RE: FW: Spanning tree Protocols Questions [7:36565]

[Good Jim]

Hi,  Hope this helps,

Q1: Your statement is correct. A port must still listen to BPDUs in order to
detect topology changes.

Q2: According to Cisco books, blocked, listening, learning, and forwarding
are valid STP stages.  I haven't seen a book not list blocking.  If you have
one handy, let me know.

Q3: I interpret BPDUs as a generic term to represent Topology and
Configuration BPDUs.

Jim


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36615t=36565
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TWO ISP AND ONE FAILURE [7:36371]

[Geoffrey Cauchi]

Hi

I tried some time ago to find an IOS with BGP feature, but to no avail.  I
couldn't find an IOS for the 1000 series which supports BGP.  If you find
one, let me know.

Geoff


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hire, Ejay
Sent: 26 February 2002 15:35
To: [EMAIL PROTECTED]
Subject: RE: TWO ISP AND ONE FAILURE [7:36371]


You'll have to coordinate with your ISP's if you want to run BGP.  To enable
the feature on the 1000's, you have to upgrade to an IP Plus IOS.

-Ejay

-Original Message-
From: Yassel Omar Izquierdo Souchay [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 26, 2002 12:13 AM
To: [EMAIL PROTECTED]
Subject: Re: TWO ISP AND ONE FAILURE [7:36371]


Hey guys
The toplogy is this:
ISP (65)(ISP 169)
[R1] [R2]
||
||
\--/
   |
   [HOST]
IP:169...
IP: 65.
The server have two IPs

And i thnik tha with BGP i got the solution but is the combitanion of both
protocol HSRP and BGP.
So i'm goig to telle you something more intersting. The router are Ciscos
1000 series so coulden't find  the way to configure the BGP, becasue it say
that don't know BGP protocol.

Thanx  a lot to all of the member of this list interested in help.

Sincerily
Yassel




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36616t=36371
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

...ISP MANAGEMENT APPLICATION (IP address space etc...) [7:36617]

[[EMAIL PROTECTED]]

Hallo,

Question especialy for ISP's :

I am interested in an application with which I can manage 
the ISP customers, network devices, IP address space, and 
implement service level groups.

Exp:
1. for a site (device): location info, interfaces info 
(like addresses), other info
2. for a customer: details(location,contacts), interfaces 
info (IP), other info
3. service level groups: group customers based on different 
criteria (like VPN between them)
4. management of IP address space: group IP classes  based 
on location criteria (like in a tree).

Something to look like EasyIP.

Also multiuser, and with a nonpropietary database behind 
(so to integrate it with other applications).

Maybe it's an utopia-application.

Anyone has any ideea?

Any help very appreciated 

Chris,
mcse, ccna
bla bla 


Vrei sa pleci la munte???  Cum? Simplu!
Inscrie-te acum la http://www.romance.ro si CASTIGA un weekend la munte
pentru tine si perechea ta!
E gratis, si in plus te poti distra de milioane!
---
http://www.click.ro - unul dintre cele mai mari portaluri romanesti,
mail gratuit.
http://www.webmania.ro - FREE hosting.
http://www.funmanaia.ro - bancuri, poze si filme haioase.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36617t=36617
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISP discussion groups/lists [7:36618]

[Constantin Tivig]

Any ideea where I can find a discussion group/list for ISPs ?



Thanks!



Cos




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36618t=36618
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Monitoring Cisco Router through MRTG [7:36598]

[Surya Prakash PV]

Everything. Try a tool called getif to find out the SNMP OID's for ur
device. Do not forget to scan the device using SNMPv2.

Regds


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Ziyad
Sent: Wednesday, February 27, 2002 10:46 AM
To: [EMAIL PROTECTED]
Subject: Monitoring Cisco Router through MRTG [7:36598]


Hi All

Can anyone tell me if I can use MRTG for monitoring CRC errors or
broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU
Utilization ...What are other things in a Ciso Router that can be
meausured through MRTG.

Ziyaad
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36619t=36598
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP problem [7:36396]

[Patrick Donlon]

Mark

thanks for the post, yep both are identical, I've already decoded the error
and it tells me to contact Cisco, which I've done.

Cheers


Mark Odette II  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Pat-
 Question: Are both ends identical in Hardware and/or Software??  More
 importantly, Are both routers running the same version of IOS?  I've seen
 something very similar to this, and it wound up being a compound problem
of
 buggy version of IOS and a mixture of versions from end to end.

 If you can, you might think about rolling back a little on the version of
 IOS, to say, 12.2.1, or something like that but verify it won't break
 some other feature you're depending on first.

 Another wise action would be to go onto CCO and check their BugTraq to see
 if they have any known issues with 12.2.4T.

 Also, here's a tool that might help with the error message: Error message
 Decoder Ring!  It requires CCO access.
 http://www.cisco.com/cgi-bin/Support/Errordecoder/home.pl

 Hope this helps!

 Mark

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Patrick Donlon
 Sent: Monday, February 25, 2002 11:35 AM
 To: [EMAIL PROTECTED]
 Subject: VoIP problem [7:36396]


 Hi all

 I've a problem with a voice router I'm getting DSP timeout errors on the
far
 end (egress) router and I was wondering if anyone has any ideas. See the
 text below for the error, it appears after the call is disconnected with
 normal call clearing, we use E1s. A reboot will make the problem go away
 for a short while and we using 12.2(4)T on a 3640. The call routing is
fine
 and I can make csim calls from the far end router to my local router and
to
 my phone no problem, in the other direction I get DSP timeouts.

 Cheers

 Pat

 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP Disc
 (call mode=0)
 10w5d: %VTSP-3-DSP_TIMEOUT: DSP timeout on event 0x6: DSP ID=0x1: DSP
error
 stats (call mode=1658181684), chnl info(1, 0, 0)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36620t=36396
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Monitoring Cisco Router through MRTG [7:36598]

[Ziyad]

Thanks prakash
Can you please explain how can I find out the SNMP OID's for my cisco router

Also the line Do not forget to scan the device using SNMPv2.??

Ziyaad


 Original Message -
From: Surya Prakash PV 
To: 
Sent: Wednesday, February 27, 2002 3:41 PM
Subject: RE: Monitoring Cisco Router through MRTG [7:36598]


 Everything. Try a tool called getif to find out the SNMP OID's for ur
 device. Do not forget to scan the device using SNMPv2.

 Regds


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Ziyad
 Sent: Wednesday, February 27, 2002 10:46 AM
 To: [EMAIL PROTECTED]
 Subject: Monitoring Cisco Router through MRTG [7:36598]


 Hi All

 Can anyone tell me if I can use MRTG for monitoring CRC errors or
 broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU
 Utilization ...What are other things in a Ciso Router that can be
 meausured through MRTG.

 Ziyaad
 _
 Do You Yahoo!?
 Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36624t=36598
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HELP !! CCIE 2B or NOT? [7:36542]

[Ladrach, Daniel E.]

I was considering the same thing! I have my CCNP and I was
considering the CCIE. However, I have decided to go for my MBA, I start in
the Fall. There are a lot of Cisco people out there, but there won't be a
lot of Cisco and MBA (as an added bonus the MBA never expires). I will
however, probably pursue added Cisco certifications as I am doing my MBA.
Think of it this way. What happens if these certifications turn into the
MCSE?

Daniel Ladrach
CCNA, CCNP
WorldCom


-Original Message-
From: Jerry P. [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 26, 2002 4:01 PM
To: [EMAIL PROTECTED]
Subject: HELP !! CCIE 2B or NOT? [7:36542]


Hi all:

I have a dilemma that I was wondering if I could ask your opinion on
concerning CCIE status.  I am a Network Admin for the cisco lab at a
university.  The racks of equipment in the lab is available to use for any
BGP, VLAN or multicast network possible it seems like.  But I'm at a point
in my life where there's a fork in the road; it looks like the CCIE route or
MBA route and I am leaning towards the MBA with a lower cert like CCNP.  But
with all this equipment and abundance of lab time here, would I be foolish
not to take advantage of this situation?  And suppose I do go for it and
hope that I pass the big one, I'm curious what kinds of jobs are out there
in this industry for someone like myself with 5 years of experience, 1-2
years of it concentrated in IT?  What should I do??


Thanks.

Jerry
CCNA CCDA MCSA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36623t=36542
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP monitoring [7:36625]

[Patrick Donlon]

Hi

I'm after some tips for monitoring a couple of VoIP routers, as there are
only two routers buying tools isn't going to be very cost effective. I've
used the early versions of CVM (which was very funny), we use Cisco Works
2000, but don't have the add on CVM product, and Openview. I'm planning on
automatically re-route calls on failure, but I'd like to know about the
failure so we can react, any ideas or pointers?

Cheers
Pat

--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36625t=36625
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Span port like hub [7:36628]

[Picciani Francesco Saverio]

I need to put two hosts on the same LAN and on the same medium like old coax
LAN.
One host need to listen all the traffic directed to the other.
I have a switch 6509 and I can solve the problem by introducing an hub. The
two hosts connected to the hub and the hub connected to the right VLAN on
the switch.
Can I obtain the same result without the hub and with a span port on the
switch??


Thanks 
Francesco




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36628t=36628
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Sample Rate [7:36566]--long reply [7:36566]

[Howard C. Berkowitz]

All right, John--

A couple of years ago (discreet cough), Cisco gave away copies of books as
promos. One was _IP Telephony_ by Gorlaski and Kolon (McGraw Hill, 2000).
GOOD BOOK. On pp 77-78 is an explanation of the Nyquist rate and voice
sampling:

Well, if it comes from MANY years ago, before even MY time, Nyquist 
started publishing his work in the 1928 Bell System Technical 
Journal. I don't have a copy handy, but, if anyone really cares, I do 
have a copy somewhere of Shannon's 1948 book The Mathematical Theory 
of Communications, itself an extension of a BSTJ article, that I 
think quotes Nyquist.

*sigh* and people around here think one is ancient when one refers to 
a mainframe, or bisync, or analog...


...Thus, if an analog voice signal reaching up to 3400Hz is to be sampled
at the Nyquist rate, the sampling frequency must be at least twice that, or
6800Hz, or samples per second.

Sampling does not have to be done at the Nyquist rate. The Nyquist rate is
a minimal requirement to reproduce the input waveform, but sampling can be
done at rates higher or lower than the Nyquist rate. If sampling takes place
at rates lower than the Nyquist rate, the result is distortion of the
waveform known as (italics) aliasing. Aliasing just means that there is more
than one output waveform that fits the 'connect the dots' pattern of the
samples. There is no aliasing ast the Nyquist rate and above.

They go on to point out that, by sampling at a rate above the Nyquist rate,
you have more than the minimum required information to reliably reconstruct
the voice signal at the destination. This allows you to lose a few samples
in transit (not that such things would ever happen, of course) and still
have only one possible reconstruction. Sampling at 8000Hz means there is a
4000Hz voice bandwidth (overly generous but convenient because 4 is a power
of 2 and that makes it easier to code in a binary system).

And from the 8000 samples/sec, each of which sends 1 8-bit word, we have the
DS0 of 64000 bps (why only 56000 bps may be usable is a separate issue,
having to do with signaling on telephone links).

Nyquist's model refers to PCM encoding, representing any sample in 8 
bits.  Even before we get into compression, there are more 
bandwidth-efficient, standardized encodings, such as ADPCM at 32 Kbps 
or less.


Annlee
John Neiberger  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  This is OT, but the upper limit of human hearing is actually
  around 20KHz at best and usually drops to around 16KHz or so.
  If your upper limit starts to drop below that you'll start to
  notice that it's difficult to hear clearly.  (Sorry, in my
  other life I'm a sound engineer and musician.)

  I've heard that the 4KHz limit is because there is a low-pass
  filter used for voice.  I can't remember the exact reason, but
  that information plugged into the Nyquist theorem explains--as
  Priscilla mentions--why a DS0 is 64Kbps.

  Okay, time to do some serious studying once I'm through being
  lazy and drinking this coffee...

  John

   On Tue, 26 Feb 2002, Priscilla Oppenheimer
  ([EMAIL PROTECTED]) wrote:

   At 08:06 PM 2/26/02, Rafay wrote:
   How do you describe Sample Rate.?
  
   In what context? The term is sometimes used when describing
  the analog
   to
   digital process, for example when digitizing voice. Voice
  produces an
   analog wave as your lungs and tongue press against the air.
  An analog
   wave
   has infinite possible values. Computers can't deal with
  infinity. They
   work
   with discreet numbers. The solution is to sample the analog
  voice many
   times per second. Sampling means to take a snapshot.
  
   The sample rate is how often the analog wave is sampled.
  Nyquist showed
   that you have to sample at twice the rate of the highest
  frequency that
   may
   occur in the original data. Most humans don't output (and
  can't hear)
anything about 4 KHz. So sample 8,000 times per second (8Khz)
  and the
   result will be good enough. When using a sample rate of 8,000
  KHz, if
   each
   sample is saved in an 8-bit byte, the resulting data rate is
  64 Kbps.
   That's one DS0. Compression allows us to use a smaller data
  rate, with
   some
   loss in fidelity.
  
Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36629t=36566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: speaking of PIX clones [7:36593]

[Wes Stevens]

Suspect that is just a vender doing anything that they can to make a sale. 
Cisco has had a reputation of playing the game fair. When the market started 
to get flooded last year with used gear their tactic was to give good trade 
in's to try and keep as much off the used market as possible - a very fair 
tactic IMO. Also the people who are buying used pix's on Ebay are not really 
hurting Cisco sales much. If they were not buying the pix at a used price 
they would probably be buying a Sonicwall or some other less expensive 
firewall. In that way it is a win for Cisco.

Like you say they are not msft. That is why I don't think they would be too 
happy with Jason Sullivan's post about legal action.


From: Mike Sweeney 
Reply-To: Mike Sweeney 
To: [EMAIL PROTECTED]
Subject: speaking of PIX clones [7:36593]
Date: Wed, 27 Feb 2002 01:38:51 -0500

I just heard from a friend that a SonicWall rep was saying(dont you love 
5th
hand news) that Cisco is planning to crack down on PIXes being resold on
Ebay by killing any and all support for them. No smartnet, no software, no
activation keys etc..

I personally think it is a bunch of hooyie.. The number of PIX units being
sold 2nd hand on Ebay is a grain of sand compared to national/world sales 
of
new units and to expend that much effort, ill will and bad karma really
doesnt strike me as the cisco way of doing business. MS maybe.. but not
cisco.

Am I off base here?  even if it's a bunch of crap, it makes for some
interesting thoughts.. whats next? no support for used routers? switches ?
talk about killing the goose that lays golden eggs..

MikeS
_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36621t=36593
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: speaking of PIX clones [7:36593]

[Georg Pauwen]

That sounds like a car dealer refusing to service used cars. I would think
that as long as the software licenses are purchased, what does it matter
where the PIX has been purchased ? I am a big fan of EBay, and I purchased a
couple of Cisco routers and switches for my lab, which saved me several
thousands of dollars.
By the way, I fully agree with the Microsoft policy on cracking down on
illegal/unlicensed use of their software. It costs money to develop their
products. Wether you illegally copy CDs or DVDs, or software, it is
stealing. Admittedly, why do people use unlicensed software ? Because most
of it is too d... expensive !

Georg


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36612t=36593
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HELP !! CCIE 2B or NOT? [7:36542]

[Solar]

Have no clear idea of why the CCIE Written should be dropped. Unless you
pass both written and lab exams, then append the CCIE after your name

Compare it to the following
Name
CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro and
Server, MBA 1st semester

Is it conceptually clear to you ?

Thank you


Tim Booth  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 BTW - Tim? Drop the 'CCIE Written' 'bit' from you acronym
 collection...it
 ain't cool no more :)

 BTW - Oliver?

Appending CCIE written isn't to be cool. It's not to pretend I'm
 a CCIE. It's to let others know how far my progress is in achieving my
 goal, where I'm at in an educational standpoint etc. It is purely a
 shorthand version of I have passed a CCIE written test. It would be
 the equivalent of saying something like I'm in college, if college and
 studying to be a CCIE were comparable. In your head you can append
 Studied hard and passed a CCIE written exam. I'm not claiming to be a
 CCIE, but I am claiming to be actively studying towards being one.

As far as my certifications, I have studied very hard to earn them,
 and in no sense are they simply an acronym collection. In my case,
 treating them as such is inappropriate.

If you have further issues, please email me off-list.

 Kind Regards,
 Tim Booth
 MCDBA, CCNP, CCDP, CCIE written
 -
 Those who would give up essential liberty to purchase a little temporary
 safety deserve neither liberty nor safety.
 Benjamin Franklin, 1759




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36622t=36542
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to get the activation key for my clone Pix [7:36567]

[jhun de leon]

Jason did not make  a threat and should be construed as a friendly 
reminder as I don't think Cisco Legal Eagles will make the same reminder 
for unauthorized and unlicensed use.



Jason Sullivan wrote:

 You should take the 400 you spent and buy a 501.  I promise it will be less
 than your legal fees if Cisco were to get involved.
 
 
 Jason Sullivan
 Systems Engineer
 [EMAIL PROTECTED]
 Office (801)270-6732
 Pager (800)365-4578
 


 ---
 Welcome to the Internet, Transportation provided by Cisco Systems


 ---
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Athony Jones
 Sent: Tuesday, February 26, 2002 1:02 PM
 To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Subject: How to get the activation key for my clone Pix?
 
 Hi Everyone,
 After struggling for the past two days, I have
 successfully cloned a Pix firewall by using my PC.
 I plug the 16MB flash card into the PC's ISA slot
 and the PC recognize that it is a Pix flash card
 (cost me $400.00). It boots up fine and everything
 seems to be in order.  However, after the boot up
 sequence, it asks me for the activation key.  I've
 been trying many different possible scenarios without
 much success.  I even tried to use the activation key
 from another Pix firewall but that doesn't work
 either.
 
 Anybody know how I can fake my clone Pix with a
 fake activation key?  By the way,I am running Pix OS
 code version 6.1(2). I even tried 5.3(1), 5.3(2),
 6.0(1) and 6.1(1) and one of them works.  By the way,
 the PC has 128MB of RAM and a 16Mb Flash ISA card.
 I tried to clone a Pix520.
 
 Please help.
 
 Jason
 
 __
 Do You Yahoo!?
 Yahoo! Greetings - Send FREE e-cards for every occasion!
 http://greetings.yahoo.com
 __
 To unsubscribe from the SECURITY list, send a message to
 [EMAIL PROTECTED] with the body containing:
 unsubscribe SECURITY




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36613t=36567
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36627]

[Scott Morris]

Somebody's already been selling 'em on EBay.

And I never said legal action should be brought against anyway...  I merely
said it wasn't a bright idea to discuss it in a public forum where Cisco
people were at.

As for discouraging the program, I hardly think this would do it.  You don't
see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of this
is a cost-effective marketing tool for the CCIE program hasn't historically
been a problem.

*shrug*  If people want to do it, they'll do it.  However, I don't think it
is advisable to discuss it publically, nor sell it.  Whether to another
person for study purposes only or whatever...  Control gets lost after
that.

And you can get a 501 for the same price, if not less than the 16 meg card
anyway, so what the hell is the point in building your own?  It's not the
price-point!

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 7:53 AM
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as an
upgrade, but I don't think there is any legal clause shipped with it saying
you can use it for no other purpose. Again the original post was a pix for a
CCIE security lab. I just cannot see Cisco taking legal action there. They
have never been a legally heavy handed company. To take action in that case
would send the wrong message. The CCIE program is one of their best
marketing tools. It puts industry reconized experts in the field with a
diffinite Cisco bias to them. The CCIE Security program is fairly new and I
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay
that is a whole different story.

