Re: Default Route set by BGP Local_Pref [7:40144]

[pankaj kulkarni]

You could use a route map along with the neighbour command to set the local
preferance.The configuration should be similar to that below.


RTD# 
router bgp 256 
neighbor 3.3.3.4 remote-as 300 
neighbor 3.3.3.4 route-map setlocalin in 

... 
ip as-path access-list 7 permit ^300$ 
.. 
route-map setlocalin permit 10 
match as-path 7 
set local-preference 400 
route-map setlocalin permit 20 
set local-preference 150 



Hunt Lee wrote:



Can a default route (0/0) learned from another AS be assigned a BGP
Local_Preference? My understanding is that a default route can be assigned
an Admin Dist to setup a preference between multiple default routes, but
not by Local_Pref. I tried to look on Internet Routing Arch (by Halabi) but
Halabi seems to say that Local_Pref works also... Any ideas?

From Halabi on p229:- The default route AS2 is learning from AS3 should not
need to be set at a lower Local_Pref than the full routing AS2 learns from
the provider

Thanks,

Hunt
Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com

 Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from
http://www.planetm.co.in




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40154t=40144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

multicast+qos [7:40155]

[[EMAIL PROTECTED]]

Hi,

Can someone let me know the multicast+qos exam prep book for CCIP.
Let me know the ISBN No.

Kind Regards /Thangavel
--
CCIE (qual),CCS,CCDP,CCNP,MCSE

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40155t=40155
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: JUNIPER TO BUY CISCO!!!!!!!! [7:40056]

[Ben Liang Tan]

hey, today is not 1st of April !!!

Wake up my friend


From: B Rudy 
Reply-To: B Rudy 
To: [EMAIL PROTECTED]
Subject: JUNIPER TO BUY CISCO [7:40056]
Date: Mon, 1 Apr 2002 12:27:28 -0500

JUNIPER IS MAKING A BID TO PURCHASE CISCO SYSTEMS THE COMPANY WILL
EVENTUALLY BE CALLED JUNICO!!! PLEASE COMMENT ON THIS


RUDY B
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40156t=40056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Question on PIX [7:40146]

Avi,

Your not doing any type of nat translation for the inside network.  If you
are not doing any Nat translations then the hosts inside will never be able
to get outside.  

-Original Message-
From: Avi [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 9:01 AM
To: [EMAIL PROTECTED]
Subject: Question on PIX [7:40146]

Hi,

I am facing a problem on PIX 515 as described  below.
Firewall: Cisco PIX 515
Firewall Software Version: 4.4(7)

PIX setup:
-

Host:
216.6.24.189

---R---PIX--
-R---
216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
192.166.2.5/30


Following is the config:
--
PIX Version 4.4(7)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname nungunungu
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
pager lines 24
logging on
no logging timestamp
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 100basetx
interface ethernet1 100basetx
mtu outside 1500
mtu inside 1500
ip address outside 192.168.2.6 255.255.255.252
ip address inside 172.16.10.2 255.255.255.252
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
conduit permit tcp host 216.6.24.177 eq smtp any
conduit permit tcp host 216.6.24.186 eq smtp any
conduit permit tcp any host 192.118.52.54 eq www
conduit permit icmp any any
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
conduit permit tcp host 216.6.24.10 eq domain any
conduit permit tcp host 192.118.52.54 eq 8080 any
conduit permit tcp host 192.118.52.54 eq 3180 any
conduit permit tcp host 192.118.52.54 eq www any
no rip outside passive
no rip outside default
rip inside passive
rip inside default
route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


PROBLEM


Host 216.6.24.189 in the inside network can ping the internal interface of
the PIX but can't ping the outside interface of the PIX nor any host in the
outside network.  Any host frm outside network can ping outside interface of
the PIX, but can't ping the inside interface of the PIX or any host in the
inside network. Sitting on PIX i am able to ping hosts in the inside as well
as outside networks. Static routes have been defined on both the routers.

Can someone pls help\guide me in solving this problem.

Thanxs in advance.

Rgds,
Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40157t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

802.3ab [7:40158]

[Lou]

I am working on a project and have a question I can't find the answer
to, despite 4 hours searching.
 If you have Cat5E or Cat6 ieee standard cabling, properly tested... Is
there a Max amount of cables you can run side by side before
experiencing alien Crosstalk.. (Crosstalk between the cables, not
between pairs, or NEXT, or FEXT)

If you know of a link to a whitepaper or any thing solid... I sure would
appreciate

Lou Nelson
Consulting System Engineer
CCNP, CCDP, Campus ATM Specialized




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40158t=40158
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Question on PIX [7:40146]

[Avi]

Hi,

All the inside addresses are valid internet IP addresses i.e. 216.6.24.189,
so i need not do Nating.

Thanxs  Rgds,
Avi.

[EMAIL PROTECTED], Jason Contractor (NSANAP N63)
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Avi,

 Your not doing any type of nat translation for the inside network.  If you
 are not doing any Nat translations then the hosts inside will never be
able
 to get outside.

 -Original Message-
 From: Avi [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, April 02, 2002 9:01 AM
 To: [EMAIL PROTECTED]
 Subject: Question on PIX [7:40146]

 Hi,

 I am facing a problem on PIX 515 as described  below.
 Firewall: Cisco PIX 515
 Firewall Software Version: 4.4(7)

 PIX setup:
 -

 Host:
 216.6.24.189

 ---R---PIX
--
 -R---
 216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
 192.166.2.5/30


 Following is the config:
 --
 PIX Version 4.4(7)
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 hostname nungunungu
 fixup protocol ftp 21
 fixup protocol http 80
 fixup protocol h323 1720
 fixup protocol rsh 514
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 names
 pager lines 24
 logging on
 no logging timestamp
 no logging console
 no logging monitor
 no logging buffered
 no logging trap
 logging facility 20
 logging queue 512
 interface ethernet0 100basetx
 interface ethernet1 100basetx
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.2.6 255.255.255.252
 ip address inside 172.16.10.2 255.255.255.252
 no failover
 failover timeout 0:00:00
 failover ip address outside 0.0.0.0
 failover ip address inside 0.0.0.0
 arp timeout 14400
 conduit permit tcp host 216.6.24.177 eq smtp any
 conduit permit tcp host 216.6.24.186 eq smtp any
 conduit permit tcp any host 192.118.52.54 eq www
 conduit permit icmp any any
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
 conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
 conduit permit tcp host 216.6.24.10 eq domain any
 conduit permit tcp host 192.118.52.54 eq 8080 any
 conduit permit tcp host 192.118.52.54 eq 3180 any
 conduit permit tcp host 192.118.52.54 eq www any
 no rip outside passive
 no rip outside default
 rip inside passive
 rip inside default
 route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


 PROBLEM
 

 Host 216.6.24.189 in the inside network can ping the internal interface of
 the PIX but can't ping the outside interface of the PIX nor any host in
the
 outside network.  Any host frm outside network can ping outside interface
of
 the PIX, but can't ping the inside interface of the PIX or any host in the
 inside network. Sitting on PIX i am able to ping hosts in the inside as
well
 as outside networks. Static routes have been defined on both the routers.

 Can someone pls help\guide me in solving this problem.

 Thanxs in advance.

 Rgds,
 Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40159t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Question on PIX [7:40146]

[Mark Odette II]

Avi-
By definition, the PIX is not a Router.  Because of this, the PIX will not
know a way to send traffic destined for a network other than what is defined
on the PIX Inside or Outside Interfaces.  Furthermore, you would have to
still do NAT translation from the Outside Interface (192.168.2.x) to the
Inside Interface (172.16.10.x) or an IP POOL that you define as
216.6.24.x/x.  Your better bet though would be to put your Inside Router as
one IP in the 216.6.24.x network, the Inside PIX interface as another IP in
the same 216.6.24.x network, create a NAT pool with your remaining IPs from
the same 216.6.24.x network, and then go from there.  Either way, your going
to have to do some NAT Translation from the 216.6.24.x network to the PIX
Outside Interface network.

-Mark
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Avi
Sent: Tuesday, April 02, 2002 3:06 AM
To: [EMAIL PROTECTED]
Subject: Re: Question on PIX [7:40146]


Hi,

All the inside addresses are valid internet IP addresses i.e. 216.6.24.189,
so i need not do Nating.

Thanxs  Rgds,
Avi.

[EMAIL PROTECTED], Jason Contractor (NSANAP N63)
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Avi,

 Your not doing any type of nat translation for the inside network.  If you
 are not doing any Nat translations then the hosts inside will never be
able
 to get outside.

 -Original Message-
 From: Avi [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, April 02, 2002 9:01 AM
 To: [EMAIL PROTECTED]
 Subject: Question on PIX [7:40146]

 Hi,

 I am facing a problem on PIX 515 as described  below.
 Firewall: Cisco PIX 515
 Firewall Software Version: 4.4(7)

 PIX setup:
 -

 Host:
 216.6.24.189

 ---R---PIX
--
 -R---
 216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
 192.166.2.5/30


 Following is the config:
 --
 PIX Version 4.4(7)
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 hostname nungunungu
 fixup protocol ftp 21
 fixup protocol http 80
 fixup protocol h323 1720
 fixup protocol rsh 514
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 names
 pager lines 24
 logging on
 no logging timestamp
 no logging console
 no logging monitor
 no logging buffered
 no logging trap
 logging facility 20
 logging queue 512
 interface ethernet0 100basetx
 interface ethernet1 100basetx
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.2.6 255.255.255.252
 ip address inside 172.16.10.2 255.255.255.252
 no failover
 failover timeout 0:00:00
 failover ip address outside 0.0.0.0
 failover ip address inside 0.0.0.0
 arp timeout 14400
 conduit permit tcp host 216.6.24.177 eq smtp any
 conduit permit tcp host 216.6.24.186 eq smtp any
 conduit permit tcp any host 192.118.52.54 eq www
 conduit permit icmp any any
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
 conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
 conduit permit tcp host 216.6.24.10 eq domain any
 conduit permit tcp host 192.118.52.54 eq 8080 any
 conduit permit tcp host 192.118.52.54 eq 3180 any
 conduit permit tcp host 192.118.52.54 eq www any
 no rip outside passive
 no rip outside default
 rip inside passive
 rip inside default
 route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


 PROBLEM
 

 Host 216.6.24.189 in the inside network can ping the internal interface of
 the PIX but can't ping the outside interface of the PIX nor any host in
the
 outside network.  Any host frm outside network can ping outside interface
of
 the PIX, but can't ping the inside interface of the PIX or any host in the
 inside network. Sitting on PIX i am able to ping hosts in the inside as
well
 as outside networks. Static routes have been defined on both the routers.

 Can someone pls help\guide me in solving this problem.

 Thanxs in advance.

 Rgds,
 Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40160t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Question on PIX [7:40146]

Avi,

It doesn't matter that the inside addresses are valid. They still need to be
translated outside.  You must either enter statics or create an access list
specifying that these addresses should not be natted. Also since your inside
network is the 172.16.10.x network, and the 216.6.24 network is on another
router inside.  You need to create default route to the 216.6.24.x network
with the ip address of the router that is connected.

Try this on the pix

static (inside,outside) 216.6.24.0 216.6.24.0 netmask 255.255.255.0
ip route inside 216.6.24.0 255.255.255.0 172.16.10.1

You will also need to add a route to the 216.6.27.x network pointing to the
pix's outside interface on the 192.166.2.5 router.  Add this to the outside
router

Ip route 216.6.24.0 255.255.255.0 192.168.2.6

After that you should be able to ping.


Jason



-Original Message-
From: Avi [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 11:06 AM
To: [EMAIL PROTECTED]
Subject: Re: Question on PIX [7:40146]

Hi,

All the inside addresses are valid internet IP addresses i.e. 216.6.24.189,
so i need not do Nating.

Thanxs  Rgds,
Avi.

[EMAIL PROTECTED], Jason Contractor (NSANAP N63)
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Avi,

 Your not doing any type of nat translation for the inside network.  If you
 are not doing any Nat translations then the hosts inside will never be
able
 to get outside.

 -Original Message-
 From: Avi [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, April 02, 2002 9:01 AM
 To: [EMAIL PROTECTED]
 Subject: Question on PIX [7:40146]

 Hi,

 I am facing a problem on PIX 515 as described  below.
 Firewall: Cisco PIX 515
 Firewall Software Version: 4.4(7)

 PIX setup:
 -

 Host:
 216.6.24.189

 ---R---PIX
--
 -R---
 216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
 192.166.2.5/30


 Following is the config:
 --
 PIX Version 4.4(7)
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 hostname nungunungu
 fixup protocol ftp 21
 fixup protocol http 80
 fixup protocol h323 1720
 fixup protocol rsh 514
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 names
 pager lines 24
 logging on
 no logging timestamp
 no logging console
 no logging monitor
 no logging buffered
 no logging trap
 logging facility 20
 logging queue 512
 interface ethernet0 100basetx
 interface ethernet1 100basetx
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.2.6 255.255.255.252
 ip address inside 172.16.10.2 255.255.255.252
 no failover
 failover timeout 0:00:00
 failover ip address outside 0.0.0.0
 failover ip address inside 0.0.0.0
 arp timeout 14400
 conduit permit tcp host 216.6.24.177 eq smtp any
 conduit permit tcp host 216.6.24.186 eq smtp any
 conduit permit tcp any host 192.118.52.54 eq www
 conduit permit icmp any any
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
 conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
 conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
 conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
 conduit permit tcp host 216.6.24.10 eq domain any
 conduit permit tcp host 192.118.52.54 eq 8080 any
 conduit permit tcp host 192.118.52.54 eq 3180 any
 conduit permit tcp host 192.118.52.54 eq www any
 no rip outside passive
 no rip outside default
 rip inside passive
 rip inside default
 route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


 PROBLEM
 

 Host 216.6.24.189 in the inside network can ping the internal interface of
 the PIX but can't ping the outside interface of the PIX nor any host in
the
 outside network.  Any host frm outside network can ping outside interface
of
 the PIX, but can't ping the inside interface of the PIX or any host in the
 inside network. Sitting on PIX i am able to ping hosts in the inside as
well
 as outside networks. Static routes have been defined on both the routers.

 Can someone pls help\guide me in solving this problem.

 Thanxs in advance.

 Rgds,
 Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40161t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

please help **location migration** [7:40162]

[Kevin Campbell]

I work for a collocation and bandwidth provider and need help with an issue
for a migration.

We need to move about 30 servers from a offsite location to our data center.
The move of the servers needs to be done over the period of a month.  We
need to do this without changing the ip addresses of the servers. so either
through an internet connection or wan link (both possible) we need to share
the ip block. It cannot be subnetted and must remain a single ip block.  We
have ruled out the use of bridge groups across a T1 circuit and would like a
better option than using a VPN. If you have any ideas please help.

thanks for the help and all the useful post.  I have been in this group for
about 6 months and have made very few posts but have benefited immensely
from users in this group.  I thank you for that.

