Catalyst prob [7:39515]
Hi. I am trying to upload cat os 6.33 on my 5509 it gives me this error what could be the prob ? rommon 2 > xmodem -s 38400 Do not start the sending program yet... Invoke this application only for disaster recovery. Do you wish to continue? (y/n) [n]: y Note, if the console port is attached to a modem, both the console port and the modem must be operating at the same baud rate. Use console speed 38400 bps for download? (y/n) [n]: y Download will be performed at 38400 bps. Make sure your terminal emulator is set to this speed Baud rate is correctly set now. Enter y to continue (y/n) [n]: y Download Complete! received file size=5340800 Loading Network Management Processor image Uncompressing file: ## *** Bus Error (Load) Exception *** Access address = 0x0 *** TLB (Load/Fetch) Exception *** Access address = 0xfd78 PC = 0x80010604, Cause = 0x8008, Status Reg = 0x3041d003 monitor: command "xmodem" aborted due to exception rommon 3 > Any help will be of good help. Thanks and Rgds, Murali Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39515&t=39515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Redistribution & Seed Metric [7:39512]
AD distance comes into play when you have two routes with the same metrics... When using redistribution, use one way if possible or two way if you MUST. The general rule is put higher metrics on routes whicih of course are less preferable...If want my OSPF routes to have a higher metric than my EIGRP routes unless, the route to the destination via OSPF is the best route.. Metrics when redistribution allow you to make decisions on routes when there metrics are TOTALLY different, ie Rip uses Hops, EIGRP uses the K metrics...Two different metrics, so there needs to be some kind of way to decide between the two. Hope that helps, ive just finished BSCN few months ago and at least thats how I understand but im a baby :) Cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39516&t=39512 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Router simulation software [7:39517]
Hi all, Has anyone used the RouterSim software (www.Routersim.com)? Is this a good software for preparation and training. I know that the actual equipment would be best but until I am able to purchase my own equipment, I would still like to get some practice. Also, is there anyone in the group from the Bahamas (New Providence island) that would be interested in sharing the costs of setting up a lab? Thanks, Fred This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you are not the intended recipient, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. CREDIT SUISSE GROUP and each legal entity in the CREDIT SUISSE FIRST BOSTON or CREDIT SUISSE ASSET MANAGEMENT business units of CREDIT SUISSE FIRST BOSTON reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. Unless otherwise stated, any pricing information given in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39517&t=39517 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Learnkey CCNP [7:39519]
I am looking for Learnkey CCNP study material. Anyone have an old set they are willing to sell? thanks in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39519&t=39519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA, CCNP Titles [7:39437]
Why do people even care? I thought this group study was to ask technical questions! However, we are debating what goes on an e-mail signature. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: geek [mailto:[EMAIL PROTECTED]] Sent: Monday, March 25, 2002 3:31 PM To: [EMAIL PROTECTED] Subject: Re: CCNA, CCNP Titles [7:39437] I also agree that it belongs on a resume but listing everything you've accomplished in an email (or NG) sig is a bit much. We should always be proud of our accomplishments but lets try not to get hung up on titles. -Joe- ABC, DEF, GHI, JK, LMNOP, QRST (written), nose picker, butt picker and picker flicker :^) ""John Faubion"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is probably a dumb question but when placing your certification in your > title block, shouldn't the highest certification be the only one listed? I > mean since the CCNA is a requirement to attain your CCNP, you should only > list CCNP in your title block, right? > > The reason I ask is due to the number of people on this list that show CCNA, > CCNP in their title. > > Thanks, > John Faubion, CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39520&t=39437 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DB-60 crossover cable [7:39521]
Hi, is there somewhere the scheme to make a db60 male to male crossover cable? I know there are a lot around the world, but I have the cable and the jacks, so I don't want to waste money. Thk in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39521&t=39521 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router simulation software [7:39517]
I think my reply hit the questionable queue and got censored. So, just buy a 2500 as it's almost the same price as the RouterSim. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""Turner, Frederick"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > Has anyone used the RouterSim software (www.Routersim.com)? Is this a good > software for preparation and training. I know that the actual equipment > would be best but until I am able to purchase my own equipment, I would > still like to get some practice. > > Also, is there anyone in the group from the Bahamas (New Providence island) > that would be interested in sharing the costs of setting up a lab? > > Thanks, > > Fred > > This message is for the named person's use only. It may contain sensitive > and private proprietary or legally privileged information. No > confidentiality or privilege is waived or lost by any mistransmission. If > you are not the intended recipient, please immediately delete it and all > copies of it from your system, destroy any hard copies of it and notify the > sender. You must not, directly or indirectly, use, disclose, distribute, > print, or copy any part of this message if you are not the intended > recipient. CREDIT SUISSE GROUP and each legal entity in the CREDIT SUISSE > FIRST BOSTON or CREDIT SUISSE ASSET MANAGEMENT business units of CREDIT > SUISSE FIRST BOSTON reserve the right to monitor all e-mail communications > through its networks. Any views expressed in this message are those of the > individual sender, except where the message states otherwise and the sender > is authorized to state them to be the views of any such entity. > Unless otherwise stated, any pricing information given in this message is > indicative only, is subject to change and does not constitute an offer to > deal at any price quoted. Any reference to the terms of executed > transactions should be treated as preliminary only and subject to our > formal written confirmation. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39522&t=39517 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA, CCNP Titles [7:39437]
