packet loss in LAN [7:27303]
Hi, I am receiving packet loss in my LAN network.I have four compaq server and desktops are connected to switches.I tried to awitch off allthe machines and tried to ping two machines each other still i got packet loss after 10 minutes.All the NIC were in auto detect mode and switch was also in autosense mode.Then i changed all in 100 mbps but still i receive packet loss after 10 minutes.The only thing left is cabling of the network.So please help me out to solve this problem. Regards Rajneesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27303t=27303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Packet analyzer [7:27295]
Akim, The product that you may be looking for is made by Agilent Technologies (a HP spinoff). For more information visit this URL: http://onenetworks.comms.agilent.com/agilentadvisor/J2300E.asp The Agilent Advisor is powerful and imho offers similar levels of packet capture/decoding as the products you mentioned. Just beware, it isn't any cheap. As to where you physically connect the Agilent Advisor: it goes connected between your CSU/DSU and/or router and the physical media you use for that serial connection. Thus, it is service disrupting. In a production environment, you would need to use it during a scheduled maintenance window. Hth, Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of A.Steinbock Sent: Sunday, November 25, 2001 10:48 PM To: [EMAIL PROTECTED] Subject: Packet analyzer [7:27295] I use Etherpeek to capture Ethernet packets and analyze them. The same company has a similar product Tokenpeek that can capture Token rings packets. Data for both are captured by connecting to the Ether or Token switch. My question is: How do you capture the packets on a serial line? What software do you use and where do you physically connect? Tks, Akim Get free e-mail and a permanent address at http://www.amexmail.com/?A=1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27304t=27295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco PIX 525 Multihoming [7:27305]
Hi I wonder is it possible to implement multi homing scenario? (I dont mean BGP's multi home,i use hulti homing as concept..) Suppose that my customer has 3 different ISP and he/she want to place a web server in a certain dmz interface and use one of the isp's only for web server's http access and use one of the dmz interfaces for another purpose via another isp and finally want to use outside interface via 3.rd ISP for his/her network's internet access.Is this possible.(There are 3 seperate router (2610 ) for 3 isp access and i want to implement this scenario:When a client connects to web server in dmz1 interface through isp1's router its returning packets must be go back through with the same router) I tried to simulate this stituation but when i want to add static route per interface basis for 0.0.0.0/0.0.0.0 that i saw that i cant add static route with same metric.PIX doesnt allow.. Thanks in advance.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27305t=27305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Price of a CCNP series exam. [7:27182]
100 $ for one exam in USA Best regards, ]hsan Turkmen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi folks..! How much do you pay for a CCNP exam in other parts of the world?. It is 180 USD + VAT here (Turkey). Your feedbacks are appreciated.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27306t=27182 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
sybex virtual lab sim users [7:27307]
I am looking to meet other users of this software. If you are also using this software we can share experiences, and pass the groups comments back to Sybex on what we require. We can also exchange configs quite easily and help each other. Maybe even get the next software release free? Look forward to your e-mail. Thanks -Anil PS I am using the gold version with 4 routers and 2 cat1900's. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27307t=27307 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MIB information [7:27308]
Hi all, I was wondering if anyone knows how to extrat the full and half duplex information by SNMP. I couldn't find it any where on the web or in the MIB information. Any help will be appreciated, Gil Shulman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27308t=27308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN Simulator for CCIE [7:27098]
Hi, Contact the following for an ISDN simulator (PDS Simline ISDN simulator) [EMAIL PROTECTED] They gave quality service and its a quality device.Ideal for ISDN labs. I currently use one for my lab Cheers Rob -Original Message- From: Dennis [SMTP:[EMAIL PROTECTED]] Sent: 25 November 2001 21:57 To: [EMAIL PROTECTED] Subject: Re: ISDN Simulator for CCIE [7:27098] ISDN emulator on the NET http://208.1.40.80/ica/isdnsim.nsf www.brooktrout.com/pages/product_info/pi_data_wan/pdf/multiport.pdf www.diem.com/BT90001.htm http://www.tele-products.com/ http://www.arca-technologies.com/solohome.html http://www.conway-engineering.com/ 5105307682 http://www.acacia-net.com/ http://www.taskit.com/ http://www.monitor.co.at/monitor/498/story/isdnsim.html http://www.digitechinc.com http://www.ertmsales.com/products/search/viewcart.cfm?Page=1QtyNA= http://www.cheapisdn.com -- -=Repy to group only... no personal=- Kenneth Yeung wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just start the CCIE Lab. preparation, I am going to have the lab. text in June 2002. I have several C2500 routers at home. But no way to test the ISDN configuration. Can anyone suggest me what simulator i should use that can help me to test the ISDN configuration for the CCIE lab. I don't think i will apply a ISDN link at home. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27309t=27098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token Ring problem [7:27177]
Sorry for late reply. My Linux gone down in the previous two days so I am disconnected from mail. The token ring display in my box is the actual one. After re-plugging my token ring and removing my sound card I'm back with the token ring lan. However, I do have connected with the old config but with the MTU displayed as 1500, while all the router interfaces use 4464. Does this matter in the ping action? As I know, the MTU setting will only be matter in segmentation. Does I miss something? Regards, Fanglo On Fri, 23 Nov 2001, Ken Diliberto wrote: Hello, Fanglo. Are there only two devices on the Token Ring? If not, does anything else work? What does the ARP table on the router and the Linux box look like? What do the interface parameters on the Linux box look like (ifconfig -a)? What does show interface tr0 show on the router? Ken Fanglo MA 11/23/01 02:37AM Hi ALL, I have been trapped by a Tokenring problem and seek for anyone suggestions. I have token ring router and a Linux connected with a HP TR Hub. From the indicator on the TR Hub I have told the connection and ring insertion is ok. However, I can't ping from Linux box to the router. My router does not have problem to ping to another 2502. All interfaces and NIC are in same network/mask. From the router I obtain the mac address correctly by sh arp except we can't ping !!! Any idea? Regards, Fanglo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27310t=27177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Unequal load balancing? [7:27311]
I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27311t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wireless LAN Specialization [7:27312]
Hi. If anyone of you have sample questions and practice tests that could help me thru the Wireless LAN specialization, that would be very helpful. Any suggestions about the Wireless LAN exams? Thanks in advance. Doug. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27312t=27312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: packet loss in LAN [7:27303]
Well, based on what you said the only thing left is cabling. What is the quality of your cabling? -- -=Repy to group only... no personal=- Rajneesh Yadav wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I am receiving packet loss in my LAN network.I have four compaq server and desktops are connected to switches.I tried to awitch off allthe machines and tried to ping two machines each other still i got packet loss after 10 minutes.All the NIC were in auto detect mode and switch was also in autosense mode.Then i changed all in 100 mbps but still i receive packet loss after 10 minutes.The only thing left is cabling of the network.So please help me out to solve this problem. Regards Rajneesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27313t=27303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed BCRAN..... [7:27227]
Johnny McKenzie wrote: Just finished my BCRAN ( 3 down, 1 to go ) with a good mark ( 897) but was a bit disturbed by some of the questions, at least three questions of the select from the list of command types were totally obvious, keeping the NDA in mind, one question specified an IP address, and in the list of commands that IP address was listed *once*. Totally self evident, about 4 other quite obvioius answers in that list as well regarding DLCI numbers and dialer-maps, the number specified in the question only appears once in the list of commands Looks like you could grab a guy of the street and they would get 500 by deduction and guessing. While I like the list of commands, as I'm a very poor rote learner and have a hell of a time remebering where the hypens go, as well as I speak English rather than Amerish, ( Neighbour gives you no marks in the exam, but as I never type the whole command in the CLI, you tend to default to what they taught you in school ). But I do feel it is critical that the command list be extended so there is 3 or 4 possible options for any given value. ( yes, I did leave comments in the exam ) What did I get wrong ? The stuff I didn't study, what models have what capabilites ( Like I'm going to spec up an install without checking the website ) and the 700 series ( I just ignored it, no use confusing yourself with another command line for 5 or 6 marks and I've never encountered one yet ) So onto the home straight.CIT and I'm a CCNP I also share your feeling. Took this test today, and frankly speaking, I didn't feel that I'm deserved to have a pass (missed many questions in async/PPP, ISDN protocols), however, because of this easy way to guess a command, I barely passed with 819. for me, 2 more to go (switching, CIT) to the CCNP. Regards, c.h.Ip ps. any readers in Hong Kong? need study parthers ;-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27314t=27227 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Unequal load balancing? [7:27311]
I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27315t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bandwidth monitoring [7:27289]
I like MRTG. http://people.ee.ethz.ch/~oetiker/webtools/mrtg/ Brent Wrisley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Brian, Cricket and RRD might be what you are looking for. I've only used it on a very small network and it's a pretty versatile tool. http://cricket.sourceforge.net/ Brent Wrisley 2FB6 85AD 7084 80A0 8381 C116 CDE5 78B5 E959 C536 PGP Key ID: 0xE959C536 (us.pgp.net) On 25/11/01 22:14 -0500, brian wrote: :I am looking for an app that does detailed bandwidth monitoring. I have :used cw2000 and it really doesn't do what we need. Nothing come to mind :from cisco, so I started using SolarWinds Advanced Bandwidth monitor. I :had a guy write some perl scripts for me..but it doesnt work that well :and he is gone. : :I basically have customers hanging from a 6509 on different vlan's. :They come into the data center and go out one of our two t-3's. Does :anyone have any recommendations on bandwidth tools? : :Thanks, :bk : : : : Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27316t=27289 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Packet analyzer [7:27295]
For those using Sniffer, it's SnifferBook or the older version which is a the WANBook.. it's a smallish chassis that has changable cards with a couple of ether interfaces plus serial. Like said before, these *toys* are pricy but effective. MikeS Angel Leiva wrote: Akim, The product that you may be looking for is made by Agilent Technologies (a HP spinoff). For more information visit this URL: http://onenetworks.comms.agilent.com/agilentadvisor/J2300E.asp The Agilent Advisor is powerful and imho offers similar levels of packet capture/decoding as the products you mentioned. Just beware, it isn't any cheap. As to where you physically connect the Agilent Advisor: it goes connected between your CSU/DSU and/or router and the physical media you use for that serial connection. Thus, it is service disrupting. In a production environment, you would need to use it during a scheduled maintenance window. Hth, Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of A.Steinbock Sent: Sunday, November 25, 2001 10:48 PM To: [EMAIL PROTECTED] Subject: Packet analyzer [7:27295] I use Etherpeek to capture Ethernet packets and analyze them. The same company has a similar product Tokenpeek that can capture Token rings packets. Data for both are captured by connecting to the Ether or Token switch. My question is: How do you capture the packets on a serial line? What software do you use and where do you physically connect? Tks, Akim Get free e-mail and a permanent address at http://www.amexmail.com/?A=1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27317t=27295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Packet analyzer [7:27295]
