vpn [7:26452]
In order to enable the vpn between the cisco 3640 with vpn function and the win2000,and communicate between both private networks. When the packets outbound into other side private network,if their real destination ip address is hided inside the packets and the destination ip address routed in the internet is the vpn server of other side? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26452t=26452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Min router model to run BGP , OSPF , rip , eigrp and igrp [7:26453]
A 17xx would be OK, but also an 25xx. Important is of course that you have an enterprise image. suaveguru schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all anyone has any idea what is the minimum router model I can buy to do BGP , OSPF, RIP ,EIGRP AND IGRP WiLL A 17XX be sufficient? regards, suaveguru __ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26453t=26453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Wireless Access Point [7:26455]
Hi All - I wonder if the Cisco wireless access point 350 standard? Is it compatible with other vendor wireless NIC, say D-Link? Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26455t=26455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Urgent! Please help! [7:26396]
Serves you right for using 12.2(4)T1 ;) Regards, Dom Stocqueler Patrick Ramsey cc: Sent by: Subject: Urgent! Please help! [7:26396] [EMAIL PROTECTED] om 15/11/2001 18:50 Please respond to Patrick Ramsey My stuff is broken, I think I need some things to fix it. Any ideas on what's wrong? any help appreciated! -Patrick Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26454t=26396 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help regarding Dynamic Vlan Using URT [7:26456]
Hai, I am wondering if there is some one who have impliment Dynamic Vlan using URT server. Currently our Dynamic Vlan project with URT works fine with NT logins. All the user was able to change the IP and Vlan ID according to the correct settings. Sadly the Novell IPX did not changes, user is currently using Novell 4.1. After the user reassing to it Vlans and IP, the IPX is still grabing the start IPX address instead changing to the correct IPX address. Is there a know bug or problem with Novell 4.1 migrating with URT?. Currently we have not yet recived a good response from TEC or local Cisco Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26456t=26456 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN Exam on Tuesday 20/11/01 [7:26457]
Hai, I am going to take the Bcran exam on Tuesday 20/11/01. Hopely I will pass this exam. Can some one who have just taken the exam advice me on some informations. a) Is there many PAT Q, since I have nil exposer to it at all b) Tacas/Radas, how deep should I knows While on the BCRAN Course, the tranning was so easy but when I read Sybex BCRAN there are a lots off information regarding X.25. How deepth is the questions regarding X.25 Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26457t=26457 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Min router model to run BGP , OSPF , rip , eigrp and igrp [7:26459]
If it is just for a lab situation, even a 1600 would suffice I think (please correct me if I am incorrect). From my limited understanding of production BGP, you would need a decent processor and 64Mb ram, I think the 1700 has the same processor as a 2600, so that would probably suffice. From (sketchy) memory, when researching this for a customer, their ISP said that their 1600 would not be powerful enough, and they should look at a 3600 series router. Symon --- A 17xx would be OK, but also an 25xx. Important is of course that you have an enterprise image. suaveguru schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all anyone has any idea what is the minimum router model I can buy to do BGP , OSPF, RIP ,EIGRP AND IGRP WiLL A 17XX be sufficient? regards, suaveguru __ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com [EMAIL PROTECTED] Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26459t=26459 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4500 or 4500M [7:26428]
This is what you want. Try to stay with M versions. I have 4700M with max memory with fast ethernet module for sale soon if your interested. http://www.cisco.com/warp/public/471/29.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26460t=26428 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can somebody recommend good CCIE lab test training class? [7:26461]
Eric An wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am preparing for the lab test and considering to take a training class, even though I have a pretty good home lab and access to all types of equipment at work. I wonder if anyone can recommand a good train class. Thanks Eric Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26461t=26461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Off Topic - Baystack 350T [7:26431]
Use Xon/Xoff 8,n,1 The just hit enter, or ctr;+R. Carroll Kong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 09:47 PM 11/15/01 -0500, Mark Rose wrote: I was given a Baystack 350t and I'm trying to get into it to set up the configuration. I am using the default settings (9600,8,1,no,1,none). I am entering ctrl+C as per documentation. I get no response. I could use suggestions from anyone who has used this switch. TIA Mark Try ctrl-d, enter, etc. If it does not work, it might just be a bad one. I did an audit with a pile of these darn bay stacks, and some of them would just REFUSE to work. Of course, since we audited so many of them, 80% of them were consoleable, the others failed. Ah well. -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26463t=26431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN Exam on Tuesday 20/11/01 [7:26457]
I just passed the BCRAN exam last week. If you took the BCRAN class you will be all set. You should know the aaa commands for setting up dial-in/tacacs+ access. There were a few questions on X.25, but they were just basic questions. I would read the course book again and you will be fine. Good Luck! Nuurul Basar Mohd Baki 11/16/01 3:56:50 AM Hai, I am going to take the Bcran exam on Tuesday 20/11/01. Hopely I will pass this exam. Can some one who have just taken the exam advice me on some informations. a) Is there many PAT Q, since I have nil exposer to it at all b) Tacas/Radas, how deep should I knows While on the BCRAN Course, the tranning was so easy but when I read Sybex BCRAN there are a lots off information regarding X.25. How deepth is the questions regarding X.25 Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26465t=26457 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN Exam on Tuesday 20/11/01 [7:26457]
I just passed the BCRAN exam last week. If you took the BCRAN class you will be all set. You should know the aaa commands for setting up dial-in/tacacs+ access. There were a few questions on X.25, but they were just basic questions. I would read the course book again and you will be fine. Good Luck! Chris Dumais, CCNA, CNA Lan Analyst IT - NSS Networking Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Nuurul Basar Mohd Baki 11/16/01 3:56:50 AM Hai, I am going to take the Bcran exam on Tuesday 20/11/01. Hopely I will pass this exam. Can some one who have just taken the exam advice me on some informations. a) Is there many PAT Q, since I have nil exposer to it at all b) Tacas/Radas, how deep should I knows While on the BCRAN Course, the tranning was so easy but when I read Sybex BCRAN there are a lots off information regarding X.25. How deepth is the questions regarding X.25 Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26466t=26457 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
What are you going to do when your company network is down and the CEO is breathing down your neck asking when is it going to be fixed? I guess you'll tell him we'll I asked a question in the newsgroup and nobody told me what to do yet. That's a quick way to be shown the door. I stand by my assertion that the best way to advance one's career in networking is to develop the ability to look up problems and solutions on ones own. When stumped on a problem, ask the group... not ask the group first. I say again if you want to teach people that the way to resolve a problem is to blindly ask other people for solutions without trying to research and resolve on ones own, that's up to you but you're not doing them a favor and you'll diminish their abilities and career potential by doing that. What do you think the CCIE lab exam tests? Do they give you newsgroup access? Do they let you phone a friend? No, they give you a network, a set of issues, and reference material to research when needed. The exam is designed to test ones ability to think through issues, research when needed, and identify possible solutions. The people that follow your advice will never have the skills to be high level networkers. But that's alright, they'll be the people under me who'll always be asking me what to do when confronted with a problem. And that's why I'll be getting the big bucks... cause I can think and research on my own... and not run to others right away... Give a man a fish and he eats for a day... teach a man to fish and he eats for a lifetime... -- -=Repy to group only... no personal=- Sal DiStefano wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have been following this without saying anything, but I cant resist any longer. Are you saying that people should look up all their own answers? If that is the case, why have this board? Just so mean spirited people like those who answered this guy with useless answers can pounce on the newbie who asks what you consider a question which is not worthy? I think one of the great things about a group like this is I don't need to look up everything myself, I can rely on the knowledge and experience of others, and hopefully bring my experiences to some use here for others. Who should decide what others can ask? If the person comes here for an answer to a question rather that spending hours looking it up themselves, I think it shows that they know where to go for answers. I don't think traveling the hard road is the important part, I think getting the answers is. If you don't have something constructive to say don't reply to the post! If you can't say somethin' nice, Don't say nothin' at all. - Bambi Hope I haven't offended anyone. Sal = Ask yourself if what you are doing today is getting you closer to where you want to be tomorrow. - Unknown __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26467t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2501 eo with two ips [7:26468]
I have a cisco 2501 which serve's a subnet 193.109.49.192 /26. I have given the e0 ip 193.109.49.193 with the right subnet mask. . Every thing works fine only that if I telnet 193.109.49.192 which is supposed to be my network address it goes to the router. What could be causing this? Nderitu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26468t=26468 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Back-to-back flapping [7:26469]
I have a 2620 and a 2501 in a back to back configuration. I have set the clockrate @ 64000 and I have connectivity, however the line is flapping about every 45s. It only stays down for about 5s. Any ideas? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26469t=26469 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN Exam on Tuesday 20/11/01 [7:26457]
I took the BCRAN the last week. I have found that 30% of the exam it was about ISDN. I think that you must study deeply ISDN. I passed the exam. Next, I will take CIT. Bye Josi Farfan Lucent ESS Spain -- De: Christopher Dumais [SMTP:[EMAIL PROTECTED]] Enviado el: viernes 16 de noviembre de 2001 14:08 Para: [EMAIL PROTECTED] Asunto: Re: BCRAN Exam on Tuesday 20/11/01 [7:26457] I just passed the BCRAN exam last week. If you took the BCRAN class you will be all set. You should know the aaa commands for setting up dial-in/tacacs+ access. There were a few questions on X.25, but they were just basic questions. I would read the course book again and you will be fine. Good Luck! Chris Dumais, CCNA, CNA Lan Analyst IT - NSS Networking Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Nuurul Basar Mohd Baki 11/16/01 3:56:50 AM Hai, I am going to take the Bcran exam on Tuesday 20/11/01. Hopely I will pass this exam. Can some one who have just taken the exam advice me on some informations. a) Is there many PAT Q, since I have nil exposer to it at all b) Tacas/Radas, how deep should I knows While on the BCRAN Course, the tranning was so easy but when I read Sybex BCRAN there are a lots off information regarding X.25. How deepth is the questions regarding X.25 Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26471t=26457 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How Good Labs go Bad (was RE: A very basic question : BGP [7:26470]