I think it all comes back to Freud and is theory on mans envy about his equipment. "Mine's bigger than yours!" I think it is all a bit rediculous. Enough said -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ladrach, Daniel E. Sent: Tuesday, March 26, 2002 7:28 AM To: [EMAIL PROTECTED] Subject: RE: CCNA, CCNP Titles [7:39437] Why do people even care? I thought this group study was to ask technical questions! However, we are debating what goes on an e-mail signature. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: geek [mailto:[EMAIL PROTECTED]] Sent: Monday, March 25, 2002 3:31 PM To: [EMAIL PROTECTED] Subject: Re: CCNA, CCNP Titles [7:39437] I also agree that it belongs on a resume but listing everything you've accomplished in an email (or NG) sig is a bit much. We should always be proud of our accomplishments but lets try not to get hung up on titles. -Joe- ABC, DEF, GHI, JK, LMNOP, QRST (written), nose picker, butt picker and picker flicker :^) ""John Faubion"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is probably a dumb question but when placing your certification > in your > title block, shouldn't the highest certification be the only one > listed? I mean since the CCNA is a requirement to attain your CCNP, > you should only list CCNP in your title block, right? > > The reason I ask is due to the number of people on this list that show CCNA, > CCNP in their title. > > Thanks, > John Faubion, CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39523&t=39437 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CPA to regular conversion [7:39524]
I'm having trouble converting my CPA2509 to a regular 2509. I've upgraded the boot ROMs and the memory (to 16D/16F). That part all seems to be fine. I got an IP Feature Pack (CD25-C-12.0=), so I have all the software I should have as far as I know. I can successfully tftp the upgrade file to the router, cpa25-upgrade-1.112-3.P . However, during the download, the router says: %Warning: File not a recommended image for this system and, when it runs the file, it says: --- Router Upgrade Utility for CANCUN, Version 2.0 Compiled by cstohs on Tue 11-Mar-97 19:53 Converting 2500 to CPA2500... Completed. Rebooting to Bootstrap Image... --- and, sure enough when it is done, I still have a CPA2500, which won't run a regular image. The image that came with the router was cpa25-y-l.102-872 . Does anybody have any idea what is wrong and/or what I need to do to make this thing into a regular 2509? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39524&t=39524 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Bridging and HSRP [7:39525]
Greetings all, I've a 6509 with 2 sups and MSFCs, running hsrp between both MSFCs. Routing 5 vlans, two of those 5 vlan are also bridging decnet. When I've the standby interface up, users can't get out, if I shutdown the standby interface all is good. According to Cisco I've to enable "standby use-bia" feature to prevent this problem. Have you guys seen this before, and what causes this problem? Just looking for some education and solutions. Thanks..Nabil - Hope I made my problem clear! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39525&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA, CCNP Titles [7:39437]
I am not sure why this debate keeps popping up here, but we all must realize that everybody is different. If a guy in Texas owns a very expensive cowboy hat and decides to wear it Saturday night, some Dixie chicks might find him very attractive, while some girls visiting from Australia would probably find him a bit ridiculous. Some people has been working very hard for their titles, and I can understand when they want to show other people what they have achieved. A more important thing could be that many IT recruiters and IT managers knows what CCNA is, but they have never heard of CCNP nor CCIE. It's sad when you have the higher title, but you can't really change that, so a thing you can do is to put all your titles on, so you can hope they at least recognize one of them. Again, it's very individual and where you're from on the globe is probably also a matter. Some women still present themselves as Mrs. Their-Husbands-Name, which I find ridiculous, but if they like it, then I won't go into a deeper discussion about it. So, could we please just live with what others put after their name (unless it's insulting) and get on with our list. My 0010 cents. Ole ~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~ http://www.RouterChief.com ~ Need a Job? http://www.OleDrews.com/job ~ -Original Message- From: Matthew Meiers [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 8:04 AM To: [EMAIL PROTECTED] Subject: RE: CCNA, CCNP Titles [7:39437] I think it all comes back to Freud and is theory on mans envy about his equipment. "Mine's bigger than yours!" I think it is all a bit rediculous. Enough said -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ladrach, Daniel E. Sent: Tuesday, March 26, 2002 7:28 AM To: [EMAIL PROTECTED] Subject: RE: CCNA, CCNP Titles [7:39437] Why do people even care? I thought this group study was to ask technical questions! However, we are debating what goes on an e-mail signature. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: geek [mailto:[EMAIL PROTECTED]] Sent: Monday, March 25, 2002 3:31 PM To: [EMAIL PROTECTED] Subject: Re: CCNA, CCNP Titles [7:39437] I also agree that it belongs on a resume but listing everything you've accomplished in an email (or NG) sig is a bit much. We should always be proud of our accomplishments but lets try not to get hung up on titles. -Joe- ABC, DEF, GHI, JK, LMNOP, QRST (written), nose picker, butt picker and picker flicker :^) ""John Faubion"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is probably a dumb question but when placing your certification > in your > title block, shouldn't the highest certification be the only one > listed? I mean since the CCNA is a requirement to attain your CCNP, > you should only list CCNP in your title block, right? > > The reason I ask is due to the number of people on this list that show CCNA, > CCNP in their title. > > Thanks, > John Faubion, CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39526&t=39437 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sybex CCNP Lab [7:39527]