From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 07:26:33 -0500

I believe that would be a use other than intended

Cisco is a little lax in enforcing software licenses...  Lots of people
resell routers with IOS installed (not supposed to).  Lots of people
download feature sets they don't have licenses for (not supposed to).

There have actually been some cases where Cisco's gone after people
(typically larger companies).  But it's a WHOLE different thing to BUILD a
device and put their software on it...  If I were to build my own router
(god only knows why), and put their software on it, I would fully expect to
hear from Cisco.

Worse, if I were to sell it on EBay, that's just asking for trouble.  And
before you comment, yes, PIX clones HAVE been sold on Ebay from
not-so-bright individuals.

Where do you draw the line?  Lots of people drive fast.  It's still
illegal.
If you do it enough, and publically flaunt it, chances are you'll get
pulled
over sometime.  Go figure.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Wes Stevens
Sent: Wednesday, February 27, 2002 7:15 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Is this pirating software? Cisco sells this board with the software
installed in it. This is no different then buying any other router on on
Ebay and using it without putting it on smartnet. Are you going to take
legal action against all of those people also?
 From: Jason Sullivan 
 To: Wes Stevens 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Tue, 26 Feb 2002 20:14:50 -0700
 
 
 
 First give me a break it was just an observation.
 Second, pirating software is illegal.  Read the disclaimer out on CCO.
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, February 26, 2002 8:05 PM
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 J
 
  From: Jason Sullivan 
  Reply-To: Jason Sullivan 
  To: Athony Jones , ,
  
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Tue, 26 Feb 2002 17:58:32 -0700
  
  You should take the 400 you spent and buy a 501.  I promise it will be
 less
  than your legal fees if Cisco were to get involved.
  
  
  Jason Sullivan
  Systems Engineer
  [EMAIL PROTECTED]
  Office (801)270-6732
  Pager (800)365-4578
  
 

---
 -
  ---
  Welcome to the Internet, Transportation provided by Cisco Systems
 

---
 -
  ---
  
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  Athony Jones
  Sent: Tuesday, February 26, 2002 1:02 PM
  To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Subject: How to get the activation key for my clone Pix?
  
  Hi Everyone,
  After struggling for the past two days, I have
  successfully cloned 

RE: How to get the activation key for my clone Pix [7:36626]

[Wes Stevens]

Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as an 
upgrade, but I don't think there is any legal clause shipped with it saying 
you can use it for no other purpose. Again the original post was a pix for a 
CCIE security lab. I just cannot see Cisco taking legal action there. They 
have never been a legally heavy handed company. To take action in that case 
would send the wrong message. The CCIE program is one of their best 
marketing tools. It puts industry reconized experts in the field with a 
diffinite Cisco bias to them. The CCIE Security program is fairly new and I 
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay 
that is a whole different story.

From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 07:26:33 -0500

I believe that would be a use other than intended

Cisco is a little lax in enforcing software licenses...  Lots of people
resell routers with IOS installed (not supposed to).  Lots of people
download feature sets they don't have licenses for (not supposed to).

There have actually been some cases where Cisco's gone after people
(typically larger companies).  But it's a WHOLE different thing to BUILD a
device and put their software on it...  If I were to build my own router
(god only knows why), and put their software on it, I would fully expect to
hear from Cisco.

Worse, if I were to sell it on EBay, that's just asking for trouble.  And
before you comment, yes, PIX clones HAVE been sold on Ebay from
not-so-bright individuals.

Where do you draw the line?  Lots of people drive fast.  It's still 
illegal.
If you do it enough, and publically flaunt it, chances are you'll get 
pulled
over sometime.  Go figure.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Wes Stevens
Sent: Wednesday, February 27, 2002 7:15 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Is this pirating software? Cisco sells this board with the software
installed in it. This is no different then buying any other router on on
Ebay and using it without putting it on smartnet. Are you going to take
legal action against all of those people also?
 From: Jason Sullivan 
 To: Wes Stevens 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Tue, 26 Feb 2002 20:14:50 -0700
 
 
 
 First give me a break it was just an observation.
 Second, pirating software is illegal.  Read the disclaimer out on CCO.
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, February 26, 2002 8:05 PM
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 J
 
  From: Jason Sullivan 
  Reply-To: Jason Sullivan 
  To: Athony Jones , ,
  
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Tue, 26 Feb 2002 17:58:32 -0700
  
  You should take the 400 you spent and buy a 501.  I promise it will be
 less
  than your legal fees if Cisco were to get involved.
  
  
  Jason Sullivan
  Systems Engineer
  [EMAIL PROTECTED]
  Office (801)270-6732
  Pager (800)365-4578
  
 

---
 -
  ---
  Welcome to the Internet, Transportation provided by Cisco Systems
 

---
 -
  ---
  
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  Athony Jones
  Sent: Tuesday, February 26, 2002 1:02 PM
  To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Subject: How to get the activation key for my clone Pix?
  
  Hi Everyone,
  After struggling for the past two days, I have
  successfully cloned a Pix firewall by using my PC.
  I plug the 16MB flash card into the PC's ISA slot
  and the PC recognize that it is a Pix flash card
  (cost me $400.00). It boots up fine and everything
  seems to be in order.  However, after the boot up
  sequence, it asks me for the activation key.  I've
  been trying many different possible scenarios without
  much success.  I even tried to use the activation key
  from another Pix firewall but that doesn't work
  either.
  
  Anybody know how I can fake my clone Pix with a
  fake activation key?  By the way,I am running Pix OS
  code version 6.1(2). I even tried 5.3(1), 5.3(2),
  6.0(1) and 6.1(1) and one of them works.  By the way,
  the PC has 128MB of RAM and a 16Mb Flash ISA card.
  I tried to clone a Pix520.
  
  Please help.
  
  Jason
  
  __
  Do You Yahoo!?
  Yahoo! Greetings - Send FREE e-cards for every occasion!
  http://greetings.yahoo.com
  __
  To unsubscribe from 

SNA DDR [7:36631]

[Picciani Francesco Saverio]

I have a SNA PU (a cash of a bank) connected to a router, the router
connected by a ISDN BRI to a romote router and the romote router connected
to a FEP (so to a HOST) by a Token Ring LAN. 

PU--Router--BRI--remote router--TR--FEP--HOST.

Is possible to permit the comunication beetween the PU and the HOST whit the
ISDN BRI actrive only when thare is traffic??


Thanks
Francesco




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36631t=36631
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Span port like hub [7:36628]

[Ole Drews Jensen]

The command

set span s/s m/m

will mirror all received and transmitted traffic from port s/s to port m/m.

See here for details (watch for wordwrap):

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_1/cmd_ref/s
etsn_su.htm#1083425