Jason Carnevale got me thinking that there are a number of ways that labs, even more than real-world configurations, go bad. I'd like to start a checklist of such things. 1. There is no return path for your test signal (e.g., ping, traceroute). Also a common real-world problem. 2. A given routing scenario appears at first to work, but fails as routers are added. The real situation was that dynamic routing never worked in the scenario, but you had connectivity through directly connected subnets. 3. Weird protocol combinations imposed by the limited number of routers in a lab, in which protocols are asked to do things they were not designed to do (e.g., IGPs between AS). Multiple levels of redistribution tend to fall into this area. 4. You do not see expected routes due to completely correct summarization or aggregation. 5. Classful versus classless interactions. The real world, at least as defined by the Internet, is classless. 6. Failure to specific ip subnet-zero. 7. Attempts to maximize summarization even if you pick up address ranges not intended to be part of the summary 8. Attempts to minimize the number of lines in a configuration, leading to confusing, error prone access lists, OSPF network specifications, etc. Additional suggestions are welcome, but try to make them general. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26470t=26470 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
User access accounting [7:26472]
I would appreciate some help with a proposed project. I have a hub and spoke frame relay network with about 60 remote sites. What I need to do is to track the usage of the circuits at the remote sites by user for the purpose of billing. Is there a way I can track usage by IP address and write the data to a syslog deamon or Radius server. -- Paul B. Watson Network Engineer Inchcape Shipping Services [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26472t=26472 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 4500 or 4500M [7:26428]
Phil, I know this seems like a simple reply, but, on the 4500, if you look along the left side of the power supply,, there should be a little silver sticker deliniating whether it is a 4000, 4500, or a 4500M. HTH, Rob H. NP, DP, blah,blah,blah... I know this has been answered @ least 2 or 3 times since I have been on the list, but... does anyone have the CCO link that show's how to depict which is which ??? Thanks !!! Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26474t=26428 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: show int | include ... [7:26422]
Yeah, I just read that. Very cool! I was playing around with those commands using some pretty wild regular expressions and I got some wonderful results. John Ole Drews Jensen 11/15/01 8:57:24 PM Actually John, you CAN do it. See the reply I got from Kevin Cullimore. Thanks, Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 5:31 PM To: [EMAIL PROTECTED] Subject: Re: show int | include ... [7:26422] The include option works like grep in unix. AFAIK, there is no way to do what you want from the command line. You could add the words FastEthernet to each description! :-) Then, show int | inc FastEthernet would work. John Ole Drews Jensen 11/15/01 4:10:43 PM I wanted to play around with the | include option on the show command, but I can't get it to do what I want, and I can't find any docs on it. I want to include the interface and description of all FastEthernet interfaces. If I do a show int | include FastEthernet it will show the line where it says FastEthernet for all FastEthernet interfaces. Example: SANTA#show int | include FastEthernet FastEthernet0/1 is up, line protocol is up FastEthernet0/2 is up, line protocol is up FastEthernet0/3 is down, line protocol is down FastEthernet0/4 is down, line protocol is down FastEthernet0/5 is down, line protocol is down FastEthernet0/6 is up, line protocol is up FastEthernet0/7 is up, line protocol is up FastEthernet0/8 is up, line protocol is up FastEthernet0/9 is up, line protocol is up FastEthernet0/10 is down, line protocol is down FastEthernet0/11 is down, line protocol is down FastEthernet0/12 is up, line protocol is up If I do a show int | include Description it will show the line where there is a description for all interfaces. Example: SANTA#show int | include Description Description: LINK TO SWITCH IN SUITE 1209 Description: LINK TO HUB IN SUITE 1303 Description: HP LaserJet 4 Plus Description: HP DeskJet 930C Description: FIREWALL Description: Dave Description: Cindy Description: Lauren Description: Sharon But, how do I get both? I have tried the following with out luck: show int | include FastEthernet Description show int | include FastEthernet , Description show int | include FastEthernet | Description show int | include FastEthernet | include Description show int | include FastEthernet include Description This is one of those stupid command options you've seen so many times, but never used. Any comments? Thanks in advance, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26475t=26422 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Back-to-back flapping [7:26469]
Have you tried a different cable? How about swapping which end is DCE? In my home lab I had one bad cable that caused problems like this. Very annoying. In addition, I have a 2501 whose Serial1 interface can't be the DCE or it fails. I knew it was broken when I got it but as long as I make sure that interface is always DTE I'm okay. John NetEng 11/16/01 6:43:28 AM I have a 2620 and a 2501 in a back to back configuration. I have set the clockrate @ 64000 and I have connectivity, however the line is flapping about every 45s. It only stays down for about 5s. Any ideas? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26476t=26469 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How Good Labs go Bad (was RE: A very basic question : BGP [7:26478]
Here's one that I run into nightly. :-) I usually don't have enough equipment or the right equipment to practice labs exactly as written so I have to make a lot of configuration tweaks and additional connections to make it work. What often happens is that later in the lab something that ought to work, doesn't. After troubleshooting for a while it often ends up being one of the tweaks I'd made earlier. The key to this is to really pay attention. Follow instructions to the letter, and if you can't, make sure you remember what you changed to make it work or else it may come back to bite you later. Another common one, often related to OSPF, is that something that was working previously stops working after the router is reloaded. I'll try to think of more. I need more caffeine first. John Howard C. Berkowitz 11/16/01 7:00:28 AM Jason Carnevale got me thinking that there are a number of ways that labs, even more than real-world configurations, go bad. I'd like to start a checklist of such things. 1. There is no return path for your test signal (e.g., ping, traceroute). Also a common real-world problem. 2. A given routing scenario appears at first to work, but fails as routers are added. The real situation was that dynamic routing never worked in the scenario, but you had connectivity through directly connected subnets. 3. Weird protocol combinations imposed by the limited number of routers in a lab, in which protocols are asked to do things they were not designed to do (e.g., IGPs between AS). Multiple levels of redistribution tend to fall into this area. 4. You do not see expected routes due to completely correct summarization or aggregation. 5. Classful versus classless interactions. The real world, at least as defined by the Internet, is classless. 6. Failure to specific ip subnet-zero. 7. Attempts to maximize summarization even if you pick up address ranges not intended to be part of the summary 8. Attempts to minimize the number of lines in a configuration, leading to confusing, error prone access lists, OSPF network specifications, etc. Additional suggestions are welcome, but try to make them general. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26478t=26478 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Min router model to run BGP , OSPF , rip , eigrp and igrp [7:26480]
BGP on a 1750?? Maybe if it is being used in an internal architecture but if you intend to load the entire Internet Table (ie the thing is in excess of 30MB when loaded), then I'd look for a more robust device. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 2:23 AM To: [EMAIL PROTECTED] Subject: Re: Min router model to run BGP , OSPF , rip , eigrp and igrp [7:26453] A 17xx would be OK, but also an 25xx. Important is of course that you have an enterprise image. suaveguru schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all anyone has any idea what is the minimum router model I can buy to do BGP , OSPF, RIP ,EIGRP AND IGRP WiLL A 17XX be sufficient? regards, suaveguru __ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26480t=26480 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Anybody know any good links for CISCO/IS-IS information? [7:26479]
IS-IS is used quite a bit in the military and oversees as well. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Circusnuts Sent: Thursday, November 15, 2001 8:32 PM To: [EMAIL PROTECTED] Subject: Re: Anybody know any good links for CISCO/IS-IS information? [7:26430] You might be surprised just how much IS-IS you understand, if you already have OSPF down. I think MCI is the ISP that still uses quite a bit of IS-IS within their network. http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:ISIS All the best !!! Phil - Original Message - From: Howard C. Berkowitz To: Sent: Thursday, November 15, 2001 3:58 PM Subject: RE: Anybody know any good links for CISCO/IS-IS information? [7:26414] Next month's CertificationZone paper is Part 2 of Peter van Oene's ISIS, which will be available free for one month. Look around www.nanog.org. There are several presentations both by Cisco and Juniper. The Juniper stuff is relevant because Dave Katz wrote both the Cisco and Juniper ISIS code. The Best source of information that I have ever found on IS-IS is in Routing TCP/IP Version 1 by Jeff Doyle. Good resource! Adam Brzyski Design Engineer II CCIE #8082, NNCDE -Original Message- From: Paul Andersen [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 1:58 PM To: [EMAIL PROTECTED] Subject: Anybody know any good links for CISCO/IS-IS information? Hey gang, Anyone know any good links, or where I can find out more info on using CISCO routers with IS-IS? Paul Andersen [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26479t=26479 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Back-to-back flapping [7:26469]
NetEng, Since you have this in a lab setup have you tried running some debugs? What do the stats for your serial interfaces show? Are you dropping physical layer and data link layer or only the data link layer? Do you have logging turned on? Chris -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 10:01 AM To: [EMAIL PROTECTED] Subject: Re: Back-to-back flapping [7:26469] Have you tried a different cable? How about swapping which end is DCE? In my home lab I had one bad cable that caused problems like this. Very annoying. In addition, I have a 2501 whose Serial1 interface can't be the DCE or it fails. I knew it was broken when I got it but as long as I make sure that interface is always DTE I'm okay. John NetEng 11/16/01 6:43:28 AM I have a 2620 and a 2501 in a back to back configuration. I have set the clockrate @ 64000 and I have connectivity, however the line is flapping about every 45s. It only stays down for about 5s. Any ideas? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26481t=26469 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can frame-relay multipoint sub-interfaces support inverse [7:26482]
1. 2. 3. repost - first post got to originator ok but groupstudy copy chopped off the first line. Numbers are to test chop. Original answer (ack'ed by originator): David: Short answer - yes. Try it. Fred Ng, Kim Seng David (David) wrote: Hi, I was a bit confused after reading the Ciscopress CCNP Support book and Caslow's ccie book. Can frame-relay multipoint sub-interfaces support inverse arp DLCI mappings?? Ciscopress Support book seem to say no (not directly though) but Caslow's book says yes. Thanks in advance... David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26482t=26482 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Nat confusion [7:26484]
