RE: FW: Spanning tree Protocols Questions [7:36565]
Hi, Hope this helps, Q1: Your statement is correct. A port must still listen to BPDUs in order to detect topology changes. Q2: According to Cisco books, blocked, listening, learning, and forwarding are valid STP stages. I haven't seen a book not list blocking. If you have one handy, let me know. Q3: I interpret BPDUs as a generic term to represent Topology and Configuration BPDUs. Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36615t=36565 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TWO ISP AND ONE FAILURE [7:36371]
Hi I tried some time ago to find an IOS with BGP feature, but to no avail. I couldn't find an IOS for the 1000 series which supports BGP. If you find one, let me know. Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hire, Ejay Sent: 26 February 2002 15:35 To: [EMAIL PROTECTED] Subject: RE: TWO ISP AND ONE FAILURE [7:36371] You'll have to coordinate with your ISP's if you want to run BGP. To enable the feature on the 1000's, you have to upgrade to an IP Plus IOS. -Ejay -Original Message- From: Yassel Omar Izquierdo Souchay [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 12:13 AM To: [EMAIL PROTECTED] Subject: Re: TWO ISP AND ONE FAILURE [7:36371] Hey guys The toplogy is this: ISP (65)(ISP 169) [R1] [R2] || || \--/ | [HOST] IP:169... IP: 65. The server have two IPs And i thnik tha with BGP i got the solution but is the combitanion of both protocol HSRP and BGP. So i'm goig to telle you something more intersting. The router are Ciscos 1000 series so coulden't find the way to configure the BGP, becasue it say that don't know BGP protocol. Thanx a lot to all of the member of this list interested in help. Sincerily Yassel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36616t=36371 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
...ISP MANAGEMENT APPLICATION (IP address space etc...) [7:36617]
Hallo, Question especialy for ISP's : I am interested in an application with which I can manage the ISP customers, network devices, IP address space, and implement service level groups. Exp: 1. for a site (device): location info, interfaces info (like addresses), other info 2. for a customer: details(location,contacts), interfaces info (IP), other info 3. service level groups: group customers based on different criteria (like VPN between them) 4. management of IP address space: group IP classes based on location criteria (like in a tree). Something to look like EasyIP. Also multiuser, and with a nonpropietary database behind (so to integrate it with other applications). Maybe it's an utopia-application. Anyone has any ideea? Any help very appreciated Chris, mcse, ccna bla bla Vrei sa pleci la munte??? Cum? Simplu! Inscrie-te acum la http://www.romance.ro si CASTIGA un weekend la munte pentru tine si perechea ta! E gratis, si in plus te poti distra de milioane! --- http://www.click.ro - unul dintre cele mai mari portaluri romanesti, mail gratuit. http://www.webmania.ro - FREE hosting. http://www.funmanaia.ro - bancuri, poze si filme haioase. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36617t=36617 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISP discussion groups/lists [7:36618]
Any ideea where I can find a discussion group/list for ISPs ? Thanks! Cos Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36618t=36618 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Monitoring Cisco Router through MRTG [7:36598]
Everything. Try a tool called getif to find out the SNMP OID's for ur device. Do not forget to scan the device using SNMPv2. Regds -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ziyad Sent: Wednesday, February 27, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Monitoring Cisco Router through MRTG [7:36598] Hi All Can anyone tell me if I can use MRTG for monitoring CRC errors or broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU Utilization ...What are other things in a Ciso Router that can be meausured through MRTG. Ziyaad _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36619t=36598 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VoIP problem [7:36396]
Mark thanks for the post, yep both are identical, I've already decoded the error and it tells me to contact Cisco, which I've done. Cheers Mark Odette II wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Pat- Question: Are both ends identical in Hardware and/or Software?? More importantly, Are both routers running the same version of IOS? I've seen something very similar to this, and it wound up being a compound problem of buggy version of IOS and a mixture of versions from end to end. If you can, you might think about rolling back a little on the version of IOS, to say, 12.2.1, or something like that but verify it won't break some other feature you're depending on first. Another wise action would be to go onto CCO and check their BugTraq to see if they have any known issues with 12.2.4T. Also, here's a tool that might help with the error message: Error message Decoder Ring! It requires CCO access. http://www.cisco.com/cgi-bin/Support/Errordecoder/home.pl Hope this helps! Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Donlon Sent: Monday, February 25, 2002 11:35 AM To: [EMAIL PROTECTED] Subject: VoIP problem [7:36396] Hi all I've a problem with a voice router I'm getting DSP timeout errors on the far end (egress) router and I was wondering if anyone has any ideas. See the text below for the error, it appears after the call is disconnected with normal call clearing, we use E1s. A reboot will make the problem go away for a short while and we using 12.2(4)T on a 3640. The call routing is fine and I can make csim calls from the far end router to my local router and to my phone no problem, in the other direction I get DSP timeouts. Cheers Pat 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP Disc (call mode=0) 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP error stats (call mode=1658181684), chnl info(1, 0, 0) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36620t=36396 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Monitoring Cisco Router through MRTG [7:36598]
Thanks prakash Can you please explain how can I find out the SNMP OID's for my cisco router Also the line Do not forget to scan the device using SNMPv2.?? Ziyaad Original Message - From: Surya Prakash PV To: Sent: Wednesday, February 27, 2002 3:41 PM Subject: RE: Monitoring Cisco Router through MRTG [7:36598] Everything. Try a tool called getif to find out the SNMP OID's for ur device. Do not forget to scan the device using SNMPv2. Regds -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ziyad Sent: Wednesday, February 27, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Monitoring Cisco Router through MRTG [7:36598] Hi All Can anyone tell me if I can use MRTG for monitoring CRC errors or broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU Utilization ...What are other things in a Ciso Router that can be meausured through MRTG. Ziyaad _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36624t=36598 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HELP !! CCIE 2B or NOT? [7:36542]
I was considering the same thing! I have my CCNP and I was considering the CCIE. However, I have decided to go for my MBA, I start in the Fall. There are a lot of Cisco people out there, but there won't be a lot of Cisco and MBA (as an added bonus the MBA never expires). I will however, probably pursue added Cisco certifications as I am doing my MBA. Think of it this way. What happens if these certifications turn into the MCSE? Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: Jerry P. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 4:01 PM To: [EMAIL PROTECTED] Subject: HELP !! CCIE 2B or NOT? [7:36542] Hi all: I have a dilemma that I was wondering if I could ask your opinion on concerning CCIE status. I am a Network Admin for the cisco lab at a university. The racks of equipment in the lab is available to use for any BGP, VLAN or multicast network possible it seems like. But I'm at a point in my life where there's a fork in the road; it looks like the CCIE route or MBA route and I am leaning towards the MBA with a lower cert like CCNP. But with all this equipment and abundance of lab time here, would I be foolish not to take advantage of this situation? And suppose I do go for it and hope that I pass the big one, I'm curious what kinds of jobs are out there in this industry for someone like myself with 5 years of experience, 1-2 years of it concentrated in IT? What should I do?? Thanks. Jerry CCNA CCDA MCSA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36623t=36542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VoIP monitoring [7:36625]
Hi I'm after some tips for monitoring a couple of VoIP routers, as there are only two routers buying tools isn't going to be very cost effective. I've used the early versions of CVM (which was very funny), we use Cisco Works 2000, but don't have the add on CVM product, and Openview. I'm planning on automatically re-route calls on failure, but I'd like to know about the failure so we can react, any ideas or pointers? Cheers Pat -- email me on : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36625t=36625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Span port like hub [7:36628]
I need to put two hosts on the same LAN and on the same medium like old coax LAN. One host need to listen all the traffic directed to the other. I have a switch 6509 and I can solve the problem by introducing an hub. The two hosts connected to the hub and the hub connected to the right VLAN on the switch. Can I obtain the same result without the hub and with a span port on the switch?? Thanks Francesco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36628t=36628 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Sample Rate [7:36566]--long reply [7:36566]
All right, John-- A couple of years ago (discreet cough), Cisco gave away copies of books as promos. One was _IP Telephony_ by Gorlaski and Kolon (McGraw Hill, 2000). GOOD BOOK. On pp 77-78 is an explanation of the Nyquist rate and voice sampling: Well, if it comes from MANY years ago, before even MY time, Nyquist started publishing his work in the 1928 Bell System Technical Journal. I don't have a copy handy, but, if anyone really cares, I do have a copy somewhere of Shannon's 1948 book The Mathematical Theory of Communications, itself an extension of a BSTJ article, that I think quotes Nyquist. *sigh* and people around here think one is ancient when one refers to a mainframe, or bisync, or analog... ...Thus, if an analog voice signal reaching up to 3400Hz is to be sampled at the Nyquist rate, the sampling frequency must be at least twice that, or 6800Hz, or samples per second. Sampling does not have to be done at the Nyquist rate. The Nyquist rate is a minimal requirement to reproduce the input waveform, but sampling can be done at rates higher or lower than the Nyquist rate. If sampling takes place at rates lower than the Nyquist rate, the result is distortion of the waveform known as (italics) aliasing. Aliasing just means that there is more than one output waveform that fits the 'connect the dots' pattern of the samples. There is no aliasing ast the Nyquist rate and above. They go on to point out that, by sampling at a rate above the Nyquist rate, you have more than the minimum required information to reliably reconstruct the voice signal at the destination. This allows you to lose a few samples in transit (not that such things would ever happen, of course) and still have only one possible reconstruction. Sampling at 8000Hz means there is a 4000Hz voice bandwidth (overly generous but convenient because 4 is a power of 2 and that makes it easier to code in a binary system). And from the 8000 samples/sec, each of which sends 1 8-bit word, we have the DS0 of 64000 bps (why only 56000 bps may be usable is a separate issue, having to do with signaling on telephone links). Nyquist's model refers to PCM encoding, representing any sample in 8 bits. Even before we get into compression, there are more bandwidth-efficient, standardized encodings, such as ADPCM at 32 Kbps or less. Annlee John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This is OT, but the upper limit of human hearing is actually around 20KHz at best and usually drops to around 16KHz or so. If your upper limit starts to drop below that you'll start to notice that it's difficult to hear clearly. (Sorry, in my other life I'm a sound engineer and musician.) I've heard that the 4KHz limit is because there is a low-pass filter used for voice. I can't remember the exact reason, but that information plugged into the Nyquist theorem explains--as Priscilla mentions--why a DS0 is 64Kbps. Okay, time to do some serious studying once I'm through being lazy and drinking this coffee... John On Tue, 26 Feb 2002, Priscilla Oppenheimer ([EMAIL PROTECTED]) wrote: At 08:06 PM 2/26/02, Rafay wrote: How do you describe Sample Rate.? In what context? The term is sometimes used when describing the analog to digital process, for example when digitizing voice. Voice produces an analog wave as your lungs and tongue press against the air. An analog wave has infinite possible values. Computers can't deal with infinity. They work with discreet numbers. The solution is to sample the analog voice many times per second. Sampling means to take a snapshot. The sample rate is how often the analog wave is sampled. Nyquist showed that you have to sample at twice the rate of the highest frequency that may occur in the original data. Most humans don't output (and can't hear) anything about 4 KHz. So sample 8,000 times per second (8Khz) and the result will be good enough. When using a sample rate of 8,000 KHz, if each sample is saved in an 8-bit byte, the resulting data rate is 64 Kbps. That's one DS0. Compression allows us to use a smaller data rate, with some loss in fidelity. Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36629t=36566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: speaking of PIX clones [7:36593]
Suspect that is just a vender doing anything that they can to make a sale. Cisco has had a reputation of playing the game fair. When the market started to get flooded last year with used gear their tactic was to give good trade in's to try and keep as much off the used market as possible - a very fair tactic IMO. Also the people who are buying used pix's on Ebay are not really hurting Cisco sales much. If they were not buying the pix at a used price they would probably be buying a Sonicwall or some other less expensive firewall. In that way it is a win for Cisco. Like you say they are not msft. That is why I don't think they would be too happy with Jason Sullivan's post about legal action. From: Mike Sweeney Reply-To: Mike Sweeney To: [EMAIL PROTECTED] Subject: speaking of PIX clones [7:36593] Date: Wed, 27 Feb 2002 01:38:51 -0500 I just heard from a friend that a SonicWall rep was saying(dont you love 5th hand news) that Cisco is planning to crack down on PIXes being resold on Ebay by killing any and all support for them. No smartnet, no software, no activation keys etc.. I personally think it is a bunch of hooyie.. The number of PIX units being sold 2nd hand on Ebay is a grain of sand compared to national/world sales of new units and to expend that much effort, ill will and bad karma really doesnt strike me as the cisco way of doing business. MS maybe.. but not cisco. Am I off base here? even if it's a bunch of crap, it makes for some interesting thoughts.. whats next? no support for used routers? switches ? talk about killing the goose that lays golden eggs.. MikeS _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36621t=36593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: speaking of PIX clones [7:36593]
That sounds like a car dealer refusing to service used cars. I would think that as long as the software licenses are purchased, what does it matter where the PIX has been purchased ? I am a big fan of EBay, and I purchased a couple of Cisco routers and switches for my lab, which saved me several thousands of dollars. By the way, I fully agree with the Microsoft policy on cracking down on illegal/unlicensed use of their software. It costs money to develop their products. Wether you illegally copy CDs or DVDs, or software, it is stealing. Admittedly, why do people use unlicensed software ? Because most of it is too d... expensive ! Georg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36612t=36593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HELP !! CCIE 2B or NOT? [7:36542]
