Re: Cisco VPN Client & PIX [7:40670]
I encountered the same thing with a customer recently. I've got a case logged with TAC, but haven't yet received a decent answer. I don't know if we're seeing the same thing or if you're seeing something different, but a couple of questions can quickly determine: 1) Is your client behind a firewall of any type, including personal desktop firewall software? 2) If your client is behind a firewall, are any other machines also behind the firewall? 3) Is the connection over the Internet? If so, how does each side connect to the Internet? Leased line, cable, DSL? Thanks, Craig At 11:59 PM 4/5/2002 -0500, you wrote: >I am using Cisco VPN Client to connect with my Office PIX 515 firwall over >IPSEC 3DES encryption. My connection is droping automatically. It is not >because of idle time out or maximum time out. it happens on radomly. If some >one has any information on it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40676&t=40670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Puzzles -> WAS RE: My interview story [7:40553]
Part A: I heard this one where the friend also has a key that will open his lock, but not yours. Also, the condition is that no destructive techniques are allowed, so breaking or cutting wasn't a possible solution. Part B: He never states that the rope is attached to the top of the pole, just that it's attached to the pole. So, the answer is that the poles are somewhere between 0 and 32 feet apart. Craig At 11:33 PM 4/5/2002 -0500, you wrote: >I'll bite. >a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your box >and send it to your friend. He breaks the lock or cuts open the box. >b) Poles and rope. The poles are touching. > > > -Original Message- > > From: Dusty Harper [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 05, 2002 4:55 PM > > To: [EMAIL PROTECTED] > > Subject: RE: My interview story [7:40553] > > > The goal is to determine how you think. Most real world solutions to > > problems can be applied to technological hurdles, or problems. > > > > As an example: > > > > Prep: > > You have an empty box, a lock, a key for your lock, and a > > diamond. > > Your friend has an empty box, and a lock for his box. > > > > Goal: > > You want to get the diamond to your friend via courier. However > > the courier will steal anything that is not locked. How do you do > > this? > > > > > > Another example: > > > > If you have 2 20' poles, a 32' rope strung between them, and the > > lowest point of the rope is 4' off of the ground, how far apart are > > the poles? > > > > It gauges how one thinks and handles situations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40674&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN SPIDS HELP :URGENT [7:40673]
Hi GUys, Need your help to solve a confusion. I studied that SPIDS are required by swithces in NA only and certain parts of europ, and by certain ISDN switches. DOes it mean that for sure that WE DONOT NEED TO USE SPIDS in Asia pacific ISDN switches to make them work and they should be able to work even without SPIDs. In more deapth, Means that even we get SPIDS in Exam in Asia pacific region anywhere, we donto need to use them..Am I right?? Thanks for help. TOM _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40673&t=40673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My interview story [7:40553]
Having recently completed the "Aircraft Survival" game with a room full of fellow pilots, I can't say that the game was able to determine how people thought, but rather, how people acted within a team environment. Does an individual give in immediately when confronted by others? Does the individual draw logical conclusions? Do they integrate ideas of others into their thinking? Or are they stubborn and impose their views on the group? Having done the exercise alone at first, and then as part of a group, my thinking was substantially different than that of what we accomplished as a group - which is to be expected, because we all have different life experiences from which to draw upon. Personally, I thought Macleans magazine would rank high up in survivability importance because of its flammability - but neither my team nor the scenerio designers concurred. Does this mean my thinking is flawed? Heck no! I've watched Survivor - and I've seen how hard it is for the average Joe to start a fire. If I'm stranded, I want to make sure I've got the ability to boil water to keep me healthy while I wait to be rescued. Now because this item was ranked by survival experts as the least important item, does it mean that I lost the game? And what about the fact my fellow team members thought about using locking wire to make animal snares or fishing hooks. I never thought of that. Again--would I be ranked below other candidates that do a little more outdoors survival stuff than myself? Heck no! As I said--the exercise is more about how you function in a group, rather than on what choices you actually made. I can see an employer using this as a tool to discern your ability to fit into a team environment... Likely the interview was done by someone who just went through it and without thinking about the ramifications of doing something like this in an interview situation (who's ever heard of a group interview for a job before? YIKES!) thought they'd try it out for size. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dusty Harper Sent: Friday, April 05, 2002 4:54 PM To: [EMAIL PROTECTED] Subject: RE: My interview story [7:40553] I haven't heard of any role-playing, but Microsoft does implement logic puzzles into the interviews, which are usually connected with 3 or more people individually. The goal is to determine how you think. Most real world solutions to problems can be applied to technological hurdles, or problems. As an example: Prep: You have an empty box, a lock, a key for your lock, and a diamond. Your friend has an empty box, a lock, and a key for his lock. Goal: You want to get the diamond to your friend via courier. However the courier will steal anything that is not locked. How do you do this? Another example: If you have 2 20' poles, a 32' rope strung between them, and the lowest point of the rope is 4' off of the ground, how far apart are the poles? It gauges how one thinks and handles situations. -Original Message- From: nrf [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 12:54 PM To: [EMAIL PROTECTED] Subject: Re: My interview story [7:40553] Strange and silly as some of these games seem, it is often the case that many high-profile companies, tech or otherwise, incorporate these games into their hiring processes. Microsoft in the old days, for example, used to make extensive use of this kind of game role-playing in their interviews (don't know whether they do that anymore). Oracle too (one possibly apocryphal story - when Oracle was starting out, Oracle would ask a candidates who were coming straight out of college whether he was the smartest student he knew, if the candidate answered 'yes', then the candidate qualified for a round-2 interview, but if the candidate said no, then Oracle would ask then if you're not the smartest student you know, then who is, and then they would try to hire that person). Management consultancies and Wall-Street investment banks are also notorious for this as well. You may say to yourself that these games are ridiculous and ask yourself why you have to jump through these silly hoops, and how management is dumb for forcing candidates to go through these games, and yes that's true, but sometimes the position is worth it. I for one definitely wouldn't have minded getting into Microsoft in, say, 1990. ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > That reminds me of what happened to the husband of a coworker. He > worked for a division of GE and they had some social engineering week > where everyone was supposed to wear the same colored T-shirt each day. > For example, the first day everyone wears red. The second day they all > were green, etc. Ugh... Aren't we here to do actual work and not waste > time on this garbage? > > I think I'd wear black all week. ;-) Or, I might wear white clai
Re: 2620 or 2610 [7:40603]
Sounds like a 2620 motherboard with a 2610 case. If the show ver says 2620 and the interface configuration is for a fast ethernet interface, then my money says you've got a 2620. thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) ""brian kastor"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > ok, here is one I have never heard. > > Router says 2610 on it. Sh ver says 2620. Router has ethernet interface > (it says 2610), but ios makes you configure a f0/0 interface. > > Mac address for interface is 0002.16f8.2380 > > I can find out through and oui serach that 000216 is cisco, but does anybody > know how to check the last 6 or has anyone else seen this issue? Unless my > jedi training is incorrect, don't 261x's only have 10mb interfaces?? > > thanks, > bk Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40608&t=40603 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: i am receiving spam (From GroupStudy) [7:40596]
I got the same thing a few days ago and I only use this email address for the GroupStudy listserve. Somebody is mining the list for email spam purposes. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of amanda lalli-cafini Sent: Friday, April 05, 2002 7:32 AM To: [EMAIL PROTECTED] Subject: i am receiving spam [7:40572] Hi All, I am receiving SPAM from someone. The return address says [EMAIL PROTECTED] The letter then asks if i would like some practice questions. I clicked yes and it sent me a list of questions to look at. The questions all had wrong answers. ... as in way wrong I don't really know how i got on this guys email list, but i am only a member of a couple of cisco study groups so i was wondering if anyone else here is getting this stuff too? Regards, amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40596&t=40596 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: reading material for dlsw [7:40299]
Don't forget about RFC 2166 ""Ben Lovegrove"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > For DLSw try RFC 1795 > > HTH > Ben > > Ben Lovegrove, CCNP > Redspan Solutions Ltd > Web: www.redspan.com & www.bensbookmarks.com > Tel: +44 (0)2392 492010 > Fax: +44 (0)870 460 2156 > Email: [EMAIL PROTECTED] > Cisco hardware, software, accessories, and certification tips > > > > >From: "Shivjit Patil" > >Reply-To: "Shivjit Patil" > >To: [EMAIL PROTECTED] > >Subject: reading material for dlsw [7:40299] > >Date: Wed, 3 Apr 2002 01:29:18 -0500 > > > >Could anyone suggest a good resource for getting familiar with DLSW and > >SRB. > _ > Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40630&t=40299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed CSPFA [7:39946]
Is it absolutely necessary to have a dual ethernet lan router. Can you use two 2501s connected via serial ports. ""Ole Drews Jensen"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It is my pleasure to announce that I passed the CSPFA this morning with a > good score. > > During the examination, I was beginning to doubt that I would pass. Some of > the questions were worded very weird, and there were about 4-5 that I simply > did not understand the meaning of. > > My recommendations to those of you who wish to attend this exam are as > follows: > > 1) A Cisco PIX Firewall. > > You can get a cheap 501 with DES for less than $400.- and one with 3DES for > less than $500.- Goto www.cnet.com and search, and they will show you the > best prices. You might be lucky to find one on eBay for less, but it's still > a relatively new model. > > 2) A Cisco Router with 2 ethernet interfaces. > > If you look hard enough, you can probably find a 2514 for about $300.- on > eBay. It won't (as far as I know) do all the auth-proxy functions, so if you > need them, you might want to look for a 2600 model instead. > > 3) Cisco Connection Online (CCO). > > This is still the best place to search for information about everything you > need to know. > > 4) CiscoPress' Cisco Secure PIX Firewalls. > > This official coursebook covers everything you need to know. > > 5) Boson's Practice Test(s). > > I can strongly recommend the CSPFA test # 1, written by Bernard Omrani. > These tests are only $39.95 each, and they helped me to test myself to see > if I was ready for the exam or not. > > Some of you might have questions about the exam itself, but since I signed > the NDA, I cannot really answer those. > > Good luck to you all - I will click 'SEND' and open the next book :-) > > Have a great Easter weekend, > > Ole > > > Ole Drews Jensen > Systems Network Manager > CCNP, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > http://www.RouterChief.com > > NEED A JOB ??? > http://www.oledrews.com/job > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40649&t=39946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 2500 console problem [7:40559]
After seeing this thread I remembered having two 2500's in the lab I couldn't talk to but could see data from it. I went back and diabled flowcontrol, teraterm, and it worked fine!! Dave CiscoB wrote: > > For some reason some old 2503s seem to have this problem. I have run into > it myself. Make sure you have your terminal settings set correctly (check > the baud rate, stop bits, and flow control). If that doesn't work, try > using a different computer (I seem to have the best luck using an NT > machine). > > thanks, > -Brad Ellis > CCIE#5796 (R&S / Security) > Network Learning Inc > [EMAIL PROTECTED] > www.optsys.net (Cisco hardware) > > ""Widjaja Surja Kentjana"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi all, > > > > Have just got a Cisco 2503. I am not able to console, I believe it is > > faulty. I need to clear the password. Tried to use AUX, but AUX is only > > available when the IOS is loaded. > > > > Any other way out or workaround it? > > > > Thanks. > > > > Widjaja -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40600&t=40559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question on PIX !!! [7:40489]
Try to see what happens with the following changes Remove: ip address outside 192.168.2.14 255.255.255.252 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0 route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 216.6.24.128 255.255.255.192 216.6.24.129 1 add: ip address outside 192.168.2.14 255.255.255.0 global (outside) 1 192.168.2.16-192.168.2.32 global (outside) 1 192.168.2.15 netmask 5.255.0 >for PAT nat (inside) 1 0 0 route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/exa mples.htm#xtocid137951 Murtaza - Original Message - From: "Avi" To: Sent: Friday, April 05, 2002 6:30 AM Subject: Question on PIX !!! [7:40489] > Hi, > > I am facing a problem on PIX 515 as described below. > Firewall: Cisco PIX 515 > Firewall Software Version: 4.4(7) > > PIX setup: > -- > > Host Mail Server > 216.6.24.130 216.6.24.185 (216.6.24.0 => Public AddressesValid > Internet Addresses) > | | > --- > | > | > | > | - 216.6.24.130 255.255.255.192 > PIX > | - 192.168.2.14 /30 > | > | > | - 192.168.2.14 /30 > Inside >Router > | - 192.168.2.6 /30 > | > | > | - 192.168.2.5 /30 > ISP > Router > | > | | Proxy > 192.118.52.54 > | | Server > | > || | | > > > > PIX Configuration: > > > PIX Version 4.4(7) > nameif ethernet0 outside security0 > nameif ethernet1 inside security100 > enable password 8Ry2YjIyt7RRXU24 encrypted > passwd AoM2ZahaIYl9kEoj encrypted > hostname nungunungu > fixup protocol ftp 21 > fixup protocol http 80 > fixup protocol h323 1720 > fixup protocol rsh 514 > fixup protocol smtp 25 > fixup protocol sqlnet 1521 > names > pager lines 24 > logging on > no logging timestamp > no logging console > no logging monitor > no logging buffered > no logging trap > logging facility 20 > logging queue 512 > interface ethernet0 auto > interface ethernet1 100basetx > mtu outside 1500 > mtu inside 1500 > ip address outside 192.168.2.14 255.255.255.252 > ip address inside 216.6.24.129 255.255.255.192 > no failover > failover timeout 0:00:00 > failover ip address outside 0.0.0.0 > failover ip address inside 0.0.0.0 > arp timeout 14400 > nat (inside) 0 216.6.24.0 255.255.255.0 0 0 > static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0 > conduit permit tcp host 216.6.24.177 eq smtp any > conduit permit tcp host 216.6.24.186 eq smtp any > conduit permit tcp any host 192.118.52.54 eq www > conduit permit icmp any any > conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp > conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data > conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 > conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 > conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 > conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 > conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 > conduit permit tcp host 216.6.24.10 eq domain any > conduit permit tcp host 192.118.52.54 eq 8080 any > conduit permit tcp host 192.118.52.54 eq 3180 any > conduit permit tcp host 192.118.52.54 eq www any > no rip outside passive > no rip outside default > no rip inside passive > no rip inside default > route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 > route inside 216.6.24.128 255.255.255.192 216.6.24.129 1 > timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 > timeout rpc 0:10:00 h323 0:05:00 > timeout uauth 0:05:00 absolute > aaa-server TACACS+ protocol tacacs+ > aaa-server RADIUS protocol radius > no snmp-server location > no snmp-server contact > snmp-server community mic-test-03 > no snmp-server enable traps > telnet 216.6.24.16 255.255.255.255 > telnet timeout 15 > terminal width 80 > > > PROBLEM: > -- > > From host 216.6.24.130 i am able to ping inside interface of the PIX but i > am not able to ping the outside inetrface, nor am i able to ping the inside > router. Sitting on the PIX i am able to to ping the inside host 216.6.24.130 > and the servers, also
RE: FIXUP PROTOCOL ON PIX 515 [7:40577]
My attachment (.doc file) didn't go through. It's 8-page document. If anybody interested, please reply to me directly... -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Lidiya White Sent: Friday, April 05, 2002 7:25 PM To: [EMAIL PROTECTED] Subject: RE: FIXUP PROTOCOL ON PIX 515 [7:40577] Each fixup is different. Let's say fixup protocol smtp 25 is the mail guard that allows only generic seven RFC821 commands. Fixup protocol ftp 21 helps with active FTP allowing response back on port 20. Fixup exists for only few protocols/ports it was intended to work with, so you can't just put fixup protocol for any port you want. I'll attach document that describes all fixup protocols. -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joseph Rago Sent: Friday, April 05, 2002 7:10 AM To: [EMAIL PROTECTED] Subject: RE: FIXUP PROTOCOL ON PIX 515 [7:40577] Hi can anyone tell me in non technical terms what the fixup protocol is used for on a pix 515. Do i need to specify a fixup protocol number for all applications used. Right now i am able to citrix into a server on my DMZ and i do not have a fixup protocol statement defined for citrix ports. Thanks Joe Rago [GroupStudy.com removed an attachment of type application/msword which had a name of PIX Fixup Protocols.doc] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40671&t=40577 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE [7:40568]
Congrats Siva, well done,.. you can go to www.ccbootcamp.com and see the equipment they rent out for remote access. I am using the config and scaling it down due to cost. What are your thoughts on the test? Thanks, Kevin McCarty CCNA CCNP Computer Sciences Corporation Defense Sector Siva cc: Sent by: Subject: CCIE [7:40568] nobody 04/05/2002 03:00 AM Please respond to Siva Dear All I just cleared my ccie written ewith over 82%. Really hard time it was. Now I am preparing for my CCIE labs. I already schduled it coming June. I am in the process of setting up a "Home lab". Have anyone got to know where the used routers are available? I am from Sydney. Reg Siva Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40601&t=40568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: i am receiving spam [7:40572]
I received a similar message yesterday. Since I didn't know the sender - I hit the "delete" key. I believe that the e-mail promised something for free. Sounds like bait to me. Always good to avoid. > -Original Message- > From: amanda lalli-cafini [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 8:32 AM > To: [EMAIL PROTECTED] > Subject: i am receiving spam [7:40572] > > > Hi All, > > I am receiving SPAM from someone. > The return address says [EMAIL PROTECTED] > The letter then asks if i would like some practice questions. > I clicked yes and it sent me a list of questions to look at. > The questions all had wrong answers. ... as in way wrong > > I don't really know how i got on this guys email list, but i am only a > member of a couple of cisco study groups so i was wondering > if anyone else > here is getting this stuff too? > > Regards, > > > amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40622&t=40572 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco VPN Client & PIX [7:40670]
I am using Cisco VPN Client to connect with my Office PIX 515 firwall over IPSEC 3DES encryption. My connection is droping automatically. It is not because of idle time out or maximum time out. it happens on radomly. If some one has any information on it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40670&t=40670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Puzzles -> WAS RE: My interview story [7:40553]
Daniel, I think the first answer could be just lock the stone in the box, give the box and your key to the courier. Kent ""Daniel Cotts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'll bite. > a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your box > and send it to your friend. He breaks the lock or cuts open the box. > b) Poles and rope. The poles are touching. > > > -Original Message- > > From: Dusty Harper [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 05, 2002 4:55 PM > > To: [EMAIL PROTECTED] > > Subject: RE: My interview story [7:40553] > > > The goal is to determine how you think. Most real world solutions to > > problems can be applied to technological hurdles, or problems. > > > > As an example: > > > > Prep: > > You have an empty box, a lock, a key for your lock, and a > > diamond. > > Your friend has an empty box, and a lock for his box. > > > > Goal: > > You want to get the diamond to your friend via courier. However > > the courier will steal anything that is not locked. How do you do > > this? > > > > > > Another example: > > > > If you have 2 20' poles, a 32' rope strung between them, and the > > lowest point of the rope is 4' off of the ground, how far apart are > > the poles? > > > > It gauges how one thinks and handles situations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40669&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Puzzles -> WAS RE: My interview story [7:40553]