I am trying to setup NAT translation. here is the setup. I want to NAT any local address, to the IP address of my external ethernet interface (many-to-one). 10.0.0.0 is the internal network. 192.168.1.1 is the IP address of the external ethernet port. I am on the cisco page and I am confused. I have done NAT on 3Com routers, but never on Cisco. Any config help would be appreciated. Thanks, Rob Provost Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26484t=26484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID Exam on Wednesday 11/21/01 [7:26486]
Hi all, I'm taking the CID exam next Wednesday. I decided to pickup one of the Boson practice exams for this test. Does anyone have suggestions on areas to focus my studying on or other tools to use? TIA Darren x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDA, CCIE Written Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26486t=26486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Load Balance [7:26487]
Hi I have implemented OSPF Load Balance by making the cost of the interface equal. For some reason traffic is incomming traffic is prefferd on one of the links. I have bounced the adjacencies and OSPF process. before I twig the cost to balance out the traffic has anyone had this issue? tx mervyn Are the interfaces at both ends in the same switching mode? Check with show ip interface. One end of a link where you aren't in per-packet or per-flow load balancing might be doing per-destination. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26487t=26487 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Nat confusion [7:26484]
ip nat inside source list 1 pool NatPool wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am trying to setup NAT translation. here is the setup. I want to NAT any local address, to the IP address of my external ethernet interface (many-to-one). 10.0.0.0 is the internal network. 192.168.1.1 is the IP address of the external ethernet port. I am on the cisco page and I am confused. I have done NAT on 3Com routers, but never on Cisco. Any config help would be appreciated. Thanks, Rob Provost Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26488t=26484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Wireless Access Point [7:26455]
Yes. I have tested it with several vendor's NICs. You must select No under Use Aironet extensions: option. Otherwise it only talks to Cisco NICs. HTH Darren At 03:50 AM 11/16/2001 -0500, Thomas wrote: Hi All - I wonder if the Cisco wireless access point 350 standard? Is it compatible with other vendor wireless NIC, say D-Link? Thanks! x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDA, CCIE Written Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26491t=26455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: User access accounting [7:26472]
CiscoWorks 2000 MRTG HP Openview and countless others. Not cheap though. only question i have is how are you being charged for the links? Aren't they always nailed up of they are PVC's? Paul Watson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I would appreciate some help with a proposed project. I have a hub and spoke frame relay network with about 60 remote sites. What I need to do is to track the usage of the circuits at the remote sites by user for the purpose of billing. Is there a way I can track usage by IP address and write the data to a syslog deamon or Radius server. -- Paul B. Watson Network Engineer Inchcape Shipping Services [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26492t=26472 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How Good Labs go Bad (was RE: A very basic question : BGP [7:26495]
more below Jason Carnevale got me thinking that there are a number of ways that labs, even more than real-world configurations, go bad. I'd like to start a checklist of such things. 1. There is no return path for your test signal (e.g., ping, traceroute). Also a common real-world problem. 2. A given routing scenario appears at first to work, but fails as routers are added. The real situation was that dynamic routing never worked in the scenario, but you had connectivity through directly connected subnets. 3. Weird protocol combinations imposed by the limited number of routers in a lab, in which protocols are asked to do things they were not designed to do (e.g., IGPs between AS). Multiple levels of redistribution tend to fall into this area. 4. You do not see expected routes due to completely correct summarization or aggregation. 5. Classful versus classless interactions. The real world, at least as defined by the Internet, is classless. 6. Failure to specific ip subnet-zero. 7. Attempts to maximize summarization even if you pick up address ranges not intended to be part of the summary 8. Attempts to minimize the number of lines in a configuration, leading to confusing, error prone access lists, OSPF network specifications, etc. Additional suggestions are welcome, but try to make them general. 9. Ambiguous requirements in the exercise lead to multiple possible correct solutions, but in reality only one solution will work because that's the way the exercise writer designed it. 10. The software is buggy, so you might have a perfectly correct configuration only to discover that it doesn't work because of CSCpi3.14159. 11. Shotgunning a problem by adding/deleting configuration commands and leaving 'artifacts' in the configuration that cause the solution to fail until a router reload is performed to clear the artifacts. 12. Adding or changing commands that really only take effect after a reload is performed. 13. The interaction between different versions of IOS is unpredictable or, worse yet, broken. 14. The lab exercise is just plain wrong, or the solution given is just plain wrong. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26495t=26495 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checked on Archives - CCIE Written Score - Latest [7:26493]
It changes from between 65%-75% depending on how the other candiates have done recently. It constanly changes. kaushik khakhar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Group, It would be great if some one who has recently taken the CCIE Written Exam update me oon the latest pasing score. I have checked the archives70 is passing please confirm. Thanks, Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26494t=26493 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Checked on Archives - CCIE Written Score - Latest [7:26493]
Group, It would be great if some one who has recently taken the CCIE Written Exam update me oon the latest pasing score. I have checked the archives70 is passing please confirm. Thanks, Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26493t=26493 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ospf summerization....please help me... [7:26241]
As always nicely done Thanks E, From: EA Louie Reply-To: EA Louie To: [EMAIL PROTECTED] Subject: Re: ospf summerizationplease help me... [7:26241] Date: Fri, 16 Nov 2001 01:46:33 -0500 i have been reading part two of howard ospf guide and i think i am missing the point on a couple of things and i would apprecite any help you guys could give.. 1)Summarization one config says this int e0 172.16.0.1 255.255.255.0 int e2 172.16.1.1 255.255.255.0 network 172.17.0.1 0.0.0.0 area 1 network 172.17.1.1 0.0.0.0 area 1 area 1 range 172.17.0.0 255.255.254.0 now shouldn`t that read network 172.16 and area 172.16 because i have now interfaces int network 172.17.??...or am i missing something???.. good catch - looks like a simple typo to me, probably with the interface addresses, all other things being equal 2)summariztion Q area 1 has these subnets 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/22 summerie like this area 1 range 192.168.2.0 255.255.254.0 area 1 range 192.168.4.0 255.255.248.0 What happends to 192.168.1.0 . shouldn`t that be in the area range command.sorryi seem to be missing something major no... because there's no way to summarize 192.168.1.0/24 without including 192.168.0.0/24. I mean, what other sub-networks do you want to summarize with 192.168.1.0? Think about it for a minute (hint - summarization occurs most logically at EVEN sub-network boundaries...192.168.1.0 is an odd /24 boundary) many thanks in advance.. steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26496t=26241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Nat confusion [7:26484]
ip nat pool Name 192.168.1.1 192.168.1.1 mask 255.255.255.0 ! creates a pool that defines what the addresses will be translated into ip nat inside source list 1 pool Name overload ! tells the router that addresses defined in acl1 will use the pool Name to translate into when leaving the router. access-list 1 permit 10.0.0.0 0.255.255.255.0 ! Defines that candidate addresses to be NAT'ted ip nat inside ! Apply to internal network int ip nat outside !Apply to external interface Didn't seem to come out right last time. Provost, Robert wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am trying to setup NAT translation. here is the setup. I want to NAT any local address, to the IP address of my external ethernet interface (many-to-one). 10.0.0.0 is the internal network. 192.168.1.1 is the IP address of the external ethernet port. I am on the cisco page and I am confused. I have done NAT on 3Com routers, but never on Cisco. Any config help would be appreciated. Thanks, Rob Provost Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26490t=26484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: show int | include ... [7:26422]
You're quite welcome. As best I can tell, the regular expression functionality cannot include or exclude one line of text based on the contents of another line of text, unless you're willing to use the begin parameter put up with all the output past the line of interest. It's also my (admittedly shallow) understanding that you cannot use both the include exclude argument as an output modifier for the same instance of the show command. Of course, since i backed into this business via exposure to x86 AT architecture and microsoft operating systems, my best guesses regarding such functionality are not worth too much. If someone who actually understands this stuff wants to chime in, please feel free to do so. Ole Drews Jensen on 11/15/2001 10:56:32 PM To: '[EMAIL PROTECTED]' , [EMAIL PROTECTED] cc: Subject: RE: show int | include ... [7:26422] THANKS!! That worked - incredible that you cannot use spaces between the searched words and the |'s. The only questions left now is what if you only want to see the interfaces that are FastEthernet AND has a description :-) ??? I guess that's not possible, but it's worth a try... Thanks again Kevin, Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 6:05 PM To: [EMAIL PROTECTED] Subject: Re: show int | include ... [7:26422] show int | include FastE|Description i usually wind up entering show int | include line|Description|Internet this feature is the reason i find any excuse at all to avoid working with routers bearing 11.x IOS. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t1/cliparse.htm Ole Drews Jensen @groupstudy.com on 11/15/2001 06:10:43 PM Please respond to Ole Drews Jensen Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Kevin Cullimore) Subject: show int | include ... [7:26422] I wanted to play around with the | include option on the show command, but I can't get it to do what I want, and I can't find any docs on it. I want to include the interface and description of all FastEthernet interfaces. If I do a show int | include FastEthernet it will show the line where it says FastEthernet for all FastEthernet interfaces. Example: SANTA#show int | include FastEthernet FastEthernet0/1 is up, line protocol is up FastEthernet0/2 is up, line protocol is up FastEthernet0/3 is down, line protocol is down FastEthernet0/4 is down, line protocol is down FastEthernet0/5 is down, line protocol is down FastEthernet0/6 is up, line protocol is up FastEthernet0/7 is up, line protocol is up FastEthernet0/8 is up, line protocol is up FastEthernet0/9 is up, line protocol is up FastEthernet0/10 is down, line protocol is down FastEthernet0/11 is down, line protocol is down FastEthernet0/12 is up, line protocol is up If I do a show int | include Description it will show the line where there is a description for all interfaces. Example: SANTA#show int | include Description Description: LINK TO SWITCH IN SUITE 1209 Description: LINK TO HUB IN SUITE 1303 Description: HP LaserJet 4 Plus Description: HP DeskJet 930C Description: FIREWALL Description: Dave Description: Cindy Description: Lauren Description: Sharon But, how do I get both? I have tried the following with out luck: show int | include FastEthernet Description show int | include FastEthernet , Description show int | include FastEthernet | Description show int | include FastEthernet | include Description show int | include FastEthernet include Description This is one of those stupid command options you've seen so many times, but never used. Any comments? Thanks in advance, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. This message may contain