I would also check into the distributed sniffer... -Original Message- From: Mike Sweeney [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 8:27 AM To: [EMAIL PROTECTED] Subject: RE: Packet analyzer [7:27295] For those using Sniffer, it's SnifferBook or the older version which is a the WANBook.. it's a smallish chassis that has changable cards with a couple of ether interfaces plus serial. Like said before, these *toys* are pricy but effective. MikeS Angel Leiva wrote: Akim, The product that you may be looking for is made by Agilent Technologies (a HP spinoff). For more information visit this URL: http://onenetworks.comms.agilent.com/agilentadvisor/J2300E.asp The Agilent Advisor is powerful and imho offers similar levels of packet capture/decoding as the products you mentioned. Just beware, it isn't any cheap. As to where you physically connect the Agilent Advisor: it goes connected between your CSU/DSU and/or router and the physical media you use for that serial connection. Thus, it is service disrupting. In a production environment, you would need to use it during a scheduled maintenance window. Hth, Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of A.Steinbock Sent: Sunday, November 25, 2001 10:48 PM To: [EMAIL PROTECTED] Subject: Packet analyzer [7:27295] I use Etherpeek to capture Ethernet packets and analyze them. The same company has a similar product Tokenpeek that can capture Token rings packets. Data for both are captured by connecting to the Ether or Token switch. My question is: How do you capture the packets on a serial line? What software do you use and where do you physically connect? Tks, Akim Get free e-mail and a permanent address at http://www.amexmail.com/?A=1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27319t=27295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX 525 Multihoming [7:27305]
I'm not sure exactly what you want as an end result but I can throw a couple of pointers out. PIX can only have static routes. Therefore all of your traffic would pass through via these rules. Inside users would most likely need NAT enabled be using only one ISP. Incoming connections would work from one ISP under normal circumstances. I have never tried this with multiple ISP's so it's something to try if you have a chance. Use actual IP addresses on the DMZ containing the web servers and use NAT 0 so nothing gets translated. This might allow multiple ISP connections to get to the web server without using static commands but you still have to access-list rules (avoid conduits for this). The question I have isyour multiple ISP's would all have to have routes for the web server addressesso only one ISP can actually own the IP block and have internet users routed through them. I don't think you're going to get what you want unless you set up a router outside the PIX to utilize BGP or something similar. However if you own different IP ranges from multiple ISP's then the PIX could handle setting up different interfaces with different IP blocks. You could then set up static commands but it would require a little duct tape bubble gum tactics to get statics to map since it would need a different internal IP for each static. Best bet is to let a router handle the ISP's and traffic shaping and just let the PIX be a firewall. - Original Message - From: dolphin To: Sent: Monday, November 26, 2001 3:43 AM Subject: Cisco PIX 525 Multihoming [7:27305] Hi I wonder is it possible to implement multi homing scenario? (I dont mean BGP's multi home,i use hulti homing as concept..) Suppose that my customer has 3 different ISP and he/she want to place a web server in a certain dmz interface and use one of the isp's only for web server's http access and use one of the dmz interfaces for another purpose via another isp and finally want to use outside interface via 3.rd ISP for his/her network's internet access.Is this possible.(There are 3 seperate router (2610 ) for 3 isp access and i want to implement this scenario:When a client connects to web server in dmz1 interface through isp1's router its returning packets must be go back through with the same router) I tried to simulate this stituation but when i want to add static route per interface basis for 0.0.0.0/0.0.0.0 that i saw that i cant add static route with same metric.PIX doesnt allow.. Thanks in advance.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27318t=27305 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX conduit access lists [7:26684]
Very true and a good point, but the original question was about conduits which only apply to lower-higher. Higher-lower requires NAT. I accidentally typed access-list below but meant conduit. ;) *slap self get more coffee*. It still applies but wasn't what I meant to say. Thanks for pointing that out though. - Original Message - From: Patrick W. Bass To: Sent: Sunday, November 25, 2001 10:14 PM Subject: Re: PIX conduit access lists [7:26684] Allen May wrote in message news:[EMAIL PROTECTED]... I'm not sure if this was answered or not, but a firewall always assumes a deny all at the end of the access-list for inbound. Outbound is different since it allows all by default. Remeber this: Higher security level to lower security level, implicitly allowed. Lower security level to higher security level, implicitly denied. Otherwise it gets tricky once you start messing with multipile DMZs. Also, access-lists are the way to go since conduits will be phased out in the near future. Allen - Original Message - From: Steve Alston To: Sent: Monday, November 19, 2001 9:25 AM Subject: Re: PIX conduit access lists [7:26684] Carroll, Thanks for the reply. I'm using conduits now, but will switch to access lists in the future. (I'd like to fully understand the configuration I inherited before I start making changes) Are implicit denys inserted behind each conduit as well? Carroll Kong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Implicit denys behind every access-list are inserted. Are you mixing conduits and access-lists? You really should not. Use ALL conduits or ALL access-lists. If both are used, conduits take priority and override your access-lists. Access-lists are first match, conduits are any match. At 09:24 AM 11/19/01 -0500, Steve Alston wrote: Does the PIX 506 require an explicit deny statement after setting up a permit conduit or access list. I appear to be receiving more traffic (e.g. NTP) than my conduit statements allow. Thanks much, Steve -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27320t=26684 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Unequal load balancing? [7:27311]
As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27322t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: problem in router config ? [7:27288]
Quote Message not compatible with call state Message type Remote equipment received an unexpected message that does not correspond to the current state of the connection. This is usually due to a D-channel error. Unquote http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122de bug/dbfisdn.htm Perhaps you need to check this out with the telco assuming this is not a lab situation. Anthony Toh wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have add in the ppp authenication chap command at both physical and logical interfaces. This is my output of debug q931 commnad : The message Message not compatible seems to be the problem, can anyone highlight me what does it mean ? 01:00:52: ISDN BR0/0: RX on B1 at 64 Kb/ 01:00:225504882236: %DIALER-6-BIND: Interface BRI0/0:1 bound to profile Dialer1 01:00:223338299392: ISDN BR0/0: TX - CALL_PROC pd = 8 callref = 0x9B 01:00:225504866764: Channel ID i = 0x89 01:00:52: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up 01:00:52: %DIALER-6-UNBIND: Interface BRI0/0:1 unbound from profile Dialer1 01:00:52: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 5554000 01:00:223338299392: ISDN BR0/0: TX - CONNECT pd = 8 callref = 0x9B 01:00:225504866764: Channel ID i = 0x89 01:00:223338299392: ISDN BR0/0: TX - DISCONNECT pd = 8 callref = 0x9B 01:00:225504866764: Cause i = 0x8090 - Normal call clearing 01:00:52: ISDN BR0/0: RX STATUS pd = 8 callref = 0x9B 01:00:229799834060: Cause i = 0x80E5 - Message not compatible with call state or protocol error, threshold exceeded 01:00:227633266688: Call State i = 0x0B 01:00:53: ISDN BR0/0: RX RELEASE_COMP pd = 8 callref = 0x9B 01:00:54: ISDN BR0/0: RX on B1 at 64 Kb/s 01:00:234094816828: %DIALER-6-BIND: Interface BRI0/0:1 bound to profile Dialer1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27323t=27288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Sniffer Pro Graph Bandwidth [7:27324]
Hello, I would like to know if it is possible for me to generate a graph showing network throughput from a capture I have done in Sniffer Pro. I am trying to get a good idea of how specific actions on an end-station use bandwidth, but the only info I can find is an average utilization, which doesn't do me any good for seeing bandwidth spikes, etc Any info is appreciated! Thanks! Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27324t=27324 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT: Sniffer Pro Graph Bandwidth [7:27324]
Use the history function and capture a history trace of utilization. Export as a CSV file and then import into Excel and make a graph with the data. You will need to delete the 1st line as it's empty. Also, sometimes you need to play with the time/data some in order for the graph to work properly. If you already have the trace file, filter it and then play it back using the packet generator. Make your history from the playback and then graph it. Once you this once, it will a very useful tool. If you had distributed sniffer, it has this function built in with something called Sniffer Reporter. MikeS Michael Williams wrote: Hello, I would like to know if it is possible for me to generate a graph showing network throughput from a capture I have done in Sniffer Pro. I am trying to get a good idea of how specific actions on an end-station use bandwidth, but the only info I can find is an average utilization, which doesn't do me any good for seeing bandwidth spikes, etc Any info is appreciated! Thanks! Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27325t=27324 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
new tutorial beta [7:27326]
I just posted a new PING tutorial which is aimed at the CCNA level. Drop by and take a look. COnstructive comments are welcome.. layout, content and grammer errors. I found a few small errors after posting so I'm making my fix it list. www.packetattack.com/tutorials.html MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27326t=27326 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Pro Graph Bandwidth [7:27324]
talk to sniffer about getting the Reporter addition to the Pro. It automatically generates reports, charts, bar graphs..yada yada yada...stuff with a lot of color that will impress your boss even though you only clicked a few buttons. -Original Message- From: Michael Williams [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 9:38 AM To: [EMAIL PROTECTED] Subject: OT: Sniffer Pro Graph Bandwidth [7:27324] Hello, I would like to know if it is possible for me to generate a graph showing network throughput from a capture I have done in Sniffer Pro. I am trying to get a good idea of how specific actions on an end-station use bandwidth, but the only info I can find is an average utilization, which doesn't do me any good for seeing bandwidth spikes, etc Any info is appreciated! Thanks! Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27327t=27324 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help: Security Exams Textbooks Required [7:27321]