I'll bite. a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your box and send it to your friend. He breaks the lock or cuts open the box. b) Poles and rope. The poles are touching. > -Original Message- > From: Dusty Harper [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 4:55 PM > To: [EMAIL PROTECTED] > Subject: RE: My interview story [7:40553] > The goal is to determine how you think. Most real world solutions to > problems can be applied to technological hurdles, or problems. > > As an example: > > Prep: > You have an empty box, a lock, a key for your lock, and a > diamond. > Your friend has an empty box, and a lock for his box. > > Goal: > You want to get the diamond to your friend via courier. However > the courier will steal anything that is not locked. How do you do > this? > > > Another example: > > If you have 2 20' poles, a 32' rope strung between them, and the > lowest point of the rope is 4' off of the ground, how far apart are > the poles? > > It gauges how one thinks and handles situations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40668&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fast EtherChannel [7:40430]
I'm think you simply want a single port channel interface to which you tie your fastethernets to inter fa 0/0 channel-group 1 ! inter fa0/1 channel group 1 ! inter port-channel 1 ip address 1.1.1.1 255.255.255.0 You don't create multiple port channels, you connect multiple FE's to create a single logical interface. My syntax may not be exact as I'm shootin off the top of my head. Dave Tom Scott wrote: > David C Prall wrote: > > > The 2900XL does not support PAgP negotiation, so you have to configure the > > channel as on. > > Related to this, can you refer me to an example at cisco.com that shows an > FEC between > a 2900 switch and 2600 router ("router-on-a-stick"). > > Suppose we had two vlans (10 and 20). I think the configuration commands > would be > something like this: > > 2900 > > int f0/1 > port group 1 > switchport mode trunk > switchport trunk encap dot1q > int f0/2 > port group 1 > switchport mode trunk > switchport trunk encap dot1q > > 2600 > > int f0/0 > channel-group 1 > no shut > int f0/1 > channel-group 1 > no shut > int port-channel 1 > no ip addr > int port-channel 1.1 > ip addr 10.1.1.1 255.255.255.0 > encap dot1q 1 > int port-channel 1.10 > ip addr 10.1.10.1 255.255.255.0 > encap dot1q 10 > int port-channel 1.20 > ip addr 10.1.20.1 255.255.255.0 > encap dot1q 20 > > Would that work? (I don't have access to the equipment till next week.) > > -- TIA, TT -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications Inc. 612-664-3367 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40667&t=40430 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:40525]
Simple. Run HSRP between the two routers. All packets are sent to the active router and if the other 7206 has a better route the packet goes back on to the LAN and out that 7206's Internet link. Dave "Steven A. Ridder" wrote: > If I had 2 7206 routers dual homed to two different ISP's for redundancy, I > know I don't NEED the full bgp table, but if I were to accept them for > optimal routing within my network, how would I tell my internal routers who > don;t run BGP which of the two 7206 routers to go to for a specific route > oout to the internet? I assume doing a redistribution into the IGP is a big > no-no, so how do small 3600's and 2600's inside the AS know which of the two > routers to send the traffic to based on the fact that that one router has > the better route? > > I can think of adding a third 7206 router which would run BGP, connect to > the other two routers and accept the full table as well, and the internal > routers would use that one as the gateway to the internet, but if I didn't > have that third router, is there any other way? > > -- > > RFC 1149 Compliant. > Get in my head: > http://sar.dynu.com -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications Inc. 612-664-3367 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40666&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:40525]
There is absolutely no problem accepting full routes from two ISPs providing you have 128M memory in a sufficient router with synchronization disabled, (see earlier post). I have done this several times. Dave Alex Lei wrote: > That pretty much rules out redistributing into IGP. I am thinking that > Steve's original suggestion is the only way to go, but I feel that there may > be a problem accepting full routes from two different providers. > > Any comments? > > Alex > > [EMAIL PROTECTED] wrote: > > > > I'm no BGP guru, but I would have thought also that > > redistributing *full > > routes* (as opposed to a default) into your IGP might overload > > internal > > routers rather badly. The original poster referred to 2600s > > and 3600s > > inside the AS. > > > > JMcL > > - Forwarded by Jenny Mcleod/NSO/CSDA on 05/04/2002 09:36 am > > - > > > > > > "Lomker, Michael" > > Sent by: [EMAIL PROTECTED] > > 05/04/2002 08:38 am > > Please respond to "Lomker, Michael" > > > > > > To: [EMAIL PROTECTED] > > cc: > > Subject:RE: BGP question [7:40525] > > > > > > > Why is redistribution into an IGP a big no - no? My > > > understanding is that this is what people usually do. > > > > You'd have to be careful about advertising those routes back > > out to BGP > > again. There was a famous case of someone bringing down the > > Internet by > > creating such a loop. Needless to say, their ISP shouldn't > > have been > > accepting advertisements for networks that the company didn't > > own. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications Inc. 612-664-3367 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40665&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Load-Balancing with 2 providers... plus ne [7:40551]
I would strongly suggest the use of a Packetshaper to do what you are wanting to do. Let the router do the routing and offload the load of what you are wanting to do to another device that can do the rate-limiting or bandwidth limit. Mario Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40664&t=40551 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:40525]
You hit the nail on the head and this is why I think synchronization is a legacy default attribute. If you redistributed the Internet routing table into an IGP I think you would not like the results. I have not tried this, has anyone Dave "[EMAIL PROTECTED]" wrote: > I'm no BGP guru, but I would have thought also that redistributing *full > routes* (as opposed to a default) into your IGP might overload internal > routers rather badly. The original poster referred to 2600s and 3600s > inside the AS. > > JMcL > - Forwarded by Jenny Mcleod/NSO/CSDA on 05/04/2002 09:36 am - > > "Lomker, Michael" > Sent by: [EMAIL PROTECTED] > 05/04/2002 08:38 am > Please respond to "Lomker, Michael" > > > To: [EMAIL PROTECTED] > cc: > Subject:RE: BGP question [7:40525] > > > Why is redistribution into an IGP a big no - no? My > > understanding is that this is what people usually do. > > You'd have to be careful about advertising those routes back out to BGP > again. There was a famous case of someone bringing down the Internet by > creating such a loop. Needless to say, their ISP shouldn't have been > accepting advertisements for networks that the company didn't own. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications Inc. 612-664-3367 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40663&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Core layer question [7:40535]
Yes you are correct. I have a customer though, a big hospital where there is no such thing as downtime. They have dual 6509's with dual sups and MSFC's simply beacause some servers have only a single connection. The sales guy was happy!! Dave Larry Letterman wrote: > If you have redundant 6509 chassis with a sup in each, a 2nd sup in each one > is not necessary. Its nice to have, but an added expense. > > Larry Letterman > Cisco Systems > [EMAIL PROTECTED] > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Steven A. Ridder > Sent: Thursday, April 04, 2002 2:20 PM > To: [EMAIL PROTECTED] > Subject: Core layer question [7:40535] > > Has anyone ever designed a network and put either a firewall or IDS blade in > the core switch block? Even if the customer had no money, wouldn't this > never be advisable? Has anyone ever done it? > > As background for the questions, I started a new job, and so I took over > some accounts, and who ever has been doing the configs ( I think some have > been comming from Cisco!) has been making mistakes here and there. One > proposal had a 500 phone IP Tel network running over Cat. 3 wiring, and this > one has a wan block going back to the core block (dual 6506's) with only 1 > sup in each and an IDS blade in each! Isn't it advisable to move the IDS's > to the server and DMZ blocks? Also, isn't it always advisable to go with 2 > sups? > > I just want to make sure I'm not crazy, as I'd not like to casue a ton of > waves my first week on the job. > > -- > > RFC 1149 Compliant. > Get in my head: > http://sar.dynu.com -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications Inc. 612-664-3367 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40662&t=40535 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Supervisor III [7:40659]
The answer is in the Release Notes area of CCO. I assume that you have a CCO login that allows access to the Software Center. From there go to LAN Switching Software, then Catalyst 5000, scroll down to "Documentation/Release Information for the Catalyst 5000 Series" and click on "Catalyst 5000 Series Release Notes". Choose the notes for version 6.x and look for Memory Requirements. You should be here: (watch the wrap) http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/c5krn/sw_rns/78_ 11304.htm#xtocid2 And read: The Catalyst 5000 family supervisor engine 6.x software releases require a minimum of 64-MB DRAM installed on Supervisor Engine III and 32-MB DRAM installed on Supervisor Engines II G and III G. If you go to the 5.x Release notes: The Catalyst 5000 family supervisor engine 5.x software releases require a minimum of 32-MB DRAM installed on your supervisor engine. I'd suggest a thorough read of the notes to verify if any special firmware upgrade is also required. It would be nice if you have a Flash Card to store several versions of OS. In your config file point to the desired version. I can't answer your other questions. > -Original Message- > From: The Edward Groove [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 8:24 PM > To: [EMAIL PROTECTED] > Subject: Supervisor III [7:40659] > > > Hello, > > I need some help in answering a few questions. > > If i have a supervisor III (WS-X5530-E1) with no uplink > modules on a Cat > 5500, and need to know the minimum requirements to be able to load a > newer IOS. > > First of all, do I need at least one switching module installed, or is > there another way to upload the IOS? > > The memory on the Sup III is 32DRAM/4Flash. Is this configuration > compatible with version 6.3(3a)? > > I can't seem to find any documentation on Cisco's site regarding this. > > Thanks in advance! > > Eddie > > [GroupStudy.com removed an attachment of type image/jpeg > which had a name of > Notebook.jpg] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40661&t=40659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Supervisor III [7:40659]
Hello, I need some help in answering a few questions. If i have a supervisor III (WS-X5530-E1) with no uplink modules on a Cat 5500, and need to know the minimum requirements to be able to load a newer IOS. First of all, do I need at least one switching module installed, or is there another way to upload the IOS? The memory on the Sup III is 32DRAM/4Flash. Is this configuration compatible with version 6.3(3a)? I can't seem to find any documentation on Cisco's site regarding this. Thanks in advance! Eddie [GroupStudy.com removed an attachment of type image/jpeg which had a name of Notebook.jpg] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40659&t=40659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How to keep BGP's session open indefinitly with no "keepalives" [7:40657]
CCO say's if the holdtime is "0" then the sessions are assumed up and do not exchange keepalives, but on the command line "timers" does not permit 0 for the hello or hlodrime interval. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40657&t=40657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
My two cents - for what it's worth ... first, we all understand the purpose of this forum, but like in 3D conversations, sometimes the topics veer. Perhaps we need to redirect things back, but my God, folks - we're human beings, after all. Just because we're so intimately involved in machinery, they are, after all, just machines! And my own pet peeve, just because someone comments on something not appealing to you doesn't mean they have too much time on their hands - frankly, they seem to be more well-rounded than the one-trick ponies in the world. If you disagree with the man's politics, great - just say so in a non-aggressive manner and move on. Have a non-confrontational weekend, folks. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Don Claybrook Sent: Friday, April 05, 2002 5:23 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] Sorry, Mr. Hall. Take a look at the order of operations. I was making the point that this was a technical forum that probably didn't need politics inserted. I was RESPONDING to someone who made the political remark in the first place. I'll discontinue this since the purpose is supposed to be all Cisco all the time here, but since you called me out by name, I thought I'd take a stab at defending my statement before bowing out. Thanks. Peace. Don Claybrook CCNP, CCDP, CSS1 (without much extra time on my hands) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeffrey W. Hall Sent: Friday, April 05, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] What?? Those of you who insist on detracting a good conversation with needless comments like that have to much time on your hands, Don. Why don't you and others like you stick to the topic and not be so tempted to provide such a short-sighted remark. Jeffrey W. Hall Network Administrator, MCSE, CCNA, SCSA -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Don Claybrook Sent: Friday, April 05, 2002 6:22 PM To: [EMAIL PROTECTED] Subject: Re: TCP/IP and DOD [7:39657] Well, if we're veering off into the realm of political commentary and putdown, I suppose it's ok to ask whether George W. Bush could spell TCP/IP "all by himself". - Original Message - From: "Brian Zeitz" To: Sent: Friday, April 05, 2002 2:09 PM Subject: RE: TCP/IP and DOD [7:39657] > Yea, it was Al Gore who invented TCP/IP and the internet, all by > himself. > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 4:30 PM > To: [EMAIL PROTECTED] > Subject: RE: TCP/IP and DOD [7:39657] > > Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN > set > up the infrastructure of the ARPANET and got the Interface Message > Processors (routers) and the 56-Kbps links up and running. To use the > ARPANET, universities had to write software for the devices that > connected > to the ARPANET. TCP/IP grew out of that effort. > > Priscilla > > At 03:47 PM 4/5/02, Rico Ortiz wrote: > >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. > Not > >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Steven A. Ridder > >Sent: Wednesday, March 27, 2002 2:05 PM > >To: [EMAIL PROTECTED] > >Subject: TCP/IP and DOD [7:39657] > > > > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was > >written by the Depertment of Defense. I am confident that ARPAnet was > >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived > from > >these early protocls, but to say the the DoD, or BBN or anyone other > than > >the Internet community wrote TCP and IP would be incorrect, right? I > seem > >to remember that IP was used in ArpaNet, but not TCP. I thought TCP > was > >written in various universities. I could even look up the couple (who > used > >to work at Cisco) who wrote it. > > > >-- > > > >RFC 1149 Compliant. > >Get in my head: > >http://sar.dynu.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40656&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Link Bandwidth. Interesting [7:40655]
Just snooping around cisco and found this interesting enhancement for unequal load balancing for both ibgp and ebgp. It'll advertise the exit link bandwidth as a community to you can make routing decisions on it. Pretty cool. Here's the link. http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftbgplb.htm Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40655&t=40655 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
aironet pc card using Linux [7:40654]
Ok, bit off topic. I have a Aironet 340 using Linux. everything seems to be working but I am unable to get an IP address from the AP. Using an Linksys AP. SSID is shows good, recieving and transmitting packets. it must be something simple anyone has any ideas.. TIA.. Rico Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40654&t=40654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FIXUP PROTOCOL ON PIX 515 [7:40577]
Each fixup is different. Let's say fixup protocol smtp 25 is the mail guard that allows only generic seven RFC821 commands. Fixup protocol ftp 21 helps with active FTP allowing response back on port 20. Fixup exists for only few protocols/ports it was intended to work with, so you can't just put fixup protocol for any port you want. I'll attach document that describes all fixup protocols. -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joseph Rago Sent: Friday, April 05, 2002 7:10 AM To: [EMAIL PROTECTED] Subject: RE: FIXUP PROTOCOL ON PIX 515 [7:40577] Hi can anyone tell me in non technical terms what the fixup protocol is used for on a pix 515. Do i need to specify a fixup protocol number for all applications used. Right now i am able to citrix into a server on my DMZ and i do not have a fixup protocol statement defined for citrix ports. Thanks Joe Rago [GroupStudy.com removed an attachment of type application/msword which had a name of PIX Fixup Protocols.doc] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40653&t=40577 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
Sorry, Mr. Hall. Take a look at the order of operations. I was making the point that this was a technical forum that probably didn't need politics inserted. I was RESPONDING to someone who made the political remark in the first place. I'll discontinue this since the purpose is supposed to be all Cisco all the time here, but since you called me out by name, I thought I'd take a stab at defending my statement before bowing out. Thanks. Peace. Don Claybrook CCNP, CCDP, CSS1 (without much extra time on my hands) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeffrey W. Hall Sent: Friday, April 05, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] What?? Those of you who insist on detracting a good conversation with needless comments like that have to much time on your hands, Don. Why don't you and others like you stick to the topic and not be so tempted to provide such a short-sighted remark. Jeffrey W. Hall Network Administrator, MCSE, CCNA, SCSA -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Don Claybrook Sent: Friday, April 05, 2002 6:22 PM To: [EMAIL PROTECTED] Subject: Re: TCP/IP and DOD [7:39657] Well, if we're veering off into the realm of political commentary and putdown, I suppose it's ok to ask whether George W. Bush could spell TCP/IP "all by himself". - Original Message - From: "Brian Zeitz" To: Sent: Friday, April 05, 2002 2:09 PM Subject: RE: TCP/IP and DOD [7:39657] > Yea, it was Al Gore who invented TCP/IP and the internet, all by > himself. > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 4:30 PM > To: [EMAIL PROTECTED] > Subject: RE: TCP/IP and DOD [7:39657] > > Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN > set > up the infrastructure of the ARPANET and got the Interface Message > Processors (routers) and the 56-Kbps links up and running. To use the > ARPANET, universities had to write software for the devices that > connected > to the ARPANET. TCP/IP grew out of that effort. > > Priscilla > > At 03:47 PM 4/5/02, Rico Ortiz wrote: > >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. > Not > >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Steven A. Ridder > >Sent: Wednesday, March 27, 2002 2:05 PM > >To: [EMAIL PROTECTED] > >Subject: TCP/IP and DOD [7:39657] > > > > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was > >written by the Depertment of Defense. I am confident that ARPAnet was > >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived > from > >these early protocls, but to say the the DoD, or BBN or anyone other > than > >the Internet community wrote TCP and IP would be incorrect, right? I > seem > >to remember that IP was used in ArpaNet, but not TCP. I thought TCP > was > >written in various universities. I could even look up the couple (who > used > >to work at Cisco) who wrote it. > > > >-- > > > >RFC 1149 Compliant. > >Get in my head: > >http://sar.dynu.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40652&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco lab [7:40625]
There is no ip addressing listed for R1 unless I missed it. You have subnetted the 192 network on each side of the 10.0.0.0 network. IGRP and RIP will do auto summary, which will confuse the BB router when talking to the 192 network.. The BB router probably wont know which way to send the packets to either side of the 192 network, since it sees a summary address of 192 on both sides of the router. Change the 10.0 net to a 192.168.x.x and see what happens. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 2:49 PM To: [EMAIL PROTECTED] Subject: FW: cisco lab [7:40625] im Sorry for not putting my ip address scheme i hope it makes more sense! sorry larry Im currently going over the routing class so i can practice for my ccie . I know its a good review and will help me have a more solid understanding of routing... i tried to make this simple scenario and for some reason its not working maybe im missing something. my setup is the following (s1) (s0)backbone router---s1-r1 | |(e0) | | (SO) | | r4 (s1) r2(e0) | | | (s0)| r3 now i enable igrp 200 for all the router the serial links for r4 s0 10.1.1.1 /24 r4 s1 192.168.1.17 /28 backbone so is 10.1.1.100 /24 and s1 10.12.12.100 /24 and the serials for r3 192.168.1.18 /28 r2 e0 192.168.1.34/28 and 192.168.0.0 network. whe i do a ip route in backbone router for 192.168.X.x i get network not in table ? why?n if i am advertising it should't the other routers show it whithin their routing tables i have the running config if that helps I can ping from r3 to r4 however after but unable to get the backbone router same applies to the r2 i have on backbone router & r4 7r1 igrp 200 network 10.0.0.0 network 192.168.0.0 how come if all the routers are running the same routing protocol i cant see the 10.0.0.0 routers advertised Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40651&t=40625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Cisco Memory for Sale (Sydney) [7:40650]
