CCIE Written Question [7:28259]
I want to start studying for the CCIE written exam, just wondering what books should I buy / read for this? Any help will be greatly appreciated. Best Regards, Hunt Lee IP Solution Analyst Cable & Wireless Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28259&t=28259 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
enquiry on 5505 switch optical fibre port [7:28258]
Hi... I have a 5505 catalyst switch, there are two supervisor on its module/slot 1 and 2. Module 1's is in ok status and module 2 is standby status. There are two optical fibre port on each of the supervisor module, and the two optical fibre port on the module 1 is connected to another 2 X 5505 catalyst switches and another two optical ports on the standby is left unconnected. My question is 1)I want to connect the 5505 switch with another 2X catalyst 3660 switch via the two optical port on the standy module, is that okay, or we need to buy another supervisor module? 2)When I type "show module 2", why I can't see the two optical fibre status? 3)If we want to add on more supervisor module, what should we do? Just slot in?? Thanks in advance Cat55-L8-1> sh module Mod Slot Ports Module-Type Model Status --- - - --- 1 12 1000BaseSX Supervisor WS-X5534ok 2 22 1000BaseSX Supervisor WS-X5534standby 3 32410/100BaseTX Ethernet WS-X5225R ok 4 41 Route Switch WS-X5302ok 5 52410/100BaseTX Ethernet WS-X5225R ok Mod Module-Name Serial-Num --- --- 1 00012751856 2 00012741455 3 00013370887 4 00013353225 5 00012786062 Mod MAC-Address(es)Hw Fw Sw --- -- -- -- - 1 00-d0-06-3e-0c-00 to 00-d0-06-3e-0f-ff 3.23.1.2 5.1(1) 2 00-d0-06-3e-0c-00 to 00-d0-06-3e-0f-ff 3.23.1.2 5.1(1) 3 00-50-0f-b7-2e-58 to 00-50-0f-b7-2e-6f 3.14.3(1) 5.1(1) 4 00-e0-1e-92-72-c8 to 00-e0-1e-92-72-c9 7.520.14 12.0(3c)W5(8), 5 00-50-0f-20-f9-a8 to 00-50-0f-20-f9-bf 3.14.3(1) 5.1(1) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- - -- -- 1 EARL 1+ WS-F5520 0012736730 1.1 1 uplink WS-U5534F 0012779546 1.0 2 EARL 1+ WS-F5520 0011446300 1.1 2 uplink WS-U5534F 0012779657 1.0 Cat55-L8-1> Cat55-L8-1> sh module 1 Mod Slot Ports Module-Type Model Status --- - - --- 1 12 1000BaseSX Supervisor WS-X5534ok Mod Module-Name Serial-Num --- --- 1 00012751856 Mod MAC-Address(es)Hw Fw Sw --- -- -- -- - 1 00-d0-06-3e-0c-00 to 00-d0-06-3e-0f-ff 3.23.1.2 5.1(1) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- - -- -- 1 EARL 1+ WS-F5520 0012736730 1.1 1 uplink WS-U5534F 0012779546 1.0 Cat55-L8-1> sh module 2 Mod Slot Ports Module-Type Model Status --- - - --- 2 22 1000BaseSX Supervisor WS-X5534standby Mod Module-Name Serial-Num --- --- 2 00012741455 Mod MAC-Address(es)Hw Fw Sw --- -- -- -- - 2 00-d0-06-3e-0c-00 to 00-d0-06-3e-0f-ff 3.23.1.2 5.1(1) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- - -- -- 2 EARL 1+ WS-F5520 0011446300 1.1 2 uplink WS-U5534F 0012779657 1.0 Cat55-L8-1> == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28258&t=28258 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN DDR Question [7:28257]
hey all, just wondering if anyone knows how to extend the amount of time it takes before the second channel comes down after the traffic level drops below the load threshold, when using multilink isdn with 2 channels? Any help would be great!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28257&t=28257 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need BCRAN latest Dumps! [7:28236]
>Hi All, >This is my first email on groupstudy mailing list! i >will be giving BCRAN this weekend! i have read the >book of BCRAN - Cisco Press! also did some practice of >BOSON! now i need some latest Dumps of BCRAN, if >available anywhere pls. do let me know! >B'Rgds, >SAJ In networks, braindumps are rather dangerous. If your brain is equipped with a GigE interface, and you only have 32K of RAM, dumping the course into it can cause a rather messy explosion. Understanding, however, takes place in your NVRAM, which, surprisingly, has mich more capacity than a Cisco NVRAM. It is far wiser to load it with the necessary IOS information. If you feel you need a dump to pass the test AND present yourself as someone qualified to get a job in this economy, you had best postpone the exam and study some more. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28251&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Any information about Networkforce? [7:28254]
Hi all, Does anybody have any experience with NetworkForce? Appreciate your input! Thank you Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28254&t=28254 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN [7:21120]
Hi corness, Thanks fer your earlier replies My setup as follows.. pvt network-RouterInternet-Pixpvt network I want to do a VPN between the private networks using ipsec.I am concerned with router side.The s0 (10.1.0.1/24) of router is connected to pvt network and e0(210.11.3.1/24) to internet. I do the following on my router access-list 101 permit 10.1.0.0 255.255.255.0 172.1.0.0 255.255.255.255 crypto ipsec transform-set set1 esp-des esp-sha-hmac crypto map vpn 10 ipsec-isakmp crypto map vpn 10 match-address 101 crypto map vpn set peer 210.14.7.2 crypto map vpn set transform-set set1 isakmp enable e0 isakmp policy 20 isakmp policy 20 encryption des isakmp policy 20 hash md5 isakmp policy 20 authentication rsa-sig isakmp policy 20 group 1 interface e0 crypto map vpn My questions... 1)What kind of static route should I add?(I want only 10.1.0.0 to talk to 172.1.0.0 and vice versa using vpn.Rest all denied) 2)Do I need this if I don`t use nat on my router? route-map nonat permit 10 match ip address 130 3)Will this access list help me with security((i.e)except for 172.1.0.0 all other network cannot reach pvt network)? access_list 140 permit ip 172.1.0.0 0.0.0.0 any access_list 140 deny ip any any acl_group 140 e0 out cheers Ramesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28256&t=21120 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN/Frame redundant connection(2) [7:28255]
Hi All... I have been put into a project where someone else pitched a solution to implement a redundant connection over a dedicated private line (56K) and a VPN internet connection (frac T1). the hardware are 2 cisco 2611 routers with the 2 ethernet interfaces, 2 watchguard firebox 1000's, and some equipment for the private frame (already has CSU and RJ45 cable to hook up directly to ethernet interface on router). The internet connection is a fractional T1 on each side and as stated before 2 watchguard firewalls. The sides would be addressed like 172.16.x.x/16 and 172.17.x.x/16 and they were given this solution by someone who has since bailed on them after getting the equipment. What I am looking for is what is the easiest way to implement a solution that would allow the VPN connection to be the preferred route, but also allow the private frame to pick-up if they internet connection should become latent or go down. It could grind along slowly, but would function. I was just curious if anyone has gotten this type of solution to work with a watchguard in the middle? I was thinking of using something easy like EIGRP, but am a little miffed by how exactly to make this work across the VPN and the Frame at once -|x|--- private frame (56K)-- | | |router|---|watchguard|---(internet)---|watchguard|--|router| (switch) (swtich) 172.16.x.x/16 172.17.x.x/16 Just tried to show the 2 interfaces and the initial configuration of how the person before had it setup. What does anyone see as the best way to make this work reliably? Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28255&t=28255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Channelized E1 termination from MUX [7:28178]
Hello Mark , Your are right abt the framing ,line code and clock . There are 04 Leds on the card 1) Remote alarm , 2) Local alarm ,3) Local loopback , 4) Carrier Detect . Right now i am getting local alarm .My main question was that if loop is given on the E1 (physical loop) then should the local alarm led should stop glowing ? Thanks & Regards, Vijendra. "Mark Odette II" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Verify Framing, Line Code, and Clock Source parameters with Telco, as it > looks like you have a mis-match on those settings. > Loss of Frames indicates that your Framing or Line code parameters don't > match what the telco has set on their end, but it also might just be the > Clock Source parameter being incorrectly set. > > Let us know if that fixes your problem. > > Mark Odette II > StellarConnection Services > CCNA, 3/4 CCNP, etc., etc. > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Vijendra Jaiswal > Sent: Wednesday, December 05, 2001 6:55 AM > To: [EMAIL PROTECTED] > Subject: Channelized E1 terminatin from MUX [7:28178] > > > Hello , > > We are using channelized E1 on a PRI card of cisco3600 , for multiple 64K > ckts coming from a MUX which is placed at the TELCO . > > 1) Is it possible to get a loop on the channelized PRI controller( show > controller e1) by giving a 4 wire physical loop ? I did not get the loop on > the E1 controller of cisco router , by giving a four wire loop or by taking > a loop from TELCO . Loop is ok if tested on BERT meter . > 2) All connectivity/media is ok but the TELCO person observes an alarm on > the MUX when the channelized E1 is terminated at the Cisco PRI card on a > 3600 router. > 3) The o/p of the controller is given below : > > show controllers e1 1/0 > E1 1/0 is down. > Applique type is Channelized E1 - balanced > Transmitter is sending remote alarm. > Receiver has loss of signal. > alarm-trigger is not set > Framing is NO-CRC4, Line Code is HDB3, Clock Source is Internal. > Data in current interval (29 seconds elapsed): > 0 Line Code Violations, 0 Path Code Violations > 0 Slip Secs, 29 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins > 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 29 Unavail Secs > Data in Interval 1: > 1 Line Code Violations, 0 Path Code Violations > 0 Slip Secs, 827 Fr Loss Secs, 1 Line Err Secs, 0 Degraded Mins > ... > > > If anyone knows how to resolve this pls help me out. > > Thanks & Regards, > Vijendra. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28253&t=28178 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN/Frame redundant connection? [7:28252]
Hi All... I have been put into a project where someone else pitched a solution to implement a redundant connection over a dedicated private line (56K) and a VPN internet connection (frac T1). the hardware are 2 cisco 2611 routers with the 2 ethernet interfaces, 2 watchguard firebox 1000's, and some equipment for the private frame (already has CSU and RJ45 cable to hook up directly to ethernet interface on router). The internet connection is a fractional T1 on each side and as stated before 2 watchguard firewalls. The sides would be addressed like 172.16.x.x/16 and 172.17.x.x/16 and they were given this solution by someone who has since bailed on them after getting the equipment. What I am looking for is what is the easiest way to implement a solution that would allow the VPN connection to be the preferred route, but also allow the private frame to pick-up if they internet connection should become latent or go down. It could grind along slowly, but would function. I was just curious if anyone has gotten this type of solution to work with a watchguard in the middle? I was thinking of using something easy like EIGRP, but am a little miffed by how exactly to make this work across the VPN and the Frame at once |router|---|watchguard|---internet---|watchguard|---|router| | Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28252&t=28252 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:Advise on Auction fraud [7:28004]