Hi Everybody, Pls I need assistance and advice from anybody (those who has done security exams) who can give me the lists of recommended textbooks, necessary to conveniently use in preparing for Qualified Security Specialist exams, which consist of the following exams: 1. MCNS (640-442) 2. CSPFA (9E0-571) 3. IDSPM (9E0-572) 4. CSVPN (9E0-570) I intend doing these exams within a shortest possible time. Thanks you all in advance. Regards, Banji. = Regards, Banji (MCSE,CCNP). Snr. Technical Trainer. USG Technology Ltd. 15/17 Opebi Road. Ikeja, Lagos. Tel: 234-01-4932401-6 ICQ #: 75533196 __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27321t=27321 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Several addresses on e0 interface [7:27328]
Can someone tell me how to setup multiple IP addresses on the eo interface with a singke interface on the s0 interface. The router is a 1605 Cisco router. I wish to use the CLI to do this. If there is an article I can read that would also be appreciated Regards Roy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27328t=27328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Unequal load balancing? [7:27311]
I just took a quick look at RFC's 1583 and 1247. OSPFv2 does not support unequal-cost load balancing. -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Unequal load balancing? [7:27311] As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27329t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: OSPF Unequal load balancing? [7:27311]
I've scanned through John T. Moy's book but haven't found any reference to unequal load balancing. He only mentions equal-cost load balancing. I'll scan the RFC next. But, having thought about this for a minute. Wouldn't unequal load balancing break the idea behind OSPF? Isn't Dijkstra's Shortest Path First algorithm intended to find just that, the shortest path? I would think that asking for unequal load balancing would be in direct conflict behind the algorithm that is utilized for OSPF. Just some thoughts. Chris -Original Message- From: Kane, Christopher A. Sent: Monday, November 26, 2001 11:12 AM To: [EMAIL PROTECTED] Subject: RE: OSPF Unequal load balancing? [7:27311] You can read RFC 2328 or John T Moy's OSPF Anatomy of a Routing Protocol to find that answer. I'll dig through them and see if I can find you an answer if no one else comes up with one sooner. HTH, Chris -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Unequal load balancing? [7:27311] As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27332t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: packet loss in LAN [7:27303]
What kinda switch are using?. if it is cat OS put sh po counters mod/port. if have runts and giants than your problem maybe related to cabling. If you have a router doing inter VLAN routing debug ip to check where you losing your packets. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27333t=27303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bandwidth monitoring [7:27289]
Your best bet would be MRTG and Solarwinds. I used Solarwinds it is pretty nice tool for bandwidth monitoring. But I say MRTG is the best reliable source to for momitoring. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27334t=27289 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Several addresses on e0 interface [7:27328]
Check out the following URL: You are looking for multiple addresses on the same interface. aka secondary addresses. http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/n p1_c/1cipadr.htm -Original Message- From: Roy Chowdhury [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:07 AM To: [EMAIL PROTECTED] Subject: Several addresses on e0 interface [7:27328] Can someone tell me how to setup multiple IP addresses on the eo interface with a singke interface on the s0 interface. The router is a 1605 Cisco router. I wish to use the CLI to do this. If there is an article I can read that would also be appreciated Regards Roy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27335t=27328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Price of a CCNP series exam. [7:27182]
It actually went up at the beginning of this month. The price is $125 per test. Scott -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 2:40 AM To: [EMAIL PROTECTED] Subject: Re: Price of a CCNP series exam. [7:27182] 100 $ for one exam in USA Best regards, ]hsan Turkmen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi folks..! How much do you pay for a CCNP exam in other parts of the world?. It is 180 USD + VAT here (Turkey). Your feedbacks are appreciated.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27336t=27182 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Unequal load balancing? [7:27311]
You can read RFC 2328 or John T Moy's OSPF Anatomy of a Routing Protocol to find that answer. I'll dig through them and see if I can find you an answer if no one else comes up with one sooner. HTH, Chris -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Unequal load balancing? [7:27311] As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27337t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Several addresses on e0 interface [7:27328]
Hey Roy, This article will tell you show you how to add secondary IP addresses to an ethernet interface. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt1/1cdipadr.htm HTH, Scott -Original Message- From: Roy Chowdhury [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 8:07 AM To: [EMAIL PROTECTED] Subject: Several addresses on e0 interface [7:27328] Can someone tell me how to setup multiple IP addresses on the eo interface with a singke interface on the s0 interface. The router is a 1605 Cisco router. I wish to use the CLI to do this. If there is an article I can read that would also be appreciated Regards Roy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27338t=27328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: multiple DHCP scopes in a vlan with primary an [7:27264]
It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27339t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN BR0: Error: Unexpected Disconnect_Ack - calli [7:27340]
Do a debug ISDN events, debug q921, debug q931 and see if all three steps work. If so, I'd check dialer-maps, ppp settings and authentication and ip addresses. TO me, I'd suspect the ISDN switch. The Debug isdn event should show when the switch drops you and why it did. Baileys Baileys wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... even my LED's on the router doesnt go on. Only the LED on the back off the router is on Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27340t=27340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IS-IS [7:27260]
Check this Link for IS-IS http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/osi_rout.htm#xtocid125759 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27341t=27260 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - Dynamic Address - Dynamic DNS - Dynamic Tunne [7:27249]
Why don't you use PC AnyWhere or VMS. Those software will do it for you. I would say use DSL instead off ISDN. Try to get static ip address. you have more chance of getting static ip address with DSL service. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27343t=27249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fw: CCNP Lab Suggestion [7:27197]
Thanks Brad ,Would you recommend adding any modules to 2524 aso I will look out for other modules as you suggested Thanks Ravi - Original Message - From: To: eptdev Sent: Friday, November 23, 2001 8:48 PM Subject: Re: CCNP Lab Suggestion [7:27197] Ravi, That depends on how much $$ you have to spend. I'd recommend bumping up the 2500 routers to 16d/16f and running 12.1 enterprise IOS. You would probably want to add the following: 2503 2520 2509 or 2511 cat switch of some sort (cat5k if you can afford it, if not, a 1924 with enterprise IOS) ISDN simulator (if you can afford) That would be a good CCNP kit. thanks, Brad Ellis CCIE#5796 Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net eptdev wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... HI All, I have just bought the following ,could some one give me suggestion ,what else(Modules,Memory,IOS Verison,Routers) I need to set up the decent ccnp home study lab Cisco 2524 - 1 Ethernet Port 16Mb dram, 8Mb flash, AC PS, No Modules Cisco 2504 - 1 Token Ring, 1 ISDN, 2 Serial Ports, 16Mb dram, 8Mb flash, AC PS thanks in advance Ravi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27330t=27197 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help: Security Exams Textbooks Required [7:27321]
All I used to pass the security exams were the MCNS textbook and the online documentation for Netranger. The MCNS textbook is needed for MCNS, Advanced Firewall, and VPN tests. The Netranger documentation is needed for the IDS test. Study the MCNS book really well because you'd be covering three tests at once, but it has enough information in it to pass all three exams with high scores.(90%+) I'd recommend that you'd print out the netranger documentation for the IDS exam. It sure beats reading it from a monitor. You'd find that the IDS test is more of a product test more than a technology test. Cisco Press is publishing the IDS courseware, and you'll be able to get it from an online bookseller like Amazon.com. Plus, they're publishing the rest of the courseware by the end of the year. However, it's not really needed to pass the exams. What makes a real difference in the exams is having access to a PIX firewall and Cisco IOS firewall. After some hands on with the technology, the exams will be a snap. Oddy --- oke oyebanji wrote: Hi Everybody, Pls I need assistance and advice from anybody (those who has done security exams) who can give me the lists of recommended textbooks, necessary to conveniently use in preparing for Qualified Security Specialist exams, which consist of the following exams: 1. MCNS (640-442) 2. CSPFA (9E0-571) 3. IDSPM (9E0-572) 4. CSVPN (9E0-570) I intend doing these exams within a shortest possible time. Thanks you all in advance. Regards, Banji. = Regards, Banji (MCSE,CCNP). Snr. Technical Trainer. USG Technology Ltd. 15/17 Opebi Road. Ikeja, Lagos. Tel: 234-01-4932401-6 ICQ #: 75533196 __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27342t=27321 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Unequal load balancing? [7:27311]
This is kind of an off-the-wall question, is there a non-proprietary IGP that supports unequal-cost load balancing? Granted, you could tune the OSPF metrics so that two paths would appear equal (as others have pointed out) or you could use RIP, assuming that the hop count to reach the destination on both links is the same. In either case you still have equal cost load balancing on two unequal links, which will result in wasted bandwidth at best and a bottleneck at worst. It seems to me that if this link is important enough that you need traffic going over both connections, then it's important enough for Ciscobreaker's organization to either purchase a second Cisco router to run EIGRP and redistribute if necessary, or it needs to upgrade or downgrade one of the WAN links to make them equal. Hal Logan Network Specialist / Adjunct Faculty Computing and Engineering Technology Manatee Community College -Original Message- From: Kane, Christopher A. [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:29 AM To: [EMAIL PROTECTED] Subject: FW: OSPF Unequal load balancing? [7:27311] I've scanned through John T. Moy's book but haven't found any reference to unequal load balancing. He only mentions equal-cost load balancing. I'll scan the RFC next. But, having thought about this for a minute. Wouldn't unequal load balancing break the idea behind OSPF? Isn't Dijkstra's Shortest Path First algorithm intended to find just that, the shortest path? I would think that asking for unequal load balancing would be in direct conflict behind the algorithm that is utilized for OSPF. Just some thoughts. Chris -Original Message- From: Kane, Christopher A. Sent: Monday, November 26, 2001 11:12 AM To: [EMAIL PROTECTED] Subject: RE: OSPF Unequal load balancing? [7:27311] You can read RFC 2328 or John T Moy's OSPF Anatomy of a Routing Protocol to find that answer. I'll dig through them and see if I can find you an answer if no one else comes up with one sooner. HTH, Chris -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Unequal load balancing? [7:27311] As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27344t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Accounting on RADIUS [7:27271]
Mohamed, Did you configure a radius server. You also need to verify the key in your radius config and the router. They have to match. Richard Mohamed el-Komy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, Can I apply accounting service with no authentication done?? i.e I want dialup users to login on my network without any authentication and then start accounting them. How this can be done?? I try the following and it works: aaa authentication ppp default none aaa accounting network default start-stop group radius Are there any better ideas??? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27345t=27271 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: multiple DHCP scopes in a vlan with primary an [7:27264]