Hello Group, Just wanted to sell some leftover memory I have: 2x 8MB Flash for 2600 1x 16MB DRAM for 2500 Prefer Sydney buyers as shipping would be cheapest. Make me a serious offer. Thanks Albert Lu CCIE #8705 _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40650&t=40650 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
When I was in the Marines (about 10 yrs ago) the used Banyard Vines for there networks. I believe EDS has been hired to upgrade there current network to an IP setup.. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Thursday, March 28, 2002 2:12 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] And I've heard that the US side in Desert Storm used Banyan for their networking systems, not TCP/IP!? Priscilla At 12:05 PM 3/28/02, Howard C. Berkowitz wrote: > >Thats what the DoD taught in their DataCommunications Schools. Sorry Dom. > >Absolutely, positively wrong, though. That's an urban legend that has >been disavowed by every early developer I can think of, including the >DARPA people. It developed out of pure DARPA sponsored research in >networking. > >I'm hard-pressed to think of any nuclear command & control >communications system, before the mid-80's or so, that used TCP/IP, >and at one time I knew pretty much every system that was deployed. >Among the ones I can talk about, they were circuit-switched or radio. >Some of the circuit-switched networks were computer controlled, >including AUTODIN I and a variety of intelligent networks. > >Without detailed research, I'd tend to say the first military TCP/IP >applications were in tactical, not strategic, nets. > >Actually, the first demonstration that packet switched networks were >resilient to massive attack came from the Iraqi air defense system in >Desert Storm. > > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Chuck > >Sent: Thursday, March 28, 2002 9:00 AM > >To: [EMAIL PROTECTED] > >Subject: Re: TCP/IP and DOD [7:39657] > > > > > >the real reason being.? > > > > > > > > > > wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Sorry, the > >> > >> "be resilient to Global Thermal Nuclear attacks" > >> > >> is a myth. > >> > >> Dom Stocqueler > >> > >> > >> > >> > >> > >> "William > >> Gragido" To: > >> [EMAIL PROTECTED] > >>Subject: RE: TCP/IP and DOD > >> [7:39657] > >> Sent > >> by: > >> > >> nobody@groups > >> > >> tudy.com > >> > >> > >> > >> 27/03/2002 > >> > >> 20:17 > >> > >> Please > >> respond > >> to > >> > >> "William > >> > >> Gragido" > >> > >> > >> > >> > >> > >> > >> The DoD adopted TCP/IP as its native protocol for communications in 1983. > >> DARPA lead the charge for a communications system that would be resilient > >> to > >> Global Thermal Nuclear attacks (therein allowing for continued, > >> uninterrupted comm), and would allow for common connectivity of > >> multi-vendor > >> solutions. This of course did yield 'ARPA NET' which, by a decision of > >the > >> DCA (Defense Communications Agency), in 1983 was split in two yielding a > >> smaller version of 'ARPA NET' and 'MILNET'. The evolution of the modern > >> internet can followed done the line from 'ARPA NET' and as we all know by > >> virtue of adding new networks to the mix, 'ARPA NET' was de-regulated in > >> 1991 ushering the age of the modern internet. > >> > >> Hope that helps, > >> > >> Will Gragido > >> > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >> Michael Williams > >> Sent: Wednesday, March 27, 2002 1:37 PM > >> To: [EMAIL PROTECTED] > >> Subject: RE: TCP/IP and DOD [7:39657] > >> > >> > >> It's kinda fuzzy. I myself just got through doing a tech review of a >book > >> covering this topic as well as have written my own "materials" for > >> training, > >> etc covering this topic. IMHO, DoD is credited with "creating the > >> internet" > >> even though at the time it wasn't called the internet and didn't use the > >> same protocols we do now. Although the DoD started the whole mess, from > >> what I've read DoD commisioned ARPANET to research this. I'm sure that > >> peoples are various universities and colleges were in on the actual > >> deveopment evidenced by the fact that in 1971 there were 15 nodes (with a > >> total of 23 hosts), namely UCLA, SRI, UCSB, U of Utah, BBN, MIT, RAND, > >SDC, > >> Harvard, Lincoln Lab, Stanford, UIU(C), CWRU, CMU, and NASA/Ames. Note > >> most > >> of those listed are colleges/universities. I've read some about BBN, > >> however > >> it seems to me their main role was to supply the first "computers" > >> (Honeywell 516 mini computers with 12K of memory) that acted as > >Information > >> Message Processors (IMPs) (routers?). > >> > >> However, I would humbly suggest that Howard B. or Priscilla O. throw >their > >> 2 > >> cents in here. > >> > >> Also, since your doing a technical edit, be careful of the words you > >choose > >> as well. For example you use the word "written" over and over above, but > >I > >> don't think the conversatio
RE: Cisco 2600 with IPSEC to wins2000 environment [7:39798]
Mcgraw-hill has a pretty good book called "Cisco interworking w/Win NT & W2k. It has a good section on Cisco, 2000 & IPsec.. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Darren Sargent Sent: Thursday, March 28, 2002 1:38 PM To: [EMAIL PROTECTED] Subject: RE: Cisco 2600 with IPSEC to wins2000 environment [7:39798] You may want to poke around here - http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_ 3/ipsec.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40647&t=39798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
What?? Those of you who insist on detracting a good conversation with needless comments like that have to much time on your hands, Don. Why don't you and others like you stick to the topic and not be so tempted to provide such a short-sighted remark. Jeffrey W. Hall Network Administrator, MCSE, CCNA, SCSA -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Don Claybrook Sent: Friday, April 05, 2002 6:22 PM To: [EMAIL PROTECTED] Subject: Re: TCP/IP and DOD [7:39657] Well, if we're veering off into the realm of political commentary and putdown, I suppose it's ok to ask whether George W. Bush could spell TCP/IP "all by himself". - Original Message - From: "Brian Zeitz" To: Sent: Friday, April 05, 2002 2:09 PM Subject: RE: TCP/IP and DOD [7:39657] > Yea, it was Al Gore who invented TCP/IP and the internet, all by > himself. > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 4:30 PM > To: [EMAIL PROTECTED] > Subject: RE: TCP/IP and DOD [7:39657] > > Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN > set > up the infrastructure of the ARPANET and got the Interface Message > Processors (routers) and the 56-Kbps links up and running. To use the > ARPANET, universities had to write software for the devices that > connected > to the ARPANET. TCP/IP grew out of that effort. > > Priscilla > > At 03:47 PM 4/5/02, Rico Ortiz wrote: > >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. > Not > >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Steven A. Ridder > >Sent: Wednesday, March 27, 2002 2:05 PM > >To: [EMAIL PROTECTED] > >Subject: TCP/IP and DOD [7:39657] > > > > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was > >written by the Depertment of Defense. I am confident that ARPAnet was > >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived > from > >these early protocls, but to say the the DoD, or BBN or anyone other > than > >the Internet community wrote TCP and IP would be incorrect, right? I > seem > >to remember that IP was used in ArpaNet, but not TCP. I thought TCP > was > >written in various universities. I could even look up the couple (who > used > >to work at Cisco) who wrote it. > > > >-- > > > >RFC 1149 Compliant. > >Get in my head: > >http://sar.dynu.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40646&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCP/IP and DOD [7:39657]
Ya we just had 8 years with a "smart" president. Gimme a break. Going to have me a beer before the liberals outlaw it, tabacco, fatty foods, skateboards, SUVs etc... Dave Don Claybrook wrote: > > Well, if we're veering off into the realm of political commentary and > putdown, I suppose it's ok to ask whether George W. Bush could spell TCP/IP > "all by himself". > > - Original Message - > From: "Brian Zeitz" > To: > Sent: Friday, April 05, 2002 2:09 PM > Subject: RE: TCP/IP and DOD [7:39657] > > > Yea, it was Al Gore who invented TCP/IP and the internet, all by > > himself. > > > > -Original Message- > > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 05, 2002 4:30 PM > > To: [EMAIL PROTECTED] > > Subject: RE: TCP/IP and DOD [7:39657] > > > > Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN > > set > > up the infrastructure of the ARPANET and got the Interface Message > > Processors (routers) and the 56-Kbps links up and running. To use the > > ARPANET, universities had to write software for the devices that > > connected > > to the ARPANET. TCP/IP grew out of that effort. > > > > Priscilla > > > > At 03:47 PM 4/5/02, Rico Ortiz wrote: > > >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. > > Not > > >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > > > > > >-Original Message- > > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > >Steven A. Ridder > > >Sent: Wednesday, March 27, 2002 2:05 PM > > >To: [EMAIL PROTECTED] > > >Subject: TCP/IP and DOD [7:39657] > > > > > > > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was > > >written by the Depertment of Defense. I am confident that ARPAnet was > > >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived > > from > > >these early protocls, but to say the the DoD, or BBN or anyone other > > than > > >the Internet community wrote TCP and IP would be incorrect, right? I > > seem > > >to remember that IP was used in ArpaNet, but not TCP. I thought TCP > > was > > >written in various universities. I could even look up the couple (who > > used > > >to work at Cisco) who wrote it. > > > > > >-- > > > > > >RFC 1149 Compliant. > > >Get in my head: > > >http://sar.dynu.com > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40645&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My interview story [7:40553]
I haven't heard of any role-playing, but Microsoft does implement logic puzzles into the interviews, which are usually connected with 3 or more people individually. The goal is to determine how you think. Most real world solutions to problems can be applied to technological hurdles, or problems. As an example: Prep: You have an empty box, a lock, a key for your lock, and a diamond. Your friend has an empty box, a lock, and a key for his lock. Goal: You want to get the diamond to your friend via courier. However the courier will steal anything that is not locked. How do you do this? Another example: If you have 2 20' poles, a 32' rope strung between them, and the lowest point of the rope is 4' off of the ground, how far apart are the poles? It gauges how one thinks and handles situations. -Original Message- From: nrf [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 12:54 PM To: [EMAIL PROTECTED] Subject: Re: My interview story [7:40553] Strange and silly as some of these games seem, it is often the case that many high-profile companies, tech or otherwise, incorporate these games into their hiring processes. Microsoft in the old days, for example, used to make extensive use of this kind of game role-playing in their interviews (don't know whether they do that anymore). Oracle too (one possibly apocryphal story - when Oracle was starting out, Oracle would ask a candidates who were coming straight out of college whether he was the smartest student he knew, if the candidate answered 'yes', then the candidate qualified for a round-2 interview, but if the candidate said no, then Oracle would ask then if you're not the smartest student you know, then who is, and then they would try to hire that person). Management consultancies and Wall-Street investment banks are also notorious for this as well. You may say to yourself that these games are ridiculous and ask yourself why you have to jump through these silly hoops, and how management is dumb for forcing candidates to go through these games, and yes that's true, but sometimes the position is worth it. I for one definitely wouldn't have minded getting into Microsoft in, say, 1990. ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > That reminds me of what happened to the husband of a coworker. He > worked for a division of GE and they had some social engineering week > where everyone was supposed to wear the same colored T-shirt each day. > For example, the first day everyone wears red. The second day they all > were green, etc. Ugh... Aren't we here to do actual work and not waste > time on this garbage? > > I think I'd wear black all week. ;-) Or, I might wear white claiming > that white reflects all colors of the rainbow and I'm therefore it is > the best choice of color for a politically correct wardrobe. I > definitely would NOT rush out to buy a bunch of T-shirts just to satisfy > such a silly requirement. > > I must reiterate that it is VERY dangerous for managers to have too > much spare time! > > John > > >>> "Priscilla Oppenheimer" 4/5/02 12:13:52 PM > >>> > Catbert has a little too much power in that department at Schlumberger. > I > would tell them to go take a hike. ;-) If they interview with games > like > that, think about what else they might make you do: > > 1) Go on team-building excursions while the mission-critical network > is > failing > 2) Promise never to flirt with any of your co-workers > 3) Attend monthly meetings that will help you learn how never to flirt > > with your co-workers > 4) Pee in a cup while an HR flunky stands outside the stall > 5) Get the company's mission statement tattooed on your chest > 6) Agree to dress casually on just one day of the week (Friday) > 7) Add 300-word messages to the bottom of all e-mails saying that the > > company can't be held accountable for what you say > 8) Provide information on every pimple you ever had so that company > insurance can say it was a pre-existing condition > 9) Provide information about your personal insurance so if you have an > > accident while on a business trip the company can avoid incurring > costs > 10) Promise never to use words that HR doesn't understand but thinks > sound > vaguely illegal, such as "pedagogical" > > The last one really happened! See here: > > http://www.britishexpat.com/pfun/madoffice.htm > > Priscilla > > > > At 10:32 AM 4/5/02, [EMAIL PROTECTED] wrote: > >I agree with the summary, the desert game is used to develop team > skills > >and inspire group communication allowing employees who are not > outspoken to > >share in the decision making process. But this should not have been > used > >as a 'one test' for hire decision. If that is so, the Human Resources > dept > >has made errors that will eventually bring the effectiveness of the > >company/unit to zero, when that happens, higher ups will take a look > and > >heads wi
Re: apache [7:40616]
No, no, no, apache is part of ciscoworks, and it works on port 1741. Yangchun, are there error messages in logs/error.log file ? Sasa Mark Odette II wrote: > > look at the contention of HTTP Service Ports- In plain terms, check to make > sure that only CiscoWorks or Apache is using Port 80 to answer HTTP > requests. If Apache is preferred to do so, you need to CiscoWorks to use a > different Port to start its HTTP Service. > > It sounds to me like both apps are configured to use port 80 to start their > HTTP Server service, and CiscoWorks is starting before Apache can, > dominating the Port. > > That's my guess. > > Mark > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > yangchun > Sent: Friday, April 05, 2002 11:01 AM > To: [EMAIL PROTECTED] > Subject: apache [7:40616] > > dear all: > when i install the ciscowork200 the apache don't start .display : > Could not start the Apache Webserver service on local computer. > Error 1053: The service did not respond to the start or control request in a > timely fashio. > thanks you very very much! > > -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40643&t=40616 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCP/IP and DOD [7:39657]
Well, if we're veering off into the realm of political commentary and putdown, I suppose it's ok to ask whether George W. Bush could spell TCP/IP "all by himself". - Original Message - From: "Brian Zeitz" To: Sent: Friday, April 05, 2002 2:09 PM Subject: RE: TCP/IP and DOD [7:39657] > Yea, it was Al Gore who invented TCP/IP and the internet, all by > himself. > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 4:30 PM > To: [EMAIL PROTECTED] > Subject: RE: TCP/IP and DOD [7:39657] > > Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN > set > up the infrastructure of the ARPANET and got the Interface Message > Processors (routers) and the 56-Kbps links up and running. To use the > ARPANET, universities had to write software for the devices that > connected > to the ARPANET. TCP/IP grew out of that effort. > > Priscilla > > At 03:47 PM 4/5/02, Rico Ortiz wrote: > >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. > Not > >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Steven A. Ridder > >Sent: Wednesday, March 27, 2002 2:05 PM > >To: [EMAIL PROTECTED] > >Subject: TCP/IP and DOD [7:39657] > > > > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was > >written by the Depertment of Defense. I am confident that ARPAnet was > >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived > from > >these early protocls, but to say the the DoD, or BBN or anyone other > than > >the Internet community wrote TCP and IP would be incorrect, right? I > seem > >to remember that IP was used in ArpaNet, but not TCP. I thought TCP > was > >written in various universities. I could even look up the couple (who > used > >to work at Cisco) who wrote it. > > > >-- > > > >RFC 1149 Compliant. > >Get in my head: > >http://sar.dynu.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40642&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My interview story [7:40553]
I haven't heard of any role-playing, but Microsoft does implement logic puzzles into the interviews, which are usually connected with 3 or more people individually. The goal is to determine how you think. Most real world solutions to problems can be applied to technological hurdles, or problems. As an example: Prep: You have an empty box, a lock, a key for your lock, and a diamond. Your friend has an empty box, and a lock for his box. Goal: You want to get the diamond to your friend via courier. However the courier will steal anything that is not locked. How do you do this? Another example: If you have 2 20' poles, a 32' rope strung between them, and the lowest point of the rope is 4' off of the ground, how far apart are the poles? It gauges how one thinks and handles situations. -Original Message- From: nrf [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 12:54 PM To: [EMAIL PROTECTED] Subject: Re: My interview story [7:40553] Strange and silly as some of these games seem, it is often the case that many high-profile companies, tech or otherwise, incorporate these games into their hiring processes. Microsoft in the old days, for example, used to make extensive use of this kind of game role-playing in their interviews (don't know whether they do that anymore). Oracle too (one possibly apocryphal story - when Oracle was starting out, Oracle would ask a candidates who were coming straight out of college whether he was the smartest student he knew, if the candidate answered 'yes', then the candidate qualified for a round-2 interview, but if the candidate said no, then Oracle would ask then if you're not the smartest student you know, then who is, and then they would try to hire that person). Management consultancies and Wall-Street investment banks are also notorious for this as well. You may say to yourself that these games are ridiculous and ask yourself why you have to jump through these silly hoops, and how management is dumb for forcing candidates to go through these games, and yes that's true, but sometimes the position is worth it. I for one definitely wouldn't have minded getting into Microsoft in, say, 1990. ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > That reminds me of what happened to the husband of a coworker. He > worked for a division of GE and they had some social engineering week > where everyone was supposed to wear the same colored T-shirt each day. > For example, the first day everyone wears red. The second day they all > were green, etc. Ugh... Aren't we here to do actual work and not waste > time on this garbage? > > I think I'd wear black all week. ;-) Or, I might wear white claiming > that white reflects all colors of the rainbow and I'm therefore it is > the best choice of color for a politically correct wardrobe. I > definitely would NOT rush out to buy a bunch of T-shirts just to satisfy > such a silly requirement. > > I must reiterate that it is VERY dangerous for managers to have too > much spare time! > > John > > >>> "Priscilla Oppenheimer" 4/5/02 12:13:52 PM > >>> > Catbert has a little too much power in that department at Schlumberger. > I > would tell them to go take a hike. ;-) If they interview with games > like > that, think about what else they might make you do: > > 1) Go on team-building excursions while the mission-critical network > is > failing > 2) Promise never to flirt with any of your co-workers > 3) Attend monthly meetings that will help you learn how never to flirt > > with your co-workers > 4) Pee in a cup while an HR flunky stands outside the stall > 5) Get the company's mission statement tattooed on your chest > 6) Agree to dress casually on just one day of the week (Friday) > 7) Add 300-word messages to the bottom of all e-mails saying that the > > company can't be held accountable for what you say > 8) Provide information on every pimple you ever had so that company > insurance can say it was a pre-existing condition > 9) Provide information about your personal insurance so if you have an > > accident while on a business trip the company can avoid incurring > costs > 10) Promise never to use words that HR doesn't understand but thinks > sound > vaguely illegal, such as "pedagogical" > > The last one really happened! See here: > > http://www.britishexpat.com/pfun/madoffice.htm > > Priscilla > > > > At 10:32 AM 4/5/02, [EMAIL PROTECTED] wrote: > >I agree with the summary, the desert game is used to develop team > skills > >and inspire group communication allowing employees who are not > outspoken to > >share in the decision making process. But this should not have been > used > >as a 'one test' for hire decision. If that is so, the Human Resources > dept > >has made errors that will eventually bring the effectiveness of the > >company/unit to zero, when that happens, higher ups will take a look > and > >heads will roll.