What's up and what is the DEAL? Jason wrote: I would toss out names but I believe that the groupstudy server filter any messages with the seller name... They still owe me more than US$1000 and has refuse to answer my calls cliaming that I slander them and that their lawyers will contact me. I'm still waiting and I'm still going to continue to "slander" them until their pay me back the money. It has been a good 8 months since they agree to return the money. I don't expect to see it soon and I'm still waiting for the lawyers call and in fact, left my contact number , etc a couple of times in case they don't have it... Feel free to email me offline and I'll be glad to provide the details. I'm just sooo busy at the moment, else I'll "slander" them further on all the related usenet groups. Maybe I'll get around to doing it this Christmas as a present. Oh yeah, they do sell under a lot of different names in eBay. I got about a dozen of emails cliaming similar type of fraud, complaints to BBB doesn't do anything except a promise from BBB to file up the complaints on them for record. In case anybody is wondering , it is GStore or www.iq.com . ""Mike Sweeney"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Why not start posting names of sellers that are good to work with? I would > imagine it would get away from the possible slander threats. I will toss out > three names that I deal with on a regular basis and have zero complaints. > All have gone a bit beyond the normal in several cases. > > Quadrasource ( bigpeach) in Tustin CA.. they also do walk up sales.. Classic > store front with stuff spilling out of the back ;) > > Comstar ([EMAIL PROTECTED]) I gave him a call to pay for a Cat5000 and > mentioned it was for my lab. The pic showed empty slots.. no covers except > for the filled slots. The cat showed up 2 days later with ALL covers in > place. Nice guy :) > > Lassongdl I have bought three times from him and each has been trouble free. > And he is responsive to email even after the sale. I had a problem with a > card that ended up being a dirty connector but he was willing right away to > help or replace the card if needed. > > Now- I have NO stake in any of these companies aside from the money I send > them for more cisco parts :) I've just had very good luck with them on MY > purchases.. no claims are made beyond that. > > MikeS = = = = = = = = = = = = = = = = = = Please send replys to: [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = - Do You Yahoo!? Send your FREE holiday greetings online at Yahoo! Greetings. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28242&t=28004 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need BCRAN latest Dumps! [7:28236]
(entering the pearly gates of flame) You know, I rarely post on this board for one main reason. I exhaust all my resources beforehand, which includes seaching the forum board. What really makes you think that I would want you to just go get the "answers" to the test when so many people, including myself, work so hard to truly understand network technology? What really gets me is why you would post asking for braindumps here? Can you use a search engine? I would think it would be that tuff to find them. Maybe I'm being harsh and taking the wrong attitude, Alex was very professional in his statement and made his point. I just feel that if people are passing certifications without understanding what is happening in what they are studying and just using braindumps, it degrades the cert for all others. I take pride in being able to go into an interview and asking, "what kind of issues are you having on your network?,do you have a test lab that I could perform some taks for you?" I am more than willing to setup, configure or troubleshoot for an interview. I don't know everything, in fact far from it(real far :o)). But if I don't have the answer, I would like my possible employer to see how I utilize my resources to find the answer, find it efficiently and my thought process in seeking solutions and troubleshooting problems that arise. BrainDumps will not give you that confidence. Only, good hard studying and hands on hacking experience (and a little patience with your studies. (END RANT) B. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28246&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:Advise on Auction fraud [7:28004]
What's up and what is the DEAL? Jason wrote: I would toss out names but I believe that the groupstudy server filter any messages with the seller name... They still owe me more than US$1000 and has refuse to answer my calls cliaming that I slander them and that their lawyers will contact me. I'm still waiting and I'm still going to continue to "slander" them until their pay me back the money. It has been a good 8 months since they agree to return the money. I don't expect to see it soon and I'm still waiting for the lawyers call and in fact, left my contact number , etc a couple of times in case they don't have it... Feel free to email me offline and I'll be glad to provide the details. I'm just sooo busy at the moment, else I'll "slander" them further on all the related usenet groups. Maybe I'll get around to doing it this Christmas as a present. Oh yeah, they do sell under a lot of different names in eBay. I got about a dozen of emails cliaming similar type of fraud, complaints to BBB doesn't do anything except a promise from BBB to file up the complaints on them for record. In case anybody is wondering , it is GStore or www.iq.com . ""Mike Sweeney"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Why not start posting names of sellers that are good to work with? I would > imagine it would get away from the possible slander threats. I will toss out > three names that I deal with on a regular basis and have zero complaints. > All have gone a bit beyond the normal in several cases. > > Quadrasource ( bigpeach) in Tustin CA.. they also do walk up sales.. Classic > store front with stuff spilling out of the back ;) > > Comstar ([EMAIL PROTECTED]) I gave him a call to pay for a Cat5000 and > mentioned it was for my lab. The pic showed empty slots.. no covers except > for the filled slots. The cat showed up 2 days later with ALL covers in > place. Nice guy :) > > Lassongdl I have bought three times from him and each has been trouble free. > And he is responsive to email even after the sale. I had a problem with a > card that ended up being a dirty connector but he was willing right away to > help or replace the card if needed. > > Now- I have NO stake in any of these companies aside from the money I send > them for more cisco parts :) I've just had very good luck with them on MY > purchases.. no claims are made beyond that. > > MikeS = = = = = = = = = = = = = = = = = = Please send replys to: [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = - Do You Yahoo!? Send your FREE holiday greetings online at Yahoo! Greetings. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28242&t=28004 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re[6]: VPN is a Backdoor !!! [7:27725]
it is always fun to watch customers' eyes glaze over as you talk to them about exactly this kind of stuff. it is far easier for management to fire their CTO for a security breach than it is to enforce policy violated by their big producers and powerful cronies in the management suite. alas, the problem is indeed insoluble. for obvious reasons, VPN's are growing like crazy. I probably talk to two or three customers a week who want to set one up. hell, I wish my employer would set one up, because ISDN RAS is such a pain. one interesting solution I heard was to require two partitions on the hard drive. One partition boots to the VPN, the other to normal use. completely separate OS installations on both, so that if the non VPN partition is compromised, it still does not effect the other. anyone heard of this or doing it now? any comments? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kent Hundley Sent: Wednesday, December 05, 2001 7:00 AM To: [EMAIL PROTECTED] Subject: RE: Re[6]: VPN is a Backdoor !!! [7:27725] Right, but this again assumes that the user is not going to do something silly like, oh, use their own ISP some of the time because you are blocking and/or logging all the "interesting" sites on the Internet they want to use. They connect through a local ISP, go to the chat rooms, get some new software and presto, their machine has a nasty virus/worm/trojan. That nicely designed, expensive VPN cannot stop this. I understand perfectly that there are VPN technologies that can pretty sucessfully ensure that an uncompromised machine stays uncompromised, _just as long as the user does what they are supposed to do_. (i.e. only connect to the Internet through the methods you have setup) However, I say again the problem is that users behave in silly, erratic and unsafe ways and this is the problem that VPN's cannot solve in and of themselves. You can mitigate this through policies, procedures and various lockdown mechanisms on the machines used to access your VPN, but the issue is still going to be there. (what one person designs, another person can circumvent) Securing the endpoints is difficult because of the humans that use them. Getting the VPN built is the easy part. Getting humans to use it "correctly" is where the problems arise. -Kent -Original Message- From: SentinuS [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 1:44 AM To: Kent Hundley Cc: [EMAIL PROTECTED] Subject: Re[6]: VPN is a Backdoor !!! [7:27725] I try to explain what I mean : You have a mobile user who uses your VPN. You have an L2TP or Layer 3 transport agreement some of the ISPs (exp : AT&T) Now if your user call ISP which has an agreement with you, this user transported to you. And you authenticate again (if you want) than give him/her an IP. At this point they don't have any internet connection. After authenticate (or not) your mobile user, you give some restrictions to their. ( they can use some of your servers or not; they can access internet via you or not, etc.) Now if you give them "internet connection access permit", they have to access internet over your main gateway. This mean; if any hacker want to put Backdoor ob your mobile users via the internet, they must bypass your main gateway. If they can bypass your main gateway, there is another problem, but this is not a VPN problem. Monday, December 03, 2001, 8:29:59 PM, you wrote: KH> Not sure what you mean by this. The VPN technology used is irrelevant. If KH> I have a home user who uses their laptop to access the Internet, there are KH> various ways that machine could become compromised. If that user then KH> attaches to the VPN, I have a machine on my VPN that is compromised. It KH> doesn't matter what the method of VPN is (L2TP with IPsec, PPTP, etc), it's KH> not going to keep a compromised machine from continuing to be compromised. KH> All the VPN can do is keep a non-compromised machine from becoming KH> compromised through the VPN. If the machine is compromised before it KH> connects to the VPN, no amount of VPN technology is going to help. KH> This issue is not solvable through VPN technology because it isn't a VPN KH> problem. It's an end-station access control problem. At the end of the KH> day, if your users are allowed to completely control their own machines, the KH> liklihood that someones machine will be compromised approaches 1.0. (in KH> other words, certainty) This risk can be mitigated through various software KH> and poliices, but it cannot be eliminated. KH> -Kent --- cut here --- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28250&t=27725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can Pix support Email spamming [7:28163]
perhaps you should be looking at patching the holes in your mail server application? it seems to me that if you have become a relay for some spammer, that looking to your firewall to solve the problem is a bit naive. the fortress has been breached, so to speak. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of fahim Sent: Wednesday, December 05, 2001 4:40 PM To: [EMAIL PROTECTED] Subject: Re: Can Pix support Email spamming [7:28163] Yes, people using my mail server to spam other people or sending bulk or continuous messages to my outlook clients. fahim ""fahim"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group, > I have a exchange server residing on the inside interface, How can i protect > spamming on pix. Does pix protect email spamming, I know that there is a > command in Cisco IOS firewall feature set its > ip audit smtp spam.. but to what extent it protects. any inputs, I have > searched cisco.com, there is no page giving me the answer. > thanks > fahim > ccna, ccda, css1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28249&t=28163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Lab Attempt #2 - no go :-< [7:28142]
