DSL clock [7:40794]
Hi Group. I have a DSL connection with a DSL modem connected on my NM-4T module . modem generates its internal clock at 528000 bps. and other side ( customer ) is same modem with this clock I want to know at this clock ( 528kbps ) , at a time the total ( SEND + RECIVE ) data can not be over 528kbps or they are separate , (at a time SEND=528K , RECIVE=528K ) plz help me . Reza Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40794&t=40794 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Cisco SmartNet [7:40795]
Hi all, I would like to find out some info about Cisco SmartNet. Can I buy a SmartNet (for a particular category) for EOL equipment? This is for cisco 2503 for example. Thanks. Widjaja Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40795&t=40795 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN 500 Concentrator and non-Cisco VPN clients [7:40788]
Hi Mason, I doubt that there is an universal VPN clients that can make a VPN connection to a Cisco VPN product, except the client made by Cisco. Last time I did attend a two days training for VPN 5000, at that time we have to use VPN 5000`s client. HTH - Original Message - From: "Mason" To: Sent: Monday, April 08, 2002 12:38 PM Subject: VPN 500 Concentrator and non-Cisco VPN clients [7:40788] > If I have a Cisco VPN 5000, are most VPN clients suppose to work > with the Cisco VPN 5000 ? (for example Microsoft VPN clients) ? > Or do I must to download the VPN 5000 client from Cisco website > to be able to connect to the VPN 5000 concentrator... Engelhard M. Labiro ([EMAIL PROTECTED]) Security Group, Technical Solution Center, Netmarks Inc. 2-13-34 Konan, Minato-Ku, Tokyo 108-0075 Tel: +81-3-5461-2575, Fax: +81-3-5461-2093 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40796&t=40788 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Puzzles -> WAS RE: My interview story [7:40553]
How about lock the courier inside the box, throw away the key, keep the
diamond?
"Patrick
Ramsey"
cc:
Sent by: Subject: Re: Puzzles ->
WAS RE: My interview story [7:40553]
[EMAIL PROTECTED]
om
04/06/2002 02:25
PM
Please respond
to
"Patrick
Ramsey"
how about lock his box inside your box, let him keep his key and send the
key with your box with the courier.
-Patrick
>>> "Joe Morabito" 04/06/02 09:04AM >>>
solution for part A:
Lock the box, send it to your friend. Send the key as a separate delivery.
In essence there are two deliveries made.
- Original Message -
From: "Craig Columbus"
To:
Sent: Saturday, April 06, 2002 12:58 AM
Subject: Re: Puzzles -> WAS RE: My interview story [7:40553]
> Part A: I heard this one where the friend also has a key that will open
> his lock, but not yours. Also, the condition is that no destructive
> techniques are allowed, so breaking or cutting wasn't a possible
solution.
>
> Part B:
> He never states that the rope is attached to the top of the pole, just
that
> it's attached to the pole. So, the answer is that the poles are
somewhere
> between 0 and 32 feet apart.
>
> Craig
>
> At 11:33 PM 4/5/2002 -0500, you wrote:
> >I'll bite.
> >a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your
box
> >and send it to your friend. He breaks the lock or cuts open the box.
> >b) Poles and rope. The poles are touching.
> >
> > > -Original Message-
> > > From: Dusty Harper [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, April 05, 2002 4:55 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: My interview story [7:40553]
> >
> > > The goal is to determine how you think. Most real world solutions to
> > > problems can be applied to technological hurdles, or problems.
> > >
> > > As an example:
> > >
> > > Prep:
> > > You have an empty box, a lock, a key for your lock, and a
> > > diamond.
> > > Your friend has an empty box, and a lock for his box.
> > >
> > > Goal:
> > > You want to get the diamond to your friend via courier.
However
> > > the courier will steal anything that is not locked. How do you do
> > > this?
> > >
> > >
> > > Another example:
> > >
> > > If you have 2 20' poles, a 32' rope strung between them, and
the
> > > lowest point of the rope is 4' off of the ground, how far apart are
> > > the poles?
> > >
> > > It gauges how one thinks and handles situations.