FW: cisco lab [7:40625]
im Sorry for not putting my ip address scheme i hope it makes more sense! sorry larry Im currently going over the routing class so i can practice for my ccie . I know its a good review and will help me have a more solid understanding of routing... i tried to make this simple scenario and for some reason its not working maybe im missing something. my setup is the following (s1) (s0)backbone router---s1-r1 | |(e0) | | (SO) | | r4 (s1) r2(e0) | | | (s0)| r3 now i enable igrp 200 for all the router the serial links for r4 s0 10.1.1.1 /24 r4 s1 192.168.1.17 /28 backbone so is 10.1.1.100 /24 and s1 10.12.12.100 /24 and the serials for r3 192.168.1.18 /28 r2 e0 192.168.1.34/28 and 192.168.0.0 network. whe i do a ip route in backbone router for 192.168.X.x i get network not in table ? why?n if i am advertising it should't the other routers show it whithin their routing tables i have the running config if that helps I can ping from r3 to r4 however after but unable to get the backbone router same applies to the r2 i have on backbone router & r4 7r1 igrp 200 network 10.0.0.0 network 192.168.0.0 how come if all the routers are running the same routing protocol i cant see the 10.0.0.0 routers advertised Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40640&t=40625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
Yea, it was Al Gore who invented TCP/IP and the internet, all by himself. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 4:30 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN set up the infrastructure of the ARPANET and got the Interface Message Processors (routers) and the 56-Kbps links up and running. To use the ARPANET, universities had to write software for the devices that connected to the ARPANET. TCP/IP grew out of that effort. Priscilla At 03:47 PM 4/5/02, Rico Ortiz wrote: >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. Not >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Steven A. Ridder >Sent: Wednesday, March 27, 2002 2:05 PM >To: [EMAIL PROTECTED] >Subject: TCP/IP and DOD [7:39657] > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was >written by the Depertment of Defense. I am confident that ARPAnet was >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived from >these early protocls, but to say the the DoD, or BBN or anyone other than >the Internet community wrote TCP and IP would be incorrect, right? I seem >to remember that IP was used in ArpaNet, but not TCP. I thought TCP was >written in various universities. I could even look up the couple (who used >to work at Cisco) who wrote it. > >-- > >RFC 1149 Compliant. >Get in my head: >http://sar.dynu.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40639&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tftp [7:40403]
I have found PumpKIN to be very useful. http://www.klever.net/kin/pumpkin.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40638&t=40403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
Vint Cerf wasn't commissioned. He was a graduate student at UCLA. BBN set up the infrastructure of the ARPANET and got the Interface Message Processors (routers) and the 56-Kbps links up and running. To use the ARPANET, universities had to write software for the devices that connected to the ARPANET. TCP/IP grew out of that effort. Priscilla At 03:47 PM 4/5/02, Rico Ortiz wrote: >My understanding is Vint Cerf, was the creator of the TCP/IP protocols. Not >sure but was he not commissioned by DOD/BBN during the ARPAnet days.. > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Steven A. Ridder >Sent: Wednesday, March 27, 2002 2:05 PM >To: [EMAIL PROTECTED] >Subject: TCP/IP and DOD [7:39657] > > >I am a technical reviewer for a book, and someone wrote that TCP/IP was >written by the Depertment of Defense. I am confident that ARPAnet was >commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived from >these early protocls, but to say the the DoD, or BBN or anyone other than >the Internet community wrote TCP and IP would be incorrect, right? I seem >to remember that IP was used in ArpaNet, but not TCP. I thought TCP was >written in various universities. I could even look up the couple (who used >to work at Cisco) who wrote it. > >-- > >RFC 1149 Compliant. >Get in my head: >http://sar.dynu.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40637&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:40525]
This is how I would skin this cat ;) Run Ethernet between your two gateway routers, then make them IBGP peers. Have have your other routers connected to both gateway routers. Your 3600, and 2600's should then do per-dest load balancing for their default route. The smaller routers send their traffic to on of the gateway routers, then allow the gateway routers decide between themself which is the best route out. You may not always get the most optaimal route (one extra hop), but it will work and will save you from have to buy another router, and setting your self up for a Single Point of Failure. We are about to add a second gateway router ourself and this is the way we are going, until we can push IBGP futher into our core. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40636&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Double Login Prompt Appears...Why?? [7:40554]
Then that must be it...First the Term Serv is asking me to authenticate on the line and then the router is asking me to authenticate again...Makes senseWow! A double login...Looks like better security though could be annoying!! Thank you for your help. >From: "David C Prall" >Reply-To: "David C Prall" >To: [EMAIL PROTECTED] >Subject: RE: Double Login Prompt Appears...Why?? [7:40554] >Date: Thu, 4 Apr 2002 22:05:46 -0500 > >Do you have authentication enable on the Terminal Server. You are being >prompted by the Terminal Server, then you are being prompted by the Routers >Console port. > >David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Cisco Nuts > > Sent: Thursday, April 04, 2002 9:33 PM > > To: [EMAIL PROTECTED] > > Subject: Double Login Prompt Appears...Why?? [7:40554] > > > > > > Hello, I have the following config. on my routers. Whenever I telnet to > > my Term Serv and reverse telnet to my routers, I get the prompt to login > > twice as you can see below. Any ideas why??Thank you for your help. aaa > > authentication password-prompt Password# > > aaa authentication username-prompt Login# > > aaa authentication login default local none > > aaa authentication ppp default local none > > line con 0 > > exec-timeout 305 0 > > logging synchronous TS#rtc > > Trying RTC (1.1.1.1, 2042)... Open"Login only if you are Authorized" else > > . "Thou Be Doomed" > > User Access VerificationLogin#cisco > > Password#"Login only if you are Authorized" else . "Thou Be > > Doomed" Login#cisco > > Password#RTC>en > > Password# > > RTC# > > > > > > > > Chat with friends online, try MSN Messenger: Click Here > > > > misconduct and Nondisclosure violations to [EMAIL PROTECTED] Send and receive Hotmail on your mobile device: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40635&t=40554 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: My interview story [7:40553]
Strange and silly as some of these games seem, it is often the case that many high-profile companies, tech or otherwise, incorporate these games into their hiring processes. Microsoft in the old days, for example, used to make extensive use of this kind of game role-playing in their interviews (don't know whether they do that anymore). Oracle too (one possibly apocryphal story - when Oracle was starting out, Oracle would ask a candidates who were coming straight out of college whether he was the smartest student he knew, if the candidate answered 'yes', then the candidate qualified for a round-2 interview, but if the candidate said no, then Oracle would ask then if you're not the smartest student you know, then who is, and then they would try to hire that person). Management consultancies and Wall-Street investment banks are also notorious for this as well. You may say to yourself that these games are ridiculous and ask yourself why you have to jump through these silly hoops, and how management is dumb for forcing candidates to go through these games, and yes that's true, but sometimes the position is worth it. I for one definitely wouldn't have minded getting into Microsoft in, say, 1990. ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > That reminds me of what happened to the husband of a coworker. He > worked for a division of GE and they had some social engineering week > where everyone was supposed to wear the same colored T-shirt each day. > For example, the first day everyone wears red. The second day they all > were green, etc. Ugh... Aren't we here to do actual work and not waste > time on this garbage? > > I think I'd wear black all week. ;-) Or, I might wear white claiming > that white reflects all colors of the rainbow and I'm therefore it is > the best choice of color for a politically correct wardrobe. I > definitely would NOT rush out to buy a bunch of T-shirts just to satisfy > such a silly requirement. > > I must reiterate that it is VERY dangerous for managers to have too > much spare time! > > John > > >>> "Priscilla Oppenheimer" 4/5/02 12:13:52 PM > >>> > Catbert has a little too much power in that department at Schlumberger. > I > would tell them to go take a hike. ;-) If they interview with games > like > that, think about what else they might make you do: > > 1) Go on team-building excursions while the mission-critical network > is > failing > 2) Promise never to flirt with any of your co-workers > 3) Attend monthly meetings that will help you learn how never to flirt > > with your co-workers > 4) Pee in a cup while an HR flunky stands outside the stall > 5) Get the company's mission statement tattooed on your chest > 6) Agree to dress casually on just one day of the week (Friday) > 7) Add 300-word messages to the bottom of all e-mails saying that the > > company can't be held accountable for what you say > 8) Provide information on every pimple you ever had so that company > insurance can say it was a pre-existing condition > 9) Provide information about your personal insurance so if you have an > > accident while on a business trip the company can avoid incurring > costs > 10) Promise never to use words that HR doesn't understand but thinks > sound > vaguely illegal, such as "pedagogical" > > The last one really happened! See here: > > http://www.britishexpat.com/pfun/madoffice.htm > > Priscilla > > > > At 10:32 AM 4/5/02, [EMAIL PROTECTED] wrote: > >I agree with the summary, the desert game is used to develop team > skills > >and inspire group communication allowing employees who are not > outspoken to > >share in the decision making process. But this should not have been > used > >as a 'one test' for hire decision. If that is so, the Human Resources > dept > >has made errors that will eventually bring the effectiveness of the > >company/unit to zero, when that happens, higher ups will take a look > and > >heads will roll. but the process can be too long. Mark should be > glad he > >didn't get the job. > > > > > >Have a good day. > > > > > > > >Kevin McCarty > >CCNA CCNP > >Computer Sciences Corporation > >Defense Sector > > > > > > > > > > > >John > > NeibergerTo: > >[EMAIL PROTECTED] > > Subject: Re: My interview story > >[7:40553] > > Sent > >by: > > > >nobody > > > > > > > > > > > >04/04/2002 > > 08:39 > >PM > > > >Please > > respond > >to > > > >John > > > >Neiberger > > > > > > > > > > > > > > > > > >Why would you want to work for a place with such stupid > >interviews in the first place? If they select their employees > >based on how they play "Stranded in the Desert" or whatever the > >heck that was, then it's probably best you don't work there. > >I'm sure the management there is awful. > > > >Stuff like that is a sure sign their managers have too much > >time on their hands, and the
RE: My interview story [7:40553]
As soon as someone said "you have to play a game" I would take my stuff and leave. What would happen when you actually got the job? They would feed you peanuts, and have you shufflin', smilin' and dancing for the VPs? I don't play that game. Most of the interviews I have gone on, they asked me very few questions. I guess my track record and resume' tells a lot of the story. I think the way you present your ideas, and hold a conversation is important. They make "small talk" so they can envision how you will fit in with the company. Like they asked me about "sports" although I don't like sports, I made up something like "yea, how about this stadium or something." I guess that was good because it showed I wasn't totally ignorant and was able to think on my feet. Interviews are usually mostly a sales pitch from you. You are selling yourself to them. But playing games crosses the line, I am a professional, and that is kind of degrading in my opinion. > On Thu, 4 Apr 2002, Mark Zhang ([EMAIL PROTECTED]) >wrote: > > > hi,everybody,I have a interview appointment at 9:00 AM. > > The position is Network Engineer in SNS(schlumberger network >solutions > > sector).But I falled,at least i think so. > > At first,every candidater have a chance to intraduce oneself >for 1 > > minute in > > English.Then every 5 person get a group to play a game named >Desert > > Survive.Game as this:Just image you and some people lose in a >deep > > desert by > > an airplane problem,so plz list the most important thing to >the lest > > from 15 > > tools you could use,first time by your own choose,the second >by your > > group. > > Maybe I do not show good in the self-introduce,then I paly >the game,I > > choose > > more close to the expert answer the my group,but the >schlumberger do not > > think I as the right person they are looking for. > > what a pity!I experienced in Motorola and a network >company,have design > > a > > large scare voip network include about 40 nods,familiar with >Cisco,But > > why?Just because a lose in the game? > > > > B.RMark Zhang > > > > > > - > > Do You Yahoo!? > > Yahoo! Tax Center - online filing with TurboTax >[EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40633&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
My understanding is Vint Cerf, was the creator of the TCP/IP protocols. Not sure but was he not commissioned by DOD/BBN during the ARPAnet days.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Wednesday, March 27, 2002 2:05 PM To: [EMAIL PROTECTED] Subject: TCP/IP and DOD [7:39657] I am a technical reviewer for a book, and someone wrote that TCP/IP was written by the Depertment of Defense. I am confident that ARPAnet was commissiond by the DoD in the 60's to BBN, and maybe TCP/IP was derived from these early protocls, but to say the the DoD, or BBN or anyone other than the Internet community wrote TCP and IP would be incorrect, right? I seem to remember that IP was used in ArpaNet, but not TCP. I thought TCP was written in various universities. I could even look up the couple (who used to work at Cisco) who wrote it. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40632&t=39657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco lab [7:40625]
Maybe discontiguos(sp) networks, since the igrp protocol does not send subnet mask info with the packets. I am not sure since the diagram and the text dont match real well... Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 11:30 AM To: [EMAIL PROTECTED] Subject: cisco lab [7:40625] Im currently going over the routing class so i can practice for my ccie . I know its a good review and will help me have a more solid understanding of routing... i tried to make this simple scenario and for some reason its not working maybe im missing something. my setup is the following backbone router---s1-r1 | | | | | | r4r2 | | | | r3 now i enable igrp 200 for all the router the serial links for r4 and r2 are in 10.0.0.0 network and the serials for r3 and r2 and 192.168.0.0 network. whe i do a ip route in backbone router for 192.168.X.x i get network not in table ? why?n if i am advertising it should't the other routers show it whithin their routing tables i have the running config if that helps I can ping from r3 to r4 however after but unable to get the backbone router same applies to the r2 i have on backbone router igrp 200 network 10.0.0.0 network 192.168.0.0 how come if all the routers are running the same routing protocol i cant see the 10.0.0.0 routers advertised r4 and r1 are also advertising both networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40631&t=40625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: My interview story [7:40553]
That reminds me of what happened to the husband of a coworker. He worked for a division of GE and they had some social engineering week where everyone was supposed to wear the same colored T-shirt each day. For example, the first day everyone wears red. The second day they all were green, etc. Ugh... Aren't we here to do actual work and not waste time on this garbage? I think I'd wear black all week. ;-) Or, I might wear white claiming that white reflects all colors of the rainbow and I'm therefore it is the best choice of color for a politically correct wardrobe. I definitely would NOT rush out to buy a bunch of T-shirts just to satisfy such a silly requirement. I must reiterate that it is VERY dangerous for managers to have too much spare time! John >>> "Priscilla Oppenheimer" 4/5/02 12:13:52 PM >>> Catbert has a little too much power in that department at Schlumberger. I would tell them to go take a hike. ;-) If they interview with games like that, think about what else they might make you do: 1) Go on team-building excursions while the mission-critical network is failing 2) Promise never to flirt with any of your co-workers 3) Attend monthly meetings that will help you learn how never to flirt with your co-workers 4) Pee in a cup while an HR flunky stands outside the stall 5) Get the company's mission statement tattooed on your chest 6) Agree to dress casually on just one day of the week (Friday) 7) Add 300-word messages to the bottom of all e-mails saying that the company can't be held accountable for what you say 8) Provide information on every pimple you ever had so that company insurance can say it was a pre-existing condition 9) Provide information about your personal insurance so if you have an accident while on a business trip the company can avoid incurring costs 10) Promise never to use words that HR doesn't understand but thinks sound vaguely illegal, such as "pedagogical" The last one really happened! See here: http://www.britishexpat.com/pfun/madoffice.htm Priscilla At 10:32 AM 4/5/02, [EMAIL PROTECTED] wrote: >I agree with the summary, the desert game is used to develop team skills >and inspire group communication allowing employees who are not outspoken to >share in the decision making process. But this should not have been used >as a 'one test' for hire decision. If that is so, the Human Resources dept >has made errors that will eventually bring the effectiveness of the >company/unit to zero, when that happens, higher ups will take a look and >heads will roll. but the process can be too long. Mark should be glad he >didn't get the job. > > >Have a good day. > > > >Kevin McCarty >CCNA CCNP >Computer Sciences Corporation >Defense Sector > > > > > >John > NeibergerTo: >[EMAIL PROTECTED] > Subject: Re: My interview story >[7:40553] > Sent >by: > >nobody > > > > > >04/04/2002 > 08:39 >PM > >Please > respond >to > >John > >Neiberger > > > > > > > > >Why would you want to work for a place with such stupid >interviews in the first place? If they select their employees >based on how they play "Stranded in the Desert" or whatever the >heck that was, then it's probably best you don't work there. >I'm sure the management there is awful. > >Stuff like that is a sure sign their managers have too much >time on their hands, and there's almost nothing worse than a >clueless manager with too much time. > >Someone needs to send those managers a Dilbert calendar! > >I'm sorry to hear it didn't go well, but you should forget >about them and move on to a better company. > >John > > > > On Thu, 4 Apr 2002, Mark Zhang ([EMAIL PROTECTED]) >wrote: > > > hi,everybody,I have a interview appointment at 9:00 AM. > > The position is Network Engineer in SNS(schlumberger network >solutions > > sector).But I falled,at least i think so. > > At first,every candidater have a chance to intraduce oneself >for 1 > > minute in > > English.Then every 5 person get a group to play a game named >Desert > > Survive.Game as this:Just image you and some people lose in a >deep > > desert by > > an airplane problem,so plz list the most important thing to >the lest > > from 15 > > tools you could use,first time by your own choose,the second >by your > > group. > > Maybe I do not show good in the self-introduce,then I paly >the game,I > > choose > > more close to the expert answer the my group,but the >schlumberger do not > > think I as the right person they are looking for. > > what a pity!I experienced in Motorola and a network >company,have design > > a > > large scare voip network include about 40 nods,familiar with >Cisco,But > > why?Just because a lose in the game? > > > > B.RMark Zhang > > > > > > - > > Do You Yahoo!? > > Yahoo! Tax Center - online filing with TurboTax >[EMAIL PROTECTED] Pri
Re: RE: My interview story [7:40553]
Guys; This scenario sounds like something straight from the book of my Project Management Course. Spelunking and Forest fire are the two other scenarios our groups of us were testing and developing our IT Project Management egos, we also get to play with logo blocks. It does work. I was as surprised with this approach as you seems to be, but it got me on a right track. It allows to qualify the project management skills. Kind Regards, Anna --- John Neiberger wrote: > That may be true, but it just sounds like something > straight > off the pages of Dilbert. :-) > > I know personally I wouldn't respond to such an > interview > well. If someone wants to test my creativity and > troubleshooting, then they should mock up a lab and > throw it at > me. Perhaps that's because I'm not used to the idea > of being > psychologically tested during an interview. > > What's next, ink blot tests? Values clarification > drills? > Written personality tests? I can see it now: > "We're sorry, > you're an INTJ but we really want an ESTJ for this > position." > > Okay, I've got to stop answering email this early. > :-) > > John > > > > On Fri, 5 Apr 2002, Jay Dunn ([EMAIL PROTECTED]) > wrote: > > > This test may sound stupid, but based on Mark's > description > I'd say they > > were attempting to assess creativity and > troubleshooting > skills. > > Sometimes pure technical skills aren't enough. > Thinking "outside the > > box" is a big part of what an employer is looking > for. I'd > say a company > > as big as SNS has plenty of experience in hiring > and knows > what they're > > doing in making this part of the interview. > > > > Jay Dunn > > IPI*GrammTech, Ltd. > > www.ipi-gt.com > > Nunquam Facilis Est > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On > Behalf Of > > John Neiberger > > Sent: Thursday, April 04, 2002 8:39 PM > > To: [EMAIL PROTECTED] > > Subject: Re: My interview story [7:40553] > > > > Why would you want to work for a place with such > stupid > > interviews in the first place? If they select > their > employees > > based on how they play "Stranded in the Desert" or > whatever > the > > heck that was, then it's probably best you don't > work there. > > I'm sure the management there is awful. > > > > Stuff like that is a sure sign their managers have > too much > > time on their hands, and there's almost nothing > worse than a > > clueless manager with too much time. > > > > Someone needs to send those managers a Dilbert > calendar! > > > > I'm sorry to hear it didn't go well, but you > should forget > > about them and move on to a better company. > > > > John > > > > > > > > On Thu, 4 Apr 2002, Mark Zhang > ([EMAIL PROTECTED]) > > wrote: > > > > > hi,everybody,I have a interview appointment at > 9:00 AM. > > > The position is Network Engineer in > SNS(schlumberger > network > > solutions > > > sector).But I falled,at least i think so. > > > At first,every candidater have a chance to > intraduce > oneself > > for 1 > > > minute in > > > English.Then every 5 person get a group to play > a game > named > > Desert > > > Survive.Game as this:Just image you and some > people lose in > a > > deep > > > desert by > > > an airplane problem,so plz list the most > important thing to > > the lest > > > from 15 > > > tools you could use,first time by your own > choose,the > second > > by your > > > group. > > > Maybe I do not show good in the > self-introduce,then I paly > > the game,I > > > choose > > > more close to the expert answer the my group,but > the > > schlumberger do not > > > think I as the right person they are looking > for. > > > what a pity!I experienced in Motorola and a > network > > company,have design > > > a > > > large scare voip network include about 40 > nods,familiar > with > > Cisco,But > > > why?Just because a lose in the game? > > > > > > B.RMark Zhang > > > > > > > > > - > > > Do You Yahoo!? > > > Yahoo! Tax Center - online filing with TurboTax > > [EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] __ Music, Movies, Sports, Games! http://entertainment.yahoo.ca Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40628&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ethernet interface keepalives [7:40432]