Let me clarify a bit here. I am quite impressed with the new format. I was not impressed by my performance, but I believe the one day lab is a more comprehensive and more difficult test than the two day. I look forward to my next encounter, set for June 16, 2002. I see from the scheduling tool that a lot of dates seem to open up at the last minute, and I want to get back in no later than the end of April. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rik Guyler Sent: Wednesday, December 05, 2001 7:03 PM To: [EMAIL PROTECTED] Subject: RE: Lab Attempt #2 - no go :-< [7:28142] Chuck, I can read the frustration in your post...I feel your pain. I have to say I am surprised to hear that your experience with the new lab was not a good one. If there is anybody I would say that about, it is you. I hope you are planning a vacation from Cisco. Certainly you are tired. A rested mind will make the choice to take the lab again (and take no prisoners). A rested mind will identify the objectives more clearly. And of course a rested mind will focus, comprehend and retain the required information more completely. Keep up the good work dude! Rik -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 8:35 PM To: [EMAIL PROTECTED] Subject: Lab Attempt #2 - no go :-< [7:28142] I wish I could say it took so long to get my results back because my excruciatingly sophisticated solutions to the problems presented required detailed and intimate analysis. Alas, that was not the case. For those ninnies who complain that the one day lab devalues the process, all I can say is WRONG! The lab I saw was far more difficult than I remember from my previous attempt, and my previous attempt was NOT easy. In my first attempt, I did not see anything I couldn't do. This time, although FAR better prepared, I saw LOTS of things I couldn't do. IMHO, the one day format, with the elimination of the monkey tasks, allows Cisco to demand a lot more. The 26 points previously allocated to terminal server setup, cabling, and troubleshooting all go someplace. WOW! The places they went! Previous topics that were glossed over appeared in depth. Cisco continues to up the ante, and not always in ways one might expect. Some things I wouldn't have expected were there in spades. Probably THE major factor continues to be reachability. If you don't understand the implications of the given network topology, and given interactions, you will be screwed. The topology presented was interesting. Amazing what one can do on a six router / two switch pod to wreak havoc and let you know what an idiot you are. Devious doesn't begin to describe it. Bootcamp and IPExpert - it ain't the number of routers, boys! The e-mail feedback is amusing, but not particularly informative. I failed with a score greater than 20, meaning I can go back in 30 days for more humiliation, if I so desire. the breakdown percentages ( not scores ) would be of more interest if I were sitting with the proctor discussing the whys and the expectations. Otherwise it does me no god at all. for example, I solved a particular problem doing something a particular way. It worked just fine in terms of the results. Yet on that section I scored very poorly. What were they looking for? Fat fingers are still the major enemy for me, at least. It's no fun fat fingering on a Cat 5K. Not by any means. It also helps to be certain layer two stuff is done correctly. Well, debriefing will be fun. I have the topology duplicated in my home lab, and I will "enjoy" analyzing the problems I saw in the real lab. No you can't telnet in to look. DON'T ASK! In terms of seating, it appears to me that there are now more racks in the lab, in San Jose, anyway. Half the seats are taken by those testing. The other half seem to be those used the previous day. the proctors crank through the idle racks, grading the previous day's results. One last thing. I know what CCO says, and I know what IOS I saw on my rack. Rats. The advertised IOS would have gone a long way towards eliminating a particular problem I had. Not complaining, because any CCIE should have been able to solve the particular puzzle no matter what the IOS involved. Just observing that some things are still in the process of change. The proctors are still the good folks I remember from last time. Too bad we are not given the opportunity for more interaction afterwards. I would really have enjoyed discussing my results. Whelp, another time. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28248&t=28142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS ver 12.1(7) or higher [7:28241]
Try www.cisco.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Anthony Toh Sent: Wednesday, December 05, 2001 6:55 PM To: [EMAIL PROTECTED] Subject: IOS ver 12.1(7) or higher [7:28241] Appreciate if anyone could show me where can I find & download the Cisco IOS 12.1(7) or higher release version. I need it urgently for the use of configuring Dialer Watch feature. I am using Cisco 2620 router. Thks. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28247&t=28241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need BCRAN latest Dumps! [7:28236]
I have taken the BCRAN on last week. I have got questions which ask you to select the router, Wan method for a situation--most ambigous part !. Select the correct command from a pool of commands - more than 10 questions, one question requires me to type the correct command from memory. Others are just the theories, Wan standard. You will know them if you understand the whole book since I also used ciscopress book to study ""SA J"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > This is my first email on groupstudy mailing list! i > will be giving BCRAN this weekend! i have read the > book of BCRAN - Cisco Press! also did some practice of > BOSON! now i need some latest Dumps of BCRAN, if > available anywhere pls. do let me know! > B'Rgds, > SAJ > > __ > Do You Yahoo!? > Send your FREE holiday greetings online! > http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28245&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Lab Attempt #2 - no go :-< [7:28142]
Chuck, I can read the frustration in your post...I feel your pain. I have to say I am surprised to hear that your experience with the new lab was not a good one. If there is anybody I would say that about, it is you. I hope you are planning a vacation from Cisco. Certainly you are tired. A rested mind will make the choice to take the lab again (and take no prisoners). A rested mind will identify the objectives more clearly. And of course a rested mind will focus, comprehend and retain the required information more completely. Keep up the good work dude! Rik -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 8:35 PM To: [EMAIL PROTECTED] Subject: Lab Attempt #2 - no go :-< [7:28142] I wish I could say it took so long to get my results back because my excruciatingly sophisticated solutions to the problems presented required detailed and intimate analysis. Alas, that was not the case. For those ninnies who complain that the one day lab devalues the process, all I can say is WRONG! The lab I saw was far more difficult than I remember from my previous attempt, and my previous attempt was NOT easy. In my first attempt, I did not see anything I couldn't do. This time, although FAR better prepared, I saw LOTS of things I couldn't do. IMHO, the one day format, with the elimination of the monkey tasks, allows Cisco to demand a lot more. The 26 points previously allocated to terminal server setup, cabling, and troubleshooting all go someplace. WOW! The places they went! Previous topics that were glossed over appeared in depth. Cisco continues to up the ante, and not always in ways one might expect. Some things I wouldn't have expected were there in spades. Probably THE major factor continues to be reachability. If you don't understand the implications of the given network topology, and given interactions, you will be screwed. The topology presented was interesting. Amazing what one can do on a six router / two switch pod to wreak havoc and let you know what an idiot you are. Devious doesn't begin to describe it. Bootcamp and IPExpert - it ain't the number of routers, boys! The e-mail feedback is amusing, but not particularly informative. I failed with a score greater than 20, meaning I can go back in 30 days for more humiliation, if I so desire. the breakdown percentages ( not scores ) would be of more interest if I were sitting with the proctor discussing the whys and the expectations. Otherwise it does me no god at all. for example, I solved a particular problem doing something a particular way. It worked just fine in terms of the results. Yet on that section I scored very poorly. What were they looking for? Fat fingers are still the major enemy for me, at least. It's no fun fat fingering on a Cat 5K. Not by any means. It also helps to be certain layer two stuff is done correctly. Well, debriefing will be fun. I have the topology duplicated in my home lab, and I will "enjoy" analyzing the problems I saw in the real lab. No you can't telnet in to look. DON'T ASK! In terms of seating, it appears to me that there are now more racks in the lab, in San Jose, anyway. Half the seats are taken by those testing. The other half seem to be those used the previous day. the proctors crank through the idle racks, grading the previous day's results. One last thing. I know what CCO says, and I know what IOS I saw on my rack. Rats. The advertised IOS would have gone a long way towards eliminating a particular problem I had. Not complaining, because any CCIE should have been able to solve the particular puzzle no matter what the IOS involved. Just observing that some things are still in the process of change. The proctors are still the good folks I remember from last time. Too bad we are not given the opportunity for more interaction afterwards. I would really have enjoyed discussing my results. Whelp, another time. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28244&t=28142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EMC Experience-clearance a plus [7:28243]
System Engineer Integrated Data Corporation (IDC) was founded in 1986. The company's goal is to provide clientele with technical expertise in the analysis, design and implementation of large, mission critical advanced information systems. Currently, we are seeking a full time Systems Engineers experienced with HP, SUN, IBM, EMC and networking. Position Requirements / Description Experienced Systems Engineer with strong background in system architecture, systems integration, networking. Ability to communicate effectively with customers is mandatory. This position requires the candidate to do the following: 7 Utilize strong customer interface skills to gather requirements, architect an appropriate solution, and establish an implementation plan 7 Perform technical hands-on integration of various products mentioned below. 7 Produce documentation and provide knowledge transfers to customers. 7 Top Secret Security Clearance is a huge plus 7 Ability to travel nationally and internationally a definite plus A minimum of 3 years experience with one or two of the following computing platforms is required: 7 Sun/Solaris 7 HP / HP-UX 7 IBM / AIX 7 Windows NT 7 Oracle 7 Exchange Experience with other technologies include: 7 EMC Symmetrix, Connectrix, or CLARiiON o SRDF o Timefinder o Powerpath o Control Center o SDDR o Navisphere 7 High Availability, Backup and recovery solutions including; o Veritas Netbackup, and /or o Disaster Recovery experience o Shell Scripting o Storage Area Networking experience (Fibre Channel switches, hubs, etc.) o Enterprise class data center operations experience (procedures, management, reporting, etc.) o Database skills Principals only. Recruiters, please don't contact this job poster. Please, no phone calls about this job! Please do not contact job poster about other services, products or commercial interests. Please e-mail [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28243&t=28243 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS ver 12.1(7) or higher [7:28241]
Appreciate if anyone could show me where can I find & download the Cisco IOS 12.1(7) or higher release version. I need it urgently for the use of configuring Dialer Watch feature. I am using Cisco 2620 router. Thks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28241&t=28241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson CCDA test? [7:28240]
I have a friend getting ready to test for this, which test do people recommend these days? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28240&t=28240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Someone want to have a second [7:28238]
Is there anyone here want to have Recert or Second CCIE test ? i am interesting in CCIE security. contact me at [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28238&t=28238 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need BCRAN latest Dumps! [7:28236]
(opens Flame Gates) -Original Message- From: SA J [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 5:08 PM To: [EMAIL PROTECTED] Subject: Need BCRAN latest Dumps! [7:28236] Hi All, This is my first email on groupstudy mailing list! i will be giving BCRAN this weekend! i have read the book of BCRAN - Cisco Press! also did some practice of BOSON! now i need some latest Dumps of BCRAN, if available anywhere pls. do let me know! B'Rgds, SAJ __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28239&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need BCRAN latest Dumps! [7:28236]
www.cisco.com -Original Message- From: SA J [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 8:08 PM To: [EMAIL PROTECTED] Subject: Need BCRAN latest Dumps! [7:28236] Hi All, This is my first email on groupstudy mailing list! i will be giving BCRAN this weekend! i have read the book of BCRAN - Cisco Press! also did some practice of BOSON! now i need some latest Dumps of BCRAN, if available anywhere pls. do let me know! B'Rgds, SAJ __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28237&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need BCRAN latest Dumps! [7:28236]