Kevin Campbell MCSE, MCT, CCNP

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40162t=40162
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: JUNIPER TO BUY CISCO!!!!!!!! [7:40056]

[[EMAIL PROTECTED]]

How about -

NICER CPU I JOS

RICE CPU JOINS

CONJURES PIC I

or even SCOPIC INJURE?

Dom Stocqueler







   

   
Chuck

cc:
Sent by: Subject: Re: JUNIPER TO BUY
CISCO [7:40056]
   
nobody@groups
   
tudy.com
   

   

   
01/04/2002
   
22:27
   
Please
respond
to
   
Chuck
   

   





perhaps a better name would be cissi-fer( sissy fur )

anyone any good at anagrams. maybe among the combined letter of cisco and
juniper there is some good pun or other.

B Rudy  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 JUNIPER IS MAKING A BID TO PURCHASE CISCO SYSTEMS THE COMPANY WILL
 EVENTUALLY BE CALLED JUNICO!!! PLEASE COMMENT ON THIS


 RUDY B




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40163t=40056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IOS Firewall Feature Set -Blocking Attacks [7:40141]

[Steven A. Ridder]

If you know it's really him, send him RST-enabled TCP packets.  Or use an
IDS and that will shun him.

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 You can configure a simple inbound  access-list at your outside interface
 of your router   to deny inbound connection from the specific host to web
 server.
 or the other way is to enable ip audit on the router and in the action
 specify it as reset.

 Kind Regards /Thangavel
 --
 CCIE (qual),CCS,CCDP,CCNP,MCSE
 
 186K
 Reading,Brkshire
 Direct No   -0118 9064259
 Mobile No  -07796292416
 Post code: RG16LH
 www.186k.co.uk

 --
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela

 




 Clayton
 Dukes   To:
 [EMAIL PROTECTED]
Fax
 to:
 Sent by: Subject: IOS Firewall Feature
 Set -Blocking Attacks [7:40141]

 nobody@groups

 tudy.com



 02/04/2002

 06:44

 Please
 respond
 to

 Clayton

 Dukes






 Hi everyone,

 I have a specific IP address that constantly tries to attack my webserver.
 How can I block that IP address while allowing all others through?

 My config uses NAT extendable to translate the outside Ip to port 80 on an
 internal address.
 I want to allow the world to access that port EXCEPT for ip z.z.z.z, Can
 someone recommend a good way?

 TIA!



 Clayton Dukes
 Cisco Info Center SE
 Micromuse, Inc.
 CCNA, CCDA, CCDP, CCNP, NCC
 (h) 904-292-1881
 (c) 904-477-7825
 **
 This e-mail is from 186k Ltd and is intended only for the
 addressee named above. As this e-mail may contain confidential
 or priveleged information, if you are not the named addressee or
 the person responsible for delivering the message to the named
 addressee, please advise the sender by return e-mail. The
 contents should not be disclosed to any other person nor copies
 taken.
 186k Ltd is a Lattice Group company, registered in England
  Wales No. 3751494 Registered Office 130 Jermyn Street
 London SW1Y 4UR
 **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40166t=40141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Focus on RFCs [7:40046]

[Steven A. Ridder]

I read that somewhere that the group did that.

Another BBC article:

http://news.bbc.co.uk/hi/english/sci/tech/newsid_1321000/1321176.stm

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Howard C. Berkowitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 And speaking of my .sig, India has recently given up their Avian Carrier
 based system for e-mail.  So, they are no longer RFC 1149 Compliant : (
 
 It's a true story and not a joke.
 

http://news.bbc.co.uk/hi/english/world/south_asia/newsid_1892000/1892085.st
m
 

 I beg your pardon.  They were not RFC 1149 compliant to begin with.
 Perhaps RFC 822 SMTP compliant--it was an application-layer message
 transfer system.

 Unfortunately, I can't find the citation, but a Norwegian group
 actually did implement not just RFC 1149, but TCP over RFC 1149 IP.
 Every pigeon carried one or more encoded IP packets.

 I suppose that if you could attach messages to burrowing creatures
 such as gophers, you could create Generic Rodent Encapsulation
 tunneling.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40165t=40046
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Question on PIX [7:40146]

[Lidiya White]

You'll never be able to ping outside ip address of the PIX from the
inside, but you should be able to ping outside router.
I think the rest of the questions were already answered...

-- Lidiya White

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Avi
Sent: Tuesday, April 02, 2002 1:01 AM
To: [EMAIL PROTECTED]
Subject: Question on PIX [7:40146]

Hi,

I am facing a problem on PIX 515 as described  below.
Firewall: Cisco PIX 515
Firewall Software Version: 4.4(7)

PIX setup:
-

Host:
216.6.24.189

---R---PIX--

-R---
216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
192.166.2.5/30


Following is the config:
--
PIX Version 4.4(7)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname nungunungu
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
pager lines 24
logging on
no logging timestamp
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 100basetx
interface ethernet1 100basetx
mtu outside 1500
mtu inside 1500
ip address outside 192.168.2.6 255.255.255.252
ip address inside 172.16.10.2 255.255.255.252
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
conduit permit tcp host 216.6.24.177 eq smtp any
conduit permit tcp host 216.6.24.186 eq smtp any
conduit permit tcp any host 192.118.52.54 eq www
conduit permit icmp any any
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
conduit permit tcp host 216.6.24.10 eq domain any
conduit permit tcp host 192.118.52.54 eq 8080 any
conduit permit tcp host 192.118.52.54 eq 3180 any
conduit permit tcp host 192.118.52.54 eq www any
no rip outside passive
no rip outside default
rip inside passive
rip inside default
route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


PROBLEM


Host 216.6.24.189 in the inside network can ping the internal interface
of
the PIX but can't ping the outside interface of the PIX nor any host in
the
outside network.  Any host frm outside network can ping outside
interface of
the PIX, but can't ping the inside interface of the PIX or any host in
the
inside network. Sitting on PIX i am able to ping hosts in the inside as
well
as outside networks. Static routes have been defined on both the
routers.

Can someone pls help\guide me in solving this problem.

Thanxs in advance.

Rgds,
Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40168t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: please help **location migration** [7:40162]

[Craig Columbus]

See comments inline.  Basically, I think you need to explain your
restrictions.
My experience working with clients is that sometimes perceived 
restrictions, i.e - We CAN'T do that!, really aren't restrictions at all, 
i.e. - We don't WANT to do that because we really don't understand how it 
works and we're not comfortable.


Thanks,
Craig
P.S. - You appear to be in my area.  Shoot me an e-mail off-list and maybe 
we can sit down to discuss your issue if you're close to me.

At 05:49 AM 4/2/2002 -0500, you wrote:
I work for a collocation and bandwidth provider and need help with an issue
for a migration.

We need to move about 30 servers from a offsite location to our data center.
The move of the servers needs to be done over the period of a month.  We
need to do this without changing the ip addresses of the servers.

Why can't you change the IP addresses?  Are there hardcoded applications?
Is time required for DNS cache expiration a problem?  Is the same provider 
servicing the offsite and onsite locations?  Is the IP block portable?

so either
through an internet connection or wan link (both possible) we need to share
the ip block. It cannot be subnetted and must remain a single ip block.

So you need a single, non-subnetted IP block to be at two physically remote 
locations, but one logical location.
Why can't the IP block be subnetted?  Can it be summarized?

We
have ruled out the use of bridge groups across a T1 circuit and would like a
better option than using a VPN. If you have any ideas please help.

thanks for the help and all the useful post.  I have been in this group for
about 6 months and have made very few posts but have benefited immensely
from users in this group.  I thank you for that.

Kevin Campbell MCSE, MCT, CCNP

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40170t=40162
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX VS CheckPoint [7:40136]

[x]

I have setup and managed both PIX and Checkpoint in a
variety of environments.  I think they are both solid
options in different situations.  Here is how I market
these products.

PIX
- more cost effective
- fast
- you can have fail over
- Can be more complicated to setup the CLI, but PIX
has a nice feature of allowing all traffic out and
none in by default.

Who would I market this for?
I would target this as an ideal candidate for small
companies with rulesets that don't change much.  They
also need a Cisco savy person to manage it, usually a
consultant.  I am guessing you would fill this role. 
I have only made minor changes in the firewall I have
managed for almost two years.

Checkpoint
- nice GUI for ruleset management
- more expensive
- required to know Unix or NT ( for the love of God
don't use NT.  Its security is very poor out of the
box and requires a great deal of configuration to
become mildly secure )

Who would I market this toward?
I would target larger companies with Checkpoint.  It
is easier to manage the ruleset, but more setup time
and more costly.  I would also say this solution is
slightly slower and more prone to security issues
since you have to patch the OS and the firewall
software.


--- Jeffrey Reed  wrote:
 Has anyone performed or seen an in depth study of
 PIX vs Checkpoint? I have
 a customer who is looking at both. Ive read various
 magazine articles, but
 nothing from real people such as this group! :)
 
 Thanks!!
 
 Jeffrey Reed
 Classic Networking, Inc.
 Cell 717-805-5536
 Office 717-737-8586
 FAX 717-737-0290
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40171t=40136
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Question on PIX [7:40146]

[Ole Drews Jensen]

Avi,

Try to add this:

route inside 216.6.24.255 255.255.255.0 172.16.10.1

Hth,

Ole

~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~
 http://www.RouterChief.com
~
 Need a Job?
 http://www.OleDrews.com/job
~




-Original Message-
From: Avi [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 02, 2002 1:01 AM
To: [EMAIL PROTECTED]
Subject: Question on PIX [7:40146]


Hi,

I am facing a problem on PIX 515 as described  below.
Firewall: Cisco PIX 515
Firewall Software Version: 4.4(7)

PIX setup:
-

Host:
216.6.24.189

---R---PIX--
-R---
216.6.24.175172.16.10.1/30   172.16.10.2/30 192.168.2.6/30
192.166.2.5/30


Following is the config:
--
PIX Version 4.4(7)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname nungunungu
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
pager lines 24
logging on
no logging timestamp
no logging console
no logging monitor
no logging buffered
no logging trap
logging facility 20
logging queue 512
interface ethernet0 100basetx
interface ethernet1 100basetx
mtu outside 1500
mtu inside 1500
ip address outside 192.168.2.6 255.255.255.252
ip address inside 172.16.10.2 255.255.255.252
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
arp timeout 14400
conduit permit tcp host 216.6.24.177 eq smtp any
conduit permit tcp host 216.6.24.186 eq smtp any
conduit permit tcp any host 192.118.52.54 eq www
conduit permit icmp any any
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp
conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data
conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp
conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001
conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001
conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306
conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306
conduit permit tcp host 216.6.24.10 eq domain any
conduit permit tcp host 192.118.52.54 eq 8080 any
conduit permit tcp host 192.118.52.54 eq 3180 any
conduit permit tcp host 192.118.52.54 eq www any
no rip outside passive
no rip outside default
rip inside passive
rip inside default
route outside 0.0.0.0 0.0.0.0 192.168.2.5 1


PROBLEM


Host 216.6.24.189 in the inside network can ping the internal interface of
the PIX but can't ping the outside interface of the PIX nor any host in the
outside network.  Any host frm outside network can ping outside interface of
the PIX, but can't ping the inside interface of the PIX or any host in the
inside network. Sitting on PIX i am able to ping hosts in the inside as well
as outside networks. Static routes have been defined on both the routers.

Can someone pls help\guide me in solving this problem.

Thanxs in advance.

Rgds,
Avtar.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40172t=40146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: wireless certification [7:40071]

[Matthew Meiers]

What is CWNA?  I am unaware of such a title.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
kvgb
Sent: Tuesday, April 02, 2002 12:19 AM
To: [EMAIL PROTECTED]
Subject: RE: wireless certification [7:40071]

Ashish,

I am interested in CWNA, what study materials did you use?

Thanks,

kvgb




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40173t=40071
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: please help **location migration** [7:40162]

[Robert Fowler]

I'm not sure if this will help but here goes:

I used to work for a dotcom and we had to move our Datacenter from SiteA to
SiteB with 2 different address blocks. The problem you might say is if you
move the website what happens? Well we made a duplicate copy of the website
(minus the database) at site B and then used IIS forwarding to point to the
new site and put the Database under maintenance until we got it transferred
to Site B. Then we changed our DNS entries for the website and left the IIS
forwarding on for a few days. 

I now this doesn't actually answer your question but it could solve your
problem. 

-Original Message-
From: Kevin Campbell [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 5:49 AM
To: [EMAIL PROTECTED]
Subject: please help **location migration** [7:40162]

I work for a collocation and bandwidth provider and need help with an issue
for a migration.

We need to move about 30 servers from a offsite location to our data center.
The move of the servers needs to be done over the period of a month.  We
need to do this without changing the ip addresses of the servers. so either
through an internet connection or wan link (both possible) we need to share
the ip block. It cannot be subnetted and must remain a single ip block.  We
have ruled out the use of bridge groups across a T1 circuit and would like a
better option than using a VPN. If you have any ideas please help.

thanks for the help and all the useful post.  I have been in this group for
about 6 months and have made very few posts but have benefited immensely
from users in this group.  I thank you for that.

Kevin Campbell MCSE, MCT, CCNP

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40174t=40162
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: please help **location migration** [7:40162]

[sam sneed]

You can do this two ways, either over a VPN or a WAN link over a tunnel
interface. The tunnel interface will probably be a little less overhead
nsince you don't need encryption.


Kevin Campbell  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I work for a collocation and bandwidth provider and need help with an
issue
 for a migration.

 We need to move about 30 servers from a offsite location to our data
center.
 The move of the servers needs to be done over the period of a month.  We
 need to do this without changing the ip addresses of the servers. so
either
 through an internet connection or wan link (both possible) we need to
share
 the ip block. It cannot be subnetted and must remain a single ip block.
We
 have ruled out the use of bridge groups across a T1 circuit and would like
a
 better option than using a VPN. If you have any ideas please help.

 thanks for the help and all the useful post.  I have been in this group
for
 about 6 months and have made very few posts but have benefited immensely
 from users in this group.  I thank you for that.

 Kevin Campbell MCSE, MCT, CCNP

 [GroupStudy.com removed an attachment of type application/ms-tnef which
had
 a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40175t=40162
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RFC's [7:40135]

[Howard C. Berkowitz]

First, a general comment on RFC's:  when there is an Applicability 
Statement, Framework, or Roadmap associated with the protocol 
specification, read them first. Some of the more complex families 
such as MPLS, IPSec, etc., also have requirements and architecture 
documents worth reading.

I would add to these:

RFC 1812 Requirements for IPv4 routers

RFC 1925 The Twelve Networking Truths.