Have no clear idea of why the CCIE Written should be dropped. Unless you pass both written and lab exams, then append the CCIE after your name Compare it to the following Name CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro and Server, MBA 1st semester Is it conceptually clear to you ? Thank you Tim Booth wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... BTW - Tim? Drop the 'CCIE Written' 'bit' from you acronym collection...it ain't cool no more :) BTW - Oliver? Appending CCIE written isn't to be cool. It's not to pretend I'm a CCIE. It's to let others know how far my progress is in achieving my goal, where I'm at in an educational standpoint etc. It is purely a shorthand version of I have passed a CCIE written test. It would be the equivalent of saying something like I'm in college, if college and studying to be a CCIE were comparable. In your head you can append Studied hard and passed a CCIE written exam. I'm not claiming to be a CCIE, but I am claiming to be actively studying towards being one. As far as my certifications, I have studied very hard to earn them, and in no sense are they simply an acronym collection. In my case, treating them as such is inappropriate. If you have further issues, please email me off-list. Kind Regards, Tim Booth MCDBA, CCNP, CCDP, CCIE written - Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. Benjamin Franklin, 1759 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36622t=36542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to get the activation key for my clone Pix [7:36567]
Jason did not make a threat and should be construed as a friendly reminder as I don't think Cisco Legal Eagles will make the same reminder for unauthorized and unlicensed use. Jason Sullivan wrote: You should take the 400 you spent and buy a 501. I promise it will be less than your legal fees if Cisco were to get involved. Jason Sullivan Systems Engineer [EMAIL PROTECTED] Office (801)270-6732 Pager (800)365-4578 --- Welcome to the Internet, Transportation provided by Cisco Systems --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Athony Jones Sent: Tuesday, February 26, 2002 1:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to get the activation key for my clone Pix? Hi Everyone, After struggling for the past two days, I have successfully cloned a Pix firewall by using my PC. I plug the 16MB flash card into the PC's ISA slot and the PC recognize that it is a Pix flash card (cost me $400.00). It boots up fine and everything seems to be in order. However, after the boot up sequence, it asks me for the activation key. I've been trying many different possible scenarios without much success. I even tried to use the activation key from another Pix firewall but that doesn't work either. Anybody know how I can fake my clone Pix with a fake activation key? By the way,I am running Pix OS code version 6.1(2). I even tried 5.3(1), 5.3(2), 6.0(1) and 6.1(1) and one of them works. By the way, the PC has 128MB of RAM and a 16Mb Flash ISA card. I tried to clone a Pix520. Please help. Jason __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36613t=36567 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36627]
Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and publically flaunt it, chances are you'll get pulled over sometime. Go figure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Stevens Sent: Wednesday, February 27, 2002 7:15 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Is this pirating software? Cisco sells this board with the software installed in it. This is no different then buying any other router on on Ebay and using it without putting it on smartnet. Are you going to take legal action against all of those people also? From: Jason Sullivan To: Wes Stevens Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 20:14:50 -0700 First give me a break it was just an observation. Second, pirating software is illegal. Read the disclaimer out on CCO. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 8:05 PM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? J From: Jason Sullivan Reply-To: Jason Sullivan To: Athony Jones , , Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 17:58:32 -0700 You should take the 400 you spent and buy a 501. I promise it will be less than your legal fees if Cisco were to get involved. Jason Sullivan Systems Engineer [EMAIL PROTECTED] Office (801)270-6732 Pager (800)365-4578 --- - --- Welcome to the Internet, Transportation provided by Cisco Systems --- - --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Athony Jones Sent: Tuesday, February 26, 2002 1:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to get the activation key for my clone Pix? Hi Everyone, After struggling for the past two days, I have successfully cloned
RE: How to get the activation key for my clone Pix [7:36626]
Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and publically flaunt it, chances are you'll get pulled over sometime. Go figure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Stevens Sent: Wednesday, February 27, 2002 7:15 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Is this pirating software? Cisco sells this board with the software installed in it. This is no different then buying any other router on on Ebay and using it without putting it on smartnet. Are you going to take legal action against all of those people also? From: Jason Sullivan To: Wes Stevens Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 20:14:50 -0700 First give me a break it was just an observation. Second, pirating software is illegal. Read the disclaimer out on CCO. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 8:05 PM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? J From: Jason Sullivan Reply-To: Jason Sullivan To: Athony Jones , , Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 17:58:32 -0700 You should take the 400 you spent and buy a 501. I promise it will be less than your legal fees if Cisco were to get involved. Jason Sullivan Systems Engineer [EMAIL PROTECTED] Office (801)270-6732 Pager (800)365-4578 --- - --- Welcome to the Internet, Transportation provided by Cisco Systems --- - --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Athony Jones Sent: Tuesday, February 26, 2002 1:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to get the activation key for my clone Pix? Hi Everyone, After struggling for the past two days, I have successfully cloned a Pix firewall by using my PC. I plug the 16MB flash card into the PC's ISA slot and the PC recognize that it is a Pix flash card (cost me $400.00). It boots up fine and everything seems to be in order. However, after the boot up sequence, it asks me for the activation key. I've been trying many different possible scenarios without much success. I even tried to use the activation key from another Pix firewall but that doesn't work either. Anybody know how I can fake my clone Pix with a fake activation key? By the way,I am running Pix OS code version 6.1(2). I even tried 5.3(1), 5.3(2), 6.0(1) and 6.1(1) and one of them works. By the way, the PC has 128MB of RAM and a 16Mb Flash ISA card. I tried to clone a Pix520. Please help. Jason __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com __ To unsubscribe from
SNA DDR [7:36631]
I have a SNA PU (a cash of a bank) connected to a router, the router connected by a ISDN BRI to a romote router and the romote router connected to a FEP (so to a HOST) by a Token Ring LAN. PU--Router--BRI--remote router--TR--FEP--HOST. Is possible to permit the comunication beetween the PU and the HOST whit the ISDN BRI actrive only when thare is traffic?? Thanks Francesco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36631t=36631 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Span port like hub [7:36628]
The command set span s/s m/m will mirror all received and transmitted traffic from port s/s to port m/m. See here for details (watch for wordwrap): http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_1/cmd_ref/s etsn_su.htm#1083425 Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Picciani Francesco Saverio [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:34 AM To: [EMAIL PROTECTED] Subject: Span port like hub [7:36628] I need to put two hosts on the same LAN and on the same medium like old coax LAN. One host need to listen all the traffic directed to the other. I have a switch 6509 and I can solve the problem by introducing an hub. The two hosts connected to the hub and the hub connected to the right VLAN on the switch. Can I obtain the same result without the hub and with a span port on the switch?? Thanks Francesco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36633t=36628 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Monitoring Cisco Router through MRTG [7:36598]
It's been a while, but I believe that some IOS versions support a show snmp mib command, which should print out a list of OIDs supported by the router/IOS combination (it's that one or a very similar undocumented command). Otherwise, any tool that will let you perform an snmpwalk will allow you to uncover the supported MIBs (and therefore the SNMP OIDs), such as the getif tool or even the snmp browser included with Microsoft resource kits. - Original Message - From: Ziyad To: Sent: Wednesday, February 27, 2002 7:53 AM Subject: Re: Monitoring Cisco Router through MRTG [7:36598] Thanks prakash Can you please explain how can I find out the SNMP OID's for my cisco router Also the line Do not forget to scan the device using SNMPv2.?? Ziyaad Original Message - From: Surya Prakash PV To: Sent: Wednesday, February 27, 2002 3:41 PM Subject: RE: Monitoring Cisco Router through MRTG [7:36598] Everything. Try a tool called getif to find out the SNMP OID's for ur device. Do not forget to scan the device using SNMPv2. Regds -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ziyad Sent: Wednesday, February 27, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Monitoring Cisco Router through MRTG [7:36598] Hi All Can anyone tell me if I can use MRTG for monitoring CRC errors or broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU Utilization ...What are other things in a Ciso Router that can be meausured through MRTG. Ziyaad _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36635t=36598 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36583]
Just for the record.. I picked up a 501 NEW in the box for $401.00 US and no shipping. Just sales tax. This was not 3DES.. just plain of DES and 10 users. Works like a top.. Place is in FL but apparently they use IngramMicro as the fulfillment center(still had the lable) The new 506E pricing just got came in at $1,100 which like they said, is cheaper then before. SonicWall is in serious trouble with these price points. I use both the PIX is a better firewall for the price. I have no experience with Nokia so I can not comment on their product vs. a PIX. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36634t=36583 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNA DDR [7:36631]
Sort of. SNA by design is constantly polling the end device. If you are using DLSw in your cloud you can use the local ack feature to keep the polling traffic off the link You can then set your permit-list to have any dlsw traffic activate the link Richard Picciani Francesco Saverio wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a SNA PU (a cash of a bank) connected to a router, the router connected by a ISDN BRI to a romote router and the romote router connected to a FEP (so to a HOST) by a Token Ring LAN. PU--Router--BRI--remote router--TR--FEP--HOST. Is possible to permit the comunication beetween the PU and the HOST whit the ISDN BRI actrive only when thare is traffic?? Thanks Francesco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36637t=36631 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Border Router load [7:36642]
We have a Cisco 7204 VXR which acts as a border router. The Cisco 7204 VXR has two ATM interface from the internet for 45 Mbps, and one gigabit ethernet for out network. The gigabit ethernet is connected to Cisco 6509. One thing that happens on the border router is that the load is always high (around 30% without utilitizing turbo ACL, or around 21% by utilizing turbo ACL). That border router has around 25 -30 access lists. The access lists mostly are used to : 1. Block the non routable IP address (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8). 2. Clean the incoming traffic 3. Protect the networks to common exploit, for example port 515, 110, etc. But the thing that is weird is when the ACL is moved to the CIsco 6509 which serves completely ethernet environment, the load on that Cisco 6509 just stays cool at 6%. What is the reason this thing happen ? is it because Cisco 6509 has better processing power then 7204 VXR, or because the 7204 VXR needs to convert cells (ATM) to frames (gigabit ethernet), look inside it, forward it, etc. etc. ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36642t=36642 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF question [7:36641]
Loopbacks are used because they never go down or should never go down, to make one the DR assign the highest loopback to the desired router. HTH's Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36644t=36641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Border Router load [7:36643]
We have a Cisco 7204 VXR which acts as a border router. The Cisco 7204 VXR has two ATM interface from the internet for 45 Mbps, and one gigabit ethernet for out network. The gigabit ethernet is connected to Cisco 6509. One thing that happens on the border router is that the load is always high (around 30% without utilitizing turbo ACL, or around 21% by utilizing turbo ACL). That border router has around 25 -30 access lists. The access lists mostly are used to : 1. Block the non routable IP address (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8). 2. Clean the incoming traffic 3. Protect the networks to common exploit, for example port 515, 110, etc. But the thing that is weird is when the ACL is moved to the CIsco 6509 which serves completely ethernet environment, the load on that Cisco 6509 just stays cool at 6%. What is the reason this thing happen ? is it because Cisco 6509 has better processing power then 7204 VXR, or because the 7204 VXR needs to convert cells (ATM) to frames (gigabit ethernet), look inside it, forward it, etc. etc. ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36643t=36643 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF question [7:36641]
In determining DR and BDR, OSPF will use the priority and the Router ID. I can change the Router ID by creating a loopback with a higher ID (IP address right?). Why would I do this? Why would I not just change the priority of the router in question? If I want a specific router to be the DR, why not set it with a priority of 1 and set all the other routers to something like 5? TIA. cc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36641t=36641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISP discussion groups/lists [7:36618]
Try this on for size.. http://isp-lists.isp-planet.com/about/ Brian - Original Message - From: Constantin Tivig To: Sent: Wednesday, February 27, 2002 1:52 AM Subject: ISP discussion groups/lists [7:36618] Any ideea where I can find a discussion group/list for ISPs ? Thanks! Cos Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36645t=36618 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multilink and callback request/accept [7:36640]
All, Maybe i've missed something here but... I configured 2 routers over isdn with PPP Multilink and that r8 calls r6 and then r6 calls r8 back. All fine so far apart from I end up with one call IN and one call OUT as follows: r8#sh isd active -- ISDN ACTIVE CALLS -- History table has a maximum of 100 entries. History table data is retained for a maximum of 15 Minutes. -- CallCalling or Called RemoteSeconds Seconds Seconds Recorded Charges TypePhone numberNode Name UsedLeftIdle Units/Currency -- Out r6 38 0 0 In r6 38 0 -- configs as follows: r6: interface Dialer0 ip address 172.168.1.6 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer pool 1 dialer string class test dialer load-threshold 1 either dialer-group 1 ppp callback accept ppp authentication chap ppp multilink ! map-class dialer test dialer callback-server username r8: interface Dialer0 ip address 172.168.1.8 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r6 dialer string dialer load-threshold 1 outbound dialer pool 1 dialer-group 1 ppp callback request ppp authentication chap ppp chap hostname ccie ppp multilink Whats gone wrong Cheers Richard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36640t=36640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HELP !! CCIE 2B or NOT? [7:36542]