FW: Nat confusion [7:26484]
Ignore this post. I figured it out. For anyone who is interested: http://www.cisco.com/warp/public/556/12.html#2 Thanks -Original Message- From: Provost, Robert [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 11:27 AM To: [EMAIL PROTECTED] Subject: Nat confusion [7:26484] I am trying to setup NAT translation. here is the setup. I want to NAT any local address, to the IP address of my external ethernet interface (many-to-one). 10.0.0.0 is the internal network. 192.168.1.1 is the IP address of the external ethernet port. I am on the cisco page and I am confused. I have done NAT on 3Com routers, but never on Cisco. Any config help would be appreciated. Thanks, Rob Provost Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26498t=26484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX 6.1(1) SSH to outside [7:26502]
Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26502t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: help me set clock on router [7:26435]
hk, I've been told by Cisco support that 2500 series router doesn't have a hardware clock. That agrees with what Scott has said. We use ntp on our routers, by pulling time from an HP machine which gets it time from a master time server on the Internet. IOS command is 'ntp server '. Hope that helps. -Original Message- From: hk [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 8:00 PM To: [EMAIL PROTECTED] Subject: help me set clock on router [7:26435] Dear group Psl show me Why is ? When I set clock on rouer 2500 ,2600,3660 serial , but If I reload router . My router not save clock then return *01:41:38.137 UTC Thu Mar 4 1993 Thank Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26500t=26435 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Nat confusion [7:26484]
How easy it is to forget that our native tongue is foreign to others. Try this page: http://www.cisco.com/warp/public/556/12.html#0 Let's call E0 the external interface and E1 the internal. ip nat inside source list 1 interface ethernet 0 overload ! int e0 ip address 192.168.1.1 255.255.255.0 ip nat outside ! int e1 ip address 10.10.10.1 255.255.255.0 (or whatever) ip nat inside ! access-list 1 permit 10.10.10.0 0.0.0.255 This should work just fine for those inside wishing to initiate communication outside. Those outside cannot initiate communication to inside machines as there is no static mapping of addresses with this config. -Original Message- From: Provost, Robert [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 10:27 AM To: [EMAIL PROTECTED] Subject: Nat confusion [7:26484] I am trying to setup NAT translation. here is the setup. I want to NAT any local address, to the IP address of my external ethernet interface (many-to-one). 10.0.0.0 is the internal network. 192.168.1.1 is the IP address of the external ethernet port. I am on the cisco page and I am confused. I have done NAT on 3Com routers, but never on Cisco. Any config help would be appreciated. Thanks, Rob Provost Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26501t=26484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Exam on Wednesday 11/21/01 [7:26486]
Darren, I personally took the CID beta a while ago and I'm not sure if they made it into the new exam.. I personally thought the CID beta was harder than the CCIE written and just as encompassing. Nowhere near as bad on rif type stuff though. Cory -Original Message- From: Darren Crawford [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 10:43 AM To: [EMAIL PROTECTED] Subject: CID Exam on Wednesday 11/21/01 [7:26486] Hi all, I'm taking the CID exam next Wednesday. I decided to pickup one of the Boson practice exams for this test. Does anyone have suggestions on areas to focus my studying on or other tools to use? TIA Darren x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDA, CCIE Written Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26504t=26486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: show int | include ... [7:26422]
Thanks Kevin, Have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 11:14 AM To: [EMAIL PROTECTED] Subject: RE: show int | include ... [7:26422] You're quite welcome. As best I can tell, the regular expression functionality cannot include or exclude one line of text based on the contents of another line of text, unless you're willing to use the begin parameter put up with all the output past the line of interest. It's also my (admittedly shallow) understanding that you cannot use both the include exclude argument as an output modifier for the same instance of the show command. Of course, since i backed into this business via exposure to x86 AT architecture and microsoft operating systems, my best guesses regarding such functionality are not worth too much. If someone who actually understands this stuff wants to chime in, please feel free to do so. Ole Drews Jensen on 11/15/2001 10:56:32 PM To: '[EMAIL PROTECTED]' , [EMAIL PROTECTED] cc: Subject: RE: show int | include ... [7:26422] THANKS!! That worked - incredible that you cannot use spaces between the searched words and the |'s. The only questions left now is what if you only want to see the interfaces that are FastEthernet AND has a description :-) ??? I guess that's not possible, but it's worth a try... Thanks again Kevin, Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 6:05 PM To: [EMAIL PROTECTED] Subject: Re: show int | include ... [7:26422] show int | include FastE|Description i usually wind up entering show int | include line|Description|Internet this feature is the reason i find any excuse at all to avoid working with routers bearing 11.x IOS. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t1/cliparse.htm Ole Drews Jensen @groupstudy.com on 11/15/2001 06:10:43 PM Please respond to Ole Drews Jensen Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Kevin Cullimore) Subject: show int | include ... [7:26422] I wanted to play around with the | include option on the show command, but I can't get it to do what I want, and I can't find any docs on it. I want to include the interface and description of all FastEthernet interfaces. If I do a show int | include FastEthernet it will show the line where it says FastEthernet for all FastEthernet interfaces. Example: SANTA#show int | include FastEthernet FastEthernet0/1 is up, line protocol is up FastEthernet0/2 is up, line protocol is up FastEthernet0/3 is down, line protocol is down FastEthernet0/4 is down, line protocol is down FastEthernet0/5 is down, line protocol is down FastEthernet0/6 is up, line protocol is up FastEthernet0/7 is up, line protocol is up FastEthernet0/8 is up, line protocol is up FastEthernet0/9 is up, line protocol is up FastEthernet0/10 is down, line protocol is down FastEthernet0/11 is down, line protocol is down FastEthernet0/12 is up, line protocol is up If I do a show int | include Description it will show the line where there is a description for all interfaces. Example: SANTA#show int | include Description Description: LINK TO SWITCH IN SUITE 1209 Description: LINK TO HUB IN SUITE 1303 Description: HP LaserJet 4 Plus Description: HP DeskJet 930C Description: FIREWALL Description: Dave Description: Cindy Description: Lauren Description: Sharon But, how do I get both? I have tried the following with out luck: show int | include FastEthernet Description show int | include FastEthernet , Description show int | include FastEthernet | Description show int | include FastEthernet | include Description show int | include FastEthernet include Description This is one of those stupid command options you've seen so many times, but never used. Any comments? Thanks in advance, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ This
Re: PIX 6.1(1) SSH to outside [7:26502]
Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26508t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
I have no problem with what your saying here. I just have a problem with the sarcasm and derogatory was you do it, thats all!! --- Dennis wrote: What are you going to do when your company network is down and the CEO is breathing down your neck asking when is it going to be fixed? I guess you'll tell him we'll I asked a question in the newsgroup and nobody told me what to do yet. That's a quick way to be shown the door. I stand by my assertion that the best way to advance one's career in networking is to develop the ability to look up problems and solutions on ones own. When stumped on a problem, ask the group... not ask the group first. I say again if you want to teach people that the way to resolve a problem is to blindly ask other people for solutions without trying to research and resolve on ones own, that's up to you but you're not doing them a favor and you'll diminish their abilities and career potential by doing that. What do you think the CCIE lab exam tests? Do they give you newsgroup access? Do they let you phone a friend? No, they give you a network, a set of issues, and reference material to research when needed. The exam is designed to test ones ability to think through issues, research when needed, and identify possible solutions. The people that follow your advice will never have the skills to be high level networkers. But that's alright, they'll be the people under me who'll always be asking me what to do when confronted with a problem. And that's why I'll be getting the big bucks... cause I can think and research on my own... and not run to others right away... Give a man a fish and he eats for a day... teach a man to fish and he eats for a lifetime... -- -=Repy to group only... no personal=- Sal DiStefano wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have been following this without saying anything, but I cant resist any longer. Are you saying that people should look up all their own answers? If that is the case, why have this board? Just so mean spirited people like those who answered this guy with useless answers can pounce on the newbie who asks what you consider a question which is not worthy? I think one of the great things about a group like this is I don't need to look up everything myself, I can rely on the knowledge and experience of others, and hopefully bring my experiences to some use here for others. Who should decide what others can ask? If the person comes here for an answer to a question rather that spending hours looking it up themselves, I think it shows that they know where to go for answers. I don't think traveling the hard road is the important part, I think getting the answers is. If you don't have something constructive to say don't reply to the post! If you can't say somethin' nice, Don't say nothin' at all. - Bambi Hope I haven't offended anyone. Sal = Ask yourself if what you are doing today is getting you closer to where you want to be tomorrow. - Unknown __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com [EMAIL PROTECTED] = Ask yourself if what you are doing today is getting you closer to where you want to be tomorrow. - Unknown __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26507t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 6.1(1) SSH to outside [7:26502]
did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26505t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Load Balance [7:26503]