Hi All, This is my first email on groupstudy mailing list! i will be giving BCRAN this weekend! i have read the book of BCRAN - Cisco Press! also did some practice of BOSON! now i need some latest Dumps of BCRAN, if available anywhere pls. do let me know! B'Rgds, SAJ __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28236&t=28236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Queue counters and fast cache [7:28235]
I have also been told that you cannot view your queue when fast-switching is turned on, and only can when process-switching is on. I highly doubt it, but maybe it's true. Is it? I can't see a relationship between the two, but maybe it's true. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28235&t=28235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2 priority queues [7:28227]
It definitly works, but I've always been told to use 1 priority queue for voice, then CBQ the SNA and video and WFQ with WRED on the rest. They say voice is most important because it has the highest human perception, and humans will notice bad voice before bad video. Steve ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I can immediately think of one example. Let's say you have a T-1 access > link with multiple data types that include VoIP and video conferencing. > You want to make sure that VoIP traffic gets its own priority queue, so > let's say you give it 384k. You then want to give the video > conferencing traffic another priority queue because it's such a > high-visibility technology, so you allow it to use another 384k. > > This would leave roughly half of the link available for other data > types during periods of congestion while making sure your high priority > applications (pun intended) do not drop packets and have the lowest > latency possible on that link. > > I will be attempting exactly this sometime next year when we roll out > VoIP to a branch that already has video conferencing. To make matters > more interesting, this is on a frame relay link, not a point-to-point > link. Lotsa fun! > > I had heard, though, that only one priority statement was possible. > You're saying that you successfully used two? That's good news for me, > I was starting to get worried. I'd be interested to find out if it > truly behaved as expected when experiencing congestion. If you test > this out, please let us know what you find. > > Regards, > John > > >>> "VoIP Guy" 12/5/01 1:51:13 PM >>> > Has anyone ever seen 2 priority queue's in LLQ? What would be the > reason > and how would those 2 get serviced? Round Robin? FIFO? It does work > beucasue I just saw it on a config and tried it myself, but can't > figure out > why they did it. > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28234&t=28227 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: AS2511 Configuration [7:28152]
Thanks Mikes Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28232&t=28152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can Pix support Email spamming [7:28163]
Yes, people using my mail server to spam other people or sending bulk or continuous messages to my outlook clients. fahim ""fahim"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group, > I have a exchange server residing on the inside interface, How can i protect > spamming on pix. Does pix protect email spamming, I know that there is a > command in Cisco IOS firewall feature set its > ip audit smtp spam.. but to what extent it protects. any inputs, I have > searched cisco.com, there is no page giving me the answer. > thanks > fahim > ccna, ccda, css1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28233&t=28163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
12/5/2001 5:20pm Wednesday IT IS A THING OF BEAUTY Easy E, Did you see this ? Richard // ""Sasa Milic"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > StarWars episode IV in text mode: > > telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28231&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
Pretty cool Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28230&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2 priority queues [7:28227]
I can immediately think of one example. Let's say you have a T-1 access link with multiple data types that include VoIP and video conferencing. You want to make sure that VoIP traffic gets its own priority queue, so let's say you give it 384k. You then want to give the video conferencing traffic another priority queue because it's such a high-visibility technology, so you allow it to use another 384k. This would leave roughly half of the link available for other data types during periods of congestion while making sure your high priority applications (pun intended) do not drop packets and have the lowest latency possible on that link. I will be attempting exactly this sometime next year when we roll out VoIP to a branch that already has video conferencing. To make matters more interesting, this is on a frame relay link, not a point-to-point link. Lotsa fun! I had heard, though, that only one priority statement was possible. You're saying that you successfully used two? That's good news for me, I was starting to get worried. I'd be interested to find out if it truly behaved as expected when experiencing congestion. If you test this out, please let us know what you find. Regards, John >>> "VoIP Guy" 12/5/01 1:51:13 PM >>> Has anyone ever seen 2 priority queue's in LLQ? What would be the reason and how would those 2 get serviced? Round Robin? FIFO? It does work beucasue I just saw it on a config and tried it myself, but can't figure out why they did it. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28229&t=28227 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: eigrp and isdn routing question? [7:28219]
I'm guessing you want EIGRP routing to occur over this link when it is up but you do not want to define EIGRP as interesting. Get rid of the passive and add something like: interface BRI0/0 dialer-group 1 ! access-list 101 deny eigrp any any access-list 101 permit ip any any ! dialer-list 1 protocol ip list 101 Dave Bob Perez wrote: > > Is ther a way that I can stop all eigrp traffic from passing on the ISDN > when it is down and then to pass when the ISDN comes up? I have an access > list that denies eigrp on the BRI and the interface is set as passive in the > eigrp config. But I am having routing problems when I lose my serial line > and the ISDN comes up. Nothing will route unless there is a hardcoded next > hop for an address "ip route ** ** *" I would like to somehow > pass eigrp info over the isdn when it comes up but not when it is down? Can > this be done. I also do not want to do redistribute static because of > default gateway issues. Thanks. -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28228&t=28219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2 priority queues [7:28227]
Has anyone ever seen 2 priority queue's in LLQ? What would be the reason and how would those 2 get serviced? Round Robin? FIFO? It does work beucasue I just saw it on a config and tried it myself, but can't figure out why they did it. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28227&t=28227 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
i personally like: router(config)# no route-flap -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 2:20 PM To: [EMAIL PROTECTED] Subject: Re: Completely OT: StarWars [7:28204] Yes and I found another helpful global command this morning Router(config)#service do as i think not as i type Dave Bill Carter wrote: > > I don't want anyone to break the NDA, but is this on the CCIE lab?? The > trick is, you would have to use > > service compress-config > > ip route 1.1.1.0 255.255.255.0 R2D2 > ip route 2.2.2.0 255.255.255.0 C3PO > > Router bgp 4 > neighbor 1.1.1.1 remote-as 5 > neighbor 1.1.1.1 ebgp-multihop GalaxyFarFarAway > > Router ospf 1 > redistribute static subnets subgalaxies > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Sasa Milic > Sent: Wednesday, December 05, 2001 11:51 AM > To: [EMAIL PROTECTED] > Subject: Completely OT: StarWars [7:28204] > > StarWars episode IV in text mode: > > telnet to towel.blinkenlights.nl -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28226&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Content Switches [7:28157]
As Howard would say, "What problem are you trying to solve?" Trunking (frame-tagging, whatever...) between these switches may not be in your best interest... The CSS does provide that functionality, but in my experience, it is buggy, and not worth implementing. You may want to consider changing the design to provide a better solution... You most certainly can use trunking (cisco-term) between a Catalyst and a non-Cisco switch by employing 802.1Q VLAN tagging, as opposed to ISL. On the CSS, the term trunking does not refer to frame tagging. Rather, it is in reference to port aggregation. I do not know if the CSS uses GVRP, but that is the mechanism that provides a similar function that a VTP domain does. There are also several other things to consider when doing this; if you are using ISL or 802.1Q, by default, there is a separate instance of STP running for each VLAN. There are 2 other modes of STP to consider as well, dependent on the code version, MISTP+, and PVST-MISTP mode. I am not familiar with the latter, but I am with the former. When dealing with the CSS, I believe it only supports one spanning tree for all the VLANs, so be aware of that when doing your planning. Matthew Crane wrote: >You final conclusion is correct, you cannot using VLAN tunks between a >catalyst & other Cisco switches. >CCB wrote: > >>I have a quick question about the Cisco 11000 series of content >>switches, >>does anyone know if the content switch is supposed to be able >>to trunk a >>link between the 11000 and a switch (5500,6500). The reason >>why I am asking >>is I have been working with a 11000 trying to setup a trunk >>link to provide >>our current VLAN's in the VTP domain to the content switch and >>I am unable >>to get the switch (Cat6509) to recognize the trunk link, when I >>do a "show >>trunk detail" on the switch it shows the port as trunking, but >>it does not >>recognize the trunk link. Both the Content Switch and the >>Cat6509 are set >>to use 802.1Q as the trunking type. I may be mislead but from >>everything I >>have tried I have come to the conclusion that the interface can >>only be >>trunked between two content switches and not a content switch >>to a L2/L3 >>switch. Any information would be helpful. >> >>Chris Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28225&t=28157 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
It's not on CCIE lab, it's on SWIE lab. It looks that you have to configure either: 1. line vty 0 4 terminal-type ansi or 2. line vty 0 4 terminal-type xterm I'm using xterm, working fine, but some people couldn't see it with vt100. Sasa Bill Carter wrote: > > I don't want anyone to break the NDA, but is this on the CCIE lab?? The > trick is, you would have to use > > service compress-config > > ip route 1.1.1.0 255.255.255.0 R2D2 > ip route 2.2.2.0 255.255.255.0 C3PO > > Router bgp 4 > neighbor 1.1.1.1 remote-as 5 > neighbor 1.1.1.1 ebgp-multihop GalaxyFarFarAway > > Router ospf 1 > redistribute static subnets subgalaxies > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Sasa Milic > Sent: Wednesday, December 05, 2001 11:51 AM > To: [EMAIL PROTECTED] > Subject: Completely OT: StarWars [7:28204] > > StarWars episode IV in text mode: > > telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28224&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
I mean I'm not a wary, star warrior, star gazer, sci fi aficionado, hell I don't know, I know I sometimes get cofnsued ;) Dave MADMAN wrote: > > I'm not in any way a trekky but was curious from all the questions. I > telneted to the site via teraterm and it, whatever it is, worked!!! > > Somebody has to much time... > > Dave > > DAGENHARDT Frank wrote: > > > > Is there a certain terminal setting you need to have? > > > > -Original Message- > > From: Sasa Milic [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, December 05, 2001 12:51 PM > > To: [EMAIL PROTECTED] > > Subject: Completely OT: StarWars [7:28204] > > > > StarWars episode IV in text mode: > > > > telnet to towel.blinkenlights.nl > -- > David Madland > Sr. Network Engineer > CCIE# 2016 > Qwest Communications Int. Inc. > [EMAIL PROTECTED] > 612-664-3367 > > "Emotion should reflect reason not guide it" -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28223&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: eigrp and isdn routing question? [7:28219]