For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27346t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EtherChannel XOR on 2900 and server - source or destination? [7:27348]
Which is better when configuring EtherChannel on a Cat 2900 and a server on the other end with two NIC's with Compaq's Teaming software for destination for the XOR, source or destination? Why? I can't decide which direction would benefit more. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27348t=27348 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Unequal load balancing? [7:27311]
It is an OSPF design principle. Essentially, current-generation routing protocols (i.e., without traffic engineering) are incapable of doing other than hop-by-hop load sharing, which may lead to extremely poor end-to-end utilization. The IETF consensus is that when you need to optimize utilization, conserve resources, etc., you need traffic engineering. Routing is intended for topology discovery rather than traffic optimization. In other words, I consider, and I think most routing authorities would agree, that the unequal cost load balancing of IGRP and EIGRP really is a blind alley in protocol development. You can read RFC 2328 or John T Moy's OSPF Anatomy of a Routing Protocol to find that answer. I'll dig through them and see if I can find you an answer if no one else comes up with one sooner. HTH, Chris -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 10:08 AM To: [EMAIL PROTECTED] Subject: Re: OSPF Unequal load balancing? [7:27311] As I said before I implemented equal load balancing on Motorola and Cisco what I want to know is, Is it possible to configure OSPF unequal load balancing ? You are saying that OSPF unequal load balancing can not be done on cisco I know that. The reason why I asked the question is cause I know that cisco can not do but is it the OSPF behaviour not to implement unequal load balancing or is it belong to Cisco's OSPF implementation? My guess is OSPF. Best regards, Ralph Fudamak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I don't know how Motorola implements OSPF, but with Cisco's implementation you can not do unequal cost load balancing with OSPF. This is not to say that you can't manually change the metrics on the links to appear to be equal cost. Keep in mind that this load balancing is *equal* then. Your slow link will get as much traffic as your fast one, which could cause a bottleneck. See if there is some command to set a default cost on the link, then set them both the same. Hope this helps Cisco Breaker wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I implemented OSPF load balancing but never done unequal load balancing. My customer wants Unequal loadbalancing on Motorola routers. As I know Unequal load balancing cant be implemented on Cisco without policy-map? Any suggestions or any info? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27347t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Packet analyzer [7:27295]
Yes, the Agilent Advisor is an awesome tool, I own two of them. You may not necessarily need to schedule an outage on your serial link if your CSU/DSUs have external non intrusive monitoring port capabilities. If they do then all you need is a pair of bantam cables and plug one end of the pair into your T-1 module on the Advisor and plug the other ends into your CSU and away you go#8230; You can not only sniff, but generate traffic for stimuli testing and basically use your advisor as a T berd. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27349t=27295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Secure ACS?? TRADE?!?! HELP!!! [7:27350]
I want Cisco Secure ACS For windows 2000 or any accounting server for VoIP?!? I have many other programs to trade!!! PLEASE HELP ME my email add is [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27350t=27350 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Turning a PC Into a Franken-PIX [7:26539]
Drew Simonis wrote: Word on the CCIE Security list is that you require a PIX flash card, which sells for ~ $700 US. With that, you could easily buy a 501 or maybe even a used 506 on Ebay. Thanks for the info, now to find the card and some more info on installing the PIX IOS on the PC. Hopefully I can find some decent specs before purchasing a PII Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27351t=26539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can 10Base2/5 be connected with FDDI ? [7:27352]
Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27352t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: multiple DHCP scopes in a vlan with primary an [7:27264]
Hi, you only need a 1-DHCP and if you want use one scope per vlan you need a ip helper, this an example interface Vlan20 ip address 192.168.229.2 255.255.255.0 ip helper-address 192.168.249.2 ! interface Vlan30 ip address 192.168.230.2 255.255.255.0 ip helper-address 192.168.249.2 ! interface Vlan40 ip address 192.168.231.2 255.255.255.0 ip helper-address 192.168.249.2 the DHCP server IP is 192.168.249.2, and there one scope per vlan in the server -Original Message- From: Logan, Harold [mailto:[EMAIL PROTECTED]] Sent: Lunes, 26 de Noviembre de 2001 11:41 a.m. To: [EMAIL PROTECTED] Subject: RE: multiple DHCP scopes in a vlan with primary an [7:27264] For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27353t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: multiple DHCP scopes in a vlan with primary an [7:27264]
The ip helper-address command is your buddy. The router can convert a UDP broadcast packet into a unicast and route the packet to the appropriate network that the DHCP server resides on. -Eric -Original Message- From: Logan, Harold [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:41 AM To: [EMAIL PROTECTED] Subject: RE: multiple DHCP scopes in a vlan with primary an [7:27264] For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27354t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: job search [7:27246]
Farhad, where are you from?, you have to keep in mind that for working in Spain you´ll need a really good command of Spanish, because here people don´t speak English and if you are going to work in Galicia, Catalunya or Euskadi there are people who speak their own language. I hope that the followings webs are good help for you: www.tecnoempleo.com --- You should try this one first, it´s specialiced in technical jobs www.metaseleccion.com www.monster.es Please, feel free for making me any questions that you have about working in Spain. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27355t=27246 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Unequal load balancing? [7:27311]
Howard C. Berkowitz wrote: It is an OSPF design principle. Essentially, current-generation routing protocols (i.e., without traffic engineering) are incapable of doing other than hop-by-hop load sharing, which may lead to extremely poor end-to-end utilization. The IETF consensus is that when you need to optimize utilization, conserve resources, etc., you need traffic engineering. Routing is intended for topology discovery rather than traffic optimization. In other words, I consider, and I think most routing authorities would agree, that the unequal cost load balancing of IGRP and EIGRP really is a blind alley in protocol development. Interesting. Thanks for that insight, Howard. And it makes sense because although I've played with it in the lab, I have never needed to configure EIGRP/IGRP unequal cost load balancing in the real world, nor even seen it configured. (Not that my experience is that wide.) I wonder if anyone can comment regarding how widespread is the use of EIGRP or IGRP unequal cost load balancing? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27356t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: multiple DHCP scopes in a vlan with primary an [7:27264]
The original question, sorry can't remember who by, was whether this configuration could be used for a VLAN which had Primary and Secondary IP addresses. The IP helper address only specifies the DHCP server. I'm fairly sure this could not work effectively, although DHCP clients would be issued with addresses. My thought was that the IP addresses issued would always be in the subnet of the primary address. Anybody confirm or deny?? Cheers, Gaz Lange, Eric wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The ip helper-address command is your buddy. The router can convert a UDP broadcast packet into a unicast and route the packet to the appropriate network that the DHCP server resides on. -Eric -Original Message- From: Logan, Harold [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:41 AM To: [EMAIL PROTECTED] Subject: RE: multiple DHCP scopes in a vlan with primary an [7:27264] For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27357t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - Dynamic Address - Dynamic DNS - Dynamic Tunne [7:27359]
Unfortunately living more than a couple of miles from civilisation in the UK, I have more chance of winning Miss World than getting DSL. Can you elaborate on how PCAnywhere or VMS can do it for you. Can't see it at the moment. Cheers, Gaz Syed Raza wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Why don't you use PC AnyWhere or VMS. Those software will do it for you. I would say use DSL instead off ISDN. Try to get static ip address. you have more chance of getting static ip address with DSL service. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27359t=27359 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco VPN behind Windows 200 ICS [7:27358]
Is anyone aware of a known incompatibility with Windows 2000 Pro Internet Connection Sharing and the Cisco VPN client. It would appear that I connect to the concentrator but there isn't any traffic going across the pipe. My configuration is as such Computer w/ Cisco VPN client -- Win2K w/ICS -- Internet Any help or suggestions would be greatly appreciated. George Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27358t=27358 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Study Group [7:27360]
Hello Everyone, I want start a CCIE study group in Eugene, Oregon. If anyone lives close and is starting or pursing CCIE certification, please email me. Thanx. Love this study group. Many diverse and different resources people bring to it. Scott Scott Nawalaniec CCNP, CCDP, CCNA, CCDA, CNA, MCP, Network+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27360t=27360 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ACL Gurus [7:27361]
Looking to block icmp-echo on my external router... just want to doublecheck that I'm putting these on the right interfaces. Please, suggestions welcome! Cheers, Jeff access-list 101 permit icmp x.x.54.0 0.0.0.255 any echo access-list 101 permit icmp x.x.55.0 0.0.0.255 any echo *Permits internal network to ping any host access-list 101 permit ip any any *Permits any other traffic to and from the network. Need for the explicit deny access-list 102 permit icmp host x.x.x.x any echo-reply *Permits a ping reply from ISP servers for monitoring access-list 102 permit icmp any any packet-too-big *Permits Fragmentation Required ICMP packets (Used of MTU-PD) access-list 102 deny icmp any any echo-reply deny any echo reply from any other sources access-list 102 deny icmp any x.x.54.0 0.0.0.255 echo access-list 102 deny icmp any x.x.55.0 0.0.0.255 echo deny any echo from any other sources access-list 102 permit ip any any *Permits any other traffic to and from the network. Needed due to the explicit deny rule. Both Access-list are applied to the Serial Interfaces of the Edge router. Access list 102 is assigned to inbound traffic and Access list 101 is assigned to outbound traffic. See below.. Internet (same ISP, different BGP peers) S0/0 S0/1 \ / \/ \ / Edge Router | E0/0 | FW | LAN x.x.54.0 and x.x.55.0 networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27361t=27361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wireless LAN Specialization [7:27312]