The way I read the original question was that costs of all interfaces in the affected routers were equal, not on a single router. Could the original poster clarify? Yes. Load balancing is only controllable for outbound traffic from a router. You can make inbound traffic load balanced to a router but you will need to control this from the outbound traffic from that adjacent router. L8r. -Original Message- From: Courtney Alexander Foster [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 9:29 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: OSPF Load Balance Doesn't load balancing control the out going traffic...not the incoming -C it always darkest...right before it goes completely black -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 9:54 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Load Balance Hi I have implemented OSPF Load Balance by making the cost of the interface equal. For some reason traffic is incomming traffic is prefferd on one of the links. I have bounced the adjacencies and OSPF process. before I twig the cost to balance out the traffic has anyone had this issue? tx mervyn The significant problems we face cannot be solved at the same level of thinking we were at when we created them. -Albert Einstein mervyn christoffels Sr. Network Engineer AOL/IC/Int'l Network Architecture Office,+1 703-2655376 Pager, +1 877-863-4041 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26503t=26503 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 6.1(1) SSH to outside [7:26502]
Please post your config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26509t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: vpn [7:26452]
If I understand you correctly, yes. The real destination IP is hidden, and the destination IP address visible to the internet is the VPN server on the other side. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26511t=26452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 6.1(1) SSH to outside [7:26502]
Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26512t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 6.1(1) SSH to outside [7:26502]
0.0.0.0 0.0.0.0 specifies all ... but I have done x.x.x.x 255.255.255.255 outside and it still doesn't work. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26513t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 6.1(1) SSH to outside [7:26502]
For example ssh 1.1.1.1 255.255.255.255 outside That should do it. -Jake -Original Message- From: Hansraj Patil [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 12:21 PM To: [EMAIL PROTECTED] Subject: RE: PIX 6.1(1) SSH to outside [7:26502] Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26515t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: User access accounting [7:26472]
Thank you for the suggestion. To clarify: These are PVC's so they are nailed up. Also, I use Openview to manage my network but what I need is not usage of a particular PVC but a packet count/percent usage of the bandwidth for a particular user on that PVC so I can bill that user a proper percentage of the cost for that bandwidth. I have not been able to find a way to do this with NNM. Thanks, Paul VoIP Guy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... CiscoWorks 2000 MRTG HP Openview and countless others. Not cheap though. only question i have is how are you being charged for the links? Aren't they always nailed up of they are PVC's? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26514t=26472 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checked on Archives - CCIE Written Score - Latest [7:26493]
As of yesterday at 9:30 AM. The passing score was 70/100. kaushik khakhar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Group, It would be great if some one who has recently taken the CCIE Written Exam update me oon the latest pasing score. I have checked the archives70 is passing please confirm. Thanks, Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26517t=26493 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mac Address filtering on a 3512XL [7:26398]
And I would like to add a comment about something I took for granted. I assumed that a wireless sniffer couldn't see traffic if its MAC address was not on the list of MAC addresses at the access point. I thought it wouldn't be able to join the wireless network. I was wrong. It can see traffic (unless the traffic is WEP or LEAP encrypted, I would guess). The host running the sniffer can't actually use the access point to reach the wired network (because of the MAC access control lists) but it can still see packets on the wireless RF side. I guess that makes sense, but it surprised me. One caveat: this testing was done with access control lists configured on a non-Cisco access point, so may not apply to a Cisco access point. Anyone know? (Also, it's a bit different from applying the access control lists on the wired switch which we were discussing. In that case, one wouldn't assume that there was any security on the wireless side, I guess.) Priscilla At 11:44 PM 11/15/01, Andras Bellak wrote: I missed something in my last reply that some folks might not take for granted - once you have sniffed the mac address of a wireless card, changing your card to match is simple - I did it on a card integrated into a notebook inside of 30 seconds - you set it in the GUI even. Andras -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 7:10 PM To: [EMAIL PROTECTED] Subject: RE: Mac Address filtering on a 3512XL [7:26398] Ken, this comes up regularly with customers who want to do wireless, as if wireless will solve some great problem of theirs. well, in the case of my customers, there are indeed some great vertical applications that make this a wonderful technology. but... yes, mac filtering is one way to provide some modicum of security. spoofing mac's is not the first thing that enters the hacker's mind, so I've heard, but I would not rely on any one method to ensure a secure net. remember that there are several wireless sniffers available, so mac information can be decoded, and later spoofed. some folks I have spoken with do a number of things, including WEP, LEAP, and IPSec or L2TP from the wireless end device into the network, end to end. some folks go so far as to encrypt everything on storage devices, so that even if the wireless authentication is broken, it does hacker no good. if your app is hand-held based these may not be options. then you are back to the mac filtering. still, you might want to think about upping to 128 WEP anyway. how concerned are you about the integrity and confidentiality of the data going over the wireless? more so or less so than if that same data were available via VPN across the internet or via dial up access? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Diliberto Sent: Thursday, November 15, 2001 3:18 PM To: [EMAIL PROTECTED] Subject: Re: Mac Address filtering on a 3512XL [7:26398] Yes, I do have a goal in mind. I just purchased some wireless equipment and would like to restrict the MAC addresses allowed in. 40 bit encryption is not good enough for the paranoid like me. It seems the network name is advertised. To me, that security really sucks. Besides, it's another challenge. Next, maybe a VPN tunnel. :-) Ken Howard C. Berkowitz 11/15/01 02:24PM I am wanting to configure a mac-address filter on my switch but need some help. Has anyone done this? Thanks. Ken Well, yes. But to coin a phrase, and to put it into a better context, what problem are you trying to solve? I find people learn better when they have a goal in mind, then look at configuration alternatives and how they relate to the problem. Howard Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26516t=26398 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PPTP Through a PIX Firewall [7:26519]
Hello all; We have a challenge. It appears that we can not VPN through our PIX firewall using PPTP to a remote location. Note, we are NOT using PPTP on the PIX itself; we just want it to pass the traffic through it. Anyone see this issue before and/or have any ideas to a possible solution? Thanks all in advance, -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26519t=26519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
Again, I can't resist either. No matter how many times the issue comes up, those that have the superiority complexes can't seem to hear the message. The length of that lecture is a perfect example. I don't think anybody that has the initiative to get into networking is looking for an endless supply of free fish, rather I believe that finding this list is in itself is showing a desire to learn to fish. Some just have to ask what a hook and bait, or line is and how they work. I agree totally that some of those that have been here awhile show the need to demean others to feel knowledgeable and important. I suggest that if it bothers you to answer rookie questions, don't bother with the lecture either. I'm sure some one else will be glad to help a beginner without belittling them. I mean, look at Priscilla as an example. She is about as much of an old pro at this stuff as there can be, but she either doesn't answer or she shows respect when she does. There are many others too, Howard comes to mind... try to show some class and follow their examples. Larry Puckette Network Analyst CCNA,MCP,LANCP Temple Inland [EMAIL PROTECTED] 512/434-1838 -Original Message- From: Sal DiStefano [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 11:46 AM To: [EMAIL PROTECTED] Subject:Re: Salary Expectations/CCNP's! [7:25805] I have no problem with what your saying here. I just have a problem with the sarcasm and derogatory was you do it, thats all!! --- Dennis wrote: What are you going to do when your company network is down and the CEO is breathing down your neck asking when is it going to be fixed? I guess you'll tell him we'll I asked a question in the newsgroup and nobody told me what to do yet. That's a quick way to be shown the door. I stand by my assertion that the best way to advance one's career in networking is to develop the ability to look up problems and solutions on ones own. When stumped on a problem, ask the group... not ask the group first. I say again if you want to teach people that the way to resolve a problem is to blindly ask other people for solutions without trying to research and resolve on ones own, that's up to you but you're not doing them a favor and you'll diminish their abilities and career potential by doing that. What do you think the CCIE lab exam tests? Do they give you newsgroup access? Do they let you phone a friend? No, they give you a network, a set of issues, and reference material to research when needed. The exam is designed to test ones ability to think through issues, research when needed, and identify possible solutions. The people that follow your advice will never have the skills to be high level networkers. But that's alright, they'll be the people under me who'll always be asking me what to do when confronted with a problem. And that's why I'll be getting the big bucks... cause I can think and research on my own... and not run to others right away... Give a man a fish and he eats for a day... teach a man to fish and he eats for a lifetime... -- -=Repy to group only... no personal=- Sal DiStefano wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have been following this without saying anything, but I cant resist any longer. Are you saying that people should look up all their own answers? If that is the case, why have this board? Just so mean spirited people like those who answered this guy with useless answers can pounce on the newbie who asks what you consider a question which is not worthy? I think one of the great things about a group like this is I don't need to look up everything myself, I can rely on the knowledge and experience of others, and hopefully bring my experiences to some use here for others. Who should decide what others can ask? If the person comes here for an answer to a question rather that spending hours looking it up themselves, I think it shows that they know where to go for answers. I don't think traveling the hard road is the important part, I think getting the answers is. If you don't have something constructive to say don't reply to the post! If you can't say somethin' nice, Don't say nothin' at all. - Bambi Hope I haven't offended anyone. Sal = Ask yourself if what you are doing today is getting you closer to where you want to be tomorrow. - Unknown __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com [EMAIL PROTECTED] = Ask yourself if what you are doing today is getting you closer to where you want to be tomorrow. - Unknown __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at:
what happen to the KLEIN INTERACTIVE SITE [7:26521]
DOES ANYONE KNOW WHAT HAPPEN TO THE CHEET-SHEETS web site. I AM trying to purchase the CCIE WRITTEN PRACTICE NOTES. IF you have any information on this or have already purchased please let me know. Thanks, Danny Rising, II Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26521t=26521 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QuizWare vs. Boson [7:26361]