Hi, I have a few questions regarding Sybex CCNP Virtual Lab. SWITCHING: GENERAL INFO: a) How many Catalyst 5000 switches can you configure in the software? b) If more than 1, can you create a dual core with layer 2 / layer 3? c) What is the supervisor revision number? d) What software release is used? e) When typing a question mark and pressing enter, do you get command help (on all the commands)? LAYER 3 SWITCHING: How is layer 3 switching accomplished? a) With a NFFC card + a router b) With the NFFC and a Router Switch Module VIP Module: a) Does the 5000 support a VIP card? b) If yes is it version 1 or 2? HSRP a) Can you do HRSP? MULTICAST a) Is there a multicast server on the network that can be used to simulate multicast traffic? b) Can you display the multicast route on all the routers c) Can you configure PIM in dense mode / sparse mode? d) Can you use debug? ROUTING: a)Which routing protocols are supported? (rip version 1/2, igrp, eigrp, ospf, bgp) b) Can you put your routers in whatever configuration pleases you and have them do routing properly? c) How manyt routers do you have available? d) What model of routers can you use (or what interfaces are available on each routers) e) What IOS is used on the routers? f) What protocols are supported? IP / IPX / Apple Talk g) Can you do access-lists, route maps, distribute-list, null interfaces, passive interfaces, prefix list REMOTE ACCESS a) How many ISDN routers can you have connected at the same time? b) What ISDN features can you configure on the routers: TROUBLESHOOGING a) What troubleshooting case scenario can you emulate on the software? b) Can you use debug on the equipment ANY COMMMENT YOU WANT TO MAKE ON THIS SOFTWARE: Thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39527&t=39527 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bridging and HSRP [7:39525]
This is more of a question on top of this question? If I have dual Sup's in a 6509, why not just run high availability and not worry about HSRP ? Does HSRP give you something that High Availability doesn't ? Once again, this is a question, not a statement or recommendation. Thanks Larry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 9:26 AM To: [EMAIL PROTECTED] Subject: Bridging and HSRP [7:39525] Greetings all, I've a 6509 with 2 sups and MSFCs, running hsrp between both MSFCs. Routing 5 vlans, two of those 5 vlan are also bridging decnet. When I've the standby interface up, users can't get out, if I shutdown the standby interface all is good. According to Cisco I've to enable "standby use-bia" feature to prevent this problem. Have you guys seen this before, and what causes this problem? Just looking for some education and solutions. Thanks..Nabil - Hope I made my problem clear! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39528&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to deal with this message on pix? [7:39497]
That's a normal message on the pix when a packet gets denied. It's just saying that there was not a translation from an internal or dmz device to match the packet coming in from the internet. It doesn't really mean he has a one armed routing scenario. Actualy I don't even see how that could work based on the logging. -Patrick >>> "Wilton White" 03/25/02 11:13PM >>> PIX should not see that traffic in the first place. PIX only routes traffic between interfaces and can't make "u-turns" - only routes traffic from inside to outside or from outside to inside, but not from inside to inside or outside to outside. PIX considers this a security violation. I would check outside router and see why is it forwarding this traffic to the PIX. -- Lidiya White CCIE #8155 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Roy Sent: Monday, March 25, 2002 8:20 PM To: [EMAIL PROTECTED] Subject: how to deal with this message on pix? [7:39497] hi all i notice the message shown as bellow on my pix, and how can i deal with it? 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) tcp src outside:202.109.106.130/8893 dst outside:202.96.137.40/59478 106011: Deny inbound (No xlate) udp src outside:202.96.136.201/49202 dst outside:202.96.137.40/53 106011: Deny inbound (No xlate) tcp src outside:162.105.69.121/21 dst outside:202.96.137.40/60090 any helps will be appreciated sincerely Roy ""John Green"" P4HkO{O"PBNE :[EMAIL PROTECTED] > is any one aware of any issue with PIX501 and > connecting via cable modem to get an ip address (dhcp) > ? > > internet-cable-PIXHOST >modem 501 > > without the pix, the HOST is able to get the dhcp ip > address fine. the pix is configured to get an > ipaddress from dhcp for its outside interface. but it > is failing. > does anyone know of such issues ? > > > __ > Do You Yahoo!? > Yahoo! Movies - coverage of the 74th Academy Awards. > http://movies.yahoo.com/ > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39529&t=39497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst prob [7:39515]
I don't know what your seeing but having wedged 5500 in that past... Assuming you have a SUPII or III do you have another sup card to which you can download an image, plug it into the OSless cat an boot it up? Dave "[EMAIL PROTECTED]" wrote: > > Hi. > > I am trying to upload cat os 6.33 on my 5509 it gives me this error what > could be the prob ? > > rommon 2 > xmodem -s 38400 > Do not start the sending program yet... > > Invoke this application only for disaster recovery. > > Do you wish to continue? (y/n) [n]: y > > Note, if the console port is attached to a modem, both the > > console port and the modem must be operating at the same baud > > rate. Use console speed 38400 bps for download? (y/n) [n]: y > > Download will be performed at 38400 bps. Make sure your terminal > > emulator is set to this speed > > Baud rate is correctly set now. Enter y to continue (y/n) [n]: y > > Download Complete! > received file size=5340800 > > Loading Network Management Processor image > > Uncompressing file: ## > *** Bus Error (Load) Exception *** > Access address = 0x0 > > *** TLB (Load/Fetch) Exception *** > Access address = 0xfd78 > PC = 0x80010604, Cause = 0x8008, Status Reg = 0x3041d003 > > monitor: command "xmodem" aborted due to exception > rommon 3 > > > Any help will be of good help. > Thanks and Rgds, > Murali -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39530&t=39515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bridging and HSRP [7:39525]
It relates to DECnet using the mac address of the interface to derive the DECnet address. You need to configure DECnet, then HSRP using standby use-bia. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 8:26 AM To: [EMAIL PROTECTED] Subject: Bridging and HSRP [7:39525] Greetings all, I've a 6509 with 2 sups and MSFCs, running hsrp between both MSFCs. Routing 5 vlans, two of those 5 vlan are also bridging decnet. When I've the standby interface up, users can't get out, if I shutdown the standby interface all is good. According to Cisco I've to enable "standby use-bia" feature to prevent this problem. Have you guys seen this before, and what causes this problem? Just looking for some education and solutions. Thanks..Nabil - Hope I made my problem clear! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39531&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BootP Probs [7:39532]