Some RFCs are in major revision, and the drafts may be more useful. I 
would recommend BGP students go to the IDR working group page at 
http://www.ietf.org and get the most recent draft (I think it's 18, 
but it may have gone to a yet newer round). Without false modesty, 
also go to the BMWG working group page and get the latest revision of 
the terminology for single-router BGP convergence, where we've 
cleaned up some of the more confusing BGP terminology.  We should 
have an updated draft, about ready for RFC, up within a week or two.

RFC 1517-1520 are the fundamental basis for CIDR/VLSM.  RFC 1878, 
Variable Length Subnet Table For IPv4, has excellent conversion 
tables and examples. My RFC 2072 also gives addressing strategies for 
renumbering routers.

In fact, here's the timeline for RFCs for IP addressing:

760791 8501517-20
Fixed  ClassfulSubnetting CIDR/VLSM
NetworkAddressing
Field

All the April 1st RFCs notwithstanding, the following are classic RFCs that
every network engineer should know about:

And some of the April 1 RFCs are classics that have something to 
teach. 1194 is an excellent example of how IP is mapped onto a 
specific transmission system.


RFC 760: DoD Standard Internet Protocol (IP), made obsolete by RFC 791, but
still worth reading
RFC 768: User Datagram Protocol (UDP)
RFC 791: Internet Protocol (IP)
RFC 792: Internet Control Message Protocol (ICMP)
RFC 793: Transmission Control Protocol (TCP)
RFC 826: Ethernet Address Resolution Protocol (ARP)
RFC 854: Telnet Protocol Specification
RFC 950: Internet Standard Subnetting Procedure
RFC 959: File Transfer Protocol (FTP)
RFC 1001: Protocol Standard for a NetBIOS Service on TCP/UDP Transport:
Concepts and Facilities
RFC 1002: Protocol Standard for a NetBIOS Service on a TCP/UDP Transport:
Detailed Specifications
RFC 1034: Domain Names - Concepts and Facilities
RFC 1058. Routing Information Protocol (RIP)
RFC 1122: Requirements for Internet Hosts - Communication Layers
RFC 1661: The Point-to-Point Protocol (PPP)
RFC 1700: Assigned Numbers
RFC 1752: The Recommendation for the IP Next Generation Protocol
RFC 1757: Remote Network Monitoring (RMON) Management Information Base (MIB)
RFC 1771: A Border Gateway Protocol 4 (BGP4)
RFC 1812: Requirements for IP Version 4 Routers
RFC 1905: Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1918: Address Allocation for Private Internets
RFC 1939: Post Office Protocol (POP), Version 3
RFC 2021: Remote Network Monitoring Management Information Base Version 2
using SMIv2 (RMONv2)
RFC 2060: Internet Message Access Protocol (IMAP), Version 4rev1
RFC 2236: Internet Group Management Protocol (IGMP), Version 2
RFC 2328: Open Shortest Path First (OSPF),  Version 2
RFC 2390: Inverse Address Resolution Protocol (Inverse ARP)
RFC 2453: Routing Information Protocol (RIP), Version 2
RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
RFC 2462: IPv6 Stateless Address Autoconfiguration
RFC 2474: Definition of the Differentiated Services Field (DS Field) in the
IPv4 and IPv6 Headers
RFC 2475: An Architecture for Differentiated Service
RFC 2516: A Method for Transmitting PPP over Ethernet (PPPoE)
RFC 2608: Service Location Protocol (SLP), Version 2
RFC 2616: Hypertext Transfer Protocol (HTTP), Version 1.1
RFC 2821: Simple Mail Transfer Protocol (SMTP)
RFC 3022: Traditional IP Network Address Translator (Traditional NAT)

HTH

Priscilla

At 10:43 PM 4/1/02, D'Wayne Saunders wrote:
Hi,
  Can anyone recommend a few core rfc's that are wothwhile reading
  in regards
to cisco study.
tia

  Dwayne Saunders

-- 
What Problem are you trying to solve?
***send Cisco questions to the list, so all can benefit -- not 
directly to me***

Howard C. Berkowitz  [EMAIL PROTECTED]
Chief Technology Officer, GettLab/Gett Communications http://www.gettlabs.com
Technical Director, CertificationZone.com http://www.certificationzone.com
retired Certified Cisco Systems Instructor (CID) #93005




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40176t=40135
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 802.3ab [7:40158]

[timothy thielen]

nothing solid that I know of...  I know in the production networks I have
SEEN, nobody seems to care how many cables can be bundled.  It's never been
an issue in the networks I've experienced.

Lou wrote:
 
 I am working on a project and have a question I can't find the
 answer
 to, despite 4 hours searching.
  If you have Cat5E or Cat6 ieee standard cabling, properly
 tested... Is
 there a Max amount of cables you can run side by side before
 experiencing alien Crosstalk.. (Crosstalk between the cables,
 not
 between pairs, or NEXT, or FEXT)
 
 If you know of a link to a whitepaper or any thing solid... I
 sure would
 appreciate
 
 Lou Nelson
 Consulting System Engineer
 CCNP, CCDP, Campus ATM Specialized
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40178t=40158
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX VS CheckPoint [7:40136]

[Nurudeen Aderinto]

Dear x,

I love your presentation. You spoke well.

Nurudeen
x  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have setup and managed both PIX and Checkpoint in a
 variety of environments.  I think they are both solid
 options in different situations.  Here is how I market
 these products.

 PIX
 - more cost effective
 - fast
 - you can have fail over
 - Can be more complicated to setup the CLI, but PIX
 has a nice feature of allowing all traffic out and
 none in by default.

 Who would I market this for?
 I would target this as an ideal candidate for small
 companies with rulesets that don't change much.  They
 also need a Cisco savy person to manage it, usually a
 consultant.  I am guessing you would fill this role.
 I have only made minor changes in the firewall I have
 managed for almost two years.

 Checkpoint
 - nice GUI for ruleset management
 - more expensive
 - required to know Unix or NT ( for the love of God
 don't use NT.  Its security is very poor out of the
 box and requires a great deal of configuration to
 become mildly secure )

 Who would I market this toward?
 I would target larger companies with Checkpoint.  It
 is easier to manage the ruleset, but more setup time
 and more costly.  I would also say this solution is
 slightly slower and more prone to security issues
 since you have to patch the OS and the firewall
 software.


 --- Jeffrey Reed  wrote:
  Has anyone performed or seen an in depth study of
  PIX vs Checkpoint? I have
  a customer who is looking at both. Ive read various
  magazine articles, but
  nothing from real people such as this group! :)
 
  Thanks!!
 
  Jeffrey Reed
  Classic Networking, Inc.
  Cell 717-805-5536
  Office 717-737-8586
  FAX 717-737-0290
 [EMAIL PROTECTED]


 __
 Do You Yahoo!?
 Yahoo! Tax Center - online filing with TurboTax
 http://http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40177t=40136
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[Brian Zeitz]

Oh  -- both David Wolsefer and Galina Pildush are CCIE's, and have 
been compensated by Certzone. Since David's posting was in support of 
an April Fool's joke

An April fools joke to market your website... So you win either way...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40180t=40035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SYBEX SIMULATORS [7:39505]

[Wes Knight]

In article , 
[EMAIL PROTECTED] says...
 Hi everyone,
 
 I was wondering if anyone had an opinion on the following
 simulation/training programs from Sybex.
 
 Usefulness, worth the money spent, etc.  Am considering purchasing.
 
 I appreciate your comments, and thanks in advance !!
 
 CCNP Complete Virtual Trainer
 CCNP: Remote Access Virtual Trainer
 CCNP: Routing Virtual Trainer
 CCNP: Support Virtual Trainer
 CCNP: Switching Virtual Trainer
 
 Jasper
 
 ==
 Jasper Solt   MCSE  MCT  CCNA
 Email: [EMAIL PROTECTED]
 ==
I've used the Complete Virtual Trainer for CCNA classes when I'm 
teaching out of the country and can't get my equipment shipped in.

It good, but it is a sim, so it's not 100% the same.
-- 
Wes Knight
CCNP, MCT, MCSE, CNE, PSI, ASE, etc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40179t=39505
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 802.3ab [7:40158]

[Marko Milivojevic]

My wild guess would be that this actually depends on the surrounding,
length, position, etc. The good literature for this would be some electrical
engineering course on magnetic induction, etc.

Advice how to avoid alien crosstalk would be to have those cable as less
paralel as possible. Also, twisting them in a bundle might help, but I might
be wrong on this.


Marko.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40182t=40158
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Devices in MS Active Directory [7:40095]

[David Armstrong]

And to add to what William has written ...

The current package we're looking at to manage our network is Computer
Associates Unicenter. At it's core it's nothing more than another SNMP tool;
however, it will integrate with about every company's software. With it we
can drill through our network to the Cisco device we would like to work on,
click it and CiscoWorks will open for that device. The same is true of Bay
Networks, Cabletron and a host of other manufacturer's products (servers,
etc.) as well.

You might take a look at their product line and HP Openviwe to give you a
direction to go in. Here is the URL to CA's product:
http://www3.ca.com/Solutions/SubSolution.asp?ID=2846

That should be at leat a good 15 minutes worth of reading  ;-)


William Harrison  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Chris,

 Let me add to what David has said well.  While Active Directory is
Microsoft
 Directory service and is based on industry standard X.500 and LDAP and
 Kerboros.  It is SNMP that is the only link between your Microsoft and
Cisco
 devices.  Therefore,  management at best is monitoring the whole network.
I
 think you will find that programs, such as Ciscoworks, are written because
 of the nature of business.  Every manufacture wants his product to be
 unique.  As far as SMS goes, it is capable of detection and monitor any
snmp
 device.  The key would be the response to the monitoring.  SMS could only
 notify you at certain alert levels.  This may be fine for your purposes.

 As final thought,  consider your purposes and needs for management.  I
think
 that a combination of products is currently your best for full management!

 Bill Harrison
 MCSE, CCNP
 Instructor

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 David Armstrong
 Sent: Monday, April 01, 2002 4:10 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Cisco Devices in MS Active Directory [7:40095]


 Chris,

 We've been looking into several network management packages. The answers
all
 seem to be the same. Network management software can find devices via a
 number of methods but all need the hardware vendor's specific management
 software to adequately work with each company's devices. In the case of
 Cisco that would of course be Cisco Works. I don't know yet whether MS's
SMS
 software interfaces with CiscoWorks or not but it would certainly be able
to
 manage it via Active Directory. There are several other companies that
have
 similar software that would integrate with Active Directory as well.

 Hope that helps some,

 David Armstrong

 Mann, Chris  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Can Cisco routers and switches be managed at all from with Microsoft
  Active Directory, or some Active Directory snap-in? I tried looking on
CCO
  and Microsoft.com but did not see too much on how the two of them
 interact,
  if at all.
 
  Thanks,
 
  Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40181t=40095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DTE DCE WAN Simulation [7:40183]

[v s]

In setting up at home lab back to back 2501's with dte dce cable 

Is there anything special you need to do to pass traffic in a simulated WAN
environment.

Clocking host table 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40183t=40183
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

which switch [7:40184]

[geek]

ok, I have a CAT5505. It uses the SET type OS. I have read that there is
an IOS like OS for some of the switches. I can only imagine that we need to
know both pretty well to score well on any exams.


The question:

which switch series have the other IOS type OS.. I guess I shold look into
buying one to learn the interface.

Thanks for any advice

-Joe-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40184t=40184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[Nguyen, Cuong Q]

Galina Pildush is CCIE # 3176 and currently is active.

C.Q.Nguyen

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Robert Fowler
Sent: Monday, April 01, 2002 3:57 PM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]


I noticed a Galina Pildush was listed as CCIE # 5858, but using Cisco's
on-line verification tool it shows a David Wolsefer as being CCIE # 5858.
Does Cisco has a certification path for people with split personalities? :)

-Original Message-
From: David Wolsefer [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 01, 2002 10:21 AM
To: [EMAIL PROTECTED]
Subject: MPLS White Paper Announcement [7:40035]

Galina Pildush is publishing an MPLS white paper today on
www.certificationzone.com. You better hurry though because it will only be
available free for today only. This should be an excellent source for those
studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS well.

Regards,

David Wolsefer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40185t=40035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

7206 disassembly [7:40186]

[Ismail M Saeed]

All,
I have a problem in 7206 midplane can anyone help me in disassembling the
chassis to reach the midplane?
please advise




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40186t=40186
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Devices in MS Active Directory [7:40095]

[Jason]

Another example of useless comments and waste of bandwidth... just like the
one I'm making now..


Patrick Ramsey  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Do you really want to trust the management of your core equipment to
 anything microsoft puts out?

  Mann, Chris  04/01/02 04:05PM 
 Can Cisco routers and switches be managed at all from with Microsoft
 Active Directory, or some Active Directory snap-in? I tried looking on CCO
 and Microsoft.com but did not see too much on how the two of them
interact,
 if at all.

 Thanks,

 Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40187t=40095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

7206VXR IOS Rec [7:40188]

[Richard Tufaro]

Anyone have a good recommendation for an IOS on a 7206VXR with a PA2-T3+?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40188t=40188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RFC's [7:40135]

[Angel Leiva]

Here is my favorite download URL for RFCs:

http://rfc.sunsite.dk/

Hth,

Angel Leiva - MCSE, CCNA, CCNP-WAN
Lucent Technologies, ESS  Irving, TX
E-mail: [EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
D'Wayne Saunders
Sent: Monday, April 01, 2002 9:44 PM
To: [EMAIL PROTECTED]
Subject: RFC's [7:40135]


Hi,
Can anyone recommend a few core rfc's that are wothwhile reading in regards
to cisco study.
tia

Dwayne Saunders




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40190t=40135
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: root switch [7:39975]

[EFIRD, TREECE (CONTRACTOR)]

I'm assuming that the use of spantree portfast is coupled with the use
of this command:

set spantree portfast bpdu-guard enable

When this command is applied to the switch, and it will prevent a port
configured as a end-station port from being used as an uplink port from
another switch. Any BPDUs (Bridge Protocol Data Units) seen on a port
where the macro command set port host (or in this case set spantree
portfast) has been applied will cause the port to go into an
errDisable state.

The use of this command is intended to prevent unauthorized switching
devices from being connected to the LAN via the user ports. We use it in
our organization, and it is effective.

Treece

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 01, 2002 5:14 PM
To: [EMAIL PROTECTED]
Subject: RE: root switch [7:39975]


At 01:50 AM 4/1/02, Larry Letterman wrote:
For the most part here at Cisco, we have no guarrantee
that setting a switch to root will stop another switch from coming up 
as root. However, we set all our roots/sec roots by issuing the set 
spantree root command. This should lower the prio. of the root/sec root

switches to insure that they will always be the roots...

