lawyers?  Of course not,
because the fact there is a vastly larger pool of labor supply for cashiers
than lawyers.  You can pretty much take anybody off the street and teach him
how to ring people up on a cash register.  But you can't just take anybody
off the street and get him to pass the Bar exam.  So it's a case of
constrained demand, but even more constrained supply.   Of, if you prefer a
more mathematical approach, is it really that desirable for there to be 100X
the job openings, if there are also 10,000X the people competing with you
for those openings?

So, for people who don't believe me and want to shut me up forever, I will
outline the roadmap for you to completely defeat my argument.  Just prove to
me that it is indeed untrue that there is more competition for a given Cisco
opening than a given Juniper opening.  Do it, and you win.

* The revenue model.I believe the revenue model is the best one to use,
because I believe that networks can be best summarized by dollars.  This is
because I believe that business bean counters  aren't usually stupid.  Ok,
sometimes, they are, but generally they are not.   If a network costs, say
$10 million to built, I don't think it is unreasonable to say that it is
roughly 10 times more complex than, say, a $1 million network to build, and
therefore requires 10 time the expertise.

Now of course, you might say that the $10 million network might just consist
of a few very very expensive routers, and the $1 million network might be a
whole bunch of Cisco 800's.  But this is where the notion of bean counters
having a brain comes in - I believe that if they approved $10 million for a
network, then that network must be doing something complex and important (if
not, why did you spend so much money?), whereas the $1 million network must
not be as important (otherwise, they would spend more money on it).And
any network that is important enough to be worth $10 million on must have
all kinds of optimizations and redundancy and all that good stuff (again, if
this were not necessary, then exactly why did you spend all that money on
the network in the first place)?  Therefore, that expensive network will
most likely have all kinds of fancy routing protocols and dial backup, and
QoS, and that kind of thing on it.   This therefore means that you require
more expertise to set up all these things, Even if there aren't that many
physi

RE: OT- maybe... [7:24121]

[Kevin Campbell]

NetCool works great and Heroix's robomon is also very good.  We use both of
these to monitor customer equipment.  These go far more in detail than
What's up Gold.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, October 25, 2001 1:03 PM
To: [EMAIL PROTECTED]
Subject: OT- maybe... [7:24121]


Hi All,

Besides Cisco Works, anyone know of any good Cisco monitoring apps?
I am looking to monitor my routers, VPN and switches.


Thanks,


Rich




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24407&t=24121
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[nrf]

Look, if somebody asks the question, I will provide the answer.  Check back
on my history, if you feel - you will see that I never start talking about
this subject unless somebody asks for information.  Somebody starts
something that is already OT, then I will take the argument to its logical
conclusion.

Yet I don't see anybody getting on the case of the person who originally
started the thread.  If everybody here does not like me going off on
Juniper, then why not set a new rule for the mailing list - nobody here is
allowed to ask questions about Juniper? .  Then I'll follow a policy of
Don't Ask, Don't Tell.  That's cool with me.

But the fact that if somebody's asking means that somebody wants to know.
That's the way I see it.






""[EMAIL PROTECTED] (John Nemeth)""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Mar 19,  5:22am, "nrf" wrote:
> }
> } [snip argument we've heard umpteen times]
>
>  I won't argue with the basic premise of your argument, since it is
> sound as far as it goes.  However you are looking at just the picture
> at this moment, i.e. a static image.  That isn't very interesting, it
> is much more interesting to consider what is going to happen over the
> long term, i.e. it is time to move onto Econ 201 and do some trend
> analysis.  I won't claim to be able to predict the future, so these are
> just my opinions based on what I have seen.
>
>  Juniper only plays in a niche market, so there is limited demand
> for their products.  Cisco plays in a broad market, so there is much
> greater demand for their products.  Further more, Cisco is starting to
> make products that compete head to head with Juniper's products and are
> starting to eat into Juniper's market.  Unless Juniper makes some big
> changes, they could be in trouble.  I don't know what will happen in
> the long run, but I do know that it won't happen today.
>
>  The economy will get better.  People will start building up
> networks that have stalled (heck, I've just been given the opportunity
> to build a small "enterprise" network from scratch).  When that
> happens, people will be buying lots of Cisco products as well as some
> Juniper products.  However, Juniper will still be a niche product with
> a very small market, which means that the Cisco market will grow much
> more rapidly.  Therefore, I feel that in the long run, Cisco is a much
> safer bet.  Sure, JNCIEs may make more, but unless Juniper makes some
> serious changes, there will always be very limited demand for them.
> Once the market is saturated, that's it.  It doesn't matter how much
> JNCIEs make, if there are no jobs available.
>
>  I think the bottom line is this.  Everybody has heard the
> arguments, especially many repeats of yours.  Everybody will make up
> their own mind based on the information they have.  This is a Cisco
> study list, not a Juniper advocacy list, which means that your
> continued evangelising of Juniper is grossly off topic and isn't
> particularly welcome, so GET LOST!!!
>
> }-- End of excerpt from "nrf"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24376&t=24336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[Jason]

Yes, it is not that the reruns isn't nice shows, it's the fact that they are
rerun that sorts of irritates the hell out of people...

""[EMAIL PROTECTED] (John Nemeth)""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On Mar 19,  5:22am, "nrf" wrote:
> }
> } [snip argument we've heard umpteen times]
>
>
>  I think the bottom line is this.  Everybody has heard the
> arguments, especially many repeats of yours.  Everybody will make up
> their own mind based on the information they have.  This is a Cisco
> study list, not a Juniper advocacy list, which means that your
> continued evangelising of Juniper is grossly off topic and isn't
> particularly welcome, so GET LOST!!!
>
> }-- End of excerpt from "nrf"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24378&t=24336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Connect ADSL via BGP [7:24412]

[小貴子]

Hello , Guys...

I met a problem in my new case
The HQ is using Cisco 3640 connected two ATM E1
and there is seven branch office connected with two  ADSL (One is primary
use , one is backup use)
Now , the situation is ,  how can I config the router with running BGP...
In the condition of is I don't need to do anything when the primary circuit
is down , all of the traffic will
automatic transfer to the backup circuit.

Is there anyone has this experenice can share with me ?
or anyone knows how to config the HQ router and branch router ?

Best Regards .

Please reply to my mail... [EMAIL PROTECTED]



   ~/e|\|a6Z|0Cz\  }J&~\
&xie
wk|pGuxr




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24412&t=24412
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Jeff Doyle Vol I or II? [7:24269]

[Ozzie sutcliffe]

Ok  

I ask which books you use to cover these topics

Oz
Priscilla Oppenheimer said..
Volume II covers BGP, multicast, and IPv6. I didn't buy it because I have
other books on those topics.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24413&t=24269
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Finished CCNP - Let me know if you'd like advi [7:24370]

[Brian Wilkins]

I've heard several people complain about the BCMSN being difficult, but I
didnt' really find it to be that bad.  I read the Cisco BCMSN book (which I
don't highly recommend) and the exam cram (which did help a lot).  I also
used the Boson practice tests for that one.

If you're saving CIT for last, I think you'll find it pretty easy.  I took
the class for it and was kinda bored because everything had been covered in
other tests / classes.  Most of what I've read on these posts has held true,
especially about the command-line stuff, where they basically GIVE you the
answer in the list and even make it pretty obvious.

Anyway, best of luck.

Brian


Brad Nixon wrote:
> 
> Congratulations. If what you say is true, I'm in pretty good
> shape. I have
> already passed the BCRAN and BCSN. I am taking BCMSN on
> Thursday. I saved
> CIT for last since I figured it would easy to pass after I have
> studied all
> the other topics to death.
> Brad
> ""Brian Wilkins""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I finished up my CCNP today, passing the BCRAN (last test). 
> I started
> with
> > switching, then routing, then support (after I did the CCNA,
> of course).
> >
> > In terms of difficulty, here are my personal ratings from
> easiest to most
> > difficult:  CIT (support), BCMSN (switching), BCSN (routing),
> BCRAN
> (Remote
> > Access).  Although routing and remote access are probably
> interchangeable
> on
> > the list, because there were some questions on BCRAN that
> simply were not
> > fair.  There were a few questions that asked for a single
> answer, but more
> > than one of the choices would have been absolutely correct
> with the
> > information presented.  There were also some questions that
> required more
> > than one answer, but only one was actually correct.  I had
> difficulty with
> > the routing one, simply because of so much BGP, which I don't
> work with
> all
> > that much.
> >
> > Anyway, if anyone has specific questions, please email me and
> I'll try to
> > assist you if I can.
> >
> > Best of luck to all.
> >
> > P.S.  Thanks to all of you who contribute to this site.  I
> have found it
> to
> > be a valuable resource in preparing for the certification.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24414&t=24370
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confused about BGP NEXT_HOP attribute [7:24406]

[John Neiberger]

The answer depends on the scenario.  There are two possible situations here
and they treat the next hop attribute differently.

When sending updates to an eBGP peer, a router will set itself as the next
hop.  When sending updates to an iBGP peer, the router does not alter the
next hop attribute.  This is where the neighbor keyword "next-hop-self"
comes in handy.  It forces the iBGP peer to set itself as the next hop when
sending to other iBGP peers.

HTH,
John

On Sun, 28 Oct 2001 02:20:39 -0500, [EMAIL PROTECTED] wrote:

|  Hi,
|  
|  I'm a little confused about what contains and do the NEXT_HOP attribut.
|  I thought it holds the address of the next border router. But I read in
the
|  boson test the following:
|  The NEXT_HOP is set to the ip address of the _sending router_ ???
|  
|  What happens ?? Any help
|  
|  Thanks
|  
|  Udo
|  
|  Udo Konstantin / koud , GS KA
|  NEEF-Elektrotechnik GmbH
|  Systemhaus f|r Gebdude- und Kommunikationstechnik
|  Windeckstrasse 8  76135 Karlsruhe
|  Tel: +49 721/8606-215  Mobil: +49 172/7271578   *215
|  Fax: +49 721/8606-264
|  E-Mail/Internet: [EMAIL PROTECTED]
|  Website: http://www.neef.de/
|  
|  
|  
|  
___
http://inbox.excite.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24415&t=24406
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problems with CiscoWorks 2000 [7:24391]

[Jeff Duchin]

The easiest way to do this is have Campus discover everything (which uses
cdp) and then import it in to RME. Of course everything in ANI Server setup
needs to be correct. Have you gone into RME and checked the device
attributes? This will show you any errors between RME and the device in
question.