> Confidentiality Disclaimer
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. ("WellStar") and is intended only for the individual or entity to whom
addressed. This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law.
If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete
this
email and its attachments from your computer. Thank you.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40797&t=40553
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ancient Isdn bri wisdom ? [7:40586]
To everyone, thank you for your advice, what you wrote seems reasonable. However it seems this would mean if there are only single channel connections (64k or 56k only) [m]route-cache and fair-queue can remain enabled. I'll try that asap. Heiko Herold -- -- PREVINET S.p.A.[EMAIL PROTECTED] -- Via Ferretto, 1ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 -- ITALY > -Original Message- > From: Lomker, Michael [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 5:31 PM > To: [EMAIL PROTECTED] > Subject: RE: Ancient Isdn bri wisdom ? [7:40586] > > > > Now I tried to research the reason for that and really didn't > > find any. > > It is done because ISDN lines are considered two physical > paths that are > bonded together using PPP multilink or Cisco's proprietary > bonding. If you > don't disable route caching then the tcp/ip conversation will > always be > switched out the same physical path (your big download will > only use 1/2 of > the 128k connection). It's easy to test that...just remove > it sometime. > > no-fair queue appears to be the default for asynchronous > interfaces on the > later versions of IOS. To be honest, I'm not certain why > FIFO offers better > performance than WFQ would on asynch lines; I can't find a > good explanation > on CCO right now. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40798&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX VS CheckPoint [7:40136]
With PDM 2.0 and PIX OS 6.2 you will be able to do this. It was suppose to be out last month.. I guess they are still working the bugs out of it... Tim CCIE 9015 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mark Odette II Sent: Monday, April 08, 2002 2:48 AM To: [EMAIL PROTECTED] Subject: RE: PIX VS CheckPoint [7:40136] Timo- Which version of the PDM are you referring to that has the VPN config capability?? I have 1.1.2 now, and I have not found that functionality... Am I just overlooking something!?!?! TIA for your response. -Mark Odette II -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Timo Graser Sent: Sunday, April 07, 2002 7:05 AM To: [EMAIL PROTECTED] Subject: Re: PIX VS CheckPoint [7:40136] The Pix has also a browser interface. The only disadvantage in the past was, that you could not configure a vpn. With the new pdm you will be able to do this too. So the only things in the future to do at cli will be to run setup and then log in over your browser. Jeffrey Reed wrote: >IPSO comes with a nice web browser interface that I can teach a customer in >a matter of minutes. You only need to access command line when you have >support on the line. Also, Nokia certifies each CheckPoint release with >their IPSO operating system to make sure they are more than compatible. This >is a good solution if you're running CheckPoint. As X said, never run your >firewall on NT!! > >Jeffrey Reed >Classic Networking, Inc. > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of nrf >Sent: Tuesday, April 02, 2002 9:21 PM >To: [EMAIL PROTECTED] >Subject: Re: PIX VS CheckPoint [7:40136] > >I knew somebody was going to come back with that. All-right fine, it is >indeed true that Ipso is a hacked version of Unix. But then again, so is >Cisco IOS and Juniper JunOS, and you could say that it helps to have >knowledge of Unix to run either of those (especially JunOS).The point I >was trying to make is that by using a Nokia Ipso box, you don't subject >yourself to the full-blown intricacies of Unix like you do when installing >Checkpoint software on, say, a Sun box. I was trying to say that you could >get by with less Unix skills than you could otherwise, I was not saying that >you could get by with an absolute 100% complete whole-nine-yards lack of >Unix knowledge. Now, whether you consider that to be a good or bad thing is >in the eyes of the beholder. > > > >""colin newman"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >>Hi >> >>Nokia?s IPSO OS is Unix. It?s a ?hardened? and customize version of >>FreeBSD. I?ve worked on Nokia/CheckPoint boxes and it does help to have >>knowledge of Unix. I have not had the chance to work with PIX yet so I >>can?t comment on the merits of a CheckPoint/Nokia vs. PIX. The only >>negative thing I have to say about CheckPoint is their idiotic licensing >>scheme, it a pain and can be very confusing. >> >> >>Colin >>nrf wrote: >> >>>On the other hand, there's a distinct third option, which is to >>>run >>>Checkpoint on a dedicated hardware appliance, for example the >>>Nokia Ipso >>>line of gear. This removes one of the Checkpoint disadvantages >>>(don't need >>>to know Unix or NT), but introduces another disadvantage (less >>>flexible - >>>you should have included in your advantages that regular >>>Checkpoint is more >>>flexible than Pix because you can integrate it with Unix and >>>enjoy all the >>>features of Unix, but of course with a Nokia, you don't have >>>that). In >>>fact, the Pix and the Nokia Checkpoint are so close that it's >>>almost a wash. >>>I believe the Pix is faster, but the Nokia Checkpoint is still >>>more flexible >>>(but not as flexible as Checkpoint software). >>> >>> >>> >>>""Nurudeen Aderinto"" wrote in >>>message >>>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >>> Dear x, I love your presentation. You spoke well. Nurudeen ""x"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >I have setup and managed both PIX and Checkpoint in a >variety of environments. I think they are both solid >options in different situations. Here is how I market >these products. > >PIX >- more cost effective >- fast >- you can have fail over >- Can be more complicated to setup the CLI, but PIX >has a nice feature of allowing all traffic out and >none in by default. > >Who would I market this for? >I would target this as an ideal candidate for small >companies with rulesets that don't change much. They >also need a Cisco savy person to manage it, usually a >consultant. I am guessing you would fill this role. >I have only made minor changes in the firewall I have >managed for almost two years. > >Checkpoint >- nice GUI for ruleset management >- more expensive >- required to know U
Re: any comments on my acl page ? [7:40785]
Very extensive, mad :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40800&t=40785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix Labs ... [7:40801]
Does anybody know of any sites similiar to R1R2.com that allow you to configure a Pix Firewall ??? Or any software similiar to Boson Router Sim that will allow you to configure a Pix ??? Or any other suggestions regarding Pix hands-on training ... Kind regards ... Paul .. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40801&t=40801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Core layer question [7:40535]
I had classes at Cisco on SAFE (EXCELLENT STUFF IF ANYONE GET'S TO GO!!) , and the Cisco rep said the same thing - never put anything in core. If you look at the SAFE blueprint for Enterprises, the IDS aren't in the core either (I checked last week). ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Do y'all know about Cisco's SAFE design? It's a "blueprint" for > implementing security on enterprise networks, sort of a template for a > typical enterprise network (if there is such a thing as typical). It would > probably give you ideas on where Cisco would put the IDS. > > It was developed by Sean Convery (CCIE #4232) and Bernie Trudel (CCIE > #1884). I know Bernie does good work. If this Sean is related to Sean > Connery, I'll take his work anytime too. ;-) Anyway, there's a good white > paper here: > > http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/safe_wp.htm > > Priscilla > > At 06:13 PM 4/7/02, Steven A. Ridder wrote: > >I've always understood that anything in the core (access-lists, FW blades, > >IDS modules, etc. ) is a bad design as it just slows down traffic as the > >core is built for speed. I was always told to move everything to the distro > >or access-layer, depending on the function, AFAIK, the IDS blades have to > >look at all traffic, which could slow down core, and this core is for a > >global bank on Wall St. If it's not done right now, when they expand later > >this year, the network will suck. > > > >-- > > > >RFC 1149 Compliant. > >Get in my head: > >http://sar.dynu.com > > > > > >""Kent Hundley"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > It's not a bad idea to have an IDS blade in the core, but if you have to > > > pick either the DMZ and server blocks or the core, I would choose the > > > former. Having an IDS blade in the core should not affect any other > > > processing of the switch since its a completely self contained module > with > > > its own processor. (course, murphy is always lurking) > > > > > > It's also a good idea to have redundant sup's, but cost may be a factor > as > > > well. One can only have as much redundancy as your pocket book allows, > >and > > > sup's aren't cheap. :-) > > > > > > Regards, > > > Kent > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > > Steven