If you deny EIGRP multicasts in the dialer-list it will prevent them from initiating a call or keeping the line up. They will be uninteresting. and will not cause the line to dial. Once the line is up, all packets are fair game regardless of whether or not they match the dialer-list. Any packet is passed over the ISDN circuit. The dialer-list only signifies what traffic is interesting and will force a call. I'm not sure if this is what you are looking for. In other words, neighbors would only be formed when the link was up due to some other traffic defined interesting by the dialer-list. No more interesting traffic and the link comes down, but EIGRP will not keep the circuit up or cause a call to be initiated.. You should probably look at the dialer-watch command for dial backup over EIGRP. I think dialer-watch might be just what the doctor ordered. -Original Message- From: Bob Perez [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 1:09 PM To: [EMAIL PROTECTED] Subject: eigrp and isdn routing question? [7:28219] Is ther a way that I can stop all eigrp traffic from passing on the ISDN when it is down and then to pass when the ISDN comes up? I have an access list that denies eigrp on the BRI and the interface is set as passive in the eigrp config. But I am having routing problems when I lose my serial line and the ISDN comes up. Nothing will route unless there is a hardcoded next hop for an address "ip route ** ** *" I would like to somehow pass eigrp info over the isdn when it comes up but not when it is down? Can this be done. I also do not want to do redistribute static because of default gateway issues. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28222&t=28219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
Yes and I found another helpful global command this morning Router(config)#service do as i think not as i type Dave Bill Carter wrote: > > I don't want anyone to break the NDA, but is this on the CCIE lab?? The > trick is, you would have to use > > service compress-config > > ip route 1.1.1.0 255.255.255.0 R2D2 > ip route 2.2.2.0 255.255.255.0 C3PO > > Router bgp 4 > neighbor 1.1.1.1 remote-as 5 > neighbor 1.1.1.1 ebgp-multihop GalaxyFarFarAway > > Router ospf 1 > redistribute static subnets subgalaxies > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Sasa Milic > Sent: Wednesday, December 05, 2001 11:51 AM > To: [EMAIL PROTECTED] > Subject: Completely OT: StarWars [7:28204] > > StarWars episode IV in text mode: > > telnet to towel.blinkenlights.nl -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28221&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Route Registries [7:28220]
>I am having a little trouble understanding route registries and their >operation, does anyone know of a link or book that explains this in plain >english? Thanks. > >Guy H. Lupi >NOC Engineer >Eureka GGN >39 Broadway, 19th Floor >NY, NY 10006 Start with www.radb.net. I do get into them in my WAN Survival Guide, but much more in my Building Service Provider Networks book coming out next year. Also look for the Using RPSL in Practice RFC. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28220&t=28220 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network simulator [7:27658]
I have never seen any commands in the IOS that can simulate an BRI ISDN switch. Please can you submit an example config, cisco URL or a command which can do this? Regards Thomas ""EA Louie"" schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Is there any router simulation software that I can configure to run in a > > Frame Relay and ISDN network ? > > cisco routers have the ability to simulate Frame Relay switches. The > archives are full of examples, but www.cisco.com also has the configurations > in a number of places. try searching for "frame relay switch" > > ISDN is a little different. There are a few different solutions. One > solution is a device that has 2 ISDN BRI ports. This is known as an ISDN > Simulator, or ISDN Emulator. These usually have S/T and U interfaces, and > the cost is typically $1500, less if you shop around. Others have had > success in using a PBX with ISDN interfaces. The 2600/3600 series cisco > routers running 12.1 code has the ability to simulate ISDN BRI switching - > note that this is a more expensive solution than the ISDN Simulator > solution. see > http://groups.google.com/groups?q=john+paul+morrison&hl=en&rnum=8&selm=0ZEk7 > .131740%24B37.2967002%40news1.rdc1.bc.home.com (watch the URL wrap) > > Depending on where you live, it may also be economical for you to just order > two ISDN lines for the time that you need to study ISDN. > > good luck in your studies > -e- > "That which does not kill us only makes us stronger" - Nietzsche > > > _ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28218&t=27658 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
eigrp and isdn routing question? [7:28219]
Is ther a way that I can stop all eigrp traffic from passing on the ISDN when it is down and then to pass when the ISDN comes up? I have an access list that denies eigrp on the BRI and the interface is set as passive in the eigrp config. But I am having routing problems when I lose my serial line and the ISDN comes up. Nothing will route unless there is a hardcoded next hop for an address "ip route ** ** *" I would like to somehow pass eigrp info over the isdn when it comes up but not when it is down? Can this be done. I also do not want to do redistribute static because of default gateway issues. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28219&t=28219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
I'm not in any way a trekky but was curious from all the questions. I telneted to the site via teraterm and it, whatever it is, worked!!! Somebody has to much time... Dave DAGENHARDT Frank wrote: > > Is there a certain terminal setting you need to have? > > -Original Message- > From: Sasa Milic [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 05, 2001 12:51 PM > To: [EMAIL PROTECTED] > Subject: Completely OT: StarWars [7:28204] > > StarWars episode IV in text mode: > > telnet to towel.blinkenlights.nl -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28217&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:Advise on Auction fraud [7:28004]
Insured by Smith & Wesson works for me :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28216&t=28004 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
And the fact that I spent the couple of moments reading that makes me have what? probably less brain cells.. *grin* -Original Message- From: Bill Carter [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 2:14 PM To: [EMAIL PROTECTED] Subject: RE: Completely OT: StarWars [7:28204] Someone has way ttoo mmuuucchhh iiimm ttt hhhnnddd sss. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sasa Milic Sent: Wednesday, December 05, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28215&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
I don't want anyone to break the NDA, but is this on the CCIE lab?? The trick is, you would have to use service compress-config ip route 1.1.1.0 255.255.255.0 R2D2 ip route 2.2.2.0 255.255.255.0 C3PO Router bgp 4 neighbor 1.1.1.1 remote-as 5 neighbor 1.1.1.1 ebgp-multihop GalaxyFarFarAway Router ospf 1 redistribute static subnets subgalaxies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sasa Milic Sent: Wednesday, December 05, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28214&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF inter-area routes calc (doyle and rfc 2328) [7:28198]
By Distance-vector he means that the router receiving Type3 LSA >From the ABR simply accepts this route advertisement by taking Into account only the cost ( i.e. distance) to this route and the direction (i.e.Vector via this ABR) to reach it, instead of running the SPF algorithm As it should being a "link-state" router. Recall that this is exactly RIP and IGRP's behaviour when it receives routing information from It's neighbor(s). HTH, Elmer Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28213&t=28198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
Someone has way ttoo mmuuucchhh iiimm ttt hhhnnddd sss. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sasa Milic Sent: Wednesday, December 05, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28212&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
Is there a certain terminal setting you need to have? -Original Message- From: Sasa Milic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 12:51 PM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28211&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
Worked fine with SecureCRT. -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 1:33 PM To: Lupi, Guy; [EMAIL PROTECTED] Subject: RE: Completely OT: StarWars [7:28204] Did you get it to work properly? I tried with telnet/putty/xterm and got a buncha gibberish maybe I'll try hyperterm. >>> "Lupi, Guy" 12/05/01 01:20PM >>> That's pretty cool, time consuming too I bet. -Original Message- From: Sasa Milic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 12:51 PM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28210&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
Did you get it to work properly? I tried with telnet/putty/xterm and got a buncha gibberish maybe I'll try hyperterm. >>> "Lupi, Guy" 12/05/01 01:20PM >>> That's pretty cool, time consuming too I bet. -Original Message- From: Sasa Milic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 12:51 PM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28208&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access-list [7:28188]
Ramesh, Access-lists are processed from the point of view of the router, "in" means "in my interface" and "out" means "out my interface", so it's the opposite of the way your viewing it. The PIX has a default behavior of allowing all packets from a higher security interface to a lower security interface and only allowing return traffic from a lower security interface to a higher security interface. You only need access-lists if you want to change this behavior, so the access-lists only need to be applied "in" on a higher security interface (to _block_ inside initiated traffic that would normally be allowed) or "in" on a lower security interface (to _allow_ outside initiated traffic that would normally be blocked). Routers have a default behavior of allowing all traffic, so you may need both "in" and "out" acls that you would not need on the PIX. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ramesh c Sent: Wednesday, December 05, 2001 7:02 AM To: [EMAIL PROTECTED] Subject: Access-list [7:28188] Folx, A)I got 2 networks connected by a router.I apply access-group for both in and out of the interface. Is my assumption correct? 1)The access list for "in" would be processed when the packet leaves that interface to diff network? 2)The access list for "out" would be processed when the packet arrives from different network? But in case of Pix..why there is only "in"? cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28209&t=28188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT:Advise on Auction fraud [7:28004]
You use a credit card, if so charge back time?? Bri - Original Message - From: To: Sent: Monday, December 03, 2001 11:24 AM Subject: OT:Advise on Auction fraud [7:28004] > Sorry for off topic > I recentley bcame the victim of the Auction fraud the guy took my $1000 for > 2621 router and now not replying for my emails and also I came to know that > thi s guy is a fraud and done similiar thing to at least 4 other people ,Now > what are the options I have to get my money back from him > > Thanks for all your advise > Kaamvi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28207&t=28004 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely OT: StarWars [7:28204]
That's pretty cool, time consuming too I bet. -Original Message- From: Sasa Milic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 12:51 PM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28206&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Completely OT: StarWars [7:28204]
StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28204&t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: AS2511 Configuration [7:28152]
I have a very good link on one of my pages.. All You wanted to know about Console ports: http://www.packetattack.com/1001_sub_page_6_5.html Here is a specific link about suns and console ports www.obsolyte.com/sunFAQ/serial/ MikeS www.packetattack.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28203&t=28152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Rbe: PRO and CONs [7:28202]
Dear all, i'm reading a document downloaded from CCO about router bridged encapsulation. It describes advantages and disadvantages of RBE. Ok for pro (configuration less CPE, support existing CPE, simple implemantation l3 ssg/ssd and so on). On the other hand, it's not clear for me the cons: 1)no cpe managment access 2)can not do unnumbered with DHCP today Can anybody help me? I didn't understand why I lose the CPE managment and DHCP. Thanks in advance, Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28202&t=28202 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telephone lines [7:28151]