It will only show the IP in Campus unless you have DNS enabled.

Jeff

""Simon Watson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Guys
>
> I've installed Ciscoworks 2000, at a clients site with 2 Cat 6509's & 12
Cat
> 3548's. In resource Manager I'm setting up syslog to report messages from
> the switches to CW2000, when I check the syslog reports on where I should
> expect to see the IP address of the switch that sent the message, I see
> "ThisAddressDoesNotExist" I have checked to see if all was set up on the
> switch ok which it was, I have also disabled reverse DNS.
>
> Can anyone tell me why I cannot see the IP address of the switch(by the
way
> the switches in question have been set up to be managed by resource
manager.
>
> Also on Campus manager in the topology map I want to see the names of the
> routers rather than the IP address how do  manage that ?
>
>
>
> Thanks
>
> Simon
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24416&t=24391
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Problems with CiscoWorks 2000 [7:24391]

[Brian Wilkins]

Here's just a couple of thoughts that might help, although I'm certainly no
CiscoWorks guru.

1.  Make sure you have the latest / greatest version of CisoWorks.  I know
that should be obvious, but I can tell you from personal experience that
they are changing it A LOT!!

2. Grab a freebie syslog server off the Internet (I use one from Kiwi which
works great), have your devices send the syslogs to it, and see what the
messages look like there.  That might give you an indication on whether it's
CiscoWorks or the devices that's the culprit.  For Kiwi's free syslog
server, go to www.kiwi-enterprises.com.

3.  Switch to OpenView.  :-)

Best of luck,

Brian Wilkins
CNE / MCSE / CCNP


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24417&t=24391
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to config the catalyst 1200 and crack its pwd! [7:24394]

[Ozzie Sutcliffe]

Another question: How do I crack the pwd?? 
http://www.cisco.com/warp/public/474/pswdrec_6000.html stolen from there

here is another way
Software and Password Recovery By Shorting Pins on the Catalyst 1200
Use this procedure if the software and password recovery procedure fails and
your Catalyst 1200 does not reboot running software. This procedure is
similar to accessing ROM Monitor (ROMMON) mode on a router. Essentially,
this procedure provides you with enough switch functionality to re-download
the software to the switch.

Remove the cover of the switch. 

Locate pins JP17 and short them. The pins can be found to the right of all
the LEDs and to the left of the RESET button.

After the pins are shorted, reboot the switch. The switch will come back
with the boot prompt.

Once you are at the boot prompt, you can define an IP address using the
ifconfig command and download NMP and DMP software.

If these steps do not work, you probably need new hardware. 

Oz


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24418&t=24394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BCRAN [7:24299]

[Brian Wilkins]

I used the exam cram book and Boson practice tests and ended up with an 875
on it.

If you would like more specific info on it, email me and I'll be glad to
answer any specific questions.

Brian


pat wrote:
> 
> hello everyone,
> 
>   I took ACRC & CLSC about Yr & half back. But
> discontinued CCNP exams after that.
> Again motivated to complete CCNP. 
> 
>   I am taking BCRAN exam in next 1 week. Any
> suggestion before taking exam ?   
> What is good book ?
> 
> Thanks a lot
> 
> pat
> 
> __
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24419&t=24299
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN [7:24231]

[Brian Wilkins]

I've used a few variations of VPN products and here are some thoughts that
might help.

1.  Use something that supports "industry-standard" specs such as IPSEC,
ISAKMP, etc.  In the past I have primarily used Shiva (now Intel) which is
REALLY easy to deploy and manage, but is also very proprietary.  Now we are
switching VPN solutions, and will be forced to redistribute client software
(bummer).  I believe Intel's new solution is headed more in the direction of
industry standard specs, but may not quite be there yet.

2.  Consider how your internal Internet connectivity is configured.  If you
are using NAT for your internal users to get to the Internet, and are going
to try to run VPN through a NAT'd address, you have a problem.  Industry
standard VPN (IPSEC) uses TCP, and does not play well with NAT (because of
the port # switching, etc).  There is currently a big discussion underway
about how to get around this problem, which they claim will be resolved
soon.  If your VPN solution uses UDP, such as Shiva does (or did until Intel
dropped the product recently), you can get away with NAT because you are
using UDP.  There was a good article in last month's edition of "Information
Security Magazine" that explained it much better than I could hope to.

Anyway, hope that helps.  Since my company is also looking into replacing
our VPN solution, I'd be glad to work together with you and compare notes as
we go along through the process.  So drop me an email if you are interested.

Best Of Luck,

Brian Wilkins
CNE / MCSE / CCNP




khramov wrote:
> 
> Does anyone have any recomendations on VPN producs?  Links to
> articles
> and personal experience woudl be great.
> As far as know Cisco VPN concentrators, Check Point, and Nokia
> rules the
> market.   What is your opinion on that.
> 
> Thanks,
> Alex
> 
> [GroupStudy.com removed an attachment of type text/x-vcard
> which had a name of khramov.vcf]
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24420&t=24231
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Passed BCRAN [7:24213]

[Brian Wilkins]

I must respectfully disagree on the BCRAN being so easy for one simple
reason: there were some questions that were simply unfair.  Let me preface
it by saying that I passed it a few days ago with an 875.

Now, here's my beef with the test.  There were some questions that asked for
one answer, where given the information, more than one answer was correct. 
One of those that specifically comes to mind had to do with setting up a
frame-relay connection and it wanted a single answer.  It did not tell you
what version of the IOS was running, but two, out of a list of 5 or 6
possibilities were "assign it statically using the frame map command" which
seems right to me, and "assign it dynamically using inverse ARP", which is
also correct if you are running IOS 11.3 or later.  I, of course entered my
comments on it.

There were other questions that had only one correct answer, but asked for
two choices.  One of those that I recall had to do with PPP Multilink, and
which technologies could use it.  The possibilities were Ethernet, Token
Ring, ISDN, and some other LAN technology.  Unless I've missed something,
PPP multilink would only work, in that scenario using ISDN.  But I had to
pick 2!!

The "fill in the blank" questions, like you stated, were REALLY easy,
especially when they even go so far as to put things in the possible options
as the exact number of the dialer list that's contained within the question,
etc.  Kinda dumb, but I guess that's their way of making up for the
impossible to answer questions like those I mentioned above.

For what it's worth.

Brian




Andy Hoang wrote:
> 
> That's funny.  The same thing happened to me on the BCRAN
> exam.  Good luck
> with your routing exam.
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of
> J. Li
> Sent: Thursday, October 25, 2001 9:49 PM
> To: [EMAIL PROTECTED]
> Subject: Passed BCRAN [7:24213]
> 
> 
> Passed Remote Access on Monday (909/1000, 703 to
> pass).  This is the most straightforward exam I have
> seen so far (switch, support and RAS). For example,
> when they ask you to choose a X25 or ISDN command from
> the list, sometimes the list has only one command
> starting with "x25" or "ISDN".  You can't miss it.
> 
> While taking the test, the NT server crashed TWICE and
> I had to complete the Cisco survey three times.
> Fortunately, the test was easy and I didn't panick.
> 
> I want to thank everyone on this list for direct /
> indirect help.  Now on to my last exam: routing!
> 
> 
> =
> J. Li
> Ground Floor Opportunity for 2nd Income:
> http://www.globaldebitcard.net/myglobecard/home/freewebsite.html
> 
> __
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24421&t=24213
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN [7:24231]

[Tim O'Brien]

Have you looked at the Cisco 3000 series VPN concentrators? They are
awesome! Very easy to setup and configure. Have an excellent client that
currently supports Win95/98/ME/NT/2000/Linux and there is Mac support in
beta now. It also has a hardware client (the 3002) if you need remote
offices or home users with several machines. It will sit behind a Cable
Modem or DSL and grab an IP and hand out DHCP (up to 254 addresses) inside.
The 3000 series is also fully capable of creating site-to-site VPN
connections with PIX and IOS routers as well as other 3000 series
concentrators. They have 4 different models (I think) and the low end is
very inexpensive. The top end scales to 10K concurrent connections and also
fully supports VRRP for redundancy. If you want any more information just
let me know! We have been using one for about 6 or 8 months and it has been
perfect. The 3000 series also fully supports NAT, as it opens the packet up
and looks at the actual IP address. Works great.

Tim

- Original Message -
From: "Brian Wilkins" 
To: 
Sent: Sunday, October 28, 2001 11:51 AM
Subject: RE: VPN [7:24231]


I've used a few variations of VPN products and here are some thoughts that
might help.

1.  Use something that supports "industry-standard" specs such as IPSEC,
ISAKMP, etc.  In the past I have primarily used Shiva (now Intel) which is
REALLY easy to deploy and manage, but is also very proprietary.  Now we are
switching VPN solutions, and will be forced to redistribute client software
(bummer).  I believe Intel's new solution is headed more in the direction of
industry standard specs, but may not quite be there yet.

2.  Consider how your internal Internet connectivity is configured.  If you
are using NAT for your internal users to get to the Internet, and are going
to try to run VPN through a NAT'd address, you have a problem.  Industry
standard VPN (IPSEC) uses TCP, and does not play well with NAT (because of
the port # switching, etc).  There is currently a big discussion underway
about how to get around this problem, which they claim will be resolved
soon.  If your VPN solution uses UDP, such as Shiva does (or did until Intel
dropped the product recently), you can get away with NAT because you are
using UDP.  There was a good article in last month's edition of "Information
Security Magazine" that explained it much better than I could hope to.

Anyway, hope that helps.  Since my company is also looking into replacing
our VPN solution, I'd be glad to work together with you and compare notes as
we go along through the process.  So drop me an email if you are interested.