We also use portfast to insure no unwanted switches are plugged into 
our network and allowed to become live

Does that really work? A port in portfast mode still listens to BPDUs in

case another switch instead of a workstation gets connected. If another 
switch gets connected, the port will do its normal blocking, listening, 
learning, and forwarding state transitions. I don't think just
configuring 
portfast will stop an unwanted switch from becoming live?? Were you 
thinking of something else maybe?

Thanks,

Priscilla



Larry Letterman
Cisco Systems
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, March 31, 2002 10:12 PM
To: [EMAIL PROTECTED]
Subject: RE: root switch [7:39975]


as you know, my switch doesn't become a root swtich,so i set a higher 
priority in my switch,which method can be sure my swithc never come to 
root? thanks.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40189t=39975
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[Robert Fowler]

Yes this has been made clear to me by 5 different people including Galina
herself. However there was a typo at the bottom of the page listing her with
the incorrect CCIE # that is now fixed.

-Original Message-
From: Nguyen, Cuong Q [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 9:47 AM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]

Galina Pildush is CCIE # 3176 and currently is active.

C.Q.Nguyen

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Robert Fowler
Sent: Monday, April 01, 2002 3:57 PM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]


I noticed a Galina Pildush was listed as CCIE # 5858, but using Cisco's
on-line verification tool it shows a David Wolsefer as being CCIE # 5858.
Does Cisco has a certification path for people with split personalities? :)

-Original Message-
From: David Wolsefer [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 01, 2002 10:21 AM
To: [EMAIL PROTECTED]
Subject: MPLS White Paper Announcement [7:40035]

Galina Pildush is publishing an MPLS white paper today on
www.certificationzone.com. You better hurry though because it will only be
available free for today only. This should be an excellent source for those
studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS well.

Regards,

David Wolsefer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40191t=40035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CID Exam Cert Book [7:39669]

[Cebuano]

Priscilla,
Maybe it's time to switch publishers like Howard's. Unless your upcoming
book prevents Cisco from doing what they did to TDND's contract.
BTW - when is the next book due for release?

Elmer

- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: Tuesday, April 02, 2002 2:12 AM
Subject: RE: CID Exam Cert Book [7:39669]


 At 10:03 PM 4/1/02, Robert Padjen wrote:
 Top Down is a great book for DCN, but it's not really
 for the CID. I'll go out on a limb and suggest mine (
 ;) ). Sybex CID Study Guide.

 I'm sure you'll get flamed for advertising your own book, but I'm going to
 give you a hard time also for lack of accuracy. ;-)

 Top-Down Network Design is not a certification book, but it is based on
the
 work I did on both the Designing Cisco Networks (DCN) and the Cisco
 Internetwork Design (CID) training classes when I worked for Cisco.

 I have heard that Cisco has made CID match my Top-Down Network Design book
 even more closely than before. I know for a fact that the description of
 the CID course is taken from my Top-Down Network Design book. I did a
 double-take when I read the following text from the description of the CID
 class here:

http://www.cisco.com/pcgi-bin/front.x/wwtraining/CELC/index.cgi?action=Cours
eDescCOURSE_ID=321

 Good internetwork design recognizes a customer's requirements embody many
 business and technical goals, including requirements for availability,
 scalability, affordability, security, and manageability. Difficult
 internetwork design choices and tradeoffs must be made when designing the
 internetwork before any physical devices or media are selected.

 CID covers typical internetwork design business and technical goals and
 constraints. CID details the top-down design process and the importance of
 using systematic methods for internetwork design. Using systematic methods
 helps you, the internetwork designer, to keep pace with changing
 technologies and customer requirements.

 I said to myself, Hey I wrote that. Oh yeah, I should have had a lawyer
 look at my book contract. Cisco can use anything I wrote in the book.
 Bummer. or maybe not?? ;-]

 Priscilla

 To save a buck, if you
 feel comfortable with the material, you may want to
 forgo the big book and use the Exam Notes (used books
 are out there too). The new test might focus on
 multicast more than the books reflect, and they may
 have less StrataCom and ATM, but its close enough.
 640-025 (the exam the book was written to) is still
 the current version.
 
 Good luck.
 
 
 --- Andy Barkl  wrote:
   The book is not that great. It has many errors and
   omissions.
   I recommend the Cisco Press Top-Down Network Design
   book for the new CID
   exam.
  
  
   -Original Message-
   From: [EMAIL PROTECTED]
   [mailto:[EMAIL PROTECTED]] On Behalf Of
   STRAND Scott
   Sent: Wednesday, March 27, 2002 12:32 PM
   To: [EMAIL PROTECTED]
   Subject: CID Exam Cert Book [7:39669]
  
   Has anyone who has taken the CID exam used the Cisco
   CID Exam
   Certification
   Guide. (Michael Crane, Reggie Terell). I was wanting
   to
   get some opinions on this book, especially the
   practice test on the CD.
   I
   intend to use BOSON as well.
  
   Thanks,
   Scott
   CCNP, CCDA
  
   [GroupStudy.com removed an attachment of type
   application/x-pkcs7-signature
   which had a name of smime.p7s]
 [EMAIL PROTECTED]
 
 
 =
 Robert Padjen
 
 __
 Do You Yahoo!?
 Yahoo! Tax Center - online filing with TurboTax
 http://http://taxes.yahoo.com/
 

 Priscilla Oppenheimer
 http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40192t=39669
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco Devices in MS Active Directory [7:40095]

[Steve Smith]

Beware of Unicenter!

-Original Message-
From: David Armstrong [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 02, 2002 8:39 AM
To: [EMAIL PROTECTED]
Subject: Re: Cisco Devices in MS Active Directory [7:40095]


And to add to what William has written ...

The current package we're looking at to manage our network is Computer
Associates Unicenter. At it's core it's nothing more than another SNMP
tool;
however, it will integrate with about every company's software. With it
we
can drill through our network to the Cisco device we would like to work
on,
click it and CiscoWorks will open for that device. The same is true of
Bay
Networks, Cabletron and a host of other manufacturer's products
(servers,
etc.) as well.

You might take a look at their product line and HP Openviwe to give you
a
direction to go in. Here is the URL to CA's product:
http://www3.ca.com/Solutions/SubSolution.asp?ID=2846

That should be at leat a good 15 minutes worth of reading  ;-)


William Harrison  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Chris,

 Let me add to what David has said well.  While Active Directory is
Microsoft
 Directory service and is based on industry standard X.500 and LDAP and
 Kerboros.  It is SNMP that is the only link between your Microsoft and
Cisco
 devices.  Therefore,  management at best is monitoring the whole
network.
I
 think you will find that programs, such as Ciscoworks, are written
because
 of the nature of business.  Every manufacture wants his product to be
 unique.  As far as SMS goes, it is capable of detection and monitor
any
snmp
 device.  The key would be the response to the monitoring.  SMS could
only
 notify you at certain alert levels.  This may be fine for your
purposes.

 As final thought,  consider your purposes and needs for management.  I
think
 that a combination of products is currently your best for full
management!

 Bill Harrison
 MCSE, CCNP
 Instructor

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 David Armstrong
 Sent: Monday, April 01, 2002 4:10 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Cisco Devices in MS Active Directory [7:40095]


 Chris,

 We've been looking into several network management packages. The
answers
all
 seem to be the same. Network management software can find devices via
a
 number of methods but all need the hardware vendor's specific
management
 software to adequately work with each company's devices. In the case
of
 Cisco that would of course be Cisco Works. I don't know yet whether
MS's
SMS
 software interfaces with CiscoWorks or not but it would certainly be
able
to
 manage it via Active Directory. There are several other companies that
have
 similar software that would integrate with Active Directory as well.

 Hope that helps some,

 David Armstrong

 Mann, Chris  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Can Cisco routers and switches be managed at all from with Microsoft
  Active Directory, or some Active Directory snap-in? I tried looking
on
CCO
  and Microsoft.com but did not see too much on how the two of them
 interact,
  if at all.
 
  Thanks,
 
  Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40194t=40095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Duplicate messages from GroupStudy Listserve [7:40077]

[Priscilla Oppenheimer]

You may find some help from RFC 2321, The Reliable Internetwork 
Troubleshooting Agent (RITA)

I've been dying to use that one!

Not that I don't take your problem seriously. ;-)

Priscilla


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Andy Barkl
Sent: Monday, April 01, 2002 1:40 PM
To: [EMAIL PROTECTED]
Subject: Duplicate messages from GroupStudy Listserve [7:40077]


No matter how many times I subscribe, unsubscribe, and re-subscribe, I
can't get the GroupStudy Listserve server to send me only 1 copy of all
messages, it always sends me at least 2.

Has anyone who has recently subscribed or re-subscribed having the same
problem?

I don't want to bother the list moderator or Paul until I can confirm
the problem is not on my end.

Thanks




Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40164t=40077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Buy Vs. Virtual Rack Time for CCIE [7:40100]

[Ben Lovegrove]

Racktime - Pros:

Far less expensive than buying; generally reliable equipment;  ready made
topology; very small footprint(!);  available from any remote location;

Racktime - Cons:

Fixed timeslots mean lack of flexibility in practice; often a waiting
list for access;

 

Buying - Pros:

Availabe 24/7; investment (can be sold on); physical access

Buying - Cons:

Expensive outlay; large footprint;

On balance buying is better in my view.  In the long run the advantages
outweigh the disadvantages, and you can always sell the kit on to recover
most of the expense.

Regards,

Ben

Ben Lovegrove, CCNP

Redspan Solutions Ltd Web: www.redspan.com  www.bensbookmarks.com Tel:
+44 (0)2392 492010 Fax: +44 (0)870 460 2156 Email: [EMAIL PROTECTED]
Cisco hardware, software, accessories, and certification tips From:
Mckenzie Bill Reply-To: Mckenzie Bill To: [EMAIL PROTECTED]
Subject: Buy Vs. Virtual Rack Time for CCIE [7:40100] Date: Mon, 1 Apr
2002 16:46:10 -0500  I'm looking for comments about preparing for the
CCIE Lab Exam.  Do you NEED to buy the equipment to build a home lab,
or is it possible to be enough prepared by practicing totally through
renting rack time? (and in this dream world, money isn't an issue)  I
would really like to hear feedback about this.  Thanks Bill Mckenzie,
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



MSN Photos is the easiest way to share and print your photos: Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40145t=40100
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

http access not working anymore?? [7:40149]

[Cisco Nuts]

Hello,I use http to get to my routers but after enabling 2 commands on
the router it does not work anymoreI removed both the commands with
just http access but it still does not workI cleared the cache in IE
but that does not help either.I deleted the access-list and also
changed the enable secret password but no luckWhat could have gone
wrong?I had added: # ip http access-class 10   # ip http
auth local  



Get your FREE download of MSN Explorer at http://explorer.msn.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40149t=40149
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: #8960 [7:39144]

[Angel Leiva]

Congratulations Paul !!

Thank you for sharing some tidbits as well.

Angel Leiva - MCSE, CCNA, CCNP-WAN
Lucent Technologies, ESS  Irving, TX
E-mail: [EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Paul Jin
Sent: Wednesday, March 27, 2002 8:58 AM
To: [EMAIL PROTECTED]
Subject: #8960 [7:39144]


Hello all,

I guess it is my turn to make my announcement. I got my number this
past weekend in RTP. #8960 This was my first attempt and thankfully,
my last attempt for this track. I would especially like to thank Brian
Dignan,
CCIE #8248. He was a tremendous help in getting me ready to pass the first
time. My company actually promised me 100% support for CCIE training when I
got
on board but the past 2 years, I ended up without any of the promised
training.
So I needed to prep with my own fund (meaning, I had to ask my wife for the
money) :-)
and I needed a lot of help on many subjects that I normally don't deal with
every day. Especially on DLSW, TR and IPX.

Brian took the time to explain these technologies and made the complex
topics, easier to understand. I believe Stan earlier has already mentioned
that Brian has started teaching his own Cisco and lab prep classes in the DC
metro area.
I also recommend Brian 100%. Anyone that would like to reach Brian can do
so at - [EMAIL PROTECTED]

As far as the books, I mainly used the same books as others, Bruce
Caslow's book, Doyle 1 and 2 and CCIE practical studies. And Halabi
book for BGP.

I mainly used the free labs, labs from the books and also used lab 1
from Networkforce.com

Thank you Paul for creating the list and all members on this list.

- Paul Jin  CCIE #8960



-
Do You Yahoo!?
Yahoo! Movies - coverage of the 74th Academy Awards.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40193t=39144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[Howard C. Berkowitz]

An April fools joke to market your website... So you win either way...


Brian,

You seem hostile about this. Could you tell me what subterfuge was 
involved? From the very beginning, it was identified with Certzone.

Whether or not it was marketing -- I agree it is, and personally had 
nothing to do with the decision to do so -- it was also a j*o*k*e in 
the long tradition of IETF April 1 RFCs. RFC 1149, for example, is 
both funny but a good tutorial in how to map IP to a specific medium. 
The guy that wrote it worked, at the time, for BBN.  Is that BBN 
marketing?

My corporate affiliation shows on RFCs I write, as it does for every 
author. I suppose this, in some way, could be considered strategic 
marketing. I don't think there's anything wrong with that.

I do find it inappropriate for people to launch personal or product 
attacks on vendors, when they have a financial interest they do not 
disclose.  I feel it equally inappropriate for non-disinterested 
people to write glowing reviews of products.

Soon, I will be posting some general, vendor-independent notes on 
strategies for writing scenarios. I think it's in the general 
interest for these to be discussed in public, and get community input.

I may, with proper disclaimers, post reviews of products.  I will 
make the offer now that if a direct competitor wanted me to review 
their product, I would do so as objectively as possible--as a 
professional, not as a marketdroid. My reputation is too important to 
me to squander in shilling.
-- 
What Problem are you trying to solve?
***send Cisco questions to the list, so all can benefit -- not 
directly to me***

Howard C. Berkowitz  [EMAIL PROTECTED]
Chief Technology Officer, GettLab/Gett Communications http://www.gettlabs.com
Technical Director, CertificationZone.com http://www.certificationzone.com
retired Certified Cisco Systems Instructor (CID) #93005




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40195t=40035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[Priscilla Oppenheimer]

At 05:26 PM 4/1/02, Robert  Fowler wrote:
I wish I got paid for doing work for them. However even if I had the
knowledge to write one of the papers they don't have, I would probably lack
the technical writing skills. However if they want to start paying me I'd
probably be a less obvious in my praise.

I would agree that anything on their site is obtainable for free from
anywhere else.

Although I agree with your other statements, I can't agree that the text 
and figures at their site are obtainable for free from anywhere else. 
Howard and many of the other authors at www.certificationzone.com have an 
entirely unique way of explaining technologies. They make it fun to learn 
the material and they are dedicated to making sure the material is accurate 
and relevant.