I agree, get rid of the acronym till you got the number after it, It demeans the CCIE actual certification which few will ever achieve. My Personal belief is that you could get the CCIE- written knowing f**k all. The day you actually get the CCIE # then I care who you are, and what you have to say, listen closely, and understand how much you studied, and follow your advise, but until then .. Stop getting sesame street certifications and learn to walk with kings.. -Original Message- From: Solar [SMTP:[EMAIL PROTECTED]] Sent: 27 February 2002 13:47 To: [EMAIL PROTECTED] Subject: Re: HELP !! CCIE 2B or NOT? [7:36542] Have no clear idea of why the CCIE Written should be dropped. Unless you pass both written and lab exams, then append the CCIE after your name Compare it to the following Name CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro and Server, MBA 1st semester Is it conceptually clear to you ? Thank you Tim Booth wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... BTW - Tim? Drop the 'CCIE Written' 'bit' from you acronym collection...it ain't cool no more :) BTW - Oliver? Appending CCIE written isn't to be cool. It's not to pretend I'm a CCIE. It's to let others know how far my progress is in achieving my goal, where I'm at in an educational standpoint etc. It is purely a shorthand version of I have passed a CCIE written test. It would be the equivalent of saying something like I'm in college, if college and studying to be a CCIE were comparable. In your head you can append Studied hard and passed a CCIE written exam. I'm not claiming to be a CCIE, but I am claiming to be actively studying towards being one. As far as my certifications, I have studied very hard to earn them, and in no sense are they simply an acronym collection. In my case, treating them as such is inappropriate. If you have further issues, please email me off-list. Kind Regards, Tim Booth MCDBA, CCNP, CCDP, CCIE written - Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. Benjamin Franklin, 1759 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36632t=36542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36630]
In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and publically flaunt it, chances are you'll get pulled over sometime. Go figure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Stevens Sent: Wednesday, February 27, 2002 7:15 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Is this pirating software? Cisco sells this board with the software installed in it. This is no different then buying any other router on on Ebay and using it without putting it on smartnet. Are you going to take legal action against all of those people also? From: Jason Sullivan To: Wes Stevens Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 20:14:50 -0700 First give me a break it was just an observation. Second, pirating software is illegal. Read the disclaimer out on CCO. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 8:05 PM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? J From: Jason Sullivan Reply-To: Jason Sullivan To: Athony Jones , , Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 17:58:32 -0700 You should take the 400 you spent and buy a 501. I promise it will be less than your legal fees if Cisco were to get involved. Jason Sullivan Systems Engineer [EMAIL
RE: Grade to get CCDA [7:36636]
All Cisco exams are Pass or Fail exams. It's that simple, if you know the material that is covered on the exam then you will Pass; if you do not know the material then you will Fail. Your focus should not be how you can skim by and just barely pass the exam. If you don't really know the concepts and technologies and just cram so that you pass the exam, what good is the certification then? Just because you have a certification doesn't mean that someone is going to hire you and throw money at you. Employers look at certifications as a base line, a ccda should know xyz concepts and know how to accomplish xyz tasks. If you can't perform at the baseline level you're not going to be around at that job long or you may not even get hired. With the way the Tech job market is these days, you need to be able to differentiate yourself from your peers. Paper Certs are not a way to do this. Please stop asking for minimum scores to pass or the number of questions on an exam. Review the exam outlines and blueprints on CCO and learn the concepts and technologies. Most everyone here in this forum is here to share knowledge and learn from each other. If you don't understand a concept or technology, post a question about it you'll receive plenty of help. Tim Medley - CCNP+Voice, CCDP Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rodrigues, Mario Sent: Wednesday, February 27, 2002 9:29 AM To: [EMAIL PROTECTED] Subject: Grade to get CCDA [7:36636] Hi Folks, I would like to know how is the grade to get CCDA. Regards, Mario A. Rodrigues Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36649t=36636 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
community characters [7:36652]
Hello, I would like to know if the following characters are allowed for configuring a community string:; and ! using an IOS 12.1(9) E Thank you. Rock. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36652t=36652 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Simulator [7:36654]
Does anyone know of or can recommend a PIX IOS simulator? I'm gearing up for the CSS1 cert and need some experience on a newer version of pix ios. We have a pix but it's running some ancient ios (2.7.11) and there's no upgrade in for it in the near future. So I'm hoping to find a simulator (if one exists) to practice on a newer ver of ios. Thx in advance. -- Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) Sr. Network Specialist Ondeo-Nalco Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36654t=36654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Sample Rate [7:36566]
John Neiberger wrote: What I'm trying to find out is why the original 4KHz limit on voice calls was put into place. It sounds like it was simply an arbitrary decision. 4KHz is sufficient for a telephone call and to provide clear calls that included higher frequencies might have added some technical complexities, perhaps. They also added a high-pass filter around 400Hz since most telephones can't reproduce low frequencies well and it also filters out some harmonics of 50-60Hz hum that might show up from time to time. That is concrete reason for including a high-pass filter and I wondered if there was a concrete technical reason for including the 4KHz low-pass filter. From the sounds of it there really isn't a technical issue, 4K is just a nice round number. :-) I used three sources to answer John's query: Voice over IP Fundamentals, Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data Networks. These are great books for anyone wanting to know more about voice technologies. Interesting Facts and Ideas I came across: 1) Human hearing is in the range of 200 Hz to 20,000 Hz 2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the information comes from the middle frequencies. According to Nyquist, Human voice contains sounds that are more often Middle-pitched frequencies than either High or Low pitched frequencies. 3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk. 4) During the Analog to Digital conversion voice samples are put though a process called Quantization. Quantization is the process of rounding sampled values to the nearest predefined discreet value. Pulse Code Modulation (PCM) is a Quantization process. PCM is also used to achieve 12 to 13 bits of voice information in 8 bit words. Two commonly used PCM's are: mu-law (North America), and a-law (Europe). What you hear is not someone's voice, but a representation of their voice. 5) Noise is a major issue when talking about voice quality. Noise is constant problem for Analog signals. What is signal and what is Noise? When a Analog signal is amplified so is the Noise, which in turn makes the quality of Analog calls worst as the distance increases. Digital Calls are less suitable to Noise than Analog calls. 6) Delay is a major issue when talking about conversation flow for two reasons: 1) For a conversation to flow normally, the delay is receiving the voice information must be less than 250ms. When the delay is more than 250ms, the human receiving the voice message will start to talk thinking the human sending the voice message is at a breaking point in the conversation, i.e.. both people are talking at the same time similar to a collision in Ethernet. Delay is also important in how the voice packets are filled during the Analog to Digital conversion. That is why ATM (ATM cell is 53 octets, 5 octets are header and 48 octets are payload) is a good method for transporting voice packets because the delay to fill the payload section is smaller than with other cell/packet types. Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature; 3,500 Hz or 5,000 Hz would work also. It is a nice round number to work with. Simplies any math work. Middle frequencies carry the bulk of the information and Human speech upper limit is 10,000 Hz amd 4,000 is near the middle. The low filter is also to reduce the frequencies that carry less information. Hope this helps. Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36655t=36566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS [7:36656]
Please forgive my ignorance but I have a question. I have a new location that is going to require a 2620 series router. I have the IOS and a modified config file ready to go as soon as I get the router in. I plan on copying the IOS (12.1) over first. Then I plan to copy a config that matches another router (with the exception of a couple of lines) but the other router has an IOS of 12.0. My question is if I copy over IOS 12.1 then copy over a config that for example a show run would show 12.0...will it then go ahead and keep 12.1? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36656t=36656 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36638]
Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and publically flaunt it, chances are you'll get pulled over sometime. Go figure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Stevens Sent: Wednesday, February 27, 2002 7:15 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Is this pirating software? Cisco sells this board with the software installed in it. This is no different then buying any other router on on Ebay and using
RE: HELP !! CCIE 2B or NOT? [7:36542]
Certainly that was conceptually clear. I think this is probably an issue of semantics, but either way, I believe there is an exception to be made due to the fact that this is a cisco study list. Where you are in your studies could have some bearing on the immediate level of detail in responses one gets, because it indicates the level of detail you would desire. I really don't think that it is inappropriate to indicate where you are in your cisco studies on a cisco mailing group. I, like you, would not agree to putting MCSE Win2k Pro and Server on a cisco email list, but being appropriately detailed should be ok. I believe that the difference between a CCNP, CCDP, or CCIP and someone who takes the IE written is great enough to warrant such a distinction. I know I learned a lot between my DP and my IE written. I like to be thorough, and answering as many pertinent questions as possible in one email, be it stated or unstated, is appropriate. As far as dealing with semantics, it is possible to restructure the appendage, but why would that truly be necessary. If you think about it, the best shorthand for someone who passed the CCIE written would be CCIE written. If it is to be suggested that I can't use CCIE in a phrase simply because it *by itself* represents something different than what I'm implying, that would be a little silly. I'm not trying to get a job with this title, or pretend to be something I'm not; just indicating where I'm at. Kind Regards, Tim Booth MCDBA, CCNP, CCDP, CCIE written - Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. Benjamin Franklin, 1759 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Solar Sent: Wednesday, February 27, 2002 7:47 To: [EMAIL PROTECTED] Subject: Re: HELP !! CCIE 2B or NOT? [7:36542] Have no clear idea of why the CCIE Written should be dropped. Unless you pass both written and lab exams, then append the CCIE after your name Compare it to the following Name CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro and Server, MBA 1st semester Is it conceptually clear to you ? Thank you Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36657t=36542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISP discussion groups/lists [7:36618]
On Wed, Feb 27, 2002 at 09:24:43AM -0700, Constantin Tivig wrote: Any ideea where I can find a discussion group/list for ISPs ? www.isp-lists.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36660t=36618 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: E1 voice Connection (PRI) between AS5300 and 3Com NBX [7:36662]
Hi folks Apita. any comment Hi guys Somebody know or have experienced an E1 voice Connection (PRI) between AS5300 and 3Com NBX. I'm testing the connection to do VoIp between a remote site (Cisco 1750) and a Central site (Cisco5300). The AS5300 is only connected via LAN. The WAN connection in Central Site is made with a Cisco 7140. The 3Com NBX emulate the PBX. We have try with diferents isdn type Switch and signaling but it no work. Always appear BAD FRAME... Somebody know about the compatibility between both devices ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36662t=36662 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Sample Rate [7:36566]
Thanks, that's exactly the sort of thing I was hoping to find. It's also interesting to note that the human ear is most sensitive to midrange frequencies, say between 1000Hz and 4000Hz. So, even if you filter out what's above 4KHz, you can make up for the lack of clarity with a little amplitude. However, it's this filter that can make it difficult to distinguish between an F and an S sound. The frequencies most necessary to hear those sounds clearly are above 4KHz. And no, amplitude is NOT a measure of how much air a snowboarder gets above the half pipe rim! :-) John David L. Blair 2/27/02 8:58:07 AM John Neiberger wrote: What I'm trying to find out is why the original 4KHz limit on voice calls was put into place. It sounds like it was simply an arbitrary decision. 4KHz is sufficient for a telephone call and to provide clear calls that included higher frequencies might have added some technical complexities, perhaps. They also added a high-pass filter around 400Hz since most telephones can't reproduce low frequencies well and it also filters out some harmonics of 50-60Hz hum that might show up from time to time. That is concrete reason for including a high-pass filter and I wondered if there was a concrete technical reason for including the 4KHz low-pass filter. From the sounds of it there really isn't a technical issue, 4K is just a nice round number. :-) I used three sources to answer John's query: Voice over IP Fundamentals, Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data Networks. These are great books for anyone wanting to know more about voice technologies. Interesting Facts and Ideas I came across: 1) Human hearing is in the range of 200 Hz to 20,000 Hz 2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the information comes from the middle frequencies. According to Nyquist, Human voice contains sounds that are more often Middle-pitched frequencies than either High or Low pitched frequencies. 3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk. 4) During the Analog to Digital conversion voice samples are put though a process called Quantization. Quantization is the process of rounding sampled values to the nearest predefined discreet value. Pulse Code Modulation (PCM) is a Quantization process. PCM is also used to achieve 12 to 13 bits of voice information in 8 bit words. Two commonly used PCM's are: mu-law (North America), and a-law (Europe). What you hear is not someone's voice, but a representation of their voice. 5) Noise is a major issue when talking about voice quality. Noise is constant problem for Analog signals. What is signal and what is Noise? When a Analog signal is amplified so is the Noise, which in turn makes the quality of Analog calls worst as the distance increases. Digital Calls are less suitable to Noise than Analog calls. 6) Delay is a major issue when talking about conversation flow for two reasons: 1) For a conversation to flow normally, the delay is receiving the voice information must be less than 250ms. When the delay is more than 250ms, the human receiving the voice message will start to talk thinking the human sending the voice message is at a breaking point in the conversation, i.e.. both people are talking at the same time similar to a collision in Ethernet. Delay is also important in how the voice packets are filled during the Analog to Digital conversion. That is why ATM (ATM cell is 53 octets, 5 octets are header and 48 octets are payload) is a good method for transporting voice packets because the delay to fill the payload section is smaller than with other cell/packet types. Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature; 3,500 Hz or 5,000 Hz would work also. It is a nice round number to work with. Simplies any math work. Middle frequencies carry the bulk of the information and Human speech upper limit is 10,000 Hz amd 4,000 is near the middle. The low filter is also to reduce the frequencies that carry less information. Hope this helps. Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36661t=36566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HELP !! CCIE 2B or NOT? [7:36542]
Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I agree lose the CCIE written as a cert. I agree to lose the CCIE written in your signature or after your name on a Resume. How I handle that is on my resume I have a section called, Certifications in Process. I list tests that I have taken or certifications that I plan on completing. Example: * Certifications in Progress: Checkpoint CCSA, Cisco CCIE, Microsoft MCSE Windows 2000 Track (Passed 70-240 Microsoft Accelerated Exam. One test away from my MCSE W2K), and Prosoft Master CIW Administrator. My $0.02 worth. -- Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36663t=36542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Simulator [7:36654]
You can buy a entry level PIX 501 series for around $500.00. See http://www.routerchief.com/Security/default.htm that is what Ole Drews Jensen did. Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36665t=36654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DECserver 700 console access [7:36664]
Do I have to set port to local access and then use the change server console port 16 in order to gain console to the DEC server? Gavin Wilson Kleinwort Benson Private Bank Tel: 0207 4751771 Mobile: 07989441850 email: [EMAIL PROTECTED] -- This email and any files transmitted with it are intended solely for the addressee(s) and may be legally privileged and/or confidential. If you have received this email in error you may not copy, forward or use the contents, attachments or information in any way. Please destroy it and contact the sender via our switchboard on +44(0) 20 7475 6600 or via return email. Any unauthorised use or disclosure may be unlawful. Kleinwort Benson Private Bank give no warranty as to the accuracy or completeness of this email after it is sent over the Internet and accept no responsibility for change made after it was sent. Any opinions expressed in this email may be personal to the author and may not necessarily reflect the opinions of Dresdner Bank or its affiliates. They may also be subject to change without notice. -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36664t=36664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re: Sample Rate [7:36566]
All this voice stuff goes back to copper lines. Some random thoughts that I heard circa 1970 while working for Ma Bell and T-1 was the new kid on the block. When extending trunks the two wire line went through a hybrid that converted it to four wire. Two for transmit and two for receive. Amplifiers were used. Higher frequencies attenuate at a greater rate than lower frequencies. The signal was filtered into bands with each band amplified at a different gain so that at the receiving end it sounded normal. Choices had to be made about how high a frequency to use. A copper pair has resistance (length) and capacitance (each pair is twisted together to minimize crosstalk.) To offset the effects of capacitance load coils (inductance) was added. Thus an RCL tuned circuit. It was optimized for frequencies below 4khz. This work predates digital carrier. Side note: Analog frequency seperated carriers used inband signalling. Various devices had different functions but the common point was the use of a 2600 Hz tone. Some folks had too much of that frequency in their voice and so disconnected themselves. -Original Message- From: David L. Blair [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 9:58 AM To: [EMAIL PROTECTED] Subject: Re: Re: Sample Rate [7:36566] John Neiberger wrote: What I'm trying to find out is why the original 4KHz limit on voice calls was put into place. It sounds like it was simply an arbitrary decision. 4KHz is sufficient for a telephone call and to provide clear calls that included higher frequencies might have added some technical complexities, perhaps. They also added a high-pass filter around 400Hz since most telephones can't reproduce low frequencies well and it also filters out some harmonics of 50-60Hz hum that might show up from time to time. That is concrete reason for including a high-pass filter and I wondered if there was a concrete technical reason for including the 4KHz low-pass filter. From the sounds of it there really isn't a technical issue, 4K is just a nice round number. :-) I used three sources to answer John's query: Voice over IP Fundamentals, Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data Networks. These are great books for anyone wanting to know more about voice technologies. Interesting Facts and Ideas I came across: 1) Human hearing is in the range of 200 Hz to 20,000 Hz 2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the information comes from the middle frequencies. According to Nyquist, Human voice contains sounds that are more often Middle-pitched frequencies than either High or Low pitched frequencies. 3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk. 4) During the Analog to Digital conversion voice samples are put though a process called Quantization. Quantization is the process of rounding sampled values to the nearest predefined discreet value. Pulse Code Modulation (PCM) is a Quantization process. PCM is also used to achieve 12 to 13 bits of voice information in 8 bit words. Two commonly used PCM's are: mu-law (North America), and a-law (Europe). What you hear is not someone's voice, but a representation of their voice. 5) Noise is a major issue when talking about voice quality. Noise is constant problem for Analog signals. What is signal and what is Noise? When a Analog signal is amplified so is the Noise, which in turn makes the quality of Analog calls worst as the distance increases. Digital Calls are less suitable to Noise than Analog calls. 6) Delay is a major issue when talking about conversation flow for two reasons: 1) For a conversation to flow normally, the delay is receiving the voice information must be less than 250ms. When the delay is more than 250ms, the human receiving the voice message will start to talk thinking the human sending the voice message is at a breaking point in the conversation, i.e.. both people are talking at the same time similar to a collision in Ethernet. Delay is also important in how the voice packets are filled during the Analog to Digital conversion. That is why ATM (ATM cell is 53 octets, 5 octets are header and 48 octets are payload) is a good method for transporting voice packets because the delay to fill the payload section is smaller than with other cell/packet types. Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature; 3,500 Hz or 5,000 Hz would work also. It is a nice round number to work with. Simplies any math work. Middle frequencies carry the bulk of the information and Human speech upper limit is 10,000 Hz amd 4,000 is near the middle. The low filter is also to reduce the frequencies that carry less information. Hope this helps. Through Complexity there is Simplicity, Through Simplicity there is
RE: IOS [7:36656]
To the best of my knowledge, Yes. When you give the Show Run command, it shows the current version of IOS at the top. If you give the 'wr mem' command before the 'show run' command, I'm quite sure it will. I am a little grey as to whether or not the Version statement line is grep'd from RAM or if it is statically saved to the config file in NVRAM at the time of a Wr Mem though. HTH's Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:10 AM To: [EMAIL PROTECTED] Subject: IOS [7:36656] Please forgive my ignorance but I have a question. I have a new location that is going to require a 2620 series router. I have the IOS and a modified config file ready to go as soon as I get the router in. I plan on copying the IOS (12.1) over first. Then I plan to copy a config that matches another router (with the exception of a couple of lines) but the other router has an IOS of 12.0. My question is if I copy over IOS 12.1 then copy over a config that for example a show run would show 12.0...will it then go ahead and keep 12.1? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36669t=36656 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MPLS in the Enterprise [7:36670]
Okay, I'm about to show how clueless I am when it comes to MPLS I've been getting calls from multiple providers lately all trying to suggest that I migrate our 100-site frame relay network to their MPLS network, suggesting that we'll have any-to-any connectivity and the ability to prioritize traffic classes within the MPLS network. Are any of you doing something like this? I'm going to read up on it but I'm having trouble visualizing it. Does this basically turn our network into a giant multipoint network? Do our branch routers need to be aware of MPLS or do providers make this transparent somehow? How does this affect routing? It seems that if we have any-to-any connectivity then the branch routers don't even need to run a routing protocol; every router would have one exit point to get to any destination. But, how would the MPLS cloud know where to route packets? The more I think about it it seems like our branch routers would have to participate in MPLS to provide the necessary destination info for the MPLS cloud. See how clueless I am? Ugh... Time to do some studying on this. Since we already do a little video conferencing over IP and are working on getting VoIP working, it might be beneficial to get away from the frame relay network. But since I don't understand this new technology, I don't know if it's a viable solution for us or not. Off to CCO I go! Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36670t=36670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Copying RAM to a text file [7:36671]
Alright lets say for example that when you copy your running-config to a tftp server it shows the file type as file (meaning no extension) but if you rename the file with a .doc extension it shows all of the text within the show run commmand just as it would if you copied and pasted your running-config from a hyperterminal session and pasted it into a word doc. I copied a running-config from a router and pasted it into a word doc so I could edit to to meet the specs I'll need for another router. That being said, if I take off the .doc extension which will make the file a file type could I then copy this file from a tftp server to the new router? This is something I'll have to get set up tommorow and I am just looking at what might be the quickest way to get the new router up. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36671t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Hi, You do realise that you do not have to use TFTP servers just to upload a config you can use cut and pate in the telnet sessions. That is if you highlight the whole config (leave out the bit that says IOs version blah blah blah) and on the router enter the exec mode and then type conf t (ie config terminal) then move your mouse over the telnet sesiion window and select paste, this pastes all the config into the relavent sections. If however the router does not understand a command it will show up as an error when pasting it in. If thios is confusing you then just think of a file extension like .tct, .doc..what ever as an application association extension. You can right click any file and use the open with option if it has no known application associated with it. I use notepad or http://www.editpadclassic.com/ to edit all my configs saves no end of time. i hope this helps and answers your question. All the best, Yeti-GBR1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36674t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Symposium 2002 [7:36673]
Not sure if most of you already received this. https://www.cisco-eventreg.com/cpn2002/ Training sessions, free test, and if are already a qualified lab candidate, free CCIE lab test. Hurry up, the sessions are filling up really quickly. Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36673t=36673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36638]
Scott, Have you purchased a smartnet contract for your 520's and other routers? By the book the software is not tranferable and your pix's and routers are no more legal then the code in the pix flash card that was bought on ebay. From: Scott Morris Reply-To: Scott Morris To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 09:58:30 -0500 Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and
RE: How to get the activation key for my clone Pix [7:36638]
setting up vpn's is nothign like having a dmz... Having multiport firewalls allows for segregation of all networks behind those interfaces while still allowing internet connectivity to all. Who wants to connect to a vpn just to browse to a web server that could be in the dmz? -Patrick Scott Morris 02/27/02 09:58AM Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully expect to hear from Cisco. Worse, if I were to sell it on EBay, that's just asking for trouble. And before you comment, yes, PIX clones HAVE been sold on Ebay from not-so-bright individuals. Where do you draw the line? Lots of people drive fast. It's still illegal. If you do it enough, and publically flaunt it, chances are you'll get pulled over sometime. Go figure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
RE: How to get the activation key for my clone Pix [7:36638]
No we were talking about the legality of using the pix flash board in a pc in a home lab. Cisco cannot tell me what to do with the hardware I purchase. As far as the software in the flash if it is bought on ebay it is not legal to use it. But my point is that is the same on any software in flash on any used Cisco device. If the flash card is bought new through Cisco or a distributor it is not clear that using it in a non Cisco pix is illegal. As for the person selling the homemade pix on ebay he also is doing nothing illegal as long as all he is selling is hardware. Just as with any Cisco used device it is the responsibility of the buyer to make the software that will be used on the device legal. From: Scott Morris Reply-To: To: 'Wes Stevens' CC: Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 11:24:20 -0500 That was STILL not the conversation we were having... It doesn't have to do with purchasing a router or a firewall and being technically licensed to use the code or not... It has to do with purchasing a small PIECE of the router or firewall, using it to build something NEW that most definitely is NOT a Cisco box, and then either talking about it publically and/or selling it. THAT is the conversation we were having. I don't think anyone cares that someone has a bunch of Mercedes hood ornaments at their home. If they go out and purchase a cheap car and stick the Mercedes hood ornament on it, some people may think it's funny, others not. If the person then tried to tell everyone about their new Mercedes or worse yet, tried to SELL their Mercedes THAT is a problem. Anyway... Enough bantering on this and going nowhere... I have work to do. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:48 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, I am not trying to have this degrade into personal territory , truly not my intent. If you have purchased smartnet for your equipment I applaud that. I can tell you for sure that were I work that is also true. But for my home lab which was all purchased from ebay I have not. I would venture to say that the majority of home labs have not purchased smartnet contracts. Many people seem to feel that it is un ethical to use code in a pix board purchased on ebay but do not have the same problem with the code that comes in flash on router or switches purchased on ebay. To me they are the same thing. From: Scott Morris Reply-To: To: 'Wes Stevens' CC: Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 10:37:47 -0500 If it's any consolation, yes. And also upgraded one of them after purchase (2meg to 16meg). That, however, is not the conversation So apparantly we have no degraded into personal territory instead of a vaguely educational conversation. So, go do what you want, because my opinion isn't going to change yours anyway. Just remember that speeders get pulled over every once and a while... And people honk and wave and laugh as they pass you just like you passed them earlier. *shrug* Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:25 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, Have you purchased a smartnet contract for your 520's and other routers? By the book the software is not tranferable and your pix's and routers are no more legal then the code in the pix flash card that was bought on ebay. From: Scott Morris Reply-To: Scott Morris To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 09:58:30 -0500 Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix?