Hth,

Ole

~~~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~~~
 http://www.RouterChief.com
~~~
 NEED A JOB ???
 http://www.oledrews.com/job
~~~




-Original Message-
From: Picciani Francesco Saverio
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 7:34 AM
To: [EMAIL PROTECTED]
Subject: Span port like hub [7:36628]


I need to put two hosts on the same LAN and on the same medium like old coax
LAN.
One host need to listen all the traffic directed to the other.
I have a switch 6509 and I can solve the problem by introducing an hub. The
two hosts connected to the hub and the hub connected to the right VLAN on
the switch.
Can I obtain the same result without the hub and with a span port on the
switch??


Thanks 
Francesco




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36633t=36628
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Monitoring Cisco Router through MRTG [7:36598]

[Kevin Cullimore]

It's been a while, but I believe that some IOS versions support a show snmp
mib command, which should print out a list of OIDs supported by the
router/IOS combination (it's that one or a very similar undocumented
command).

Otherwise, any tool that will let you perform an snmpwalk will allow you to
uncover the supported MIBs (and therefore the SNMP OIDs), such as the getif
tool or even the snmp browser included with Microsoft resource kits.


- Original Message -
From: Ziyad 
To: 
Sent: Wednesday, February 27, 2002 7:53 AM
Subject: Re: Monitoring Cisco Router through MRTG [7:36598]


 Thanks prakash
 Can you please explain how can I find out the SNMP OID's for my cisco
router
 
 Also the line Do not forget to scan the device using SNMPv2.??

 Ziyaad


  Original Message -
 From: Surya Prakash PV
 To:
 Sent: Wednesday, February 27, 2002 3:41 PM
 Subject: RE: Monitoring Cisco Router through MRTG [7:36598]


  Everything. Try a tool called getif to find out the SNMP OID's for ur
  device. Do not forget to scan the device using SNMPv2.
 
  Regds
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
  Ziyad
  Sent: Wednesday, February 27, 2002 10:46 AM
  To: [EMAIL PROTECTED]
  Subject: Monitoring Cisco Router through MRTG [7:36598]
 
 
  Hi All
 
  Can anyone tell me if I can use MRTG for monitoring CRC errors or
  broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU
  Utilization ...What are other things in a Ciso Router that can be
  meausured through MRTG.
 
  Ziyaad
  _
  Do You Yahoo!?
  Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36635t=36598
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36583]

[Mike Sweeney]

Just for the record.. I picked up a 501 NEW in the box for $401.00 US and no
shipping. Just sales tax. This was not 3DES.. just plain of DES and 10
users. Works like a top.. Place is in FL but apparently they use IngramMicro
as the fulfillment center(still had the lable)

The new 506E pricing just got came in at $1,100 which like they said, is
cheaper then before.

SonicWall is in serious trouble with these price points. I use both the PIX
is a better firewall for the price. I have no experience with Nokia so I can
not comment on their product vs. a PIX.

MikeS



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36634t=36583
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SNA DDR [7:36631]

[Richard Newman]

Sort of. SNA by design is constantly polling the end device. If you are
using DLSw in your cloud you can use the local ack feature to keep the
polling traffic off the link You can then set your permit-list to have any
dlsw traffic activate the link

Richard


Picciani Francesco Saverio  wrote
in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have a SNA PU (a cash of a bank) connected to a router, the router
 connected by a ISDN BRI to a romote router and the romote router connected
 to a FEP (so to a HOST) by a Token Ring LAN.

 PU--Router--BRI--remote router--TR--FEP--HOST.

 Is possible to permit the comunication beetween the PU and the HOST whit
the
 ISDN BRI actrive only when thare is traffic??


 Thanks
 Francesco




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36637t=36631
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Border Router load [7:36642]

[Irwan Hadi]

We have a Cisco 7204 VXR which acts as a border router. The Cisco 7204
VXR has two ATM interface from the internet for 45 Mbps, and one gigabit
ethernet for out network. The gigabit ethernet is connected to Cisco
6509.
One thing that happens on the border router is that the load is
always high (around 30% without utilitizing turbo ACL, or around 21%
by utilizing turbo ACL). That border router has around 25 -30 access lists.

The access lists mostly are used to :
1. Block the non routable IP address (10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, 127.0.0.0/8).
2. Clean the incoming traffic
3. Protect the networks to common exploit, for example port 515, 110,
etc.

But the thing that is weird is when the ACL is moved to the CIsco 6509
which serves completely ethernet environment, the load on that Cisco
6509 just stays cool at 6%.

What is the reason this thing happen ? is it because Cisco 6509 has
better processing power then 7204 VXR, or because the 7204 VXR needs to
convert cells (ATM) to frames (gigabit ethernet), look inside it,
forward it, etc. etc. ?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36642t=36642
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OSPF question [7:36641]

[John McCartney]

Loopbacks are used because they never go down or should never go down, to
make one the DR assign the highest loopback to the desired router. HTH's


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36644t=36641
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Border Router load [7:36643]

[Irwan Hadi]

We have a Cisco 7204 VXR which acts as a border router. The Cisco 7204
VXR has two ATM interface from the internet for 45 Mbps, and one gigabit
ethernet for out network. The gigabit ethernet is connected to Cisco
6509.
One thing that happens on the border router is that the load is
always high (around 30% without utilitizing turbo ACL, or around 21%
by utilizing turbo ACL). That border router has around 25 -30 access lists.

The access lists mostly are used to :
1. Block the non routable IP address (10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, 127.0.0.0/8).
2. Clean the incoming traffic
3. Protect the networks to common exploit, for example port 515, 110,
etc.

But the thing that is weird is when the ACL is moved to the CIsco 6509
which serves completely ethernet environment, the load on that Cisco
6509 just stays cool at 6%.

What is the reason this thing happen ? is it because Cisco 6509 has
better processing power then 7204 VXR, or because the 7204 VXR needs to
convert cells (ATM) to frames (gigabit ethernet), look inside it,
forward it, etc. etc. ?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36643t=36643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF question [7:36641]

[cclark]

In determining DR and BDR, OSPF will use the priority and the Router ID. I
can change the Router ID by creating a loopback with a higher ID (IP address
right?). Why would I do this? Why would I not just change the priority of
the router in question? If I want a specific router to be the DR, why not
set it with a priority of 1 and set all the other routers to something like
5? TIA.

cc




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36641t=36641
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISP discussion groups/lists [7:36618]

[Brian]

Try this on for size..

http://isp-lists.isp-planet.com/about/

Brian

- Original Message -
From: Constantin Tivig 
To: 
Sent: Wednesday, February 27, 2002 1:52 AM
Subject: ISP discussion groups/lists [7:36618]


 Any ideea where I can find a discussion group/list for ISPs ?



 Thanks!



 Cos




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36645t=36618
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Multilink and callback request/accept [7:36640]

[Richard Botham]

All,
Maybe i've missed something here but...
I configured 2 routers over isdn with PPP Multilink and that r8 calls r6 and
then r6 calls r8 back.
All fine so far apart from I end up with one call IN and one call OUT as
follows:

r8#sh isd active
--
ISDN ACTIVE CALLS
--
History table has a maximum of 100 entries.
History table data is retained for a maximum of 15 Minutes.
--
CallCalling or Called   RemoteSeconds Seconds Seconds   Recorded
Charges
TypePhone numberNode Name UsedLeftIdle 
Units/Currency
--
Out    r6  38   0   0
In     r6  38   0
--

configs as follows:
r6:
interface Dialer0
 ip address 172.168.1.6 255.255.255.0
 no ip directed-broadcast
 encapsulation ppp
 dialer pool 1
 dialer string  class test
 dialer load-threshold 1 either
 dialer-group 1
 ppp callback accept
 ppp authentication chap
 ppp multilink
!
map-class dialer test
 dialer callback-server username

r8:
interface Dialer0
 ip address 172.168.1.8 255.255.255.0
 no ip directed-broadcast
 encapsulation ppp
 dialer remote-name r6
 dialer string 
 dialer load-threshold 1 outbound
 dialer pool 1
 dialer-group 1
 ppp callback request
 ppp authentication chap
 ppp chap hostname ccie
 ppp multilink

Whats gone wrong


Cheers
Richard


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36640t=36640
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HELP !! CCIE 2B or NOT? [7:36542]

[Casey, Paul (6822)]

I agree, get rid of the acronym till you got the number after it, 
It demeans the CCIE actual certification which few will ever achieve.
My Personal belief is that you could get the CCIE- written  knowing  f**k
all.

The day you actually get the CCIE #  then I care who you are, 
and what you have to say, listen closely, and understand how much you
studied,
and follow your advise,  but until then ..

Stop getting sesame street certifications and learn to walk with kings..






 -Original Message-
 From: Solar [SMTP:[EMAIL PROTECTED]]
 Sent: 27 February 2002 13:47
 To:   [EMAIL PROTECTED]
 Subject:  Re: HELP !! CCIE 2B or NOT? [7:36542]
 
 Have no clear idea of why the CCIE Written should be dropped. Unless you
 pass both written and lab exams, then append the CCIE after your name
 
 Compare it to the following
 Name
 CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro
 and
 Server, MBA 1st semester
 
 Is it conceptually clear to you ?
 
 Thank you
 
 
 Tim Booth  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  BTW - Tim? Drop the 'CCIE Written' 'bit' from you acronym
  collection...it
  ain't cool no more :)
 
  BTW - Oliver?
 
 Appending CCIE written isn't to be cool. It's not to pretend I'm
  a CCIE. It's to let others know how far my progress is in achieving my
  goal, where I'm at in an educational standpoint etc. It is purely a
  shorthand version of I have passed a CCIE written test. It would be
  the equivalent of saying something like I'm in college, if college and
  studying to be a CCIE were comparable. In your head you can append
  Studied hard and passed a CCIE written exam. I'm not claiming to be a
  CCIE, but I am claiming to be actively studying towards being one.
 
 As far as my certifications, I have studied very hard to earn them,
  and in no sense are they simply an acronym collection. In my case,
  treating them as such is inappropriate.
 
 If you have further issues, please email me off-list.
 
  Kind Regards,
  Tim Booth
  MCDBA, CCNP, CCDP, CCIE written
  -
  Those who would give up essential liberty to purchase a little temporary
  safety deserve neither liberty nor safety.
  Benjamin Franklin, 1759




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36632t=36542
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36630]

[Wes Stevens]

In my own lab a I have a 506. I would like to have another pix with a dmz 
interface. I am sure pretty sure they will cover pix to pix and dmz in the 
ccie security. But even on ebay to buy a 520 with three interfaces usually 
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame - 
ten routers and three switches. Another $2k to $3k for a pix with three 
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 08:32:24 -0500

Somebody's already been selling 'em on EBay.

And I never said legal action should be brought against anyway...  I merely
said it wasn't a bright idea to discuss it in a public forum where Cisco
people were at.

As for discouraging the program, I hardly think this would do it.  You 
don't
see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of 
this
is a cost-effective marketing tool for the CCIE program hasn't historically
been a problem.

*shrug*  If people want to do it, they'll do it.  However, I don't think it
is advisable to discuss it publically, nor sell it.  Whether to another
person for study purposes only or whatever...  Control gets lost after
that.

And you can get a 501 for the same price, if not less than the 16 meg card
anyway, so what the hell is the point in building your own?  It's not the
price-point!

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 7:53 AM
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as 
an
upgrade, but I don't think there is any legal clause shipped with it saying
you can use it for no other purpose. Again the original post was a pix for 
a
CCIE security lab. I just cannot see Cisco taking legal action there. They
have never been a legally heavy handed company. To take action in that case
would send the wrong message. The CCIE program is one of their best
marketing tools. It puts industry reconized experts in the field with a
diffinite Cisco bias to them. The CCIE Security program is fairly new and I
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay
that is a whole different story.

 From: Scott Morris 
 Reply-To: 
 To: 'Wes Stevens' 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 07:26:33 -0500
 
 I believe that would be a use other than intended
 
 Cisco is a little lax in enforcing software licenses...  Lots of people
 resell routers with IOS installed (not supposed to).  Lots of people
 download feature sets they don't have licenses for (not supposed to).
 
 There have actually been some cases where Cisco's gone after people
 (typically larger companies).  But it's a WHOLE different thing to BUILD 
a
 device and put their software on it...  If I were to build my own router
 (god only knows why), and put their software on it, I would fully expect 
to
 hear from Cisco.
 
 Worse, if I were to sell it on EBay, that's just asking for trouble.  And
 before you comment, yes, PIX clones HAVE been sold on Ebay from
 not-so-bright individuals.
 
 Where do you draw the line?  Lots of people drive fast.  It's still
 illegal.
 If you do it enough, and publically flaunt it, chances are you'll get
 pulled
 over sometime.  Go figure.
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Wes Stevens
 Sent: Wednesday, February 27, 2002 7:15 AM
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 Is this pirating software? Cisco sells this board with the software
 installed in it. This is no different then buying any other router on on
 Ebay and using it without putting it on smartnet. Are you going to take
 legal action against all of those people also?
  From: Jason Sullivan 
  To: Wes Stevens 
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Tue, 26 Feb 2002 20:14:50 -0700
  
  
  
  First give me a break it was just an observation.
  Second, pirating software is illegal.  Read the disclaimer out on CCO.
  -Original Message-
  From: Wes Stevens [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, February 26, 2002 8:05 PM
  To: [EMAIL PROTECTED]
  Subject: RE: How to get the activation key for my clone Pix?
  
  
  J
  
   From: Jason Sullivan 
   Reply-To: Jason Sullivan 
   To: Athony Jones , ,
   
   Subject: RE: How to get the activation key for my clone Pix?
   Date: Tue, 26 Feb 2002 17:58:32 -0700
   
   You should take the 400 you spent and buy a 501.  I promise it will 
be
  less
   than your legal fees if Cisco were to get involved.
   
   
   Jason Sullivan
   Systems Engineer
   [EMAIL 

RE: Grade to get CCDA [7:36636]

[Tim Medley]

All Cisco exams are Pass or Fail exams. It's that simple, if you know
the material that is covered on the exam then you will Pass; if you do
not know the material then you will Fail.

Your focus should not be how you can skim by and just barely pass the
exam. 

If you don't really know the concepts and technologies and just cram so
that you pass the exam, what good is the certification then? Just
because you have a certification doesn't mean that someone is going to
hire you and throw money at you. 

Employers look at certifications as a base line, a ccda should know xyz
concepts and know how to accomplish xyz tasks. If you can't perform at
the baseline level you're not going to be around at that job long or you
may not even get hired.

With the way the Tech job market is these days, you need to be able to
differentiate yourself from your peers. Paper Certs are not a way to do
this.

Please stop asking for minimum scores to pass or the number of questions
on an exam. Review the exam outlines and blueprints on CCO and learn the
concepts and technologies.

Most everyone here in this forum is here to share knowledge and learn
from each other. If you don't understand a concept or technology, post a
question about it you'll receive plenty of help.


Tim Medley - CCNP+Voice, CCDP
Sr. Network Architect
VoIP Group
iReadyWorld


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Rodrigues, Mario
Sent: Wednesday, February 27, 2002 9:29 AM
To: [EMAIL PROTECTED]
Subject: Grade to get CCDA [7:36636]

Hi Folks,

I would like to know how is the grade to get CCDA.



Regards,

Mario A. Rodrigues




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36649t=36636
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

community characters [7:36652]

[BASSOLE Rock]

Hello,

I would like to know if the following characters are allowed for configuring
a community string:; and  !  using an IOS 12.1(9) E

Thank you.

Rock.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36652t=36652
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Simulator [7:36654]

[kevhed]

Does anyone know of or can recommend a PIX IOS simulator?  I'm gearing up
for the CSS1 cert and need some experience on a newer version of pix ios.
We have a pix but it's running some ancient ios (2.7.11) and there's no
upgrade in for it in the near future.  So I'm hoping to find a simulator (if
one exists) to practice  on a newer ver of ios.   Thx in advance.
--
Kevin Keay (N+,CNE,CCSE,CCDP,CCNP)
Sr. Network Specialist
Ondeo-Nalco




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36654t=36654
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Sample Rate [7:36566]

[David L. Blair]

 John Neiberger wrote:
 What I'm trying to find out is why the original 4KHz limit on
 voice calls was put into place.  It sounds like it was simply
 an arbitrary decision.  4KHz is sufficient for a telephone call
 and to provide clear calls that included higher frequencies
 might have added some technical complexities, perhaps.

 They also added a high-pass filter around 400Hz since most
 telephones can't reproduce low frequencies well and it also
 filters out some harmonics of 50-60Hz hum that might show up
 from time to time.  That is concrete reason for including a
 high-pass filter and I wondered if there was a concrete
 technical reason for including the 4KHz low-pass filter. From
 the sounds of it there really isn't a technical issue, 4K is
 just a nice round number.  :-)

I used three sources to answer John's query: Voice over IP Fundamentals,
Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data
Networks.  These are great books for anyone wanting to know more about
voice technologies.

Interesting Facts and Ideas I came across:

1) Human hearing is in the range of 200 Hz to 20,000 Hz

2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the
information comes from the middle frequencies. According to Nyquist, Human
voice contains sounds that are more often Middle-pitched frequencies than
either High or Low pitched frequencies.

3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk.

4) During the Analog to Digital conversion voice samples are put though a
process called Quantization.  Quantization is the process of rounding
sampled values to the nearest predefined discreet value. Pulse Code
Modulation (PCM) is a Quantization process. PCM is also used to achieve 12
to 13 bits of voice information in 8 bit words. Two commonly used PCM's are:
mu-law (North America), and a-law (Europe). What you hear is not someone's
voice, but a representation of their voice.

5) Noise is a major issue when talking about voice quality.  Noise is
constant problem for Analog signals.  What is signal and what is Noise?
When a Analog signal is amplified so is the Noise, which in turn makes the
quality of Analog calls worst as the distance increases.  Digital Calls are
less suitable to Noise than Analog calls.

6) Delay is a major issue when talking about conversation flow for two
reasons: 1) For a conversation to flow normally, the delay is receiving the
voice information must be less than 250ms.  When the delay is more than
250ms, the human receiving the voice message will start to talk thinking the
human sending the voice message is at a breaking point in the conversation,
i.e.. both people are talking at the same time similar to a collision in
Ethernet.  Delay is also important in how the voice packets are filled
during the Analog to Digital conversion.  That is why ATM (ATM cell is 53
octets, 5 octets are header and 48 octets are payload) is a good method for
transporting voice packets because the delay to fill the payload section is
smaller than with other cell/packet types.


Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature;
3,500 Hz or 5,000 Hz would work also.  It is a nice round number to work
with.  Simplies any math work.  Middle frequencies carry the bulk of the
information and Human speech upper limit is 10,000 Hz amd 4,000 is near the
middle. The low filter is also to reduce the frequencies that carry less
information.

Hope this helps.


Through Complexity there is Simplicity,
   Through Simplicity there is Complexity

David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36655t=36566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IOS [7:36656]

[Jeff Dutton]

Please forgive my ignorance but I have a question. I have a new location
that is going to require a 2620 series router. I have the IOS and a modified
config file ready to go as soon as I get the router in. I plan on copying
the IOS (12.1) over first. Then I plan to copy a config that matches another
router (with the exception of a couple of lines) but the other router has an
IOS of 12.0. My question is if I copy over IOS 12.1 then copy over a config
that for example a show run would show 12.0...will it then go ahead and
keep 12.1?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36656t=36656
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36638]

[Scott Morris]

Personally?  I have two 520's that I got a sweet deal on (EBay).

But other than that, what is the functional difference between having two
501's and two of something higher?

By that, I mean what is the difference between setting up VPN's to the
outside interfaces versus a DMZ?  What is the big deal?  There's nothing
that you can't test yourself on with a pair of 501's that will be that
dramatically different with 506's, 515's or whatever  The difference
would be in the permissions or translations, but as long as you understand
that difference, I don't see what the big deal is.

Other than playing around for emulating a customers network, I've really
never used my DMZ interfaces for lab testing.  So if I didn't have them, it
wouldn't affect me one way or the other.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 8:56 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


In my own lab a I have a 506. I would like to have another pix with a dmz
interface. I am sure pretty sure they will cover pix to pix and dmz in the
ccie security. But even on ebay to buy a 520 with three interfaces usually
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
ten routers and three switches. Another $2k to $3k for a pix with three
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 08:32:24 -0500

Somebody's already been selling 'em on EBay.

And I never said legal action should be brought against anyway...  I merely
said it wasn't a bright idea to discuss it in a public forum where Cisco
people were at.

As for discouraging the program, I hardly think this would do it.  You
don't
see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
this
is a cost-effective marketing tool for the CCIE program hasn't historically
been a problem.

*shrug*  If people want to do it, they'll do it.  However, I don't think it
is advisable to discuss it publically, nor sell it.  Whether to another
person for study purposes only or whatever...  Control gets lost after
that.

And you can get a 501 for the same price, if not less than the 16 meg card
anyway, so what the hell is the point in building your own?  It's not the
price-point!

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 7:53 AM
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as
an
upgrade, but I don't think there is any legal clause shipped with it saying
you can use it for no other purpose. Again the original post was a pix for
a
CCIE security lab. I just cannot see Cisco taking legal action there. They
have never been a legally heavy handed company. To take action in that case
would send the wrong message. The CCIE program is one of their best
marketing tools. It puts industry reconized experts in the field with a
diffinite Cisco bias to them. The CCIE Security program is fairly new and I
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay
that is a whole different story.

 From: Scott Morris 
 Reply-To: 
 To: 'Wes Stevens' 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 07:26:33 -0500
 
 I believe that would be a use other than intended
 
 Cisco is a little lax in enforcing software licenses...  Lots of people
 resell routers with IOS installed (not supposed to).  Lots of people
 download feature sets they don't have licenses for (not supposed to).
 
 There have actually been some cases where Cisco's gone after people
 (typically larger companies).  But it's a WHOLE different thing to BUILD
a
 device and put their software on it...  If I were to build my own router
 (god only knows why), and put their software on it, I would fully expect
to
 hear from Cisco.
 
 Worse, if I were to sell it on EBay, that's just asking for trouble.  And
 before you comment, yes, PIX clones HAVE been sold on Ebay from
 not-so-bright individuals.
 
 Where do you draw the line?  Lots of people drive fast.  It's still
 illegal.
 If you do it enough, and publically flaunt it, chances are you'll get
 pulled
 over sometime.  Go figure.
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Wes Stevens
 Sent: Wednesday, February 27, 2002 7:15 AM
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 Is this pirating software? Cisco sells this board with the software
 installed in it. This is no different then buying any other router on on
 Ebay and using 

RE: HELP !! CCIE 2B or NOT? [7:36542]

[Tim Booth]

Certainly that was conceptually clear. I think this is probably an
issue of semantics, but either way, I believe there is an exception to
be made due to the fact that this is a cisco study list. Where you are
in your studies could have some bearing on the immediate level of detail
in responses one gets, because it indicates the level of detail you
would desire. I really don't think that it is inappropriate to indicate
where you are in your cisco studies on a cisco mailing group. 

  I, like you, would not agree to putting MCSE Win2k Pro and Server on
a cisco email list, but being appropriately detailed should be ok. I
believe that the difference between a CCNP, CCDP, or CCIP and someone
who takes the IE written is great enough to warrant such a distinction.
I know I learned a lot between my DP and my IE written. I like to be
thorough, and answering as many pertinent questions as possible in one
email, be it stated or unstated, is appropriate.

  As far as dealing with semantics, it is possible to restructure the
appendage, but why would that truly be necessary. If you think about it,
the best shorthand for someone who passed the CCIE written would be
CCIE written. If it is to be suggested that I can't use CCIE in a
phrase simply because it *by itself* represents something different than
what I'm implying, that would be a little silly.

  I'm not trying to get a job with this title, or pretend to be
something I'm not; just indicating where I'm at.

Kind Regards,
Tim Booth
MCDBA, CCNP, CCDP, CCIE written
-
Those who would give up essential liberty to purchase a little temporary
safety deserve neither liberty nor safety.
Benjamin Franklin, 1759


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Solar
Sent: Wednesday, February 27, 2002 7:47
To: [EMAIL PROTECTED]
Subject: Re: HELP !! CCIE 2B or NOT? [7:36542]

Have no clear idea of why the CCIE Written should be dropped. Unless you
pass both written and lab exams, then append the CCIE after your name

Compare it to the following
Name
CCNA, CCNP Routing Switching, BSc 3rd year, CCIE Written, MCSE Win2K Pro
and
Server, MBA 1st semester

Is it conceptually clear to you ?

Thank you




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36657t=36542
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISP discussion groups/lists [7:36618]

[Irwan Hadi]

On Wed, Feb 27, 2002 at 09:24:43AM -0700, Constantin Tivig wrote:

 Any ideea where I can find a discussion group/list for ISPs ?
 

www.isp-lists.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36660t=36618
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: E1 voice Connection (PRI) between AS5300 and 3Com NBX [7:36662]

[Anibal Pita]

Hi folks

Apita.

any comment

 Hi guys

 Somebody know or have experienced an E1 voice Connection (PRI) between
 AS5300 and 3Com NBX. I'm testing the connection to do VoIp between a
 remote site (Cisco 1750) and a Central site (Cisco5300). The AS5300 is
 only connected via LAN. The WAN connection in Central Site is made with
 a Cisco 7140.

 The 3Com NBX emulate the PBX.

 We have try with diferents isdn type Switch and signaling but it no
 work. Always appear BAD FRAME...

 Somebody know about the compatibility between both devices ?

 Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36662t=36662
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Sample Rate [7:36566]

[John Neiberger]

Thanks, that's exactly the sort of thing I was hoping to find.  It's
also interesting to note that the human ear is most sensitive to
midrange frequencies, say between 1000Hz and 4000Hz.  So, even if you
filter out what's above 4KHz, you can make up for the lack of clarity
with a little amplitude.  However, it's this filter that can make it
difficult to distinguish between an F and an S sound.  The frequencies
most necessary to hear those sounds clearly are above 4KHz.

And no, amplitude is NOT a measure of how much air a snowboarder gets
above the half pipe rim!  :-)

John

 David L. Blair  2/27/02 8:58:07 AM 
 John Neiberger wrote:
 What I'm trying to find out is why the original 4KHz limit on
 voice calls was put into place.  It sounds like it was simply
 an arbitrary decision.  4KHz is sufficient for a telephone call
 and to provide clear calls that included higher frequencies
 might have added some technical complexities, perhaps.

 They also added a high-pass filter around 400Hz since most
 telephones can't reproduce low frequencies well and it also
 filters out some harmonics of 50-60Hz hum that might show up
 from time to time.  That is concrete reason for including a
 high-pass filter and I wondered if there was a concrete
 technical reason for including the 4KHz low-pass filter. From
 the sounds of it there really isn't a technical issue, 4K is
 just a nice round number.  :-)

I used three sources to answer John's query: Voice over IP
Fundamentals,
Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and
Data
Networks.  These are great books for anyone wanting to know more
about
voice technologies.

Interesting Facts and Ideas I came across:

1) Human hearing is in the range of 200 Hz to 20,000 Hz

2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the
information comes from the middle frequencies. According to Nyquist,
Human
voice contains sounds that are more often Middle-pitched frequencies
than
either High or Low pitched frequencies.

3) Frequencies greater than 4,000 Hz are filter out to limit
crosstalk.

4) During the Analog to Digital conversion voice samples are put though
a
process called Quantization.  Quantization is the process of rounding
sampled values to the nearest predefined discreet value. Pulse Code
Modulation (PCM) is a Quantization process. PCM is also used to achieve
12
to 13 bits of voice information in 8 bit words. Two commonly used PCM's
are:
mu-law (North America), and a-law (Europe). What you hear is not
someone's
voice, but a representation of their voice.

5) Noise is a major issue when talking about voice quality.  Noise is
constant problem for Analog signals.  What is signal and what is
Noise?
When a Analog signal is amplified so is the Noise, which in turn makes
the
quality of Analog calls worst as the distance increases.  Digital Calls
are
less suitable to Noise than Analog calls.

6) Delay is a major issue when talking about conversation flow for two
reasons: 1) For a conversation to flow normally, the delay is receiving
the
voice information must be less than 250ms.  When the delay is more
than
250ms, the human receiving the voice message will start to talk
thinking the
human sending the voice message is at a breaking point in the
conversation,
i.e.. both people are talking at the same time similar to a collision
in
Ethernet.  Delay is also important in how the voice packets are filled
during the Analog to Digital conversion.  That is why ATM (ATM cell is
53
octets, 5 octets are header and 48 octets are payload) is a good method
for
transporting voice packets because the delay to fill the payload
section is
smaller than with other cell/packet types.


Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in
nature;
3,500 Hz or 5,000 Hz would work also.  It is a nice round number to
work
with.  Simplies any math work.  Middle frequencies carry the bulk of
the
information and Human speech upper limit is 10,000 Hz amd 4,000 is near
the
middle. The low filter is also to reduce the frequencies that carry
less
information.

Hope this helps.


Through Complexity there is Simplicity,
   Through Simplicity there is Complexity

David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36661t=36566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HELP !! CCIE 2B or NOT? [7:36542]

[David L. Blair]

Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I agree lose the CCIE written as a cert.

I agree to lose the CCIE written in your signature or after your name on a
Resume.  How I handle that is on my resume I have a section called,
Certifications in Process. I list tests that I have taken or
certifications that I plan on completing.

Example:
*  Certifications in Progress:  Checkpoint CCSA, Cisco CCIE, Microsoft MCSE
Windows  2000 Track
(Passed 70-240 Microsoft Accelerated Exam.  One test away from my MCSE W2K),
and Prosoft
Master CIW Administrator.

My $0.02 worth.
--


Through Complexity there is Simplicity,
   Through Simplicity there is Complexity

David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36663t=36542
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Simulator [7:36654]

[David L. Blair]

You can buy a entry level PIX 501 series for around $500.00. See
http://www.routerchief.com/Security/default.htm  that is what Ole Drews
Jensen did.

Through Complexity there is Simplicity,
   Through Simplicity there is Complexity

David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36665t=36654
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DECserver 700 console access [7:36664]

[Wilson, Gavin (KBPB)]

Do I have to set port to local access and then use the change server console
port 16 in order to gain console to the  DEC server?

Gavin Wilson
Kleinwort Benson Private Bank
Tel: 0207 4751771
Mobile: 07989441850
email: [EMAIL PROTECTED]



--
This email and any files transmitted with it are intended solely for the
addressee(s) and may be legally privileged and/or confidential.  If you have
received this email in error you may not copy, forward or use the contents,
attachments or information in any way.  Please destroy it and contact the
sender via our switchboard on +44(0) 20 7475 6600 or via return email.  Any 
unauthorised use or disclosure may be unlawful.  Kleinwort Benson Private
Bank
give no warranty as to the accuracy or completeness of this email after it is
sent over the Internet and accept no responsibility for change made after it
was sent.  Any opinions expressed in this email may be personal to the author
and may not necessarily reflect the opinions of Dresdner Bank or its
affiliates. They may also be subject to change without notice.
--




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36664t=36664
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Re: Sample Rate [7:36566]

[Daniel Cotts]

All this voice stuff goes back to copper lines. Some random thoughts that I
heard circa 1970 while working for Ma Bell and T-1 was the new kid on the
block.
When extending trunks the two wire line went through a hybrid that converted
it to four wire. Two for transmit and two for receive. 
Amplifiers were used. Higher frequencies attenuate at a greater rate than
lower frequencies. The signal was filtered into bands with each band
amplified at a different gain so that at the receiving end it sounded
normal. Choices had to be made about how high a frequency to use.
A copper pair has resistance (length) and capacitance (each pair is twisted
together to minimize crosstalk.) To offset the effects of capacitance load
coils (inductance) was added. Thus an RCL tuned circuit. It was optimized
for frequencies below 4khz. This work predates digital carrier.
Side note: Analog frequency seperated carriers used inband signalling.
Various devices had different functions but the common point was the use of
a 2600 Hz tone. Some folks had too much of that frequency in their voice and
so disconnected themselves. 

 -Original Message-
 From: David L. Blair [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 9:58 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Re: Sample Rate [7:36566]
 
 
  John Neiberger wrote:
  What I'm trying to find out is why the original 4KHz limit on
  voice calls was put into place.  It sounds like it was simply
  an arbitrary decision.  4KHz is sufficient for a telephone call
  and to provide clear calls that included higher frequencies
  might have added some technical complexities, perhaps.
 
  They also added a high-pass filter around 400Hz since most
  telephones can't reproduce low frequencies well and it also
  filters out some harmonics of 50-60Hz hum that might show up
  from time to time.  That is concrete reason for including a
  high-pass filter and I wondered if there was a concrete
  technical reason for including the 4KHz low-pass filter. From
  the sounds of it there really isn't a technical issue, 4K is
  just a nice round number.  :-)
 
 I used three sources to answer John's query: Voice over IP 
 Fundamentals,
 Cisco Voice over Frame Relay, ATM, and IP, and Integrating 
 Voice and Data
 Networks.  These are great books for anyone wanting to know 
 more about
 voice technologies.
 
 Interesting Facts and Ideas I came across:
 
 1) Human hearing is in the range of 200 Hz to 20,000 Hz
 
 2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the
 information comes from the middle frequencies. According to 
 Nyquist, Human
 voice contains sounds that are more often Middle-pitched 
 frequencies than
 either High or Low pitched frequencies.
 
 3) Frequencies greater than 4,000 Hz are filter out to limit 
 crosstalk.
 
 4) During the Analog to Digital conversion voice samples are 
 put though a
 process called Quantization.  Quantization is the process of rounding
 sampled values to the nearest predefined discreet value. Pulse Code
 Modulation (PCM) is a Quantization process. PCM is also used 
 to achieve 12
 to 13 bits of voice information in 8 bit words. Two commonly 
 used PCM's are:
 mu-law (North America), and a-law (Europe). What you hear is 
 not someone's
 voice, but a representation of their voice.
 
 5) Noise is a major issue when talking about voice quality.  Noise is
 constant problem for Analog signals.  What is signal and what 
 is Noise?
 When a Analog signal is amplified so is the Noise, which in 
 turn makes the
 quality of Analog calls worst as the distance increases.  
 Digital Calls are
 less suitable to Noise than Analog calls.
 
 6) Delay is a major issue when talking about conversation flow for two
 reasons: 1) For a conversation to flow normally, the delay is 
 receiving the
 voice information must be less than 250ms.  When the delay is 
 more than
 250ms, the human receiving the voice message will start to 
 talk thinking the
 human sending the voice message is at a breaking point in the 
 conversation,
 i.e.. both people are talking at the same time similar to a 
 collision in
 Ethernet.  Delay is also important in how the voice packets are filled
 during the Analog to Digital conversion.  That is why ATM 
 (ATM cell is 53
 octets, 5 octets are header and 48 octets are payload) is a 
 good method for
 transporting voice packets because the delay to fill the 
 payload section is
 smaller than with other cell/packet types.
 
 
 Answer: It does indeed seem that the 4,000 Hz mark was 
 arbitrary in nature;
 3,500 Hz or 5,000 Hz would work also.  It is a nice round 
 number to work
 with.  Simplies any math work.  Middle frequencies carry the 
 bulk of the
 information and Human speech upper limit is 10,000 Hz amd 
 4,000 is near the
 middle. The low filter is also to reduce the frequencies that 
 carry less
 information.
 
 Hope this helps.
 
 
 Through Complexity there is Simplicity,
Through Simplicity there is 

RE: IOS [7:36656]

[Mark Odette II]

To the best of my knowledge,

Yes.  When you give the Show Run command, it shows the current version of
IOS at the top.  If you give the 'wr mem' command before the 'show run'
command, I'm quite sure it will.  I am a little grey as to whether or not
the Version statement line is grep'd from RAM or if it is statically saved
to the config file in NVRAM at the time of a Wr Mem though.

HTH's

Mark

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:10 AM
To: [EMAIL PROTECTED]
Subject: IOS [7:36656]


Please forgive my ignorance but I have a question. I have a new location
that is going to require a 2620 series router. I have the IOS and a modified
config file ready to go as soon as I get the router in. I plan on copying
the IOS (12.1) over first. Then I plan to copy a config that matches another
router (with the exception of a couple of lines) but the other router has an
IOS of 12.0. My question is if I copy over IOS 12.1 then copy over a config
that for example a show run would show 12.0...will it then go ahead and
keep 12.1?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36669t=36656
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MPLS in the Enterprise [7:36670]

[John Neiberger]

Okay, I'm about to show how clueless I am when it comes to MPLS

I've been getting calls from multiple providers lately all trying to
suggest that I migrate our 100-site frame relay network to their MPLS
network, suggesting that we'll have any-to-any connectivity and the
ability to prioritize traffic classes within the MPLS network.  

Are any of you doing something like this?  I'm going to read up on it
but I'm having trouble visualizing it.  Does this basically turn our
network into a giant multipoint network?  Do our branch routers need to
be aware of MPLS or do providers make this transparent somehow?  How
does this affect routing?

It seems that if we have any-to-any connectivity then the branch
routers don't even need to run a routing protocol; every router would
have one exit point to get to any destination.  But, how would the MPLS
cloud know where to route packets?  The more I think about it it seems
like our branch routers would have to participate in MPLS to provide the
necessary destination info for the MPLS cloud.

See how clueless I am?  Ugh...  Time to do some studying on this. 
Since we already do a little video conferencing over IP and are working
on getting VoIP working, it might be beneficial to get away from the
frame relay network.  But since I don't understand this new technology,
I don't know if it's  a viable solution for us or not.

Off to CCO I go!

Thanks,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36670t=36670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Copying RAM to a text file [7:36671]

[Jeff Dutton]

Alright lets say for example that when you copy your running-config to a
tftp server it shows the file type as file (meaning no extension) but if
you rename the file with a .doc extension it shows all of the text within
the show run commmand just as it would if you copied and pasted your
running-config from a hyperterminal session and pasted it into a word doc. I
copied a running-config from a router and pasted it into a word doc so I
could edit to to meet the specs I'll need for another router. That being
said, if I take off the .doc extension which will make the file a file
type could I then copy this file from a tftp server to the new router? This
is something I'll have to get set up tommorow and I am just looking at what
might be the quickest way to get the new router up.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36671t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Jonathan Mian]

Hi,

You do realise that you do not have to use TFTP servers just to upload a
config you can use cut and pate in the telnet sessions. That is if you
highlight the whole config (leave out the bit that says IOs version blah
blah blah) and on the router enter the exec mode and then type conf t (ie
config terminal) then move your mouse over the telnet sesiion window and
select paste, this pastes all the config into the relavent sections. If
however the router does not understand a command it will show up as an error
when pasting it in.

If thios is confusing you then just think of a file extension like .tct,
.doc..what ever as an application association extension. You can right click
any file and use the open with option if it has no known application
associated with it.

I use notepad or http://www.editpadclassic.com/ to edit all my configs saves
no end of time.

i hope this helps and answers your question.

All the best,
Yeti-GBR1


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36674t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco Symposium 2002 [7:36673]

[Alex Lei]

Not sure if most of you already received this. 
https://www.cisco-eventreg.com/cpn2002/

Training sessions, free test, and if are already a qualified lab candidate,
free CCIE lab test. Hurry up, the sessions are filling up really quickly.

Alex


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36673t=36673
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36638]

[Wes Stevens]

Scott,

Have you purchased a smartnet contract for your 520's and other routers? By 
the book the software is not tranferable and your pix's and routers are no 
more legal then the code in the pix flash card that was bought on ebay.


From: Scott Morris 
Reply-To: Scott Morris 
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]
Date: Wed, 27 Feb 2002 09:58:30 -0500

Personally?  I have two 520's that I got a sweet deal on (EBay).

But other than that, what is the functional difference between having two
501's and two of something higher?

By that, I mean what is the difference between setting up VPN's to the
outside interfaces versus a DMZ?  What is the big deal?  There's nothing
that you can't test yourself on with a pair of 501's that will be that
dramatically different with 506's, 515's or whatever  The difference
would be in the permissions or translations, but as long as you understand
that difference, I don't see what the big deal is.

Other than playing around for emulating a customers network, I've really
never used my DMZ interfaces for lab testing.  So if I didn't have them, it
wouldn't affect me one way or the other.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 8:56 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


In my own lab a I have a 506. I would like to have another pix with a dmz
interface. I am sure pretty sure they will cover pix to pix and dmz in the
ccie security. But even on ebay to buy a 520 with three interfaces usually
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
ten routers and three switches. Another $2k to $3k for a pix with three
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

 From: Scott Morris
 Reply-To:
 To: 'Wes Stevens'
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 08:32:24 -0500
 
 Somebody's already been selling 'em on EBay.
 
 And I never said legal action should be brought against anyway...  I 
merely
 said it wasn't a bright idea to discuss it in a public forum where Cisco
 people were at.
 
 As for discouraging the program, I hardly think this would do it.  You
 don't
 see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
 this
 is a cost-effective marketing tool for the CCIE program hasn't 
historically
 been a problem.
 
 *shrug*  If people want to do it, they'll do it.  However, I don't think 
it
 is advisable to discuss it publically, nor sell it.  Whether to another
 person for study purposes only or whatever...  Control gets lost after
 that.
 
 And you can get a 501 for the same price, if not less than the 16 meg 
card
 anyway, so what the hell is the point in building your own?  It's not the
 price-point!
 
 Scott
 
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 7:53 AM
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 Scott,
 
 use other then intended
 
 Maybe, but they sell the board with the code installed. It is intended as
 an
 upgrade, but I don't think there is any legal clause shipped with it 
saying
 you can use it for no other purpose. Again the original post was a pix 
for
 a
 CCIE security lab. I just cannot see Cisco taking legal action there. 
They
 have never been a legally heavy handed company. To take action in that 
case
 would send the wrong message. The CCIE program is one of their best
 marketing tools. It puts industry reconized experts in the field with a
 diffinite Cisco bias to them. The CCIE Security program is fairly new and 
I
 don't think it would be in their best interest to discourage it in any 
way.
 
 Now if someone starts cloning pix's by the dozens and selling them on 
ebay
 that is a whole different story.
 
  From: Scott Morris
  Reply-To:
  To: 'Wes Stevens'
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Wed, 27 Feb 2002 07:26:33 -0500
  
  I believe that would be a use other than intended
  
  Cisco is a little lax in enforcing software licenses...  Lots of people
  resell routers with IOS installed (not supposed to).  Lots of people
  download feature sets they don't have licenses for (not supposed to).
  
  There have actually been some cases where Cisco's gone after people
  (typically larger companies).  But it's a WHOLE different thing to 