Best Of Luck,

Brian Wilkins
CNE / MCSE / CCNP




khramov wrote:
>
> Does anyone have any recomendations on VPN producs?  Links to
> articles
> and personal experience woudl be great.
> As far as know Cisco VPN concentrators, Check Point, and Nokia
> rules the
> market.   What is your opinion on that.
>
> Thanks,
> Alex
>
> [GroupStudy.com removed an attachment of type text/x-vcard
> which had a name of khramov.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24422&t=24231
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

brain teaser Dhcp Relay question [7:24423]

[farhan ahmed]

hi group,

i have a question,

if we configure ip helper address on a remote network to pass the bootp to
the
central site , how the dhcp server will know from which scope to assign to
the
dhcp client via dhcp relay server , if we have multiple scope configured on
dhcp server

thnx for input

fa




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24423&t=24423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: brain teaser Dhcp Relay question [7:24423]

[Jonathan Hays]

farhan ahmed wrote:

> hi group,
>
> i have a question,
>
> if we configure ip helper address on a remote network to pass the bootp to
> the
> central site , how the dhcp server will know from which scope to assign to
> the
> dhcp client via dhcp relay server , if we have multiple scope configured on
> dhcp server
>
> thnx for input
>
> fa
The router fills in the GIADDR (Gateway Address) field in the DHCPDISCOVER
packet. The
DHCP server can tell which subnet by reading the GIADDR field.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24425&t=24423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Used Cisco equipment for sale [7:24428]

[Mike McCline]

List

Just completed my CCIE written exam and I need sale
two of my routers to finance my lab exam. The routers
are in good shape, bootup, all interfaces are
operationsal. Here is the description:

Cisco 2504 - 1 Token Ring, 1 ISDN, 2 Serial Ports,
16Mb dram, 8Mb flash, AC PS
Cisco 2502 - 1 Token Ring, 2 Serial Ports, 16Mb dram,
8Mb flash, AC PS
2 - Console Kits
3 - Serial Crossover Cables (DTE/DCE-Back to Back)

If you are interested or know someone that needs these
items please respond via email or call 623-533-2373
and ask for Mike.

Thanks Mike - serious offers only!



__
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24428&t=24428
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Used Cisco equipment for [7:24427]

[Mike McCline]

List

Just completed my CCIE written exam and I need sale
two of my routers to finance my lab exam. The routers
are in good shape, bootup, all interfaces are
operationsal. Here is the description:

Cisco 2504 - 1 Token Ring, 1 ISDN, 2 Serial Ports,
16Mb dram, 8Mb flash, AC PS
Cisco 2502 - 1 Token Ring, 2 Serial Ports, 16Mb dram,
8Mb flash, AC PS
2 - Console Kits
3 - Serial Crossover Cables (DTE/DCE-Back to Back)

If you are interested or know someone that needs these
items please respond via email or call 623-533-2373
and ask for Mike.

Thanks Mike - serious offers only!



__
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24427&t=24427
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

1720 reloads when using privilege exec command [7:24429]

[Tribavan Raina]

HI all

I am facing a problem which might be an IOS bug and I am not aware of that.I
am trying to implement different privilege levels on a 1720 router .
After  givin first command the router reboots with the following message

Router(config)#privilege exec level 2 show startup-config
Router(config)#

=== Flushing messages (00:00:44 UTC Mon Mar 1 1993) ===

Queued messages:
*** System received a SegV exception ***
signal= 0xb, code= 0x1200, context= 0x80b38e98
PC = 0x80194598, Vector = 0x1200, SP = 0x80bfd5b8

System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
C1700 platform with 32768 Kbytes of main memory

program load complete, entry point: 0x80008000, size: 0x3e8b4c
Self decompressing the image :
#








## [OK]

  Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

   cisco Systems, Inc.
   170 West Tasman Drive
   San Jose, California 95134-1706



Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-O3Y-M), Version 12.2(2)XH, EARLY DEPLOYMENT
RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Sun 24-Jun-01 17:25 by ealyon
Image text-base: 0x800080E0, data-base: 0x8079F510

cisco 1720 (MPC860T) processor (revision 0x601) with 24576K/8192K bytes of
memory.
Processor board ID JAD052904VE (882751140), with hardware revision 
MPC860T processor: part number 0, mask 32
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)



Press RETURN to get started!



Any clues.

Tribavan Raina
Network Consultant

TechTonics Group Limited
Level 31 Grand Plimmer Tower
2-6 Gilmer Terrace
PO Box 11 199
Wellington

Ph:   +64 4 385 2628
Fax: +64 4 385 2400

www.techtonics.co.nz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24429&t=24429
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT? Blown Console Port [7:24430]

[Symon Thurlow]

Hey all,

I have a 1603-R that has had ISDN plugged in to the console port(Not by
me!!!)

The console port now no longer works.

Does anyone have a url or tips on how repairable it is? I searched
google and can't find anything.

Cheers,

Symon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24430&t=24430
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 1720 reloads when using privilege exec command [7:24429]

[Brad Ellis]

"Version 12.2(2)XH, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)"

Try a different IOS version!
I usually stick with the (T) flavors unless you need a special feature that
isn't available with the (T).

thanks,
-Brad Ellis
CCIE#5796
Network Learning Inc
[EMAIL PROTECTED]
used Cisco gear:  www.optsys.net
CCIE Labs, racks, and classes:  www.ccbootcamp.com
""Tribavan Raina""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> HI all
>
> I am facing a problem which might be an IOS bug and I am not aware of
that.I
> am trying to implement different privilege levels on a 1720 router .
> After  givin first command the router reboots with the following message
>
> Router(config)#privilege exec level 2 show startup-config
> Router(config)#
>
> === Flushing messages (00:00:44 UTC Mon Mar 1 1993) ===
>
> Queued messages:
> *** System received a SegV exception ***
> signal= 0xb, code= 0x1200, context= 0x80b38e98
> PC = 0x80194598, Vector = 0x1200, SP = 0x80bfd5b8
>
> System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
> Copyright (c) 1999 by cisco Systems, Inc.
> C1700 platform with 32768 Kbytes of main memory
>
> program load complete, entry point: 0x80008000, size: 0x3e8b4c
> Self decompressing the image :
> #
>

> 
>

> 
>

> 
>

> 
> ## [OK]
>
>   Restricted Rights Legend
>
> Use, duplication, or disclosure by the Government is
> subject to restrictions as set forth in subparagraph
> (c) of the Commercial Computer Software - Restricted
> Rights clause at FAR sec. 52.227-19 and subparagraph
> (c) (1) (ii) of the Rights in Technical Data and Computer
> Software clause at DFARS sec. 252.227-7013.
>
>cisco Systems, Inc.
>170 West Tasman Drive
>San Jose, California 95134-1706
>
>
>
> Cisco Internetwork Operating System Software
> IOS (tm) C1700 Software (C1700-O3Y-M), Version 12.2(2)XH, EARLY DEPLOYMENT
> RELEASE SOFTWARE (fc1)
> TAC Support: http://www.cisco.com/tac
> Copyright (c) 1986-2001 by cisco Systems, Inc.
> Compiled Sun 24-Jun-01 17:25 by ealyon
> Image text-base: 0x800080E0, data-base: 0x8079F510
>
> cisco 1720 (MPC860T) processor (revision 0x601) with 24576K/8192K bytes of
> memory.
> Processor board ID JAD052904VE (882751140), with hardware revision 
> MPC860T processor: part number 0, mask 32
> Bridging software.
> X.25 software, Version 3.0.0.
> 1 Ethernet/IEEE 802.3 interface(s)
> 1 FastEthernet/IEEE 802.3 interface(s)
> 32K bytes of non-volatile configuration memory.
> 8192K bytes of processor board System flash (Read/Write)
>
>
>
> Press RETURN to get started!
>
>
>
> Any clues.
>
> Tribavan Raina
> Network Consultant
>
> TechTonics Group Limited
> Level 31 Grand Plimmer Tower
> 2-6 Gilmer Terrace
> PO Box 11 199
> Wellington
>
> Ph:   +64 4 385 2628
> Fax: +64 4 385 2400
>
> www.techtonics.co.nz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24431&t=24429
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT? Blown Console Port [7:24430]

[Brad Ellis]

SmartNet!  (unless it's still under warrantee)

That person probably fried a chip on the board.  If you were really good
with an oscilloscope and had the schematics, I'd say go for it!  If not,
SmartNet is the way to go!  Off the top of my head, I think it's a category
2 or 3.  It'll probably cost you around $150 to purchase smartnet for it.

thanks,
-Brad Ellis
CCIE#5796
Network Learning Inc
[EMAIL PROTECTED]
used Cisco gear:  www.optsys.net
CCIE Labs, racks, and classes:  www.ccbootcamp.com
""Symon Thurlow""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey all,
>
> I have a 1603-R that has had ISDN plugged in to the console port(Not by
> me!!!)
>
> The console port now no longer works.
>
> Does anyone have a url or tips on how repairable it is? I searched
> google and can't find anything.
>
> Cheers,
>
> Symon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24432&t=24430
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCDP [7:24433]

[[EMAIL PROTECTED]]

I'm studing for my CID test I would like suggestions of some good study
material.

James




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24433&t=24433
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Prefered free TACACS server [7:24434]

[Ken Diliberto]

I was thinking (which is sometimes very dangerous).  I'd like to play with a
TACACS server.  I've got a RADIUS server running here at home on NetWare but
would like TACACS.  Any suggestions on a free server?  I have Sun servers
available to run it on if needed.

Thanks.

Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24434&t=24434
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Upgrading IOS through Console Cable [7:24435]

[Ali RETy]

How can I upgrade IOS on 4000 Router through console connection.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24435&t=24435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Ipx routing [7:24091]

[Priscilla Oppenheimer]

And, of course, DECnet changes the MAC address of an Ethernet or Token Ring 
interface. In fact, one must enable DECnet before IPX or weird things 
happen to IPX. (It stops working, if I recall.)