John Tafasi wrote: > > Hi group, > > Can some one tell me how many twisted pair there are in a regular telephone > line. > > Thanks > > John Tafasi Assuming you are referring to the USA, although the analog phone or modem itself uses only one pair (usually the red and green wires) the actual wire bundle to each house is four (4) wires or two pair: one pair consisting of a green wire and a red wire, and a second pair consisting of a yellow wire and a black wire. Even on the cheap extension cords you buy in the store, there will be two pair of wires. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28201&t=28151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Telephone lines [7:28151]
Hi John, There is one pair of wires for a regular telephone(analog) and our digital phones only use one pair of wires also... Scott -Original Message- From: Mahesh [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 5:32 AM To: [EMAIL PROTECTED] Subject: Re: Telephone lines [7:28151] For digital it is two pair -- Mahesh Chandra Tata Internet Services Limited 213-A Okhla Industrial Estates Okhla Phase III New Delhi 110020 "John Tafasi" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group, > > Can some one tell me how many twisted pair there are in a regular telephone > line. > > > Thanks > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28200&t=28151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access-list [7:28188]
Hey Ramesh, You actually have those flipped. 1. access-list "in" bound would mean packets coming inbound from other networkto your network. 2. access-list "out" bound would mean packets going out your router interface outbound to another network About the PIX having only "in", don't know... Scott -Original Message- From: Ramesh c [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 7:02 AM To: [EMAIL PROTECTED] Subject: Access-list [7:28188] Folx, A)I got 2 networks connected by a router.I apply access-group for both in and out of the interface. Is my assumption correct? 1)The access list for "in" would be processed when the packet leaves that interface to diff network? 2)The access list for "out" would be processed when the packet arrives from different network? But in case of Pix..why there is only "in"? cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28199&t=28188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF inter-area routes calc (doyle and rfc 2328) [7:28198]
All, Can someone help shed some light on OSPF's inter-area route calculation? I have been reading Doyle's TCP/IP Volume 1. It's a great book. But I've stumbled across something that confuses me and I'm hoping someone can help. This email is kind of long, but that's because I've included snips from Doyle's book as well as RFC 2328. I thought I had a good grasp on OSPF. I understand the 2 level concept of the Areas, router types, network types, DR/BDR, etc.., but then Doyle threw me for a loop. He explains OSPF in Chapter 9. Chapter 10 is about IS-IS. As Doyle begins explaining IS-IS he makes the following statement: "Recall from Chapter 9, that OSPF runs its SPF algorithm to compute routes within an area, but that inter-area routes are computed using a distance vector algorithm." I do not understand this statement. I've reviewed Chapter 9 again and can't find where he explains that inter-area routes are computed using a distance-vector algorithm. Below are the snips from the RFC. RFC 2328 Section 3.2 "Inter-area routing". Here, John Moy and group explain: "When routing a packet between two non-backbone areas the backbone is used. The path the packet will travel can be broken up into three contiguous pieces: an intra-area path from source to an area border router, a backbone path between the source and destination areas, and then another intra-area path to the destination. The algorithm finds the set of such paths that have the smallest cost. Looking at this another way, inter-area routing can be pictured as forcing a star configuration on the Autonomous System, with the backbone as hub and each of the non-backbone areas as spokes." Further, Section 4.1 "Inter-area routing" explains: "For inter-area routing, no other routing information is pertinent. In order to be able to route to destinations outside of the area, the area border routers inject additional routing information into the area. This additional information is a distillation of the rest of the Autonomous System's topology. This distillation is accomplished as follows: Each area border router is by definition connected to the backbone. Each area border router summarizes the topology of its attached non-backbone areas for transmission on the backbone, and hence to all other area border routers. An area border router then has complete topological information concerning the backbone, and the area summaries from each of the other area border routers. From this information, the router calculates paths to all inter-area destinations. The router then advertises these paths into it's attached areas. This enables the area's internal routers to pick the best exit router when forwarding traffic to inter-area destinations". And finally, Section 16.2 "Calculating the inter-area routes" The inter-area routes are calculated by examining summary-LSAs. If the router has active attachments to multiple areas, only backbone summary-LSAs are examined. Routers attached to a single area examine that area's summary-LSAs. In either case, the summary-LSAs examined below are all part of a single area's link state database (call it Area A).Summary-LSAs are originated by the area border routers. Each summary-LSA in Area A is considered in turn. Remember that the destination described by a summary-LSA is either a network (Type 3 summary-LSAs) or an AS boundary router (Type 4 summary-LSAs). For each summary-LSA: (1) If the cost specified by the LSA is LSInfinity, or if the LSA's LS age is equal to MaxAge, then examine the the next LSA. (2) If the LSA was originated by the calculating router itself, examine the next LSA. (3) If it is a Type 3 summary-LSA, and the collection of destinations described by the summary-LSA equals one of the router's configured area address ranges (see Section 3.5), and the particular area address range is active, then the summary-LSA should be ignored. "Active" means that there are one or more reachable (by intra-area paths) networks contained in the area range. (4) Else, call the destination described by the LSA N (for Type 3 summary-LSAs, N's address is obtained by masking the LSA's Link State ID with the network/subnet mask contained in the body of the LSA), and the area border originating the LSA BR. Look up the routing table entry for BR having Area A as its associated area. If no such entry exists for router BR (i.e., BR is unreachable in Area A), do nothing with this LSA and consider the next in the list. Else, this LSA describes an inter-area path to destination N, whose cost is the distance to BR plus the cost specified in the LSA. Call the cost of this inter-area path IAC. (5) Next, look up the routing table entry for the destination N. (If N is an AS boundary router, look up the "router" routing table entry associated with Area A). If no entry exists for N or if the entry's path type is "type 1 external" or "type 2 external", then install the inter-area path to N, with associated area Area A, cost IAC, next hop equal to the list
RE: Lab Attempt #2 - no go :-< [7:28142]
Chuck, Thanks for the feedback. I appreciate your knowledge and the informative posts. As someone else posted, it's all about learning. I am prepping for my Written and it's great to have a format to follow. I only hope that the lab's purpose is to prove CCIE level knowledge to be useful and applicable to real-world networking. Good luck on the next one sir. Chris -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 8:35 PM To: [EMAIL PROTECTED] Subject: Lab Attempt #2 - no go :-< [7:28142] I wish I could say it took so long to get my results back because my excruciatingly sophisticated solutions to the problems presented required detailed and intimate analysis. Alas, that was not the case. For those ninnies who complain that the one day lab devalues the process, all I can say is WRONG! The lab I saw was far more difficult than I remember from my previous attempt, and my previous attempt was NOT easy. In my first attempt, I did not see anything I couldn't do. This time, although FAR better prepared, I saw LOTS of things I couldn't do. IMHO, the one day format, with the elimination of the monkey tasks, allows Cisco to demand a lot more. The 26 points previously allocated to terminal server setup, cabling, and troubleshooting all go someplace. WOW! The places they went! Previous topics that were glossed over appeared in depth. Cisco continues to up the ante, and not always in ways one might expect. Some things I wouldn't have expected were there in spades. Probably THE major factor continues to be reachability. If you don't understand the implications of the given network topology, and given interactions, you will be screwed. The topology presented was interesting. Amazing what one can do on a six router / two switch pod to wreak havoc and let you know what an idiot you are. Devious doesn't begin to describe it. Bootcamp and IPExpert - it ain't the number of routers, boys! The e-mail feedback is amusing, but not particularly informative. I failed with a score greater than 20, meaning I can go back in 30 days for more humiliation, if I so desire. the breakdown percentages ( not scores ) would be of more interest if I were sitting with the proctor discussing the whys and the expectations. Otherwise it does me no god at all. for example, I solved a particular problem doing something a particular way. It worked just fine in terms of the results. Yet on that section I scored very poorly. What were they looking for? Fat fingers are still the major enemy for me, at least. It's no fun fat fingering on a Cat 5K. Not by any means. It also helps to be certain layer two stuff is done correctly. Well, debriefing will be fun. I have the topology duplicated in my home lab, and I will "enjoy" analyzing the problems I saw in the real lab. No you can't telnet in to look. DON'T ASK! In terms of seating, it appears to me that there are now more racks in the lab, in San Jose, anyway. Half the seats are taken by those testing. The other half seem to be those used the previous day. the proctors crank through the idle racks, grading the previous day's results. One last thing. I know what CCO says, and I know what IOS I saw on my rack. Rats. The advertised IOS would have gone a long way towards eliminating a particular problem I had. Not complaining, because any CCIE should have been able to solve the particular puzzle no matter what the IOS involved. Just observing that some things are still in the process of change. The proctors are still the good folks I remember from last time. Too bad we are not given the opportunity for more interaction afterwards. I would really have enjoyed discussing my results. Whelp, another time. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28197&t=28142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi Do you guys open all attachments sent to you! [7:28196]
God hasn't anyone learned from all the other freaking virus's sent as attachments? These people must open every freaking attachment sent to them without even caring what the hell it is or who sent it. Come on people WAKE UP! When is the last time someone sent something usefull to you that ended in .scr? How about .exe? Don - Original Message - From: "Malone, Kyle" To: Sent: Wednesday, December 05, 2001 6:44 AM Subject: Hi [7:28172] > How are you ? > When I saw this screen saver, I immediately thought about you > I am in a harry, I promise you will love it! > > > > [GroupStudy.com removed an attachment of type application/octet-stream which > had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28196&t=28196 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS firewall [7:28170]