Hiyas, When my company went after the Wireless LAN specialization, they sent myself and another engineer to the GigaWave training, and provided us with a few AP's, 1 bridge, and a handful of antennas. We looked everywhere for practice exams and came up empty, we ended up using the (2) manuals from the training extensively, and frankly, failed the exam once before passing. It was tricky, some of the questions were not worded appropriately in my opinion, and as I recall a few items weren't covered in the training manuals. We also extensively used the WLAN documentation on CCO, to fill in the gaps so to speak. This was about 6 months ago, if anyone finds any more resources please do share them as I need to put 2 more engineers through the exams shortly. Thanks, -Zeke - Original Message - From: Doug Justice To: Sent: Monday, November 26, 2001 4:54 AM Subject: Wireless LAN Specialization [7:27312] Hi. If anyone of you have sample questions and practice tests that could help me thru the Wireless LAN specialization, that would be very helpful. Any suggestions about the Wireless LAN exams? Thanks in advance. Doug. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27362t=27312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can 10Base2/5 be connected with FDDI ? [7:27352]
Basically you're asking if Ethernet can be connected to FDDI. Sure, if you have a hub that has Ethernet connections (10Base2/5/10/100) with a FDDI uplink. I seem to remember that Cabletron (now Enterasys) used to have a switch with this possibility (I think it was a 2200 or 2400 series). That answers the How? now for the Why?. Since these are two different framing types (Ethernet and FDDI) you need a bridge. FDDI's frame size is much larger than Ethernet and therefore a bridge is needed to be able to interpret between the different frame sizes. I don't believe Cisco sells a device with these specific interface types in one box. Could be wrong, but...The Cabletron box used to cost about $2500 list for this solution. Could be worth a call to Portland. ccie1ab -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 1:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27363t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: multiple DHCP scopes in a vlan with primary an [7:27264]
That's kind of why I was asking... I understand the significance of the helper addy. From there, DHCP requests get sent to a single DHCP server, that presumably has multiple scopes configured, one scope per subnet/VLAN. What do you do on the DHCP server to make it so that, when a host a VLAN requests an address, the DHCP server answers with an address from the appropriate scope? Thanks, Hal -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 2:16 PM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] The original question, sorry can't remember who by, was whether this configuration could be used for a VLAN which had Primary and Secondary IP addresses. The IP helper address only specifies the DHCP server. I'm fairly sure this could not work effectively, although DHCP clients would be issued with addresses. My thought was that the IP addresses issued would always be in the subnet of the primary address. Anybody confirm or deny?? Cheers, Gaz Lange, Eric wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The ip helper-address command is your buddy. The router can convert a UDP broadcast packet into a unicast and route the packet to the appropriate network that the DHCP server resides on. -Eric -Original Message- From: Logan, Harold [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:41 AM To: [EMAIL PROTECTED] Subject: RE: multiple DHCP scopes in a vlan with primary an [7:27264] For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27364t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Slimline 2 [7:27365]
I am using the Slimline 2 ISDN simulator from PDS technologies. I cannot get the SPID to be accepted. (See below) ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHE TEI 64, ces = 1, state = 4(await init) spid1 configured, no LDN, spid1 sent, spid1 NOT valid I have not modifed the default phone numbers and configured on Slimline Below are my configs for bri0 interface BRI0 ip address 10.0.0.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer map ip 10.0.0.2 dialer-group 1 isdn switch-type basic-5ess isdn spid1 Is there a default LDN number I have to configure? Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27365t=27365 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slimline 2 [7:27365]
What version of the IOS are you running? Some of the 12.0 versions have a cosmetic bug which shows an invalid SPID when actually, all is well. -Original Message- From: Pierre-Alex J. Guanel [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 1:02 PM To: [EMAIL PROTECTED] Subject: Slimline 2 [7:27365] I am using the Slimline 2 ISDN simulator from PDS technologies. I cannot get the SPID to be accepted. (See below) ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHE TEI 64, ces = 1, state = 4(await init) spid1 configured, no LDN, spid1 sent, spid1 NOT valid I have not modifed the default phone numbers and configured on Slimline Below are my configs for bri0 interface BRI0 ip address 10.0.0.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer map ip 10.0.0.2 dialer-group 1 isdn switch-type basic-5ess isdn spid1 Is there a default LDN number I have to configure? Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27366t=27365 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: multiple DHCP scopes in a vlan with primary an [7:27264]
The router does that for you, by requesting from the address from which it originally received the broadcast. The DHCP server sees that address and responds with an address from the same subnet, if a scope is configured which matches it. I'm sure that's a pretty crude description, but I believe basically how it works. Gaz Logan, Harold wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That's kind of why I was asking... I understand the significance of the helper addy. From there, DHCP requests get sent to a single DHCP server, that presumably has multiple scopes configured, one scope per subnet/VLAN. What do you do on the DHCP server to make it so that, when a host a VLAN requests an address, the DHCP server answers with an address from the appropriate scope? Thanks, Hal -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 2:16 PM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] The original question, sorry can't remember who by, was whether this configuration could be used for a VLAN which had Primary and Secondary IP addresses. The IP helper address only specifies the DHCP server. I'm fairly sure this could not work effectively, although DHCP clients would be issued with addresses. My thought was that the IP addresses issued would always be in the subnet of the primary address. Anybody confirm or deny?? Cheers, Gaz Lange, Eric wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The ip helper-address command is your buddy. The router can convert a UDP broadcast packet into a unicast and route the packet to the appropriate network that the DHCP server resides on. -Eric -Original Message- From: Logan, Harold [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:41 AM To: [EMAIL PROTECTED] Subject: RE: multiple DHCP scopes in a vlan with primary an [7:27264] For those of you that have implemented VLANs with DHCP, do you use one DHCP server per VLAN, or is there a way to bind a specific DHCP scope to each VLAN? Thanks, Hal -Original Message- From: Syed Raza [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:59 AM To: [EMAIL PROTECTED] Subject: Re: multiple DHCP scopes in a vlan with primary an [7:27264] It is not recommended to have multiple subnet in one VLAN. Basically you are killing the whole concept of isolating the broadcast domain. But you can not argue that it does'nt work. Your DHCP server can assign any ip from its scopes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27367t=27264 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can 10Base2/5 be connected with FDDI ? [7:27352]
See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27368t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWork2000 Routed WAN Solution for NT [7:27370]
Hi Guys, I need to do a Topology Map or Layout of my WAN Network but no procedures are described in all applications or tools installed with the bundled (software RWAN - CWRW-1.0-NT). Is possible to do it with this software Somebody have a similar case or know about it ? Thank in advance Anibal Pita Ingedigit C.A Ingenierma Div. Telecomunicaciones Soluciones de Internetworking voz, datos y SS7 Telifonos: 58-0212-9534811 / 58-0414-2340304 / Fax: 58-0212-9536705 Website: http://www.ingedigit.com e-mail: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27370t=27370 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Unequal load balancing? [7:27311]
I can give you a good example of utilizing EIGRP unequal cost load balancing I had done. A customer had three T1's to a remote site. Two were p-t-p and the other was a channel off of a T3. When the T3 was added EIGRP choose it, ignoring the other two T1's. Using the variance command I forced EIGRP to utilize all three T1's via CEF per packet load balancing. Not typical but it's the real world. Dave Jonathan Hays wrote: Howard C. Berkowitz wrote: It is an OSPF design principle. Essentially, current-generation routing protocols (i.e., without traffic engineering) are incapable of doing other than hop-by-hop load sharing, which may lead to extremely poor end-to-end utilization. The IETF consensus is that when you need to optimize utilization, conserve resources, etc., you need traffic engineering. Routing is intended for topology discovery rather than traffic optimization. In other words, I consider, and I think most routing authorities would agree, that the unequal cost load balancing of IGRP and EIGRP really is a blind alley in protocol development. Interesting. Thanks for that insight, Howard. And it makes sense because although I've played with it in the lab, I have never needed to configure EIGRP/IGRP unequal cost load balancing in the real world, nor even seen it configured. (Not that my experience is that wide.) I wonder if anyone can comment regarding how widespread is the use of EIGRP or IGRP unequal cost load balancing? -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27372t=27311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can 10Base2/5 be connected with FDDI ? [7:27352]
Dont know how many devices will do FDDI. I have a feeling the Cat5000 has modules for it and I'm sure I remember a 4000 with an FDDI module in it. There are/were probably many more if you search around. Question is probably which ones are still available, and what kit you already have. Gaz Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27373t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: ACL Gurus [7:27361]
Hey Jeff, In access-list 102 I think you will have to allow echo reply from any network going to x.x.54.0 and x.x.55.0 or you will not be able to ping any host on the internet. I see that you have echo reply from access-list 102 permit icmp host x.x.x.x any echo-reply if this is the only machine you want a echo reply from then disregard previous statement. On access-list 101, you are not allowing tcp or udp going outbound? What will do you transport layer stuff? Don't know if this helps Might even confuse you more.. Scott -Original Message- From: Jeff [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 11:34 AM To: [EMAIL PROTECTED] Subject: ACL Gurus [7:27361] Looking to block icmp-echo on my external router... just want to doublecheck that I'm putting these on the right interfaces. Please, suggestions welcome! Cheers, Jeff access-list 101 permit icmp x.x.54.0 0.0.0.255 any echo access-list 101 permit icmp x.x.55.0 0.0.0.255 any echo *Permits internal network to ping any host access-list 101 permit ip any any *Permits any other traffic to and from the network. Need for the explicit deny access-list 102 permit icmp host x.x.x.x any echo-reply *Permits a ping reply from ISP servers for monitoring access-list 102 permit icmp any any packet-too-big *Permits Fragmentation Required ICMP packets (Used of MTU-PD) access-list 102 deny icmp any any echo-reply deny any echo reply from any other sources access-list 102 deny icmp any x.x.54.0 0.0.0.255 echo access-list 102 deny icmp any x.x.55.0 0.0.0.255 echo deny any echo from any other sources access-list 102 permit ip any any *Permits any other traffic to and from the network. Needed due to the explicit deny rule. Both Access-list are applied to the Serial Interfaces of the Edge router. Access list 102 is assigned to inbound traffic and Access list 101 is assigned to outbound traffic. See below.. Internet (same ISP, different BGP peers) S0/0 S0/1 \ / \/ \ / Edge Router | E0/0 | FW | LAN x.x.54.0 and x.x.55.0 networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27375t=27361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slimline 2 [7:27365]