RE: How to get the activation key for my clone Pix [7:36638]
Correct. but the discussion we were having was regarding particular firewalls over another specifically for the purpose of studying for the CCIE Security test. Therefore nothing like real life. :) For a real network, you are absolutely 100% correct! Scott -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:29 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] setting up vpn's is nothign like having a dmz... Having multiport firewalls allows for segregation of all networks behind those interfaces while still allowing internet connectivity to all. Who wants to connect to a vpn just to browse to a web server that could be in the dmz? -Patrick Scott Morris 02/27/02 09:58AM Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not supposed to). Lots of people download feature sets they don't have licenses for (not supposed to). There have actually been some cases where Cisco's gone after people (typically larger companies). But it's a WHOLE different thing to BUILD a device and put their software on it... If I were to build my own router (god only knows why), and put their software on it, I would fully
RE: How to get the activation key for my clone Pix [7:36646]
Jason, I know that the software is not transferable. My point is that buying a pix flash card on ebay and using the code in it is no worse then buying a router and using the code in it's flash. There are on any given day 65 pages of cisco gear out on ebay not to mention all the other resellers. Legal action would not be an effect way to handle the issue. The key on the pix install is for des functionality and I suspect was put in for export control reasons. But a similar structure would be needed to do any type of software control. Cisco must feel that the advantages of smartnet bring in a high enough percentage of the used routers to make the added headaches of software keys not justified. Another question - If pix flash card is bought new through a cisco distributor and put into a pc instead of a pix, what is the policy? From: Jason Sullivan To: Wes Stevens Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:56:10 -0700 Actually if you buy a router on E-bay you don't own the software and it is illegal. Software Transfer and Licensing Overview Like many high-tech companies that produce software, Cisco adopts a policy of non-transferability of its software in order to protect its intellectual property rights. What this means in practice is that owners of Cisco products are only allowed to transfer, re-sell or re-lease used Cisco hardware and not the embedded software that runs on the hardware. This policy also applies to Cisco standalone software applications. You can find this doc at http://www.cisco.com/warp/public/csc/refurb_equipment/swlicense.html Jason Sullivan Systems Engineer [EMAIL PROTECTED] Office (801)270-6732 Pager (800)365-4578 --- Welcome to the Internet, Transportation provided by Cisco Systems --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Stevens Sent: Wednesday, February 27, 2002 5:15 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Is this pirating software? Cisco sells this board with the software installed in it. This is no different then buying any other router on on Ebay and using it without putting it on smartnet. Are you going to take legal action against all of those people also? From: Jason Sullivan To: Wes Stevens Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 20:14:50 -0700 First give me a break it was just an observation. Second, pirating software is illegal. Read the disclaimer out on CCO. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 26, 2002 8:05 PM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? J From: Jason Sullivan Reply-To: Jason Sullivan To: Athony Jones , , Subject: RE: How to get the activation key for my clone Pix? Date: Tue, 26 Feb 2002 17:58:32 -0700 You should take the 400 you spent and buy a 501. I promise it will be less than your legal fees if Cisco were to get involved. Jason Sullivan Systems Engineer [EMAIL PROTECTED] Office (801)270-6732 Pager (800)365-4578 --- - --- Welcome to the Internet, Transportation provided by Cisco Systems --- - --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Athony Jones Sent: Tuesday, February 26, 2002 1:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to get the activation key for my clone Pix? Hi Everyone, After struggling for the past two days, I have successfully cloned a Pix firewall by using my PC. I plug the 16MB flash card into the PC's ISA slot and the PC recognize that it is a Pix flash card (cost me $400.00). It boots up fine and everything seems to be in order. However, after the boot up sequence, it asks me for the activation key. I've been trying many different possible scenarios without much success. I even tried to use the activation key from another Pix firewall but that doesn't work either. Anybody know how I can fake my clone Pix with a fake activation key? By the way,I am running Pix OS code version 6.1(2). I even tried 5.3(1), 5.3(2), 6.0(1) and 6.1(1) and one of them works. By the way, the PC has 128MB of RAM and a 16Mb Flash ISA card. I tried to clone a Pix520. Please help. Jason __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com
RE: How to get the activation key for my clone Pix [7:36638]
If it's any consolation, yes. And also upgraded one of them after purchase (2meg to 16meg). That, however, is not the conversation So apparantly we have no degraded into personal territory instead of a vaguely educational conversation. So, go do what you want, because my opinion isn't going to change yours anyway. Just remember that speeders get pulled over every once and a while... And people honk and wave and laugh as they pass you just like you passed them earlier. *shrug* Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:25 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, Have you purchased a smartnet contract for your 520's and other routers? By the book the software is not tranferable and your pix's and routers are no more legal then the code in the pix flash card that was bought on ebay. From: Scott Morris Reply-To: Scott Morris To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 09:58:30 -0500 Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE security lab. I just cannot see Cisco taking legal action there. They have never been a legally heavy handed company. To take action in that case would send the wrong message. The CCIE program is one of their best marketing tools. It puts industry reconized experts in the field with a diffinite Cisco bias to them. The CCIE Security program is fairly new and I don't think it would be in their best interest to discourage it in any way. Now if someone starts cloning pix's by the dozens and selling them on ebay that is a whole different story. From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 07:26:33 -0500 I believe that would be a use other than intended Cisco is a little lax in enforcing software licenses... Lots of people resell routers with IOS installed (not
RE: How to get the activation key for my clone Pix [7:36638]
That was STILL not the conversation we were having... It doesn't have to do with purchasing a router or a firewall and being technically licensed to use the code or not... It has to do with purchasing a small PIECE of the router or firewall, using it to build something NEW that most definitely is NOT a Cisco box, and then either talking about it publically and/or selling it. THAT is the conversation we were having. I don't think anyone cares that someone has a bunch of Mercedes hood ornaments at their home. If they go out and purchase a cheap car and stick the Mercedes hood ornament on it, some people may think it's funny, others not. If the person then tried to tell everyone about their new Mercedes or worse yet, tried to SELL their Mercedes THAT is a problem. Anyway... Enough bantering on this and going nowhere... I have work to do. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:48 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, I am not trying to have this degrade into personal territory , truly not my intent. If you have purchased smartnet for your equipment I applaud that. I can tell you for sure that were I work that is also true. But for my home lab which was all purchased from ebay I have not. I would venture to say that the majority of home labs have not purchased smartnet contracts. Many people seem to feel that it is un ethical to use code in a pix board purchased on ebay but do not have the same problem with the code that comes in flash on router or switches purchased on ebay. To me they are the same thing. From: Scott Morris Reply-To: To: 'Wes Stevens' CC: Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 10:37:47 -0500 If it's any consolation, yes. And also upgraded one of them after purchase (2meg to 16meg). That, however, is not the conversation So apparantly we have no degraded into personal territory instead of a vaguely educational conversation. So, go do what you want, because my opinion isn't going to change yours anyway. Just remember that speeders get pulled over every once and a while... And people honk and wave and laugh as they pass you just like you passed them earlier. *shrug* Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:25 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, Have you purchased a smartnet contract for your 520's and other routers? By the book the software is not tranferable and your pix's and routers are no more legal then the code in the pix flash card that was bought on ebay. From: Scott Morris Reply-To: Scott Morris To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 09:58:30 -0500 Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or
RE: PIX Simulator [7:36654]
Kevin, I am not sure how it works (I would love to know!), but I have see PC's claiming to run PIX IOS software for this very purpose on eBay for @ $1000. Only if I were going to spend that much I would just buy a PIX 506 baby firewall then have some resale value. I would love to know if anyone knows how to setup a PIX on a PC for testing purposes (I have spare PC's at the house). I am currently studying for my CSVPN, but I am having to do some configuration on our PIX 520, so I am reading my CS PIX advanced Cisco Press book as well. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of kevhed Sent: Wednesday, February 27, 2002 9:48 AM To: [EMAIL PROTECTED] Subject: PIX Simulator [7:36654] Does anyone know of or can recommend a PIX IOS simulator? I'm gearing up for the CSS1 cert and need some experience on a newer version of pix ios. We have a pix but it's running some ancient ios (2.7.11) and there's no upgrade in for it in the near future. So I'm hoping to find a simulator (if one exists) to practice on a newer ver of ios. Thx in advance. -- Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) Sr. Network Specialist Ondeo-Nalco - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36659t=36654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36638]
Scott, I am not trying to have this degrade into personal territory , truly not my intent. If you have purchased smartnet for your equipment I applaud that. I can tell you for sure that were I work that is also true. But for my home lab which was all purchased from ebay I have not. I would venture to say that the majority of home labs have not purchased smartnet contracts. Many people seem to feel that it is un ethical to use code in a pix board purchased on ebay but do not have the same problem with the code that comes in flash on router or switches purchased on ebay. To me they are the same thing. From: Scott Morris Reply-To: To: 'Wes Stevens' CC: Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 10:37:47 -0500 If it's any consolation, yes. And also upgraded one of them after purchase (2meg to 16meg). That, however, is not the conversation So apparantly we have no degraded into personal territory instead of a vaguely educational conversation. So, go do what you want, because my opinion isn't going to change yours anyway. Just remember that speeders get pulled over every once and a while... And people honk and wave and laugh as they pass you just like you passed them earlier. *shrug* Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 10:25 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Scott, Have you purchased a smartnet contract for your 520's and other routers? By the book the software is not tranferable and your pix's and routers are no more legal then the code in the pix flash card that was bought on ebay. From: Scott Morris Reply-To: Scott Morris To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix [7:36638] Date: Wed, 27 Feb 2002 09:58:30 -0500 Personally? I have two 520's that I got a sweet deal on (EBay). But other than that, what is the functional difference between having two 501's and two of something higher? By that, I mean what is the difference between setting up VPN's to the outside interfaces versus a DMZ? What is the big deal? There's nothing that you can't test yourself on with a pair of 501's that will be that dramatically different with 506's, 515's or whatever The difference would be in the permissions or translations, but as long as you understand that difference, I don't see what the big deal is. Other than playing around for emulating a customers network, I've really never used my DMZ interfaces for lab testing. So if I didn't have them, it wouldn't affect me one way or the other. -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 8:56 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? In my own lab a I have a 506. I would like to have another pix with a dmz interface. I am sure pretty sure they will cover pix to pix and dmz in the ccie security. But even on ebay to buy a 520 with three interfaces usually runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - ten routers and three switches. Another $2k to $3k for a pix with three interfaces is beyond my reach. So how do you practice pix to pix and dmz? From: Scott Morris Reply-To: To: 'Wes Stevens' Subject: RE: How to get the activation key for my clone Pix? Date: Wed, 27 Feb 2002 08:32:24 -0500 Somebody's already been selling 'em on EBay. And I never said legal action should be brought against anyway... I merely said it wasn't a bright idea to discuss it in a public forum where Cisco people were at. As for discouraging the program, I hardly think this would do it. You don't see people cloning ATM boxes, or VoIP stuff, do ya? So the argument of this is a cost-effective marketing tool for the CCIE program hasn't historically been a problem. *shrug* If people want to do it, they'll do it. However, I don't think it is advisable to discuss it publically, nor sell it. Whether to another person for study purposes only or whatever... Control gets lost after that. And you can get a 501 for the same price, if not less than the 16 meg card anyway, so what the hell is the point in building your own? It's not the price-point! Scott -Original Message- From: Wes Stevens [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 7:53 AM To: [EMAIL PROTECTED] Subject: RE: How to get the activation key for my clone Pix? Scott, use other then intended Maybe, but they sell the board with the code installed. It is intended as an upgrade, but I don't think there is any legal clause shipped with it saying you can use it for no other purpose. Again the original post was a pix for a CCIE
RE: MPLS in the Enterprise [7:36670]
i was pitched this very thing recently by wcom and qwest.. basically it is only as secure as your carriers.. if some f*cks up and imports something into your VRF, either a default, another vpn, or whatever you security is finished.. plug banks are supposed to encrypt over IPSEC, so why bother running MPLS (come one how much diff-serv can do you on frac T-1's anyway) if you are just going to IPSEC the packets between pix's or vpn concentrators anyway.. MPLS right now for 100 sites, just can't be trusted. I used to work for ISP's, everyone there was a perp.. trust my vpn security to some loser ISP. No thanks read this http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.htm Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:24 PM To: [EMAIL PROTECTED] Subject: MPLS in the Enterprise [7:36670] Okay, I'm about to show how clueless I am when it comes to MPLS I've been getting calls from multiple providers lately all trying to suggest that I migrate our 100-site frame relay network to their MPLS network, suggesting that we'll have any-to-any connectivity and the ability to prioritize traffic classes within the MPLS network. Are any of you doing something like this? I'm going to read up on it but I'm having trouble visualizing it. Does this basically turn our network into a giant multipoint network? Do our branch routers need to be aware of MPLS or do providers make this transparent somehow? How does this affect routing? It seems that if we have any-to-any connectivity then the branch routers don't even need to run a routing protocol; every router would have one exit point to get to any destination. But, how would the MPLS cloud know where to route packets? The more I think about it it seems like our branch routers would have to participate in MPLS to provide the necessary destination info for the MPLS cloud. See how clueless I am? Ugh... Time to do some studying on this. Since we already do a little video conferencing over IP and are working on getting VoIP working, it might be beneficial to get away from the frame relay network. But since I don't understand this new technology, I don't know if it's a viable solution for us or not. Off to CCO I go! Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36672t=36670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
eBay seller kabel_inc [7:36666]
Does anybody know anything about eBay seller kabel_inc? Is this perhaps another alias for ojick? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3t=3 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF question [7:36641]
Always know multiple ways to do things. Priority overrides RID. cclark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... In determining DR and BDR, OSPF will use the priority and the Router ID. I can change the Router ID by creating a loopback with a higher ID (IP address right?). Why would I do this? Why would I not just change the priority of the router in question? If I want a specific router to be the DR, why not set it with a priority of 1 and set all the other routers to something like 5? TIA. cc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36675t=36641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Yes I am aware that you can send a running-config from a text file to a router in config t I just was wondering whether or not I could change the current filename from .doc to no extension and whether or not TFTP server would recognize it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36676t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Security Design - PIX or Whatever [7:36677]