Not only that, but many of the www.certification.com authors have had 
unique experiences involving the development of some of the protocols 
covered. As just one example, there isn't another person on the planet who 
lived so intimately with the development of AppleTalk (at least I hope not! 
;-) See my paper on AppleTalk at the Zone. Of course, not many people care 
about AppleTalk any more, but perhaps they should. A lot of AppleTalk 
themes (dynamic configuration, automated service location) are finally 
coming around to the IP world too. Many of the other authors have even more 
direct experience with the development and deployment of the technologies 
covered in the white papers.

I do wish CertificationZone would fix the ARP paper though. An ARP packet 
does not have an IP header. I bugged and bugged them about this and they 
never fixed it. Hint, hint. ;-)

Priscilla

However reading the papers I find that they written in an
easy to understand form, so you spend less time having to reread information
and can spend more time thinking about it. Granted I don't think it's
perfect, I'd like a better structure on the site, I think it's an excellent
tool for someone who isn't pursuing their Masters degree but instead one of
the Cisco Certifications. :) (that'd be me)

Robert Fowler
Unpaid, Unofficial site endorser of certificationzone.com who is merely
stating his long winded opinion in pursuit of his 3rd major certification.
:)

-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 4:29 PM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]

I don't know, last time someone made a pitch like that. I found out they
got paid for doing work for the site. My employer gives me 3500 a year
for educational stuff, and that money is going for a Masters degree.



All I need is an internet terminal and some free time to get those
things you mentioned :-) Anyway, to each his own



-Original Message-
From: Robert Fowler [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 3:00 PM
To: Brian Zeitz; [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]



Actually, the site provides much more than that. I subscribed over a
month ago and it is full of information that is compiled so that it is
easy to read etc. I have the PowerPoint slides also, but I've found the
diagrams, tests etc are much more valuable and make things easier to
learn. I think it's worth every dollar my employer spent. :)

Robert

-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 2:40 PM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]

Figure out the font then? It is probably Wingdings, ha ha. I could
figure this out, but I don't put much stock in this site. People really
pay money for white papers? The jokes on the people that send money to
that site to subscribe! I have a bunch of MPLS stuff from Cisco like
Documents, Powerpoint slides etc. Maybe they encrypted it in DES? Ha ha.




-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 12:41 PM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]

This isn't in Russian, it's a transliteration of English
using Cyrillic characters.  April Fool.

Someone's cute idea - bet the English character version
is going to cost.



Fred.
  Yea.. I am sure it is great.. if you are fluent in Russian
 
  Tim
  CCIE 9015
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of

  David Wolsefer
  Sent: Monday, April 01, 2002 10:21 AM
  To: [EMAIL PROTECTED]
  Subject: MPLS White Paper Announcement [7:40035]
 
 
  Galina Pildush is publishing an MPLS white paper today on
  www.certificationzone.com. You better hurry though because it will
only be
  available free for today only. This should be an excellent source for
those
  studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS
well.
 
  Regards,
 
  David Wolsefer
Get the award winning ISP, ATT WorldNet Service
http://download.att.net/webtag
i=40070t=40035

RE: 802.3ab [7:40158]

[Chris Charlebois]

If alien crosstalk is an issue in any cabling, it would come up in 802.3af
before you ever saw it in 802.3ab.  48 volts will cause alot more noise than
5 volts (Is that the voltage for standard 802.3?).  I've seen bundles of 20+
cat 5 ethernet running 802.3af without seeing problems.  My guess would be
that alien crosstalk will not be an issue with Cat 5 no matter how many
cables are bundled.  Of course, this assumes the are carrying pseudo-random
data (as would be seen in a production network).  If all the cables (or a
large portion of them) were running the exact same data, a cumlutive effect
might be seen.  Like soldier marching in lock-step.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40196t=40158
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Devices in MS Active Directory [7:40095]

[[EMAIL PROTECTED]]

Another added tidbit:
we have been using CA TNG 3.0 and if you want to use Cisco, plan on writing
custom agents, which translate to crummy support, (because now you are
'customized' )from CA,and we didn't even do the coding,  and well, heck,, I
shouldn't get started on them and product scope, reliability, support,
blah blah.

One extremely large customer of ours, just gave them the boot, as well as a
couple of others.   This is NOT intended to stir it up,  just factual
observations.  The political structure of CA is unstable as well.   IMHO,
use HP OpenView.  I think network folks overlook the amount of
bandwidth that is needed for WAN enterprise agents, the more you monitor,
the more you pay, one way or another.  Serious attention must be given to
total cost of ownership:  labor, equipment, support, bandwidth (agents),
training etc.

All have a great day.




Kevin McCarty
CCNA CCNP
Computer Sciences Corporation
Defense Sector


   

   
David
ArmstrongTo:
[EMAIL PROTECTED]
 Subject: Re: Cisco Devices in MS Active
Directory [7:40095]
Sent
by:
   
nobody
   

   

   
04/02/2002
08:38
AM
   
Please
respond
to
   
David
   
Armstrong
   

   





And to add to what William has written ...

The current package we're looking at to manage our network is Computer
Associates Unicenter. At it's core it's nothing more than another SNMP
tool;
however, it will integrate with about every company's software. With it we
can drill through our network to the Cisco device we would like to work on,
click it and CiscoWorks will open for that device. The same is true of Bay
Networks, Cabletron and a host of other manufacturer's products (servers,
etc.) as well.

You might take a look at their product line and HP Openviwe to give you a
direction to go in. Here is the URL to CA's product:
http://www3.ca.com/Solutions/SubSolution.asp?ID=2846

That should be at leat a good 15 minutes worth of reading  ;-)


William Harrison  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Chris,

 Let me add to what David has said well.  While Active Directory is
Microsoft
 Directory service and is based on industry standard X.500 and LDAP and
 Kerboros.  It is SNMP that is the only link between your Microsoft and
Cisco
 devices.  Therefore,  management at best is monitoring the whole network.
I
 think you will find that programs, such as Ciscoworks, are written
because
 of the nature of business.  Every manufacture wants his product to be
 unique.  As far as SMS goes, it is capable of detection and monitor any
snmp
 device.  The key would be the response to the monitoring.  SMS could only
 notify you at certain alert levels.  This may be fine for your purposes.

 As final thought,  consider your purposes and needs for management.  I
think
 that a combination of products is currently your best for full
management!

 Bill Harrison
 MCSE, CCNP
 Instructor

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 David Armstrong
 Sent: Monday, April 01, 2002 4:10 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Cisco Devices in MS Active Directory [7:40095]


 Chris,

 We've been looking into several network management packages. The answers
all
 seem to be the same. Network management software can find devices via a
 number of methods but all need the hardware vendor's specific management
 software to adequately work with each company's devices. In the case of
 Cisco that would of course be Cisco Works. I don't know yet whether MS's
SMS
 software interfaces with CiscoWorks or not but it would certainly be able
to
 manage it via Active Directory. There are several other companies that
have
 similar software that would integrate with Active Directory as well.

 Hope that helps some,

 David Armstrong

 Mann, Chris  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Can Cisco routers and switches be managed at all from with Microsoft
  Active Directory, or some Active Directory snap-in? I tried looking on
CCO
  and Microsoft.com but did not see too much on how the two of them
 interact,
  if at all.
 
  Thanks,
 
  Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40197t=40095

RE: CID Exam Cert Book [7:39669]

[William Gragido]

Here is my list for the CID:

DCN
Padjen book
Top Down


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Priscilla Oppenheimer
Sent: Tuesday, April 02, 2002 1:13 AM
To: [EMAIL PROTECTED]
Subject: RE: CID Exam Cert Book [7:39669]


At 10:03 PM 4/1/02, Robert Padjen wrote:
Top Down is a great book for DCN, but it's not really
for the CID. I'll go out on a limb and suggest mine (
;) ). Sybex CID Study Guide.

I'm sure you'll get flamed for advertising your own book, but I'm going to
give you a hard time also for lack of accuracy. ;-)

Top-Down Network Design is not a certification book, but it is based on the
work I did on both the Designing Cisco Networks (DCN) and the Cisco
Internetwork Design (CID) training classes when I worked for Cisco.

I have heard that Cisco has made CID match my Top-Down Network Design book
even more closely than before. I know for a fact that the description of
the CID course is taken from my Top-Down Network Design book. I did a
double-take when I read the following text from the description of the CID
class here:
http://www.cisco.com/pcgi-bin/front.x/wwtraining/CELC/index.cgi?action=Cours
eDescCOURSE_ID=321

Good internetwork design recognizes a customer's requirements embody many
business and technical goals, including requirements for availability,
scalability, affordability, security, and manageability. Difficult
internetwork design choices and tradeoffs must be made when designing the
internetwork before any physical devices or media are selected.

CID covers typical internetwork design business and technical goals and
constraints. CID details the top-down design process and the importance of
using systematic methods for internetwork design. Using systematic methods
helps you, the internetwork designer, to keep pace with changing
technologies and customer requirements.

I said to myself, Hey I wrote that. Oh yeah, I should have had a lawyer
look at my book contract. Cisco can use anything I wrote in the book.
Bummer. or maybe not?? ;-]

Priscilla

To save a buck, if you
feel comfortable with the material, you may want to
forgo the big book and use the Exam Notes (used books
are out there too). The new test might focus on
multicast more than the books reflect, and they may
have less StrataCom and ATM, but its close enough.
640-025 (the exam the book was written to) is still
the current version.

Good luck.


--- Andy Barkl  wrote:
  The book is not that great. It has many errors and
  omissions.
  I recommend the Cisco Press Top-Down Network Design
  book for the new CID
  exam.
 
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED]] On Behalf Of
  STRAND Scott
  Sent: Wednesday, March 27, 2002 12:32 PM
  To: [EMAIL PROTECTED]
  Subject: CID Exam Cert Book [7:39669]
 
  Has anyone who has taken the CID exam used the Cisco
  CID Exam
  Certification
  Guide. (Michael Crane, Reggie Terell). I was wanting
  to
  get some opinions on this book, especially the
  practice test on the CD.
  I
  intend to use BOSON as well.
 
  Thanks,
  Scott
  CCNP, CCDA
 
  [GroupStudy.com removed an attachment of type
  application/x-pkcs7-signature
  which had a name of smime.p7s]
[EMAIL PROTECTED]


=
Robert Padjen

__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://http://taxes.yahoo.com/


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40199t=39669
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CID Exam Cert Book [7:39669]

[William Gragido]

I have that book, it is great!  Robert does an excellent job outlining the
intricacies of the CID.  I am taking soon, (probably in May after the
CISSP).  Thanks for the great book Robert!

Regards,

Will

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Robert Padjen
Sent: Monday, April 01, 2002 9:03 PM
To: [EMAIL PROTECTED]
Subject: RE: CID Exam Cert Book [7:39669]


Top Down is a great book for DCN, but it's not really
for the CID. I'll go out on a limb and suggest mine (
;) ). Sybex CID Study Guide. To save a buck, if you
feel comfortable with the material, you may want to
forgo the big book and use the Exam Notes (used books
are out there too). The new test might focus on
multicast more than the books reflect, and they may
have less StrataCom and ATM, but its close enough.
640-025 (the exam the book was written to) is still
the current version.

Good luck.


--- Andy Barkl  wrote:
 The book is not that great. It has many errors and
 omissions.
 I recommend the Cisco Press Top-Down Network Design
 book for the new CID
 exam.


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] On Behalf Of
 STRAND Scott
 Sent: Wednesday, March 27, 2002 12:32 PM
 To: [EMAIL PROTECTED]
 Subject: CID Exam Cert Book [7:39669]

 Has anyone who has taken the CID exam used the Cisco
 CID Exam
 Certification
 Guide. (Michael Crane, Reggie Terell). I was wanting
 to
 get some opinions on this book, especially the
 practice test on the CD.
 I
 intend to use BOSON as well.

 Thanks,
 Scott
 CCNP, CCDA

 [GroupStudy.com removed an attachment of type
 application/x-pkcs7-signature
 which had a name of smime.p7s]
[EMAIL PROTECTED]


=
Robert Padjen

__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40198t=39669
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IOS Firewall Feature Set -Blocking Attacks [7:40141]

[Roberts, Larry]

Or as a simple solution, put a route for his IP address to Null0.
His return traffic will never make it. This will not stop a denial of
service,
But it will stop any return traffic like port scans and such. This machine
will effectively
Disappear to him...

Thanks

Larry 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:19 AM
To: [EMAIL PROTECTED]
Subject: Re: IOS Firewall Feature Set -Blocking Attacks [7:40141]


Hi,

You can configure a simple inbound  access-list at your outside interface
of your router   to deny inbound connection from the specific host to web
server.
or the other way is to enable ip audit on the router and in the action
specify it as reset.

Kind Regards /Thangavel
--
CCIE (qual),CCS,CCDP,CCNP,MCSE

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela




 

   
Clayton
Dukes   To:
[EMAIL PROTECTED]
   Fax
to:
Sent by: Subject: IOS Firewall Feature
Set -Blocking Attacks [7:40141]
   
nobody@groups
   
tudy.com
 

 

   
02/04/2002
   
06:44
   
Please
respond
to
   
Clayton
   
Dukes
 

 





Hi everyone,

I have a specific IP address that constantly tries to attack my webserver.
How can I block that IP address while allowing all others through?

My config uses NAT extendable to translate the outside Ip to port 80 on an
internal address. I want to allow the world to access that port EXCEPT for
ip z.z.z.z, Can someone recommend a good way?

TIA!



Clayton Dukes
Cisco Info Center SE
Micromuse, Inc.
CCNA, CCDA, CCDP, CCNP, NCC
(h) 904-292-1881
(c) 904-477-7825
**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential or priveleged
information, if you are not the named addressee or the person responsible
for delivering the message to the named 
addressee, please advise the sender by return e-mail. The contents should
not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice
Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40200t=40141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: DTE DCE WAN Simulation [7:40183]

[george gittins]

set the clockrate on the serial interface that has the dce cable attached to
64000


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of v
s
Sent: Tuesday, April 02, 2002 6:43 AM
To: [EMAIL PROTECTED]
Subject: DTE DCE WAN Simulation [7:40183]


In setting up at home lab back to back 2501's with dte dce cable

Is there anything special you need to do to pass traffic in a simulated WAN
environment.

Clocking host table




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40202t=40183
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: access-list problem [7:40092]

[Richard Botham]

Shawn,

(Unless I misunderstand what you need!!)

The following line in your acl  - 

!permit anyone to 172.16.1.0 port 80--web server 
access-list 101 permit tcp any 172.16.1.0 0.0.0.255 eq www 

Is saying 2 permit any source to get to 172.16.1.0 where the traffic is web
traffic.


As you would not be advertising 172.16.1.0 /24 on the internet you should
really be permiting traffic from any source to the natted addresses of your
web servers and not the inside address.
No one will ever target the 172.16.1.0 from the outside.