Hi all, I'm having a problem with bootp. I have a remote site that is connected back to corp via frame relay circuit. The clients at this remote location are using bootp successfully to get network settings, but the printers (tektronics 740;s) can not. When sniffing the frame circuit, I am not seeing any bootp packets (from printers) coming from the e-net int of that router. I have the ip helper config'd on the e-net int, as the clients are working successfully. Doing a debug on an access list for udp, I get this: 5w6d: UDP: rcvd src=0.0.0.0(68), dst=255.255.255.255(67), length=564 5w6d: BOOTP: opcode 1 on interface FastEthernet0, 46053 secs, 16 hops The bootp requests never gets to serial int. Any ideas what this error is? Thx -- Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) Sr. Network Specialist Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39532&t=39532 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CAR bandwidth limitation problem [7:39533]
Hi all, I wanted to limit our internet usage so I applied rate-limit command to our internet routers serial interface bu couln't make it work. configuration is below. what I wanted to do is I want to give 96000 bits bandwidth to users who come from the firewall with 192.168.2.5 and I want to give all the others who are coming with ip address 192.168.2.6 only 16000 bits. But it doesnt work, when I look with sh int ser 0 rate-limit, all I see is nothing conformed. I applied it as input because download is important for us not upload. Any help will be appreciated? I am tired of trying so many things so I thought maybe someone can help. Best regards, Cisco Breaker, CCNP,CCDP Router#sh run Building configuration... Current configuration : 1959 bytes ! interface Ethernet0 ip address 192.168.1.3 255.255.255.0 interface Serial0 ip address 192.168.2.2 255.255.255.252 rate-limit input access-group 5 96000 8000 16000 conform-action transmit exceed-action drop rate-limit input access-group 110 16000 1500 2000 conform-action transmit exceed-action drop ! interface Serial1 no ip address ! no ip classless ip route 0.0.0.0 0.0.0.0 192.168.2.1 no ip http server ! no logging trap access-list 5 permit 192.168.2.5 log access-list 110 permit ip host 192.168.2.6 any log Router#sh int ser 0 rat Serial0 Input matches: access-group 5 params: 96000 bps, 8000 limit, 16000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151652ms ago, current burst: 0 bytes last cleared 00:24:18 ago, conformed 0 bps, exceeded 0 bps matches: access-group 110 params: 16000 bps, 1500 limit, 2000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151692ms ago, current burst: 0 bytes last cleared 00:23:58 ago, conformed 0 bps, exceeded 0 bps Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39533&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst prob [7:39515]
Hello Murali, go to the following link and try the procedure described. This is actually for an AS5200/5300, but might work on a Cat5509: http://www.cisco.com/warp/public/108/as5300_17881.html#Exception Regards, Georg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39534&t=39515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CAR bandwidth limitation problem [7:39533]
Try it on the ethernet interface -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""Cisco Breaker"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > > I wanted to limit our internet usage so I applied rate-limit command to our > internet routers serial interface bu couln't make it work. configuration is > below. what I wanted to do is I want to give 96000 bits bandwidth to users > who come from the firewall with 192.168.2.5 and I want to give all the > others who are coming with ip address 192.168.2.6 only 16000 bits. But it > doesnt work, when I look with sh int ser 0 rate-limit, all I see is nothing > conformed. I applied it as input because download is important for us not > upload. Any help will be appreciated? I am tired of trying so many things so > I thought maybe someone can help. > > Best regards, > > Cisco Breaker, > CCNP,CCDP > > Router#sh run > Building configuration... > > Current configuration : 1959 bytes > ! > interface Ethernet0 > ip address 192.168.1.3 255.255.255.0 > > interface Serial0 > ip address 192.168.2.2 255.255.255.252 > rate-limit input access-group 5 96000 8000 16000 conform-action transmit > exceed-action drop > rate-limit input access-group 110 16000 1500 2000 conform-action transmit > exceed-action drop > ! > interface Serial1 > no ip address > ! > no ip classless > ip route 0.0.0.0 0.0.0.0 192.168.2.1 > no ip http server > ! > no logging trap > access-list 5 permit 192.168.2.5 log > access-list 110 permit ip host 192.168.2.6 any log > > Router#sh int ser 0 rat > Serial0 > Input > matches: access-group 5 > params: 96000 bps, 8000 limit, 16000 extended limit > conformed 0 packets, 0 bytes; action: transmit > exceeded 0 packets, 0 bytes; action: drop > last packet: 1213151652ms ago, current burst: 0 bytes > last cleared 00:24:18 ago, conformed 0 bps, exceeded 0 bps > matches: access-group 110 > params: 16000 bps, 1500 limit, 2000 extended limit > conformed 0 packets, 0 bytes; action: transmit > exceeded 0 packets, 0 bytes; action: drop > last packet: 1213151692ms ago, current burst: 0 bytes > last cleared 00:23:58 ago, conformed 0 bps, exceeded 0 bps Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39535&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CAR bandwidth limitation problem [7:39533]
Nothing changes... the same statistics. I applied them as output for eth. Best regards, ""Steven A. Ridder"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try it on the ethernet interface > > -- > > RFC 1149 Compliant. > Get in my head: > http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39536&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bridging and HSRP [7:39525]
See if this helps explain what your seeing. I haven't seen the decnet problem myself but I have seen the use of the bia "fix" strange HSRP problems. It's a tool I keep in the back of my mind Dave http://www.cisco.com/warp/public/619/hsrpguide4.shtml#3 "[EMAIL PROTECTED]" wrote: > > Greetings all, > > I've a 6509 with 2 sups and MSFCs, running hsrp between both MSFCs. > Routing 5 vlans, two of those 5 vlan are also bridging decnet. When > I've the standby interface up, users can't get out, if I shutdown the > standby interface all is good. According to Cisco I've to enable > "standby use-bia" feature to prevent this problem. > > Have you guys seen this before, and what causes this problem? Just > looking for some education and solutions. > > Thanks..Nabil - Hope I made my problem clear! -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39537&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CAR bandwidth limitation problem [7:39533]