I think it's OK to let the VPN traffic in on the serial interface through the access-list. I haven't been able to get it to wok any other way. ""Mark Odette II"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Just a small note on your #3 question: > While reading up on implementing VPN Tunnels terminated between two Cisco > routers, I came across a blurb from the CCO site stating that Cisco is > recommending you choose IPSEC for VPN tunnels, as they are moving away from > (it's already deemed obsolete) CET based VPNs. I can't remember if they > stated that the were even going to REMOVE CET from the IOS after a certain > version, but it's possible. > > I'd go into answering your first two questions, but I just did an > all-nighter on a VoIP with VPN Tunnels trial, and am way too tired to > collect the words needed to answer :) > > Just remember - IPSEC is the standard, so it probably would be wise (for the > future) to implement it, rather than a vendor proprietary solution. > > Mark Odette II > StellarConnection Services > CCNA, 3/4 CCNP, etc., etc. > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Ramesh c > Sent: Wednesday, December 05, 2001 5:06 AM > To: [EMAIL PROTECTED] > Subject: IOS firewall [7:28170] > > > Hi folx, > > I got a lease line connected to private network and ethernet port connected > to Internet.The router is configured as IOS firewall.I am planning to do a > VPN to another office. > > 1)Can I turn off CBAC and just use the access-list for security purpose? > 2)As default Outside cannot reach inside,if i just create an access-list to > allow packets from VPN to reach inside..is it safe? > > 3)Since its cisco devices..which VPN is good CET or IPSEC? > > Cheers > Ramesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28195&t=28170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Command Lookup Tool [7:28135]
I thought I'd share this useful CCO URL as well: The ABCs of Cisco IOS. Software http://www.cisco.com/warp/public/732/abc/ Have a great day ! Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Lisa Sent: Tuesday, December 04, 2001 11:48 PM To: [EMAIL PROTECTED] Subject: Re: Command Lookup Tool [7:28135] Thanks John, I'll pass it along to my students. Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco Regional Networking Academy John Neiberger wrote: > I thought I'd pass this along for those of you who haven't seen it yet. > I just ran across it and I think I'll be using it often. > > http://www.cisco.com/support/Cmdlookup/ios-search.html > > Regards, > John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28194&t=28135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CPA 25xx Upgrade Tool [7:28018]
On Apr 25, 11:25am, "Circusnuts" wrote: } } http: //www.cisco.com/cgi-bin/Software/Tablebuild/tablebuild.pl/rsl } } Man-o-man !!! It took me a while to track this down this afternoon. If you } upgrading a CPA router, you'll need this piece of software. I don't think it is particularly hard to find. However, you need download privileges to get it. The other way to get it is to buy CD25-C-12.0= (i.e. 2500 IP feature pack). The problem there is that most distributors don't seem to be stocking 2500 stuff anymore (my main distributor has one 2514 and that's it). I've had the 2500 IOS on back order for more then a month now with no sign of it. I sure wish it would show up so I could upgrade my CPA2509 (I've already upgraded the ROMs). }-- End of excerpt from "Circusnuts" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28193&t=28018 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hi [7:28185]
Watch out! This is a virus! Hugo > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Madalina Ana > Sent: quarta-feira, 5 de Dezembro de 2001 14:26 > To: [EMAIL PROTECTED] > Subject: Hi [7:28185] > > > How are you ? > When I saw this screen saver, I immediately thought about you > I am in a harry, I promise you will love it! > > [GroupStudy.com removed an attachment of type > application/octet-stream which > had a name of gone.scr] > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28192&t=28185 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS firewall [7:28170]
Just a small note on your #3 question: While reading up on implementing VPN Tunnels terminated between two Cisco routers, I came across a blurb from the CCO site stating that Cisco is recommending you choose IPSEC for VPN tunnels, as they are moving away from (it's already deemed obsolete) CET based VPNs. I can't remember if they stated that the were even going to REMOVE CET from the IOS after a certain version, but it's possible. I'd go into answering your first two questions, but I just did an all-nighter on a VoIP with VPN Tunnels trial, and am way too tired to collect the words needed to answer :) Just remember - IPSEC is the standard, so it probably would be wise (for the future) to implement it, rather than a vendor proprietary solution. Mark Odette II StellarConnection Services CCNA, 3/4 CCNP, etc., etc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ramesh c Sent: Wednesday, December 05, 2001 5:06 AM To: [EMAIL PROTECTED] Subject: IOS firewall [7:28170] Hi folx, I got a lease line connected to private network and ethernet port connected to Internet.The router is configured as IOS firewall.I am planning to do a VPN to another office. 1)Can I turn off CBAC and just use the access-list for security purpose? 2)As default Outside cannot reach inside,if i just create an access-list to allow packets from VPN to reach inside..is it safe? 3)Since its cisco devices..which VPN is good CET or IPSEC? Cheers Ramesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28191&t=28170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Channelized E1 termination from MUX [7:28178]
Verify Framing, Line Code, and Clock Source parameters with Telco, as it looks like you have a mis-match on those settings. Loss of Frames indicates that your Framing or Line code parameters don't match what the telco has set on their end, but it also might just be the Clock Source parameter being incorrectly set. Let us know if that fixes your problem. Mark Odette II StellarConnection Services CCNA, 3/4 CCNP, etc., etc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vijendra Jaiswal Sent: Wednesday, December 05, 2001 6:55 AM To: [EMAIL PROTECTED] Subject: Channelized E1 terminatin from MUX [7:28178] Hello , We are using channelized E1 on a PRI card of cisco3600 , for multiple 64K ckts coming from a MUX which is placed at the TELCO . 1) Is it possible to get a loop on the channelized PRI controller( show controller e1) by giving a 4 wire physical loop ? I did not get the loop on the E1 controller of cisco router , by giving a four wire loop or by taking a loop from TELCO . Loop is ok if tested on BERT meter . 2) All connectivity/media is ok but the TELCO person observes an alarm on the MUX when the channelized E1 is terminated at the Cisco PRI card on a 3600 router. 3) The o/p of the controller is given below : show controllers e1 1/0 E1 1/0 is down. Applique type is Channelized E1 - balanced Transmitter is sending remote alarm. Receiver has loss of signal. alarm-trigger is not set Framing is NO-CRC4, Line Code is HDB3, Clock Source is Internal. Data in current interval (29 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 29 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 29 Unavail Secs Data in Interval 1: 1 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 827 Fr Loss Secs, 1 Line Err Secs, 0 Degraded Mins ... If anyone knows how to resolve this pls help me out. Thanks & Regards, Vijendra. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28190&t=28178 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Access-list [7:28188]
Folx, A)I got 2 networks connected by a router.I apply access-group for both in and out of the interface. Is my assumption correct? 1)The access list for "in" would be processed when the packet leaves that interface to diff network? 2)The access list for "out" would be processed when the packet arrives from different network? But in case of Pix..why there is only "in"? cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28188&t=28188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re[6]: VPN is a Backdoor !!! [7:27725]
Right, but this again assumes that the user is not going to do something silly like, oh, use their own ISP some of the time because you are blocking and/or logging all the "interesting" sites on the Internet they want to use. They connect through a local ISP, go to the chat rooms, get some new software and presto, their machine has a nasty virus/worm/trojan. That nicely designed, expensive VPN cannot stop this. I understand perfectly that there are VPN technologies that can pretty sucessfully ensure that an uncompromised machine stays uncompromised, _just as long as the user does what they are supposed to do_. (i.e. only connect to the Internet through the methods you have setup) However, I say again the problem is that users behave in silly, erratic and unsafe ways and this is the problem that VPN's cannot solve in and of themselves. You can mitigate this through policies, procedures and various lockdown mechanisms on the machines used to access your VPN, but the issue is still going to be there. (what one person designs, another person can circumvent) Securing the endpoints is difficult because of the humans that use them. Getting the VPN built is the easy part. Getting humans to use it "correctly" is where the problems arise. -Kent -Original Message- From: SentinuS [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 05, 2001 1:44 AM To: Kent Hundley Cc: [EMAIL PROTECTED] Subject: Re[6]: VPN is a Backdoor !!! [7:27725] I try to explain what I mean : You have a mobile user who uses your VPN. You have an L2TP or Layer 3 transport agreement some of the ISPs (exp : AT&T) Now if your user call ISP which has an agreement with you, this user transported to you. And you authenticate again (if you want) than give him/her an IP. At this point they don't have any internet connection. After authenticate (or not) your mobile user, you give some restrictions to their. ( they can use some of your servers or not; they can access internet via you or not, etc.) Now if you give them "internet connection access permit", they have to access internet over your main gateway. This mean; if any hacker want to put Backdoor ob your mobile users via the internet, they must bypass your main gateway. If they can bypass your main gateway, there is another problem, but this is not a VPN problem. Monday, December 03, 2001, 8:29:59 PM, you wrote: KH> Not sure what you mean by this. The VPN technology used is irrelevant. If KH> I have a home user who uses their laptop to access the Internet, there are KH> various ways that machine could become compromised. If that user then KH> attaches to the VPN, I have a machine on my VPN that is compromised. It KH> doesn't matter what the method of VPN is (L2TP with IPsec, PPTP, etc), it's KH> not going to keep a compromised machine from continuing to be compromised. KH> All the VPN can do is keep a non-compromised machine from becoming KH> compromised through the VPN. If the machine is compromised before it KH> connects to the VPN, no amount of VPN technology is going to help. KH> This issue is not solvable through VPN technology because it isn't a VPN KH> problem. It's an end-station access control problem. At the end of the KH> day, if your users are allowed to completely control their own machines, the KH> liklihood that someones machine will be compromised approaches 1.0. (in KH> other words, certainty) This risk can be mitigated through various software KH> and poliices, but it cannot be eliminated. KH> -Kent --- cut here --- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28187&t=27725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Where Can I download GATED 9.0 for testing BGP [7:27496]
See also http://www.nexthop.com/ HTH Dom Stocqueler "jnemeth@vict oria.tc.ca To: [EMAIL PROTECTED] (John cc: Nemeth)" Subject: Re: Where Can I download GATED 9.0 for testing BGP [7:27496] Gated is embedded in all Unix platforms. } } Are you sure? RouteD, yes. I've always thought I had to install GateD. You're right, GateD is commercial software, although there is an academic licence available. See http://www.gated.org/ for more information. }-- End of excerpt from "Howard C. Berkowitz" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28189&t=27496 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
New Layer 2 framing protocol: IP via USB? [7:28186]
Hello, Does anyone have more info on the framing standards or protocols when you pass IP traffic via USB interfaces as in Direct Cable Connection (DCC)? Many cable and DSL modems are now equipped with USB to PC networking capability And I can't seem to find anything on CCO that discusses this in detail like framing with Well known router/switch interfaces. Thanks for your input. Elmer Deloso Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28186&t=28186 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28185]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28185&t=28185 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Where Can I download GATED 9.0 for testing BGP [7:27496]
On Apr 19, 8:39am, "Howard C. Berkowitz" wrote: } } > Gated is embedded in all Unix platforms. } } Are you sure? RouteD, yes. I've always thought I had to install GateD. You're right, GateD is commercial software, although there is an academic licence available. See http://www.gated.org/ for more information. }-- End of excerpt from "Howard C. Berkowitz" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28184&t=27496 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re[6]: VPN is a Backdoor !!! [7:27725]