BUILD
 a
  device and put their software on it...  If I were to build my own 
router
  (god only knows why), and put their software on it, I would fully 
expect
 to
  hear from Cisco.
  
  Worse, if I were to sell it on EBay, that's just asking for trouble.  
And
  before you comment, yes, PIX clones HAVE been sold on Ebay from
  not-so-bright individuals.
  
  Where do you draw the line?  Lots of people drive fast.  It's still
  illegal.
  If you do it enough, and 

RE: How to get the activation key for my clone Pix [7:36638]

[Patrick Ramsey]

setting up vpn's is nothign like having a dmz...   Having multiport
firewalls allows for segregation of all networks behind those interfaces
while still allowing internet connectivity to all.  Who wants to connect to
a vpn just to browse to a web server that could be in the dmz?

-Patrick

 Scott Morris  02/27/02 09:58AM 
Personally?  I have two 520's that I got a sweet deal on (EBay).

But other than that, what is the functional difference between having two
501's and two of something higher?

By that, I mean what is the difference between setting up VPN's to the
outside interfaces versus a DMZ?  What is the big deal?  There's nothing
that you can't test yourself on with a pair of 501's that will be that
dramatically different with 506's, 515's or whatever  The difference
would be in the permissions or translations, but as long as you understand
that difference, I don't see what the big deal is.

Other than playing around for emulating a customers network, I've really
never used my DMZ interfaces for lab testing.  So if I didn't have them, it
wouldn't affect me one way or the other.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 8:56 AM
To: [EMAIL PROTECTED] 
Cc: [EMAIL PROTECTED] 
Subject: RE: How to get the activation key for my clone Pix?


In my own lab a I have a 506. I would like to have another pix with a dmz
interface. I am sure pretty sure they will cover pix to pix and dmz in the
ccie security. But even on ebay to buy a 520 with three interfaces usually
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
ten routers and three switches. Another $2k to $3k for a pix with three
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 08:32:24 -0500

Somebody's already been selling 'em on EBay.

And I never said legal action should be brought against anyway...  I merely
said it wasn't a bright idea to discuss it in a public forum where Cisco
people were at.

As for discouraging the program, I hardly think this would do it.  You
don't
see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
this
is a cost-effective marketing tool for the CCIE program hasn't historically
been a problem.

*shrug*  If people want to do it, they'll do it.  However, I don't think it
is advisable to discuss it publically, nor sell it.  Whether to another
person for study purposes only or whatever...  Control gets lost after
that.

And you can get a 501 for the same price, if not less than the 16 meg card
anyway, so what the hell is the point in building your own?  It's not the
price-point!

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 7:53 AM
To: [EMAIL PROTECTED] 
Subject: RE: How to get the activation key for my clone Pix?


Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as
an
upgrade, but I don't think there is any legal clause shipped with it saying
you can use it for no other purpose. Again the original post was a pix for
a
CCIE security lab. I just cannot see Cisco taking legal action there. They
have never been a legally heavy handed company. To take action in that case
would send the wrong message. The CCIE program is one of their best
marketing tools. It puts industry reconized experts in the field with a
diffinite Cisco bias to them. The CCIE Security program is fairly new and I
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay
that is a whole different story.

 From: Scott Morris 
 Reply-To: 
 To: 'Wes Stevens' 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 07:26:33 -0500
 
 I believe that would be a use other than intended
 
 Cisco is a little lax in enforcing software licenses...  Lots of people
 resell routers with IOS installed (not supposed to).  Lots of people
 download feature sets they don't have licenses for (not supposed to).
 
 There have actually been some cases where Cisco's gone after people
 (typically larger companies).  But it's a WHOLE different thing to BUILD
a
 device and put their software on it...  If I were to build my own router
 (god only knows why), and put their software on it, I would fully expect
to
 hear from Cisco.
 
 Worse, if I were to sell it on EBay, that's just asking for trouble.  And
 before you comment, yes, PIX clones HAVE been sold on Ebay from
 not-so-bright individuals.
 
 Where do you draw the line?  Lots of people drive fast.  It's still
 illegal.
 If you do it enough, and publically flaunt it, chances are you'll get
 pulled
 over sometime.  Go figure.
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 

RE: How to get the activation key for my clone Pix [7:36638]

[Wes Stevens]

No we were talking about the legality of using the pix flash board in a pc 
in a home lab. Cisco cannot tell me what to do with the hardware I purchase. 
As far as the software in the flash if it is bought on ebay it is not legal 
to use it. But my point is that is the same on any software in flash on any 
used Cisco device. If the flash card is bought new through Cisco or a 
distributor it is not clear that using it in a non Cisco pix is illegal.

As for the person selling the homemade pix on ebay he also is doing nothing 
illegal as long as all he is selling is hardware. Just as with any Cisco 
used device it is the responsibility of the buyer to make the software that 
will be used on the device legal.


From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
CC: 
Subject: RE: How to get the activation key for my clone Pix [7:36638]
Date: Wed, 27 Feb 2002 11:24:20 -0500

That was STILL not the conversation we were having...

It doesn't have to do with purchasing a router or a firewall and being
technically licensed to use the code or not...

It has to do with purchasing a small PIECE of the router or firewall, using
it to build something NEW that most definitely is NOT a Cisco box, and then
either talking about it publically and/or selling it.  THAT is the
conversation we were having.

I don't think anyone cares that someone has a bunch of Mercedes hood
ornaments at their home.  If they go out and purchase a cheap car and stick
the Mercedes hood ornament on it, some people may think it's funny, others
not.  If the person then tried to tell everyone about their new Mercedes or
worse yet, tried to SELL their Mercedes  THAT is a problem.

Anyway...  Enough bantering on this and going nowhere...  I have work to 
do.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:48 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


Scott,

I am not trying to have this degrade into personal territory , truly not
my intent.

If you have purchased smartnet for your equipment I applaud that. I can 
tell
you for sure that were I work that is also true. But for my home lab which
was all purchased from ebay I have not. I would venture to say that the
majority of home labs have not purchased smartnet contracts. Many people
seem to feel that it is un ethical to use code in a pix board purchased on
ebay but do not have the same problem with the code that comes in flash on
router or switches purchased on ebay. To me they are the same thing.


 From: Scott Morris 
 Reply-To: 
 To: 'Wes Stevens' 
 CC: 
 Subject: RE: How to get the activation key for my clone Pix [7:36638]
 Date: Wed, 27 Feb 2002 10:37:47 -0500
 
 If it's any consolation, yes.  And also upgraded one of them after 
purchase
 (2meg to 16meg).
 
 That, however, is not the conversation
 
 So apparantly we have no degraded into personal territory instead of a
 vaguely educational conversation.  So, go do what you want, because my
 opinion isn't going to change yours anyway.
 
 Just remember that speeders get pulled over every once and a while...  
And
 people honk and wave and laugh as they pass you just like you passed them
 earlier.  *shrug*
 
 Scott
 
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 10:25 AM
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix [7:36638]
 
 
 Scott,
 
 Have you purchased a smartnet contract for your 520's and other routers? 
By
 the book the software is not tranferable and your pix's and routers are 
no
 more legal then the code in the pix flash card that was bought on ebay.
 
 
  From: Scott Morris 
  Reply-To: Scott Morris 
  To: [EMAIL PROTECTED]
  Subject: RE: How to get the activation key for my clone Pix [7:36638]
  Date: Wed, 27 Feb 2002 09:58:30 -0500
  
  Personally?  I have two 520's that I got a sweet deal on (EBay).
  
  But other than that, what is the functional difference between having 
two
  501's and two of something higher?
  
  By that, I mean what is the difference between setting up VPN's to the
  outside interfaces versus a DMZ?  What is the big deal?  There's 
nothing
  that you can't test yourself on with a pair of 501's that will be that
  dramatically different with 506's, 515's or whatever  The 
difference
  would be in the permissions or translations, but as long as you
 understand
  that difference, I don't see what the big deal is.
  
  Other than playing around for emulating a customers network, I've 
really
  never used my DMZ interfaces for lab testing.  So if I didn't have 
them,
 it
  wouldn't affect me one way or the other.
  
  -Original Message-
  From: Wes Stevens [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, February 27, 2002 8:56 AM
  To: [EMAIL PROTECTED]
  Cc: [EMAIL PROTECTED]
  Subject: RE: How to get the activation key for my clone Pix?

RE: How to get the activation key for my clone Pix [7:36638]

[Scott Morris]

Correct.  but the discussion we were having was regarding particular
firewalls over another specifically for the purpose of studying for the CCIE
Security test.  Therefore nothing like real life.  :)

For a real network, you are absolutely 100% correct!

Scott

-Original Message-
From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:29 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


setting up vpn's is nothign like having a dmz...   Having multiport
firewalls allows for segregation of all networks behind those interfaces
while still allowing internet connectivity to all.  Who wants to connect to
a vpn just to browse to a web server that could be in the dmz?

-Patrick

 Scott Morris  02/27/02 09:58AM 
Personally?  I have two 520's that I got a sweet deal on (EBay).

But other than that, what is the functional difference between having two
501's and two of something higher?

By that, I mean what is the difference between setting up VPN's to the
outside interfaces versus a DMZ?  What is the big deal?  There's nothing
that you can't test yourself on with a pair of 501's that will be that
dramatically different with 506's, 515's or whatever  The difference
would be in the permissions or translations, but as long as you understand
that difference, I don't see what the big deal is.

Other than playing around for emulating a customers network, I've really
never used my DMZ interfaces for lab testing.  So if I didn't have them, it
wouldn't affect me one way or the other.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 8:56 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


In my own lab a I have a 506. I would like to have another pix with a dmz
interface. I am sure pretty sure they will cover pix to pix and dmz in the
ccie security. But even on ebay to buy a 520 with three interfaces usually
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
ten routers and three switches. Another $2k to $3k for a pix with three
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

From: Scott Morris
Reply-To:
To: 'Wes Stevens'
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 08:32:24 -0500

Somebody's already been selling 'em on EBay.

And I never said legal action should be brought against anyway...  I merely
said it wasn't a bright idea to discuss it in a public forum where Cisco
people were at.

As for discouraging the program, I hardly think this would do it.  You
don't
see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
this
is a cost-effective marketing tool for the CCIE program hasn't historically
been a problem.

*shrug*  If people want to do it, they'll do it.  However, I don't think it
is advisable to discuss it publically, nor sell it.  Whether to another
person for study purposes only or whatever...  Control gets lost after
that.

And you can get a 501 for the same price, if not less than the 16 meg card
anyway, so what the hell is the point in building your own?  It's not the
price-point!

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 7:53 AM
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


Scott,

use other then intended

Maybe, but they sell the board with the code installed. It is intended as
an
upgrade, but I don't think there is any legal clause shipped with it saying
you can use it for no other purpose. Again the original post was a pix for
a
CCIE security lab. I just cannot see Cisco taking legal action there. They
have never been a legally heavy handed company. To take action in that case
would send the wrong message. The CCIE program is one of their best
marketing tools. It puts industry reconized experts in the field with a
diffinite Cisco bias to them. The CCIE Security program is fairly new and I
don't think it would be in their best interest to discourage it in any way.

Now if someone starts cloning pix's by the dozens and selling them on ebay
that is a whole different story.

 From: Scott Morris
 Reply-To:
 To: 'Wes Stevens'
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 07:26:33 -0500
 
 I believe that would be a use other than intended
 
 Cisco is a little lax in enforcing software licenses...  Lots of people
 resell routers with IOS installed (not supposed to).  Lots of people
 download feature sets they don't have licenses for (not supposed to).
 
 There have actually been some cases where Cisco's gone after people
 (typically larger companies).  But it's a WHOLE different thing to BUILD
a
 device and put their software on it...  If I were to build my own router
 (god only knows why), and put their software on it, I would fully 

RE: How to get the activation key for my clone Pix [7:36646]

[Wes Stevens]

Jason,

I know that the software is not transferable. My point is that buying a pix 
flash card on ebay and using the code in it is no worse then buying a router 
and using the code in it's flash. There are on any given day 65 pages of 
cisco gear out on ebay not to mention all the other resellers. Legal action 
would not be an effect way to handle the issue. The key on the pix install 
is for des functionality and I suspect was put in for export control 
reasons. But a similar structure would be needed to do any type of software 
control. Cisco must feel that the advantages of smartnet bring in a high 
enough percentage of the used routers to make the added headaches of 
software keys not justified.

Another question - If pix flash card is bought new through a cisco 
distributor and put into a pc instead of a pix, what is the policy?


From: Jason Sullivan 
To: Wes Stevens 
Subject: RE: How to get the activation key for my clone Pix?
Date: Wed, 27 Feb 2002 07:56:10 -0700

Actually if you buy a router on E-bay you don't own the software and it is
illegal.


Software Transfer and Licensing
Overview
Like many high-tech companies that produce software, Cisco adopts a policy
of non-transferability of its software in order to protect its intellectual
property rights. What this means in practice is that owners of Cisco
products are only allowed to transfer, re-sell or re-lease used Cisco
hardware and not the embedded software that runs on the hardware. This
policy also applies to Cisco standalone software applications.
You can find this doc at
http://www.cisco.com/warp/public/csc/refurb_equipment/swlicense.html


Jason Sullivan
Systems Engineer
[EMAIL PROTECTED]
Office (801)270-6732
Pager (800)365-4578


---
Welcome to the Internet, Transportation provided by Cisco Systems

---

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes
Stevens
Sent: Wednesday, February 27, 2002 5:15 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?

Is this pirating software? Cisco sells this board with the software
installed in it. This is no different then buying any other router on on
Ebay and using it without putting it on smartnet. Are you going to take
legal action against all of those people also?
 From: Jason Sullivan 
 To: Wes Stevens 
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Tue, 26 Feb 2002 20:14:50 -0700
 
 
 
 First give me a break it was just an observation.
 Second, pirating software is illegal.  Read the disclaimer out on CCO.
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, February 26, 2002 8:05 PM
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 J
 
  From: Jason Sullivan 
  Reply-To: Jason Sullivan 
  To: Athony Jones , ,
  
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Tue, 26 Feb 2002 17:58:32 -0700
  
  You should take the 400 you spent and buy a 501.  I promise it will be
 less
  than your legal fees if Cisco were to get involved.
  
  
  Jason Sullivan
  Systems Engineer
  [EMAIL PROTECTED]
  Office (801)270-6732
  Pager (800)365-4578
  
 

---
 -
  ---
  Welcome to the Internet, Transportation provided by Cisco Systems
 

---
 -
  ---
  
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  Athony Jones
  Sent: Tuesday, February 26, 2002 1:02 PM
  To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
  Subject: How to get the activation key for my clone Pix?
  
  Hi Everyone,
  After struggling for the past two days, I have
  successfully cloned a Pix firewall by using my PC.
  I plug the 16MB flash card into the PC's ISA slot
  and the PC recognize that it is a Pix flash card
  (cost me $400.00). It boots up fine and everything
  seems to be in order.  However, after the boot up
  sequence, it asks me for the activation key.  I've
  been trying many different possible scenarios without
  much success.  I even tried to use the activation key
  from another Pix firewall but that doesn't work
  either.
  
  Anybody know how I can fake my clone Pix with a
  fake activation key?  By the way,I am running Pix OS
  code version 6.1(2). I even tried 5.3(1), 5.3(2),
  6.0(1) and 6.1(1) and one of them works.  By the way,
  the PC has 128MB of RAM and a 16Mb Flash ISA card.
  I tried to clone a Pix520.
  
  Please help.
  
  Jason
  
  __
  Do You Yahoo!?
  Yahoo! Greetings - Send FREE e-cards for every occasion!
  http://greetings.yahoo.com
 

RE: How to get the activation key for my clone Pix [7:36638]

[Scott Morris]

If it's any consolation, yes.  And also upgraded one of them after purchase
(2meg to 16meg).

That, however, is not the conversation

So apparantly we have no degraded into personal territory instead of a
vaguely educational conversation.  So, go do what you want, because my
opinion isn't going to change yours anyway.

Just remember that speeders get pulled over every once and a while...  And
people honk and wave and laugh as they pass you just like you passed them
earlier.  *shrug*

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:25 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


Scott,

Have you purchased a smartnet contract for your 520's and other routers? By
the book the software is not tranferable and your pix's and routers are no
more legal then the code in the pix flash card that was bought on ebay.


From: Scott Morris 
Reply-To: Scott Morris 
To: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]
Date: Wed, 27 Feb 2002 09:58:30 -0500

Personally?  I have two 520's that I got a sweet deal on (EBay).

But other than that, what is the functional difference between having two
501's and two of something higher?

By that, I mean what is the difference between setting up VPN's to the
outside interfaces versus a DMZ?  What is the big deal?  There's nothing
that you can't test yourself on with a pair of 501's that will be that
dramatically different with 506's, 515's or whatever  The difference
would be in the permissions or translations, but as long as you understand
that difference, I don't see what the big deal is.

Other than playing around for emulating a customers network, I've really
never used my DMZ interfaces for lab testing.  So if I didn't have them, it
wouldn't affect me one way or the other.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 8:56 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix?


In my own lab a I have a 506. I would like to have another pix with a dmz
interface. I am sure pretty sure they will cover pix to pix and dmz in the
ccie security. But even on ebay to buy a 520 with three interfaces usually
runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
ten routers and three switches. Another $2k to $3k for a pix with three
interfaces is beyond my reach.

So how do you practice pix to pix and dmz?

 From: Scott Morris
 Reply-To:
 To: 'Wes Stevens'
 Subject: RE: How to get the activation key for my clone Pix?
 Date: Wed, 27 Feb 2002 08:32:24 -0500
 
 Somebody's already been selling 'em on EBay.
 
 And I never said legal action should be brought against anyway...  I
merely
 said it wasn't a bright idea to discuss it in a public forum where Cisco
 people were at.
 
 As for discouraging the program, I hardly think this would do it.  You
 don't
 see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
 this
 is a cost-effective marketing tool for the CCIE program hasn't
historically
 been a problem.
 
 *shrug*  If people want to do it, they'll do it.  However, I don't think
it
 is advisable to discuss it publically, nor sell it.  Whether to another
 person for study purposes only or whatever...  Control gets lost after
 that.
 
 And you can get a 501 for the same price, if not less than the 16 meg
card
 anyway, so what the hell is the point in building your own?  It's not the
 price-point!
 
 Scott
 
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 7:53 AM
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 Scott,
 
 use other then intended
 
 Maybe, but they sell the board with the code installed. It is intended as
 an
 upgrade, but I don't think there is any legal clause shipped with it
saying
 you can use it for no other purpose. Again the original post was a pix
for
 a
 CCIE security lab. I just cannot see Cisco taking legal action there.
They
 have never been a legally heavy handed company. To take action in that
case
 would send the wrong message. The CCIE program is one of their best
 marketing tools. It puts industry reconized experts in the field with a
 diffinite Cisco bias to them. The CCIE Security program is fairly new and
I
 don't think it would be in their best interest to discourage it in any
way.
 
 Now if someone starts cloning pix's by the dozens and selling them on
ebay
 that is a whole different story.
 
  From: Scott Morris
  Reply-To:
  To: 'Wes Stevens'
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Wed, 27 Feb 2002 07:26:33 -0500
  
  I believe that would be a use other than intended
  
  Cisco is a little lax in enforcing software licenses...  Lots of people
  resell routers with IOS installed (not 

RE: How to get the activation key for my clone Pix [7:36638]

[Scott Morris]

That was STILL not the conversation we were having...

It doesn't have to do with purchasing a router or a firewall and being
technically licensed to use the code or not...

It has to do with purchasing a small PIECE of the router or firewall, using
it to build something NEW that most definitely is NOT a Cisco box, and then
either talking about it publically and/or selling it.  THAT is the
conversation we were having.

I don't think anyone cares that someone has a bunch of Mercedes hood
ornaments at their home.  If they go out and purchase a cheap car and stick
the Mercedes hood ornament on it, some people may think it's funny, others
not.  If the person then tried to tell everyone about their new Mercedes or
worse yet, tried to SELL their Mercedes  THAT is a problem.

Anyway...  Enough bantering on this and going nowhere...  I have work to do.

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:48 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


Scott,

I am not trying to have this degrade into personal territory , truly not
my intent.

If you have purchased smartnet for your equipment I applaud that. I can tell
you for sure that were I work that is also true. But for my home lab which
was all purchased from ebay I have not. I would venture to say that the
majority of home labs have not purchased smartnet contracts. Many people
seem to feel that it is un ethical to use code in a pix board purchased on
ebay but do not have the same problem with the code that comes in flash on
router or switches purchased on ebay. To me they are the same thing.


From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
CC: 
Subject: RE: How to get the activation key for my clone Pix [7:36638]
Date: Wed, 27 Feb 2002 10:37:47 -0500

If it's any consolation, yes.  And also upgraded one of them after purchase
(2meg to 16meg).

That, however, is not the conversation

So apparantly we have no degraded into personal territory instead of a
vaguely educational conversation.  So, go do what you want, because my
opinion isn't going to change yours anyway.

Just remember that speeders get pulled over every once and a while...  And
people honk and wave and laugh as they pass you just like you passed them
earlier.  *shrug*

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:25 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