THANKS! -Original Message- From: Duncan Personal Sent: Mon 11/26/2001 2:55 AM To: Pierre-Alex J. Guanel Cc: Subject: RE: Slimline 2 [7:27365] Hi Pierre-Alex, The PDS SDN simulator conforms to the European Telecommunications Standards Institute. I believe you need to configure basic-net3 as your switch-type. Regards Duncan -Original Message- From: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED]]On Behalf Of Pierre-Alex J. Guanel Sent: 26 November 2001 21:02 To: [EMAIL PROTECTED] Subject: Slimline 2 [7:27365] I am using the Slimline 2 ISDN simulator from PDS technologies. I cannot get the SPID to be accepted. (See below) ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHE TEI 64, ces = 1, state = 4(await init) spid1 configured, no LDN, spid1 sent, spid1 NOT valid I have not modifed the default phone numbers and configured on Slimline Below are my configs for bri0 interface BRI0 ip address 10.0.0.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer map ip 10.0.0.2 dialer-group 1 isdn switch-type basic-5ess isdn spid1 Is there a default LDN number I have to configure? Pierre-Alex [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27374t=27365 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can 10Base2/5 be connected with FDDI ? [7:27352]
At 03:16 PM 11/26/01, Daniel Cotts wrote: See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. That might solve the physical-layer connectivity problem, but you would still have a problem with signal encoding, framing, media access control, frame sizes, etc. They are two different technologies. To connect them, you need a bridge, switch, or router that has both an Ethernet and an FDDI connector. You might be able to find a low-cost bridge that does this on E-Bay (or maybe a new one at BlackBox or some such vendor). FDDI also requires a concentrator. If the goal is to learn FDDI for CCIE tests, maybe books are best!? ;-) Priscilla I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27376t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slimline 2 [7:27365]
Pierre, Hi! You have the wrong switch type configured for the Simline2. You want: ISDN switch-type basic-net3 Also, this switch type does NOT use spids! FYI thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net CCIE Labs, racks, and classes: http://www.ccbootcamp.com/quicklinks.html Pierre-Alex J. Guanel wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am using the Slimline 2 ISDN simulator from PDS technologies. I cannot get the SPID to be accepted. (See below) ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHE TEI 64, ces = 1, state = 4(await init) spid1 configured, no LDN, spid1 sent, spid1 NOT valid I have not modifed the default phone numbers and configured on Slimline Below are my configs for bri0 interface BRI0 ip address 10.0.0.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer map ip 10.0.0.2 dialer-group 1 isdn switch-type basic-5ess isdn spid1 Is there a default LDN number I have to configure? Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27369t=27365 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slimline 2 [7:27365]
THANKS! -Original Message- From: Brad Ellis Sent: Mon 11/26/2001 2:18 PM To: Pierre-Alex J. Guanel Cc: Subject: Re: Slimline 2 [7:27365] Pierre, Hi! You have the wrong switch type configured for the Simline2. You want: ISDN switch-type basic-net3 Also, this switch type does NOT use spids! FYI thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net CCIE Labs, racks, and classes: http://www.ccbootcamp.com/quicklinks.html Pierre-Alex J. Guanel wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am using the Slimline 2 ISDN simulator from PDS technologies. I cannot get the SPID to be accepted. (See below) ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHE TEI 64, ces = 1, state = 4(await init) spid1 configured, no LDN, spid1 sent, spid1 NOT valid I have not modifed the default phone numbers and configured on Slimline Below are my configs for bri0 interface BRI0 ip address 10.0.0.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer map ip 10.0.0.2 dialer-group 1 isdn switch-type basic-5ess isdn spid1 Is there a default LDN number I have to configure? Pierre-Alex [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27371t=27365 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Suggestions welcome [7:27378]
I have router on a stick configured between a Cisco 3600 and 4 Cisco 3548s that are trunk together and it is working OK. However, must all the 3548s have an ip address in the same subnet as vlan 1. I changed the ip address on a switch from interface vlan1 172.16.10.1/24 to vlan2 172.16.11.1/24 then I cannot ping that switch from the router or any other switch. Any suggestions Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27378t=27378 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EtherChannel XOR on 2900 and server - source or de [7:27348]
I couldn't find anything specifically on EtherChannel for the 2900, but I'm working on the assumption (so be careful =) that it operates the same as on the Cat5000/6000 series. From URL (watch for wrap): http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/channel.htm EtherChannel load balancing can use either MAC addresses or IP addresses and either source or destination or both source and destination addresses. The selected mode applies to all EtherChannels configured on the switch. Since the MACs in the NICs on the server are constant, as I assume the IP is also, I would think it would be best to use the Destination IP address (or MAC for that matter) for the XOR operation. Ideally, your PCs on the network would have IP addresses (or MACs) that are sufficiently distributed as to provide a good load balance when used in the XOR. From the same URL above: For example, if the traffic on a channel is going only to a single MAC address, using the destination MAC address always chooses the same link in the channel; using source addresses or IP addresses may result in better load balancing My 2 cents. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27377t=27348 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT: Sniffer Pro Graph Bandwidth [7:27324]
Thanks for your input. I'll try the history function and exporting to Excel and go from there. Thanks again! Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27379t=27324 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP Question [7:27380]
Hey All, I was trying to help a freind get his DHCP working, but got stuck. He has a DHCP server set up across the WAN. I know that routers drop broadcasts, so I thought I would be able to turn the DHCP/UDP broadcasts into unicasts by providing an ip-helper address, on the local ethernet pointing to the remote DHCP server, so I did, but this did not work. Secondly I tried putting on the ip dhcp-server a.b.c.d command, and thought maybe this would point incoming traffic towards the DHCP server, but again this did not work. I even tried doing the old ip forward-protocol udp statement. Then when I did a show run, I saw a no ip directed-broadcast statement, on the ethernet so I enabled that, but still no difference. Pls. Can someone give me a brief nudge in the direction I should be going next, or point out where I am going wrong. The DHCP server is working OK! I can ping it from the routers and can get addresses from the local network. The PC's are fine, waiting for an IP Address. My brain is tired and any hints would be appreciated. Regards, Rashid Lohiya [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27380t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
packet loss in LAN [7:27303]
Duplex mismatch perhaps? Check that the NICs/switch ports agree on whether they are talking half duplex or full duplex. Try forcing the settings rather than letting them auto-detect. JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 27/11/2001 09:26 am - Rajneesh Yadav cc: Sent by:Subject: packet loss in LAN [7:27303] nobody@groupstud y.com 26/11/2001 07:12 pm Please respond to Rajneesh Yadav Hi, I am receiving packet loss in my LAN network.I have four compaq server and desktops are connected to switches.I tried to awitch off allthe machines and tried to ping two machines each other still i got packet loss after 10 minutes.All the NIC were in auto detect mode and switch was also in autosense mode.Then i changed all in 100 mbps but still i receive packet loss after 10 minutes.The only thing left is cabling of the network.So please help me out to solve this problem. Regards Rajneesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27381t=27303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question [7:27380]
Try the IP Helper again. That should work for you. I can't think of any reason why the IP Helper shouldn't work. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27382t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 501 [7:27002]
You need to purchase an additional NIC to have a DMZ. It comes standard with two interfaces, as you stated. ccie1ab -Original Message- From: Alex Lee [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 21, 2001 12:01 PM To: [EMAIL PROTECTED] Subject: Re: PIX 501 [7:27002] I followed the link. The data sheet says : Quote Interfaces Console Port: RS-232 (RJ-45) 9600 baud Outside: Integrated 10BaseT port, half-duplex, RJ45 Inside: Integrated auto-sensing, auto-MDIX 4-port 10/100 switch, RJ45 Unquote The way I interpret this is that this PIX basically has two interfaces :- one outside (10BaseT port) and one inside but implemented as 4-port switch, which means you can only have two segments and no DMZ. Please correct me if I am wrong. Ole Drews Jensen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If you look here (watch for wordwrap) http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/px501_ds.htm You will see that it has 4 x 10/100 Mbps ethernet interfaces. This could be a newer model, but this one with 10 users and 3DES encryption license, can be bought from new for $495.- Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: David Tran [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 21, 2001 9:38 AM To: [EMAIL PROTECTED] Subject: Re: PIX 501 [7:27002] My take on the PIX501 is that it is similar to Cisco router 2501 in that the hardware is FIXED. It only has two interfaces. If you want to add another segment to your network (i.e. DMZ) then you have no choice but to upgrade to either a 515 or higher. Other than that, the PIX IOS code is the same through out the PIX Series (with the exception that for the 501 and 506 you don't have redundancy (fail-over support). - Original Message - From: Alex Lee To: Sent: Wednesday, November 21, 2001 9:57 AM Subject: Re: PIX 501 [7:27002] Has anyone used this PIX yet ? There were some discussions about this topic 2 weeks(?) ago but none of the participants to the discussion has had any actual hand-on experience with the PIX 501 at that time. I got a quote from our supplier for a new PIX DES bundle with 10 user licence for less than $500.00. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27383t=27002 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Question [7:27380]
Can't think of much that would stop it either as long as you have a scope set up for the interface which you put the ip helper address on. Gaz Michael Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Try the IP Helper again. That should work for you. I can't think of any reason why the IP Helper shouldn't work. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27384t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 501 [7:27002]
Pretty sure 501 is a fixed port firewall. You can't buy another NIC. Just has outside NIC, and, an internal NIC which is presented as a 4 port switch. I think the 515 is the smallest expandable Cisco Firewall. Regards, Gaz Mcfadden, Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You need to purchase an additional NIC to have a DMZ. It comes standard with two interfaces, as you stated. ccie1ab -Original Message- From: Alex Lee [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 21, 2001 12:01 PM To: [EMAIL PROTECTED] Subject: Re: PIX 501 [7:27002] I followed the link. The data sheet says : Quote Interfaces Console Port: RS-232 (RJ-45) 9600 baud Outside: Integrated 10BaseT port, half-duplex, RJ45 Inside: Integrated auto-sensing, auto-MDIX 4-port 10/100 switch, RJ45 Unquote The way I interpret this is that this PIX basically has two interfaces :- one outside (10BaseT port) and one inside but implemented as 4-port switch, which means you can only have two segments and no DMZ. Please correct me if I am wrong. Ole Drews Jensen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If you look here (watch for wordwrap) http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/px501_ds.htm You will see that it has 4 x 10/100 Mbps ethernet interfaces. This could be a newer model, but this one with 10 users and 3DES encryption license, can be bought from new for $495.- Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: David Tran [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 21, 2001 9:38 AM To: [EMAIL PROTECTED] Subject: Re: PIX 501 [7:27002] My take on the PIX501 is that it is similar to Cisco router 2501 in that the hardware is FIXED. It only has two interfaces. If you want to add another segment to your network (i.e. DMZ) then you have no choice but to upgrade to either a 515 or higher. Other than that, the PIX IOS code is the same through out the PIX Series (with the exception that for the 501 and 506 you don't have redundancy (fail-over support). - Original Message - From: Alex Lee To: Sent: Wednesday, November 21, 2001 9:57 AM Subject: Re: PIX 501 [7:27002] Has anyone used this PIX yet ? There were some discussions about this topic 2 weeks(?) ago but none of the participants to the discussion has had any actual hand-on experience with the PIX 501 at that time. I got a quote from our supplier for a new PIX DES bundle with 10 user licence for less than $500.00. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27385t=27002 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Wireless LAN Specialization [7:27312]