Does all return traffic get natted back to the fw's internal IP as the source? -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""Cisco Breaker"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Nothing changes... the same statistics. I applied them as output for eth. > > Best regards, > > ""Steven A. Ridder"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Try it on the ethernet interface > > > > -- > > > > RFC 1149 Compliant. > > Get in my head: > > http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39538&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fwd: RE: how to deal with this message on pix? [7:39497]
I manage two PIX 520s and I use syslog. I would scan your logs for the two addresses 61.156.7.187 and 202.96.137.40. You can open them in wordpad or notepad and do a find for the IP addresses. How often do they come up? What ports are they trying to hit? If you see these addresses come up hundreds of times, I would strongly recommend investigate further. The two strongest possibilities are someone is trying to hack you by gathering information about your network or a application is having trouble communicating. Either way you need to figure it out and whatever resolution you come to will take some of the load off your firewall. I also do some background checking on the addresses themselves. I got nothing from nslookup on the 61 address. I got this for the 202 address. C:\>nslookup 202.96.137.40 Server: res1.ns.algx.net Address: 206.205.242.132 Name:szptt134.szptt.net.cn.137.96.202.in-addr.arpa Address: 202.96.137.40 Does this mean anything to you? The Deny inbound (No xlate) means someone outside is trying to get to an address inside your network, but you have no address specfied so it gets rejected. The outside outside part, I haven't seen before. I would also look at your routers and see if there is any indication there. My guess is if it isn't malicious it could be a problem with routing between your firewall and router. I hope this helps. Tom --- Patrick Ramsey wrote: > From [EMAIL PROTECTED] Tue Mar 26 15:36:33 2002 > Date: Tue, 26 Mar 2002 10:07:56 -0500 > From: "Patrick Ramsey" > To: [EMAIL PROTECTED] > Subject: RE: how to deal with this message on pix? > [7:39497] > Reply-to: "Patrick Ramsey" > > > That's a normal message on the pix when a packet > gets denied. It's just > saying that there was not a translation from an > internal or dmz device to > match the packet coming in from the internet. > > It doesn't really mean he has a one armed routing > scenario. Actualy I don't > even see how that could work based on the logging. > > -Patrick > > >>> "Wilton White" 03/25/02 11:13PM >>> > PIX should not see that traffic in the first place. > PIX only routes > traffic between interfaces and can't make "u-turns" > - only routes > traffic from inside to outside or from outside to > inside, but not from > inside to inside or outside to outside. PIX > considers this a security > violation. > I would check outside router and see why is it > forwarding this traffic > to the PIX. > > -- Lidiya White > CCIE #8155 > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Roy > Sent: Monday, March 25, 2002 8:20 PM > To: [EMAIL PROTECTED] > Subject: how to deal with this message on pix? > [7:39497] > > > hi all > > i notice the message shown as bellow on my pix, and > how can i deal with > it? > > 106011: Deny inbound (No xlate) udp src > outside:61.156.7.187/16372 dst > outside:202.96.137.40/6970 > 106011: Deny inbound (No xlate) udp src > outside:61.156.7.187/16372 dst > outside:202.96.137.40/6970 > 106011: Deny inbound (No xlate) udp src > outside:61.156.7.187/16372 dst > outside:202.96.137.40/6970 > 106011: Deny inbound (No xlate) tcp src > outside:202.109.106.130/8893 dst > outside:202.96.137.40/59478 > 106011: Deny inbound (No xlate) udp src > outside:202.96.136.201/49202 dst > outside:202.96.137.40/53 > 106011: Deny inbound (No xlate) tcp src > outside:162.105.69.121/21 dst > outside:202.96.137.40/60090 > > > any helps will be appreciated > > > sincerely > > Roy > > > ""John Green"" P4HkO{O"PBNE > :[EMAIL PROTECTED] > > is any one aware of any issue with PIX501 and > > connecting via cable modem to get an ip address > (dhcp) > > ? > > > > internet-cable-PIXHOST > >modem 501 > > > > without the pix, the HOST is able to get the dhcp > ip > > address fine. the pix is configured to get an > > ipaddress from dhcp for its outside interface. but > it > > is failing. > > does anyone know of such issues ? > > > > > > __ > > Do You Yahoo!? > > Yahoo! Movies - coverage of the 74th Academy > Awards. > > http://movies.yahoo.com/ > > Confidentiality Disclaimer > This email and any files transmitted with it may > contain confidential and > /or proprietary information in the possession of > WellStar Health System, > Inc. ("WellStar") and is intended only for the > individual or entity to whom > addressed. This email may contain information that > is held to be > privileged, confidential and exempt from disclosure > under applicable law. If > the reader of this message is not the intended > recipient, you are hereby > notified that any unauthorized access, > dissemination, distribution or > copying of any information from this email is > strictly prohibited, and may > subject you to criminal and/or civil liability. If > you have received this > email in error, please notify the sender by reply > email and then delete this > emai
RE: CAR bandwidth limitation problem [7:39533]