At 07:54 AM 4/5/02, bergenpeak wrote: >Thanks for the comments so far. > >Does the ethernet keepalive mechanism have any value when the >interface is operating in full duplex mode? I think so. I haven't found anything that recommends turning it off just because you are using full duplex anyway. > Will the remote-end >reply or echo the frame? I doubt it, since the frame is addressed to the sender. >In full duplex mode, the interface is not actively sensing the >transmission, right? At a hardware level I would guess that every transceiver can figure out if sending is working, but I don't know for sure. At the data-link layer, there's no need to sense for a collision while sending if in full duplex mode, but I think a transceiver can still test sending at the physical layer. >So how does the interface know that >transmission was really successful. It probably doesn't know the frame got anywhere, but it knows that the bits went out. I probably shouldn't have said it tests the receiver circuitry. It probably never did test the receiver circuitry, come to think of it. Even with coax, once the frame goes out, it's gone. It doesn't reflect back unless there is a problem. The frame is addressed to the sender to avoid disturbing anyone else more than to check receiver capabilities. Obviously, I don't know the exact answer. Maybe you could research it for us. ;-) >Thanks > > > >Priscilla Oppenheimer wrote: > > > > The router sends a message to itself every 10 seconds. It actually uses the > > old loopback message from the original Ethernet specification: > > > > Ethernet Header > >Destination: 00:00:0C:05:3E:80 > >Source: 00:00:0C:05:3E:80 > >Protocol Type:0x9000 > >Packet Data: 46 bytes (all zeros) > > > > The frame really does go out on the network, despite it being addressed to > > the sender. So the router can judge its ability to send and receive. > > > > Priscilla > > > > At 10:49 PM 4/3/02, bergenpeak wrote: > > >What exactly does this do? > > > > > >Thanks > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40626&t=40432 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco lab [7:40625]
Im currently going over the routing class so i can practice for my ccie . I know its a good review and will help me have a more solid understanding of routing... i tried to make this simple scenario and for some reason its not working maybe im missing something. my setup is the following backbone router---s1-r1 | | | | | | r4r2 | | | | r3 now i enable igrp 200 for all the router the serial links for r4 and r2 are in 10.0.0.0 network and the serials for r3 and r2 and 192.168.0.0 network. whe i do a ip route in backbone router for 192.168.X.x i get network not in table ? why?n if i am advertising it should't the other routers show it whithin their routing tables i have the running config if that helps I can ping from r3 to r4 however after but unable to get the backbone router same applies to the r2 i have on backbone router igrp 200 network 10.0.0.0 network 192.168.0.0 how come if all the routers are running the same routing protocol i cant see the 10.0.0.0 routers advertised r4 and r1 are also advertising both networks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40625&t=40625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ancient Isdn bri wisdom ? [7:40586]
I would also add a bit of advice about WFQ and PPP Muilt-link. IOS, at lest, 12.0(7)T on a 3600, will allow you to put WFQ on the Virtual-Template interface for the PPP ML. DO NOT DO IT. I tried just a few days agao, and performace suffered a great deal. I am not sure why, but WFQ and PPP Muilt-link don't get along. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40627&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: My interview story [7:40553]
Catbert has a little too much power in that department at Schlumberger. I would tell them to go take a hike. ;-) If they interview with games like that, think about what else they might make you do: 1) Go on team-building excursions while the mission-critical network is failing 2) Promise never to flirt with any of your co-workers 3) Attend monthly meetings that will help you learn how never to flirt with your co-workers 4) Pee in a cup while an HR flunky stands outside the stall 5) Get the company's mission statement tattooed on your chest 6) Agree to dress casually on just one day of the week (Friday) 7) Add 300-word messages to the bottom of all e-mails saying that the company can't be held accountable for what you say 8) Provide information on every pimple you ever had so that company insurance can say it was a pre-existing condition 9) Provide information about your personal insurance so if you have an accident while on a business trip the company can avoid incurring costs 10) Promise never to use words that HR doesn't understand but thinks sound vaguely illegal, such as "pedagogical" The last one really happened! See here: http://www.britishexpat.com/pfun/madoffice.htm Priscilla At 10:32 AM 4/5/02, [EMAIL PROTECTED] wrote: >I agree with the summary, the desert game is used to develop team skills >and inspire group communication allowing employees who are not outspoken to >share in the decision making process. But this should not have been used >as a 'one test' for hire decision. If that is so, the Human Resources dept >has made errors that will eventually bring the effectiveness of the >company/unit to zero, when that happens, higher ups will take a look and >heads will roll. but the process can be too long. Mark should be glad he >didn't get the job. > > >Have a good day. > > > >Kevin McCarty >CCNA CCNP >Computer Sciences Corporation >Defense Sector > > > > > >John > NeibergerTo: >[EMAIL PROTECTED] > Subject: Re: My interview story >[7:40553] > Sent >by: > >nobody > > > > > >04/04/2002 > 08:39 >PM > >Please > respond >to > >John > >Neiberger > > > > > > > > >Why would you want to work for a place with such stupid >interviews in the first place? If they select their employees >based on how they play "Stranded in the Desert" or whatever the >heck that was, then it's probably best you don't work there. >I'm sure the management there is awful. > >Stuff like that is a sure sign their managers have too much >time on their hands, and there's almost nothing worse than a >clueless manager with too much time. > >Someone needs to send those managers a Dilbert calendar! > >I'm sorry to hear it didn't go well, but you should forget >about them and move on to a better company. > >John > > > > On Thu, 4 Apr 2002, Mark Zhang ([EMAIL PROTECTED]) >wrote: > > > hi,everybody,I have a interview appointment at 9:00 AM. > > The position is Network Engineer in SNS(schlumberger network >solutions > > sector).But I falled,at least i think so. > > At first,every candidater have a chance to intraduce oneself >for 1 > > minute in > > English.Then every 5 person get a group to play a game named >Desert > > Survive.Game as this:Just image you and some people lose in a >deep > > desert by > > an airplane problem,so plz list the most important thing to >the lest > > from 15 > > tools you could use,first time by your own choose,the second >by your > > group. > > Maybe I do not show good in the self-introduce,then I paly >the game,I > > choose > > more close to the expert answer the my group,but the >schlumberger do not > > think I as the right person they are looking for. > > what a pity!I experienced in Motorola and a network >company,have design > > a > > large scare voip network include about 40 nods,familiar with >Cisco,But > > why?Just because a lose in the game? > > > > B.RMark Zhang > > > > > > - > > Do You Yahoo!? > > Yahoo! Tax Center - online filing with TurboTax >[EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40624&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2620 or 2610 [7:40603]
Sounds like someone put a 2620 board in a 2610 case. Your gain. Craig At 10:45 AM 4/5/2002 -0500, you wrote: >ok, here is one I have never heard. > >Router says 2610 on it. Sh ver says 2620. Router has ethernet interface >(it says 2610), but ios makes you configure a f0/0 interface. > >Mac address for interface is 0002.16f8.2380 > >I can find out through and oui serach that 000216 is cisco, but does anybody >know how to check the last 6 or has anyone else seen this issue? Unless my >jedi training is incorrect, don't 261x's only have 10mb interfaces?? > >thanks, >bk Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40623&t=40603 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token ring switch [7:40621]
Hello I have got an ibm nways 8272 token ring switch. The cli is familiar to the cat3920. I wonder if anyone knows if the nways 8272 does vlan or is there anyway to make it do that ? any information is greatly appreciated. __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40621&t=40621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: apache [7:40616]
look at the contention of HTTP Service Ports- In plain terms, check to make sure that only CiscoWorks or Apache is using Port 80 to answer HTTP requests. If Apache is preferred to do so, you need to CiscoWorks to use a different Port to start its HTTP Service. It sounds to me like both apps are configured to use port 80 to start their HTTP Server service, and CiscoWorks is starting before Apache can, dominating the Port. That's my guess. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of yangchun Sent: Friday, April 05, 2002 11:01 AM To: [EMAIL PROTECTED] Subject: apache [7:40616] dear all: when i install the ciscowork200 the apache don't start .display : Could not start the Apache Webserver service on local computer. Error 1053: The service did not respond to the start or control request in a timely fashio. thanks you very very much! -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40620&t=40616 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:40525]
Steve, If it is optimal routing that your after, I would think that you could still have your some of your internal 3600's or 2600's run BGP with your 2 gateway routers, but just don't send the full internet routing table to them. For instance, you could possibly put up as-path filters to allow only your local ISP's and their respective customer's routes to be passed to your internal routers that sit immediately behind your 2 gateway routers. That way your outbound traffic will have at least some routing information to make a decision. While this setup is not as optimal as having a full internet routing table, I would think this would allow for more optimal routing then just using defaults. I have customers at my work with 3600's with appropriate amount of memory that are multihomed handling 30,000+ routes from each provider comfortably. greg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40619&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: My interview story [7:40553]
I'd certainly agree that, in many cases, 2 hours is enough to ascertain the presence or absence of communication skills and interpersonal interoperability/evidence of the ability to play nice with others (although I've certainly seen individuals slip through the cracks regarding the 2nd characteristic, interviewing extremely well and then showing up to work with a dramatically different and less cooperative personality). However, I'd say that it's important to distinguish between various types of technical interviews. Two or even three straight days of straightforward technical questions will not necessarily provide insight into a candidate's ability to learn or apply factual information in an unfamiliar context. I agree that a mere willingness to learn or apply oneself cannot overcome a dearth of experience for many roles performed by members of the professional IT community, so it IS important to accurately assess someone's current working skill set. However, I'd have to conclude that for many positions of interest to people seeking CCIE numbers, some level of abstraction and ability to cope with the unknown are highly desirable characteristics. All too often, the "OSI layer" and "show command syntax" questions fail to capture someone's potential to keep pace with the evolution of corporate technology. I suppose my concern is that just as certain interviewing techniques/styles can rule out promising candidates because they are too abstract, focused technical interviews that are too simplistic can obscure important differences in capability between sets of candidates. As usual, the appropriate answer probably lies somewhere in between. - Original Message - From: "Phil Barker" To: Sent: Friday, April 05, 2002 10:54 AM Subject: Re: RE: My interview story [7:40553] > Yeah, > I4m on your side John. I applied for a permy > position with a big insurance comp when times where a > bit lean. I finally got an interview reply six weeks > later calling me for an interview. It turned out being > a two day interview, which I immediately knew was not > for me. If people want to hire my skillset they read > my CV call me in and try and beat me down technically. > That being done, can I get on with people etc can > surely be spotted inside 2 hours, unless they are > plain stupid. > > Phil. > --- John Neiberger wrote: > That > may be true, but it just sounds like something > > straight > > off the pages of Dilbert. :-) > > > > I know personally I wouldn't respond to such an > > interview > > well. If someone wants to test my creativity and > > troubleshooting, then they should mock up a lab and > > throw it at > > me. Perhaps that's because I'm not used to the idea > > of being > > psychologically tested during an interview. > > > > What's next, ink blot tests? Values clarification > > drills? > > Written personality tests? I can see it now: > > "We're sorry, > > you're an INTJ but we really want an ESTJ for this > > position." > > > > Okay, I've got to stop answering email this early. > > :-) > > > > John > > > > > > > > On Fri, 5 Apr 2002, Jay Dunn ([EMAIL PROTECTED]) > > wrote: > > > > > This test may sound stupid, but based on Mark's > > description > > I'd say they > > > were attempting to assess creativity and > > troubleshooting > > skills. > > > Sometimes pure technical skills aren't enough. > > Thinking "outside the > > > box" is a big part of what an employer is looking > > for. I'd > > say a company > > > as big as SNS has plenty of experience in hiring > > and knows > > what they're > > > doing in making this part of the interview. > > > > > > Jay Dunn > > > IPI*GrammTech, Ltd. > > > www.ipi-gt.com > > > Nunquam Facilis Est > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On > > Behalf Of > > > John Neiberger > > > Sent: Thursday, April 04, 2002 8:39 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: My interview story [7:40553] > > > > > > Why would you want to work for a place with such > > stupid > > > interviews in the first place? If they select > > their > > employees > > > based on how they play "Stranded in the Desert" or > > whatever > > the > > > heck that was, then it's probably best you don't > > work there. > > > I'm sure the management there is awful. > > > > > > Stuff like that is a sure sign their managers have > > too much > > > time on their hands, and there's almost nothing > > worse than a > > > clueless manager with too much time. > > > > > > Someone needs to send those managers a Dilbert > > calendar! > > > > > > I'm sorry to hear it didn't go well, but you > > should forget > > > about them and move on to a better company. > > > > > > John > > > > > > > > > > > > On Thu, 4 Apr 2002, Mark Zhang > > ([EMAIL PROTECTED]) > > > wrote: > > > > > > > hi,everybody,I have a interview appointment at > > 9:00 AM. > > > > The position is Network Engineer in > > SNS(schlumberger > > network > > > solutions > > > >
Re: Book on IPv6 [7:40515]
Hi, I've working on cisco routers with IPv6 since three years ago, and in my experience this field is evolving so fast that no book is current enough. If you just want an introductory view, "Interworking IPv6 with Cisco Routers" is ok, but lacks important parts, IS-IS for instance. I would recommend instead to look at Cisco configuration guides, latests RFC, drafts, and search IPv6 related webs (www.ipv6forum.com, www.6bone.net, etc). Hope this helps, Enric *** REPLY SEPARATOR *** On 04/04/02 at 15:29 Hamid Ali Asgari wrote: >Hi, > >I am looking for a book on IPv6. Any suggestions? > >Thanks > >Hamid > > >__ >Do You Yahoo!? >Yahoo! Tax Center - online filing with TurboTax >http://taxes.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40617&t=40515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
apache [7:40616]
dear all: when i install the ciscowork200 the apache don't start .display : Could not start the Apache Webserver service on local computer. Error 1053: The service did not respond to the start or control request in a timely fashio. thanks you very very much! -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40616&t=40616 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: My interview story [7:40553]
When I moved back to Alaska from Omaha, I interviewed at a place that sent all of their candidates to a 'speciallist' who did personality tests. I responded well to the interview, but not the job offer. :) TTFN, Bill Pearch, GCI Telehealth Systems Manager Anchorge AK -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 4:04 AM To: [EMAIL PROTECTED] Subject: Re: RE: My interview story [7:40553] That may be true, but it just sounds like something straight off the pages of Dilbert. :-) I know personally I wouldn't respond to such an interview well. If someone wants to test my creativity and troubleshooting, then they should mock up a lab and throw it at me. Perhaps that's because I'm not used to the idea of being psychologically tested during an interview. What's next, ink blot tests? Values clarification drills? Written personality tests? I can see it now: "We're sorry, you're an INTJ but we really want an ESTJ for this position." Okay, I've got to stop answering email this early. :-) John [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40615&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ancient Isdn bri wisdom ? [7:40586]
The other 2 posts here deal with 'no ip route-cache' and 'no ip mroute-cache' pretty well, so I'll only comment on the 'no fair-queue'. Basically, PPP Multilink and WFQ can't coexist on the same interface (at least in the serial world), but I think it applies to any interface. My best guess is that the WFQ algorithm doesn't work correctly with the PPP Multilink (kind of like ip route-cache would try to send the traffic through the same one link). If you try to configure ppp multilink on an interface with fair-queue, it will automaticaly put the "no fair-queue" statement on that interface. However, if you have ppp multilink already configured then try to enable fair-queue, you'll get: "Must disable ppp multilink configuration first." (at least on the serial interface on a 2500) Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40614&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Replacing a router with PIX [7:40454]
I would also add, make sure the ISP dosen't require you to run an IGP. From what I understand PIX does not support IGPs. Most likely this is not the case, if You just set your default route to your outside interface, and they staticly route to you. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40612&t=40454 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE [7:40568]
To Siva, and hundreds of similarly situated folks: I don't know you, but if you are like a lot of us, you will find that you will need more time to prepare for the lab than from now until June, and want to save you the hassle of trying to reschedule on short notice. Okay, that will be easy for you, because you are in Sydney, where lab dates are always plentiful. It won't be so easy for many of those others in the same boat, though. If you are already the king of Cisco knowledge, the guru that everyone in Worldcom/UUNET or IBM Global Network Solutions, or a similar outfit look to for guidance on the details of Cisco networking, and you are just getting the CCIE to put icing on the cake then go ahead and schedule the exam for June. Most of us are not that guru, and we still have a lot to learn. Even the folks with many years of high-level industry experience (I am NOT one of them, by the way), find that there are huge swaths of difficult CCIE material that they have never dealt with in their work. Someone at an ISP may be a guru on BGP, but may have never had to do anything with DLSW+. Conversely, someone in an IBM Mainframe data center may be the guru of DLSW+, but may have never touched BGP, EIGRP, or otehr important Cisco topics. Many people have never configured VOIP, or VOFR, or ATM in their day job. Only a few have ever done anything with a 3920 token ring switch in their day job. The 3920 is not that tough to learn about, but it will take at least few hours on a rental rack to get comfortable with. Best regards, Tom Larus ""Siva"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear All > > I just cleared my ccie written ewith over 82%. Really hard time it was. Now > I am preparing for my CCIE labs. I already schduled it coming June. I am in > the process of setting up a "Home lab". Have anyone got to know where the > used routers are available? I am from Sydney. > > > > Reg Siva Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40613&t=40568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Caslow : Source Route Bridging Q´s pp 620 - 622 [7:40611]
On page 620 Configuring Source-Route Bridging on a 2 port Bridge. It looks like there should be a line in here - (bridge 1 protocol ibm( since on the show source on the following page the maximum hop count is 7. On page 622 Configuring Source-Route Bridging on a multiport bridge. This idea of a virtual ring. Is it simply to reduce the exponential amount of configuration that would otherwise be required ? He doesn4t appear to state WHY. Phil. __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40611&t=40611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Analog & ISDN dial on Cisco E1 PRI Card [7:40610]