Priscilla

At 12:38 AM 10/27/01, Chuck Larrieu wrote:
>well, when in doubt, check.
>
>I was going to say that ethernet and token ring ports all have fixed macs
>these days, but before making a fool of myself I thought I'd check.
>
>under the interface configuration mode, one can use the "mac-address"
>command to enter whatever mac you want.
>
>e.g. mac-address EE55EE ( enter )
>
>show ipx interface will reveal the new manually assigned macs.
>
>my grandfather used to tell me stories about stuff like this. ;->
>
>I'm gonna have to remember this the next time I visit the Lab. It always
>bothered me that I was prepared for the general ipx network x.x.x command,
>but that would still leave me if problems if I wanted to IPX ping an
>ethernet interface. one more trick to stuff into the bag.
>
>
>
>Chuck
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Priscilla Oppenheimer
>Sent: Thursday, October 25, 2001 10:16 AM
>To: [EMAIL PROTECTED]
>Subject: Re: Ipx routing [7:24091]
>
>
>At 08:22 AM 10/25/01, Richard Botham wrote:
> >All,
> >I'm trying to make sure that when I run IPX routing I can identify the
> >router by using the ipx routing 2.2.2 where the router is router 2.
> >I cannot get this to work correctly as it always picks the ethernet mac
> >address instead of 2.2.2
>
>Yes, that's true. The documentation makes it sound like the new 2.2.2
>address will be used for all packets sourced by the router, but this isn't
>so.
>
>What the documentation should say (and maybe it does, but maybe not too
>clearly) is that serial ports don't have a MAC address. By default they
>will source IPX packets using a Node ID that is from the first LAN
>interface. If you don't like that, then you can tell the router to use
>something else (by adding the parameter to ipx routing). I don't have a WAN
>sniffer, but I can verify that what you are seeing on Ethernet happens on
>my routers also. I think it's a feature not a bug. ;-)
>
>Albany#config t
>Enter configuration commands, one per line.  End with CNTL/Z.
>Albany(config)#ipx routing 2.2.2
>Albany(config)#
>Albany#
>Albany#
>Albany#s run
>!
>hostname Albany
>!
>ipx routing 0002.0002.0002
>!
>interface Ethernet0
>   ip address 10.10.0.1 255.255.255.0
>   ipx network 100
>   no mop enabled
>!
>interface Ethernet1
>   ip address 172.16.50.1 255.255.255.0
>   ipx network 200
>!
>etc
>!
>end
>
>Albany#
>
>
>But here's the IPX RIP on Ethernet 0 from the router. It still uses its
>network number and MAC address, not 2.2.2.
>
>802.3 Header
>Destination:  FF:FF:FF:FF:FF:FF  Ethernet Broadcast
>Source:   00:00:0C:05:3E:80
>Length:   48
>IPX - NetWare Protocol
>Checksum: 0x
>Length:   48
>Transport Control:
>Reserved: %
>Hop Count:%
>Packet Type:  1  RIP
>Destination Network:  0x0100
>Destination Node: FF:FF:FF:FF:FF:FF  Ethernet Broadcast
>Destination Socket:   0x0453  Routing Information Protocol
>Source Network:   0x0100
>Source Node:  00:00:0C:05:3E:80
>Source Socket:0x0453  Routing Information Protocol
>RIP - Routing Information Protocol
>Operation:2  Response
>Network Number Set # 1
>Network Number:   0x0200
>Number of Hops:   1
>Number of Ticks:  1
>Network Number Set # 2
>Network Number:   0x0300
>Number of Hops:   1
>Number of Ticks:  1
>FCS - Frame Check Sequence
>FCS (Calculated): 0x82378EB7
>
>
>Priscilla
>
>
> >Many thanks
> >Richard
>
>
>Priscilla Oppenheimer
>http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24436&t=24091
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Jeff Doyle Vol I or II? [7:24269]

[Priscilla Oppenheimer]

For BGP, the winner is Halabi. For multicast, the winner is Beau 
Williamson. For IPv6, I just discovered a great book by an author who I 
have admired for over ten years, which is Implementing IPv6 by Mark Miller.

At 09:42 AM 10/28/01, Ozzie sutcliffe wrote:
>Ok
>
>I ask which books you use to cover these topics
>
>Oz
>Priscilla Oppenheimer said..
>Volume II covers BGP, multicast, and IPv6. I didn't buy it because I have
>other books on those topics.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24437&t=24269
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: brain teaser Dhcp Relay question [7:24423]

[Priscilla Oppenheimer]

The router puts its address in the DHCP header in the gipaddr field. The 
router uses the address for the interface on which the DHCP request came in 
on. The requesting node must be in the same subnet as that interface.

Priscilla

At 01:59 PM 10/28/01, farhan ahmed wrote:
>hi group,
>
>i have a question,
>
>if we configure ip helper address on a remote network to pass the bootp to
>the
>central site , how the dhcp server will know from which scope to assign to
>the
>dhcp client via dhcp relay server , if we have multiple scope configured on
>dhcp server
>
>thnx for input
>
>fa


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24438&t=24423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Prefered free TACACS server [7:24434]

[Patrick Bass]

Cisco has a free one you can use with linux.
""Ken Diliberto""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I was thinking (which is sometimes very dangerous).  I'd like to play with
a
> TACACS server.  I've got a RADIUS server running here at home on NetWare
but
> would like TACACS.  Any suggestions on a free server?  I have Sun servers
> available to run it on if needed.
>
> Thanks.
>
> Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24439&t=24434
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Upgrading IOS through Console Cable [7:24435]

[routerjocky]

you're out of luck Ali.. there is no xmodem capability on the 4000 console
connection.

If you have an ethernet interface and a PC with tftp software, the boot
image will allow you to do a copy tftp flash.  All you'd need is a hub or
10BaseT crossover cable to make that work, and it's much faster than a
download at 9600 bps (which you can't do anyway)

- Original Message -
From: "Ali RETy" 
To: 
Sent: Sunday, October 28, 2001 5:46 PM
Subject: Upgrading IOS through Console Cable [7:24435]


> How can I upgrade IOS on 4000 Router through console connection.
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24440&t=24435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

yet another study site [7:24441]

[routerjocky]

I stumbled across this site while searching for bgp authentication, and it
looks like there are some challenging CCIE-leve labs there
http://www.iisl.com/ccie_lab/index.htm

-e-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24441&t=24441
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

fast switching - resolution [7:23969]

[[EMAIL PROTECTED]]

Yep, CEF was the cause of this.
Configuring 'ip load-sharing per-packet' on the relevant interfaces has
evened up the load again.  Now, of course, there is the risk that both
links will be flooded instead of just one, but never mind...

Thanks for all the suggestions.

JMcL
- Forwarded by Jenny Mcleod/NSO/CSDA on 29/10/2001 11:02 am -
   
 
   
"jenny.mcleod@centreli
nk.gov.au"To:
[EMAIL PROTECTED]
http://www.groupstudy.com/form/read.php?f=7&i=24442&t=23969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

EIGRP Authentication [7:24443]

[Tribavan Raina]

Hi all..

I tried to enable eigrp route authentication feature on 1720 but I dont get
and option for authentication in the menu.
As per Cisco it doesnot work on 1720 but I tried same stuff on 2501 even
there I amnit getting the authentication command .2500 series is supported
for route authentication.

ANy clues
http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/eigrpmd5.htm

Tribavan Raina
Network Consultant

TechTonics Group Limited
Level 31 Grand Plimmer Tower
2-6 Gilmer Terrace
PO Box 11 199
Wellington

Ph:   +64 4 385 2628
Fax: +64 4 385 2400

www.techtonics.co.nz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24443&t=24443
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Upgrading IOS through Console Cable [7:24435]

[Paul Lalonde]

Hi,

Given that you probably don't have any other modules in the router that you
can do this on (like Ethernet, Token Ring, or Serial)...

You can do this by configuring your AUX port for asynchronous routing and
connecting to it with your PC over a special "null-modem" cable.

The following link describes how to configure your PC to talk to a Cisco
router over a null-modem cable to the AUX port:

http://www.cisco.com/warp/public/471/103.html

You will need the mdmcisco.inf null-modem driver for your operating system.

Here are some basic tasks:

1. Configure a "dial up networking" connection on the PC. You'll need a
special modem driver to support PC-to-Cisco async connections over PPP.
Check out the link above. Assign a static IP address to the PC dial-up
adapter (ie. 192.168.0.1)

2. Configure the Cisco router AUX port to perform asynchronous routing. Do
the following:

line aux 0
  speed 38400
  parity none
  databits 8
  stopbits 1
  flowcontrol hardware
  modem inout
int async 0 (* you might need to use a different interface # - use 'show
line' to find your AUX port interface #)
  async mode dedicated
  async default routing
  ip address 192.168.0.2 255.255.255.0
  encapsulation ppp
  keepalive 5
  pulse 5
  no shutdown

3. With these two configuration steps, you should be able to 'dial' into
your Cisco router over the null-modem cable using PPP. At this point, you
will have a network-layer connection to the Cisco router and should be able
to TELNET, TFTP, and perform flash management (ie. uploading a new IOS
version).

IT WILL BE SLOW... BUT IT WORKS!

Paul Lalonde



""Ali RETy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> How can I upgrade IOS on 4000 Router through console connection.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2&t=24435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Jeff Doyle Vol I or II? [7:24269]

[Ozzie Sutcliffe]

Thanks

BTW are you still doing sniffer training as I get few folks ask me for
somewhere to go

oz



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24445&t=24269
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

No Keepalive [7:24446]

[Tribavan Raina]

Hi..

When we give no keepalive command on ethernet or fast ethernet ,the port and
line protocol come up but when we do the same thing for serial port why
doesnt it work.

May be it is a silly  question.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24446&t=24446
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: No Keepalive [7:24446]

[Paul Lalonde]

I think this is because Ethernet / Fast Ethernet interfaces generate their
own keepalives and thus keep themselves up. Serial interfaces receive their
keepalives from the remote end and rely on return communications to bring
the interface up.

Paul


""Tribavan Raina""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi..
>
> When we give no keepalive command on ethernet or fast ethernet ,the port
and
> line protocol come up but when we do the same thing for serial port why
> doesnt it work.
>
> May be it is a silly  question.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24447&t=24446
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IOS Command Question? [7:24448]

[Bill Reilly]

I was wondering if some could shead some light on this command.

ip tcp syn-wait 5

Thanks in advance




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24448&t=24448
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to config the catalyst 1200 and crack its pwd! [7:24451]

[Kevin Campbell]

you have to use a regular straight through patch cable.  db 9 connector is
fine.  but the console cable will not work.  go to this page and follow the
steps http://www.cisco.com/warp/public/474/pswdrec_6000.html#proc

Kevin

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Alexandre Carvalho
Sent: Saturday, October 27, 2001 10:47 PM
To: [EMAIL PROTECTED]
Subject: How to config the catalyst 1200 and crack its pwd! [7:24394]


Hello team..

I am kind of confused and now worried about how to config the catalyst 1200.
I am using the console cable and a db9 connector plugging directly into the
admin port and when I power on, guess what?? it just stays there and doesn't
display anything. I went to cisco site and downloaded the manual. I had
talked already to someone on this group and he told me that I have to use a
DB-25 instead of DB-9.
My question is: Would that make any difference?? And if it does.. A DB-9 to
DB-25 converter would solve my problem??
Another question: How do I crack the pwd??
I am kind desperate now..because I've got some of them just sitting in front
of me and I can't do anything!!!