If you are putting this as input, and traffic is destined for the 192.168.2.5 and 192.168.2.6 ip addresses, shouldn't your access lists both be extended, and as follows? Maybe I am not reading your question correctly, but it appears that you want to limit download traffic destined for these IP addresses correct? access-list 110 permit ip any host 192.168.2.6 log access-list 111 permit ip any host 192.168.2.5 log -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 11:12 AM To: [EMAIL PROTECTED] Subject: CAR bandwidth limitation problem [7:39533] Hi all, I wanted to limit our internet usage so I applied rate-limit command to our internet routers serial interface bu couln't make it work. configuration is below. what I wanted to do is I want to give 96000 bits bandwidth to users who come from the firewall with 192.168.2.5 and I want to give all the others who are coming with ip address 192.168.2.6 only 16000 bits. But it doesnt work, when I look with sh int ser 0 rate-limit, all I see is nothing conformed. I applied it as input because download is important for us not upload. Any help will be appreciated? I am tired of trying so many things so I thought maybe someone can help. Best regards, Cisco Breaker, CCNP,CCDP Router#sh run Building configuration... Current configuration : 1959 bytes ! interface Ethernet0 ip address 192.168.1.3 255.255.255.0 interface Serial0 ip address 192.168.2.2 255.255.255.252 rate-limit input access-group 5 96000 8000 16000 conform-action transmit exceed-action drop rate-limit input access-group 110 16000 1500 2000 conform-action transmit exceed-action drop ! interface Serial1 no ip address ! no ip classless ip route 0.0.0.0 0.0.0.0 192.168.2.1 no ip http server ! no logging trap access-list 5 permit 192.168.2.5 log access-list 110 permit ip host 192.168.2.6 any log Router#sh int ser 0 rat Serial0 Input matches: access-group 5 params: 96000 bps, 8000 limit, 16000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151652ms ago, current burst: 0 bytes last cleared 00:24:18 ago, conformed 0 bps, exceeded 0 bps matches: access-group 110 params: 16000 bps, 1500 limit, 2000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151692ms ago, current burst: 0 bytes last cleared 00:23:58 ago, conformed 0 bps, exceeded 0 bps Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39540&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bridging and HSRP [7:39525]
Hi, When using DECnet, the MAC address is changed depending on the DECnet address. You need to use the HSRP use-bia feature with DECnet. HSRP then uses the DECNet MAC address. From http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/decnet.htm DECnet hosts do not use manufacturer-assigned Media Access Control (MAC)-layer addresses. Instead, network level addresses are embedded in the MAC-layer address according to an algorithm that multiplies the area number by 1024 and adds the node number to the product. The resulting 16-bit decimal address is converted to a hexadecimal number and is appended to the address AA00.0400 in byte-swapped order, with the least-significant byte first. For example, DECnet address 12.75 becomes 12363 (base 10), which equals 304B (base 16). After this byte-swapped address is appended to the standard DECnet MAC address prefix, the address is AA00.0400.4B30. --- "[EMAIL PROTECTED]" wrote: > Greetings all, > > I've a 6509 with 2 sups and MSFCs, running hsrp > between both MSFCs. > Routing 5 vlans, two of those 5 vlan are also > bridging decnet. When > I've the standby interface up, users can't get out, > if I shutdown the > standby interface all is good. According to Cisco > I've to enable > "standby use-bia" feature to prevent this problem. > > Have you guys seen this before, and what causes this > problem? Just > looking for some education and solutions. > > > Thanks..Nabil - Hope I made my > problem clear! [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Movies - coverage of the 74th Academy Awards. http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39541&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CAR bandwidth limitation problem [7:39533]
Is CEF on? I think it has to be enabled for CAR to work. --- Mike Bernico [EMAIL PROTECTED] Illinois Century Network http://www.illinois.net (217) 557-6555 > -Original Message- > From: Cisco Breaker [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 26, 2002 10:12 AM > To: [EMAIL PROTECTED] > Subject: CAR bandwidth limitation problem [7:39533] > > > Hi all, > > I wanted to limit our internet usage so I applied rate-limit > command to our > internet routers serial interface bu couln't make it work. > configuration is > below. what I wanted to do is I want to give 96000 bits > bandwidth to users > who come from the firewall with 192.168.2.5 and I want to give all the > others who are coming with ip address 192.168.2.6 only 16000 > bits. But it > doesnt work, when I look with sh int ser 0 rate-limit, all I > see is nothing > conformed. I applied it as input because download is > important for us not > upload. Any help will be appreciated? I am tired of trying so > many things so > I thought maybe someone can help. > > Best regards, > > Cisco Breaker, > CCNP,CCDP > > Router#sh run > Building configuration... > > Current configuration : 1959 bytes > ! > interface Ethernet0 > ip address 192.168.1.3 255.255.255.0 > > interface Serial0 > ip address 192.168.2.2 255.255.255.252 > rate-limit input access-group 5 96000 8000 16000 > conform-action transmit > exceed-action drop > rate-limit input access-group 110 16000 1500 2000 > conform-action transmit > exceed-action drop > ! > interface Serial1 > no ip address > ! > no ip classless > ip route 0.0.0.0 0.0.0.0 192.168.2.1 > no ip http server > ! > no logging trap > access-list 5 permit 192.168.2.5 log > access-list 110 permit ip host 192.168.2.6 any log > > Router#sh int ser 0 rat > Serial0 > Input > matches: access-group 5 > params: 96000 bps, 8000 limit, 16000 extended limit > conformed 0 packets, 0 bytes; action: transmit > exceeded 0 packets, 0 bytes; action: drop > last packet: 1213151652ms ago, current burst: 0 bytes > last cleared 00:24:18 ago, conformed 0 bps, exceeded 0 bps > matches: access-group 110 > params: 16000 bps, 1500 limit, 2000 extended limit > conformed 0 packets, 0 bytes; action: transmit > exceeded 0 packets, 0 bytes; action: drop > last packet: 1213151692ms ago, current burst: 0 bytes > last cleared 00:23:58 ago, conformed 0 bps, exceeded 0 bps Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39542&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
minimal CCIE lab setup [7:39543]
hey all i'm new to this list, but already seeing the benefits of being a part of it. i look forward to these high-level discussions... after much research, i have weighed the possible options of how to go about preparing for my CCIE lab. it appears that if i put together even a makeshift lab myself, i can save a lot of money and provide better preparation than if i go through a training company (if anyone has any other suggestions, please speak up). anyway, i was looking through cisco's recommended equipment list for the lab, and it shows only the series of routers/switches required; not the actual models (i.e. 2500, 2600, etc.). b/c each router can perform the duties of many others, depending on the configuration, my questions are: (1) in general, what equipment constitutes a sufficient lab setting (CCIE's highly recommended to reply); and (2) what models of each series should i be looking at? hope it's clear! thanks in advance, ed [GroupStudy.com removed an attachment of type image/jpeg which had a name of Notebook.jpg] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39543&t=39543 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX commands help [7:39544]