With all respect to Mr. Deal, I just wanted to correct a few misconceptions. I don't know of any upper limit on the number of questions on the standard Boson exam; authors are required to submit at least 204 questions, but they can choose to put more. My CCIE Written practice exam currently has 400 questions, and I've added another 24 for the next revision. The price doesn't change, and the author does not receive additional compensation, but it's often difficult to provide comprehensive coverage with a lesser number of questions, and since our names are on it, we all want to do a good job. Most of the materials on the two websites are identical, but the custom products done for Quizware cost a little more, and have a minimum of 500 questions. Again, the difference is in the minimum number of questions, not the maximum. That said, I must say my favorite thing about writing for Boson is the interactivity. If someone e-mails me that something is not clear, or that there's a problem with a question, I can update the data base on an almost weekly basis. I think this creates a situation where the product evolves over time, taking input from a wide base of people of various skill sets. I would recommend to anyone who has licensed a Boson or Quizware product to take advantage of the regular updates, it's a great feature. Thanks... -=- Dennis -Original Message- From: Richard Deal [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 12:16 PM To: [EMAIL PROTECTED] Subject: Re: QuizWare vs. Boson [7:26361] To all, I'm an author for QuizWare for Cisco tests and I can say that ALL my tests have COMPLETELY different questions than Boson. The test engine used by QuizWare is the same engine that Boson uses. Actually, QuizWare is a channel partner of Boson. QuizWare caters, for the most part, to authors that want to develop customized tests. Boson restricts their test prices to $39.95 and the number of questions per test to about 200. QuizWare has no such restriction, so an author could charge $1,000 per test and put 10,000 questions in it. The tests that I have written for QuizWare have at least 500 questions each and only cost $49.95. Plus, I have a special of buy 3, get the 4th free. Hope this helps! Dimitris Vassilopoulos wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Same format, same questions... Dvass -- __ Richard Deal email: [EMAIL PROTECTED] web: http://pages.prodigy.net/richard.deal * Just finished a CCNA ebook available at Boson (www.boson.com): + CCNA Secrets Revealed! * CCNP test author for QuizWare (www.quizware.com) + CCNA #1 and #2 -- 550 questions each! + CCNP Routing #1 -- 500 questions + CCNP Switching #1 -- 500 questions + CCNP Remote Access #1 -- 500 questions + CCNP Support #1 -- 500 questions * Author of the following Coriolis books: + CCNP Switching Exam Cram + CCNP Remote Access Exam Prep + CCNP Cisco Lan Switch Configuration Exam Cram __ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26522t=26361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 6.1(1) SSH to outside [7:26502]
Maybe be PIX might have lost the RSA key. Regenerate the RSA key, do write mem see if it works. I have seen the problem where PIX used to loose RSA key every time I reboot the PIX. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 10:28 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] 0.0.0.0 0.0.0.0 specifies all ... but I have done x.x.x.x 255.255.255.255 outside and it still doesn't work. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26520t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How Good Labs go Bad (was RE: A very basic question : BGP [7:26523]
These are sort of basic mistakes that I have made or my students have made in a lab environment: No clock rate command on back-to-back serial link. No frame-relay intf-type dce on back-to-back Frame Relay. No OSPF neighbor command on back-to-back serial link. (Gurus: check this one!?) Assuming Frame Relay Inverse ARP will be on by default, (which it doesn't seem to be for older IOS versions, such as 11.0) Using the other side's DLCI instead of your own in the frame-relay map command. Using your own IP address instead of the other side's in the frame-relay map command. In PPP networks, using the local hostname for the username. Illogical, but a common mistake. Assuming copy start run will replace your running config instead of add to it. Testing access lists with traffic sourced by the router instead of traffic forwarded by the router. There are probably a zillion more, but for some reason I'm drawing a blank now. Good discussion! Priscilla -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 8:00 AM To: [EMAIL PROTECTED] Subject: How Good Labs go Bad (was RE: A very basic question : BGP [7:26470] Jason Carnevale got me thinking that there are a number of ways that labs, even more than real-world configurations, go bad. I'd like to start a checklist of such things. 1. There is no return path for your test signal (e.g., ping, traceroute). Also a common real-world problem. 2. A given routing scenario appears at first to work, but fails as routers are added. The real situation was that dynamic routing never worked in the scenario, but you had connectivity through directly connected subnets. 3. Weird protocol combinations imposed by the limited number of routers in a lab, in which protocols are asked to do things they were not designed to do (e.g., IGPs between AS). Multiple levels of redistribution tend to fall into this area. 4. You do not see expected routes due to completely correct summarization or aggregation. 5. Classful versus classless interactions. The real world, at least as defined by the Internet, is classless. 6. Failure to specific ip subnet-zero. 7. Attempts to maximize summarization even if you pick up address ranges not intended to be part of the summary 8. Attempts to minimize the number of lines in a configuration, leading to confusing, error prone access lists, OSPF network specifications, etc. Additional suggestions are welcome, but try to make them general. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26523t=26523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
what happren to cheetsheets [7:26524]
DOES ANYONE KNOW WHAT HAPPEN TO THE CHEET-SHEETS web site. I AM trying to purchase the CCIE WRITTEN PRACTICE NOTES. IF you have any information on this or have already purchased please let me know. email me [EMAIL PROTECTED] Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26524t=26524 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
There are, I hope, perspective employers looking at this service. They can make up their own minds about folks who are looking for a 'quick fix' and their motivations. But I would not hire, or even look at, people who make a practice of belittlement and sarcasm. I'd rather hire a person who asks; in whatever format. And no, I don't care how 'smart' they are, or how smart they think they are. There are good people, with good ethics, who can do the job, regardless of complexity. It may take longer, and they might even have to ask It is also much easier to ridicule someone than give a polite pointer and/or response. Transparent, in some of the past cases. S, 'let the heathen rage', big people can take small-minded responses. Water off a duck's back. By the way, this thread has had a number of 'big people' mentioned; Babbage, Smee, Turing, amongst others. Thanks to all who try a make positive that which can seem so negative, at times. That list remains incomplete! Let's hear some more names of heroes of digital technology! Very best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26525t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT Fridays funnies!! [7:26526]
Just a note Because of the lousy job market for netwotkers lately I've decided to pass this site along. http://www.oddtodd.com now the funnies. - People in other countries sometimes go out of their way to communicate with their English-speaking tourists. Here are some signs seen around the world: Doctor's office, Rome SPECIALIST IN WOMEN AND OTHER DISEASES Hotel, Acapulco THE MANAGER HAS PERSONALLY PASSED ALL THE WATER SERVED HERE. Information booklet about using a hotel air conditioner, Japan COOLES AND HEATES: IF YOU WANT CONDITION OF WARM AIR IN YOUR ROOM, PLEASE CONTROL YOURSELF. Car rental brochure, Tokyo WHEN PASSENGER OF FOOT HEAVE IN SIGHT, TOOTLE THE HORN. TRUMPET HIM MELODIOUSLY AT FIRST, BUT IF HE STILL OBSTACLES YOUR PASSAGE THEN TOOTLE HIM WITH VIGOUR. Sign in men's rest room in Japan TO STOP LEAK TURN COCK TO THE RIGHT. On a poster at Kencom ARE YOU AN ADULT THAT CANNOT READ? IF SO, WE CAN HELP. In a City restaurant OPEN SEVEN DAYS A WEEK, AND WEEKENDS TOO. One of the Mathare buildings MENTAL HEALTH PREVENTION CENTRE. A sign seen on an automatic restroom hand dryer DO NOT ACTIVATE WITH WET HANDS. In a Pumwani maternity ward NO CHILDREN ALLOWED. In a cemetery PERSONS ARE PROHIBITED FROM PICKING FLOWERS FROM ANY BUT THEIR OWN GRAVES. Tokyo hotel's rules and regulations GUESTS ARE REQUESTED NOT TO SMOKE OR DO OTHER DISGUSTING BEHAVIOURS IN BED. In a Tokyo bar SPECIAL COCKTAILS FOR THE LADIES WITH NUTS. In a Bangkok temple IT IS FORBIDDEN TO ENTER A WOMAN EVEN A FOREIGNER IF DRESSED AS A MAN. Hotel room notice, Chiang-Mai, Thailand PLEASE DO NOT BRING SOLICITORS INTO YOUR ROOM. Hotel brochure, Italy THIS HOTEL IS RENOWNED FOR ITS PEACE AND SOLITUDE. IN FACT, CROWDS FROM ALL OVER THE WORLD FLOCK HERE TO ENJOY ITS SOLITUDE. Hotel lobby, Bucharest THE LIFT IS BEING FIXED FOR THE NEXT DAY. DURING THAT TIME WE REGRET THAT YOU WILL BE UNBEARABLE. Hotel, Yugoslavia THE FLATTENING OF UNDERWEAR WITH PLEASURE IS THE JOB OF THE CHAMBERMAID. Hotel, Japan YOU ARE INVITED TO TAKE ADVANTAGE OF THE CHAMBERMAID. In the lobby of a Moscow hotel across from a Russian Orthodox monastery: YOU ARE WELCOME TO VISIT THE CEMETERY WHERE FAMOUS RUSSIAN AND SOVIET COMPOSERS, ARTISTS, AND WRITERS ARE BURIED DAILY EXCEPT THURSDAY. From the Soviet Weekly THERE WILL BE A MOSCOW EXHIBITION OF ARTS BY 15,000 SOVIET REPUBLIC PAINTERS AND SCULPTORS. THESE WERE EXECUTED OVER THE PAST TWO YEARS. Hotel catering to skiers, Austria NOT TO PERAMBULATE THE CORRIDORS IN THE HOURS OF REPOSE IN THE BOOTS OF ASCENSION. Supermarket, Hong Kong FOR YOUR CONVENIENCE, WE RECOMMEND COURTEOUS EFFICIENT SELF-SERVICE. In an East African newspaper A NEW SWIMMING POOL IS RAPIDLY TAKING SHAPE SINCE THE CONTRACTORS HAVE THROWN IN THE BULK OF THEIR WORKERS. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26526t=26526 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 6.1(1) SSH to outside [7:26502]
You can also do ca zeroize rsa to clear the key then do ca gen rsa key 512 to generate a new one. Just make sure your souce IP your connecting from is correct. Try turning on debug like debug crypto ipsec|isakmp|ca to determine what is being rejected. -Jake -Original Message- From: Hansraj Patil [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 1:24 PM To: [EMAIL PROTECTED] Subject: RE: PIX 6.1(1) SSH to outside [7:26502] Maybe be PIX might have lost the RSA key. Regenerate the RSA key, do write mem see if it works. I have seen the problem where PIX used to loose RSA key every time I reboot the PIX. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 10:28 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] 0.0.0.0 0.0.0.0 specifies all ... but I have done x.x.x.x 255.255.255.255 outside and it still doesn't work. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26527t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP on Cisco with 2 Ehternet to ISP [7:26528]
It is routing problem when configure 2 routers 2621( 2Ethernet)have the same LAN ? router A :fastE0/0 is LAN fastE0/1 (10Mbs)Link to ISP router 1 router B FastE0/0 ls LAN fastE0/1 (10Mbs) link to ISP router 2 router A is active router B is backup When one of LINK (muliti access connection )is going down, will router update at connection breakdown ? Regards Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26528t=26528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPTP Through a PIX Firewall [7:26519]