Please advise,

Alex Carvalho




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24451&t=24451
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco 4000 Router as Frame-Relay Switch [7:24450]

[Tim Bowyer]

I have configured 4000 router (FR_ROUTER) as a FR Switch. It is connected to
3
other 2500 routers (A,B,C)on serial interface. FR is working fine and I am
able to ping B &C from A. But I am not able to ping the Serial Interface of A
from router A itself. Same thing is happening on the other routers.
I am receiving this error message :

Serial0:Encaps failed--no map entry link 7(IP)
IP: s=10.0.0.3 (local), d=10.0.0.3 (Serial0), len 100, encapsulation failed




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24450&t=24450
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to config the catalyst 1200 and crack its pwd! [7:24452]

[Alex Carvalho]

- Original Message -
From: "Kevin Campbell" 
To: "Alexandre Carvalho" ; "Cisco"

Sent: Sunday, October 28, 2001 9:21 PM
Subject: RE: How to config the catalyst 1200 and crack its pwd! [7:24394]


> you have to use a regular straight through patch cable.  db 9 connector is
> fine.  but the console cable will not work.  go to this page and follow
the
> steps http://www.cisco.com/warp/public/474/pswdrec_6000.html#proc
>
> Kevin
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Alexandre Carvalho
> Sent: Saturday, October 27, 2001 10:47 PM
> To: [EMAIL PROTECTED]
> Subject: How to config the catalyst 1200 and crack its pwd! [7:24394]
>
>
> Hello team..
>
> I am kind of confused and now worried about how to config the catalyst
1200.
> I am using the console cable and a db9 connector plugging directly into
the
> admin port and when I power on, guess what?? it just stays there and
doesn't
> display anything. I went to cisco site and downloaded the manual. I had
> talked already to someone on this group and he told me that I have to use
a
> DB-25 instead of DB-9.
> My question is: Would that make any difference?? And if it does.. A DB-9
to
> DB-25 converter would solve my problem??
> Another question: How do I crack the pwd??
> I am kind desperate now..because I've got some of them just sitting in
front
> of me and I can't do anything!!!
>
> Please advise,
>
> Alex Carvalho




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24452&t=24452
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco ACS problem [7:24453]

[Cheng, Steven]

Hello , Guys..
 
 
I have testing the product of Cisco Secure ACS 2.6 for Windows 2000. But now
I have a problem. I need ACS to log every user who login the router and
every action does the user do .
I can't find any config regarding this in the Cisco Web site. The web site
show : The Cisco Secure ACS can do it.
So , could any one can share the experience to me ??
or told me how to config the ACS server and Cisco router ??
 
Appreciated for your help
 

Best Regards 



Steven Cheng
Associate I/T Specialist
Rm D&E 16F Hung Tai Century Tower 156,Min-Sheng E.Road Sec.3 , Taipei 
TEL:886-2-2715-7010 
FAX:886-2-2715-7077 
Mobile:886-918-564-332 
E-Mail: [EMAIL PROTECTED]   
Jabber ID: [EMAIL PROTECTED]  

[GroupStudy.com removed an attachment of type image/gif which had a name of
banner1.gif]

[GroupStudy.com removed an attachment of type image/gif which had a name of
Tech.gif]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24453&t=24453
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Selling Cisco 2511's + Catalyst 1200 [7:24454]

[Alexandre Carvalho]

Hello Team,
I know that the intention of this group is not to  "sell" anything but to
help each other. But I am selling couple of 2511's and lots of  catalyst's
1200 just to build a fair lab for studying for my CCNP and future CCIE.
Whoever is interested please send me an e-mail and we deal those off here. I
am going to see if I can provide like a mini-lab in a good price.

Thanks for the attention and sorry about anything.

Alex

PS: I will start selling on e-bay on tuesday...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24454&t=24454
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco ACS problem [7:24453]

[Ocsic]

you have to do some configuration on the router
to enable the router send the RADIUS info to the ACS server.

aaa authentication login radius

radius-server host 1.2.3.4 auth-port 1645 acct-port 1646
radius-server key abcdefg

then in the ACS Server add the appropriate ITEM in the router column
you will see the logs will generate once a user is logon the router



""Cheng, Steven""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello , Guys..
>
>
> I have testing the product of Cisco Secure ACS 2.6 for Windows 2000. But
now
> I have a problem. I need ACS to log every user who login the router and
> every action does the user do .
> I can't find any config regarding this in the Cisco Web site. The web site
> show : The Cisco Secure ACS can do it.
> So , could any one can share the experience to me ??
> or told me how to config the ACS server and Cisco router ??
>
> Appreciated for your help
>
>
> Best Regards
>
>
>
> Steven Cheng
> Associate I/T Specialist
> Rm D&E 16F Hung Tai Century Tower 156,Min-Sheng E.Road Sec.3 , Taipei
> TEL:886-2-2715-7010
> FAX:886-2-2715-7077
> Mobile:886-918-564-332
> E-Mail: [EMAIL PROTECTED]
> Jabber ID: [EMAIL PROTECTED]
>
> [GroupStudy.com removed an attachment of type image/gif which had a name
of
> banner1.gif]
>
> [GroupStudy.com removed an attachment of type image/gif which had a name
of
> Tech.gif]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24455&t=24453
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT - IPX routes [7:24456]

[[EMAIL PROTECTED]]

Hi all,
This is off-topic because it's not cert-related, although I could argue
that it's good CIT practice!

Is anyone (else) out there using IPX with IOS 12.1?
We had a problem crop up this morning on 7500 routers that have been
running 12.1(10) for about a week.  IPX RIP updates are not being seen by
the routers across a fast ethernet link, although updates are seen across
other links.  And just to make it really weird - if the IPX routes are
cleared, the next update is seen.  But none after that, so the routes time
out again.
We also came across a similar or identical bug late last week immediately
after upgrading a couple of other 7500s to 12.1(10).
We are escalating this to the TAC, and have found a few possibly-related
bugs on the CCO bug watcher, but has anyone else struck this bug?  The more
information I can get about symptoms, what's been tried etc, the better.
I'm happy to take this off-line.
(Our IPX network is temporarily held together with metaphorical string and
stickytape - namely a script has been hastily written to periodically clear
the IPX routes on the affected routers.  Very ugly, but so far effective).

Thanks,
JMcL




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24456&t=24456
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF Authentication with Virtual Links [7:24457]

[Hollis]

Ran into following during a lab scenario, but can't find any documentation
on this. Can someone please verify if this is correct?

With md5 authentication configured in OSPF Area 0, following must also be
configured on ABR with virtual link... (the ABR which is not directly
connected to Area 0.) "area 0 authentication message-digest".  Note that
Router A does not have any interfaces actually in Area 0.

Router A..
router ospf 110
 log-adjacency-changes
 area 0 authentication message-digest  (??)
 area 1 virtual-link 192.168.5.5
 network 172.16.4.0 0.0.0.255 area 1
 network 172.16.12.0 0.0.0.255 area 3

Router B...
interface Serial0.504 point-to-point
 ip address 172.16.1.1 255.255.255.0
 ip ospf message-digest-key 4 md5 mypassword
 frame-relay interface-dlci 504
!
router ospf 110
 log-adjacency-changes
 area 0 authentication message-digest
 area 1 virtual-link 192.168.2.2
 network 172.16.1.0 0.0.0.255 area 0
 network 172.16.5.0 0.0.0.255 area 1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24457&t=24457
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[Wojtek Zlobicki]

> Juniper has some excellent engineers, and a good product, I don't mean to
> detract from that.  But this list should be more focused on giving people
> inspiration and not trying to disappoint them by saying that there is no
> demand for the CCIE  when their patently is.

I'd like to add one more thing.  When did this job start being about just
money.  I guess I can't speak for everyone. I'm young, single, no mortgage,
no mouths to feed.  I am willing to travel (having to spend 6 weeks in
Barbados or somewhere nice and sunny) is something I am willing to tolerate.

People also have to start looking at enhancing their soft skills.  Take a
basket weaving course.  Take a public speaking course.  I've been told by
many that they can't get over how outgoing I am.  "A techie with a
personality" is something that many employers seek.  People really need to
stop on relying on four letter words to get them a job.  A CCIE no longer
guarantees one a job.  The right person with the right Cert can always find
a job.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24426&t=24336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCDP [7:24433]

[George Murphy CCNP, CCDP]

James, I took it in july and used the ciscopress exam guide, Boson test 
#2 and some prep material from www.ccxxproductions.com  . Like everyone 
has said at examnotes.net in the forums it is a wordy exam but I found 
it to be fairly easy and passable. Just keep in mind that it is a 
"concept" exam and make sure to brush up on all of the areas and you 
will do fine. One thing I have done that has always helped is to pool 
about 400 questions and go over them each day a week before the exam. 
Best-o-luck to ya!  

[EMAIL PROTECTED] wrote:

>I'm studing for my CID test I would like suggestions of some good study
>material.
>
>James




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24449&t=24433
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[Wojtek Zlobicki]

> feel the need to do (what's up with that attitude anyway?  It's almost
like
> some people think I'm somehow insulting their religion, and since when did
> Cisco become a religion?).

Our IOS who art in  router
Hallowed be thy CLI

:)

> * Yes you are correct to say that that there is no such thing as "basic
> Juniper or beginning Juniper".  Such a thing is indeed an oxymoron due to
> the nature of Juniper's targeted market.  So let me revise me argument

This is likely to change.  I've heard rumors that Juniper will start to get
into a
midrange market.  I don't believe they can survive in the core alone.

> slightly and say that my argument only applies to intermediate and
> expert-level skills.  For networking newbies, the CCNA, I concede is the
> only reasonable game in town.   But for intermediate level people, I
believe
> that now you can start comparing Juniper and, say the CCNP,  to a
reasonable
> degree.  It is my gut feeling that the ratio is indeed somwhere around
330:1
> for CCNP's to "JNCNP's" (if such a thing existed).  Now it is true that I
do
> not have any hard numbers to back that up (and nobody has any hard numbers
> that disprove it), but I appeal to the fact that the CCNP is fairly
> well-known, and has already attained  semi-paper-cert status, in the sense

Paper CCXX have been created by employers.  I have a fair bit if experience
under my belt but no cert as of yet (I'm working on my CCNA and CCNP
simultaneusly,  I've taken some Boson's lately and I do better on the CCNP
that the CCNA :( .  If employers wanted experience and personality, the
certs would not be as regarded as they are today.  Anything under a CCIE is
just a piece of paper.  If employers were looking for employees and not
pieces of paper, less certs would be needed.  I want my cert to prove
competnecy, I do not want it to be used as a hiring decision.  I want the
employer to hire ME !.