Some of the guys I work with used the Planet Wireless test from Boson, o0k its not Cisco but at least it gave them some ideas on what might be tested as regards specifications and the like. Doug Justice wrote: Hi. If anyone of you have sample questions and practice tests that could help me thru the Wireless LAN specialization, that would be very helpful. Any suggestions about the Wireless LAN exams? Thanks in advance. Doug. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27387t=27312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay/ISDN Question [7:27386]
Question, I have a network that is connected via frame relay. Each site also has BRI Lines setup from ISDN Dial-Backup. The backup interface BRI1/0 command is on the PVC Sub-Interface on each router. Occasionally, we will have a problem with our PVC and it will still show up, but we won't be able to route traffic over it. I'm trying to figure out a config so that if the traffic times out on the serial interface, it will DDR on the BRI line. The problem is, that with the Backup Interface command, the BRI line goes into Administratively down mode, so I don't think a floating static route will work. Any ideas? Thanks, Joshua Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27386t=27386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay/ISDN Question [7:27386]
Cisco created the frame relay end-to-end keep alive command to address just the issue you describe. It actually sends a configurable keep alive between the end points to verify connectivity. Check out the Doc CD Wan Switching Guide. Look under frame relay and the entire keepalive command set is there. -Original Message- From: Joshua Gottlieb [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 4:00 PM To: [EMAIL PROTECTED] Subject: Frame Relay/ISDN Question [7:27386] Question, I have a network that is connected via frame relay. Each site also has BRI Lines setup from ISDN Dial-Backup. The backup interface BRI1/0 command is on the PVC Sub-Interface on each router. Occasionally, we will have a problem with our PVC and it will still show up, but we won't be able to route traffic over it. I'm trying to figure out a config so that if the traffic times out on the serial interface, it will DDR on the BRI line. The problem is, that with the Backup Interface command, the BRI line goes into Administratively down mode, so I don't think a floating static route will work. Any ideas? Thanks, Joshua Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27388t=27386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: multiple DHCP scopes in a vlan with primary and se [7:27163]
Well I had a closer look at this question for 3 reasons: a. I was bored this evening, playing bridge, didn;'t have 1 good hand and always seem to be letting my partner play the contract. b. I had equipment sat around doing nothing and most importantly c. I wandered why someone from Cisco was aksing this question. So a quick test and a. there is nothing wrong wqith having secondary addressing on a VLAN - though why you would want to do this at the moment escapes me. b. DHCP with/without an IP helpder address will respond with an address from the scope relating to the primary IP address range of a VLAN. However c. There appears to be one exception. If you specify a static DHCP binding of MAC to IP address and that IP address is from the scope relating to the secondary address range, the the requesting station gets an IP address from the secondary range. No we played around with DHCP on the primary and secondary VLAN as well a sbeing somewher else completely and the rule appears to be For each request provide an address from the primary VLAN Ip address range except where a static MAC-IP address is found. But why do this ? Mahesh Gupta wrote: Hi, I need some help on knowing about the config of multiple DHCP scopes in a single VLAN where we have primary and secondary IP addresses defined (two different subnets along with HSRP groups). Config on the MSFC for the VLAN is as :- ip address 10.2.0.1 255.255.255.0 secondary ip address 10.1.0.1 255.255.255.0 no ip redirects standby 22 ip 10.1.0.254 standby 23 ip 10.2.0.254 IP-helper-address and other parameters remains same as my HDCP server is same for both the scopes i.e. 10.2.0.1 255.255.255.0 and 10.1.0.1 255.255.255.0. Any suggestions ...? Thanks, Mahesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27389t=27163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF and E2's, why default? [7:27390]
Since we were talking a little about OSPF today, I'd like to pose a question. When it comes to Path Types, Cisco uses E2's by default rather than E1's. Can someone tell me why? If E1's include the cost of the path to the ASBR that is distributing that route information into the autonomous system why wouldn't we want to know the entire cost of the path? Not knowing the internal path can lead to you taking a higher cost internal path if that path has a lower external cost. Doyle uses an example in his TCP/IP book (p. 489) that shows exactly such a situation occurring. Why would Cisco default to E2's if that could lead to sub optimal routing? Just curious, Chris Christopher A. Kane CCNP/CCDP Technical Support - Solution Center/Hilliard WorldCom Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27390t=27390 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Question [7:27380]
At 05:14 PM 11/26/01, Rashid Lohiya wrote: Hey All, I was trying to help a freind get his DHCP working, but got stuck. He has a DHCP server set up across the WAN. What kind of WAN? Frame, ISDN, leased line, etc.? Who is the service provider? Is it a VPN? It should work, but maybe there's something weird about the WAN. For example ISDN with PPP does its own IP address negotiation. I know that routers drop broadcasts, so I thought I would be able to turn the DHCP/UDP broadcasts into unicasts by providing an ip-helper address, on the local ethernet pointing to the remote DHCP server, so I did, but this did not work. This should work. Make sure you have a scope set up on the DHCP server for the local Ethernet subnet. Secondly I tried putting on the ip dhcp-server a.b.c.d command, and thought maybe this would point incoming traffic towards the DHCP server, but again this did not work. This shouldn't be necessary. I even tried doing the old ip forward-protocol udp statement. This shouldn't be necessary. By default, the helper address forwards a bunch of UDP packets, including DHCP. The ip forward-protocol command is used (with no) to get it not to forward ones you don't want. Then when I did a show run, I saw a no ip directed-broadcast statement, on the ethernet so I enabled that, but still no difference. That won't help and does represent a minor security problem. (It lets hackers send directed broadcasts, for example, to ping your entire subnet.) Pls. Can someone give me a brief nudge in the direction I should be going next, or point out where I am going wrong. We can't look into our crystal balls and psychically determine a solution to your problem. ;-) But with more info, we can hazard some guesses. The DHCP server is working OK! I can ping it from the routers and can get addresses from the local network. Make sure you can ping it from the Ethernet subnet. If you use extended ping you can make sure that the source IP address is the router's address on its Ethernet interface. The PC's are fine, waiting for an IP Address. My brain is tired and any hints would be appreciated. Regards, Rashid Lohiya [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27391t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ACL Gurus [7:27361]
Ok I am a little confused here, but 1. What does access-list 101 actually deny ? 2. If you permit all ip are you not also allowing all tcp udp ? Matt T Jeff wrote: Looking to block icmp-echo on my external router... just want to doublecheck that I'm putting these on the right interfaces. Please, suggestions welcome! Cheers, Jeff access-list 101 permit icmp x.x.54.0 0.0.0.255 any echo access-list 101 permit icmp x.x.55.0 0.0.0.255 any echo *Permits internal network to ping any host access-list 101 permit ip any any *Permits any other traffic to and from the network. Need for the explicit deny access-list 102 permit icmp host x.x.x.x any echo-reply *Permits a ping reply from ISP servers for monitoring access-list 102 permit icmp any any packet-too-big *Permits Fragmentation Required ICMP packets (Used of MTU-PD) access-list 102 deny icmp any any echo-reply deny any echo reply from any other sources access-list 102 deny icmp any x.x.54.0 0.0.0.255 echo access-list 102 deny icmp any x.x.55.0 0.0.0.255 echo deny any echo from any other sources access-list 102 permit ip any any *Permits any other traffic to and from the network. Needed due to the explicit deny rule. Both Access-list are applied to the Serial Interfaces of the Edge router. Access list 102 is assigned to inbound traffic and Access list 101 is assigned to outbound traffic. See below.. Internet (same ISP, different BGP peers) S0/0 S0/1 \ / \/ \ / Edge Router | E0/0 | FW | LAN x.x.54.0 and x.x.55.0 networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27392t=27361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can 10Base2/5 be connected with FDDI ? [7:27352]
What is interesting to me is how I read the question as opposed to others. My understanding was that he wanted to run FDDI end to end over thin or thick coax. The layer two protocol was FDDI. At question was the acceptability of the media. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 3:04 PM To: [EMAIL PROTECTED] Subject: RE: Can 10Base2/5 be connected with FDDI ? [7:27352] At 03:16 PM 11/26/01, Daniel Cotts wrote: See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. That might solve the physical-layer connectivity problem, but you would still have a problem with signal encoding, framing, media access control, frame sizes, etc. They are two different technologies. To connect them, you need a bridge, switch, or router that has both an Ethernet and an FDDI connector. You might be able to find a low-cost bridge that does this on E-Bay (or maybe a new one at BlackBox or some such vendor). FDDI also requires a concentrator. If the goal is to learn FDDI for CCIE tests, maybe books are best!? ;-) Priscilla I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27393t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: E1 R2 Signalling [7:27270]
Mohamed, I guess that you are missing ani at the end of ds0-group command. Here is part of my config: ! controller E1 0/0 framing NO-CRC4 ds0-group 1 timeslots 1-15,17-31 type r2-digital r2-compelled ani cas-custom 1 country easteurope use-defaults ! Sasa Mohamed el-Komy wrote: Hi all, I've a prbolem related to appearence of caller ID on E1 R2 configured on AS 5400. What do I've to add in configuration to support caller ID appearence or is it enabled by default like DNIS? Any help greatly appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27394t=27270 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bug with Frame Relay Fragmentation? [7:27215]
Only seen anything like this when we have had to beat up tout customers service provider and tell them how to configure Frame Relay and not mark large frames DE or simply drop when the load picks up their network. Not sure about 12.2(3) but thats just personal preference, always liek to see a T John Neiberger wrote: We configured something today that caused some problems and I was wondering if any of you have seen this before. We need to implement frame relay ip rtp priority which requires FRF to be configured. We don't actually want to fragment any frames so we set the fragmentation size at 1600. The problem was that really large frames were still being fragmented and they'd be dropped by the remote router. This caused some severe problems with user applications that used large frames. I've sent an email to TAC but I haven't heard from there since I provided all of the details. Have any of you seen this behavior before? We're running 12.2(3) on a 7513 but we've seen this a few weeks ago on a 2600. Any thoughts? John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27395t=27215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL Gurus [7:27361]