If I remember correctly, in order to pass PPTP through the PIX, you still have to provide the settings in the Access List applied to the interfaces. Here are the two that I had to activate for PPTP to pass through one of my customer's PIXs (applied to the outside interface) (sterilized, of course): access-list zzz permit tcp host x.x.x.x host y.y.y.y eq 1723 access-list zzz permit gre host x.x.x.x host y.y.y.y Don't know if that helps, and please correct me if I am wrong in my answers. Mike - Original Message - From: Rizzo, Damian To: Sent: Friday, November 16, 2001 14:13 Subject: PPTP Through a PIX Firewall [7:26519] Hello all; We have a challenge. It appears that we can not VPN through our PIX firewall using PPTP to a remote location. Note, we are NOT using PPTP on the PIX itself; we just want it to pass the traffic through it. Anyone see this issue before and/or have any ideas to a possible solution? Thanks all in advance, -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26529t=26519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Client Internet access through PIX VPN [7:26530]
Hello, I have two offsite clients. Both connect to our LAN through a PIX 515 via the 3.1.1 client. One client uses DHCP, the other is static. I have split-tunnel enabled on the PIX referencing a separate access-list than my NAT statement. The client using DHCP can access the internet while connected to our LAN through VPN but the static client can not. He can only access the internet when disconnected from our LAN. I would like the static client to be able to access the Internet while connected to our LAN as well. Any ideas? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26530t=26530 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP on Cisco with 2 Ehternet to ISP [7:26528]
Try using the track interface command on each router. -Original Message- From: kim [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 2:56 PM To: [EMAIL PROTECTED] Subject: HSRP on Cisco with 2 Ehternet to ISP [7:26528] It is routing problem when configure 2 routers 2621( 2Ethernet)have the same LAN ? router A :fastE0/0 is LAN fastE0/1 (10Mbs)Link to ISP router 1 router B FastE0/0 ls LAN fastE0/1 (10Mbs) link to ISP router 2 router A is active router B is backup When one of LINK (muliti access connection )is going down, will router update at connection breakdown ? Regards Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26533t=26528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checked on Archives - CCIE Written Score - Latest [7:26493]
Hello All, Just took and failed the written Exam this morning. Does anyone have information on a prep class for the written? Thanks _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26534t=26493 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Exam on Wednesday 11/21/01 [7:26486]
Darren, I have to say the CID is by the hardest Cisco test I have taken to date. Boson is a great choice for a practice exam. Some areas to focus on are x.25, AppleTalk, split horizon, SNA, and IOS versions of released features. I can't get into more detail, but I hope this helps. Scott Nawalaniec Network Administrator CCNP, CCDP, CCNA, CCDA, CNA, MCP, Network+ -Original Message- From: Stull, Cory [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 9:39 AM To: [EMAIL PROTECTED] Subject: RE: CID Exam on Wednesday 11/21/01 [7:26486] Darren, I personally took the CID beta a while ago and I'm not sure if they made it into the new exam.. I personally thought the CID beta was harder than the CCIE written and just as encompassing. Nowhere near as bad on rif type stuff though. Cory -Original Message- From: Darren Crawford [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 10:43 AM To: [EMAIL PROTECTED] Subject: CID Exam on Wednesday 11/21/01 [7:26486] Hi all, I'm taking the CID exam next Wednesday. I decided to pickup one of the Boson practice exams for this test. Does anyone have suggestions on areas to focus my studying on or other tools to use? TIA Darren x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDA, CCIE Written Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26535t=26486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 6.1(1) SSH to outside [7:26502]
You have to do a ca save all to save the key. wri me doesn't do it. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Maybe be PIX might have lost the RSA key. Regenerate the RSA key, do write mem see if it works. I have seen the problem where PIX used to loose RSA key every time I reboot the PIX. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 10:28 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] 0.0.0.0 0.0.0.0 specifies all ... but I have done x.x.x.x 255.255.255.255 outside and it still doesn't work. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26536t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Spanning Tree Protocol [7:26538]
What Multicast address does STP use? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26538t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Turning a PC Into a Franken-PIX [7:26539]
Hello all, I am currently planning on earning my CQS in Security but don't have the money to buy a PIX. I had heard from my CCNP instructor that there are directions out there on turning a PC into one. If anyone has a link or the info I'd greatly appreciate it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26539t=26539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:26538]
You asked that question right when I had EtherPeek running on my PC. So, the answer is: 0180.c200. Source and Destination SAP: 0x42 :-) See? The answer *is* 42! Randy Lopez 11/16/01 2:27:57 PM What Multicast address does STP use? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26540t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 6.1(1) SSH to outside [7:26502]
Oh! Thanks. I didn't know it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Bass Sent: Friday, November 16, 2001 1:05 PM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] You have to do a ca save all to save the key. wri me doesn't do it. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Maybe be PIX might have lost the RSA key. Regenerate the RSA key, do write mem see if it works. I have seen the problem where PIX used to loose RSA key every time I reboot the PIX. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 10:28 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] 0.0.0.0 0.0.0.0 specifies all ... but I have done x.x.x.x 255.255.255.255 outside and it still doesn't work. Hansraj Patil wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Don't to have specify client IP address in ssh command...? ssh (IP address netmask) oustside -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russell Lusignan Sent: Friday, November 16, 2001 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PIX 6.1(1) SSH to outside [7:26502] Yup, hostname and domain are configured, and show ca mypubkey shows the key, sorry, should have included that in the original post. Let me know if you have any other ideas :) -Russ Patrick Bass wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... did you configure a hostname and a domain-name? do a show ca mypubkey rsa from config mode to verify you have a key also reissue ssh 0 0 outside if it doesn't work, pls post config Russell Lusignan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey group, I have a PIX 525 in failover that I am trying to get SSH enabled on. I have done: password ca generate rsa key 1024 ssh outside ca save all SSH doesn't respond in any way to my client (tried several). Debug SSH shows nothing, and Debug IP packet shows my client IP trying to establish a session on port 22 with the PIX, yet the PIX doesn't respond. The 525s are working correctly (passing traffic etc.. ) Another set of 525's SSH config work fine, can't think of what I am missing here. Anyone have any ideas? -Russ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26541t=26502 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:26538]
Here's one way to find it: Bill_Cat5505 (enable) sh cam system * = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry. X = Port Security Entry VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] -- 1 00-90-f2-e6-1f-ff# 1/3 1 01-00-0c-cc-cc-cc# 1/3 1 01-00-0c-cc-cc-cd# 1/3 1 01-00-0c-ee-ee-ee# 1/3 1 01-80-c2-00-00-00# 1/3 1 01-80-c2-00-00-01# 1/3 Total Matching CAM Entries Displayed = 6 Bill_Cat5505 (enable) 01-80-c2-00-00-00 is the answer. -Original Message- From: Randy Lopez [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 3:28 PM To: [EMAIL PROTECTED] Subject: Spanning Tree Protocol [7:26538] What Multicast address does STP use? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26542t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:26538]
Look here (watch for wordwrap). http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1214ea1/3550scg/sw stp.htm#xtocid1286915 Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Randy Lopez [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 3:28 PM To: [EMAIL PROTECTED] Subject: Spanning Tree Protocol [7:26538] What Multicast address does STP use? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26543t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT Fridays funnies!! [7:26526]
That's great. Thanks Natasha. -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 1:40 PM To: [EMAIL PROTECTED] Subject: OT Fridays funnies!! [7:26526] Just a note Because of the lousy job market for netwotkers lately I've decided to pass this site along. http://www.oddtodd.com now the funnies. - People in other countries sometimes go out of their way to communicate with their English-speaking tourists. Here are some signs seen around the world: Doctor's office, Rome SPECIALIST IN WOMEN AND OTHER DISEASES Hotel, Acapulco THE MANAGER HAS PERSONALLY PASSED ALL THE WATER SERVED HERE. Information booklet about using a hotel air conditioner, Japan COOLES AND HEATES: IF YOU WANT CONDITION OF WARM AIR IN YOUR ROOM, PLEASE CONTROL YOURSELF. Car rental brochure, Tokyo WHEN PASSENGER OF FOOT HEAVE IN SIGHT, TOOTLE THE HORN. TRUMPET HIM MELODIOUSLY AT FIRST, BUT IF HE STILL OBSTACLES YOUR PASSAGE THEN TOOTLE HIM WITH VIGOUR. Sign in men's rest room in Japan TO STOP LEAK TURN COCK TO THE RIGHT. On a poster at Kencom ARE YOU AN ADULT THAT CANNOT READ? IF SO, WE CAN HELP. In a City restaurant OPEN SEVEN DAYS A WEEK, AND WEEKENDS TOO. One of the Mathare buildings MENTAL HEALTH PREVENTION CENTRE. A sign seen on an automatic restroom hand dryer DO NOT ACTIVATE WITH WET HANDS. In a Pumwani maternity ward NO CHILDREN ALLOWED. In a cemetery PERSONS ARE PROHIBITED FROM PICKING FLOWERS FROM ANY BUT THEIR OWN GRAVES. Tokyo hotel's rules and regulations GUESTS ARE REQUESTED NOT TO SMOKE OR DO OTHER DISGUSTING BEHAVIOURS IN BED. In a Tokyo bar SPECIAL COCKTAILS FOR THE LADIES WITH NUTS. In a Bangkok temple IT IS FORBIDDEN TO ENTER A WOMAN EVEN A FOREIGNER IF DRESSED AS A MAN. Hotel room notice, Chiang-Mai, Thailand PLEASE DO NOT BRING SOLICITORS INTO YOUR ROOM. Hotel brochure, Italy THIS HOTEL IS RENOWNED FOR ITS PEACE AND SOLITUDE. IN FACT, CROWDS FROM ALL OVER THE WORLD FLOCK HERE TO ENJOY ITS SOLITUDE. Hotel lobby, Bucharest THE LIFT IS BEING FIXED FOR THE NEXT DAY. DURING THAT TIME WE REGRET THAT YOU WILL BE UNBEARABLE. Hotel, Yugoslavia THE FLATTENING OF UNDERWEAR WITH PLEASURE IS THE JOB OF THE CHAMBERMAID. Hotel, Japan YOU ARE INVITED TO TAKE ADVANTAGE OF THE CHAMBERMAID. In the lobby of a Moscow hotel across from a Russian Orthodox monastery: YOU ARE WELCOME TO VISIT THE CEMETERY WHERE FAMOUS RUSSIAN AND SOVIET COMPOSERS, ARTISTS, AND WRITERS ARE BURIED DAILY EXCEPT THURSDAY. From the Soviet Weekly THERE WILL BE A MOSCOW EXHIBITION OF ARTS BY 15,000 SOVIET REPUBLIC PAINTERS AND SCULPTORS. THESE WERE EXECUTED OVER THE PAST TWO YEARS. Hotel catering to skiers, Austria NOT TO PERAMBULATE THE CORRIDORS IN THE HOURS OF REPOSE IN THE BOOTS OF ASCENSION. Supermarket, Hong Kong FOR YOUR CONVENIENCE, WE RECOMMEND COURTEOUS EFFICIENT SELF-SERVICE. In an East African newspaper A NEW SWIMMING POOL IS RAPIDLY TAKING SHAPE SINCE THE CONTRACTORS HAVE THROWN IN THE BULK OF THEIR WORKERS. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26544t=26526 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
transcender, boson [7:26545]
Hi all I need yor help guys regardles wich test is more closer to the real CCNA test. Next week I have to sustain the exam and I'm little bit scared. A week ago, I done couple Boson test and I got between 80 and 90 %. Yesterday, I had a bad inspiration (or good one) and I took Transcender test. At this one, my score was lower, between 750 and 808. I could say that once I past and once not. Few questions were not covered by my book (CISCO Press), but generally speaking, the Transcender test is way harder than Boson. In conclusion, at what type of questions should I expect from CCNA test? Something similar with Transcender or Boson? I relly would appreciate if you could give me an advice. Thanks! Adrian For Bogdan Ungureanu, my email is [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26545t=26545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:26538]