A. Ridder > > > Sent: Thursday, April 04, 2002 2:20 PM > > > To: [EMAIL PROTECTED] > > > Subject: Core layer question [7:40535] > > > > > > > > > Has anyone ever designed a network and put either a firewall or IDS blade > >in > > > the core switch block? Even if the customer had no money, wouldn't this > > > never be advisable? Has anyone ever done it? > > > > > > As background for the questions, I started a new job, and so I took over > > > some accounts, and who ever has been doing the configs ( I think some > have > > > been comming from Cisco!) has been making mistakes here and there. One > > > proposal had a 500 phone IP Tel network running over Cat. 3 wiring, and > >this > > > one has a wan block going back to the core block (dual 6506's) with only > 1 > > > sup in each and an IDS blade in each! Isn't it advisable to move the > >IDS's > > > to the server and DMZ blocks? Also, isn't it always advisable to go with > >2 > > > sups? > > > > > > I just want to make sure I'm not crazy, as I'd not like to casue a ton of > > > waves my first week on the job. > > > > > > -- > > > > > > RFC 1149 Compliant. > > > Get in my head: > > > http://sar.dynu.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40802&t=40535 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE LAB test questions [7:40793]
The Cisco site says you are responsible for anything in IOS 12.1. If the test were any more specific, it wouldn't be as highly regarded as it is. On Mon, 2002-04-08 at 02:52, [EMAIL PROTECTED] wrote: > Hi all, > > I passed my written test a few months ago and just finished to build a > lab at home. > > I'm curious to know what subjects are asked at the LAB test Routing & > Switching. I do not want to know in detail whats happening at the > test but just the topics like: > > BGP > OSPF > ISDN Frame > VPN > IPsec etc > > Is their anybody out their who has an answer because at the Cisco site > its not very clear what to do . > > cheers Ronald > > The Netherlands Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40803&t=40793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
I don't think you can, besides bridging on every internet hop. On Sun, 2002-04-07 at 23:14, cage wrote: > how can I make the netbios over Internet except the dlsw+ ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40804&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: ccnp or certification specialist [7:40805]
Hello i currently have a masters in telecom and i am also ccna, wireless . My CCNA runs out may of 2003. Should i go for the ccnp or go for the security specialization. Thanks Joe R. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40805&t=40805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: iBGP full mesh ? [7:40741]
BGP Rules of thumb: BGP advertised prefix must also exist in local IGP table. iBGP learned prefix must also exist in local IGP table -or use #no sync on iBGP learning router, but if you do, you'd sure as hell better know why you disabled it. On Sun, 2002-04-07 at 09:22, Phil Barker wrote: > Hi Group, > > Hope someone can help out with this as I don4t have > access to my kit at the moment. > > I tried to set up my first BGP lab last week. > I configured a full iBGP mesh, three routers connected > in a triangle via serial lines. > > I set up (neighbour( statements on each router (Hope > Radia can forgive the extra vowel !!!) and advertised > the networks. > > I got the BGP table working but nothing was promoted > to the main routing table, and therefore could4nt ping > non directly connected interfaces. I tried various > approaches like putting a default route in and running > an IGP but still no promotion to the main table. > > Should this be possible with iBGP ? or is it a matter > of loop avoidance i.e the AS Numbers won4t be > prepended for the case of iBGP peers. > > Phil. > > __ > Do You Yahoo!? > Everything you'll ever need on one web page > from News and Sport to Email and Music Charts > http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40806&t=40741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN and VPN (IPSEC 3DES) [7:40807]
Guys Any of you familier with issues between ISDN and Cisco VPN Client (IPSEC 3DES). All of my ISDN users unable to VPN using Cisco VPN Client, and we have pICX 515. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40807&t=40807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Puzzles -> WAS RE: My interview story [7:40553]
>How about lock the courier inside the box, throw away the key, keep the
>diamond?
With that answer, you probably would get the Microsoft job, but
they'd offer you one in competitive marketing!
>
>
>how about lock his box inside your box, let him keep his key and send the
>key with your box with the courier.