Hope that helps

Regards
Rich



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40203t=40092
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40035]

[[EMAIL PROTECTED]]

Its in english now
http://www.certificationzone.com/studyguides/studyview/?Issue=51IssueDate=04-02-2002CP=1




Brian Zeitz @groupstudy.com on 04/01/2002
12:00:40 PM

Please respond to Brian Zeitz 

Sent by:  [EMAIL PROTECTED]


To:   [EMAIL PROTECTED]
cc:

Subject:  RE: MPLS White Paper Announcement [7:40035]


I am not fluent in Russian, but I am fluent on how to translate stuff
using Office XP. I have a plugin that translates any document language
to any other language. Check out Worldlingo.com, you might be able to
translate it there for free. There are some cool free plug ins for
Office XP.

I can do really cool stuff, not just the simple stuff like Spanish or
French. I can translate my English documents to Japanese, or even
Chinese, Viet etc. and vice versa. So the joke is not on me :) Thanks
for the free guide :)

-Original Message-
From: Tim O'Brien [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: RE: MPLS White Paper Announcement [7:40035]

Yea.. I am sure it is great.. if you are fluent in Russian

Tim
CCIE 9015

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
David Wolsefer
Sent: Monday, April 01, 2002 10:21 AM
To: [EMAIL PROTECTED]
Subject: MPLS White Paper Announcement [7:40035]


Galina Pildush is publishing an MPLS white paper today on
www.certificationzone.com. You better hurry though because it will only
be
available free for today only. This should be an excellent source for
those
studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS well.

Regards,

David Wolsefer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40201t=40035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: JUNIPER TO BUY CISCO!!!!!!!! [7:40056]

[xoai]

:)
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 How about -

 NICER CPU I JOS

 RICE CPU JOINS

 CONJURES PIC I

 or even SCOPIC INJURE?

 Dom Stocqueler









 Chuck

 cc:
 Sent by: Subject: Re: JUNIPER TO BUY
 CISCO [7:40056]

 nobody@groups

 tudy.com



 01/04/2002

 22:27

 Please
 respond
 to

 Chuck






 perhaps a better name would be cissi-fer( sissy fur )

 anyone any good at anagrams. maybe among the combined letter of cisco and
 juniper there is some good pun or other.

 B Rudy  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  JUNIPER IS MAKING A BID TO PURCHASE CISCO SYSTEMS THE COMPANY WILL
  EVENTUALLY BE CALLED JUNICO!!! PLEASE COMMENT ON THIS
 
 
  RUDY B




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40204t=40056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: root switch [7:39975]

[Larry Letterman]

that is correct.


Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
EFIRD, TREECE (CONTRACTOR)
Sent: Tuesday, April 02, 2002 7:06 AM
To: [EMAIL PROTECTED]
Subject: RE: root switch [7:39975]


I'm assuming that the use of spantree portfast is coupled with the use
of this command:

set spantree portfast bpdu-guard enable

When this command is applied to the switch, and it will prevent a port
configured as a end-station port from being used as an uplink port from
another switch. Any BPDUs (Bridge Protocol Data Units) seen on a port
where the macro command set port host (or in this case set spantree
portfast) has been applied will cause the port to go into an
errDisable state.

The use of this command is intended to prevent unauthorized switching
devices from being connected to the LAN via the user ports. We use it in
our organization, and it is effective.

Treece

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 01, 2002 5:14 PM
To: [EMAIL PROTECTED]
Subject: RE: root switch [7:39975]


At 01:50 AM 4/1/02, Larry Letterman wrote:
For the most part here at Cisco, we have no guarrantee
that setting a switch to root will stop another switch from coming up
as root. However, we set all our roots/sec roots by issuing the set
spantree root command. This should lower the prio. of the root/sec root

switches to insure that they will always be the roots...

We also use portfast to insure no unwanted switches are plugged into
our network and allowed to become live

Does that really work? A port in portfast mode still listens to BPDUs in

case another switch instead of a workstation gets connected. If another
switch gets connected, the port will do its normal blocking, listening,
learning, and forwarding state transitions. I don't think just
configuring
portfast will stop an unwanted switch from becoming live?? Were you
thinking of something else maybe?

Thanks,

Priscilla



Larry Letterman
Cisco Systems
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, March 31, 2002 10:12 PM
To: [EMAIL PROTECTED]
Subject: RE: root switch [7:39975]


as you know, my switch doesn't become a root swtich,so i set a higher
priority in my switch,which method can be sure my swithc never come to
root? thanks.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40206t=39975
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MPLS White Paper Announcement [7:40207]

[Semion Lisyansky]

Hi List,

If you would read this study guide to it's end,
you could find there nice ~10 lines perl script
which explains what the guy actually did - he just
shifted ascii of each english letter 128 chars.
Have I mentioned that my mother tongue is Russian?

-- 
Semion Lisyansky mailto:[EMAIL PROTECTED]

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
David Wolsefer
Sent: Monday, April 01, 2002 10:21 AM
To: [EMAIL PROTECTED]
Subject: MPLS White Paper Announcement [7:40035]


Galina Pildush is publishing an MPLS white paper today on
www.certificationzone.com. You better hurry though because it will only be
available free for today only. This should be an excellent source for those
studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS well.

Regards,

David Wolsefer


_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40207t=40207
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 7206VXR IOS Rec [7:40188]

[MADMAN]

FWIW I have a couple customers running dual homed Internet connections
with 7206VXRs, running 12.2.6 and so far so good.  They have PA-A3-T3
and PA-T3.

  Dave

Richard Tufaro wrote:
 
 Anyone have a good recommendation for an IOS on a 7206VXR with a PA2-T3+?
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40209t=40188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: JUNIPER TO BUY CISCO!!!!!!!! [7:40056]

[B Rudy]

Hey smart guy, If you were a true Engineer you would have noticed that the
post was dated April 1st.  Good jobBen Liang Tan wrote:
 




 hey, today is not 1st of April !!!
 
 Wake up my friend
 
 
 From: B Rudy 
 Reply-To: B Rudy 
 To: [EMAIL PROTECTED]
 Subject: JUNIPER TO BUY CISCO [7:40056]
 Date: Mon, 1 Apr 2002 12:27:28 -0500
 
 JUNIPER IS MAKING A BID TO PURCHASE CISCO SYSTEMS THE COMPANY
 WILL
 EVENTUALLY BE CALLED JUNICO!!! PLEASE COMMENT ON THIS
 
 
 RUDY B
 _
 Get your FREE download of MSN Explorer at
 http://explorer.msn.com/intl.asp.
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40210t=40056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 7206VXR IOS Rec [7:40188]

[Patrick Ramsey]

that module has a built in dsu right?

 MADMAN  04/02/02 12:16PM 
FWIW I have a couple customers running dual homed Internet connections
with 7206VXRs, running 12.2.6 and so far so good.  They have PA-A3-T3
and PA-T3.

  Dave

Richard Tufaro wrote:
 
 Anyone have a good recommendation for an IOS on a 7206VXR with a PA2-T3+?
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED] 
612-664-3367

Emotion should reflect reason not guide it
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40211t=40188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS White Paper Announcement [7:40207]

[Tom Ranalli]

Interesting.  Yesterday, I just copied the HTML and changed the charset to
US-ASCII and voila - when I browsed it, I could read it.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Semion Lisyansky
Sent: Tuesday, April 02, 2002 9:00 AM
To: [EMAIL PROTECTED]
Subject: Re: MPLS White Paper Announcement [7:40207]


Hi List,

If you would read this study guide to it's end,
you could find there nice ~10 lines perl script
which explains what the guy actually did - he just
shifted ascii of each english letter 128 chars.
Have I mentioned that my mother tongue is Russian?

--
Semion Lisyansky mailto:[EMAIL PROTECTED]

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
David Wolsefer
Sent: Monday, April 01, 2002 10:21 AM
To: [EMAIL PROTECTED]
Subject: MPLS White Paper Announcement [7:40035]


Galina Pildush is publishing an MPLS white paper today on
www.certificationzone.com. You better hurry though because it will only be
available free for today only. This should be an excellent source for those
studying for the CS exam. As a CCIE and JNCIE, Galina knows MPLS well.

Regards,

David Wolsefer


_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40212t=40207
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MPPP for DS-3's [7:40213]

[Woods, Randall, SOLCM]

Has anyone ever tried to created a mullilink PPP bundle with DS-3's? A
coworker was wondering and I never thought about it myself. I've only
configured it for t-1's. I would assume the overhead might be bad for the
router instead of using CEF or just letting the routing protocol load
balance. Any thoughts?


Woody
CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40213t=40213
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: please help **location migration** [7:40162]

[Kent Hundley]

Kevin,

Check out local area mobility, it looks like it may fit your needs:

http://www.cisco.com/warp/public/cc/pd/iosw/ioft/lam/tech/lamso_wp.htm

HTH,
Kent


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kevin Campbell
Sent: Tuesday, April 02, 2002 2:49 AM
To: [EMAIL PROTECTED]
Subject: please help **location migration** [7:40162]


I work for a collocation and bandwidth provider and need help with an issue
for a migration.

We need to move about 30 servers from a offsite location to our data center.
The move of the servers needs to be done over the period of a month.  We
need to do this without changing the ip addresses of the servers. so either
through an internet connection or wan link (both possible) we need to share
the ip block. It cannot be subnetted and must remain a single ip block.  We
have ruled out the use of bridge groups across a T1 circuit and would like a
better option than using a VPN. If you have any ideas please help.

thanks for the help and all the useful post.  I have been in this group for
about 6 months and have made very few posts but have benefited immensely
from users in this group.  I thank you for that.

Kevin Campbell MCSE, MCT, CCNP

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40214t=40162
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Wierd [7:40215]

[Richard Tufaro]

anyone know what the heck this is...my 7206 is having difficulties booting:


rommon 6  boot disk0:c7200-js-mz.121-14.bin

loadprog: error - on load of image from file system with monlib
boot: cannot load disk0:c7200-js-mz.121-14.bin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40215t=40215
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Gear for Sale [7:40216]

[Craig Crosby]

I am currently selling off some gear, below is what I currently have:

PIX-520-UR w/ 4FE: $5200.00
(GREAT FOR CCIE SECURITY STUDIES)


MC3810 w/ (2) FXO, (3) FXS, (1) EM, (1)T1MFT: $1550.00
(PERFECT SOLUTION FOR VOICE TRAINING)


FS: PIX-515-UR w/ 4FE: $5500.00
(GREAT FOR CCIE SECURITY PRACTICE)


FS: Lucent Portmaster 3 (PM3-2T) w/ 48 Modems: $2300.00
(PERFECT ACCESS SERVER)


Thank you,
Craig Crosby


--

Your certified specialist for:
Cisco  Cerent  3Com  Lucent
Kentrox  Adtran  Paradyneand more.


Craig Crosby, CCNA  [EMAIL PROTECTED]
Maxis Technologies, Inc   p: 1-800-79-MAXIS
433 W. Wilshire   f: 405-841-7882
Oklahoma City, OK 73116

AOL IM: CRAIGatMAXIS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40216t=40216
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 7206VXR IOS Rec [7:40188]

[Roberts, Larry]

I have a 7204VXR with both a PA-T3+ and what I believe is the PA-3-TA. We
run 12.1.1 and have had no issues in over a year.
Not exactly what your looking for, but fairly close.

I have a 7206VXR with a PA-T3+ and PA-3-TA running 12.1.3a and it has had no
issues either, but the PA-T3+ has only been in for 3-4 months.
I suspect that any issues would have cropped up by now, but I wanted to at
least put the disclaimer.

For the record, each of them have one interface Riding the Light as well.


Thanks

Larry 

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 12:16 PM
To: [EMAIL PROTECTED]
Subject: Re: 7206VXR IOS Rec [7:40188]


FWIW I have a couple customers running dual homed Internet connections with
7206VXRs, running 12.2.6 and so far so good.  They have PA-A3-T3 and PA-T3.

  Dave

Richard Tufaro wrote:
 
 Anyone have a good recommendation for an IOS on a 7206VXR with a 
 PA2-T3+?
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40217t=40188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RFC's [7:40219]

[Priscilla Oppenheimer]

At 11:48 AM 4/2/02, Hugo Taxa wrote:
Sorry to bug you, but I'm looking for something and you being very 
knowledgeable in RFCs, are bvound to be a great help. Do you know which 
RFC has the definition of SNMPv2 Traps? I'm looking for information about 
where the SNMP community travels inside the PDU.

Many thanks,
Hugo Taxa

PS-Do you know any list of Funny RFCs?

I'm going to copy the group on this one in case they have more insight. I 
find the SNMP RFCs to be especially confusing. I think you'll find what 
you're looking for (the placement of the community string in PDUs) in RFC 
1157. The placement is probably the same in Traps as it is in any PDU. I 
think it's the same for SNMPv1 versus v2, but I don't know for sure. You 
could try RFC 1905 also.

There is a list of funny RFCs here:

http://www.speech.cs.cmu.edu/~sburke/rfchumor.html

Priscilla





Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40219t=40219
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CID Exam Cert Book [7:39669]

[Priscilla Oppenheimer]

At 10:07 AM 4/2/02, Cebuano wrote:
Priscilla,
Maybe it's time to switch publishers like Howard's. Unless your upcoming
book prevents Cisco from doing what they did to TDND's contract.
BTW - when is the next book due for release?

Hey, you guys keep giving me a chance to get in some free advertising! ;-)

My next book is about troubleshooting. It is written (with Joseph 
Bardwell's help), but the publisher (Wiley) is still doing the production. 
Stay tuned. Thanks for asking. There's more info here:

http://www.troubleshootingnetworks.com/

Hopefully the date that Amazon is reporting (July) is worst case!

By the way, I approve of Robert Padjen's book on CID also. I wrote a good 
review of it for Amazon. My review is sincere and I'm not at all 
compensated for it (in fact, sort of the opposite! ;-)

Priscilla



Elmer

- Original Message -
From: Priscilla Oppenheimer
To:
Sent: Tuesday, April 02, 2002 2:12 AM
Subject: RE: CID Exam Cert Book [7:39669]


  At 10:03 PM 4/1/02, Robert Padjen wrote:
  Top Down is a great book for DCN, but it's not really
  for the CID. I'll go out on a limb and suggest mine (
  ;) ). Sybex CID Study Guide.
 
  I'm sure you'll get flamed for advertising your own book, but I'm going
to
  give you a hard time also for lack of accuracy. ;-)
 
  Top-Down Network Design is not a certification book, but it is based on
the
  work I did on both the Designing Cisco Networks (DCN) and the Cisco
  Internetwork Design (CID) training classes when I worked for Cisco.
 