PIX questions how to find the time/date when the config file was last modified. (to find if any one else has tampered with it) how to find who is telnetted into the pix or who is using the PDM into the pix how to configure a particular IP address to be allowed to manage pix via the PDM and no one else is allowed __ Do You Yahoo!? Yahoo! Movies - coverage of the 74th Academy Awards. http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39544&t=39544 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BootP Probs [7:39532]
I would imagine that if some clients are receiving addresses on the subnet and the printers are not, that the problem is with the printers. The router's helper address cannot filter certain requests from others becuase the devices do not have layer 3 addresses to filter on. I would try to manually configure the printers to confirm connectivity, or at least sniff the local subnet to see if the requests are getting to the router. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39545&t=39532 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bridging and HSRP [7:39525]
It's a good question though. When the 6500 first came out there was no config-sync or SRM which was a problem if you had a flexwan. config-sync was nice for flexwan support but still required HSRP. SRM is what I have been doing for a while now and it works well and there is no HSRP necessary, one less feature to find bugs in!! my $.02 Dave "Roberts, Larry" wrote: > > This is more of a question on top of this question? > If I have dual Sup's in a 6509, why not just run high availability and not > worry about HSRP ? Does HSRP give you something that > High Availability doesn't ? Once again, this is a question, not a statement > or recommendation. > > Thanks > > Larry > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 26, 2002 9:26 AM > To: [EMAIL PROTECTED] > Subject: Bridging and HSRP [7:39525] > > Greetings all, > > I've a 6509 with 2 sups and MSFCs, running hsrp between both MSFCs. Routing > 5 vlans, two of those 5 vlan are also bridging decnet. When I've the > standby interface up, users can't get out, if I shutdown the standby > interface all is good. According to Cisco I've to enable "standby use-bia" > feature to prevent this problem. > > Have you guys seen this before, and what causes this problem? Just looking > for some education and solutions. > > Thanks..Nabil - Hope I made my problem clear! -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39546&t=39525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cheap switch... [7:39547]
1900/2900 (non xl) -Patrick >>> "[EMAIL PROTECTED]" 03/26/02 12:48PM >>> I know this topic has been raised before, and I was fairly sure I had even saved the series of e-mails. Of course, much like that clever retort to a co-workers smart remark, the actual information escapes me at the time it is most needed. I am studying for my CCNP, and while my home lab has several routers (to start with), I am in need of an affordable switch. Someone posted a model easily obtainable from e-bay that was very similar to the bigger Catalysts command-wise, but much cheaper. Can someone refresh my memory as to what it was, or offer any other suggestions? Thanks > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39548&t=39547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX commands help [7:39544]
Don't use the time and date, use the "Cryptochecksum" from the show config command. If the checksum changed from the old one, you know someone was there. Of course I'm assuming you have a backup copy some where to compare the cryptochecksum numbers! PIX# sh config ssh timeout 5 terminal width 80 Cryptochecksum:kjshfsjhfskjfhsfj 0928023482048240248 (this is the last line in the configuration file) PIX# HTH.Nabil John Green cc: Sent by: Subject: PIX commands help [7:39544] nobody@groups tudy.com 03/26/2002 12:11 PM Please respond to John Green PIX questions how to find the time/date when the config file was last modified. (to find if any one else has tampered with it) how to find who is telnetted into the pix or who is using the PDM into the pix how to configure a particular IP address to be allowed to manage pix via the PDM and no one else is allowed __ Do You Yahoo!? Yahoo! Movies - coverage of the 74th Academy Awards. http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39549&t=39544 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX commands help [7:39544]
Don't use the time and date, use the "Cryptochecksum" from the show config command. If the checksum changed from the old one, you know someone was there. Of course I'm assuming you have a backup copy some where to compare the cryptochecksum numbers! PIX# sh config ssh timeout 5 terminal width 80 Cryptochecksum:kjshfsjhfskjfhsfj 0928023482048240248 (this is the last line in the configuration file) PIX# HTH.Nabil John Green cc: Sent by: Subject: PIX commands help [7:39544] nobody@groups tudy.com 03/26/2002 12:11 PM Please respond to John Green PIX questions how to find the time/date when the config file was last modified. (to find if any one else has tampered with it) how to find who is telnetted into the pix or who is using the PDM into the pix how to configure a particular IP address to be allowed to manage pix via the PDM and no one else is allowed __ Do You Yahoo!? Yahoo! Movies - coverage of the 74th Academy Awards. http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39551&t=39544 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cheap switch... [7:39547]
I believe you may have been thinking of the 1201 (although cheap is relative, and a 2912 can be relatively cheap) -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 12:00 PM To: [EMAIL PROTECTED] Subject: Re: Cheap switch... [7:39547] 1900/2900 (non xl) -Patrick >>> "[EMAIL PROTECTED]" 03/26/02 12:48PM >>> I know this topic has been raised before, and I was fairly sure I had even saved the series of e-mails. Of course, much like that clever retort to a co-workers smart remark, the actual information escapes me at the time it is most needed. I am studying for my CCNP, and while my home lab has several routers (to start with), I am in need of an affordable switch. Someone posted a model easily obtainable from e-bay that was very similar to the bigger Catalysts command-wise, but much cheaper. Can someone refresh my memory as to what it was, or offer any other suggestions? Thanks > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39552&t=39547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Where do I start? [7:39553]