Hello All , Would require info on : 1) Wether analog calls/PSTN (Tone & pulse dial) can land on E1 PRI terminating on Cisco 3600 series router? 2) If Yes , then how does one enable/disable the same. Thanks Vijendra. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40610&t=40610 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ancient Isdn bri wisdom ? [7:40586]
Heiko, this seems like a configuration scheme to force load-balancing (if there is another link, or maybe between both B channels) through the links. This configuration shall be implemented on both sides (routers) to be effective. It works with any kind of interface (I guess), requiring only to be two or more routes with the same cost to a destination. The command [no ip route-cache] means to the router not use route caching (wich process switch the first packet of the conversation, and then, fast/silicon/autonomous/etc switch the remaining ones) so that it will distribute the packets in a round-robin fashion between the available equal routes. The command [no ip mroute-cache] has the same effect over multicast packets. The [no fair-queue] disables fair-queueing on the interface so packets will be queued using FIFO strategy. please correct me anyone if I am mistaken :) Regards, Persio - Original Message - From: "Herold Heiko" To: Sent: Friday, April 05, 2002 11:22 AM Subject: Ancient Isdn bri wisdom ? [7:40586] > Time ago when I first laid my greedy hands on a router with 11.something > without really knowing what I did somebody told me: > > interface bri x > no ip route-cache > no ip mroute-cache > no fair-queue > > and I followed the advice as a general rule. > > Now I tried to research the reason for that and really didn't find any. > Is that unneccessary ? > Should it be used (generally, except in special situations) anymore ? > Was that possibly just a workaround for a bug or particular problem which I > copied down and used (wrongly) whenever possible ? > > Heiko Herold > > -- > -- PREVINET S.p.A.[EMAIL PROTECTED] > -- Via Ferretto, 1ph x39-041-5907073 > -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 > -- ITALY Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40609&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: My interview story [7:40553]
Yeah, I4m on your side John. I applied for a permy position with a big insurance comp when times where a bit lean. I finally got an interview reply six weeks later calling me for an interview. It turned out being a two day interview, which I immediately knew was not for me. If people want to hire my skillset they read my CV call me in and try and beat me down technically. That being done, can I get on with people etc can surely be spotted inside 2 hours, unless they are plain stupid. Phil. --- John Neiberger wrote: > That may be true, but it just sounds like something > straight > off the pages of Dilbert. :-) > > I know personally I wouldn't respond to such an > interview > well. If someone wants to test my creativity and > troubleshooting, then they should mock up a lab and > throw it at > me. Perhaps that's because I'm not used to the idea > of being > psychologically tested during an interview. > > What's next, ink blot tests? Values clarification > drills? > Written personality tests? I can see it now: > "We're sorry, > you're an INTJ but we really want an ESTJ for this > position." > > Okay, I've got to stop answering email this early. > :-) > > John > > > > On Fri, 5 Apr 2002, Jay Dunn ([EMAIL PROTECTED]) > wrote: > > > This test may sound stupid, but based on Mark's > description > I'd say they > > were attempting to assess creativity and > troubleshooting > skills. > > Sometimes pure technical skills aren't enough. > Thinking "outside the > > box" is a big part of what an employer is looking > for. I'd > say a company > > as big as SNS has plenty of experience in hiring > and knows > what they're > > doing in making this part of the interview. > > > > Jay Dunn > > IPI*GrammTech, Ltd. > > www.ipi-gt.com > > Nunquam Facilis Est > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On > Behalf Of > > John Neiberger > > Sent: Thursday, April 04, 2002 8:39 PM > > To: [EMAIL PROTECTED] > > Subject: Re: My interview story [7:40553] > > > > Why would you want to work for a place with such > stupid > > interviews in the first place? If they select > their > employees > > based on how they play "Stranded in the Desert" or > whatever > the > > heck that was, then it's probably best you don't > work there. > > I'm sure the management there is awful. > > > > Stuff like that is a sure sign their managers have > too much > > time on their hands, and there's almost nothing > worse than a > > clueless manager with too much time. > > > > Someone needs to send those managers a Dilbert > calendar! > > > > I'm sorry to hear it didn't go well, but you > should forget > > about them and move on to a better company. > > > > John > > > > > > > > On Thu, 4 Apr 2002, Mark Zhang > ([EMAIL PROTECTED]) > > wrote: > > > > > hi,everybody,I have a interview appointment at > 9:00 AM. > > > The position is Network Engineer in > SNS(schlumberger > network > > solutions > > > sector).But I falled,at least i think so. > > > At first,every candidater have a chance to > intraduce > oneself > > for 1 > > > minute in > > > English.Then every 5 person get a group to play > a game > named > > Desert > > > Survive.Game as this:Just image you and some > people lose in > a > > deep > > > desert by > > > an airplane problem,so plz list the most > important thing to > > the lest > > > from 15 > > > tools you could use,first time by your own > choose,the > second > > by your > > > group. > > > Maybe I do not show good in the > self-introduce,then I paly > > the game,I > > > choose > > > more close to the expert answer the my group,but > the > > schlumberger do not > > > think I as the right person they are looking > for. > > > what a pity!I experienced in Motorola and a > network > > company,have design > > > a > > > large scare voip network include about 40 > nods,familiar > with > > Cisco,But > > > why?Just because a lose in the game? > > > > > > B.RMark Zhang > > > > > > > > > - > > > Do You Yahoo!? > > > Yahoo! Tax Center - online filing with TurboTax > > [EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40607&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My interview story [7:40553]
shoulda asked them if the network was currently down...and if it was where in the hell can I get some duct tape! >>> "Lomker, Michael" 04/05/02 09:52AM >>> > large scare voip network include about 40 nods,familiar with Cisco,But > why?Just because a lose in the game? You have to ask yourself whether or not you'd want to work for a company that does this type of screening. I would not have taken the job even if I did well. > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40606&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FIXUP PROTOCOL ON PIX 515 [7:40577]
But its a technical issue !!! email SMTP example : SMTP has lots of different MESSAGE TYPES. e.g send and reply are just two types. There are mandatory functions which must be implemented and there are optional functions which do not need to be implemented, but may prove to be useful in certain situations. If one of the options was for instance a client request to obtain internal Server details. This could be deemed a security issue. However, the Client and Server may have this functionality on by default which poses a security risk. The fixup protocol scans certain well known protocols and only allows the core functionality to work, removing the security risk. Phil. --- Joseph Rago wrote: > Hi can anyone tell me in non technical terms what > the fixup protocol is > used for > on a pix 515. Do i need to specify a fixup protocol > number for all > applications used. > Right now i am able to citrix into a server on my > DMZ and i do not have a > fixup protocol > statement defined for citrix ports. > > Thanks Joe Rago [EMAIL PROTECTED] __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40605&t=40577 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2620 or 2610 [7:40603]
ok, here is one I have never heard. Router says 2610 on it. Sh ver says 2620. Router has ethernet interface (it says 2610), but ios makes you configure a f0/0 interface. Mac address for interface is 0002.16f8.2380 I can find out through and oui serach that 000216 is cisco, but does anybody know how to check the last 6 or has anyone else seen this issue? Unless my jedi training is incorrect, don't 261x's only have 10mb interfaces?? thanks, bk Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40603&t=40603 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please confirm (conf#5c67864024c7a20207bf2c519474625a) [7:40602]
At 09:43 AM 4/5/2002 -0500, you wrote: >Hi, > >You have tried to post to GroupStudy.com's Professional mailing list. Because >the server does not recognize you as a confirmed poster, you will be required >to authenticate that you are using a valid e-mail address and are not a >spammer. By confirming this e-mail you certify that you are not sending >Unsolicited Bulk Email (UBE). > >PLEASE DO NOT SEND YOUR ORIGINAL MESSAGE AGAIN! BY CONFIRMING THIS EMAIL >YOUR ORIGINAL MESSAGE (WHICH IS NOW QUEUED IN THE SERVER) WILL BE POSTED. > > >By confirming this e-mail you also certify the following: > >1. The message does NOT break Cisco's Non-Disclosure requirements. > >2. The message is NOT designed to advertise a commercial product. > >3. You understand all postings become property of GroupStudy.com > >4. You have searched the archives prior to posting. > >5. The message is NOT inflammatory. > >6. The message is NOT a test message. > >To confirm, simply reply to this message. No editing is necessary. Once >confirmed, you will be able to post without additional confirmations. > > >Welcome to GroupStudy.com! > > >--ORIGINAL MESSAGE- > > >From [EMAIL PROTECTED] Fri Apr 5 09:43:38 2002 >Received: from usermail.com (www.usermail.com [208.239.240.90]) > by groupstudy.com (8.9.3/8.9.3) with ESMTP id JAA04437 > GroupStudy Mailer; Fri, 5 Apr 2002 09:43:38 -0500 >Received: from pvanoene-lt1.usermail.com (natsvc.juniper.net [207.17.136.130]) > by usermail.com (8.11.6/8.9.3) with ESMTP id g35EijQ20325 > for ; Fri, 5 Apr 2002 09:44:46 -0500 >Message-Id: >X-Sender: [EMAIL PROTECTED] >X-Mailer: QUALCOMM Windows Eudora Version 5.1 >Date: Fri, 05 Apr 2002 09:44:41 -0500 >To: [EMAIL PROTECTED] >From: Peter van Oene >Subject: Re: OSPF design [7:40269] >In-Reply-To: >Mime-Version: 1.0 >Content-Type: text/plain; charset="us-ascii"; format=flowed > >Please pardon the snipping (and top posting for that matter) Posted some >notes inline. > > > >Peter, when you say that the solution could involve "less specific > > >summaries" - do you really mean more specific summaries? Summarising less > > >drastically (e.g. summarising each site separately) isn't a good solution > > >in this particular case because it creates too much load in the core - > > >that's how we used to do it but it created other problems. > >Yes. Thanks for catching one of my ever more frequent brain farts :) I >definitely meant to suggest that using more specific summaries on the ABR's >would help. Possibly pinning up major aggregates to null0 for the entire >area and leaking appropriate specifics per ABR might help. However, one >would have to consider the impact on the core of both the additional type >3's and the additional processing required to track their state (and their >stability etc) > > > > >As you should be able to see, each of these can be valid assumptions > >depending on your network objectives. Peter, how does JunOS deal > >with this situation? > >JunOS behaves much like Cisco in that we'll advertise the summary so long >as we match a contributing specific. There is currently no additional >"conditional" type capabilities available. However, given the service >provider focus in JunOS, I tend to think that there hasn't been that much >pressure for type 3 handling enhancements. In these networks, OSPF >provides reachability toward loopbacks for IBGP peering and more >importantly, BGP next-hop resolution where path accuracy is pretty >important. Sub-optimal routing for transit traffic burns money :) Further, >LSDB's are generally kept as small as possible (no type 5's for example) >which minimizes the need for summarization from a router processing >perspective. If folks summarize at all, it's only for link addresses in a >pop. > >I actually prefer ISIS for use in networks of this nature as the >distribution of reachability information between levels of the hierarchy >tends to be less restrictive in most implementations. In JunOS (and IOS to >some extent), one can use policies (route-maps in IOS) to govern the flow >of information between areas instead of having to try and manipulate a >summarization knob. In this case, one can leak prefixes without worrying >about what summary range they fall into. Further, one can advertise >aggregates and leak various specifics at the same time which can also be >helpful in some cases. > > >What would be really nice is if Cisco extended BGP conditional > >advertisement to IGPs, and introduced a knob to have the default > >behavior overridden by conditional. > > > > >I think in this case I'll be going for the "protect against partitioning" > > >solution and bung in another cable. > >Wanted to voice my admiration for your verb selection here :) Bung is >definitely a cool way to describe a number of solutions I've seen in the >past. This one being far less bunged up than others I should add. Message Posted at: http://www.groupstudy.com/form/read.php?f=
Re: OSPF design [7:40269]
New theory! might work :) My assumptions: 1) R1 and R2 are your ABR's, R2's link into the backbone is a dial on demand link only used when R1's link fails. 2) Due to the above, the primary problem is that when the non-backbone area becomes partitioned, R1 will not be able to deliver to certain nets south of R2 as it does not see R2 as a valid hop toward those nets (since it doesn't see the type1/2 advertisements from that area). In this case, R1 either forwards via default toward the core and loops traffic for those unreachable nets, or matches a null0 route for the summary and discards. 3) R2 will have this problem only when R1 loses connectivity to the core _and_ the non backbone area becomes partitioned. Hence, fixing this problem is less important that fixing #2. Solution: Disable the creation of a null0 route for the aggregate on R1 and instead add a static route for the aggregate on R1 toward R2. With this config, if the area becomes partitioned, while R1's ethernet toward the core is live, when R1 pulls traffic based on the summary toward unreachable nets behind R2, this route will push the traffic toward R2. Should R2 not be able to reach those nets, the can be safely considered unreadable and R2's null0 route will discard the traffic thereby eliminating loops. The only downside is that some truly unreachable traffic might transit the R1-R2 link before being eliminated. This will not help the situation where the area is partitioned and R1 loses core connectivity, but this is a much less likely occurrence. Plus, in this case your dialup link might be strained anyway so dropping a bunch of traffic might be helpful :) In summary, assume 192.168/16 is the summary R1 ip route 192.168.0.0 255.255.0.0 R2 R2 ip route 192.168.0.0 255.255.0.0 null0 Adding the cable is also helpful, but costs money and requires you to touch a bunch of routers. At 09:04 AM 4/5/2002 -0500, Peter van Oene wrote: >Adding a point to point link between ABR's would enhance the resiliency >between the two and tend to protect against Area partitioning. Depending >on the capabilities of the backbone routers, letting more specifics into >the backbone might be helpful as well as it would deliver more optimal >routing and also help solve this problem. > >Shorter answer is, ya, thats a good idea in my opinion :) > >Pete > > >At 01:39 PM 4/4/2002 -0500, you wrote: > >At 11:59 AM 4/4/02, Chuck wrote: > > >that was going to be my guess as well. I've done a number of lab >experiments > > >with similar themes, and have in my own mind at least, confirmed what is > > >stated in the RFC - that the only serious routing issue with partitioned > > >non-backbone areas results from overlapping > > > >She does seem to have overlapping summarization, if that makes sense. She > >said: > > > >The area range statements on Rtr2 are... > >[various area 0 range statements snipped] > > area 2.1.0.0 range 2.0.0.0 255.128.0.0 > > area 2.2.0.0 range 2.128.0.0 255.224.0.0 > > > >On Rtr1 the statements are... > >[same area 0 range statements snipped] > > area 2.1.0.0 range 2.0.0.0 255.128.0.0 > > > >If you look at her ASCII art e-mail, you'll see that the WAN links were not > >assigned contiguously unless I'm missing something. Rt1 has 2.101.0.0/16 > >and 2.109.0.0/16. Rtr 2 has 2.120.0.0/16, 2.104.0.0/16, and 2.130.0.0/16 > > > >It's probably too late now, but perhaps if all the WAN links connected to > >Rtr 1 had been summarizable into a group that was distinct from the WAN > >links connected to Rtr 2, she wouldn't have the problem?? (Of course, she > >has that area 2.2.0.0 to deal with too, but perhaps it could be something > >different entirely) > > > >But I don't think she's looking for a redesign. She's looking for a quick > >fix for now. What did you guys think of the idea of adding another direct > >connection between the two switches and putting it in area 2.1.0.0? > > > >Priscilla > > > > > > >Chuck > > > > > >""Peter van Oene"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > HI Jenny, > > > > > > > > Is it safe to say that your problem is that when your non backbone area > > > > becomes partitioned, you lose reachability to one side of the > > > > partition? When you use large summarizes to describe entire areas and > > >have > > > > multiple entry points into those areas themselves, this is a normal > > > > occurrence. If this is the problem, the solution likely involves the >use > > > > of less specific summaries per ABR, and/or greater L2 resiliency to > > >protect > > > > against partitions. If that's not the problem, can you indicate where > > >I've > > > > misread the problem description? > > > > > > > > Thanks > > > > > > > > Pete > > > > > > > > > > > > > > > > At 09:05 PM 4/2/2002 -0500, [EMAIL PROTECTED] wrote: > > > > >Hi all, > > > > > > > > > >This is actually a real-life scenario, but I think it throws up some > > > > >interesting points about OSPF that some pe
Re: BGP question [7:40525]
Short answer. If you want all the routers in your AS to have full knowledge of prefixes, buy some memory and extend your BGP cloud to include them. Otherwise, follow a dynamic default and live with suboptimal routing. Adding the third router as you suggest is a helpful option. However, in most cases, outbound traffic load is really not the problem (which is unfortunate as it's actually possible to manipulate with some accuracy) Inbound is the killer. At 04:28 PM 4/4/2002 -0500, Steven A. Ridder wrote: >If I had 2 7206 routers dual homed to two different ISP's for redundancy, I >know I don't NEED the full bgp table, but if I were to accept them for >optimal routing within my network, how would I tell my internal routers who >don;t run BGP which of the two 7206 routers to go to for a specific route >oout to the internet? I assume doing a redistribution into the IGP is a big >no-no, so how do small 3600's and 2600's inside the AS know which of the two >routers to send the traffic to based on the fact that that one router has >the better route? > >I can think of adding a third 7206 router which would run BGP, connect to >the other two routers and accept the full table as well, and the internal >routers would use that one as the gateway to the internet, but if I didn't >have that third router, is there any other way? > >-- > >RFC 1149 Compliant. >Get in my head: >http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40599&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: My interview story [7:40553]
I agree with the summary, the desert game is used to develop team skills and inspire group communication allowing employees who are not outspoken to share in the decision making process. But this should not have been used as a 'one test' for hire decision. If that is so, the Human Resources dept has made errors that will eventually bring the effectiveness of the company/unit to zero, when that happens, higher ups will take a look and heads will roll. but the process can be too long. Mark should be glad he didn't get the job. Have a good day. Kevin McCarty CCNA CCNP Computer Sciences Corporation Defense Sector John NeibergerTo: [EMAIL PROTECTED] Subject: Re: My interview story [7:40553] Sent by: nobody 04/04/2002 08:39 PM Please respond to John Neiberger Why would you want to work for a place with such stupid interviews in the first place? If they select their employees based on how they play "Stranded in the Desert" or whatever the heck that was, then it's probably best you don't work there. I'm sure the management there is awful. Stuff like that is a sure sign their managers have too much time on their hands, and there's almost nothing worse than a clueless manager with too much time. Someone needs to send those managers a Dilbert calendar! I'm sorry to hear it didn't go well, but you should forget about them and move on to a better company. John On Thu, 4 Apr 2002, Mark Zhang ([EMAIL PROTECTED]) wrote: > hi,everybody,I have a interview appointment at 9:00 AM. > The position is Network Engineer in SNS(schlumberger network solutions > sector).But I falled,at least i think so. > At first,every candidater have a chance to intraduce oneself for 1 > minute in > English.Then every 5 person get a group to play a game named Desert > Survive.Game as this:Just image you and some people lose in a deep > desert by > an airplane problem,so plz list the most important thing to the lest > from 15 > tools you could use,first time by your own choose,the second by your > group. > Maybe I do not show good in the self-introduce,then I paly the game,I > choose > more close to the expert answer the my group,but the schlumberger do not > think I as the right person they are looking for. > what a pity!I experienced in Motorola and a network company,have design > a > large scare voip network include about 40 nods,familiar with Cisco,But > why?Just because a lose in the game? > > B.RMark Zhang > > > - > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40598&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ancient Isdn bri wisdom ? [7:40586]
> Now I tried to research the reason for that and really didn't > find any. It is done because ISDN lines are considered two physical paths that are bonded together using PPP multilink or Cisco's proprietary bonding. If you don't disable route caching then the tcp/ip conversation will always be switched out the same physical path (your big download will only use 1/2 of the 128k connection). It's easy to test that...just remove it sometime. no-fair queue appears to be the default for asynchronous interfaces on the later versions of IOS. To be honest, I'm not certain why FIFO offers better performance than WFQ would on asynch lines; I can't find a good explanation on CCO right now. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40597&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Script for Reload Cisco [7:40451]