  I have heard that Cisco has made CID match my Top-Down Network Design
book
  even more closely than before. I know for a fact that the description of
  the CID course is taken from my Top-Down Network Design book. I did a
  double-take when I read the following text from the description of the
CID
  class here:
 
http://www.cisco.com/pcgi-bin/front.x/wwtraining/CELC/index.cgi?action=Cours
eDescCOURSE_ID=321
 
  Good internetwork design recognizes a customer's requirements embody
many
  business and technical goals, including requirements for availability,
  scalability, affordability, security, and manageability. Difficult
  internetwork design choices and tradeoffs must be made when designing the
  internetwork before any physical devices or media are selected.
 
  CID covers typical internetwork design business and technical goals and
  constraints. CID details the top-down design process and the importance
of
  using systematic methods for internetwork design. Using systematic
methods
  helps you, the internetwork designer, to keep pace with changing
  technologies and customer requirements.
 
  I said to myself, Hey I wrote that. Oh yeah, I should have had a lawyer
  look at my book contract. Cisco can use anything I wrote in the book.
  Bummer. or maybe not?? ;-]
 
  Priscilla
 
  To save a buck, if you
  feel comfortable with the material, you may want to
  forgo the big book and use the Exam Notes (used books
  are out there too). The new test might focus on
  multicast more than the books reflect, and they may
  have less StrataCom and ATM, but its close enough.
  640-025 (the exam the book was written to) is still
  the current version.
  
  Good luck.
  
  
  --- Andy Barkl  wrote:
The book is not that great. It has many errors and
omissions.
I recommend the Cisco Press Top-Down Network Design
book for the new CID
exam.
   
   
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
STRAND Scott
Sent: Wednesday, March 27, 2002 12:32 PM
To: [EMAIL PROTECTED]
Subject: CID Exam Cert Book [7:39669]
   
Has anyone who has taken the CID exam used the Cisco
CID Exam
Certification
Guide. (Michael Crane, Reggie Terell). I was wanting
to
get some opinions on this book, especially the
practice test on the CD.
I
intend to use BOSON as well.
   
Thanks,
Scott
CCNP, CCDA
   
[GroupStudy.com removed an attachment of type
application/x-pkcs7-signature
which had a name of smime.p7s]
  [EMAIL PROTECTED]
  
  
  =
  Robert Padjen
  
  __
  Do You Yahoo!?
  Yahoo! Tax Center - online filing with TurboTax
  http://http://taxes.yahoo.com/
  
 
  Priscilla Oppenheimer
  http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40218t=39669
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 7206VXR IOS Rec [7:40188]

[MADMAN]

Yes

  Dave

Patrick Ramsey wrote:
 
 that module has a built in dsu right?
 
  MADMAN  04/02/02 12:16PM 
 FWIW I have a couple customers running dual homed Internet connections
 with 7206VXRs, running 12.2.6 and so far so good.  They have PA-A3-T3
 and PA-T3.
 
   Dave
 
 Richard Tufaro wrote:
 
  Anyone have a good recommendation for an IOS on a 7206VXR with a PA2-T3+?
 --
 David Madland
 Sr. Network Engineer
 CCIE# 2016
 Qwest Communications Int. Inc.
 [EMAIL PROTECTED]
 612-664-3367
 
 Emotion should reflect reason not guide it
   Confidentiality DisclaimerThis email and any files
transmitted with it may contain confidential and
 /or proprietary information in the possession of WellStar Health System,
 Inc. (WellStar) and is intended only for the individual or entity to whom
 addressed.  This email may contain information that is held to be
 privileged, confidential and exempt from disclosure under applicable law.
If
 the reader of this message is not the intended recipient, you are hereby
 notified that any unauthorized access, dissemination, distribution or
 copying of any information from this email is strictly prohibited, and may
 subject you to criminal and/or civil liability. If you have received this
 email in error, please notify the sender by reply email and then delete
this
 email and its attachments from your computer. Thank you.
 
 
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40220t=40188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Duplicate messages from GroupStudy Listserve [7:40077]

[Jim Dixon]

Yea I have had it as well as several others on this list
who were all using Outlook as a mail client.
Do this:
Delete all your rules.  
Still having trouble?
Remove and Re-install Outlook.
That should fix your dupes issue.
It fixed mine.

My rules were my problem.  I deleted them all
and re-created them and now I don't get the dupes anymore.

Strange but true.  I had changed PC's and moved my PST file 
to the new location.  I am thinking that changing PC's
may be partly to blame since my rules also followed me.
But I have not verified this theory.  

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 02, 2002 09:29
To: [EMAIL PROTECTED]
Subject: RE: Duplicate messages from GroupStudy Listserve [7:40077]
You may find some help from RFC 2321, The Reliable Internetwork 
Troubleshooting Agent (RITA)

I've been dying to use that one!

Not that I don't take your problem seriously. ;-)

Priscilla

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Andy Barkl
Sent: Monday, April 01, 2002 1:40 PM
To: [EMAIL PROTECTED]
Subject: Duplicate messages from GroupStudy Listserve [7:40077]


No matter how many times I subscribe, unsubscribe, and re-subscribe, I
can't get the GroupStudy Listserve server to send me only 1 copy of all
messages, it always sends me at least 2.

Has anyone who has recently subscribed or re-subscribed having the same
problem?

I don't want to bother the list moderator or Paul until I can confirm
the problem is not on my end.

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40205t=40077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

COX Cable and Cisco uBR924 owners [7:40208]

[Cebuano]

Hi, all.
This is just a short notice for people on this list that are subscribers of
Cox Communications and have been denied the use of the Cisco uBR924 or newer
models.
I have battled the company's politics in the past when i wanted to connect my
uBR924 to their network. I even escalated my request to their Tech.
Engineering Dept. in San Diego, only to be told that they no longer support
any Cisco cable modems in their database.
Alas, after a few months of being quarantined by the likes of Doyle, Halabi
and the gang, i was able to spare a few hours to configure my uBR for basic
bridging operation (config is on CCO) and call up their local tech support
and
lied that I wanted to register a Toshiba modem. Gave the tech the MAC and
Serial number (thank G~d she did not recognize these as Cisco numbers!!), and
in two minutes my unit was provisioned.
I hope this message helps one or more list subscribers.
Albeit I still believe for most transactions that Honesty is the best policy
(hey, I was honest in my quest :- )


Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40208t=40208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MPPP for DS-3's [7:40213]

[MADMAN]

As I haven ranted in the past, for parallel path load sharing just say
no to PPP.  CEF works great, is efficient and easy to configure.  PPP
has more overhead, interleaving, fragmentation (which yes can be
disabled and should if you choose PPP) all for what??  You can save IP
addresses but this is most often a moot point, use RFC1918 addresses.

  Dave

Woods, Randall, SOLCM wrote:
 
 Has anyone ever tried to created a mullilink PPP bundle with DS-3's? A
 coworker was wondering and I never thought about it myself. I've only
 configured it for t-1's. I would assume the overhead might be bad for the
 router instead of using CEF or just letting the routing protocol load
 balance. Any thoughts?
 
 Woody
 CCNP
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40221t=40213
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Wierd [7:40215]

[MADMAN]

do a dir disk0:

  Dave

Richard Tufaro wrote:
 
 anyone know what the heck this is...my 7206 is having difficulties
booting:
 
 rommon 6  boot disk0:c7200-js-mz.121-14.bin
 
 loadprog: error - on load of image from file system with monlib
 boot: cannot load disk0:c7200-js-mz.121-14.bin
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40222t=40215
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco Works 2000 [7:40223]

[Danny]

Having issues running Cisco Works 2000 on an 2000 server.
It was installed but it seems that nothing is working--can't use any
functions.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40223t=40223
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MCNS Boson test [7:40224]

[Sanjay Dalal]

Does anyone know which test from BOSON  is best for MCNS test ?

There are three tests available at their site and am wondering which one
should i buy ?
MCNS #1
MCNS#2
MCNS #3

thanks in advance

Sanjay




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40224t=40224
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Works 2000 [7:40223]

[John Neiberger]

It is absolutely necessary to get a support contract for this software. 
You will probably be making at least two or three calls to TAC to get
this working correctly.  Save yourself a LOT of trouble by getting
software support as soon as possible.  If you can successfully get this
running without a single call to TAC, I salute you.  :-)

John

 Danny  4/2/02 12:26:14 PM 
Having issues running Cisco Works 2000 on an 2000 server.
It was installed but it seems that nothing is working--can't use any
functions.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40226t=40223
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

re: voip em [7:40225]

[Joseph Rago]

I have two 2610 routers, one in new york and one in miami

These two routers are connected to pbx via e/m cards.
When a call is initiated from miami, a ring back tone is heard before the
user picks up the phone.
However, when the call is initiated from new york, no ring back tone is
heard


 Any suggestions would be appreciated

 Joe R.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40225t=40225
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: voip em [7:40225]

[Steven A Ridder]

Need more info.

--
RFC 1149 Compliant



Joseph Rago  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have two 2610 routers, one in new york and one in miami

 These two routers are connected to pbx via e/m cards.
 When a call is initiated from miami, a ring back tone is heard before the
 user picks up the phone.
 However, when the call is initiated from new york, no ring back tone is
 heard


  Any suggestions would be appreciated

  Joe R.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40227t=40225
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

test prep 607 CCNA HELP [7:40228]

[Jimmy]

I'm studying for the CCNA test.  but should i wait to pick up the Sybex 607
book, or will the 507 book suffice?
You guys mention Todd's book.  You guys are reffering to the Sybex book
right?
Also, is the test the same as the 507 but with simulators or did they scrap
the entire question list and start a new one?  Please help me out...

thanks,
 Jimmy.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40228t=40228
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MCNS Boson test [7:40224]

[Ole Drews Jensen]

This doesn't answer your question perfectly, but could be a good advise.

What I do is to take all the tests, and the one I score the worst in I buy.

I also look who wrote the test to see if I recognize a writer from a
previous good test.

I have not tried the MCNS tests yet, so I cannot give you any
recommendations.

Hth,

Ole

~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~
 http://www.RouterChief.com
~
 Need a Job?
 http://www.OleDrews.com/job
~



-Original Message-
From: Sanjay Dalal [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 02, 2002 1:49 PM
To: [EMAIL PROTECTED]
Subject: MCNS Boson test [7:40224]


Does anyone know which test from BOSON  is best for MCNS test ?

There are three tests available at their site and am wondering which one
should i buy ?
MCNS #1
MCNS#2
MCNS #3

thanks in advance

Sanjay




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40229t=40224
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Carrier Lost [7:40230]

[PING]

If I have a setup:
R1 (E3/3)-(E2/3) R2
I want to make R1 think that it has lost the carrier as if I were
pulling the cable
out at R1 and this message should come up:
1d02h: %AMDP2_FE-5-LOSTCARR: Ehernet3/3 cable/transceiver problem?

A line flap by doing shut/no shut at R1 will not cause a carrier lost at
R1.
Also, administrative shutdown.is not the solution.
I want to automate this because I need to do this repeatedly.
Question: Is there any command or other way to cause this at R1 without
jittering the cable?

Nadeem
==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40230t=40230
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: test prep 607 CCNA HELP [7:40228]

[Robert Fowler]

For a more detailed answer on this I would recommend reading the article at
TCPMAG.com . It has a great article from someone who has taken all 3 the
407, 507 and 607. Basically he says the material is the same just the way
it's presented is different although he is careful not to break the NDA. 

Robert

-Original Message-
From: Jimmy [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 3:24 PM
To: [EMAIL PROTECTED]
Subject: test prep 607 CCNA HELP [7:40228]

I'm studying for the CCNA test.  but should i wait to pick up the Sybex 607
book, or will the 507 book suffice?
You guys mention Todd's book.  You guys are reffering to the Sybex book
right?
Also, is the test the same as the 507 but with simulators or did they scrap
the entire question list and start a new one?  Please help me out...

thanks,
 Jimmy.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40231t=40228
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco Works 2000 [7:40223]

[Roberts, Larry]

What version of CiscoWorks 2000 ( RME 3.3 ...)

I have CW2K under Windows 2K and have had no issues other than performance
ones. ( performance dropped in comparison to NT4 )

When you say it isn't working, can you be more specific ? Does IE bring up a
page not found? Does it bring up a login box ?


Thanks

Larry 

-Original Message-
From: Danny [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:26 PM
To: [EMAIL PROTECTED]
Subject: Cisco Works 2000 [7:40223]


Having issues running Cisco Works 2000 on an 2000 server.
It was installed but it seems that nothing is working--can't use any
functions.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40232t=40223
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco Works 2000 [7:40223]

[Larry Perdue]

I agree with John.  The best advice I know to give you would be to put as
much memory in the CW2000 station as possible and when accessing the console
from the CW2000 station itself, use the IP address of the station in the URL
instead of http://127.0.0.1 or http://localhost.  Doing those two things
resolved most of my issues.


-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 02, 2002 3:02 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco Works 2000 [7:40223]


It is absolutely necessary to get a support contract for this software. 
You will probably be making at least two or three calls to TAC to get
this working correctly.  Save yourself a LOT of trouble by getting
software support as soon as possible.  If you can successfully get this
running without a single call to TAC, I salute you.  :-)

John

 Danny  4/2/02 12:26:14 PM 
Having issues running Cisco Works 2000 on an 2000 server.
It was installed but it seems that nothing is working--can't use any
functions.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40233t=40223
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MCNS Boson test [7:40224]

[Alex Lei]

Hello,

I used Bernard Omrani's test (#2, I think). I liked the questions, and
Bernard replied promptly when I took issue with one of the questions.

Alex

Ole Drews Jensen wrote:
 
 This doesn't answer your question perfectly, but could be a
 good advise.
 
 What I do is to take all the tests, and the one I score the
 worst in I buy.
 
 I also look who wrote the test to see if I recognize a writer
 from a
 previous good test.
 
 I have not tried the MCNS tests yet, so I cannot give you any
 recommendations.
 
 Hth,
 
 Ole
 
 ~
  Ole Drews Jensen
  Systems Network Manager
  CCNP, MCSE, MCP+I
  RWR Enterprises, Inc.
  [EMAIL PROTECTED]
 ~
  http://www.RouterChief.com
 ~
  Need a Job?
  http://www.OleDrews.com/job
 ~
 
 
 
 -Original Message-
 From: Sanjay Dalal [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, April 02, 2002 1:49 PM
 To: [EMAIL PROTECTED]
 Subject: MCNS Boson test [7:40224]
 
 
 Does anyone know which test from BOSON  is best for MCNS test ?
 
 There are three tests available at their site and am wondering
 which one
 should i buy ?
 MCNS #1
 MCNS#2
 MCNS #3
 
 thanks in advance
 
 Sanjay
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40234t=40224
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Carrier Lost [7:40230]

[Marko Milivojevic]

Is it an option to insert a device in between those two routers
for testing purpses?

If it is, I think it would be relatively simple to make a simple
device that will act as an electrical switch, that could break the
connection. Connect this with some timer (we're talking relatively simple
electronics here + it could be computer controlled - see Linux Coffee-HOWTO
for details on this). and you can have what you need.