> that CCNP braindumps are out there and pretty easy to find.  This
therefore
> means there is a great deal of extra competition for the "real" CCNP's'
(the
> ones who can back up their cert with actual experience).   Whereas it is
> much more difficult to fake your way around the Juniper world, such that
> anybody who has even 1 year of Juniper experience does in fact know a
fairly
> good amount, under the notion that if he was true dummy, he would never be
> allowed the chance to touch any Juniper stuff in the first place.   It is

If we handled certs like drivers licenses, we would have a lot less CCNPs
today.  There should be a practical componenet to the CCNP as well.  And
such tests should be taken at a minimum 6 months after the CCNP written
components.  These certs are not memerizaion drills (at least not for me).
I refuse to cram for a cert (yeah there is a little cramming over little
details before tests).  I want to understand something such that I don;t
need to cram.  I want to have enough hands on experience to make it a breeze
to go and write a test.

> the extra competition, in the Cisco world, of paper-certs and people who
are
> only lab rats and no practical experience, that is what really screws
things
> up for the Cisco people.  Juniper doesn't suffer from this problem (at
> least, not yet).

There are 20 or so JNCIEs in the world.  50-99% are likely to be Juniper
employees.  We really have to get over what the paper says and start taking
a look at the employee more and more.  Employers may love certs because they
are under the impression that it will save them time in the hiring process.
They are trusting that the cert is able to assertain the skills of their
employee.  Certs become useless not because of paper certs but because of
employers that fail to take the effor to see the person behing them.

> * Competition.Anybody who reads my arguments carefully will see that
my
> entire thesis rests on the notion of competition - the fact that there is
> substantially more competition for every Cisco job opening than there is
for
> a Juniper job.  For example, I appeal to the cashier vs. lawyer argument.

I would disagree.  There are a lot less qualified people to maintain Juniper
equipment.  If there are only 3000 people in the world that have touched the
equipment (I think that number may even be quite overstated), and there are
100 jobs out there for them, there is a lot less competition for Juniper
jobs.  Untill Juniper gets more penetration in the market , its certs are
not as worthwhile as are Cisco's.  As I stated above, many of those JNCIEs
will be Juniper employees or employees of their largest
partners/contractors.  These are not individuals on the open market.

> Clearly there is more demand for cashiers than lawyers, because how many
> times do you buy something vs. how many times do you sue somebody?  But
does

Um..  In the USA :)  Lawsuits are just about as common as purchases :)  Here
in Canada, there is a very different stance on lawsuits (but thats another
story).

> it then follow that cashiers ar

Re: is it really bad market for ccie ? NO! NO! NO!!!! [7:24336]

[nrf]

Hey now, you're twisting my words around.

I never said there was no demand for the CCIE.  In fact if you read my posts
carefully, you'll find that I mention that there is indeed quite a bit of
demand for Cisco knowledge and the CCIE, in fact, more demand than for
Juniper and the JNCIE.

My point is simply this.  Like everything in life, it's all relative.  On a
relative scale, when normalized for supply, I believe the evidence shows
that the relative demand for Juniper JNCIE-type skills (adjusted for the
supply of those skills) is greater than the relative demand for Cisco
CCIE-type skills (adjusted for the supply of those skills).  But less
relative demand is not the same thing as no demand.

Aha - alt.certification.cisco, the "hardest networking exam" thread.  Go
read it again, and you'll find that once again, that it was a "RE:" thread,
meaning that I was responding to somebody else's thread.  Somebody wanted to
know what the hardest networking exam was, and I told them.  They asked for
an opinion, and I gave it.

See, that's my point.  A lot of people here think that I just come here
basically looking to start a fight.  They figure - he's on a Cisco mailing
list and he raising the issue of Juniper, so he's just asking for trouble.

I disagree.  You can go back through my history, and you'll find that I
never bring up Juniper as a stand-alone subject.   It's always the case that
somebody else is asking a question, and I respond.  If somebody asks about
Juniper and the JNCIE, or relative value of certs, or some other such
subject, then I will tell them what's up.  I do not deliberately go around
always trying to talk about Juniper unsolicited.  But on the other hand,  if
somebody is asking the question, then that means that they must be
interested in the answer.Yet, everybody seems to like jumping down my
throat when I give an answer, but nobody ever seems to bother the guy who
asked the original question.  What's up with that?

I also don't believe in the philosophy that people should only provide
answers that are nice or politically correct.   I don't believe in just
telling people what they want to hear, if I don't believe it myself.  Hey,
I don't work for Cisco's marketing department.  On the one hand, I'm not
going to go around deliberately pointing out Cisco's and the CCIE program's
shortcomings unsolicited if nobody wants to hear it.  But on the other hand,
if somebody asks, I will give them an honest answer, even if it's
politically incorrect.  I believe that if people ask honest questions, they
are better served by being given honest answers, which is not always a
'nice' answer.  I figure -  people should be given all the facts, and then
they can decide for themselves how to interpret it.   Otherwise, how about
this.  When somebody asks a question, they can email everybody and tell them
exactly what they want them to say, so that when they respond, they will get
the precise answer they are looking for.

But how about this. I'll make you the same deal I made to some of my other
detractors.  You don't want me talking about Juniper anymore, fine.  How
about a new policy for this mailing list, where nobody is ever allowed to
ask questions about Juniper, or the worth of the cert, or does the CCIE
program have any shortcomings, or questions like that?  I'll happily follow
a Don't Ask, Don't Tell policy.  But ask long as people keep asking the
question, I will keep providing the answer.

Anyway, enough about that.  On to technical matters

* The Mier study.  I don't think you will find too many people who give
serious credence to that study because, as you said, it was sponsored by
Cisco.  Has any vendor in the history of the industry ever lost in a study
that they sponsored?

* Other Cisco skills.  OK - now you just raised an interesting subject.  I
believe people should guide their careers towards skills that are in high
demand and low supply.  One possible route is Juniper.  Another possible
route is all that weird Cisco stuff that nobody really knows how to use.
The optical stuff (the ONS series), for example.  Or the high end voice
stuff.  Absolutely, you are correct.

But you are also (subtly) changing the subject.  My entire argument has been
about the CCIE vs. the JNCIE, and my implication was that the CCIE market
seems to be more saturated than the JNCIE market.  Now, on the one hand,
Cisco has all these other technologies that are indeed highly marketable
skills.  But, on the othe hand, they have nothing to do with the CCIE.
Consider - how many CCIE's know how to use the ONS15454 (which, by the way,
Cisco sells $1billion annually)?  I know I don't, and none of the guys I
know do.  The only guy I know that can do it has no Cisco certs whatsoever.
Same thing with the high-end voice stuff - most CCIE's don't really know
that stuff such that they could call themselves experts at it (I know some
intermediate voice stuff - but the advanced H323 gatekeeper/gateway stuff or
the advanced SIP stu

Second opinion on Regular Expression [7:24460]

[Chuck Larrieu]

for an as-path filter, here is what I want to accomplish:

from one particular router to another particular router I want to filter any
AS path whose most recent AS was 

so if the BGP route has a path in the BGP table as    ? or 
 ? etc
then I want that route to be filtered to a particular neighbor

routes such as   ? or    , for example are OK to
pass

my access-list is:

ip as-path access-list 55 deny ^_
ip as-path access-list 55 permit .*
!
and my neighbor statement is neighbor a.b.c.d filter-list 55 out

does the ^ character really mean what I think it is supposed to mean? I.e
does it filter any AS path that BEGINS with , or is it doing something
unexpected?

I have a complex mesh ( mess too ;-> ) of BGP neighbors, and it is a bit
hard to tell if I am accomplishing what I think I am accomplishing.

thanks.

Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24460&t=24460
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

5509 prob. [7:24461]

[Muralidhar A.]

Hi...

I am facing a strange problem. With this 5509 that I have..

1. when I set the date with the set command it accepts. But when show config
is given..it displays a wrong date..

2. I have 2 line cards with 48 ports of 10 Mbps.. When I changes the ports
to diff vlan's via TELNET there is no problem.. But when I do the same via
CONSOLE.. Whole switch reset's.. 

What could be the reason ? ? Any ideas

Thanks and regards,
Murali
    STATEMENT OF CONFIDENTIALITY 
The information contained in this communication is Confidential and is
intended only for the exclusive use of the Recipient named above, and may
contain confidential or privileged Information. If the reader of this
message is not the intended recipient ,please notify Freddie Samuel
immediately either at +968- 684152 Extn 398 or [EMAIL PROTECTED]
and destroy all copies of this message and any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24461&t=24461
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OSPF Authentication with Virtual Links [7:24457]

[Chuck Larrieu]

The router that is the end point of the virtual link does indeed have an
interface in area 0 - that's where the virtual link terminates!!

so yes, the virtual link has to authenticate to area zero, same as if it
were directly connected.

Chuck

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hollis
Sent: Sunday, October 28, 2001 8:16 PM
To: [EMAIL PROTECTED]
Subject: OSPF Authentication with Virtual Links [7:24457]


Ran into following during a lab scenario, but can't find any documentation
on this. Can someone please verify if this is correct?

With md5 authentication configured in OSPF Area 0, following must also be
configured on ABR with virtual link... (the ABR which is not directly
connected to Area 0.) "area 0 authentication message-digest".  Note that
Router A does not have any interfaces actually in Area 0.

Router A..
router ospf 110
 log-adjacency-changes
 area 0 authentication message-digest  (??)
 area 1 virtual-link 192.168.5.5
 network 172.16.4.0 0.0.0.255 area 1
 network 172.16.12.0 0.0.0.255 area 3

Router B...
interface Serial0.504 point-to-point
 ip address 172.16.1.1 255.255.255.0
 ip ospf message-digest-key 4 md5 mypassword
 frame-relay interface-dlci 504
!
router ospf 110
 log-adjacency-changes
 area 0 authentication message-digest
 area 1 virtual-link 192.168.2.2
 network 172.16.1.0 0.0.0.255 area 0
 network 172.16.5.0 0.0.0.255 area 1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24464&t=24457
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco Practical study 1 day lab book [7:24318]

[Chuck Larrieu]

All Cisco is doing here is jumping onto the Lab prep bandwagon. their
materials are probably no better or worse that Caslow, Bootcamp, IP expert,
Fatkid, Solutions Lab, or any of the other prep materials. With 2 million
wannabes in queue, why not try to get them to pop another 60 bucks for
something that may or may not help them pass.