Scott,

Have you purchased a smartnet contract for your 520's and other routers? By
the book the software is not tranferable and your pix's and routers are no
more legal then the code in the pix flash card that was bought on ebay.


 From: Scott Morris 
 Reply-To: Scott Morris 
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix [7:36638]
 Date: Wed, 27 Feb 2002 09:58:30 -0500
 
 Personally?  I have two 520's that I got a sweet deal on (EBay).
 
 But other than that, what is the functional difference between having two
 501's and two of something higher?
 
 By that, I mean what is the difference between setting up VPN's to the
 outside interfaces versus a DMZ?  What is the big deal?  There's nothing
 that you can't test yourself on with a pair of 501's that will be that
 dramatically different with 506's, 515's or whatever  The difference
 would be in the permissions or translations, but as long as you
understand
 that difference, I don't see what the big deal is.
 
 Other than playing around for emulating a customers network, I've really
 never used my DMZ interfaces for lab testing.  So if I didn't have them,
it
 wouldn't affect me one way or the other.
 
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 8:56 AM
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 In my own lab a I have a 506. I would like to have another pix with a dmz
 interface. I am sure pretty sure they will cover pix to pix and dmz in
the
 ccie security. But even on ebay to buy a 520 with three interfaces
usually
 runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
 ten routers and three switches. Another $2k to $3k for a pix with three
 interfaces is beyond my reach.
 
 So how do you practice pix to pix and dmz?
 
  From: Scott Morris
  Reply-To:
  To: 'Wes Stevens'
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Wed, 27 Feb 2002 08:32:24 -0500
  
  Somebody's already been selling 'em on EBay.
  
  And I never said legal action should be brought against anyway...  I
 merely
  said it wasn't a bright idea to discuss it in a public forum where
Cisco
  people were at.
  
  As for discouraging the program, I hardly think this would do it.  You
  don't
  see people cloning ATM boxes, or 

RE: PIX Simulator [7:36654]

[McIntosh, Leslie (US - Tulsa)]

Kevin,

I am not sure how it works (I would love to know!), but I have see PC's
claiming to run PIX IOS software for this very purpose on eBay for @ $1000.
Only if I were going to spend that much I would just buy a PIX 506 baby
firewall then have some resale value.  I would love to know if anyone knows
how to setup a PIX on a PC for testing purposes (I have spare PC's at the
house).  I am currently studying for my CSVPN, but I am having to do some
configuration on our PIX 520, so I am reading my CS PIX advanced Cisco Press
book as well.


Thank You,

Leslie McIntosh
Network Engineer
Deloitte  Touche
(918)461-4894
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
kevhed
Sent: Wednesday, February 27, 2002 9:48 AM
To: [EMAIL PROTECTED]
Subject: PIX Simulator [7:36654]


Does anyone know of or can recommend a PIX IOS simulator?  I'm gearing up
for the CSS1 cert and need some experience on a newer version of pix ios.
We have a pix but it's running some ancient ios (2.7.11) and there's no
upgrade in for it in the near future.  So I'm hoping to find a simulator (if
one exists) to practice  on a newer ver of ios.   Thx in advance.
--
Kevin Keay (N+,CNE,CCSE,CCDP,CCNP)
Sr. Network Specialist
Ondeo-Nalco
- This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law.  -
If you are not the intended recipient, you should delete this message and
are hereby notified that any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly prohibited.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36659t=36654
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36638]

[Wes Stevens]

Scott,

I am not trying to have this degrade into personal territory , truly not 
my intent.

If you have purchased smartnet for your equipment I applaud that. I can tell 
you for sure that were I work that is also true. But for my home lab which 
was all purchased from ebay I have not. I would venture to say that the 
majority of home labs have not purchased smartnet contracts. Many people 
seem to feel that it is un ethical to use code in a pix board purchased on 
ebay but do not have the same problem with the code that comes in flash on 
router or switches purchased on ebay. To me they are the same thing.


From: Scott Morris 
Reply-To: 
To: 'Wes Stevens' 
CC: 
Subject: RE: How to get the activation key for my clone Pix [7:36638]
Date: Wed, 27 Feb 2002 10:37:47 -0500

If it's any consolation, yes.  And also upgraded one of them after purchase
(2meg to 16meg).

That, however, is not the conversation

So apparantly we have no degraded into personal territory instead of a
vaguely educational conversation.  So, go do what you want, because my
opinion isn't going to change yours anyway.

Just remember that speeders get pulled over every once and a while...  And
people honk and wave and laugh as they pass you just like you passed them
earlier.  *shrug*

Scott

-Original Message-
From: Wes Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 10:25 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: How to get the activation key for my clone Pix [7:36638]


Scott,

Have you purchased a smartnet contract for your 520's and other routers? By
the book the software is not tranferable and your pix's and routers are no
more legal then the code in the pix flash card that was bought on ebay.


 From: Scott Morris 
 Reply-To: Scott Morris 
 To: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix [7:36638]
 Date: Wed, 27 Feb 2002 09:58:30 -0500
 
 Personally?  I have two 520's that I got a sweet deal on (EBay).
 
 But other than that, what is the functional difference between having two
 501's and two of something higher?
 
 By that, I mean what is the difference between setting up VPN's to the
 outside interfaces versus a DMZ?  What is the big deal?  There's nothing
 that you can't test yourself on with a pair of 501's that will be that
 dramatically different with 506's, 515's or whatever  The difference
 would be in the permissions or translations, but as long as you 
understand
 that difference, I don't see what the big deal is.
 
 Other than playing around for emulating a customers network, I've really
 never used my DMZ interfaces for lab testing.  So if I didn't have them, 
it
 wouldn't affect me one way or the other.
 
 -Original Message-
 From: Wes Stevens [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 8:56 AM
 To: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: RE: How to get the activation key for my clone Pix?
 
 
 In my own lab a I have a 506. I would like to have another pix with a dmz
 interface. I am sure pretty sure they will cover pix to pix and dmz in 
the
 ccie security. But even on ebay to buy a 520 with three interfaces 
usually
 runs over $2k. I have a full lab at home - atm, token ring, isdn, frame -
 ten routers and three switches. Another $2k to $3k for a pix with three
 interfaces is beyond my reach.
 
 So how do you practice pix to pix and dmz?
 
  From: Scott Morris
  Reply-To:
  To: 'Wes Stevens'
  Subject: RE: How to get the activation key for my clone Pix?
  Date: Wed, 27 Feb 2002 08:32:24 -0500
  
  Somebody's already been selling 'em on EBay.
  
  And I never said legal action should be brought against anyway...  I
 merely
  said it wasn't a bright idea to discuss it in a public forum where 
Cisco
  people were at.
  
  As for discouraging the program, I hardly think this would do it.  You
  don't
  see people cloning ATM boxes, or VoIP stuff, do ya?  So the argument of
  this
  is a cost-effective marketing tool for the CCIE program hasn't
 historically
  been a problem.
  
  *shrug*  If people want to do it, they'll do it.  However, I don't 
think
 it
  is advisable to discuss it publically, nor sell it.  Whether to another
  person for study purposes only or whatever...  Control gets lost 
after
  that.
  
  And you can get a 501 for the same price, if not less than the 16 meg
 card
  anyway, so what the hell is the point in building your own?  It's not 
the
  price-point!
  
  Scott
  
  -Original Message-
  From: Wes Stevens [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, February 27, 2002 7:53 AM
  To: [EMAIL PROTECTED]
  Subject: RE: How to get the activation key for my clone Pix?
  
  
  Scott,
  
  use other then intended
  
  Maybe, but they sell the board with the code installed. It is intended 
as
  an
  upgrade, but I don't think there is any legal clause shipped with it
 saying
  you can use it for no other purpose. Again the original post was a pix
 for
  a
  CCIE 

RE: MPLS in the Enterprise [7:36670]

[Joseph Brunner]

i was pitched this very thing recently by wcom and qwest.. basically it is
only as secure as your carriers.. if some f*cks up and imports something
into your VRF, either a default, another vpn, or whatever you security
is finished.. plug banks are supposed to encrypt over IPSEC, so why bother
running MPLS (come one how much diff-serv can do you on frac T-1's anyway)
if you are just going to IPSEC the packets between pix's or vpn
concentrators
anyway.. MPLS right now for 100 sites, just can't be trusted. I used to work
for ISP's, everyone there was a perp.. trust my vpn security to some loser
ISP.
No thanks

read this

http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.htm



Joseph Brunner
ASN 21572
MortgageIT MITLending
New York, NY 10038
(212) 651 - 7695 Voice
(212) 651 - 7795 Fax



-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 12:24 PM
To: [EMAIL PROTECTED]
Subject: MPLS in the Enterprise [7:36670]


Okay, I'm about to show how clueless I am when it comes to MPLS

I've been getting calls from multiple providers lately all trying to
suggest that I migrate our 100-site frame relay network to their MPLS
network, suggesting that we'll have any-to-any connectivity and the
ability to prioritize traffic classes within the MPLS network.  

Are any of you doing something like this?  I'm going to read up on it
but I'm having trouble visualizing it.  Does this basically turn our
network into a giant multipoint network?  Do our branch routers need to
be aware of MPLS or do providers make this transparent somehow?  How
does this affect routing?

It seems that if we have any-to-any connectivity then the branch
routers don't even need to run a routing protocol; every router would
have one exit point to get to any destination.  But, how would the MPLS
cloud know where to route packets?  The more I think about it it seems
like our branch routers would have to participate in MPLS to provide the
necessary destination info for the MPLS cloud.

See how clueless I am?  Ugh...  Time to do some studying on this. 
Since we already do a little video conferencing over IP and are working
on getting VoIP working, it might be beneficial to get away from the
frame relay network.  But since I don't understand this new technology,
I don't know if it's  a viable solution for us or not.

Off to CCO I go!

Thanks,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36672t=36670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

eBay seller kabel_inc [7:36666]

[[EMAIL PROTECTED] (John Nemeth)]

Does anybody know anything about eBay seller kabel_inc?  Is this
perhaps another alias for ojick?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=3t=3
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF question [7:36641]

[Scott H.]

Always know multiple ways to do things.  Priority overrides RID.

cclark  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 In determining DR and BDR, OSPF will use the priority and the Router ID. I
 can change the Router ID by creating a loopback with a higher ID (IP
address
 right?). Why would I do this? Why would I not just change the priority of
 the router in question? If I want a specific router to be the DR, why not
 set it with a priority of 1 and set all the other routers to something
like
 5? TIA.

 cc




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36675t=36641
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Jeff Dutton]

Yes I am aware that you can send a running-config from a text file to a
router in config t I just was wondering whether or not I could change the
current filename from .doc to no extension and whether or not TFTP server
would recognize it.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36676t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Security Design - PIX or Whatever [7:36677]

[Chuck]

Just to remove this topic from that other thread about PIX clones, Patrick
R. brought up some good points in one of his posts.

Security design ( which is apparently NOT what cisco teaches or tests in
their security programs ) is a lot more than just closing ports and doing
NAT.

Many organizations have reason to segregate various pats of their network
from eachother. Financial institutions, medical organizations, insurance
companies, any operation that has information that is need to know has
reason to set up multiple security zones. We cover some of this thinking
when we talk about access-lists. Modern multiport firewalls take this to its
logical extreme in their design and philosophy.

for example, given a County School Board, which has an internet connection,
and permits multiple school districts to share that internet connection
through a WAN. Is it reasonable or rational, let alone good security
practice, to consider a two port firewall as adequate protection? ( three
port if there is a DMZ for, say, school web sites ) 

how about a brokerage firm, where there are supposed to be chinese walls
between their sales, investment banking, and research operations?

what about any company with payroll, human resources, sales, trade secret
operations such as manufacturing or patent development?

With everyone become interconnected, it is more important than ever to study
security in terms of protecting assets, rather than filtering ports or
addresses. Identification of those assets is an integral part of the
process.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36677t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ppp callback question [7:36678]

[[EMAIL PROTECTED]]

Hi,

I have a friend who has his R/S exam in a few weeks.  He is struggling with
the following:

whats the equivalent of ppp callback within a dialer profile and not using
legacy DDR and not using ISDN callback.

he has found an equivalent based on isdn callback, but he doesn't think its
the equivalent of PPP callback.  He is trying not to revert back to using
dialer maps etc as dialer profiles are much more dynamic.

thanks for your assistance,

regards

Neil C Moss 
IP Network Engineering, BTexact Technologies
BT Adastral Park - Tel 01473 606304 - Fax 01473 606727
 BTexact Technologies is a trademark of British Telecommunications plc
 Registered office: 81 Newgate Street London EC1A 7AJ
 Registered in England no. 180
 
 This electronic message contains information from British
 Telecommunications plc which may be privileged or confidential. The
 information is intended to be for the use of the individual(s) or entity
 named above. If you are not the intended recipient be aware that any
 disclosure, copying, distribution or use of the contents of this
 information is prohibited. If you have received this electronic message in
 error, please notify us by telephone or email (to the numbers or address
 above) immediately




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36678t=36678
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security Design - PIX or Whatever [7:36677]

[Mike Sweeney]

Lets not forget politcal concerns when trying do a reasonable level of
security. I worked a healthcare provider and boy, you should have heard the
Docs squawk about passwords and pin codes for access to the primary
LAN/WAN... to the point that admin overruled the IS dept and special
*permission* not to use the security procedures...  happens every day..

MikeS
'


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36679t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Simulator [7:36654]

[Mike Sweeney]

kevhed wrote:
 
 Does anyone know of or can recommend a PIX IOS simulator?  I'm
 gearing up
 for the CSS1 cert and need some experience on a newer version
 of pix ios.
 We have a pix but it's running some ancient ios (2.7.11) and
 there's no
 upgrade in for it in the near future.  So I'm hoping to find a
 simulator (if
 one exists) to practice  on a newer ver of ios.   Thx in
 advance.
 --
 Kevin Keay (N+,CNE,CCSE,CCDP,CCNP)
 Sr. Network Specialist
 Ondeo-Nalco
 
 

401.00 will get you a 501 PIX, 6.1 IOS.. DES encyrption for free after
registration.. 3DES is extra.. 10 users..  not a bad deal at all. The
*simulated* PIX is a PX with the Cisco flashcard installed.. something
around $900-1000.00  It does give multiple interfaces. Not being a PIX geek,
I dont know how valuable that is for the training labs.

MikeS



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36680t=36654
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MPLS in CCIE [7:36682]

[Persio Pucci]

How much of MPLS (if some at all) is covered in the CCIE exams?

tks!

Persio Pucci - CCNP
UOL Inc. - Tecnologia
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36682t=36682
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Grade to get CCDA [7:36636]

[J-B]

Thanks Tim Medley, well put

Mario, you should really concentrate on learning the technology, be able to
understand how it can be utilized in many different
situations and when you take the test, you don't have to think about the
passing grades.

My two cents.

JB,
MCSE, CCNA, CCNP, CCDA, CCDP.One day CCIE(it looks like an
eternity..just a joke).

Tim Medley  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 All Cisco exams are Pass or Fail exams. It's that simple, if you know
 the material that is covered on the exam then you will Pass; if you do
 not know the material then you will Fail.

 Your focus should not be how you can skim by and just barely pass the
 exam.

 If you don't really know the concepts and technologies and just cram so
 that you pass the exam, what good is the certification then? Just
 because you have a certification doesn't mean that someone is going to
 hire you and throw money at you.

 Employers look at certifications as a base line, a ccda should know xyz
 concepts and know how to accomplish xyz tasks. If you can't perform at
 the baseline level you're not going to be around at that job long or you
 may not even get hired.

 With the way the Tech job market is these days, you need to be able to
 differentiate yourself from your peers. Paper Certs are not a way to do
 this.

 Please stop asking for minimum scores to pass or the number of questions
 on an exam. Review the exam outlines and blueprints on CCO and learn the
 concepts and technologies.

 Most everyone here in this forum is here to share knowledge and learn
 from each other. If you don't understand a concept or technology, post a
 question about it you'll receive plenty of help.


 Tim Medley - CCNP+Voice, CCDP
 Sr. Network Architect
 VoIP Group
 iReadyWorld


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Rodrigues, Mario
 Sent: Wednesday, February 27, 2002 9:29 AM
 To: [EMAIL PROTECTED]
 Subject: Grade to get CCDA [7:36636]

 Hi Folks,

 I would like to know how is the grade to get CCDA.



 Regards,

 Mario A. Rodrigues




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36683t=36636
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Some Answers RE: MPLS in the Enterprise [7:36670]

[John Neiberger]

Okay, I just got off the phone with a vendor and I have a better handle
on what they're actually proposing.  Here's the scoop:

They offer a couple of different variations of the MPLS solution.  The
first solution requires that we readdress our entire network to match
their addressing scheme.  This allows our branches to have any-to-any
connectivity.  Our routers do not need to be aware of MPLS.  The
vendor's network accepts frame relay encapsulated connections so our
routers still think they're using frame relay.  To make use of the
multiple priorities within their network we use CAR or route-maps or
whatever to set the TOS  in the IP headers. Since each branch router
will have only a single exit point, a single static route will suffice
and no routing protocol is needed.

Because of the readdressing issue we're just not interested in that
variation.  The second solution allows us to keep our existing
addressing and they emulate our current frame relay PVCs within their
network.  This does not allow us to have any-to-any connectivity but it
still allows us to use multiple priorities within their cloud.  As
expected, we'd need to continue to run our IGP of choice.

Another downside is that their list pricing is roughly twice what we're
paying for our frame network.  :-)  Not much incentive there!

Still, it's an interesting thought and it could be useful to companies
who want to use VoIP but have a lot of locations.  They need to bring
that pricing down, though.  At that price point there's no way we'd even
consider them.

John

 Joseph Brunner  2/27/02 11:09:20 AM 
i was pitched this very thing recently by wcom and qwest.. basically it
is
only as secure as your carriers.. if some f*cks up and imports
something
into your VRF, either a default, another vpn, or whatever you security
is finished.. plug banks are supposed to encrypt over IPSEC, so why
bother
running MPLS (come one how much diff-serv can do you on frac T-1's
anyway)
if you are just going to IPSEC the packets between pix's or vpn
concentrators
anyway.. MPLS right now for 100 sites, just can't be trusted. I used to
work
for ISP's, everyone there was a perp.. trust my vpn security to some
loser
ISP.
No thanks

read this

http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.htm 



Joseph Brunner
ASN 21572
MortgageIT MITLending
New York, NY 10038
(212) 651 - 7695 Voice
(212) 651 - 7795 Fax



-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 12:24 PM
To: [EMAIL PROTECTED] 
Subject: MPLS in the Enterprise [7:36670]


Okay, I'm about to show how clueless I am when it comes to MPLS

I've been getting calls from multiple providers lately all trying to
suggest that I migrate our 100-site frame relay network to their MPLS
network, suggesting that we'll have any-to-any connectivity and the
ability to prioritize traffic classes within the MPLS network.  

Are any of you doing something like this?  I'm going to read up on it
but I'm having trouble visualizing it.  Does this basically turn our
network into a giant multipoint network?  Do our branch routers need
to
be aware of MPLS or do providers make this transparent somehow?  How
does this affect routing?

It seems that if we have any-to-any connectivity then the branch
routers don't even need to run a routing protocol; every router would
have one exit point to get to any destination.  But, how would the
MPLS
cloud know where to route packets?  The more I think about it it seems
like our branch routers would have to participate in MPLS to provide
the
necessary destination info for the MPLS cloud.

See how clueless I am?  Ugh...  Time to do some studying on this. 
Since we already do a little video conferencing over IP and are
working
on getting VoIP working, it might be beneficial to get away from the
frame relay network.  But since I don't understand this new
technology,
I don't know if it's  a viable solution for us or not.

Off to CCO I go!

Thanks,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36681t=36670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security Design - PIX or Whatever [7:36677]

[William Gragido]

The only difference is that those organizations (physicians as well), will
held accountable for violation of HIPPA and face fines and potentially jail
time :-(

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 12:30 PM
To: [EMAIL PROTECTED]
Subject: RE: Security Design - PIX or Whatever [7:36677]


Lets not forget politcal concerns when trying do a reasonable level of
security. I worked a healthcare provider and boy, you should have heard the
Docs squawk about passwords and pin codes for access to the primary
LAN/WAN... to the point that admin overruled the IS dept and special
*permission* not to use the security procedures...  happens every day..

MikeS
'




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36684t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISIS filtering, redistribution, etc. [7:36580]

[s vermill]

Guy,

I am not in my office today so I can't help you right now.  I did find a few
somewhat useful config guides for IS-IS on CCO last year.  I'll send you
anything that looks valuable later tonight or tomorrow.

Scott


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36685t=36580
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security Design - PIX or Whatever [7:36677]

[Chuck]

don't even get me started on this. I work for an organization that uses
employee SSN numbers for validation purposes in a lot of instances. So when
I call the Help Desk to complain about e-mail ( an ongoing problem ) I am
asked to provide my SSN to the folks there. In these days of rampant and
easy identity theft, how smart is it to allow access to a large database of
valid SSN's to practically everyone who asks?

HIPAA??? isn't that on hold for review?  You know, I was reading through one
of the drafts and I thought I saw something that floored me - the regulators
were stating that multiplexed links such as frame relay and ATM were
considered unsecure because different organizations were sharing circuits.
The implication was that healthcare organizations would have to move to
point to point technologies - most of which end up passing through ATM