>
>-Patrick
>
"Joe Morabito" 04/06/02 09:04AM >>>
>solution for part A:
>
>Lock the box, send it to your friend. Send the key as a separate delivery.
>
>In essence there are two deliveries made.
>
>
>- Original Message -
>From: "Craig Columbus"
>To:
>Sent: Saturday, April 06, 2002 12:58 AM
>Subject: Re: Puzzles -> WAS RE: My interview story [7:40553]
>
>
>> Part A: I heard this one where the friend also has a key that will open
>> his lock, but not yours. Also, the condition is that no destructive
>> techniques are allowed, so breaking or cutting wasn't a possible
>solution.
>>
>> Part B:
>> He never states that the rope is attached to the top of the pole, just
>that
>> it's attached to the pole. So, the answer is that the poles are
>somewhere
>> between 0 and 32 feet apart.
>>
>> Craig
>>
>> At 11:33 PM 4/5/2002 -0500, you wrote:
>> >I'll bite.
>> >a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your
>box
>> >and send it to your friend. He breaks the lock or cuts open the box.
>> >b) Poles and rope. The poles are touching.
>> >
>> > > -Original Message-
>> > > From: Dusty Harper [mailto:[EMAIL PROTECTED]]
>> > > Sent: Friday, April 05, 2002 4:55 PM
>> > > To: [EMAIL PROTECTED]
>> > > Subject: RE: My interview story [7:40553]
>> >
>> > > The goal is to determine how you think. Most real world solutions to
>> > > problems can be applied to technological hurdles, or problems.
>> > >
>> > > As an example:
>> > >
>> > > Prep:
>> > > You have an empty box, a lock, a key for your lock, and a
>> > > diamond.
>> > > Your friend has an empty box, and a lock for his box.
>> > >
>> > > Goal:
>> > > You want to get the diamond to your friend via courier.
>However
>> > > the courier will steal anything that is not locked. How do you do
>> > > this?
>> > >
>> > >
>> > > Another example:
>> > >
>> > > If you have 2 20' poles, a 32' rope strung between them, and
>the
>> > > lowest point of the rope is 4' off of the ground, how far apart are
>> > > the poles?
>> > >
>> > > It gauges how one thinks and handles situations.
>> Confidentiality Disclaimer This email and any files
transmitted with it may contain confidential and
>/or proprietary information in the possession of WellStar Health System,
>Inc. ("WellStar") and is intended only for the individual or entity to whom
>addressed. This email may contain information that is held to be
>privileged, confidential and exempt from disclosure under applicable law.
>If
>the reader of this message is not the intended recipient, you are hereby
>notified that any unauthorized access, dissemination, distribution or
>copying of any information from this email is strictly prohibited, and may
>subject you to criminal and/or civil liability. If you have received this
>email in error, please notify the sender by reply email and then delete
>this
>email and its attachments from your computer. Thank you.
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40808&t=40553
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
standard trunk protocol [7:40809]
Dear Group, I'm confused. In a multi-vendor enviroment I've to design a VLANs scenario. So I can prefer 802.1Q tagging (standard) on the trunk link. And then? How to manage the VLAN informations? Is VTP (or DTP) a cisco protocol? Is there a standard in order to manage the vlan information dynamically? Thanks. Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40809&t=40809 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
How about NetBIOS over TCP/IP (NBT) and encapsulate it with IPSec. Another idea is using a GRE tunnel to pass the NetBIOS to the next hop. > I don't think you can, besides bridging on every internet hop. > > On Sun, 2002-04-07 at 23:14, cage wrote: > > how can I make the netbios over Internet except the dlsw+ ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40810&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: what does 0 in 0Xnnnn mean? [7:40372]
Actually the answer to this is very simple... The '0x' means hexadecimal - this has been mentioned several times. The '0' indicates that it is a number, as opposed to a variable. "0xff" can be interpreted by the parser as a number, but "xff" would be interpreted as a variable name... Mike Bray [EMAIL PROTECTED] -Original Message- From: Marko Milivojevic [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 7:22 PM To: [EMAIL PROTECTED] Subject: RE: what does 0 in 0X mean? [7:40372] >I know that... by why? What's the origin of the 0X? In Cisco devices - most probably the same notation as used in C programming language. Why is that way in C is computer history and I think that I missed that class :-) Marko. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40811&t=40372 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Core layer question [7:40535]