Chuck
jeez am I getting cratchity!

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Paul Jin
Sent: Saturday, October 27, 2001 7:44 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco Practical study 1 day lab book [7:24318]


Guys,
Check out the link at booksamillion.com, the price is a little cheaper.
BAMM.com and bookpool.com usually has good prices, also
going to addall.com, you can search multiple book prices at the same time,
it will search out the best prices for you..

I plan on getting it myself, like many other people on this forum, but
how closely is this related to the real lab?  What I mean is, are these labs
supposed to help you try and get ready for the real lab test?  Which brings
out the next point, it is ok for Cisco to
come out and break NDA but not ok for others to talk about the lab?
:-)

Cisco is probably saying, this book is the best to prepare for the lab
because who can help you prepare for the lab better than the people that
bring you the test


http://www.booksamillion.com/ncom/books?d=2042240383686&pid=1587200023



lab ccie wrote:
>
>  Finally cisco press comes with this book for $70 ,why the
> hdid they do it b 4 ?
>
> In-depth study and exercises for the CCIE Routing and Switching
> Lab ExamCCIE Practical Studies, Volume I focuses on the 1-day
> lab portion of the exam, largely regarded as the most difficult
> portion of the CCIE testing process. This book includes
> in-depth coverage for more than 70 lab scenarios, as well as
> information on how to design and implement basic to complex
> networks. Five CCIE simulation labs will test your knowledge
> and ability to perform in a timed environment.Authored by CCIEs
> in collaboration with CCIE Program Managers.In-depth coverage
> of routing protocols provides both great practical knowledge
> and exam preparation




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24462&t=24318
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IOS Command Question? [7:24448]

[Chuck Larrieu]

yes. and this is a good command to know.

when you telnet someplace, there is a time during which the source waits for
the SYN to come back from your target. But suppose you mis-type a command?
You wait and wait while the domain-lookup occurs, until the default syn wait
time expires.

the ip tcp synwait-time X shortens that wait to something tolerable.

no ip domain lookup is another good one, and accomplishes something similar.
but in many environments there is reason to have domain-lookup enabled.

HTH

Chuck

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Bill Reilly
Sent: Sunday, October 28, 2001 5:56 PM
To: [EMAIL PROTECTED]
Subject: IOS Command Question? [7:24448]


I was wondering if some could shead some light on this command.

ip tcp syn-wait 5

Thanks in advance




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24465&t=24448
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Prefered free TACACS server [7:24434]

[Mike Sweeney]

Drop by my site.. I have been gathering info and files for TACACS for both
Windows and Linux. The Win stuff will posted later this week but the linux
stuff is up there along with the docs.

So far as I can tell, Cisco has dropped support for TACACS including the FTP
site for downloading it. They would rather you buy Ciscoworks.

http://www.packetattack.com/downloads.html

If you find anything more about TACACS, drop me a line via the site and let
me know what you found and where.

MikeS


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24466&t=24434
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[nrf]

> MANUFAC.Pieces oF Equip in Market#of People
> Qualified
>
> Juniper  50,000
> 3000
> Cisco6,000,000
> 80,000
>
> 74 Pieces Per Cisco qualified tech
> 16 pieces per Juniper Tech
>
> Looks like a lot more competition for the Juniper jobs.

I believe you've made a mistake.  You're only looking at the number of
pieces as an indicator of demand Whereas, I believe a much better gauge is
the complexity of the pieces.

I got an excellent example for you.  The CCIE R/S lab has 6 routers and 2
switches.  But I think most people here would agree that the lab is still no
cake-walk.  Why not - it's only 8 pieces.  But it's not how many pieces you
got, it's what you are doing with them.

And consider this.  Core provider routers that Juniper specializes in  are
inevitably doing a heck of a lot more than cisco enterprise routers.  They
will most likely have more interfaces, more redundancy, and more complex
routing protocols that are harder to configure and therefore require more
expertise.  For example, I would say that a 100-router enterprise network
running static routes and RIPv2 is not as hard to maintain compared to  a
6-8 Juniper router ISP core running IS-IS and BGP.


I believe the real gauge of demand is money, how much did you spend.
Generally speaking,  the more expensive a network, the more important it
must be for the organization (if the network was not that important, then
why spend all that money on it?).  Then.,the more important a network is,
the more complex the network tends to get (i.e. it will have more
redundancy, and require more tuning, and more complex routing, etc. etc.).
Finally, the more complex the network, the more expertise you require to
design and maintain it.So it all comes down to money - revenue.  If a
manager decides to spend $X on a network, I don't think he would find it
unreasonable to spend 1/10 of X on consulting expertise on the network -
regardless of whether X bought you 10 routers or a 1000.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24467&t=24336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Off Topic - good auction seller [7:24468]

[Chuck Larrieu]

After some of the recent negative discussion about a particular auction
seller ( and thanks - it helped me avoid bidding on certain products ) I
thought some folks might be interested in my recent positive experience.

Pat McKool of Market Network Solutions, was a pleasure to deal with.

If anyone is in the market for used equipment, you might want to keep an eye
out for this guy on That Auction Site.

NOTE: past performance is no guarantee of future results ;->

Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24468&t=24468
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 5509 prob. [7:24461]

[AMR]

what version OS are you running on it?

""Muralidhar A.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi...
>
> I am facing a strange problem. With this 5509 that I have..
>
> 1. when I set the date with the set command it accepts. But when show
config
> is given..it displays a wrong date..
>
> 2. I have 2 line cards with 48 ports of 10 Mbps.. When I changes the ports
> to diff vlan's via TELNET there is no problem.. But when I do the same via
> CONSOLE.. Whole switch reset's..
>
> What could be the reason ? ? Any ideas
>
> Thanks and regards,
> Murali
> STATEMENT OF CONFIDENTIALITY 
> The information contained in this communication is Confidential and is
> intended only for the exclusive use of the Recipient named above, and may
> contain confidential or privileged Information. If the reader of this
> message is not the intended recipient ,please notify Freddie Samuel
> immediately either at +968- 684152 Extn 398 or
[EMAIL PROTECTED]
> and destroy all copies of this message and any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24469&t=24461
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: is it really bad market for ccie ? NO! NO! NO! [7:24336]

[Chuck Larrieu]

One IOS to forward them all
One IOS to find them
One IOS to summarize them all
And in the Routing Tables bind them

It's all a matter of perspective. :-O


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Wojtek Zlobicki
Sent: Sunday, October 28, 2001 8:33 PM
To: [EMAIL PROTECTED]
Subject: Re: is it really bad market for ccie ? NO! NO! NO! [7:24336]


> feel the need to do (what's up with that attitude anyway?  It's almost
like
> some people think I'm somehow insulting their religion, and since when did
> Cisco become a religion?).

Our IOS who art in  router
Hallowed be thy CLI

:)

> * Yes you are correct to say that that there is no such thing as "basic
> Juniper or beginning Juniper".  Such a thing is indeed an oxymoron due to
> the nature of Juniper's targeted market.  So let me revise me argument

This is likely to change.  I've heard rumors that Juniper will start to get
into a
midrange market.  I don't believe they can survive in the core alone.

> slightly and say that my argument only applies to intermediate and
> expert-level skills.  For networking newbies, the CCNA, I concede is the
> only reasonable game in town.   But for intermediate level people, I
believe
> that now you can start comparing Juniper and, say the CCNP,  to a
reasonable
> degree.  It is my gut feeling that the ratio is indeed somwhere around
330:1
> for CCNP's to "JNCNP's" (if such a thing existed).  Now it is true that I
do
> not have any hard numbers to back that up (and nobody has any hard numbers
> that disprove it), but I appeal to the fact that the CCNP is fairly
> well-known, and has already attained  semi-paper-cert status, in the sense

Paper CCXX have been created by employers.  I have a fair bit if experience
under my belt but no cert as of yet (I'm working on my CCNA and CCNP
simultaneusly,  I've taken some Boson's lately and I do better on the CCNP
that the CCNA :( .  If employers wanted experience and personality, the
certs would not be as regarded as they are today.  Anything under a CCIE is
just a piece of paper.  If employers were looking for employees and not
pieces of paper, less certs would be needed.  I want my cert to prove
competnecy, I do not want it to be used as a hiring decision.  I want the
employer to hire ME !.


> that CCNP braindumps are out there and pretty easy to find.  This
therefore
> means there is a great deal of extra competition for the "real" CCNP's'
(the
> ones who can back up their cert with actual experience).   Whereas it is
> much more difficult to fake your way around the Juniper world, such that
> anybody who has even 1 year of Juniper experience does in fact know a
fairly
> good amount, under the notion that if he was true dummy, he would never be
> allowed the chance to touch any Juniper stuff in the first place.   It is

If we handled certs like drivers licenses, we would have a lot less CCNPs
today.  There should be a practical componenet to the CCNP as well.  And
such tests should be taken at a minimum 6 months after the CCNP written
components.  These certs are not memerizaion drills (at least not for me).
I refuse to cram for a cert (yeah there is a little cramming over little
details before tests).  I want to understand something such that I don;t
need to cram.  I want to have enough hands on experience to make it a breeze
to go and write a test.

> the extra competition, in the Cisco world, of paper-certs and people who
are
> only lab rats and no practical experience, that is what really screws
things
> up for the Cisco people.  Juniper doesn't suffer from this problem (at
> least, not yet).

There are 20 or so JNCIEs in the world.  50-99% are likely to be Juniper
employees.  We really have to get over what the paper says and start taking
a look at the employee more and more.  Employers may love certs because they
are under the impression that it will save them time in the hiring process.
They are trusting that the cert is able to assertain the skills of their
employee.  Certs become useless not because of paper certs but because of
employers that fail to take the effor to see the person behing them.

> * Competition.Anybody who reads my arguments carefully will see that
my
> entire thesis rests on the notion of competition - the fact that there is
> substantially more competition for every Cisco job opening than there is
for
> a Juniper job.  For example, I appeal to the cashier vs. lawyer argument.

I would disagree.  There are a lot less qualified people to maintain Juniper
equipment.  If there are only 3000 people in the world that have touched the
equipment (I think that number may even be quite overstated), and there are
100 jobs out there for them, there is a lot less competition for Juniper
jobs.  Untill Juniper gets more penetration in the market , its certs are
not as worthwhile as are Cisco's.  As I stated above, many of those JNCIEs
will be Juniper employees or employees of their largest
partners/contractors.  T

Re: OSPF Authentication with Virtual Links [7:24457]

[Engelhard M. Labiro]

Hi,
At the virtual link line for both routers,
add a message-digest authentication, eg:
Router A
area 1 virtual link 192.168.5.5 message-digest-key 1 md5 pass

The "area 0 auth message-digest" is needed at RouterA
also since it is ABR for area 3.