Of course, this most probably violates cable standards/recommendations,
but this is what you want in the end - errors ;-)


Marko.

- Original Message -
From: PING 
To: [EMAIL PROTECTED]
Date: Tue, 2 Apr 2002 15:41:23 -0500
Subject: Carrier Lost [7:40230]

If I have a setup:
R1 (E3/3)-(E2/3) R2
I want to make R1 think that it has lost the carrier as if I were
pulling the cable
out at R1 and this message should come up:
1d02h: %AMDP2_FE-5-LOSTCARR: Ehernet3/3 cable/transceiver problem?

A line flap by doing shut/no shut at R1 will not cause a carrier lost at
R1.
Also, administrative shutdown.is not the solution.
I want to automate this because I need to do this repeatedly.
Question: Is there any command or other way to cause this at R1 without
jittering the cable?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40236t=40230
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

re: voip em [7:40225]

Could be echo problems?!?


From: Joseph Rago 
Reply-To: Joseph Rago 
To: [EMAIL PROTECTED]
Subject: re: voip em [7:40225]
Date: Tue, 2 Apr 2002 15:01:51 -0500

I have two 2610 routers, one in new york and one in miami

These two routers are connected to pbx via e/m cards.
When a call is initiated from miami, a ring back tone is heard before the
user picks up the phone.
However, when the call is initiated from new york, no ring back tone is
heard


  Any suggestions would be appreciated

  Joe R.
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40237t=40225
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MCNS Boson test [7:40224]

[x]

Bernard Omrani is very helpful.  I sent him a
correction and a question and he answered both.


--- Alex Lei  wrote:
 Hello,
 
 I used Bernard Omrani's test (#2, I think). I liked
 the questions, and
 Bernard replied promptly when I took issue with one
 of the questions.
 
 Alex
 
 Ole Drews Jensen wrote:
  
  This doesn't answer your question perfectly, but
 could be a
  good advise.
  
  What I do is to take all the tests, and the one I
 score the
  worst in I buy.
  
  I also look who wrote the test to see if I
 recognize a writer
  from a
  previous good test.
  
  I have not tried the MCNS tests yet, so I cannot
 give you any
  recommendations.
  
  Hth,
  
  Ole
  
  ~
   Ole Drews Jensen
   Systems Network Manager
   CCNP, MCSE, MCP+I
   RWR Enterprises, Inc.
   [EMAIL PROTECTED]
  ~
   http://www.RouterChief.com
  ~
   Need a Job?
   http://www.OleDrews.com/job
  ~
  
  
  
  -Original Message-
  From: Sanjay Dalal [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, April 02, 2002 1:49 PM
  To: [EMAIL PROTECTED]
  Subject: MCNS Boson test [7:40224]
  
  
  Does anyone know which test from BOSON  is best
 for MCNS test ?
  
  There are three tests available at their site and
 am wondering
  which one
  should i buy ?
  MCNS #1
  MCNS#2
  MCNS #3
  
  thanks in advance
  
  Sanjay
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40239t=40224
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame Relay OSPF [7:40240]

[brett.eitland]

Mocking up a partial mesh frame relay lab running OSPF.

Hub router = multipoint subinterface (default OSPF network type =
Nonbroadcast)
Spoke router = point-to-point subinterface (default OSPF network type =
point-to-point)

I know that the point-to-point network type setting will cause adjacencies to
form and no DR/BDR selection. But why is the
adjacency forming between the hub router (OSPF network type = Nonbroadcast)
and the spoke router (OSPF network type = pt-to-pt) when
there are network type mismatches?

'debug ip ospf adj' shows the hello packets being exchanged with no
comoplaints about mismatched parameters. I have searched the CCO website
but am not able to find anything explaining this. Can some elaborate please
or
point me in the right direction.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40240t=40240
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Split horizon [7:40241]

[x]

Do RIP and IGRP disable split horizon in a frame relay
hub and spoke topology?

I have one source that says both do, one that says
only RIP and one that says only IGRP.  What is the
real answer?

__
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40241t=40241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Load-Balancing with 2 providers...Possible?? [7:40242]

[Cisco Nuts]

Hello,
Is it possible to load-balance BGP traffic with 2 service providers...I know 
it is possible to load balance with 2 circuits to the same provider using 
ebgp-multihop and update-source and cef but with 2 circuits to 2 different 
providers??
Thank you for your help.

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40242t=40242
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPSEC question scenario [7:40025]

[Gaz]

CCIE (qual)?

Is this a new CCIE track?  CCIE Quality Control perhaps?

Gaz
Professor of Urinary Extraction (qual)

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Rik,

 You can include  a access-list on your router to permit esp,ahp and UDP
 port 500 for isakmp
 Ur access-list should like one given below,

 access-list acl-name permit esp src_ip dest_ip
 access-list acl-name permit ahp src_ip dest_ip
 access-list acl-name permit udp src_ip dest_ip eq isakmp

 Kind Regards /Thangavel
 --
 CCIE (qual),CCS,CCDP,CCNP,MCSE
 
 186K
 Reading,Brkshire
 Direct No   -0118 9064259
 Mobile No  -07796292416
 Post code: RG16LH
 www.186k.co.uk

 --
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela

 



 Ricky
 Chan

 cc:
 Sent by: Fax
 to:
 nobody@groupsSubject: IPSEC question
 scenario [7:40025]

 tudy.com



 01/04/2002

 14:01

 Please
 respond
 to
 Ricky
 Chan






 Hi all,

 I have another scenario question and would like to hear from your
expertise
 opinion.

 machine A  10.10.10.1/24
 machine B  10.10.10.2/24
 machine c  10.10.100.1/24

 I configured IPSEC for all these machines. Machine A can talk to Machine
B,
 but Neither A and B can talk to Machine C. Obviously, Machine C belongs to
 diff network. If I put a router in between. I need to configure IPSEC in
 the
 router in order to let them talk to each other. Do you know how to
complish
 this? Thanks alot.

 Ricky
 **
 This e-mail is from 186k Ltd and is intended only for the
 addressee named above. As this e-mail may contain confidential
 or priveleged information, if you are not the named addressee or
 the person responsible for delivering the message to the named
 addressee, please advise the sender by return e-mail. The
 contents should not be disclosed to any other person nor copies
 taken.
 186k Ltd is a Lattice Group company, registered in England
  Wales No. 3751494 Registered Office 130 Jermyn Street
 London SW1Y 4UR
 **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40243t=40025
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Split horizon [7:40241]

[news.groupstudy.com]

Split horizon is disabled by default on a Frame point-to-point
interfaces/sub-interfaces.  There are a few books with huge errors saying
that it is enabled on point-to-point interfaces by default.  . S0/0 is
Frame:

Router#sh ip int s0/0
Serial0/0 is down, line protocol is down
  Internet address is 2.0.0.1/8
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Multicast reserved groups joined: 224.0.0.9
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Security level is default
  Split horizon is disabled

hth
-Russ


x  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Do RIP and IGRP disable split horizon in a frame relay
 hub and spoke topology?

 I have one source that says both do, one that says
 only RIP and one that says only IGRP.  What is the
 real answer?

 __
 Do You Yahoo!?
 Yahoo! Tax Center - online filing with TurboTax
 http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40244t=40241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

riverstone [7:40245]

[Kevin Campbell]

i was curious if anyone is familiar with riverstone and what your opinions
are.

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40245t=40245
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Split horizon [7:40241]

[John Neiberger]

You're not showing the subinterface.  On a point-to-point subinterface,
split horizon is enabled by default:

RCORP#sho ip int s1/0.16
Serial1/0.16 is up, line protocol is up
  Internet address is 10.8.10.70/24
  Broadcast address is 255.255.255.255
  Address determined by non-volatile memory
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Multicast reserved groups joined: 224.0.0.10
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Security level is default
  Split horizon is enabled
 

John

 news.groupstudy.com  4/2/02 3:27:30 PM 
Split horizon is disabled by default on a Frame point-to-point
interfaces/sub-interfaces.  There are a few books with huge errors
saying
that it is enabled on point-to-point interfaces by default.  . S0/0
is
Frame:

Router#sh ip int s0/0
Serial0/0 is down, line protocol is down
  Internet address is 2.0.0.1/8
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Multicast reserved groups joined: 224.0.0.9
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Security level is default
  Split horizon is disabled

hth
-Russ


x  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Do RIP and IGRP disable split horizon in a frame relay
 hub and spoke topology?

 I have one source that says both do, one that says
 only RIP and one that says only IGRP.  What is the
 real answer?

 __
 Do You Yahoo!?
 Yahoo! Tax Center - online filing with TurboTax
 http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40246t=40241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: COX Cable and Cisco uBR924 owners [7:40208]

[Dennis Hess]

Nice workaround but isn't that a very expensive bridge you just created?
Perhaps selling the UBR and getting something cheaper would be a better
solution?




Cebuano  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi, all.
 This is just a short notice for people on this list that are subscribers
of
 Cox Communications and have been denied the use of the Cisco uBR924 or
newer
 models.
 I have battled the company's politics in the past when i wanted to connect
my
 uBR924 to their network. I even escalated my request to their Tech.
 Engineering Dept. in San Diego, only to be told that they no longer
support
 any Cisco cable modems in their database.
 Alas, after a few months of being quarantined by the likes of Doyle,
Halabi
 and the gang, i was able to spare a few hours to configure my uBR for
basic
 bridging operation (config is on CCO) and call up their local tech support
 and
 lied that I wanted to register a Toshiba modem. Gave the tech the MAC and
 Serial number (thank G~d she did not recognize these as Cisco numbers!!),
and
 in two minutes my unit was provisioned.
 I hope this message helps one or more list subscribers.
 Albeit I still believe for most transactions that Honesty is the best
policy
 (hey, I was honest in my quest :- )


 Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40238t=40208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: COX Cable and Cisco uBR924 owners [7:40208]

[Tim Medley]

Good Job. Sometimes you have to bend the truth to get around the
politics. 

I've had a similar issue with TimeWarner Road Runner and my ubr924. They
won't support it in docsis mode and the basic bridging config doesn't
seem to work with their setup. 

For now I am using a 2611 that I bought for my lab.

tm

Tim Medley - CCNP+Voice, CCDP
Sr. Network Architect
VoIP Group
iReadyWorld
 
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Cebuano
Sent: Tuesday, April 02, 2002 1:32 PM
To: [EMAIL PROTECTED]
Subject: COX Cable and Cisco uBR924 owners [7:40208]

Hi, all.
This is just a short notice for people on this list that are subscribers
of
Cox Communications and have been denied the use of the Cisco uBR924 or
newer
models.
I have battled the company's politics in the past when i wanted to
connect my
uBR924 to their network. I even escalated my request to their Tech.
Engineering Dept. in San Diego, only to be told that they no longer
support
any Cisco cable modems in their database.
Alas, after a few months of being quarantined by the likes of Doyle,
Halabi
and the gang, i was able to spare a few hours to configure my uBR for
basic
bridging operation (config is on CCO) and call up their local tech
support
and
lied that I wanted to register a Toshiba modem. Gave the tech the MAC
and
Serial number (thank G~d she did not recognize these as Cisco
numbers!!), and
in two minutes my unit was provisioned.
I hope this message helps one or more list subscribers.
Albeit I still believe for most transactions that Honesty is the best
policy
(hey, I was honest in my quest :- )


Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40235t=40208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: test prep 607 CCNA HELP [7:40228]

[timothy thielen]

and yes, to those who study Cisco, there is only one Todd.

-T

Jimmy wrote:
 
 I'm studying for the CCNA test.  but should i wait to pick up
 the Sybex 607
 book, or will the 507 book suffice?
 You guys mention Todd's book.  You guys are reffering to the
 Sybex book
 right?
 Also, is the test the same as the 507 but with simulators or
 did they scrap
 the entire question list and start a new one?  Please help me
 out...
 
 thanks,
  Jimmy.
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40247t=40228
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: riverstone [7:40245]

[Thomas Gainer]

I have used them an find them to be good routers.  The configuration is a
little difference and some basic tasks like modifying and interface can be
unnecessarily difficult, but in terms of functionality, they provided what
was promised.  I had few problems.  Review your requirements before you buy
one.  Unlike Cisco, they do not try to fill every niche.  They also had some
problems with their BGP code.  That seems to be fixed though.

Thomas Gainer

Kevin Campbell  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 i was curious if anyone is familiar with riverstone and what your opinions
 are.

 [GroupStudy.com removed an attachment of type application/ms-tnef which
had
 a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40248t=40245
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AS-Path Filtering in Confederations? [7:40249]

[William Lijewski]

Can you filter out certain confederations (in the main AS) using AS-Path
access-lists?  I don't think that it's possible since they are technically
in one big main AS.  I have also tried it to no avail, but the thing that
makes me think it may be able to be done is if I do a show bgp regexp ^$ it
shows just my routes local to my confederation, not anyone elses.  I've
looked on CCO without any luck.

Can someone tell me if this is possible or not?

Thanks.

Example:

(65001) - (65002) - (65003)

I want to filter so that confederation 65003 does not see any routes that
originated in confederation 65001 using AS-Path Access-Lists.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40249t=40249
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Virtual Lab Software - Opinions? [7:40250]

[Thomas Gainer]

Has anyone used it.  What do you think?

Thomas Gainer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40250t=40250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco AS5300 For sale [7:40252]

[Kris Keen]

Cisco AS5300, QUAD E1 Card, 2 x 60MICA modems, perfect condition, pulled
from working enviroment, 100mbit and 10mbit ethernet ports, comes with rack
kit and powercable. 64meg ram and 16meg Flash.

Asking $10,000 AUD

Can send worldwide at buyers shipping costs


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40252t=40252
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Devices in MS Active Directory [7:40095]

[Wes Stevens]

Chris,

Ignore the MS bashers.

There is at least a statement of direction that they will work with MS 
active directory. I don't know how far along it is. The idea is that when a 
user logs in the switch will setup the vlan on the port from the users 
active directory profile.

For companies with users on MS platforms (and there are a few out there) 
this will have some big advantages. Vlan setup will get much easier and 
vlans will be much more secure.

Can any Cisco people out there give us an idea on how far away this is?




From: Wow 
Reply-To: Wow 
To: [EMAIL PROTECTED]
Subject: Re: Cisco Devices in MS Active Directory [7:40095]
Date: Mon, 1 Apr 2002 21:29:27 -0500

brilliant

Patrick Ramsey  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Do you really want to trust the management of your core equipment to
  anything microsoft puts out?
 
   Mann, Chris  04/01/02 04:05PM 
  Can Cisco routers and switches be managed at all from with Microsoft
  Active Directory, or some Active Directory snap-in? I tried looking on 
CCO
  and Microsoft.com but did not see too much on how the two of them
interact,
  if at all.
 
  Thanks,
 
  Chris
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=40251t=40095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]