My view/guestimation only here, so anyone is welcome to pick holes in it: I would apply 101 (the outgoing access list to the ethernet port). May as well drop the rubbish before the router processes it. I would also make it: access-list 101 permit icmp x.x.54.0 0.0.1.255 any echo (equivalent to your two lines) access-list 101 deny icmp any any (denies all other icmp, otherwise your next line allowed everything including icmp) access-list 101 permit ip any any I would apply 102 as you have on the serial interface, with slight change. access-list 102 permit icmp any any echo-reply (presumably as you allowed echo outgoing, you want the replies) access-list 102 deny icmp any any (may as well block all other icmp) access-list 102 permit ip any any Of course this is just fictional to control icmp only. I've changed it about 4 times, so I've no doubt it could take some more changes. Regards, Gaz Matthew Tayler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ok I am a little confused here, but 1. What does access-list 101 actually deny ? 2. If you permit all ip are you not also allowing all tcp udp ? Matt T Jeff wrote: Looking to block icmp-echo on my external router... just want to doublecheck that I'm putting these on the right interfaces. Please, suggestions welcome! Cheers, Jeff access-list 101 permit icmp x.x.54.0 0.0.0.255 any echo access-list 101 permit icmp x.x.55.0 0.0.0.255 any echo *Permits internal network to ping any host access-list 101 permit ip any any *Permits any other traffic to and from the network. Need for the explicit deny access-list 102 permit icmp host x.x.x.x any echo-reply *Permits a ping reply from ISP servers for monitoring access-list 102 permit icmp any any packet-too-big *Permits Fragmentation Required ICMP packets (Used of MTU-PD) access-list 102 deny icmp any any echo-reply deny any echo reply from any other sources access-list 102 deny icmp any x.x.54.0 0.0.0.255 echo access-list 102 deny icmp any x.x.55.0 0.0.0.255 echo deny any echo from any other sources access-list 102 permit ip any any *Permits any other traffic to and from the network. Needed due to the explicit deny rule. Both Access-list are applied to the Serial Interfaces of the Edge router. Access list 102 is assigned to inbound traffic and Access list 101 is assigned to outbound traffic. See below.. Internet (same ISP, different BGP peers) S0/0 S0/1 \ / \/ \ / Edge Router | E0/0 | FW | LAN x.x.54.0 and x.x.55.0 networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27396t=27361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can 10Base2/5 be connected with FDDI ? [7:27352]
See what you mean now I read it again, but if you expand the abbreviation: FDDI - Fibre Distributed Data Interface the answer to whether it can be passed over copper seems more obvious. CDDI - Copper Distributed Data Interface may be the way if the question was Can the technology pass over thin or thick coax, but from what I remember, CDDI used (at least) two pairs (but I wouldn't argue that point), so coax is out. Regards, Gaz Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What is interesting to me is how I read the question as opposed to others. My understanding was that he wanted to run FDDI end to end over thin or thick coax. The layer two protocol was FDDI. At question was the acceptability of the media. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 3:04 PM To: [EMAIL PROTECTED] Subject: RE: Can 10Base2/5 be connected with FDDI ? [7:27352] At 03:16 PM 11/26/01, Daniel Cotts wrote: See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. That might solve the physical-layer connectivity problem, but you would still have a problem with signal encoding, framing, media access control, frame sizes, etc. They are two different technologies. To connect them, you need a bridge, switch, or router that has both an Ethernet and an FDDI connector. You might be able to find a low-cost bridge that does this on E-Bay (or maybe a new one at BlackBox or some such vendor). FDDI also requires a concentrator. If the goal is to learn FDDI for CCIE tests, maybe books are best!? ;-) Priscilla I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27397t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: problem in router config ? [7:27288]
This may help: http://www.cisco.com/warp/public/125/fr_isdn_backup.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27398t=27288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
What's it worth... [7:27400]
to be a certified Cisco engineer ? Answer these days appears to be 'not a lot' I have been with 3 clients today who are all trying to recruit CCNP or CCIE staff and they had asked for help in the interview process. The followign is just one example of an interview, but it goes for all 3 and more. All goes well until the first CCIE candidate asks about money and was told its 60K (UK Sterling) no frills no overtime, maybe a car, but you only work at one site. This to work in London, where CCIE used to command 100K+ So I did some checking with some friends who work as recruitment consultants and yes 60-70K is topline now for a CCIE, and 30K for CCNP with 5 years experience, its a lot less without experience IF you get a job. The reasons behind this a. Recession - so everyone will run for cover and take a permanent job. b. CCIE's are plentiful and therefore cheap and CCNP's are even worse off Now this is the view from the employer(s). I can print here what the Cisco account manager(s) said to me afterwards as we talked on the train home, but they and some of their associates are taking the message back, 'we have got it wrong' in trying to turen out CCIE's too quickly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27400t=27400 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can 10Base2/5 be connected with FDDI ? [7:27352]
He didn't say coax cable. He said 10Base2/5, which are Ethernet technoloiges that use coax cable. I don't think you can run FDDI over coax cable. (Consider what the F stands for! ;-) CDDI supports FDDI's MAC layer using UTP cabling. Reading between the lines, I think he is trying to get some FDDI practice on a router that only has Ethernet interfaces. This would be like trying to take an airplane from a train station. In some (mostly non-USA unfortunately) cities, there are terminals that support both airplanes and trains. In some networks, there are devices that support both FDDI and Ethernet. They are called bridges, switches, or routers. Priscilla At 06:37 PM 11/26/01, Daniel Cotts wrote: What is interesting to me is how I read the question as opposed to others. My understanding was that he wanted to run FDDI end to end over thin or thick coax. The layer two protocol was FDDI. At question was the acceptability of the media. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 3:04 PM To: [EMAIL PROTECTED] Subject: RE: Can 10Base2/5 be connected with FDDI ? [7:27352] At 03:16 PM 11/26/01, Daniel Cotts wrote: See the following URL for a high level overview of FDDI. It states that there is a copper twisted pair medium allowed. That might solve the physical-layer connectivity problem, but you would still have a problem with signal encoding, framing, media access control, frame sizes, etc. They are two different technologies. To connect them, you need a bridge, switch, or router that has both an Ethernet and an FDDI connector. You might be able to find a low-cost bridge that does this on E-Bay (or maybe a new one at BlackBox or some such vendor). FDDI also requires a concentrator. If the goal is to learn FDDI for CCIE tests, maybe books are best!? ;-) Priscilla I'd suggest a search on google to define exactly what the spec states. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/fddi.htm -Original Message- From: Charles Mao [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 12:26 PM To: [EMAIL PROTECTED] Subject: Can 10Base2/5 be connected with FDDI ? [7:27352] Can 10Base2/5 be connected with FDDI ? If yes, how ? If no, why ? Thank you. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27401t=27352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF and E2's, why default? [7:27390]
Hello Christopher, If I am not mistaken, E2 is always used by default, but if E1 and E2 are both available for the same destination, E1 will be used. http://www.cisco.com/warp/public/104/3.html Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27403t=27390 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ACL Gurus [7:27361]
Hello, Good call on the access-list 101 permit icmp x.x.54.0 0.0.1.255 any echo (equivalent to your two lines) My understanding is ICMP is not a subset of IP or anything with IP protocol. ICMP and IP both work at the network layer and are separate protocols. So you would not need the access-list 102 deny icmp any any (may as well block all other icmp) or access-list 102 deny icmp any any (may as well block all other icmp) because the implicit deny at the end should take care of dropping the unwanted protocols. Please correct me if I am wrong. What about udp and tcp protocols? The implicit deny would drop all protocols at the end. Scott -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 3:56 PM To: [EMAIL PROTECTED] Subject: Re: ACL Gurus [7:27361] My view/guestimation only here, so anyone is welcome to pick holes in it: I would apply 101 (the outgoing access list to the ethernet port). May as well drop the rubbish before the router processes it. I would also make it: access-list 101 permit icmp x.x.54.0 0.0.1.255 any echo (equivalent to your two lines) access-list 101 deny icmp any any (denies all other icmp, otherwise your next line allowed everything including icmp) access-list 101 permit ip any any I would apply 102 as you have on the serial interface, with slight change. access-list 102 permit icmp any any echo-reply (presumably as you allowed echo outgoing, you want the replies) access-list 102 deny icmp any any (may as well block all other icmp) access-list 102 permit ip any any Of course this is just fictional to control icmp only. I've changed it about 4 times, so I've no doubt it could take some more changes. Regards, Gaz Matthew Tayler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ok I am a little confused here, but 1. What does access-list 101 actually deny ? 2. If you permit all ip are you not also allowing all tcp udp ? Matt T Jeff wrote: Looking to block icmp-echo on my external router... just want to doublecheck that I'm putting these on the right interfaces. Please, suggestions welcome! Cheers, Jeff access-list 101 permit icmp x.x.54.0 0.0.0.255 any echo access-list 101 permit icmp x.x.55.0 0.0.0.255 any echo *Permits internal network to ping any host access-list 101 permit ip any any *Permits any other traffic to and from the network. Need for the explicit deny access-list 102 permit icmp host x.x.x.x any echo-reply *Permits a ping reply from ISP servers for monitoring access-list 102 permit icmp any any packet-too-big *Permits Fragmentation Required ICMP packets (Used of MTU-PD) access-list 102 deny icmp any any echo-reply deny any echo reply from any other sources access-list 102 deny icmp any x.x.54.0 0.0.0.255 echo access-list 102 deny icmp any x.x.55.0 0.0.0.255 echo deny any echo from any other sources access-list 102 permit ip any any *Permits any other traffic to and from the network. Needed due to the explicit deny rule. Both Access-list are applied to the Serial Interfaces of the Edge router. Access list 102 is assigned to inbound traffic and Access list 101 is assigned to outbound traffic. See below.. Internet (same ISP, different BGP peers) S0/0 S0/1 \ / \/ \ / Edge Router | E0/0 | FW | LAN x.x.54.0 and x.x.55.0 networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27404t=27361 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Redistribution [7:27406]
I have the following topology, yet I don't understand how to get it working? /25 /24 Router A - Router B Router C OSPF Area 1IGRP AS 100 (AS 100) So on Router B: router ospf 100 network x.x.x.x mask y.y.y.y redistribute igrp 100 default-metric router igrp 100 network x.x.x.x redistribute ospf 100 subnets OR redistribute connected default-metric Any help would be greatly appreciated. Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27406t=27406 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]