While that scenario might be possible, very few laptops out there *never* connect to the internet. And if they have connected once, then they risk being hacked. What's worse is if they have dsl or cable connected directly to their laptop with no router or firewall between them and the internet. all is takes is *ONE* machine with BO on it to wreak havoc on a network! -Patrick >>> "SentinuS" 12/05/01 04:42AM >>> I try to explain what I mean : You have a mobile user who uses your VPN. You have an L2TP or Layer 3 transport agreement some of the ISPs (exp : AT&T) Now if your user call ISP which has an agreement with you, this user transported to you. And you authenticate again (if you want) than give him/her an IP. At this point they don't have any internet connection. After authenticate (or not) your mobile user, you give some restrictions to their. ( they can use some of your servers or not; they can access internet via you or not, etc.) Now if you give them "internet connection access permit", they have to access internet over your main gateway. This mean; if any hacker want to put Backdoor ob your mobile users via the internet, they must bypass your main gateway. If they can bypass your main gateway, there is another problem, but this is not a VPN problem. Monday, December 03, 2001, 8:29:59 PM, you wrote: KH> Not sure what you mean by this. The VPN technology used is irrelevant. If KH> I have a home user who uses their laptop to access the Internet, there are KH> various ways that machine could become compromised. If that user then KH> attaches to the VPN, I have a machine on my VPN that is compromised. It KH> doesn't matter what the method of VPN is (L2TP with IPsec, PPTP, etc), it's KH> not going to keep a compromised machine from continuing to be compromised. KH> All the VPN can do is keep a non-compromised machine from becoming KH> compromised through the VPN. If the machine is compromised before it KH> connects to the VPN, no amount of VPN technology is going to help. KH> This issue is not solvable through VPN technology because it isn't a VPN KH> problem. It's an end-station access control problem. At the end of the KH> day, if your users are allowed to completely control their own machines, the KH> liklihood that someones machine will be compromised approaches 1.0. (in KH> other words, certainty) This risk can be mitigated through various software KH> and poliices, but it cannot be eliminated. KH> -Kent --- cut here --- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28183&t=27725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can Pix support Email spamming [7:28163]
Do you mean inbound spam from other smtp relays? Or people using your server to spam other people? >>> "fahim" 12/05/01 02:00AM >>> Hi group, I have a exchange server residing on the inside interface, How can i protect spamming on pix. Does pix protect email spamming, I know that there is a command in Cisco IOS firewall feature set its ip audit smtp spam.. but to what extent it protects. any inputs, I have searched cisco.com, there is no page giving me the answer. thanks fahim ccna, ccda, css1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28182&t=28163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Content Switches [7:28157]
You final conclusion is correct, you cannot using VLAN tunks between a catalyst & other Cisco switches. CCB wrote: > > I have a quick question about the Cisco 11000 series of content > switches, > does anyone know if the content switch is supposed to be able > to trunk a > link between the 11000 and a switch (5500,6500). The reason > why I am asking > is I have been working with a 11000 trying to setup a trunk > link to provide > our current VLAN's in the VTP domain to the content switch and > I am unable > to get the switch (Cat6509) to recognize the trunk link, when I > do a "show > trunk detail" on the switch it shows the port as trunking, but > it does not > recognize the trunk link. Both the Content Switch and the > Cat6509 are set > to use 802.1Q as the trunking type. I may be mislead but from > everything I > have tried I have come to the conclusion that the interface can > only be > trunked between two content switches and not a content switch > to a L2/L3 > switch. Any information would be helpful. > > Chris > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28181&t=28157 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telephone lines [7:28151]
For digital it is two pair -- Mahesh Chandra Tata Internet Services Limited 213-A Okhla Industrial Estates Okhla Phase III New Delhi 110020 "John Tafasi" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group, > > Can some one tell me how many twisted pair there are in a regular telephone > line. > > > Thanks > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28180&t=28151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: The Scoop on PIX? [7:26607]
On Apr 10, 6:23am, "trammer" wrote: I meant to respond to this awhile ago... } If you feel that the firewall aspect of your network does not require the } horsepower, functionality, failover, expansion, etc. of a dedicated purpose } box such as the PIX, then a regular router (2600, 3600, etc.) running the } IOS firewall code may be the correct step. You can get a PIX 501 starting at about $800 CDN retail. Whereas, the IP/Firewall Plus IPSEC feature pack for the 2600 is going to set you back about $2300 CDN retail. That's a huge difference. Heck for that kind of money, you could almost get into a 506 (about $2650 CDN retail). When you look at the cost, it doesn't seem to make sense to use a router as a firewall, unless there is a huge requirement to save space or use fewer devices. } Ultimately you may refer to the term "you get what you pay for". I'm not even sure about that. }-- End of excerpt from "trammer" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28179&t=26607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Channelized E1 terminatin from MUX [7:28178]
Hello , We are using channelized E1 on a PRI card of cisco3600 , for multiple 64K ckts coming from a MUX which is placed at the TELCO . 1) Is it possible to get a loop on the channelized PRI controller( show controller e1) by giving a 4 wire physical loop ? I did not get the loop on the E1 controller of cisco router , by giving a four wire loop or by taking a loop from TELCO . Loop is ok if tested on BERT meter . 2) All connectivity/media is ok but the TELCO person observes an alarm on the MUX when the channelized E1 is terminated at the Cisco PRI card on a 3600 router. 3) The o/p of the controller is given below : show controllers e1 1/0 E1 1/0 is down. Applique type is Channelized E1 - balanced Transmitter is sending remote alarm. Receiver has loss of signal. alarm-trigger is not set Framing is NO-CRC4, Line Code is HDB3, Clock Source is Internal. Data in current interval (29 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 29 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 29 Unavail Secs Data in Interval 1: 1 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 827 Fr Loss Secs, 1 Line Err Secs, 0 Degraded Mins ... If anyone knows how to resolve this pls help me out. Thanks & Regards, Vijendra. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28178&t=28178 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28176]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28176&t=28176 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28177]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28177&t=28177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28173]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28173&t=28173 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28174]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28174&t=28174 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28172]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28172&t=28172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi [7:28175]
How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it! [GroupStudy.com removed an attachment of type application/octet-stream which had a name of gone.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28175&t=28175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Macro [7:28171]
Does anyone know how to script the reverse telnet Ctl+Shift+6 x key sequence using Teraterm? My current script (below), types the x but does not seem to execute the Ctl+Shift+6. OR maybe something is happening after the Ctl+Shift+6 is sent and before the line "sendkcode 45 1" is issued. I don't know... sendkcode 1543 1 sendkcode 45 1 Thanks Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28171&t=28171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS firewall [7:28170]
Hi folx, I got a lease line connected to private network and ethernet port connected to Internet.The router is configured as IOS firewall.I am planning to do a VPN to another office. 1)Can I turn off CBAC and just use the access-list for security purpose? 2)As default Outside cannot reach inside,if i just create an access-list to allow packets from VPN to reach inside..is it safe? 3)Since its cisco devices..which VPN is good CET or IPSEC? Cheers Ramesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28170&t=28170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Reedley in the news [7:28169]
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28169&t=28169 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Win2K Browsing Problem [7:28074]
support.microsoft.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28168&t=28074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Nethealth impact on Network [7:28167]
Hi all, I'm currenting deploying a few management tools onto our network. The problem is i'm worried about the kind of impact this will have on the network performance. Current tool already installed is HP Node Manager. I'm now configuring Nethealth and will have Cisco works and Vantagepoint deployed soon. I know some people might be wondering why have all these, but i would only like advise from someone who has deployed these tools and what problems if any(on the network performance) did he/she face. So far i have had problems on Router CPU utilization going high, don't want to make it worse. Yr help will be highly appreciated regards MMK Nokia 5510 looks weird sounds great. Go to http://uk.promotions.yahoo.com/nokia/ discover and win it! The competition ends 16 th of December 2001. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28167&t=28167 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re[6]: VPN is a Backdoor !!! [7:27725]
I try to explain what I mean : You have a mobile user who uses your VPN. You have an L2TP or Layer 3 transport agreement some of the ISPs (exp : AT&T) Now if your user call ISP which has an agreement with you, this user transported to you. And you authenticate again (if you want) than give him/her an IP. At this point they don't have any internet connection. After authenticate (or not) your mobile user, you give some restrictions to their. ( they can use some of your servers or not; they can access internet via you or not, etc.) Now if you give them "internet connection access permit", they have to access internet over your main gateway. This mean; if any hacker want to put Backdoor ob your mobile users via the internet, they must bypass your main gateway. If they can bypass your main gateway, there is another problem, but this is not a VPN problem. Monday, December 03, 2001, 8:29:59 PM, you wrote: KH> Not sure what you mean by this. The VPN technology used is irrelevant. If KH> I have a home user who uses their laptop to access the Internet, there are KH> various ways that machine could become compromised. If that user then KH> attaches to the VPN, I have a machine on my VPN that is compromised. It KH> doesn't matter what the method of VPN is (L2TP with IPsec, PPTP, etc), it's KH> not going to keep a compromised machine from continuing to be compromised. KH> All the VPN can do is keep a non-compromised machine from becoming KH> compromised through the VPN. If the machine is compromised before it KH> connects to the VPN, no amount of VPN technology is going to help. KH> This issue is not solvable through VPN technology because it isn't a VPN KH> problem. It's an end-station access control problem. At the end of the KH> day, if your users are allowed to completely control their own machines, the KH> liklihood that someones machine will be compromised approaches 1.0. (in KH> other words, certainty) This risk can be mitigated through various software KH> and poliices, but it cannot be eliminated. KH> -Kent --- cut here --- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28166&t=27725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Workbook: ccprep.com [7:28165]
Did anyone try the ccprep.com CCIE Lab preparation workbook ? Please help to comment on the workbook. I am planning to buy it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28165&t=28165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