Thanks alot guys, for your help... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26546t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:26538]
Randy Lopez wrote: What Multicast address does STP use? Since spanning tree is a layer 2 protocol, why would it use any multicast address? STP is used between directly connected switches and uses BPDU packets, flooded out all ports for set up. Not multicast. http://www.cisco.com/warp/public/473/5.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26548t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Upgrading 5500 supervisor software [7:26549]
I will be upgrading the supervisor software on my 5500 from 4.5(3) to 5.5(9) and need to know a couple things: 1. Does anyone know about how long it takes to do the upgrade. 2. As for the steps, I should just have to tftp the new software to bootflash and then change the set boot system flash command in the config to the new image name...right? I work in a 24x7 shop so I need this to go as fast and smoothly as possible so I want to make sure I am 100% ready for this. If anyone has additional advice, I'm all ears. This is obviously my first upgrade of a 5500. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26549t=26549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Exam on Wednesday 11/21/01 [7:26486]
Buy and read the Cisco Press CID Book. Boson is going to help you answer about 2 questions out of 100 right. Jim Walker Master Network Engineer Partners HealthCare System, Inc. Information Systems / Technical Services Operations Tel. (617) 732-8803 Fax (617) 264-5130 This e-mail message and any attachments are confidential and may be privileged. If you are not the intended recipient, please notify me immediately by replying to this message and please destroy all copies of this message and attachments. Thank you. -Original Message- From: Darren Crawford [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 11:43 AM To: [EMAIL PROTECTED] Subject: CID Exam on Wednesday 11/21/01 [7:26486] Hi all, I'm taking the CID exam next Wednesday. I decided to pickup one of the Boson practice exams for this test. Does anyone have suggestions on areas to focus my studying on or other tools to use? TIA Darren x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDA, CCIE Written Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26552t=26486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PPTP Through a PIX Firewall [7:26519]
To get Microsoft PPTP tunnels thru a pix firewall from outside to in you must have a static NAT to an internal host as well as a conduit or access-list permiting UDP port 1723 and the GRE(47) protocol. This is a tried and true resolution that I have implemented many times. Have a try... Jay - Jay C Creasy Cisco Certified Network Professional + PIX Microsoft Certified Professional Inet Email [EMAIL PROTECTED] AIM ID HaltItAll Work # 713-548-3346 Home # 713-263-1939 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rizzo, Damian Sent: Friday, November 16, 2001 1:13 PM To: [EMAIL PROTECTED] Subject: PPTP Through a PIX Firewall [7:26519] Hello all; We have a challenge. It appears that we can not VPN through our PIX firewall using PPTP to a remote location. Note, we are NOT using PPTP on the PIX itself; we just want it to pass the traffic through it. Anyone see this issue before and/or have any ideas to a possible solution? Thanks all in advance, -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26553t=26519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning Tree Protocol [7:26538]
Drew, Multicast is not limited to layer 3, it exists indeed on layer 2 as well. See my previous reply to this question. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Drew Simonis [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 4:30 PM To: [EMAIL PROTECTED] Subject: Re: Spanning Tree Protocol [7:26538] Randy Lopez wrote: What Multicast address does STP use? Since spanning tree is a layer 2 protocol, why would it use any multicast address? STP is used between directly connected switches and uses BPDU packets, flooded out all ports for set up. Not multicast. http://www.cisco.com/warp/public/473/5.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26554t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
home lab equipment [7:26555]
Can anyone comment on this list of equipment? I'm fortunate enough to have this equipment as a home lab. I'm going to use it for CCIE Security lab study. 1 AGS+ running 11.0(16) -14 ethernet interfaces -2 serial interfaces 1 Cat 5000 - Sup III - C5RSM - 24Port ethernet 1 Pix 520 - 3 fast ethernet - 5.1(2) PixOS 2 Cisco 804 ISDN routers 1 Cisco 2501 - 1 ethernet - 2 serial 1 Cisco 4500M - 1 fast ethernet - 2 ethernet - 1 token ring 1 Cisco Cat 2924 1 Cisco Cat 2924 XL 1 Cisco Cat 1900 - enterprise software 1 Cisco Cat 2600 - 16 token ring interfaces 1 cisco 1548M micro switch Many PCs, 2 with token ring cards - 1 linux machine (RH 7.1) - 1 W2K machine - 1 Win98 machine - 1 openBSD machine Plans : ISDN simulator Console Access Server Maybe a couple more routers? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26555t=26555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Upgrading 5500 supervisor software [7:26549]
The file is slightly over 3 Megs in size for the Sup I engine with 5.5(11) Sup III with 5.5.(10) is slightly under 5 Megs If you did a format bootflash and then tftp the new image on the flash you should not have to use set boot system flash at all. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26556t=26549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: transcender, boson [7:26545]
Please search the archives in the Associate's board. I think you will find what you're looking for there. There is a reason for two distinct Cisco boards. -junovtv Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26557t=26545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 3000 IOS [7:25745]
try to find four 4 Meg pieces with 30 pin for the DRAM to bump it up to 16 Megs, the maximum anyways And older 486(?) might do Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26558t=25745 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN monitoring software [7:26235]
Never heard of this VPN monitoring software. What does it do ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Gibb, Jake Sent: Wednesday, November 14, 2001 8:09 AM To: [EMAIL PROTECTED] Subject: VPN monitoring software [7:26235] Has anyone used Ciscos VPN monitoring software? We have a handful of tunnels that we need remote management for.. -Jake Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26559t=26235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Upgrading 5500 supervisor software [7:26549]
About the versions, I was reading in the following URL that 5.5(9) is the Recommended Supervisor Software Version: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/c5krn/sw_rns/78_6583.htm But, in the 5.5(11) release notes, it says 5.5(7) is recommended: http://www.cisco.com/cgi-bin/tablebuild.pl/cat5000-sup I asked Cisco about this and they said to run 5.5(9) since that was the latest one to be recommended even though 5.5(11) is available. Are you currently running 5.5(10) or 5.5(11) and are they stable? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26560t=26549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP on Cisco with 2 Ehternet to ISP [7:26528]
Tracking the Ethernet interface to the ISP router for HSRP on the LAN interfaces will work technically, but what are the chances of the Ethernet connection going down between the FastE0/1 and the ISP routers? I think slim. Theres more of a chance of the WAN link on the ISP routers going down. Erick --- Brown, Ricky wrote: Try using the track interface command on each router. -Original Message- From: kim [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 2:56 PM To: [EMAIL PROTECTED] Subject: HSRP on Cisco with 2 Ehternet to ISP [7:26528] It is routing problem when configure 2 routers 2621( 2Ethernet)have the same LAN ? router A :fastE0/0 is LAN fastE0/1 (10Mbs)Link to ISP router 1 router B FastE0/0 ls LAN fastE0/1 (10Mbs) link to ISP router 2 router A is active router B is backup When one of LINK (muliti access connection )is going down, will router update at connection breakdown ? Regards Kim __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26561t=26528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Getting past aaa password on PIX 515 [7:26562]
Does anyone know a way to get past the Username: after using the no passord utility on a PIX 515 it claims to erase the config. I have now tried every np*.bin on Cisco's page... this is really getting painfull. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26562t=26562 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:26538]
At 04:55 PM 11/16/01, John Neiberger wrote: You asked that question right when I had EtherPeek running on my PC. So, the answer is: 0180.c200. Source and Destination SAP: 0x42 :-) See? The answer *is* 42! According to Radia Perlman, the IEEE chose this SAP on purpose. ;-) Randy Lopez 11/16/01 2:27:57 PM What Multicast address does STP use? Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26564t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
To Bogdan Niculescu [7:26565]
Salut! Ma bucur ca gasesc si romani pe news-group-ul asta. Daca nu te deranjaza, poti sa-mi dai e-mailul tau? Multumesc, Adrian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26565t=26565 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
eigrp lab [7:26566]
Does anyone have suggestions on setting up a eigrp lab??? I have some equipment already bought but need some suggestions and a direction to go... Thanks in advance!!! Bob Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26566t=26566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: eigrp lab [7:26566]
Some quick thoughts: CCO, Routing TCP Vol I, Cisco Press EIGRP book (not sure of exact title). Have fun! -Original Message- From: Bob Wilson [mailto:[EMAIL PROTECTED]] Sent: Friday, November 16, 2001 8:29 PM To: [EMAIL PROTECTED] Subject: eigrp lab [7:26566] Does anyone have suggestions on setting up a eigrp lab??? I have some equipment already bought but need some suggestions and a direction to go... Thanks in advance!!! Bob Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26567t=26566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: User access accounting [7:26472]
PVC monitoring and such are easily done through many SNMP packages. But you seem to be asking for something different - for user accounting. That, unfortunately, can only be easily done if those users are reliably using the same addresses all the time. If that is the case, then something like Netflow accounting would probably seve you well. If that is not the case (those users are constantly changing their addresses), then you the situation is indeed problematic. If you are using DHCP to assign such addresses, then perhaps you could take lease information and correlate that with Netflow accounting logs. But if users are assigning themselves addresses, then your only choice is to user some kind of authentication scheme that asks for username/password information before anybody can use the PVC. Things like the auth-proxy feature (with accounting) or firewall AAA per-user accounting might work, but indeed, it's really a klugy solution. Paul Watson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thank you for the suggestion. To clarify: These are PVC's so they are nailed up. Also, I use Openview to manage my network but what I need is not usage of a particular PVC but a packet count/percent usage of the bandwidth for a particular user on that PVC so I can bill that user a proper percentage of the cost for that bandwidth. I have not been able to find a way to do this with NNM. Thanks, Paul VoIP Guy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... CiscoWorks 2000 MRTG HP Openview and countless others. Not cheap though. only question i have is how are you being charged for the links? Aren't they always nailed up of they are PVC's? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26568t=26472 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]