Just to remove this topic from that other thread about PIX clones, Patrick R. brought up some good points in one of his posts. Security design ( which is apparently NOT what cisco teaches or tests in their security programs ) is a lot more than just closing ports and doing NAT. Many organizations have reason to segregate various pats of their network from eachother. Financial institutions, medical organizations, insurance companies, any operation that has information that is need to know has reason to set up multiple security zones. We cover some of this thinking when we talk about access-lists. Modern multiport firewalls take this to its logical extreme in their design and philosophy. for example, given a County School Board, which has an internet connection, and permits multiple school districts to share that internet connection through a WAN. Is it reasonable or rational, let alone good security practice, to consider a two port firewall as adequate protection? ( three port if there is a DMZ for, say, school web sites ) how about a brokerage firm, where there are supposed to be chinese walls between their sales, investment banking, and research operations? what about any company with payroll, human resources, sales, trade secret operations such as manufacturing or patent development? With everyone become interconnected, it is more important than ever to study security in terms of protecting assets, rather than filtering ports or addresses. Identification of those assets is an integral part of the process. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36677t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ppp callback question [7:36678]
Hi, I have a friend who has his R/S exam in a few weeks. He is struggling with the following: whats the equivalent of ppp callback within a dialer profile and not using legacy DDR and not using ISDN callback. he has found an equivalent based on isdn callback, but he doesn't think its the equivalent of PPP callback. He is trying not to revert back to using dialer maps etc as dialer profiles are much more dynamic. thanks for your assistance, regards Neil C Moss IP Network Engineering, BTexact Technologies BT Adastral Park - Tel 01473 606304 - Fax 01473 606727 BTexact Technologies is a trademark of British Telecommunications plc Registered office: 81 Newgate Street London EC1A 7AJ Registered in England no. 180 This electronic message contains information from British Telecommunications plc which may be privileged or confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36678t=36678 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Design - PIX or Whatever [7:36677]
Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36679t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Simulator [7:36654]
kevhed wrote: Does anyone know of or can recommend a PIX IOS simulator? I'm gearing up for the CSS1 cert and need some experience on a newer version of pix ios. We have a pix but it's running some ancient ios (2.7.11) and there's no upgrade in for it in the near future. So I'm hoping to find a simulator (if one exists) to practice on a newer ver of ios. Thx in advance. -- Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) Sr. Network Specialist Ondeo-Nalco 401.00 will get you a 501 PIX, 6.1 IOS.. DES encyrption for free after registration.. 3DES is extra.. 10 users.. not a bad deal at all. The *simulated* PIX is a PX with the Cisco flashcard installed.. something around $900-1000.00 It does give multiple interfaces. Not being a PIX geek, I dont know how valuable that is for the training labs. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36680t=36654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MPLS in CCIE [7:36682]
How much of MPLS (if some at all) is covered in the CCIE exams? tks! Persio Pucci - CCNP UOL Inc. - Tecnologia [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36682t=36682 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Grade to get CCDA [7:36636]
Thanks Tim Medley, well put Mario, you should really concentrate on learning the technology, be able to understand how it can be utilized in many different situations and when you take the test, you don't have to think about the passing grades. My two cents. JB, MCSE, CCNA, CCNP, CCDA, CCDP.One day CCIE(it looks like an eternity..just a joke). Tim Medley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All Cisco exams are Pass or Fail exams. It's that simple, if you know the material that is covered on the exam then you will Pass; if you do not know the material then you will Fail. Your focus should not be how you can skim by and just barely pass the exam. If you don't really know the concepts and technologies and just cram so that you pass the exam, what good is the certification then? Just because you have a certification doesn't mean that someone is going to hire you and throw money at you. Employers look at certifications as a base line, a ccda should know xyz concepts and know how to accomplish xyz tasks. If you can't perform at the baseline level you're not going to be around at that job long or you may not even get hired. With the way the Tech job market is these days, you need to be able to differentiate yourself from your peers. Paper Certs are not a way to do this. Please stop asking for minimum scores to pass or the number of questions on an exam. Review the exam outlines and blueprints on CCO and learn the concepts and technologies. Most everyone here in this forum is here to share knowledge and learn from each other. If you don't understand a concept or technology, post a question about it you'll receive plenty of help. Tim Medley - CCNP+Voice, CCDP Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rodrigues, Mario Sent: Wednesday, February 27, 2002 9:29 AM To: [EMAIL PROTECTED] Subject: Grade to get CCDA [7:36636] Hi Folks, I would like to know how is the grade to get CCDA. Regards, Mario A. Rodrigues Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36683t=36636 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Some Answers RE: MPLS in the Enterprise [7:36670]
Okay, I just got off the phone with a vendor and I have a better handle on what they're actually proposing. Here's the scoop: They offer a couple of different variations of the MPLS solution. The first solution requires that we readdress our entire network to match their addressing scheme. This allows our branches to have any-to-any connectivity. Our routers do not need to be aware of MPLS. The vendor's network accepts frame relay encapsulated connections so our routers still think they're using frame relay. To make use of the multiple priorities within their network we use CAR or route-maps or whatever to set the TOS in the IP headers. Since each branch router will have only a single exit point, a single static route will suffice and no routing protocol is needed. Because of the readdressing issue we're just not interested in that variation. The second solution allows us to keep our existing addressing and they emulate our current frame relay PVCs within their network. This does not allow us to have any-to-any connectivity but it still allows us to use multiple priorities within their cloud. As expected, we'd need to continue to run our IGP of choice. Another downside is that their list pricing is roughly twice what we're paying for our frame network. :-) Not much incentive there! Still, it's an interesting thought and it could be useful to companies who want to use VoIP but have a lot of locations. They need to bring that pricing down, though. At that price point there's no way we'd even consider them. John Joseph Brunner 2/27/02 11:09:20 AM i was pitched this very thing recently by wcom and qwest.. basically it is only as secure as your carriers.. if some f*cks up and imports something into your VRF, either a default, another vpn, or whatever you security is finished.. plug banks are supposed to encrypt over IPSEC, so why bother running MPLS (come one how much diff-serv can do you on frac T-1's anyway) if you are just going to IPSEC the packets between pix's or vpn concentrators anyway.. MPLS right now for 100 sites, just can't be trusted. I used to work for ISP's, everyone there was a perp.. trust my vpn security to some loser ISP. No thanks read this http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.htm Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:24 PM To: [EMAIL PROTECTED] Subject: MPLS in the Enterprise [7:36670] Okay, I'm about to show how clueless I am when it comes to MPLS I've been getting calls from multiple providers lately all trying to suggest that I migrate our 100-site frame relay network to their MPLS network, suggesting that we'll have any-to-any connectivity and the ability to prioritize traffic classes within the MPLS network. Are any of you doing something like this? I'm going to read up on it but I'm having trouble visualizing it. Does this basically turn our network into a giant multipoint network? Do our branch routers need to be aware of MPLS or do providers make this transparent somehow? How does this affect routing? It seems that if we have any-to-any connectivity then the branch routers don't even need to run a routing protocol; every router would have one exit point to get to any destination. But, how would the MPLS cloud know where to route packets? The more I think about it it seems like our branch routers would have to participate in MPLS to provide the necessary destination info for the MPLS cloud. See how clueless I am? Ugh... Time to do some studying on this. Since we already do a little video conferencing over IP and are working on getting VoIP working, it might be beneficial to get away from the frame relay network. But since I don't understand this new technology, I don't know if it's a viable solution for us or not. Off to CCO I go! Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36681t=36670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Design - PIX or Whatever [7:36677]
The only difference is that those organizations (physicians as well), will held accountable for violation of HIPPA and face fines and potentially jail time :-( -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: RE: Security Design - PIX or Whatever [7:36677] Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36684t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISIS filtering, redistribution, etc. [7:36580]
Guy, I am not in my office today so I can't help you right now. I did find a few somewhat useful config guides for IS-IS on CCO last year. I'll send you anything that looks valuable later tonight or tomorrow. Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36685t=36580 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Design - PIX or Whatever [7:36677]
don't even get me started on this. I work for an organization that uses employee SSN numbers for validation purposes in a lot of instances. So when I call the Help Desk to complain about e-mail ( an ongoing problem ) I am asked to provide my SSN to the folks there. In these days of rampant and easy identity theft, how smart is it to allow access to a large database of valid SSN's to practically everyone who asks? HIPAA??? isn't that on hold for review? You know, I was reading through one of the drafts and I thought I saw something that floored me - the regulators were stating that multiplexed links such as frame relay and ATM were considered unsecure because different organizations were sharing circuits. The implication was that healthcare organizations would have to move to point to point technologies - most of which end up passing through ATM backbones anyway. Sheesh. Longer term I believe that security solutions will involve end to end encryption - server to host, on the LAN as well as the WAN, in addition to what is already done on VPN's. I always liked the HIPAA provision about management responsibility and management fines and jail time for failure to comply. Wish that were so in a lot of other industries where I have worked. ;- Chuck William Gragido wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The only difference is that those organizations (physicians as well), will held accountable for violation of HIPPA and face fines and potentially jail time :-( -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: RE: Security Design - PIX or Whatever [7:36677] Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36686t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF question [7:36641]
Priority to me seems most useful for specifying which routers should never be dr/bdr, most people would never want a 25xx to be dr. Bri On Wed, 27 Feb 2002, Scott H. wrote: Always know multiple ways to do things. Priority overrides RID. cclark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... In determining DR and BDR, OSPF will use the priority and the Router ID. I can change the Router ID by creating a loopback with a higher ID (IP address right?). Why would I do this? Why would I not just change the priority of the router in question? If I want a specific router to be the DR, why not set it with a priority of 1 and set all the other routers to something like 5? TIA. cc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36688t=36641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Justin- Don't do it in MS Word... do it in Notepad. Otherwise, the new .doc file will have extra stuff invisibly inserted that the router won't like. At least that's my understanding of it I've not actually done such myself. HTH, Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Dutton Sent: Wednesday, February 27, 2002 11:30 AM To: [EMAIL PROTECTED] Subject: Copying RAM to a text file [7:36671] Alright lets say for example that when you copy your running-config to a tftp server it shows the file type as file (meaning no extension) but if you rename the file with a .doc extension it shows all of the text within the show run commmand just as it would if you copied and pasted your running-config from a hyperterminal session and pasted it into a word doc. I copied a running-config from a router and pasted it into a word doc so I could edit to to meet the specs I'll need for another router. That being said, if I take off the .doc extension which will make the file a file type could I then copy this file from a tftp server to the new router? This is something I'll have to get set up tommorow and I am just looking at what might be the quickest way to get the new router up. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36689t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Design - PIX or Whatever [7:36677]
That is un friggingbelievable, I give my social to my bank and other parties I have a financial arrangement with, thats it. There must be a better way using keys, a challenge response or something like that. Bri On Wed, 27 Feb 2002, Chuck wrote: don't even get me started on this. I work for an organization that uses employee SSN numbers for validation purposes in a lot of instances. So when I call the Help Desk to complain about e-mail ( an ongoing problem ) I am asked to provide my SSN to the folks there. In these days of rampant and easy identity theft, how smart is it to allow access to a large database of valid SSN's to practically everyone who asks? HIPAA??? isn't that on hold for review? You know, I was reading through one of the drafts and I thought I saw something that floored me - the regulators were stating that multiplexed links such as frame relay and ATM were considered unsecure because different organizations were sharing circuits. The implication was that healthcare organizations would have to move to point to point technologies - most of which end up passing through ATM backbones anyway. Sheesh. Longer term I believe that security solutions will involve end to end encryption - server to host, on the LAN as well as the WAN, in addition to what is already done on VPN's. I always liked the HIPAA provision about management responsibility and management fines and jail time for failure to comply. Wish that were so in a lot of other industries where I have worked. ;- Chuck William Gragido wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The only difference is that those organizations (physicians as well), will held accountable for violation of HIPPA and face fines and potentially jail time :-( -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: RE: Security Design - PIX or Whatever [7:36677] Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36690t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to get the activation key for my clone Pix [7:36687]
hmm as far as I know the S/N is dependent on the special S/N written in block of BIOS (onboard flash) of the intel motherboard. That number is compared with the key during the boot They used http://www.VxWorks.com as a platform for Cache Engines, LD and perhaps for pix also For instance, for CE, bootstrap is checking the MB serial and also HDD rom versions... if they are not valid (made for cisco) then software is not loaded greetz alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Athony Jones Sent: Tuesday, February 26, 2002 9:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to get the activation key for my clone Pix? Hi Everyone, After struggling for the past two days, I have successfully cloned a Pix firewall by using my PC. I plug the 16MB flash card into the PC's ISA slot and the PC recognize that it is a Pix flash card (cost me $400.00). It boots up fine and everything seems to be in order. However, after the boot up sequence, it asks me for the activation key. I've been trying many different possible scenarios without much success. I even tried to use the activation key from another Pix firewall but that doesn't work either. Anybody know how I can fake my clone Pix with a fake activation key? By the way,I am running Pix OS code version 6.1(2). I even tried 5.3(1), 5.3(2), 6.0(1) and 6.1(1) and one of them works. By the way, the PC has 128MB of RAM and a 16Mb Flash ISA card. I tried to clone a Pix520. Please help. Jason __ Do You Yahoo!? Yahoo! Greetings - Send FREE e-cards for every occasion! http://greetings.yahoo.com __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36687t=36687 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning tree Protocol Questions [7:36559]
Priscilla, In the attachment (Cisco CCNA Exam Guide #640-507 Certification Guide: ISBN 0-7357-0971-8), page 167 - 168, the authors seem to indicate that CBPDUs are sent from blocked ports! The ability for CBPDUs to be sent out of blocked port seems to a determinant factor for the Spanning Tree to be recomputed after a topology change Here is a word by word copy of the passage. The part I have problem about is the one with (!!) Thanks! Pierre-Alex --(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4 (e0)---(e1)Bridge 3 (e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0) Cost advertised by B2 is 100 Cost advertised by B3 is 200 Cost advertised by B5 is 10 Blocked port: Bridge 3, port e1 Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires. The other bridges are still receiving CBPDUs on their root ports. After MaxAge expires, Bridge 4 will decide the following: Step 1 My E1 port is no longer my root port Step 2 The same root bridge is being advertised in a CBPDU on my E0 port (!) Step 3 No other CBPDUs are being received Step 4 My best path (and the only path, in this case) to the root is out of my E0 port; therefore, my root port is now E0.) Step 5 Because no other CBPDUs are entering my E1 port, I must be the designated bridge on that segment. So, I will start sending CBPDUs on E1, addming my E0 port cost (10) to the cost of the CBPDU received in the CBPDU entering E0 (200) for a total of 210 (!!) Kind Regards, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36691t=36559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Thanks for reminding me Mark. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36692t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Design - PIX or Whatever [7:36677]