Looking at the traffic should not slow anything down. The IDS blade has its own processor and is a completely separate device from the sup. If anything, the IDS blade may not be able to keep up with the traffic and you may miss some traffic for inspection, ie. the IDS blade might not catch all attacks. This has nothing to do with the sup's or MSFC's ability to move packets. Access-lists are different in that they are actively inserted in the data path. An IDS is essentially a glorified sniffer. No sniffer, or IDS for that matter, that I have worked with has ever had any effect on traffic flows. It is a watcher only and does not influence the traffic flow. Does that mean that it is impossible that an IDS blade would affect traffic? No it doesn't, but it does mean that it would be a very significant bug and absolutely should not happen. Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Sunday, April 07, 2002 3:14 PM To: [EMAIL PROTECTED] Subject: Re: Core layer question [7:40535] I've always understood that anything in the core (access-lists, FW blades, IDS modules, etc. ) is a bad design as it just slows down traffic as the core is built for speed. I was always told to move everything to the distro or access-layer, depending on the function, AFAIK, the IDS blades have to look at all traffic, which could slow down core, and this core is for a global bank on Wall St. If it's not done right now, when they expand later this year, the network will suck. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""Kent Hundley"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It's not a bad idea to have an IDS blade in the core, but if you have to > pick either the DMZ and server blocks or the core, I would choose the > former. Having an IDS blade in the core should not affect any other > processing of the switch since its a completely self contained module with > its own processor. (course, murphy is always lurking) > > It's also a good idea to have redundant sup's, but cost may be a factor as > well. One can only have as much redundancy as your pocket book allows, and > sup's aren't cheap. :-) > > Regards, > Kent > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Steven A. Ridder > Sent: Thursday, April 04, 2002 2:20 PM > To: [EMAIL PROTECTED] > Subject: Core layer question [7:40535] > > > Has anyone ever designed a network and put either a firewall or IDS blade in > the core switch block? Even if the customer had no money, wouldn't this > never be advisable? Has anyone ever done it? > > As background for the questions, I started a new job, and so I took over > some accounts, and who ever has been doing the configs ( I think some have > been comming from Cisco!) has been making mistakes here and there. One > proposal had a 500 phone IP Tel network running over Cat. 3 wiring, and this > one has a wan block going back to the core block (dual 6506's) with only 1 > sup in each and an IDS blade in each! Isn't it advisable to move the IDS's > to the server and DMZ blocks? Also, isn't it always advisable to go with 2 > sups? > > I just want to make sure I'm not crazy, as I'd not like to casue a ton of > waves my first week on the job. > > -- > > RFC 1149 Compliant. > Get in my head: > http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40812&t=40535 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
Is it possible to send nonroutable traffic through a GRE Tunnel? On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > How about NetBIOS over TCP/IP (NBT) and encapsulate > it with IPSec. Another idea is using a GRE tunnel to > pass the NetBIOS to the next hop. > > > > I don't think you can, besides bridging on every internet hop. > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > how can I make the netbios over Internet except the dlsw+ ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40813&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