backbones anyway. Sheesh.

Longer term I believe that security solutions will involve end to end
encryption - server to host, on the LAN as well as the WAN, in addition to
what is already done on VPN's.

I always liked the HIPAA provision about management responsibility and
management fines and jail time for failure to comply. Wish that were so in a
lot of other industries where I have worked. ;-

Chuck



William Gragido  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 The only difference is that those organizations (physicians as well), will
 held accountable for violation of HIPPA and face fines and potentially
jail
 time :-(

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 12:30 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Security Design - PIX or Whatever [7:36677]


 Lets not forget politcal concerns when trying do a reasonable level of
 security. I worked a healthcare provider and boy, you should have heard
the
 Docs squawk about passwords and pin codes for access to the primary
 LAN/WAN... to the point that admin overruled the IS dept and special
 *permission* not to use the security procedures...  happens every day..

 MikeS
 '




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36686t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF question [7:36641]

[Brian]

Priority to me seems most useful for specifying which routers should never
be dr/bdr, most people would never want a 25xx to be dr.

Bri

On Wed, 27 Feb 2002, Scott H. wrote:

 Always know multiple ways to do things.  Priority overrides RID.

 cclark  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  In determining DR and BDR, OSPF will use the priority and the Router ID.
I
  can change the Router ID by creating a loopback with a higher ID (IP
 address
  right?). Why would I do this? Why would I not just change the priority of
  the router in question? If I want a specific router to be the DR, why not
  set it with a priority of 1 and set all the other routers to something
 like
  5? TIA.
 
  cc




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36688t=36641
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Mark Odette II]

Justin-
Don't do it in MS Word... do it in Notepad.
Otherwise, the new .doc file will have extra stuff invisibly inserted that
the router won't like.

At least that's my understanding of it I've not actually done such
myself.

HTH,
Mark

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Jeff Dutton
Sent: Wednesday, February 27, 2002 11:30 AM
To: [EMAIL PROTECTED]
Subject: Copying RAM to a text file [7:36671]


Alright lets say for example that when you copy your running-config to a
tftp server it shows the file type as file (meaning no extension) but if
you rename the file with a .doc extension it shows all of the text within
the show run commmand just as it would if you copied and pasted your
running-config from a hyperterminal session and pasted it into a word doc. I
copied a running-config from a router and pasted it into a word doc so I
could edit to to meet the specs I'll need for another router. That being
said, if I take off the .doc extension which will make the file a file
type could I then copy this file from a tftp server to the new router? This
is something I'll have to get set up tommorow and I am just looking at what
might be the quickest way to get the new router up.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36689t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security Design - PIX or Whatever [7:36677]

[Brian]

That is un friggingbelievable, I give my social to my bank and other
parties I have a financial arrangement with, thats it.  There must be a
better way using keys, a challenge response or something like that.

Bri

On Wed, 27 Feb 2002, Chuck wrote:

 don't even get me started on this. I work for an organization that uses
 employee SSN numbers for validation purposes in a lot of instances. So when
 I call the Help Desk to complain about e-mail ( an ongoing problem ) I am
 asked to provide my SSN to the folks there. In these days of rampant and
 easy identity theft, how smart is it to allow access to a large database of
 valid SSN's to practically everyone who asks?

 HIPAA??? isn't that on hold for review?  You know, I was reading through
one
 of the drafts and I thought I saw something that floored me - the
regulators
 were stating that multiplexed links such as frame relay and ATM were
 considered unsecure because different organizations were sharing
circuits.
 The implication was that healthcare organizations would have to move to
 point to point technologies - most of which end up passing through ATM
 backbones anyway. Sheesh.

 Longer term I believe that security solutions will involve end to end
 encryption - server to host, on the LAN as well as the WAN, in addition to
 what is already done on VPN's.

 I always liked the HIPAA provision about management responsibility and
 management fines and jail time for failure to comply. Wish that were so in
a
 lot of other industries where I have worked. ;-

 Chuck



 William Gragido  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  The only difference is that those organizations (physicians as well),
will
  held accountable for violation of HIPPA and face fines and potentially
 jail
  time :-(
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, February 27, 2002 12:30 PM
  To: [EMAIL PROTECTED]
  Subject: RE: Security Design - PIX or Whatever [7:36677]
 
 
  Lets not forget politcal concerns when trying do a reasonable level of
  security. I worked a healthcare provider and boy, you should have heard
 the
  Docs squawk about passwords and pin codes for access to the primary
  LAN/WAN... to the point that admin overruled the IS dept and special
  *permission* not to use the security procedures...  happens every day..
 
  MikeS
  '




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36690t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to get the activation key for my clone Pix [7:36687]

[KF]

hmm as far as I know the S/N is dependent on the special S/N written in
block of BIOS (onboard flash) of the intel motherboard. That
number is compared with the key during the boot

They used http://www.VxWorks.com as a platform for Cache Engines, LD and
perhaps for pix also  For instance, for CE, bootstrap
is checking the MB serial and also HDD rom versions... if they are not valid
(made for cisco) then software is not loaded

greetz

alex

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Athony Jones
 Sent: Tuesday, February 26, 2002 9:02 PM
 To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Subject: How to get the activation key for my clone Pix?


 Hi Everyone,
 After struggling for the past two days, I have
 successfully cloned a Pix firewall by using my PC.
 I plug the 16MB flash card into the PC's ISA slot
 and the PC recognize that it is a Pix flash card
 (cost me $400.00). It boots up fine and everything
 seems to be in order.  However, after the boot up
 sequence, it asks me for the activation key.  I've
 been trying many different possible scenarios without
 much success.  I even tried to use the activation key
 from another Pix firewall but that doesn't work
 either.

 Anybody know how I can fake my clone Pix with a
 fake activation key?  By the way,I am running Pix OS
 code version 6.1(2). I even tried 5.3(1), 5.3(2),
 6.0(1) and 6.1(1) and one of them works.  By the way,
 the PC has 128MB of RAM and a 16Mb Flash ISA card.
 I tried to clone a Pix520.

 Please help.

 Jason

 __
 Do You Yahoo!?
 Yahoo! Greetings - Send FREE e-cards for every occasion!
 http://greetings.yahoo.com
 __
 To unsubscribe from the SECURITY list, send a message to
 [EMAIL PROTECTED] with the body containing:
 unsubscribe SECURITY




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36687t=36687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Spanning tree Protocol Questions [7:36559]

[Pierre-Alex Guanel]

Priscilla,

In the attachment (Cisco CCNA Exam Guide #640-507  Certification Guide: ISBN
0-7357-0971-8), page 167 - 168, the authors seem to indicate that CBPDUs are
sent from blocked ports! The ability for CBPDUs to be sent out of blocked
port seems to a determinant factor for the Spanning Tree to be recomputed
after a topology change 


Here is a word by word copy of the passage. The part I have problem about is
the one with (!!)

Thanks!

Pierre-Alex

--(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4 (e0)---(e1)Bridge 3
(e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0)

Cost advertised by B2 is 100
Cost advertised by B3 is 200
Cost advertised by B5 is 10
Blocked port: Bridge 3, port e1

Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires. The other bridges
are still receiving CBPDUs on their root ports. After MaxAge expires, Bridge
4 will decide the following:

Step 1 My E1 port is no longer my root port
Step 2 The same root bridge is being advertised in a CBPDU on my E0 port
(!)
Step 3 No other CBPDUs are being received
Step 4 My best path (and the only path, in this case) to the root is out of
my E0 port; therefore, my root port is now E0.)
Step 5 Because no other CBPDUs are entering my E1 port, I must be the
designated bridge on that segment. So, I will start sending CBPDUs on E1,
addming my E0 port cost (10) to the cost of the CBPDU received in the CBPDU
entering E0 (200) for a total of 210 (!!)




Kind Regards,

Pierre-Alex

 


 



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36691t=36559
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Jeff Dutton]

Thanks for reminding me Mark. 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36692t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security Design - PIX or Whatever [7:36677]

[Victor Alegun]

Chuck, I work in a health organisation and we are considering implementing
some security measures to meet HIPAA standard.  Could you please give me the
URL where you read about the regulators on Frame-relay and ATM.  I had read
sometime ago that no particular solution will fit all scenarios-each
architecture will lend itself to the most appropriate solution that will
secure patient information.

Thanks,


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36693t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security Design - PIX or Whatever [7:36677]

[William Gragido]

The standards are constantly being revised.  Reality is, however, that for
those involved in any facit of the medical/healthcare industry there is no
escaping it.  Bad practices or negligence will only result in the additional
issues (both financial and otherwise), for failure to comply.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Chuck
Sent: Wednesday, February 27, 2002 1:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Security Design - PIX or Whatever [7:36677]


don't even get me started on this. I work for an organization that uses
employee SSN numbers for validation purposes in a lot of instances. So when
I call the Help Desk to complain about e-mail ( an ongoing problem ) I am
asked to provide my SSN to the folks there. In these days of rampant and
easy identity theft, how smart is it to allow access to a large database of
valid SSN's to practically everyone who asks?

HIPAA??? isn't that on hold for review?  You know, I was reading through one
of the drafts and I thought I saw something that floored me - the regulators
were stating that multiplexed links such as frame relay and ATM were
considered unsecure because different organizations were sharing circuits.
The implication was that healthcare organizations would have to move to
point to point technologies - most of which end up passing through ATM
backbones anyway. Sheesh.

Longer term I believe that security solutions will involve end to end
encryption - server to host, on the LAN as well as the WAN, in addition to
what is already done on VPN's.

I always liked the HIPAA provision about management responsibility and
management fines and jail time for failure to comply. Wish that were so in a
lot of other industries where I have worked. ;-

Chuck



William Gragido  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 The only difference is that those organizations (physicians as well), will
 held accountable for violation of HIPPA and face fines and potentially
jail
 time :-(

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 12:30 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Security Design - PIX or Whatever [7:36677]


 Lets not forget politcal concerns when trying do a reasonable level of
 security. I worked a healthcare provider and boy, you should have heard
the
 Docs squawk about passwords and pin codes for access to the primary
 LAN/WAN... to the point that admin overruled the IS dept and special
 *permission* not to use the security procedures...  happens every day..

 MikeS
 '




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36695t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Serial interface problem [7:36696]

[[EMAIL PROTECTED]]

Hello all:

I have two Cisco 4000-M routers in my home lab with two serial ports on
each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is
connected to S1 on Router 2. The problem is that the S1 to S1 link comes up
and stays up. The S0 to S0 link comes up but goes down in a few seconds. It
keeps going up and down in this way repeatedly. Could someone please shed
some light?

The routers are connected using DCE to DTE cross connect cables. The DCE
ends of both connections are on Router 2 and it providing clocking at 56000
bits per second. Encapsulation is HDLC although I have tried PPP with the
same problem. I have also tried changing the default keepalive settings on
both end on the S0 to SO link. The IOS is 12.1(12) on both. I have tried
12.1(10) with the same results. I have also tried changing the end where the
clocking is provided with no success. I have switched cables and serial
interface modules but the problem remains.

Config on Router 1:
interface Serial0
 ip address 1.1.1.1 255.255.255.0
!
interface Serial1
 ip address 2.2.2.1 255.255.255.0
!
Log entries on Router 1:
Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to up
Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to down
Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to up
Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to down

SH IP INTERFACE BRIEF on Router 1:
Interface  IP-Address  OK? Method Status
Protocol
Serial01.1.1.1 YES NVRAM  up
down
Serial12.2.2.1 YES NVRAM  up
up 

R1#sh control serial 0
MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1
idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300
IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0
N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
buffer size 1524
DTE V.35 serial cable attached

DEBUG SERIAL INTERFACE on Router 1
Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to down
Feb 25 18:26:40: MK5(0): New serial state = 0xA104
Feb 25 18:26:40: MK5(0): DCD is up.
Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, yourseen 16, line up 
Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to up
Feb 25 18:26:50: MK5(0): New serial state = 0x8104
Feb 25 18:26:50: MK5(0): DCD is up.
Feb 25 18:26:50: MK5(0): Deasserting DTR 
Feb 25 18:26:50: MK5(0): Deasserting DTR 
Feb 25 18:26:50: MK5(0): Reset
Feb 25 18:26:50: MK5(0): Asserting DTR 
Feb 25 18:26:50: MK5(0): Deasserting LTST 
Feb 25 18:26:50: MK5(0): New serial state = 0xA105
Feb 25 18:26:50: MK5(0): DCD is up.
Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, yourseen 17, line up 
Feb 25 18:26:56: MK5(0): New serial state = 0xA124
Feb 25 18:26:56: MK5(0): DCD is up.
Feb 25 18:26:56: MK5(0): New serial state = 0xA13C
Feb 25 18:26:56: MK5(0): DCD is down.
Feb 25 18:26:56: MK5(0): New serial state = 0xA134
Feb 25 18:26:56: MK5(0): DCD is down.
Feb 25 18:26:56: MK5(0): New serial state = 0xA114
Feb 25 18:26:56: MK5(0): DCD is down.
Feb 25 18:26:56: MK5(0): New serial state = 0xA104
Feb 25 18:26:56: MK5(0): DCD is up.
Feb 25 18:27:00: MK5(0): New serial state = 0xA104
Feb 25 18:27:00: MK5(0): DCD is up.
Feb 25 18:27:00: MK5(0): Deasserting DTR 
Feb 25 18:27:00: MK5(0): Deasserting DTR 
Feb 25 18:27:00: MK5(0): Reset
Feb 25 18:27:00: MK5(0): Asserting DTR 
Feb 25 18:27:00: MK5(0): Deasserting LTST 
Feb 25 18:27:00: MK5(0): New serial state = 0xA105
Feb 25 18:27:00: MK5(0): DCD is up.
Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, yourseen 18, line down

Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
changed state to down


Config on router 2:
interface Serial0
 ip address 1.1.1.2 255.255.255.0
 clockrate 56000
!
interface Serial1
 ip address 2.2.2.2 255.255.255.0
 clockrate 56000

Log entries on Router 2:
None

SH IP INTERFACE BRIEF on Router 2:
R2#sh ip int brief
Interface  IP-Address  OK? Method Status
Protocol
Serial01.1.1.2 YES NVRAM  up
down
Serial12.2.2.2 YES NVRAM  up
up  

R2#sh controller s 0
MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1
idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300
IB at 0x6006E64: mode=0x0108, local_addr=0, remote_addr=0
N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
buffer size 1524
DCE V.35 serial cable attached, clockrate 56000

DEBUG SERIAL INTERFACE on Router 2:
Feb 25 18:30:25: Serial0: HDLC myseq 38, mineseen 0, yourseen 0, line down 
.Feb 25 18:30:26: Serial0: attempting to restart
.Feb 25 18:30:26: MK5(0): Deasserting DSR 
.Feb 25 18:30:26: MK5(0): Deasserting DSR 
.Feb 25 18:30:26: MK5(0): Reset
.Feb 25 18:30:26: MK5(0): Asserting DSR 
.Feb 25 18:30:26: MK5(0): Deasserting LTST 
.Feb 25 

Testing my video conference equipement [7:36697]

[Rodney Jackson]

Does anyone out there have a PolyCom Video conference device availble on the
Internet?  I would like to conduct a test as soon as possible.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36697t=36697
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Serial interface problem [7:36696]

[Steven A. Ridder]

Perhaps the cable is bad.

--

RFC 1149 Compliant.


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello all:

 I have two Cisco 4000-M routers in my home lab with two serial ports on
 each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is
 connected to S1 on Router 2. The problem is that the S1 to S1 link comes
up
 and stays up. The S0 to S0 link comes up but goes down in a few seconds.
It
 keeps going up and down in this way repeatedly. Could someone please shed
 some light?

 The routers are connected using DCE to DTE cross connect cables. The DCE
 ends of both connections are on Router 2 and it providing clocking at
56000
 bits per second. Encapsulation is HDLC although I have tried PPP with the
 same problem. I have also tried changing the default keepalive settings on
 both end on the S0 to SO link. The IOS is 12.1(12) on both. I have tried
 12.1(10) with the same results. I have also tried changing the end where
the
 clocking is provided with no success. I have switched cables and serial
 interface modules but the problem remains.

 Config on Router 1:
 interface Serial0
  ip address 1.1.1.1 255.255.255.0
 !
 interface Serial1
  ip address 2.2.2.1 255.255.255.0
 !
 Log entries on Router 1:
 Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to up
 Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to down
 Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to up
 Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to down

 SH IP INTERFACE BRIEF on Router 1:
 Interface  IP-Address  OK? Method Status
 Protocol
 Serial01.1.1.1 YES NVRAM  up
 down
 Serial12.2.2.1 YES NVRAM  up
 up

 R1#sh control serial 0
 MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1
 idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300
 IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0
 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
 buffer size 1524
 DTE V.35 serial cable attached

 DEBUG SERIAL INTERFACE on Router 1
 Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to down
 Feb 25 18:26:40: MK5(0): New serial state = 0xA104
 Feb 25 18:26:40: MK5(0): DCD is up.
 Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, yourseen 16, line up
 Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to up
 Feb 25 18:26:50: MK5(0): New serial state = 0x8104
 Feb 25 18:26:50: MK5(0): DCD is up.
 Feb 25 18:26:50: MK5(0): Deasserting DTR
 Feb 25 18:26:50: MK5(0): Deasserting DTR
 Feb 25 18:26:50: MK5(0): Reset
 Feb 25 18:26:50: MK5(0): Asserting DTR
 Feb 25 18:26:50: MK5(0): Deasserting LTST
 Feb 25 18:26:50: MK5(0): New serial state = 0xA105
 Feb 25 18:26:50: MK5(0): DCD is up.
 Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, yourseen 17, line up
 Feb 25 18:26:56: MK5(0): New serial state = 0xA124
 Feb 25 18:26:56: MK5(0): DCD is up.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA13C
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA134
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA114
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA104
 Feb 25 18:26:56: MK5(0): DCD is up.
 Feb 25 18:27:00: MK5(0): New serial state = 0xA104
 Feb 25 18:27:00: MK5(0): DCD is up.
 Feb 25 18:27:00: MK5(0): Deasserting DTR
 Feb 25 18:27:00: MK5(0): Deasserting DTR
 Feb 25 18:27:00: MK5(0): Reset
 Feb 25 18:27:00: MK5(0): Asserting DTR
 Feb 25 18:27:00: MK5(0): Deasserting LTST
 Feb 25 18:27:00: MK5(0): New serial state = 0xA105
 Feb 25 18:27:00: MK5(0): DCD is up.
 Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, yourseen 18, line
down

 Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
 changed state to down


 Config on router 2:
 interface Serial0
  ip address 1.1.1.2 255.255.255.0
  clockrate 56000
 !
 interface Serial1
  ip address 2.2.2.2 255.255.255.0
  clockrate 56000

 Log entries on Router 2:
 None

 SH IP INTERFACE BRIEF on Router 2:
 R2#sh ip int brief
 Interface  IP-Address  OK? Method Status
 Protocol
 Serial01.1.1.2 YES NVRAM  up
 down
 Serial12.2.2.2 YES NVRAM  up
 up

 R2#sh controller s 0
 MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1
 idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300
 IB at 0x6006E64: mode=0x0108, local_addr=0, remote_addr=0
 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
 buffer size 1524
 DCE V.35 serial cable attached, clockrate 56000

 DEBUG SERIAL INTERFACE on Router 2:
 Feb 25 18:30:25: Serial0: HDLC myseq 38, mineseen 0, yourseen 0, line down
 .Feb 25 18:30:26: Serial0: attempting to restart
 .Feb 25 

Re: MPLS in CCIE [7:36682]

[Steven A. Ridder]

For routing and switching - none.  Is it me or is the RS track getting
outdated?  It seems to cover technologies that, although are useful, not as
current.

--

RFC 1149 Compliant.


Persio Pucci  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 How much of MPLS (if some at all) is covered in the CCIE exams?

 tks!

 Persio Pucci - CCNP
 UOL Inc. - Tecnologia
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36699t=36682
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Spanning tree Protocol Questions [7:36559]

[Daniel Cotts]

When you have an opportunity to read Clark and Hamilton the explanation will
fit. A blocked port is not physically cut. Data traffic is blocked while
BPDUs are allowed. Else, how would it know that a change in topology has
taken place?
Step 2. Yes, all along bridge 4 has been receiving CBPDUs on both ports.
Since e1 had the lower root path cost, it became the root port. There is no
need to forward the CBPDUs it receives on e0 out e1 because it has already
determined that a lower cost path exists out e1. Once the e1 link fails
bridge 4 already knows that it has another path to the root bridge via
bridge 3.
Step 5. Logically follows. It takes the CBPDUs that it has always been
recieving on e0 and now forwards it out e1. It has no clue why it no longer
receives CBPDUs on e1.
Now think about what happens when bridge 5 e1 becomes functional again.

 -Original Message-
 From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 1:46 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Spanning tree Protocol Questions [7:36559]
 
 
 Priscilla,
 
 In the attachment (Cisco CCNA Exam Guide #640-507  
 Certification Guide: ISBN
 0-7357-0971-8), page 167 - 168, the authors seem to indicate 
 that CBPDUs are
 sent from blocked ports! The ability for CBPDUs to be sent 
 out of blocked
 port seems to a determinant factor for the Spanning Tree to 
 be recomputed
 after a topology change 
 
 
 Here is a word by word copy of the passage. The part I have 
 problem about is
 the one with (!!)
 
 Thanks!
 
 Pierre-Alex
 
 --(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4 
 (e0)---(e1)Bridge 3
 (e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0)
 
 Cost advertised by B2 is 100
 Cost advertised by B3 is 200
 Cost advertised by B5 is 10
 Blocked port: Bridge 3, port e1
 
 Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires. 
 The other bridges
 are still receiving CBPDUs on their root ports. After MaxAge 
 expires, Bridge
 4 will decide the following:
 
 Step 1 My E1 port is no longer my root port
 Step 2 The same root bridge is being advertised in a CBPDU on 
 my E0 port
 (!)
 Step 3 No other CBPDUs are being received
 Step 4 My best path (and the only path, in this case) to the 
 root is out of
 my E0 port; therefore, my root port is now E0.)
 Step 5 Because no other CBPDUs are entering my E1 port, I must be the
 designated bridge on that segment. So, I will start sending 
 CBPDUs on E1,
 addming my E0 port cost (10) to the cost of the CBPDU 
 received in the CBPDU
 entering E0 (200) for a total of 210 (!!)
 
 
 
 
 Kind Regards,
 
 Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36700t=36559
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security Design - PIX or Whatever [7:36677]

[Steven A. Ridder]

Your employer already has your SSN.  But yes, there are better ways of using
challanges and secret keys, or what ever. --