Chuck, I work in a health organisation and we are considering implementing some security measures to meet HIPAA standard. Could you please give me the URL where you read about the regulators on Frame-relay and ATM. I had read sometime ago that no particular solution will fit all scenarios-each architecture will lend itself to the most appropriate solution that will secure patient information. Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36693t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Design - PIX or Whatever [7:36677]
The standards are constantly being revised. Reality is, however, that for those involved in any facit of the medical/healthcare industry there is no escaping it. Bad practices or negligence will only result in the additional issues (both financial and otherwise), for failure to comply. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chuck Sent: Wednesday, February 27, 2002 1:20 PM To: [EMAIL PROTECTED] Subject: Re: Security Design - PIX or Whatever [7:36677] don't even get me started on this. I work for an organization that uses employee SSN numbers for validation purposes in a lot of instances. So when I call the Help Desk to complain about e-mail ( an ongoing problem ) I am asked to provide my SSN to the folks there. In these days of rampant and easy identity theft, how smart is it to allow access to a large database of valid SSN's to practically everyone who asks? HIPAA??? isn't that on hold for review? You know, I was reading through one of the drafts and I thought I saw something that floored me - the regulators were stating that multiplexed links such as frame relay and ATM were considered unsecure because different organizations were sharing circuits. The implication was that healthcare organizations would have to move to point to point technologies - most of which end up passing through ATM backbones anyway. Sheesh. Longer term I believe that security solutions will involve end to end encryption - server to host, on the LAN as well as the WAN, in addition to what is already done on VPN's. I always liked the HIPAA provision about management responsibility and management fines and jail time for failure to comply. Wish that were so in a lot of other industries where I have worked. ;- Chuck William Gragido wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The only difference is that those organizations (physicians as well), will held accountable for violation of HIPPA and face fines and potentially jail time :-( -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: RE: Security Design - PIX or Whatever [7:36677] Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36695t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Serial interface problem [7:36696]
Hello all: I have two Cisco 4000-M routers in my home lab with two serial ports on each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is connected to S1 on Router 2. The problem is that the S1 to S1 link comes up and stays up. The S0 to S0 link comes up but goes down in a few seconds. It keeps going up and down in this way repeatedly. Could someone please shed some light? The routers are connected using DCE to DTE cross connect cables. The DCE ends of both connections are on Router 2 and it providing clocking at 56000 bits per second. Encapsulation is HDLC although I have tried PPP with the same problem. I have also tried changing the default keepalive settings on both end on the S0 to SO link. The IOS is 12.1(12) on both. I have tried 12.1(10) with the same results. I have also tried changing the end where the clocking is provided with no success. I have switched cables and serial interface modules but the problem remains. Config on Router 1: interface Serial0 ip address 1.1.1.1 255.255.255.0 ! interface Serial1 ip address 2.2.2.1 255.255.255.0 ! Log entries on Router 1: Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down SH IP INTERFACE BRIEF on Router 1: Interface IP-Address OK? Method Status Protocol Serial01.1.1.1 YES NVRAM up down Serial12.2.2.1 YES NVRAM up up R1#sh control serial 0 MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1 idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300 IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1 buffer size 1524 DTE V.35 serial cable attached DEBUG SERIAL INTERFACE on Router 1 Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:26:40: MK5(0): New serial state = 0xA104 Feb 25 18:26:40: MK5(0): DCD is up. Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, yourseen 16, line up Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:26:50: MK5(0): New serial state = 0x8104 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Reset Feb 25 18:26:50: MK5(0): Asserting DTR Feb 25 18:26:50: MK5(0): Deasserting LTST Feb 25 18:26:50: MK5(0): New serial state = 0xA105 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, yourseen 17, line up Feb 25 18:26:56: MK5(0): New serial state = 0xA124 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:26:56: MK5(0): New serial state = 0xA13C Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA134 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA114 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA104 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): New serial state = 0xA104 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Reset Feb 25 18:27:00: MK5(0): Asserting DTR Feb 25 18:27:00: MK5(0): Deasserting LTST Feb 25 18:27:00: MK5(0): New serial state = 0xA105 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, yourseen 18, line down Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Config on router 2: interface Serial0 ip address 1.1.1.2 255.255.255.0 clockrate 56000 ! interface Serial1 ip address 2.2.2.2 255.255.255.0 clockrate 56000 Log entries on Router 2: None SH IP INTERFACE BRIEF on Router 2: R2#sh ip int brief Interface IP-Address OK? Method Status Protocol Serial01.1.1.2 YES NVRAM up down Serial12.2.2.2 YES NVRAM up up R2#sh controller s 0 MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1 idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300 IB at 0x6006E64: mode=0x0108, local_addr=0, remote_addr=0 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1 buffer size 1524 DCE V.35 serial cable attached, clockrate 56000 DEBUG SERIAL INTERFACE on Router 2: Feb 25 18:30:25: Serial0: HDLC myseq 38, mineseen 0, yourseen 0, line down .Feb 25 18:30:26: Serial0: attempting to restart .Feb 25 18:30:26: MK5(0): Deasserting DSR .Feb 25 18:30:26: MK5(0): Deasserting DSR .Feb 25 18:30:26: MK5(0): Reset .Feb 25 18:30:26: MK5(0): Asserting DSR .Feb 25 18:30:26: MK5(0): Deasserting LTST .Feb 25
Testing my video conference equipement [7:36697]
Does anyone out there have a PolyCom Video conference device availble on the Internet? I would like to conduct a test as soon as possible. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36697t=36697 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial interface problem [7:36696]
Perhaps the cable is bad. -- RFC 1149 Compliant. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello all: I have two Cisco 4000-M routers in my home lab with two serial ports on each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is connected to S1 on Router 2. The problem is that the S1 to S1 link comes up and stays up. The S0 to S0 link comes up but goes down in a few seconds. It keeps going up and down in this way repeatedly. Could someone please shed some light? The routers are connected using DCE to DTE cross connect cables. The DCE ends of both connections are on Router 2 and it providing clocking at 56000 bits per second. Encapsulation is HDLC although I have tried PPP with the same problem. I have also tried changing the default keepalive settings on both end on the S0 to SO link. The IOS is 12.1(12) on both. I have tried 12.1(10) with the same results. I have also tried changing the end where the clocking is provided with no success. I have switched cables and serial interface modules but the problem remains. Config on Router 1: interface Serial0 ip address 1.1.1.1 255.255.255.0 ! interface Serial1 ip address 2.2.2.1 255.255.255.0 ! Log entries on Router 1: Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down SH IP INTERFACE BRIEF on Router 1: Interface IP-Address OK? Method Status Protocol Serial01.1.1.1 YES NVRAM up down Serial12.2.2.1 YES NVRAM up up R1#sh control serial 0 MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1 idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300 IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1 buffer size 1524 DTE V.35 serial cable attached DEBUG SERIAL INTERFACE on Router 1 Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:26:40: MK5(0): New serial state = 0xA104 Feb 25 18:26:40: MK5(0): DCD is up. Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, yourseen 16, line up Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:26:50: MK5(0): New serial state = 0x8104 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Reset Feb 25 18:26:50: MK5(0): Asserting DTR Feb 25 18:26:50: MK5(0): Deasserting LTST Feb 25 18:26:50: MK5(0): New serial state = 0xA105 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, yourseen 17, line up Feb 25 18:26:56: MK5(0): New serial state = 0xA124 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:26:56: MK5(0): New serial state = 0xA13C Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA134 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA114 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA104 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): New serial state = 0xA104 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Reset Feb 25 18:27:00: MK5(0): Asserting DTR Feb 25 18:27:00: MK5(0): Deasserting LTST Feb 25 18:27:00: MK5(0): New serial state = 0xA105 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, yourseen 18, line down Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Config on router 2: interface Serial0 ip address 1.1.1.2 255.255.255.0 clockrate 56000 ! interface Serial1 ip address 2.2.2.2 255.255.255.0 clockrate 56000 Log entries on Router 2: None SH IP INTERFACE BRIEF on Router 2: R2#sh ip int brief Interface IP-Address OK? Method Status Protocol Serial01.1.1.2 YES NVRAM up down Serial12.2.2.2 YES NVRAM up up R2#sh controller s 0 MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1 idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300 IB at 0x6006E64: mode=0x0108, local_addr=0, remote_addr=0 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1 buffer size 1524 DCE V.35 serial cable attached, clockrate 56000 DEBUG SERIAL INTERFACE on Router 2: Feb 25 18:30:25: Serial0: HDLC myseq 38, mineseen 0, yourseen 0, line down .Feb 25 18:30:26: Serial0: attempting to restart .Feb 25
Re: MPLS in CCIE [7:36682]
For routing and switching - none. Is it me or is the RS track getting outdated? It seems to cover technologies that, although are useful, not as current. -- RFC 1149 Compliant. Persio Pucci wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How much of MPLS (if some at all) is covered in the CCIE exams? tks! Persio Pucci - CCNP UOL Inc. - Tecnologia [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36699t=36682 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning tree Protocol Questions [7:36559]
When you have an opportunity to read Clark and Hamilton the explanation will fit. A blocked port is not physically cut. Data traffic is blocked while BPDUs are allowed. Else, how would it know that a change in topology has taken place? Step 2. Yes, all along bridge 4 has been receiving CBPDUs on both ports. Since e1 had the lower root path cost, it became the root port. There is no need to forward the CBPDUs it receives on e0 out e1 because it has already determined that a lower cost path exists out e1. Once the e1 link fails bridge 4 already knows that it has another path to the root bridge via bridge 3. Step 5. Logically follows. It takes the CBPDUs that it has always been recieving on e0 and now forwards it out e1. It has no clue why it no longer receives CBPDUs on e1. Now think about what happens when bridge 5 e1 becomes functional again. -Original Message- From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 1:46 PM To: [EMAIL PROTECTED] Subject: Re: Spanning tree Protocol Questions [7:36559] Priscilla, In the attachment (Cisco CCNA Exam Guide #640-507 Certification Guide: ISBN 0-7357-0971-8), page 167 - 168, the authors seem to indicate that CBPDUs are sent from blocked ports! The ability for CBPDUs to be sent out of blocked port seems to a determinant factor for the Spanning Tree to be recomputed after a topology change Here is a word by word copy of the passage. The part I have problem about is the one with (!!) Thanks! Pierre-Alex --(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4 (e0)---(e1)Bridge 3 (e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0) Cost advertised by B2 is 100 Cost advertised by B3 is 200 Cost advertised by B5 is 10 Blocked port: Bridge 3, port e1 Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires. The other bridges are still receiving CBPDUs on their root ports. After MaxAge expires, Bridge 4 will decide the following: Step 1 My E1 port is no longer my root port Step 2 The same root bridge is being advertised in a CBPDU on my E0 port (!) Step 3 No other CBPDUs are being received Step 4 My best path (and the only path, in this case) to the root is out of my E0 port; therefore, my root port is now E0.) Step 5 Because no other CBPDUs are entering my E1 port, I must be the designated bridge on that segment. So, I will start sending CBPDUs on E1, addming my E0 port cost (10) to the cost of the CBPDU received in the CBPDU entering E0 (200) for a total of 210 (!!) Kind Regards, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36700t=36559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Design - PIX or Whatever [7:36677]
Your employer already has your SSN. But yes, there are better ways of using challanges and secret keys, or what ever. -- RFC 1149 Compliant. Brian wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That is un friggingbelievable, I give my social to my bank and other parties I have a financial arrangement with, thats it. There must be a better way using keys, a challenge response or something like that. Bri On Wed, 27 Feb 2002, Chuck wrote: don't even get me started on this. I work for an organization that uses employee SSN numbers for validation purposes in a lot of instances. So when I call the Help Desk to complain about e-mail ( an ongoing problem ) I am asked to provide my SSN to the folks there. In these days of rampant and easy identity theft, how smart is it to allow access to a large database of valid SSN's to practically everyone who asks? HIPAA??? isn't that on hold for review? You know, I was reading through one of the drafts and I thought I saw something that floored me - the regulators were stating that multiplexed links such as frame relay and ATM were considered unsecure because different organizations were sharing circuits. The implication was that healthcare organizations would have to move to point to point technologies - most of which end up passing through ATM backbones anyway. Sheesh. Longer term I believe that security solutions will involve end to end encryption - server to host, on the LAN as well as the WAN, in addition to what is already done on VPN's. I always liked the HIPAA provision about management responsibility and management fines and jail time for failure to comply. Wish that were so in a lot of other industries where I have worked. ;- Chuck William Gragido wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The only difference is that those organizations (physicians as well), will held accountable for violation of HIPPA and face fines and potentially jail time :-( -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:30 PM To: [EMAIL PROTECTED] Subject: RE: Security Design - PIX or Whatever [7:36677] Lets not forget politcal concerns when trying do a reasonable level of security. I worked a healthcare provider and boy, you should have heard the Docs squawk about passwords and pin codes for access to the primary LAN/WAN... to the point that admin overruled the IS dept and special *permission* not to use the security procedures... happens every day.. MikeS ' Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36701t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Serial interface problem [7:36696]
This seems to be an exact repost of an earlier message. Several folks offered troubleshooting suggestions to you. What were the results of your tests? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 2:03 PM To: [EMAIL PROTECTED] Subject: Serial interface problem [7:36696] Hello all: I have two Cisco 4000-M routers in my home lab with two serial ports on each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is connected to S1 on Router 2. The problem is that the S1 to S1 link comes up and stays up. The S0 to S0 link comes up but goes down in a few seconds. It keeps going up and down in this way repeatedly. Could someone please shed some light? The routers are connected using DCE to DTE cross connect cables. The DCE ends of both connections are on Router 2 and it providing clocking at 56000 bits per second. Encapsulation is HDLC although I have tried PPP with the same problem. I have also tried changing the default keepalive settings on both end on the S0 to SO link. The IOS is 12.1(12) on both. I have tried 12.1(10) with the same results. I have also tried changing the end where the clocking is provided with no success. I have switched cables and serial interface modules but the problem remains. Config on Router 1: interface Serial0 ip address 1.1.1.1 255.255.255.0 ! interface Serial1 ip address 2.2.2.1 255.255.255.0 ! Log entries on Router 1: Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down SH IP INTERFACE BRIEF on Router 1: Interface IP-Address OK? Method Status Protocol Serial01.1.1.1 YES NVRAM up down Serial12.2.2.1 YES NVRAM up up R1#sh control serial 0 MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1 idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300 IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1 buffer size 1524 DTE V.35 serial cable attached DEBUG SERIAL INTERFACE on Router 1 Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Feb 25 18:26:40: MK5(0): New serial state = 0xA104 Feb 25 18:26:40: MK5(0): DCD is up. Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, yourseen 16, line up Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Feb 25 18:26:50: MK5(0): New serial state = 0x8104 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Deasserting DTR Feb 25 18:26:50: MK5(0): Reset Feb 25 18:26:50: MK5(0): Asserting DTR Feb 25 18:26:50: MK5(0): Deasserting LTST Feb 25 18:26:50: MK5(0): New serial state = 0xA105 Feb 25 18:26:50: MK5(0): DCD is up. Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, yourseen 17, line up Feb 25 18:26:56: MK5(0): New serial state = 0xA124 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:26:56: MK5(0): New serial state = 0xA13C Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA134 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA114 Feb 25 18:26:56: MK5(0): DCD is down. Feb 25 18:26:56: MK5(0): New serial state = 0xA104 Feb 25 18:26:56: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): New serial state = 0xA104 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Deasserting DTR Feb 25 18:27:00: MK5(0): Reset Feb 25 18:27:00: MK5(0): Asserting DTR Feb 25 18:27:00: MK5(0): Deasserting LTST Feb 25 18:27:00: MK5(0): New serial state = 0xA105 Feb 25 18:27:00: MK5(0): DCD is up. Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, yourseen 18, line down Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down Config on router 2: interface Serial0 ip address 1.1.1.2 255.255.255.0 clockrate 56000 ! interface Serial1 ip address 2.2.2.2 255.255.255.0 clockrate 56000 Log entries on Router 2: None SH IP INTERFACE BRIEF on Router 2: R2#sh ip int brief Interface IP-Address OK? Method Status Protocol Serial01.1.1.2 YES NVRAM up down Serial12.2.2.2 YES NVRAM up up R2#sh controller s 0 MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1 idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300 IB at 0x6006E64: mode=0x0108,