this example is on a router with tacacs login, modify this scripts for your needs [root@qmail marcelo]# cat /home/marcelo/prueba.exp #!/usr/bin/expect -f # Abre una sesion de telnet set flag 1 catch {set prompt $env(EXPECT_PROMPT)} eval spawn telnet 10.0.0.25 23 $argv expect Username: send "myname\n" expect Password: send "mypassword\n" expect myrouter> send "ena\n" expect Password: send "myenapassword\n" expect myrouter# send "reload\n" expect [confirm] send "\n" interact [root@qmail marcelo]# best regards Marcelo -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]En nombre de x Enviado el: Jueves, 04 de Abril de 2002 10:33 a.m. Para: [EMAIL PROTECTED] Asunto: RE: Script for Reload Cisco [7:40451] I would like to see how you did it in Expect. --- Marcelo Castro wrote: > hi, > > i'm using expect or php script to telnet the > router and writing commands > from unix. Do you need an example? > > > best regards > > Marcelo > > -Mensaje original- > De: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]En nombre de > Michalis Palis > Enviado el: Jueves, 04 de Abril de 2002 07:17 a.m. > Para: [EMAIL PROTECTED] > Asunto: Script for Reload Cisco [7:40451] > > > Hello all > > I am looking for a good script under Linux in order > to > automate the reload procedure of CISCO routers. > > I will appreciate your feedback > > __ > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax > http://taxes.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40594&t=40451 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question on PIX !!! [7:40489]
Avi, Sounds like your ISP router and inside router might not have a route to 216.6.24.130 255.255.255.192. (I am assuming you have a default route on your 216.6.24.130 network devices pointing to inside IP of the PIX, therefore your devices should be able to get to the inside router). Check/post your inside router ip routing table. thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) ""Avi"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > I am facing a problem on PIX 515 as described below. > Firewall: Cisco PIX 515 > Firewall Software Version: 4.4(7) > > PIX setup: > -- > > Host Mail Server > 216.6.24.130 216.6.24.185 (216.6.24.0 => Public AddressesValid > Internet Addresses) > | | > --- > | > | > | > | - 216.6.24.130 255.255.255.192 > PIX > | - 192.168.2.14 /30 > | > | > | - 192.168.2.14 /30 > Inside >Router > | - 192.168.2.6 /30 > | > | > | - 192.168.2.5 /30 > ISP > Router > | > | | Proxy > 192.118.52.54 > | | Server > | > || | | > > > > PIX Configuration: > > > PIX Version 4.4(7) > nameif ethernet0 outside security0 > nameif ethernet1 inside security100 > enable password 8Ry2YjIyt7RRXU24 encrypted > passwd AoM2ZahaIYl9kEoj encrypted > hostname nungunungu > fixup protocol ftp 21 > fixup protocol http 80 > fixup protocol h323 1720 > fixup protocol rsh 514 > fixup protocol smtp 25 > fixup protocol sqlnet 1521 > names > pager lines 24 > logging on > no logging timestamp > no logging console > no logging monitor > no logging buffered > no logging trap > logging facility 20 > logging queue 512 > interface ethernet0 auto > interface ethernet1 100basetx > mtu outside 1500 > mtu inside 1500 > ip address outside 192.168.2.14 255.255.255.252 > ip address inside 216.6.24.129 255.255.255.192 > no failover > failover timeout 0:00:00 > failover ip address outside 0.0.0.0 > failover ip address inside 0.0.0.0 > arp timeout 14400 > nat (inside) 0 216.6.24.0 255.255.255.0 0 0 > static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0 > conduit permit tcp host 216.6.24.177 eq smtp any > conduit permit tcp host 216.6.24.186 eq smtp any > conduit permit tcp any host 192.118.52.54 eq www > conduit permit icmp any any > conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp > conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data > conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp > conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 > conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 > conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 > conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 > conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 > conduit permit tcp host 216.6.24.10 eq domain any > conduit permit tcp host 192.118.52.54 eq 8080 any > conduit permit tcp host 192.118.52.54 eq 3180 any > conduit permit tcp host 192.118.52.54 eq www any > no rip outside passive > no rip outside default > no rip inside passive > no rip inside default > route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 > route inside 216.6.24.128 255.255.255.192 216.6.24.129 1 > timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 > timeout rpc 0:10:00 h323 0:05:00 > timeout uauth 0:05:00 absolute > aaa-server TACACS+ protocol tacacs+ > aaa-server RADIUS protocol radius > no snmp-server location > no snmp-server contact > snmp-server community mic-test-03 > no snmp-server enable traps > telnet 216.6.24.16 255.255.255.255 > telnet timeout 15 > terminal width 80 > > > PROBLEM: > -- > > From host 216.6.24.130 i am able to ping inside interface of the PIX but i > am not able to ping the outside inetrface, nor am i able to ping the inside > router. Sitting on the PIX i am able to to ping the inside host 216.6.24.130 > and the servers, also i am able to ping ISP router and the Proxy server at > ISP premieses. > > Why is my inside host not able to go beyond the inside interface of PIX ? > Have i missed on some configuration or have i typed certain command wrongly. > As 216.6.24.0 network are valid ip addresses s
Re: OSPF design [7:40269]
One quick point below. Trimmed rest. Question from Jenny > >One thing I'm not clear on, though, is why the problem (reportedly) > >happened before we upgraded to IOS 12.1 - so before a route to null0 was > >used for the summarised networks (we didn't add one manually). Any >ideas? > > I can understand why it's happening now, so this is more for my >curiosity > >and understanding. Correct me if I'm wrong, the post 12.1, IOS adds the null on ABR's when area-ranges are used? In any event, adding a null route for a summary address is usually a good thing. Although these null routes do nothing to enhance reachability, they do prevent traffic from looping when reachability is lost. In your case, if your non backbone area was partitioned and traffic arrived at the ABR which had no specific routes for the destination in question, this traffic would be forwarded toward default (or another less specific summary) assuming the null route didn't exist. Hence, for 192.168.1.1 as an example, your core routers might like the 192.168/16 route from ABR1 who might like your core routers 0.0.0.0/0 in which case you'll generate lots of useless forwarding. Adding the null route here would simply discard the traffic gracefully. Interestingly, if your ABR1 happened to default toward ABR2 for some reason, not having the null route would actually enable you to route around the problem. However, this would only help half the area and implementing a default on ABR2 toward ABR1 at the same time to fix the other half would be a case of not looking at the whole picture :) Some topologies might actually benefit from a design of this nature which might explain why the null route wasn't automatically added before. However, more topologies would benefit from having it which likely explains why Cisco changed their default behavior. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40593&t=40269 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:40525]
aren't the 2 7206 dual homed, 2 connections to each ISP? why not run hsrp on the 7206 and let those routers make decisions for all internal routers? >From: "Ouellette, Tim" >Reply-To: "Ouellette, Tim" >To: [EMAIL PROTECTED] >Subject: RE: BGP question [7:40525] >Date: Thu, 4 Apr 2002 18:39:17 -0500 > >This can be simplified in the following way. > >If you want your internal routers to be able to make a routing decision >based on an external bgp route that is somewhere on the net that I'd think >your internal router (3660) has to have that route in it's routing table >(maybe redistributed into some IGP from BGP). Maybe not the best way. > >Or, you could inject default routes from each BGP speaker (your 7200's) >into >your IGP. If let's say one of your 3600's send a packet to it's default >gateway (one of the 7200)'s which in turn could pass it over ethernet to >the >other 7200 if you setup some policy routing etc. > >I'd say you might want have your 2600/3600's connected to both 7200's for >redundancy in case one box completely fails it'll use the other. This >could >be done be accepting the default routes from each 7200 or by creating a >floating static that way if the primary route to the internet fails, it'll >use a backup. These are just a couple of ideas. If you provide some >specifics of the layout, I may be able to help out a bit more. Also, I'm >sure some of the experts here will provide much better detail of how >they've >implemented such a design. > >In short, I'm thinking that if you want a 2600/3600 to make a decision on >which 7200 to go out of for a specific route, it has to know about it. > >Tim > >-Original Message- >From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] >Sent: Thursday, April 04, 2002 4:29 PM >To: [EMAIL PROTECTED] >Subject: BGP question [7:40525] > > >If I had 2 7206 routers dual homed to two different ISP's for redundancy, I >know I don't NEED the full bgp table, but if I were to accept them for >optimal routing within my network, how would I tell my internal routers who >don;t run BGP which of the two 7206 routers to go to for a specific route >oout to the internet? I assume doing a redistribution into the IGP is a >big >no-no, so how do small 3600's and 2600's inside the AS know which of the >two >routers to send the traffic to based on the fact that that one router has >the better route? > >I can think of adding a third 7206 router which would run BGP, connect to >the other two routers and accept the full table as well, and the internal >routers would use that one as the gateway to the internet, but if I didn't >have that third router, is there any other way? > >-- > >RFC 1149 Compliant. >Get in my head: >http://sar.dynu.com _ Chat with friends online, try MSN Messenger: http://messenger.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40592&t=40525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF design [7:40269]
Please pardon the snipping (and top posting for that matter) Posted some notes inline. >Peter, when you say that the solution could involve "less specific > >summaries" - do you really mean more specific summaries? Summarising less > >drastically (e.g. summarising each site separately) isn't a good solution > >in this particular case because it creates too much load in the core - > >that's how we used to do it but it created other problems. Yes. Thanks for catching one of my ever more frequent brain farts :) I definitely meant to suggest that using more specific summaries on the ABR's would help. Possibly pinning up major aggregates to null0 for the entire area and leaking appropriate specifics per ABR might help. However, one would have to consider the impact on the core of both the additional type 3's and the additional processing required to track their state (and their stability etc) >As you should be able to see, each of these can be valid assumptions >depending on your network objectives. Peter, how does JunOS deal >with this situation? JunOS behaves much like Cisco in that we'll advertise the summary so long as we match a contributing specific. There is currently no additional "conditional" type capabilities available. However, given the service provider focus in JunOS, I tend to think that there hasn't been that much pressure for type 3 handling enhancements. In these networks, OSPF provides reachability toward loopbacks for IBGP peering and more importantly, BGP next-hop resolution where path accuracy is pretty important. Sub-optimal routing for transit traffic burns money :) Further, LSDB's are generally kept as small as possible (no type 5's for example) which minimizes the need for summarization from a router processing perspective. If folks summarize at all, it's only for link addresses in a pop. I actually prefer ISIS for use in networks of this nature as the distribution of reachability information between levels of the hierarchy tends to be less restrictive in most implementations. In JunOS (and IOS to some extent), one can use policies (route-maps in IOS) to govern the flow of information between areas instead of having to try and manipulate a summarization knob. In this case, one can leak prefixes without worrying about what summary range they fall into. Further, one can advertise aggregates and leak various specifics at the same time which can also be helpful in some cases. >What would be really nice is if Cisco extended BGP conditional >advertisement to IGPs, and introduced a knob to have the default >behavior overridden by conditional. > > >I think in this case I'll be going for the "protect against partitioning" > >solution and bung in another cable. Wanted to voice my admiration for your verb selection here :) Bung is definitely a cool way to describe a number of solutions I've seen in the past. This one being far less bunged up than others I should add. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40591&t=40269 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Works and PIX's [7:40580]
snmp-server host inside [ip of CiscoWorks] And of course a valid snmp community Thanks Larry -Original Message- From: Johnson, Richard (NY Int) [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 9:00 AM To: [EMAIL PROTECTED] Subject: Cisco Works and PIX's [7:40580] Hi All, I am just setting up Cisco Works. It seems I can add all my switches w/o a problem, but I can not add my PIX to the equipment. I am sure this can be donecare to offer any advice? The error I get is "Could not connect to host:" I do restrict telnet access to the PIX, but I did add the Cisco Works server address to that list. Thanks, Rich Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40590&t=40580 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My interview story [7:40553]
> large scare voip network include about 40 nods,familiar with Cisco,But > why?Just because a lose in the game? You have to ask yourself whether or not you'd want to work for a company that does this type of screening. I would not have taken the job even if I did well. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40589&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE [7:40568]
Dear Siva, Congratulations on your achievements. I wish you best of luck in your struggle toward conquering the CCIE beast (laugh). As u said, you are sitting for your lab in June, have u prepared enough for this most dread certification in the industry? You can get used router from ebay.com or better still from itparade.com Nurudeen Once again accept my congratulations. ""Siva"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear All > > I just cleared my ccie written ewith over 82%. Really hard time it was. Now > I am preparing for my CCIE labs. I already schduled it coming June. I am in > the process of setting up a "Home lab". Have anyone got to know where the > used routers are available? I am from Sydney. > > > > Reg Siva Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40570&t=40568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 2500 console problem [7:40559]
For some reason some old 2503s seem to have this problem. I have run into it myself. Make sure you have your terminal settings set correctly (check the baud rate, stop bits, and flow control). If that doesn't work, try using a different computer (I seem to have the best luck using an NT machine). thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) ""Widjaja Surja Kentjana"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > > Have just got a Cisco 2503. I am not able to console, I believe it is > faulty. I need to clear the password. Tried to use AUX, but AUX is only > available when the IOS is loaded. > > Any other way out or workaround it? > > Thanks. > > Widjaja Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40562&t=40559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
i am receiving spam [7:40572]
Hi All, I am receiving SPAM from someone. The return address says [EMAIL PROTECTED] The letter then asks if i would like some practice questions. I clicked yes and it sent me a list of questions to look at. The questions all had wrong answers. ... as in way wrong I don't really know how i got on this guys email list, but i am only a member of a couple of cisco study groups so i was wondering if anyone else here is getting this stuff too? Regards, amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40572&t=40572 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: PIX Question !!! [7:40465]
dont you have to place the inside ip addrres on the outside interface? i think you have it reverse, ip address inside 192.168.2.14 255.255.255.248 ip address outside 216.6.24.129 255.255.255.192 then nat (inside) 0 192.168.2.14 255.255.255.0 0 0 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Avi Sent: Thursday, April 04, 2002 9:01 AM To: [EMAIL PROTECTED] Subject: PIX Question !!! [7:40465] Hi, I am facing a problem on PIX 515 as described below. Firewall: Cisco PIX 515 Firewall Software Version: 4.4(7) PIX setup: - H - 216.6.24.130 255.255.255.192 | |Public Accessed Servers(216.6.24.0 - Public addresses) | | - 216.6.24.129 255.255.255.192 PIX | - 192.168.2.14 /30 | | | - 192.168.2.13 /30 R | - 192.168.2.6 /30 | | | - 192.168.2.5 /30 R (ISP Router) | | |Proxy Server | 192.118.52.54 Following is the config: -- PIX Version 4.4(7) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd AoM2ZahaIYl9kEoj encrypted hostname nungunungu fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 logging on no logging timestamp no logging console no logging monitor no logging buffered no logging trap logging facility 20 logging queue 512 inerface ethernet0 auto interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 192.168.2.14 255.255.255.248 ip address inside 216.6.24.129 255.255.255.192 no failover failover timeout 0:00:00 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 arp timeout 14400 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.13 216.6.24.129 netmask 255.255.255.255 0 0 conduit permit tcp host 216.6.24.177 eq smtp any conduit permit tcp host 216.6.24.186 eq smtp any conduit permit tcp any host 192.118.52.54 eq www conduit permit icmp any any conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 conduit permit tcp host 216.6.24.10 eq domain any conduit permit tcp host 192.118.52.54 eq 8080 any conduit permit tcp host 192.118.52.54 eq 3180 any conduit permit tcp host 192.118.52.54 eq www any no rip outside passive no rip outside default no rip inside passive no rip inside default route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 0.0.0.0 0.0.0.0 216.6.24.129 1 timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community mic-test-03 no snmp-server enable traps telnet 216.6.24.16 255.255.255.255 telnet timeout 15 terminal width 80 PROBLEM My problem is frm host 216.6.24.130 I can ping inside interface of PIX, but I can't ping outside interface of PIX nor the internal router. Also i am not able to ping the proxy server. Sitting on the PIXI am able to ping inside as well as outside, even the Proxy server. Also outside hosts are able to reach the host 216.6.24.130. Can someone pls throw some light on this as to where i am going wrong or i am missing on some command. Ur kind help will be appreciated a lot. Thanxs & Rgds, Avi. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40503&t=40465 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: http access not working anymore?? [7:40149]
I can tell you know that we do not have redundancy across the board here and rebooting a router is a super big deal! although we just had a sup and and msfc die in a core switch and hsrp took over just dandy... :) We've tested it before but it gives you a warm and fuszzy to see it work corrctly! :) -Patrick >>> "Cisco Nuts" 04/04/02 12:02PM >>> Thank you for your help, PatrickI just rebooted the router !! No, it's not a production router.It' just my lab at home :-) Now I don't have the access-list commands nor http auth local commands, just a simple ip http server command. Regards. >From: "Patrick Ramsey" >Reply-To: "Patrick Ramsey" >To: [EMAIL PROTECTED] >Subject: Re: http access not working anymore?? [7:40149] >Date: Wed, 3 Apr 2002 17:16:05 -0500 > >reboot the router? holy moly, that's a little drastic don't you think? >Hope this router isn't doing much! That solution kinda reminds me of most >nt admins! > >Have you checked to see if http process is even running? If the router >shows it as being a running process, do a port scan against it. Does 80 >show up? (Make sure you scan for 80!) > >try disabling http (no ip http server) Check the processes again and see if >http is still running. If not, re-enable it...check the processes >again...is it running? Can you connect? portscan again... > >Do you think the acl might be hung in memory? Try adding a new acl in with >the same number that does nothing. > >sheeesh... I would think rebooting the router would be an absolute last >resort with scheduled downtime. Of course if you are running a microsoft >network, then you probably have downtime scheduled for each night, you could >always do it then! :) > >-Patrick > > >> "Dominick Marino" 04/03/02 10:16AM >>> >Reboot the router. > > >-- >A. Dominick Marino > > >""Cisco Nuts"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hello,I use http to get to my routers but after enabling 2 commands on > > the router it does not work anymoreI removed both the commands with > > just http access but it still does not workI cleared the cache in IE > > but that does not help either.I deleted the access-list and also > > changed the enable secret password but no luckWhat could have gone > > wrong?I had added: # ip http access-class 10 # ip http > > auth local > > > > > > > > Get your FREE download of MSN Explorer at http://explorer.msn.com. > > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and >/or proprietary information in the possession of WellStar Health System, >Inc. ("WellStar") and is intended only for the individual or entity to whom >addressed. This email may contain information that is held to be >privileged, confidential and exempt from disclosure under applicable law. If >the reader of this message is not the intended recipient, you are hereby >notified that any unauthorized access, dissemination, distribution or >copying of any information from this email is strictly prohibited, and may >subject you to criminal and/or civil liability. If you have received this >email in error, please notify the sender by reply email and then delete this >email and its attachments from your computer. Thank you. > > > > > > misconduct and Nondisclosure violations to [EMAIL PROTECTED] MSN Photos is the easiest way to share and print your photos: Click Here > Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40493&t=40149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question on PIX !!! [7:40489]