RFC 1149 Compliant.


Brian  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 That is un friggingbelievable, I give my social to my bank and other
 parties I have a financial arrangement with, thats it.  There must be a
 better way using keys, a challenge response or something like that.

 Bri

 On Wed, 27 Feb 2002, Chuck wrote:

  don't even get me started on this. I work for an organization that uses
  employee SSN numbers for validation purposes in a lot of instances. So
when
  I call the Help Desk to complain about e-mail ( an ongoing problem ) I
am
  asked to provide my SSN to the folks there. In these days of rampant and
  easy identity theft, how smart is it to allow access to a large database
of
  valid SSN's to practically everyone who asks?
 
  HIPAA??? isn't that on hold for review?  You know, I was reading through
 one
  of the drafts and I thought I saw something that floored me - the
 regulators
  were stating that multiplexed links such as frame relay and ATM were
  considered unsecure because different organizations were sharing
 circuits.
  The implication was that healthcare organizations would have to move to
  point to point technologies - most of which end up passing through ATM
  backbones anyway. Sheesh.
 
  Longer term I believe that security solutions will involve end to end
  encryption - server to host, on the LAN as well as the WAN, in addition
to
  what is already done on VPN's.
 
  I always liked the HIPAA provision about management responsibility and
  management fines and jail time for failure to comply. Wish that were so
in
 a
  lot of other industries where I have worked. ;-
 
  Chuck
 
 
 
  William Gragido  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   The only difference is that those organizations (physicians as well),
 will
   held accountable for violation of HIPPA and face fines and potentially
  jail
   time :-(
  
   -Original Message-
   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
   Sent: Wednesday, February 27, 2002 12:30 PM
   To: [EMAIL PROTECTED]
   Subject: RE: Security Design - PIX or Whatever [7:36677]
  
  
   Lets not forget politcal concerns when trying do a reasonable level of
   security. I worked a healthcare provider and boy, you should have
heard
  the
   Docs squawk about passwords and pin codes for access to the primary
   LAN/WAN... to the point that admin overruled the IS dept and special
   *permission* not to use the security procedures...  happens every
day..
  
   MikeS
   '




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36701t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Serial interface problem [7:36696]

[Daniel Cotts]

This seems to be an exact repost of an earlier message. Several folks
offered troubleshooting suggestions to you. What were the results of your
tests?

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 2:03 PM
 To: [EMAIL PROTECTED]
 Subject: Serial interface problem [7:36696]
 
 
 Hello all:
 
 I have two Cisco 4000-M routers in my home lab with two 
 serial ports on
 each. S0 on Router 1 is connected to S0 on Router 2. S1 on Router 1 is
 connected to S1 on Router 2. The problem is that the S1 to S1 
 link comes up
 and stays up. The S0 to S0 link comes up but goes down in a 
 few seconds. It
 keeps going up and down in this way repeatedly. Could someone 
 please shed
 some light?
 
 The routers are connected using DCE to DTE cross connect 
 cables. The DCE
 ends of both connections are on Router 2 and it providing 
 clocking at 56000
 bits per second. Encapsulation is HDLC although I have tried 
 PPP with the
 same problem. I have also tried changing the default 
 keepalive settings on
 both end on the S0 to SO link. The IOS is 12.1(12) on both. I 
 have tried
 12.1(10) with the same results. I have also tried changing 
 the end where the
 clocking is provided with no success. I have switched cables 
 and serial
 interface modules but the problem remains.
 
 Config on Router 1:
 interface Serial0
  ip address 1.1.1.1 255.255.255.0
 !
 interface Serial1
  ip address 2.2.2.1 255.255.255.0
 !
 Log entries on Router 1:
 Feb 25 17:59:41: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to up
 Feb 25 18:00:01: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to down
 Feb 25 18:00:11: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to up
 Feb 25 18:00:31: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to down
 
 SH IP INTERFACE BRIEF on Router 1:
 Interface  IP-Address  OK? Method Status
 Protocol
 Serial01.1.1.1 YES NVRAM  up
 down
 Serial12.2.2.1 YES NVRAM  up
 up 
 
 R1#sh control serial 0
 MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1
 idb = 0x619DACBC, driver structure at 0x619E10C0, regaddr = 0x3C100300
 IB at 0x400FB1CC: mode=0x0108, local_addr=0, remote_addr=0
 N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
 buffer size 1524
 DTE V.35 serial cable attached
 
 DEBUG SERIAL INTERFACE on Router 1
 Feb 25 18:26:31: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to down
 Feb 25 18:26:40: MK5(0): New serial state = 0xA104
 Feb 25 18:26:40: MK5(0): DCD is up.
 Feb 25 18:26:40: Serial0: HDLC myseq 16, mineseen 0*, 
 yourseen 16, line up 
 Feb 25 18:26:41: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to up
 Feb 25 18:26:50: MK5(0): New serial state = 0x8104
 Feb 25 18:26:50: MK5(0): DCD is up.
 Feb 25 18:26:50: MK5(0): Deasserting DTR 
 Feb 25 18:26:50: MK5(0): Deasserting DTR 
 Feb 25 18:26:50: MK5(0): Reset
 Feb 25 18:26:50: MK5(0): Asserting DTR 
 Feb 25 18:26:50: MK5(0): Deasserting LTST 
 Feb 25 18:26:50: MK5(0): New serial state = 0xA105
 Feb 25 18:26:50: MK5(0): DCD is up.
 Feb 25 18:26:50: Serial0: HDLC myseq 17, mineseen 0*, 
 yourseen 17, line up 
 Feb 25 18:26:56: MK5(0): New serial state = 0xA124
 Feb 25 18:26:56: MK5(0): DCD is up.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA13C
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA134
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA114
 Feb 25 18:26:56: MK5(0): DCD is down.
 Feb 25 18:26:56: MK5(0): New serial state = 0xA104
 Feb 25 18:26:56: MK5(0): DCD is up.
 Feb 25 18:27:00: MK5(0): New serial state = 0xA104
 Feb 25 18:27:00: MK5(0): DCD is up.
 Feb 25 18:27:00: MK5(0): Deasserting DTR 
 Feb 25 18:27:00: MK5(0): Deasserting DTR 
 Feb 25 18:27:00: MK5(0): Reset
 Feb 25 18:27:00: MK5(0): Asserting DTR 
 Feb 25 18:27:00: MK5(0): Deasserting LTST 
 Feb 25 18:27:00: MK5(0): New serial state = 0xA105
 Feb 25 18:27:00: MK5(0): DCD is up.
 Feb 25 18:27:00: Serial0: HDLC myseq 18, mineseen 0*, 
 yourseen 18, line down
 
 Feb 25 18:27:01: %LINEPROTO-5-UPDOWN: Line protocol on 
 Interface Serial0,
 changed state to down
 
 
 Config on router 2:
 interface Serial0
  ip address 1.1.1.2 255.255.255.0
  clockrate 56000
 !
 interface Serial1
  ip address 2.2.2.2 255.255.255.0
  clockrate 56000
 
 Log entries on Router 2:
 None
 
 SH IP INTERFACE BRIEF on Router 2:
 R2#sh ip int brief
 Interface  IP-Address  OK? Method Status
 Protocol
 Serial01.1.1.2 YES NVRAM  up
 down
 Serial12.2.2.2 YES NVRAM  up
 up  
 
 R2#sh controller s 0
 MK5 unit 0, NIM slot 0, NIM type code 7, NIM version 1
 idb = 0x44A4, driver structure at 0xABDAB8, regaddr = 0x8000300
 IB at 0x6006E64: mode=0x0108, 

Re: OSPF question [7:36641]

[Steven A. Ridder]

You can have a better numbering/identificaton process if you use loopback
numbers, rather than some arbitraty IP.

--

RFC 1149 Compliant.


cclark  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 In determining DR and BDR, OSPF will use the priority and the Router ID. I
 can change the Router ID by creating a loopback with a higher ID (IP
address
 right?). Why would I do this? Why would I not just change the priority of
 the router in question? If I want a specific router to be the DR, why not
 set it with a priority of 1 and set all the other routers to something
like
 5? TIA.

 cc




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36703t=36641
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Remote Sites and Disaster Recovery Site [7:36704]

[Victor Alegun]

We have a bunch (say 25) of remote sites connected to our primary data
center through point-to-point circuits ranging from 56k to T1s.  We are
planning to replace these circuits with VPN connection and use ISDN as a
backup. My question is what is the best solution that will fit in this
scenario and be able to reconnect these sites to a DR (Disaster recovery
site) in the event of disaster. DR site is to be built with links to the
primary data center.  Bear in mind that this is a health organisation
(non-profit) Money is tight, we are barely making the operational budget. 
Need a solution that is cheap and will meet our needs. Hints--  we are
considering 1.) point-to-point for both primary and backup 2.) VPN   and 3.)
Frame-relay.

Any help will be appreciated.
Thanks.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36704t=36704
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco components [7:36705]

[Ryn]

Howdy folks,

Will the following DRAM work in the 2501 and 2514s?

http://www.crucial.com/store/listparts.asp?Mfr%2BProductline=Cisco%2BRoutersmod
el=2500+Series+Router+%28DRAM%29x=9y=13

Also, what kind of serial cables do you need to run from the serial port
of the 2501 to a 2514? I am looking for the cable type and pinout.

Thanks for any info,
Ryan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36705t=36705
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Grade to get CCDA [7:36636]

[sam sneed]

Yeah Mario

What the hell were you thinking?  You'd better go study your ass off for a
couple months nonstop and not worry about your what score you need. This
ain't a game. No ones playin around over here. How dare you ask such a
question? We spend 18 hours day studying this stuff, do you think we care
what passing scores we need? Our hands, eyes, and minds are weary from all
the studying and practice. I've got a bum leg from dropping a 4700 on my big
toe, I wobble around like a drunk penguin because of it. And you expect to
tell you what the passing score for a Cisco exam on a Cisco certification
newsgroup?

NEVER



ps. passing score is 755/1000

J-B  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Thanks Tim Medley, well put

 Mario, you should really concentrate on learning the technology, be able
to
 understand how it can be utilized in many different
 situations and when you take the test, you don't have to think about the
 passing grades.

 My two cents.

 JB,
 MCSE, CCNA, CCNP, CCDA, CCDP.One day CCIE(it looks like an
 eternity..just a joke).

 Tim Medley  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  All Cisco exams are Pass or Fail exams. It's that simple, if you know
  the material that is covered on the exam then you will Pass; if you do
  not know the material then you will Fail.
 
  Your focus should not be how you can skim by and just barely pass the
  exam.
 
  If you don't really know the concepts and technologies and just cram so
  that you pass the exam, what good is the certification then? Just
  because you have a certification doesn't mean that someone is going to
  hire you and throw money at you.
 
  Employers look at certifications as a base line, a ccda should know xyz
  concepts and know how to accomplish xyz tasks. If you can't perform at
  the baseline level you're not going to be around at that job long or you
  may not even get hired.
 
  With the way the Tech job market is these days, you need to be able to
  differentiate yourself from your peers. Paper Certs are not a way to do
  this.
 
  Please stop asking for minimum scores to pass or the number of questions
  on an exam. Review the exam outlines and blueprints on CCO and learn the
  concepts and technologies.
 
  Most everyone here in this forum is here to share knowledge and learn
  from each other. If you don't understand a concept or technology, post a
  question about it you'll receive plenty of help.
 
 
  Tim Medley - CCNP+Voice, CCDP
  Sr. Network Architect
  VoIP Group
  iReadyWorld
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
  Rodrigues, Mario
  Sent: Wednesday, February 27, 2002 9:29 AM
  To: [EMAIL PROTECTED]
  Subject: Grade to get CCDA [7:36636]
 
  Hi Folks,
 
  I would like to know how is the grade to get CCDA.
 
 
 
  Regards,
 
  Mario A. Rodrigues




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36706t=36636
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Jonathan Mian]

Hi Jeff,

Yes you can copy any file the TFTP server does not care what extension a
file has as long as its a valid file name, The only thaing on a Cisco that
would mind is the IOS that expects certain files to have no extensions or a
.bin, .html, so on... (the web side stuff is more for switches, or thats
what I have seen/found)

I hope this answers the question.#

All the best,
Jon aka Yeti-GBR1


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36707t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Copying RAM to a text file [7:36671]

[Jonathan Mian]

Oh yeah I forgot to say that all the config files like startup/running are
ASCI-II ones so as mark said use notepad or another ASCI-II editor to be safe.

Jon the Loony


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36709t=36671
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN Client 3.x to IOS VPN [7:36708]

[ME]

IOS just started to support the VPN Client 3.x (as apposed to the older
secure client that only supports 95/NT) with ver 12.2.7T. I have not been
able to find any information about it published on Cisco's public web site
yet. Any idea who might be working on the bleeding edge of IOS VPNs that
might know more about this?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36708t=36708
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco and HP Procurve [7:36711]

[Chris Headings]

We are supplying an Internet Access link to a client that requires 2
seperate dot1q vlans setup on the router.

The router is setup with these sub-interfaces and the proper encapsulation. 
Has anybody used an HP Procurve 4000 and created trunks that pass the proper
dot1q vlans to the router?  The customer is way in over their head and we
have never used HP switching gear.

If not an answer than a link pertaining to trunking for the HP product would
be greatly appreciated.

Thanks

Chris


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36711t=36711
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security Design - PIX or Whatever [7:36677]

[Dwayne Cann]

There is a reasonableness component built into HIPAA. There was some rumors
about frame relay, amongst other things. Here is a link:



http://aspe.os.dhhs.gov/admnsimp/nprm/sec09.htm

Would frame relay be considered open? It sounds like encryption would be
optional.



-Original Message-
From: Victor Alegun [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 2:49 PM
To: [EMAIL PROTECTED]
Subject: Re: Security Design - PIX or Whatever [7:36677]


Chuck, I work in a health organisation and we are considering implementing
some security measures to meet HIPAA standard.  Could you please give me the
URL where you read about the regulators on Frame-relay and ATM.  I had read
sometime ago that no particular solution will fit all scenarios-each
architecture will lend itself to the most appropriate solution that will
secure patient information.

Thanks,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36712t=36677
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Sample Rate [7:36566]

[Priscilla Oppenheimer]

You are right, John. With digital telephony, the analog speech signal is 
filtered before sampling. High and low frequency components are removed. I 
think it was just a tradeoff. We don't expect the human voice to sound that 
great over the phone anyway, and by filtering we can reduce bandwidth 
requirements. In fact, the human voice doesn't sound too great over the 
phone. We've just gotten used to it. Music on hold over the phone sounds 
pretty bad.

Priscilla

At 10:25 PM 2/26/02, John Neiberger wrote:
This is OT, but the upper limit of human hearing is actually
around 20KHz at best and usually drops to around 16KHz or so.
If your upper limit starts to drop below that you'll start to
notice that it's difficult to hear clearly.  (Sorry, in my
other life I'm a sound engineer and musician.)

I've heard that the 4KHz limit is because there is a low-pass
filter used for voice.  I can't remember the exact reason, but
that information plugged into the Nyquist theorem explains--as
Priscilla mentions--why a DS0 is 64Kbps.

Okay, time to do some serious studying once I'm through being
lazy and drinking this coffee...

John

 On Tue, 26 Feb 2002, Priscilla Oppenheimer
([EMAIL PROTECTED]) wrote:

  At 08:06 PM 2/26/02, Rafay wrote:
  How do you describe Sample Rate.?
 
  In what context? The term is sometimes used when describing
the analog
  to
  digital process, for example when digitizing voice. Voice
produces an
  analog wave as your lungs and tongue press against the air.
An analog
  wave
  has infinite possible values. Computers can't deal with
infinity. They
  work
  with discreet numbers. The solution is to sample the analog
voice many
  times per second. Sampling means to take a snapshot.
 
  The sample rate is how often the analog wave is sampled.
Nyquist showed
  that you have to sample at twice the rate of the highest
frequency that
  may
  occur in the original data. Most humans don't output (and
can't hear)
  anything about 4 KHz. So sample 8,000 times per second (8Khz)
and the
  result will be good enough. When using a sample rate of 8,000
KHz, if
  each
  sample is saved in an 8-bit byte, the resulting data rate is
64 Kbps.
  That's one DS0. Compression allows us to use a smaller data
rate, with
  some
  loss in fidelity.
 
  Priscilla
  
 
  Priscilla Oppenheimer
  http://www.priscilla.com
[EMAIL PROTECTED]
 
 



Get your own 800 number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36713t=36566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MPLS in CCIE [7:36682]

[David C Prall]

Steven,
I don't know if it is outdated or not. I still have customers running Vines,
DecNet, IPX and AppleTalk. Of course chaos, apollo and pup I haven't seen
recently in the real world.

David C Prall   [EMAIL PROTECTED]   http://dcp.dcptech.com
- Original Message -
From: Steven A. Ridder 
To: 
Sent: Wednesday, February 27, 2002 3:51 PM
Subject: Re: MPLS in CCIE [7:36682]


 For routing and switching - none.  Is it me or is the RS track getting
 outdated?  It seems to cover technologies that, although are useful, not
as
 current.

 --

 RFC 1149 Compliant.


 Persio Pucci  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  How much of MPLS (if some at all) is covered in the CCIE exams?
 
  tks!
 
  Persio Pucci - CCNP
  UOL Inc. - Tecnologia
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36714t=36682
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: Sample Rate [7:36566]

[Priscilla Oppenheimer]

Female opera singers probably hate it when people ask them to sing over the 
phone!?

OK, have we distracted you enough, John? ;-) Seriously, I think this was a 
great discussion. Thanks to everyone who contributed.

Priscilla

At 10:58 AM 2/27/02, David L. Blair wrote:
  John Neiberger wrote:
  What I'm trying to find out is why the original 4KHz limit on
  voice calls was put into place.  It sounds like it was simply
  an arbitrary decision.  4KHz is sufficient for a telephone call
  and to provide clear calls that included higher frequencies
  might have added some technical complexities, perhaps.
 
  They also added a high-pass filter around 400Hz since most
  telephones can't reproduce low frequencies well and it also
  filters out some harmonics of 50-60Hz hum that might show up
  from time to time.  That is concrete reason for including a
  high-pass filter and I wondered if there was a concrete
  technical reason for including the 4KHz low-pass filter. From
  the sounds of it there really isn't a technical issue, 4K is
  just a nice round number.  :-)

I used three sources to answer John's query: Voice over IP Fundamentals,
Cisco Voice over Frame Relay, ATM, and IP, and Integrating Voice and Data
Networks.  These are great books for anyone wanting to know more about
voice technologies.

Interesting Facts and Ideas I came across:

1) Human hearing is in the range of 200 Hz to 20,000 Hz

2) Human speech is in the range of 250 Hz to 10,000 Hz. Most of the
information comes from the middle frequencies. According to Nyquist, Human
voice contains sounds that are more often Middle-pitched frequencies than
either High or Low pitched frequencies.

3) Frequencies greater than 4,000 Hz are filter out to limit crosstalk.

4) During the Analog to Digital conversion voice samples are put though a
process called Quantization.  Quantization is the process of rounding
sampled values to the nearest predefined discreet value. Pulse Code
Modulation (PCM) is a Quantization process. PCM is also used to achieve 12
to 13 bits of voice information in 8 bit words. Two commonly used PCM's are:
mu-law (North America), and a-law (Europe). What you hear is not someone's
voice, but a representation of their voice.

5) Noise is a major issue when talking about voice quality.  Noise is
constant problem for Analog signals.  What is signal and what is Noise?
When a Analog signal is amplified so is the Noise, which in turn makes the
quality of Analog calls worst as the distance increases.  Digital Calls are
less suitable to Noise than Analog calls.

6) Delay is a major issue when talking about conversation flow for two
reasons: 1) For a conversation to flow normally, the delay is receiving the
voice information must be less than 250ms.  When the delay is more than
250ms, the human receiving the voice message will start to talk thinking the
human sending the voice message is at a breaking point in the conversation,
i.e.. both people are talking at the same time similar to a collision in
Ethernet.  Delay is also important in how the voice packets are filled
during the Analog to Digital conversion.  That is why ATM (ATM cell is 53
octets, 5 octets are header and 48 octets are payload) is a good method for
transporting voice packets because the delay to fill the payload section is
smaller than with other cell/packet types.


Answer: It does indeed seem that the 4,000 Hz mark was arbitrary in nature;
3,500 Hz or 5,000 Hz would work also.  It is a nice round number to work
with.  Simplies any math work.  Middle frequencies carry the bulk of the
information and Human speech upper limit is 10,000 Hz amd 4,000 is near the
middle. The low filter is also to reduce the frequencies that carry less
information.

Hope this helps.


Through Complexity there is Simplicity,
Through Simplicity there is Complexity

David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36715t=36566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Spanning tree Protocol Questions [7:36559]

[Pierre-Alex Guanel]

So a blocked port can receive AND send BPDUs  Correct?

Pierre-Alex

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Daniel Cotts
Sent: Wednesday, February 27, 2002 2:54 PM
To: [EMAIL PROTECTED]
Subject: RE: Spanning tree Protocol Questions [7:36559]


When you have an opportunity to read Clark and Hamilton the explanation will
fit. A blocked port is not physically cut. Data traffic is blocked while
BPDUs are allowed. Else, how would it know that a change in topology has
taken place?
Step 2. Yes, all along bridge 4 has been receiving CBPDUs on both ports.
Since e1 had the lower root path cost, it became the root port. There is no
need to forward the CBPDUs it receives on e0 out e1 because it has already
determined that a lower cost path exists out e1. Once the e1 link fails
bridge 4 already knows that it has another path to the root bridge via
bridge 3.
Step 5. Logically follows. It takes the CBPDUs that it has always been
recieving on e0 and now forwards it out e1. It has no clue why it no longer
receives CBPDUs on e1.
Now think about what happens when bridge 5 e1 becomes functional again.

 -Original Message-
 From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 27, 2002 1:46 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Spanning tree Protocol Questions [7:36559]


 Priscilla,

 In the attachment (Cisco CCNA Exam Guide #640-507
 Certification Guide: ISBN
 0-7357-0971-8), page 167 - 168, the authors seem to indicate
 that CBPDUs are
 sent from blocked ports! The ability for CBPDUs to be sent
 out of blocked
 port seems to a determinant factor for the Spanning Tree to
 be recomputed
 after a topology change 


 Here is a word by word copy of the passage. The part I have
 problem about is
 the one with (!!)

 Thanks!

 Pierre-Alex

 --(e0)Bridge-1 (e1)-- (e0)Bridge 5(e1)---(e1) Bridge 4
 (e0)---(e1)Bridge 3
 (e0)---(e1)Bridge 2 (e0)--- (To bridge 1 e0)

 Cost advertised by B2 is 100
 Cost advertised by B3 is 200
 Cost advertised by B5 is 10
 Blocked port: Bridge 3, port e1

 Bridge 5's E1 port fails...Only Bridge 4's MaxAge expires.
 The other bridges
 are still receiving CBPDUs on their root ports. After MaxAge
 expires, Bridge
 4 will decide the following:

 Step 1 My E1 port is no longer my root port
 Step 2 The same root bridge is being advertised in a CBPDU on
 my E0 port
 (!)
 Step 3 No other CBPDUs are being received
 Step 4 My best path (and the only path, in this case) to the
 root is out of
 my E0 port; therefore, my root port is now E0.)
 Step 5 Because no other CBPDUs are entering my E1 port, I must be the
 designated bridge on that segment. So, I will start sending
 CBPDUs on E1,
 addming my E0 port cost (10) to the cost of the CBPDU
 received in the CBPDU
 entering E0 (200) for a total of 210 (!!)

 


 Kind Regards,

 Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36716t=36559
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]