Re: OSPF question [7:36641]
You can have a better numbering/identificaton process if you use loopback numbers, rather than some arbitraty IP. -- RFC 1149 Compliant. cclark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... In determining DR and BDR, OSPF will use the priority and the Router ID. I can change the Router ID by creating a loopback with a higher ID (IP address right?). Why would I do this? Why would I not just change the priority of the router in question? If I want a specific router to be the DR, why not set it with a priority of 1 and set all the other routers to something like 5? TIA. cc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36703t=36641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Remote Sites and Disaster Recovery Site [7:36704]
We have a bunch (say 25) of remote sites connected to our primary data center through point-to-point circuits ranging from 56k to T1s. We are planning to replace these circuits with VPN connection and use ISDN as a backup. My question is what is the best solution that will fit in this scenario and be able to reconnect these sites to a DR (Disaster recovery site) in the event of disaster. DR site is to be built with links to the primary data center. Bear in mind that this is a health organisation (non-profit) Money is tight, we are barely making the operational budget. Need a solution that is cheap and will meet our needs. Hints-- we are considering 1.) point-to-point for both primary and backup 2.) VPN and 3.) Frame-relay. Any help will be appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36704t=36704 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco components [7:36705]
Howdy folks, Will the following DRAM work in the 2501 and 2514s? http://www.crucial.com/store/listparts.asp?Mfr%2BProductline=Cisco%2BRoutersmod el=2500+Series+Router+%28DRAM%29x=9y=13 Also, what kind of serial cables do you need to run from the serial port of the 2501 to a 2514? I am looking for the cable type and pinout. Thanks for any info, Ryan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36705t=36705 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Grade to get CCDA [7:36636]
Yeah Mario What the hell were you thinking? You'd better go study your ass off for a couple months nonstop and not worry about your what score you need. This ain't a game. No ones playin around over here. How dare you ask such a question? We spend 18 hours day studying this stuff, do you think we care what passing scores we need? Our hands, eyes, and minds are weary from all the studying and practice. I've got a bum leg from dropping a 4700 on my big toe, I wobble around like a drunk penguin because of it. And you expect to tell you what the passing score for a Cisco exam on a Cisco certification newsgroup? NEVER ps. passing score is 755/1000 J-B wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks Tim Medley, well put Mario, you should really concentrate on learning the technology, be able to understand how it can be utilized in many different situations and when you take the test, you don't have to think about the passing grades. My two cents. JB, MCSE, CCNA, CCNP, CCDA, CCDP.One day CCIE(it looks like an eternity..just a joke). Tim Medley wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All Cisco exams are Pass or Fail exams. It's that simple, if you know the material that is covered on the exam then you will Pass; if you do not know the material then you will Fail. Your focus should not be how you can skim by and just barely pass the exam. If you don't really know the concepts and technologies and just cram so that you pass the exam, what good is the certification then? Just because you have a certification doesn't mean that someone is going to hire you and throw money at you. Employers look at certifications as a base line, a ccda should know xyz concepts and know how to accomplish xyz tasks. If you can't perform at the baseline level you're not going to be around at that job long or you may not even get hired. With the way the Tech job market is these days, you need to be able to differentiate yourself from your peers. Paper Certs are not a way to do this. Please stop asking for minimum scores to pass or the number of questions on an exam. Review the exam outlines and blueprints on CCO and learn the concepts and technologies. Most everyone here in this forum is here to share knowledge and learn from each other. If you don't understand a concept or technology, post a question about it you'll receive plenty of help. Tim Medley - CCNP+Voice, CCDP Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rodrigues, Mario Sent: Wednesday, February 27, 2002 9:29 AM To: [EMAIL PROTECTED] Subject: Grade to get CCDA [7:36636] Hi Folks, I would like to know how is the grade to get CCDA. Regards, Mario A. Rodrigues Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36706t=36636 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Hi Jeff, Yes you can copy any file the TFTP server does not care what extension a file has as long as its a valid file name, The only thaing on a Cisco that would mind is the IOS that expects certain files to have no extensions or a .bin, .html, so on... (the web side stuff is more for switches, or thats what I have seen/found) I hope this answers the question.# All the best, Jon aka Yeti-GBR1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36707t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Copying RAM to a text file [7:36671]
Oh yeah I forgot to say that all the config files like startup/running are ASCI-II ones so as mark said use notepad or another ASCI-II editor to be safe. Jon the Loony Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36709t=36671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN Client 3.x to IOS VPN [7:36708]
IOS just started to support the VPN Client 3.x (as apposed to the older secure client that only supports 95/NT) with ver 12.2.7T. I have not been able to find any information about it published on Cisco's public web site yet. Any idea who might be working on the bleeding edge of IOS VPNs that might know more about this? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36708t=36708 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco and HP Procurve [7:36711]
We are supplying an Internet Access link to a client that requires 2 seperate dot1q vlans setup on the router. The router is setup with these sub-interfaces and the proper encapsulation. Has anybody used an HP Procurve 4000 and created trunks that pass the proper dot1q vlans to the router? The customer is way in over their head and we have never used HP switching gear. If not an answer than a link pertaining to trunking for the HP product would be greatly appreciated. Thanks Chris Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36711t=36711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Design - PIX or Whatever [7:36677]
There is a reasonableness component built into HIPAA. There was some rumors about frame relay, amongst other things. Here is a link: http://aspe.os.dhhs.gov/admnsimp/nprm/sec09.htm Would frame relay be considered open? It sounds like encryption would be optional. -Original Message- From: Victor Alegun [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 2:49 PM To: [EMAIL PROTECTED] Subject: Re: Security Design - PIX or Whatever [7:36677] Chuck, I work in a health organisation and we are considering implementing some security measures to meet HIPAA standard. Could you please give me the URL where you read about the regulators on Frame-relay and ATM. I had read sometime ago that no particular solution will fit all scenarios-each architecture will lend itself to the most appropriate solution that will secure patient information. Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36712t=36677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Sample Rate [7:36566]
You are right, John. With digital telephony, the analog speech signal is filtered before sampling. High and low frequency components are removed. I think it was just a tradeoff. We don't expect the human voice to sound that great over the phone anyway, and by filtering we can reduce bandwidth requirements. In fact, the human voice doesn't sound too great over the phone. We've just gotten used to it. Music on hold over the phone sounds pretty bad. Priscilla At 10:25 PM 2/26/02, John Neiberger wrote: This is OT, but the upper limit of human hearing is actually around 20KHz at best and usually drops to around 16KHz or so. If your upper limit starts to drop below that you'll start to notice that it's difficult to hear clearly. (Sorry, in my other life I'm a sound engineer and musician.) I've heard that the 4KHz limit is because there is a low-pass filter used for voice. I can't remember the exact reason, but that information plugged into the Nyquist theorem explains--as Priscilla mentions--why a DS0 is 64Kbps. Okay, time to do some serious studying once I'm through being lazy and drinking this coffee... John On Tue, 26 Feb 2002, Priscilla Oppenheimer ([EMAIL PROTECTED]) wrote: At 08:06 PM 2/26/02, Rafay wrote: How do you describe Sample Rate.? In what context? The term is sometimes used when describing the analog to digital process, for example when digitizing voice. Voice produces an analog wave as your lungs and tongue press against the air. An analog wave has infinite possible values. Computers can't deal with infinity. They work with discreet numbers. The solution is to sample the analog voice many times per second. Sampling means to take a snapshot. The sample rate is how often the analog wave is sampled. Nyquist showed that you have to sample at twice the rate of the highest frequency that may occur in the original data. Most humans don't output (and can't hear) anything about 4 KHz. So sample 8,000 times per second (8Khz) and the result will be good enough. When using a sample rate of 8,000 KHz, if each sample is saved in an 8-bit byte, the resulting data rate is 64 Kbps. That's one DS0. Compression allows us to use a smaller data rate, with some loss in fidelity. Priscilla Priscilla Oppenheimer http://www.priscilla.com [EMAIL PROTECTED] Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36713t=36566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MPLS in CCIE [7:36682]
Steven, I don't know if it is outdated or not. I still have customers running Vines, DecNet, IPX and AppleTalk. Of course chaos, apollo and pup I haven't seen recently in the real world. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com - Original Message - From: Steven A. Ridder To: Sent: Wednesday, February 27, 2002 3:51 PM Subject: Re: MPLS in CCIE [7:36682] For routing and switching - none. Is it me or is the RS track getting outdated? It seems to cover technologies that, although are useful, not as current. -- RFC 1149 Compliant. Persio Pucci wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How much of MPLS (if some at all) is covered in the CCIE exams? tks! Persio Pucci - CCNP UOL Inc. - Tecnologia [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36714t=36682 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Sample Rate [7:36566]
Female opera singers probably hate it when people ask them to sing over the phone!? OK, have we distracted you enough, John? ;-) Seriously, I think this was a great discussion. Thanks to everyone who contributed. Priscilla At 10:58 AM 2/27/02, David L. Blair wrote: John Neiberger wrote: What I'm trying to find out is why the original 4KHz limit on voice calls was put into place. It sounds like it was simply an arbitrary decision. 4KHz is sufficient for a telephone call and to provide clear calls that included higher frequencies might have added some technical complexities, perhaps. They also added a high-pass filter around 400Hz since most telephones can't reproduce low frequencies well and it also filters out some harmonics of 50-60Hz hum that might show up from time to time. That is concrete reason for including a high-pass filter and I wondered if there was a concrete technical reason for including the 4KHz low-pass filter. From the sounds of it there really isn't a technical issue, 4K is just a nice round number. :-) I used three sources to answer John's query: Voice over IP Fundamentals, Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data Networks. These are great books for anyone wanting to know more about voice technologies. Interesting Facts and Ideas I came across: 1) Human hearing is in the range of 200 Hz to 20,000 Hz 2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the information comes from the middle frequencies. According to Nyquist, Human voice contains sounds that are more often Middle-pitched frequencies than either High or Low pitched frequencies. 3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk. 4) During the Analog to Digital conversion voice samples are put though a process called Quantization. Quantization is the process of rounding sampled values to the nearest predefined discreet value. Pulse Code Modulation (PCM) is a Quantization process. PCM is also used to achieve 12 to 13 bits of voice information in 8 bit words. Two commonly used PCM's are: mu-law (North America), and a-law (Europe). What you hear is not someone's voice, but a representation of their voice. 5) Noise is a major issue when talking about voice quality. Noise is constant problem for Analog signals. What is signal and what is Noise? When a Analog signal is amplified so is the Noise, which in turn makes the quality of Analog calls worst as the distance increases. Digital Calls are less suitable to Noise than Analog calls. 6) Delay is a major issue when talking about conversation flow for two reasons: 1) For a conversation to flow normally, the delay is receiving the voice information must be less than 250ms. When the delay is more than 250ms, the human receiving the voice message will start to talk thinking the human sending the voice message is at a breaking point in the conversation, i.e.. both people are talking at the same time similar to a collision in Ethernet. Delay is also important in how the voice packets are filled during the Analog to Digital conversion. That is why ATM (ATM cell is 53 octets, 5 octets are header and 48 octets are payload) is a good method for transporting voice packets because the delay to fill the payload section is smaller than with other cell/packet types. Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature; 3,500 Hz or 5,000 Hz would work also. It is a nice round number to work with. Simplies any math work. Middle frequencies carry the bulk of the information and Human speech upper limit is 10,000 Hz amd 4,000 is near the middle. The low filter is also to reduce the frequencies that carry less information. Hope this helps. Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36715t=36566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Spanning tree Protocol Questions [7:36559]
So a blocked port can receive AND send BPDUs Correct? Pierre-Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Daniel Cotts Sent: Wednesday, February 27, 2002 2:54 PM To: [EMAIL PROTECTED] Subject: RE: Spanning tree Protocol Questions [7:36559] When you have an opportunity to read Clark and Hamilton the explanation will fit. A blocked port is not physically cut. Data traffic is blocked while BPDUs are allowed. Else, how would it know that a change in topology has taken place? Step 2. Yes, all along bridge 4 has been receiving CBPDUs on both ports. Since e1 had the lower root path cost, it became the root port. There is no need to forward the CBPDUs it receives on e0 out e1 because it has already determined that a lower cost path exists out e1. Once the e1 link fails bridge 4 already knows that it has another path to the root bridge via bridge 3. Step 5. Logically follows. It takes the CBPDUs that it has always been recieving on e0 and now forwards it out e1. It has no clue why it no longer receives CBPDUs on e1. Now think about what happens when bridge 5 e1 becomes functional again. -Original Message- From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 1:46 PM To: [EMAIL PROTECTED] Subject: Re: Spanning tree Protocol Questions [7:36559] Priscilla, In the attachment (Cisco CCNA Exam Guide #640-507 Certification Guide: ISBN 0-7357-0971-8), page 167 - 168, the authors seem to indicate that CBPDUs are sent from blocked ports! The ability for CBPDUs to be sent out of blocked port seems to a determinant factor for the Spanning Tree to be recomputed after a topology change Here is a word by word copy of the passage. The part I have problem about is the one with (!!) Thanks! Pierre-Alex --(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4 (e0)---(e1)Bridge 3 (e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0) Cost advertised by B2 is 100 Cost advertised by B3 is 200 Cost advertised by B5 is 10 Blocked port: Bridge 3, port e1 Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires. The other bridges are still receiving CBPDUs on their root ports. After MaxAge expires, Bridge 4 will decide the following: Step 1 My E1 port is no longer my root port Step 2 The same root bridge is being advertised in a CBPDU on my E0 port (!) Step 3 No other CBPDUs are being received Step 4 My best path (and the only path, in this case) to the root is out of my E0 port; therefore, my root port is now E0.) Step 5 Because no other CBPDUs are entering my E1 port, I must be the designated bridge on that segment. So, I will start sending CBPDUs on E1, addming my E0 port cost (10) to the cost of the CBPDU received in the CBPDU entering E0 (200) for a total of 210 (!!) Kind Regards, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36716t=36559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]