Hi Guys, I'm just about to start climbing the CCNP ladder and I need suggestions. What books to start reading etc. Some friends are saying the BCSN Cisco press books are too confusing and I'm more better of using other authors. Any suggestions please?! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39553&t=39553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cheap switch... [7:39547]
It believe it was the Catalyst 1200 Series. Shawn K. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 12:48 PM To: [EMAIL PROTECTED] Subject: Cheap switch... [7:39547] I know this topic has been raised before, and I was fairly sure I had even saved the series of e-mails. Of course, much like that clever retort to a co-workers smart remark, the actual information escapes me at the time it is most needed. I am studying for my CCNP, and while my home lab has several routers (to start with), I am in need of an affordable switch. Someone posted a model easily obtainable from e-bay that was very similar to the bigger Catalysts command-wise, but much cheaper. Can someone refresh my memory as to what it was, or offer any other suggestions? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39554&t=39547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Switch - Teleos [7:39556]
Does anyone know of a good ISDN simulator ? I have a co-worker who bought a Teleos Switch, but documentation is not easy obtainable and it appears a complex device. Since the Teleos switch is not a sim, but an actual ISDN switch I don't know anyone who has ever used it. If you have any information on the Teleos products or a ISDN sim please respond to this note. I am in the process of putting a CCIE lab together and the ISDN switch/sim appears to be the hardest component to find. Thanks Derrick Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39556&t=39556 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CAR bandwidth limitation problem [7:39533]
Make sure you turned on CEF. Also, make sure your access-lists are correct. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: Cisco Breaker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 11:12 AM To: [EMAIL PROTECTED] Subject: CAR bandwidth limitation problem [7:39533] Hi all, I wanted to limit our internet usage so I applied rate-limit command to our internet routers serial interface bu couln't make it work. configuration is below. what I wanted to do is I want to give 96000 bits bandwidth to users who come from the firewall with 192.168.2.5 and I want to give all the others who are coming with ip address 192.168.2.6 only 16000 bits. But it doesnt work, when I look with sh int ser 0 rate-limit, all I see is nothing conformed. I applied it as input because download is important for us not upload. Any help will be appreciated? I am tired of trying so many things so I thought maybe someone can help. Best regards, Cisco Breaker, CCNP,CCDP Router#sh run Building configuration... Current configuration : 1959 bytes ! interface Ethernet0 ip address 192.168.1.3 255.255.255.0 interface Serial0 ip address 192.168.2.2 255.255.255.252 rate-limit input access-group 5 96000 8000 16000 conform-action transmit exceed-action drop rate-limit input access-group 110 16000 1500 2000 conform-action transmit exceed-action drop ! interface Serial1 no ip address ! no ip classless ip route 0.0.0.0 0.0.0.0 192.168.2.1 no ip http server ! no logging trap access-list 5 permit 192.168.2.5 log access-list 110 permit ip host 192.168.2.6 any log Router#sh int ser 0 rat Serial0 Input matches: access-group 5 params: 96000 bps, 8000 limit, 16000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151652ms ago, current burst: 0 bytes last cleared 00:24:18 ago, conformed 0 bps, exceeded 0 bps matches: access-group 110 params: 16000 bps, 1500 limit, 2000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop last packet: 1213151692ms ago, current burst: 0 bytes last cleared 00:23:58 ago, conformed 0 bps, exceeded 0 bps Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39555&t=39533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BootP Probs [7:39532]
At 10:54 AM 3/26/02, kevhed wrote: >Hi all, >I'm having a problem with bootp. I have a remote site that is connected >back to corp via frame relay circuit. The clients at this remote location >are using bootp successfully to get network settings, but the printers >(tektronics 740;s) can not. When sniffing the frame circuit, I am not >seeing any bootp packets (from printers) coming from the e-net int of that >router. I have the ip helper config'd on the e-net int, as the clients are >working successfully. > >Doing a debug on an access list for udp, I get this: >5w6d: UDP: rcvd src=0.0.0.0(68), dst=255.255.255.255(67), length=564 >5w6d: BOOTP: opcode 1 on interface FastEthernet0, 46053 secs, 16 hops Is the debug showing the packet from the printer? That 16 hops looks awfully strange. The client should set the BOOTP hop field to zero. A router can increment it, but I doubt that the packet has really been through 16 routers. Maybe the printers have a buggy implementation of BOOTP. Did they ever work? My guess is that a router won't forward a BOOTP with hops as large as 16 already. My next step would be to sniff on the Ethernet side and compare BOOTPs coming from the clients to BOOTPs coming from the printers. This is going to be a tricky one. Please let us know what you discover. Thanks. Priscilla >The bootp requests never gets to serial int. Any ideas what this error is? > >Thx > >-- >Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) >Sr. Network Specialist Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39557&t=39532 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX commands help [7:39558]
As I can see that the first question has already been answered, so let me answer the next two. show conn This command shows active connections. http server enable http 172.16.1.1 255.255.255.255 These two commands enable the http server and allows only workstation 172.16.1.1 to access it. When running PDM, you're accessing the http server in the PIX, so by restricting the http access, you're automatically restricting the PDM access. HTH, Ole ~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~ http://www.RouterChief.com ~ Need a Job? http://www.OleDrews.com/job ~ -Original Message- From: John Green [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 11:13 AM To: [EMAIL PROTECTED] Subject: PIX commands help PIX questions how to find the time/date when the config file was last modified. (to find if any one else has tampered with it) how to find who is telnetted into the pix or who is using the PDM into the pix how to configure a particular IP address to be allowed to manage pix via the PDM and no one else is allowed __ Do You Yahoo!? Yahoo! Movies - coverage of the 74th Academy Awards. http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39558&t=39558 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]