HTH

> Ran into following during a lab scenario, but can't find any documentation
> on this. Can someone please verify if this is correct?
>
> With md5 authentication configured in OSPF Area 0, following must also be
> configured on ABR with virtual link... (the ABR which is not directly
> connected to Area 0.) "area 0 authentication message-digest".  Note that
> Router A does not have any interfaces actually in Area 0.
>
> Router A..
> router ospf 110
>  log-adjacency-changes
>  area 0 authentication message-digest  (??)
>  area 1 virtual-link 192.168.5.5
>  network 172.16.4.0 0.0.0.255 area 1
>  network 172.16.12.0 0.0.0.255 area 3
>
> Router B...
> interface Serial0.504 point-to-point
>  ip address 172.16.1.1 255.255.255.0
>  ip ospf message-digest-key 4 md5 mypassword
>  frame-relay interface-dlci 504
> !
> router ospf 110
>  log-adjacency-changes
>  area 0 authentication message-digest
>  area 1 virtual-link 192.168.2.2
>  network 172.16.1.0 0.0.0.255 area 0
>  network 172.16.5.0 0.0.0.255 area 1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24459&t=24457
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

nortel pbx and router problem? [7:24471]

[Regie]

i am working with the pbx vendor.
we have installed  an e1 module at the router..
we are testing pstn access and it is ok
but when we are trying to access ddd feature
it does not work.

the trunk that it seizes is ddd capable.
we suspect that the router do not forward digits
beginning with "0". it is the access code for ddd capabilities.


phone---pbx---router-ip network---router---pbx---phone
|
 pstn




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24471&t=24471
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

i need help. please.... [7:24472]

[xie rootstock]

two routers can reach each other by serial with encap ppp, but the potocol
is down after plus pap authentication, why?







2505#debug ppp n?  
negotiation  

2505#debug ppp n  
PPP protocol negotiation debugging is on  
2505#  
ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E3A91  
PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked  
PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61235F42
acked
PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 241  
ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E3A91  
2505#  
[Resuming connection 1 to b ... ]  

[Connection to b closed by foreign host]  
2505#  
ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E4543  
PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked  
PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61236A00
acked
PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 243  
ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E4543  
PPP Serial0: Unsupported or un-negotiated protocol. Link = arp  
2505#x  
ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E58AD  
PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked  
PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61237D92
acked
PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 246  
ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E58AD  
2505#xun all  
  ^  
% Invalid input detected at '^' marker.  

2505#  
ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E61BB  
PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked  
PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x612386BC
acked
PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 248  
ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E61BB  
2505#un all  
ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E6C11  
PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked  
PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x6123911E
acked
PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 250  
ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023  
ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E6C11  
All possible debugging has been turned off  
2505#no debug all  
All possible debugging has been turned off  
2505#sh int s0  
Serial0 is up, line protocol is down  
  Hardware is HD64570  
  Internet address is 192.168.100.2/24  
  MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255  
  Encapsulation PPP, loopback not set, keepalive set (10 sec)  
  LCP Listen  
  Closed: ccp, ipcp, osicp, ipxcp, xnscp, vinescp, deccp, bridgecp, atalkcp  
  lex, cdp, nbfcp, llc2, appn  
  Last input 00:00:01, output 00:00:01, output hang never  
  Last clearing of "show interface" counters never  
  Input queue: 0/75/0 (size/max/drops); Total output drops: 0  
  Queueing strategy: weighted fair  
  Output queue: 0/64/0 (size/threshold/drops)  
 Conversations  0/1 (active/max active)  
 Reserved Conversations 0/0 (allocated/max allocated)  
  5 minute input rate 0 bits/sec, 2 packets/sec  
  5 minute output rate 0 bits/sec, 2 packets/sec  
 35003 packets input, 635469 bytes, 0 no buffer  
 Received 291 broadcasts, 0 runts, 0 giants  
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort  
 36918 packets output, 723020 bytes, 0 underruns  
 0 output errors, 0 collisions, 3002 interface resets  
 0 output buffer failures, 0 output buffers swapped out  
 531 carrier transitions  
 DCD=up  DSR=up  DTR=up  RTS=up  CTS=up  

 DCD=up  DSR=up  DTR=up  RTS=up  CTS=up  
DCD=up  DSR=up  DTR=up  RTS=up  CTS=up  


end  
 --More--  
2505#sh run  
Building configuration...  

Current configuration:  
!  
version 11.1  
service tcp-keepalives-in  
service tcp-keepalives-out  
service password-encryption  
service udp-small-servers  
service tcp-small-servers  
!  
hostname 2505  
!  
enable secret 5 $1$cnq3$HaNKpm6dSxvAs4eJS1Yno.  
enable password 7 030752180500  
!  
username rootstock password 7 02050D480809  
username 2505 password 7 02050D480809  
no ip routing  
!  
hub ether 0 1  
 link-test  
 auto-polarity  
 shutdown  
!  
hub ether 0 2

Re: Second opinion on Regular Expression [7:24460]

[Julian Eccli]

Chuck,

You need to make the deny '^ .*'.  Assuming you are putting this on an
EBGP router peering with AS.

"ip as-path access-list 55 deny ^ .*"

The '^' is an anchor in regex and forces a match at the beginning of the
input string you are comparing.  IE:  Whatever is after the '^' must start
at the beginning of the string being compared to match and make the
epxression true.

To see if you are getting anything from AS try:

"show ip bgp regexp ^ .*"

Good way to test your regexp as well.


-Julian

""Chuck Larrieu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> for an as-path filter, here is what I want to accomplish:
>
> from one particular router to another particular router I want to filter
any
> AS path whose most recent AS was 
>
> so if the BGP route has a path in the BGP table as    ? or

>  ? etc
> then I want that route to be filtered to a particular neighbor
>
> routes such as   ? or    , for example are OK to
> pass
>
> my access-list is:
>
> ip as-path access-list 55 deny ^_
> ip as-path access-list 55 permit .*
> !
> and my neighbor statement is neighbor a.b.c.d filter-list 55 out
>
> does the ^ character really mean what I think it is supposed to mean? I.e
> does it filter any AS path that BEGINS with , or is it doing something
> unexpected?
>
> I have a complex mesh ( mess too ;-> ) of BGP neighbors, and it is a bit
> hard to tell if I am accomplishing what I think I am accomplishing.
>
> thanks.
>
> Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24473&t=24460
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: i need help. please.... [7:24472]

[Gary Wong]

Comment inline.

Regards,
Gary Wong

""xie rootstock""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> two routers can reach each other by serial with encap ppp, but the potocol
> is down after plus pap authentication, why?
>
> 2505#debug ppp n?
> negotiation
>
> 2505#debug ppp n
> PPP protocol negotiation debugging is on
> 2505#
> ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E3A91
> PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked
> PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61235F42
> acked
> PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 241
> ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E3A91
> 2505#
> [Resuming connection 1 to b ... ]
>
> [Connection to b closed by foreign host]
> 2505#
> ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E4543
> PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked
> PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61236A00
> acked
> PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 243
> ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E4543
> PPP Serial0: Unsupported or un-negotiated protocol. Link = arp
> 2505#x
> ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E58AD
> PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked
> PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x61237D92
> acked
> PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 246
> ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E58AD
> 2505#xun all
>   ^
> % Invalid input detected at '^' marker.
>
> 2505#
> ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E61BB
> PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked
> PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x612386BC
> acked
> PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 248
> ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E61BB
> 2505#un all
> ppp: sending CONFREQ, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: sending CONFREQ, type = 5 (CI_MAGICNUMBER), value = 0x610E6C11
> PPP Serial0: received config for type = 3 (AUTHTYPE) value = 0xC023 acked
> PPP Serial0: received config for type = 5 (MAGICNUMBER) value = 0x6123911E
> acked
> PPP Serial0: state = ACKsent fsm_rconfack(0xC021): rcvd id 250
> ppp: config ACK received, type = 3 (CI_AUTHTYPE), value = 0xC023
> ppp: config ACK received, type = 5 (CI_MAGICNUMBER), value = 0x610E6C11
> All possible debugging has been turned off
> 2505#no debug all
> All possible debugging has been turned off
> 2505#sh int s0
> Serial0 is up, line protocol is down
>   Hardware is HD64570
>   Internet address is 192.168.100.2/24
>   MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255
>   Encapsulation PPP, loopback not set, keepalive set (10 sec)
>   LCP Listen
>   Closed: ccp, ipcp, osicp, ipxcp, xnscp, vinescp, deccp, bridgecp,
atalkcp
>   lex, cdp, nbfcp, llc2, appn
>   Last input 00:00:01, output 00:00:01, output hang never
>   Last clearing of "show interface" counters never
>   Input queue: 0/75/0 (size/max/drops); Total output drops: 0
>   Queueing strategy: weighted fair
>   Output queue: 0/64/0 (size/threshold/drops)
>  Conversations  0/1 (active/max active)
>  Reserved Conversations 0/0 (allocated/max allocated)
>   5 minute input rate 0 bits/sec, 2 packets/sec
>   5 minute output rate 0 bits/sec, 2 packets/sec
>  35003 packets input, 635469 bytes, 0 no buffer
>  Received 291 broadcasts, 0 runts, 0 giants
>  0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>  36918 packets output, 723020 bytes, 0 underruns
>  0 output errors, 0 collisions, 3002 interface resets
>  0 output buffer failures, 0 output buffers swapped out
>  531 carrier transitions
>  DCD=up  DSR=up  DTR=up  RTS=up  CTS=up
>
>  DCD=up  DSR=up  DTR=up  RTS=up  CTS=up
> DCD=up  DSR=up  DTR=up  RTS=up  CTS=up
>
>
> end
>  --More--
> 2505#sh run
> Building configuration...
>
> Current configuration:
> !
> version 11.1
> service tcp-keepalives-in
> service tcp-keepalives-out
> service password-encryption
> service udp-small-servers
> service tcp-small-servers
> !
> hostname 2505
> !
> enable secret 5 $1$cnq3$HaNKpm6dSxvAs4eJS1Yno.
> enable password 7 030752180500
> !
> username rootstock password 7 0205