Hi, I am facing a problem on PIX 515 as described below. Firewall: Cisco PIX 515 Firewall Software Version: 4.4(7) PIX setup: -- Host Mail Server 216.6.24.130 216.6.24.185 (216.6.24.0 => Public AddressesValid Internet Addresses) | | --- | | | | - 216.6.24.130 255.255.255.192 PIX | - 192.168.2.14 /30 | | | - 192.168.2.14 /30 Inside Router | - 192.168.2.6 /30 | | | - 192.168.2.5 /30 ISP Router | | | Proxy 192.118.52.54 | | Server | || | | PIX Configuration: PIX Version 4.4(7) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd AoM2ZahaIYl9kEoj encrypted hostname nungunungu fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 logging on no logging timestamp no logging console no logging monitor no logging buffered no logging trap logging facility 20 logging queue 512 interface ethernet0 auto interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 192.168.2.14 255.255.255.252 ip address inside 216.6.24.129 255.255.255.192 no failover failover timeout 0:00:00 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 arp timeout 14400 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.0 216.6.24.0 netmask 255.255.255.0 0 0 conduit permit tcp host 216.6.24.177 eq smtp any conduit permit tcp host 216.6.24.186 eq smtp any conduit permit tcp any host 192.118.52.54 eq www conduit permit icmp any any conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 conduit permit tcp host 216.6.24.10 eq domain any conduit permit tcp host 192.118.52.54 eq 8080 any conduit permit tcp host 192.118.52.54 eq 3180 any conduit permit tcp host 192.118.52.54 eq www any no rip outside passive no rip outside default no rip inside passive no rip inside default route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 216.6.24.128 255.255.255.192 216.6.24.129 1 timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community mic-test-03 no snmp-server enable traps telnet 216.6.24.16 255.255.255.255 telnet timeout 15 terminal width 80 PROBLEM: -- >From host 216.6.24.130 i am able to ping inside interface of the PIX but i am not able to ping the outside inetrface, nor am i able to ping the inside router. Sitting on the PIX i am able to to ping the inside host 216.6.24.130 and the servers, also i am able to ping ISP router and the Proxy server at ISP premieses. Why is my inside host not able to go beyond the inside interface of PIX ? Have i missed on some configuration or have i typed certain command wrongly. As 216.6.24.0 network are valid ip addresses so i don't want to use NAT. Kindly assist me on this. Thanxs & Rgds, Avi. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40489&t=40489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
San Diego.. [7:40498]
Does anyone know of any instructor led CCIE Security level training available in the San Diego area? I'm not necessarily talking about "boot camps", but a class longer than a week or so. Also, are there any members here in the San Diego area with the CCIE Security lab as a goal? Thanx for any reply. I can be contacted at [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40498&t=40498 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question !!! [7:40465]
Avi, You have a few things in your config that look strange: 1) static (inside,outside) 192.168.2.13 216.6.24.129 netmask 255.255.255.255 This creates a static with the outside address of 192.168.2.13, which you indicate is your router's IP address, and an inside address of 216.6.24.129, which you indicate is your inside PIX interface. This makes no sense. A static translation is used to create a new address on the outside that is not currently in use by any device to map to an inside end device, such as a server. I don't understand what you are trying to do with this command and this may be the cause of your problem. 2) route inside 0.0.0.0 0.0.0.0 216.6.24.129 1 You are pointing the PIX's inside default route to its own interface? I don't see what you are trying to accomplish by doing this, if there is no inside router you should just leave of the route inside command. 3) You say outside hosts are able to reach 216.6.24.130, do you mean they are able to ping the host? If the outside hosts can ping the inside host, the inside host should be able to ping the outside hosts since you have a conduit permit icmp any in your config. If the .130 host is a unix box, sometimes they try to resolve names during ping, so it may be that your ping is failing because name lookups are failing. Just a guess. It looks like something is not correct with your static command, so I would fix that first. Also, you are running a very old version of code at 4.4, you are 2 major release behind, so there may also be some weird bug present in this code rev, I would strongly consider upgrading the code to current levels. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Avi Sent: Thursday, April 04, 2002 9:01 AM To: [EMAIL PROTECTED] Subject: PIX Question !!! [7:40465] Hi, I am facing a problem on PIX 515 as described below. Firewall: Cisco PIX 515 Firewall Software Version: 4.4(7) PIX setup: - H - 216.6.24.130 255.255.255.192 | |Public Accessed Servers(216.6.24.0 - Public addresses) | | - 216.6.24.129 255.255.255.192 PIX | - 192.168.2.14 /30 | | | - 192.168.2.13 /30 R | - 192.168.2.6 /30 | | | - 192.168.2.5 /30 R (ISP Router) | | |Proxy Server | 192.118.52.54 Following is the config: -- PIX Version 4.4(7) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd AoM2ZahaIYl9kEoj encrypted hostname nungunungu fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 logging on no logging timestamp no logging console no logging monitor no logging buffered no logging trap logging facility 20 logging queue 512 inerface ethernet0 auto interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 192.168.2.14 255.255.255.248 ip address inside 216.6.24.129 255.255.255.192 no failover failover timeout 0:00:00 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 arp timeout 14400 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.13 216.6.24.129 netmask 255.255.255.255 0 0 conduit permit tcp host 216.6.24.177 eq smtp any conduit permit tcp host 216.6.24.186 eq smtp any conduit permit tcp any host 192.118.52.54 eq www conduit permit icmp any any conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 conduit permit tcp host 216.6.24.10 eq domain any conduit permit tcp host 192.118.52.54 eq 8080 any conduit permit tcp host 192.118.52.54 eq 3180 any conduit permit tcp host 192.118.52.54 eq www any no rip outside passive no rip outside default no rip inside passive no rip inside default route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 0.0.0.0 0.0.0.0 216.6.24.129 1 timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community mic-test-03 no snmp-server enable traps telnet 216.6.24.16 255.255.255
RE: PIX Question !!! [7:40465]
In problems like this you have to enable "debug icmp trace" to help you to resolve this issue, rather then guessing what you missed. What this statement suppose to do: static (inside,outside) 192.168.2.13 216.6.24.129 ip address inside 216.6.24.129 255.255.255.192 route outside 0.0.0.0 0.0.0.0 192.168.2.13 You want that ip address of the inside interface will look like outside router??? I would use "clear static" and "clear xlate"... You'll never be able to ping 192.168.2.14 ip from the 216.6.24.130 host, but you should be able to ping .13. -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Avi Sent: Thursday, April 04, 2002 11:01 AM To: [EMAIL PROTECTED] Subject: PIX Question !!! [7:40465] Hi, I am facing a problem on PIX 515 as described below. Firewall: Cisco PIX 515 Firewall Software Version: 4.4(7) PIX setup: - H - 216.6.24.130 255.255.255.192 | |Public Accessed Servers(216.6.24.0 - Public addresses) | | - 216.6.24.129 255.255.255.192 PIX | - 192.168.2.14 /30 | | | - 192.168.2.13 /30 R | - 192.168.2.6 /30 | | | - 192.168.2.5 /30 R (ISP Router) | | |Proxy Server | 192.118.52.54 Following is the config: -- PIX Version 4.4(7) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password 8Ry2YjIyt7RRXU24 encrypted passwd AoM2ZahaIYl9kEoj encrypted hostname nungunungu fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 names pager lines 24 logging on no logging timestamp no logging console no logging monitor no logging buffered no logging trap logging facility 20 logging queue 512 inerface ethernet0 auto interface ethernet1 100basetx mtu outside 1500 mtu inside 1500 ip address outside 192.168.2.14 255.255.255.248 ip address inside 216.6.24.129 255.255.255.192 no failover failover timeout 0:00:00 failover ip address outside 0.0.0.0 failover ip address inside 0.0.0.0 arp timeout 14400 nat (inside) 0 216.6.24.0 255.255.255.0 0 0 static (inside,outside) 192.168.2.13 216.6.24.129 netmask 255.255.255.255 0 0 conduit permit tcp host 216.6.24.177 eq smtp any conduit permit tcp host 216.6.24.186 eq smtp any conduit permit tcp any host 192.118.52.54 eq www conduit permit icmp any any conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp conduit permit tcp host 216.6.24.189 host 216.6.24.5 eq ftp-data conduit permit tcp host 216.6.24.185 host 216.6.24.40 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq smtp conduit permit tcp host 216.6.24.185 host 216.6.24.19 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.10 eq 5001 conduit permit tcp host 216.6.24.185 host 216.6.24.5 eq 5001 conduit permit tcp host 216.6.24.184 host 216.6.24.21 eq 3306 conduit permit tcp host 216.6.24.184 host 216.6.24.28 eq 3306 conduit permit tcp host 216.6.24.10 eq domain any conduit permit tcp host 192.118.52.54 eq 8080 any conduit permit tcp host 192.118.52.54 eq 3180 any conduit permit tcp host 192.118.52.54 eq www any no rip outside passive no rip outside default no rip inside passive no rip inside default route outside 0.0.0.0 0.0.0.0 192.168.2.13 1 route inside 0.0.0.0 0.0.0.0 216.6.24.129 1 timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00 timeout rpc 0:10:00 h323 0:05:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community mic-test-03 no snmp-server enable traps telnet 216.6.24.16 255.255.255.255 telnet timeout 15 terminal width 80 PROBLEM My problem is frm host 216.6.24.130 I can ping inside interface of PIX, but I can't ping outside interface of PIX nor the internal router. Also i am not able to ping the proxy server. Sitting on the PIXI am able to ping inside as well as outside, even the Proxy server. Also outside hosts are able to reach the host 216.6.24.130. Can someone pls throw some light on this as to where i am going wrong or i am missing on some command. Ur kind help will be appreciated a lot. Thanxs & Rgds, Avi. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40522&t=40465 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ancient Isdn bri wisdom ? [7:40586]
Time ago when I first laid my greedy hands on a router with 11.something without really knowing what I did somebody told me: interface bri x no ip route-cache no ip mroute-cache no fair-queue and I followed the advice as a general rule. Now I tried to research the reason for that and really didn't find any. Is that unneccessary ? Should it be used (generally, except in special situations) anymore ? Was that possibly just a workaround for a bug or particular problem which I copied down and used (wrongly) whenever possible ? Heiko Herold -- -- PREVINET S.p.A.[EMAIL PROTECTED] -- Via Ferretto, 1ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 -- ITALY Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40586&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF design [7:40269]
>Comments below... > >Thanks, >JMcL >- Forwarded by Jenny Mcleod/NSO/CSDA on 05/04/2002 03:25 pm - > > >"Howard C. Berkowitz" >Sent by: [EMAIL PROTECTED] >05/04/2002 02:09 pm >Please respond to "Howard C. Berkowitz" > > > To: [EMAIL PROTECTED] > cc: > Subject:Re: OSPF design [7:40269] > > >Jenny, > >First, I apologize for not giving more of a response earlier, but >it's been a crazy few days...three people in my office, including >myself, have had close relatives/friends in surgery and there have >been a lot of distractions. >JMcL: Err.. yes, I can see how that would be distracting. Thanks for >taking the time for this. /JMcL > >I'm going to post and elaborate a bit on some observations I sent to >you earlier, but I'm interested in why and how you have so much core >trouble. Could you give us an idea of the number of routes and of >routers, and the stability of both, in the non-backbone areas? Are >the ABRs and any pure backbone routers doing any other >processor-intensive tasks? >JMcL: The non-backbone areas (about twenty of them) vary quite a bit in >size as they map (or did once) to geographic/administrative regions. As >they consist of multiple geographically-dispersed small offices with two >routers each (for redundancy), they are pretty router-rich - the smallest >area has 20 routers and 21 networks, the largest (I think) has 52/49 in >area x.1.0.0 and 29/27 in x.2.0.0. >While they aren't too bad for stability, the sheer number of sites means >that something is usually playing up somewhere :-( Those numbers don't sound too bad. But I think the villains are below. >The ABRs mentioned in the problem below aren't doing anything very >exciting, but some of the core routers have a fair load. There are >currently 50 routers in the backbone area - the backbone area is spread >across two data centres and the ABRs mentioned (which are in sites around >the country - they have WAN connections to the data centres, not LAN). First, while I know of backbone areas that do have hundreds of routers (Pat Murphy at the US Geological Survey--but he's also an OSPF protocol developer), generally it's a bad idea. The larger cores that I've built recently had certainly no more than 20-32 routers. Given you've got two data centres (see, I can spell in Oz), a natural split would be to center one area 0.0.0.0 on each data center, and have local areas (i.e., nonzero) even at the physical data centre. Why should such things as server-to-server backup, etc., be traversing the core? Without knowing your Internet connectivity requirements, you could link the backbone areas (i.e., two OSPF domains) with multiple static routes (adding floating for backup). >Core routers in the data centres also support CIP cards, may be ABRs for >other areas (we're not very good at "pure" backbone routers ;-), and until >recently terminated stacks of DLSw circuits. This is bad news. And remember, in OSPF (as opposed to ISIS), the _router_ is not in any specific area. It is the _interfaces_ that are in an area. If, hypothetically, you were to create a local area in the data centre for the IBM machines, all it would take is changing the network statements for the interfaces going to that area. Incidentally, there's a sneaky cost saving you can use for CIP cards. 7000 series routers support them, but don't have very fast CPUs. But you don't need a fast CPU to support the CIP itself, because it has its own fast CPU. You do need substantial CPU power for terminating the IBM tunnels. A trick I used a good deal (and by the equipment types, you'll see this is fairly old), is to put the CIP into a 3-slot 7010, or two if I needed redundancy. I then ran the fastest available medium -- mostly FDDI at the time -- back to 4500/4700 series routers, which were the first RISC processor routes. They terminated RSRB, did IBM conversions, and all the other things that were processor intensive. Given that there was a shared medium, I could use multiple 4x00s if necessary. >We also have adjusted the OSPF timers throughout the network to make them >more sensitive - this because we had SNA traffic (first via RSRB, then >DLSw) and we wanted fast failover. DLSW doesn't have the local acknowledgement problem of RSRB. You may be able to start returning the timers to the normal values. >This worked, but does make OSPF a bit >more inclined to hysteria when there are links flapping. This is now >being phased out as we have moved to TN3270, but the timers haven't all >been changed back yet. >We possibly could go back to advertising each site separately now, since >we've reduced the load in the core by various other methods, but I >wouldn't want to battle the layer 8 issues to do it. >/JMcL > >There can be creative solutions if you think outside the traditional >OSPF box. Hypothetically, if your address plan split geographically, >it might even be an idea to have an eastern and western OSP
Re: OSPF design [7:40269]
Adding a point to point link between ABR's would enhance the resiliency between the two and tend to protect against Area partitioning. Depending on the capabilities of the backbone routers, letting more specifics into the backbone might be helpful as well as it would deliver more optimal routing and also help solve this problem. Shorter answer is, ya, thats a good idea in my opinion :) Pete At 01:39 PM 4/4/2002 -0500, you wrote: >At 11:59 AM 4/4/02, Chuck wrote: > >that was going to be my guess as well. I've done a number of lab experiments > >with similar themes, and have in my own mind at least, confirmed what is > >stated in the RFC - that the only serious routing issue with partitioned > >non-backbone areas results from overlapping > >She does seem to have overlapping summarization, if that makes sense. She >said: > >The area range statements on Rtr2 are... >[various area 0 range statements snipped] > area 2.1.0.0 range 2.0.0.0 255.128.0.0 > area 2.2.0.0 range 2.128.0.0 255.224.0.0 > >On Rtr1 the statements are... >[same area 0 range statements snipped] > area 2.1.0.0 range 2.0.0.0 255.128.0.0 > >If you look at her ASCII art e-mail, you'll see that the WAN links were not >assigned contiguously unless I'm missing something. Rt1 has 2.101.0.0/16 >and 2.109.0.0/16. Rtr 2 has 2.120.0.0/16, 2.104.0.0/16, and 2.130.0.0/16 > >It's probably too late now, but perhaps if all the WAN links connected to >Rtr 1 had been summarizable into a group that was distinct from the WAN >links connected to Rtr 2, she wouldn't have the problem?? (Of course, she >has that area 2.2.0.0 to deal with too, but perhaps it could be something >different entirely) > >But I don't think she's looking for a redesign. She's looking for a quick >fix for now. What did you guys think of the idea of adding another direct >connection between the two switches and putting it in area 2.1.0.0? > >Priscilla > > > >Chuck > > > >""Peter van Oene"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > HI Jenny, > > > > > > Is it safe to say that your problem is that when your non backbone area > > > becomes partitioned, you lose reachability to one side of the > > > partition? When you use large summarizes to describe entire areas and > >have > > > multiple entry points into those areas themselves, this is a normal > > > occurrence. If this is the problem, the solution likely involves the use > > > of less specific summaries per ABR, and/or greater L2 resiliency to > >protect > > > against partitions. If that's not the problem, can you indicate where > >I've > > > misread the problem description? > > > > > > Thanks > > > > > > Pete > > > > > > > > > > > > At 09:05 PM 4/2/2002 -0500, [EMAIL PROTECTED] wrote: > > > >Hi all, > > > > > > > >This is actually a real-life scenario, but I think it throws up some > > > >interesting points about OSPF that some people may not have come across. > > > >And it has a couple of bits that I don't understand. Please excuse the > > > >verbosity. > > > > > > > >Currently, (part of) this particular network is as described below. It > > > >normally works fine, but during certain types of failures, connectivity > > > >breaks although there is still a physical path. I am contemplating what > > > >the best way to fix it would be, and would be interested in comments. > > > > > > > >Set-up - I don't think my ascii art is up to this but I'll give it a go > >if > > > >the description isn't clear enough: > > > > > > > >Two ABRs (Rtr1 and Rtr2), running IOS 12.1, connected to each other by a > > > >direct ethernet cable in area 0, and also by several local ethernet > > > >networks in area 2.1.0.0. The details of the local ethernets can > >probably > > > >remain a fluffy cloud, but note that failure of a single component can > > > >potentially cause all area 2.1.0.0 neighbour connectivity between Rtr1 > >and > > > >Rtr2 to be lost, although the local ethernets may remain up on one or > >both > > > >routers. > > > > > > > >Both routers have a connection back to the core of the network (on Rtr2 > >it > > > >is dialup, so not usually active), which is in area 0. Both routers >have > > > >WAN links to several sites (not dual-homed - each site has a link to >only > > > >one ABR), in area 2.1.0.0. Rtr2 may also have WAN links to several >sites > > > >in area 2.2.0.0, but that's probably not too relevant. > > > > > > > >Both ABRs summarise the networks in area 2.1.0.0 to a single summary > > > >network (Rtr2 summarises the networks in 2.2.0.0, if any, to another > > > >summary network). > > > > > > > >This usually works fine - traffic from the core to sites connected to > >Rtr2 > > > >(in area 2.1.0.0) travels from Rtr1 to Rtr2 across the local ethernets > > > >(area 2.1.0.0), and in reverse from Rtr2 to Rtr1 across the Area 0 > > > >ethernet. This, while perhaps not ideal, is as expected, and works well > > > >under normal circumstances. (If you're not sure why this is expected, > > > >read
Cisco Works and PIX's [7:40580]
Hi All, I am just setting up Cisco Works. It seems I can add all my switches w/o a problem, but I can not add my PIX to the equipment. I am sure this can be donecare to offer any advice? The error I get is "Could not connect to host:" I do restrict telnet access to the PIX, but I did add the Cisco Works server address to that list. Thanks, Rich Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40580&t=40580 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can anyone break this Cisco 4912G password? [7:40505]
Boson has some free utilities that include a password breaker. IT won't work if you have the high level encryption enabled. Someone posted some equipment for sale once on e-bay. They gave a limited logon, and did a show config. I cracked the password utility with the boson cracker and when it prompted for a password for higher level stuff I entered it and it worked. I didn't do anything to the machine of course, and I did let the seller know. But most people are aware of it. Also another common password I found is the company name. Robert -Original Message- From: Tom Monte [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 04, 2002 4:48 PM To: [EMAIL PROTECTED] Subject: RE: Can anyone break this Cisco 4912G password? [7:40505] It is possible to break a Cisco IOS password. I had a piece of software on my Palm Pilot that does it, but I left it home. :( I know there are alot of others and there was a website that did it at one point. Cisco password encryption isn't that strong. I would try "password", "cisco" and the name of your company before you go any further. If you know something about the person who set it up, you could try things related to them. People tend to pick there children or a favorite sport as a password or simply ask him or her if they are available. I will look around and see if I can find something to break them for you. -Original Message- From: Orlosky, Glenn M [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 04, 2002 2:10 PM To: [EMAIL PROTECTED] Subject: Can anyone break this Cisco 4912G password? [7:40505] I have forgotten the enable level password on this Cisco 4912G Catalyst OS switch. I don't want to go through the Password Recovery Procedure on this production switch. Can you help? Thanks Glenn set password $1$0o8Z$yoRgp68KqY9Qi1Hi9mu8s0 set enablepass $1$FMFQ$HfZR5DUszVHIRhrz4h6V70 This e-mail and any files transmitted with it are intended solely for the person(s) to whom it is addressed. If you are not the intended recipient, please delete the message and all copies of it from your system, destroy any hard copies of it and contact the sender by return e-mail. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40579&t=40505 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]