No, we upgraded it ourselves Rico, I was there throughout the ninetieswe went from Banyan environments to IP (Unix/NT). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rico Ortiz Sent: Friday, April 05, 2002 6:42 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] When I was in the Marines (about 10 yrs ago) the used Banyard Vines for there networks. I believe EDS has been hired to upgrade there current network to an IP setup.. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Thursday, March 28, 2002 2:12 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] And I've heard that the US side in Desert Storm used Banyan for their networking systems, not TCP/IP!? Priscilla At 12:05 PM 3/28/02, Howard C. Berkowitz wrote: > >Thats what the DoD taught in their DataCommunications Schools. Sorry Dom. > >Absolutely, positively wrong, though. That's an urban legend that has >been disavowed by every early developer I can think of, including the >DARPA people. It developed out of pure DARPA sponsored research in >networking. > >I'm hard-pressed to think of any nuclear command & control >communications system, before the mid-80's or so, that used TCP/IP, >and at one time I knew pretty much every system that was deployed. >Among the ones I can talk about, they were circuit-switched or radio. >Some of the circuit-switched networks were computer controlled, >including AUTODIN I and a variety of intelligent networks. > >Without detailed research, I'd tend to say the first military TCP/IP >applications were in tactical, not strategic, nets. > >Actually, the first demonstration that packet switched networks were >resilient to massive attack came from the Iraqi air defense system in >Desert Storm. > > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Chuck > >Sent: Thursday, March 28, 2002 9:00 AM > >To: [EMAIL PROTECTED] > >Subject: Re: TCP/IP and DOD [7:39657] > > > > > >the real reason being.? > > > > > > > > > > wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Sorry, the > >> > >> "be resilient to Global Thermal Nuclear attacks" > >> > >> is a myth. > >> > >> Dom Stocqueler > >> > >> > >> > >> > >> > >> "William > >> Gragido" To: > >> [EMAIL PROTECTED] > >>Subject: RE: TCP/IP and DOD > >> [7:39657] > >> Sent > >> by: > >> > >> nobody@groups > >> > >> tudy.com > >> > >> > >> > >> 27/03/2002 > >> > >> 20:17 > >> > >> Please > >> respond > >> to > >> > >> "William > >> > >> Gragido" > >> > >> > >> > >> > >> > >> > >> The DoD adopted TCP/IP as its native protocol for communications in 1983. > >> DARPA lead the charge for a communications system that would be resilient > >> to > >> Global Thermal Nuclear attacks (therein allowing for continued, > >> uninterrupted comm), and would allow for common connectivity of > >> multi-vendor > >> solutions. This of course did yield 'ARPA NET' which, by a decision of > >the > >> DCA (Defense Communications Agency), in 1983 was split in two yielding a > >> smaller version of 'ARPA NET' and 'MILNET'. The evolution of the modern > >> internet can followed done the line from 'ARPA NET' and as we all know by > >> virtue of adding new networks to the mix, 'ARPA NET' was de-regulated in > >> 1991 ushering the age of the modern internet. > >> > >> Hope that helps, > >> > >> Will Gragido > >> > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >> Michael Williams > >> Sent: Wednesday, March 27, 2002 1:37 PM > >> To: [EMAIL PROTECTED] > >> Subject: RE: TCP/IP and DOD [7:39657] > >> > >> > >> It's kinda fuzzy. I myself just got through doing a tech review of a >book > >> covering this topic as well as have written my own "materials" for > >> training, > >> etc covering this topic. IMHO, DoD is credited with "creating the > >> internet" > >> even though at the time it wasn't called the internet and didn't use the > >> same protocols we do now. Although the DoD started the whole mess, from > >> what I've read DoD commisioned ARPANET to research this. I'm sure that > >> peoples are various universities and colleges were in on the actual > >> deveopment evidenced by the fact that in 1971 there were 15 nodes (with a > >> total of 23 hosts), namely UCLA, SRI, UCSB, U of Utah, BBN, MIT, RAND, > >SDC, > >> Harvard, Lincoln Lab, Stanford, UIU(C), CWRU, CMU, and NASA/Ames. Note > >> most > >> of those listed are colleges/universities. I've read some about BBN, > >> however > >> it seems to me their main role was to supply the first "computers" > >> (Honeywell 516 mini computers with 12K of memory) that acted as > >Information > >> Message Processors (IMPs) (routers?).
Re: iBGP full mesh ? [7:40741]
I can think one one good reason why you would disable sync, you can't redistribute 100K routes into ANY IGP. Why are you so concerned about disabling sync?? It should be default. Dave Jay wrote: > > BGP Rules of thumb: > > BGP advertised prefix must also exist in local IGP table. > iBGP learned prefix must also exist in local IGP table > -or use #no sync on iBGP learning router, but if you do, you'd sure as > hell better know why you disabled it. > > On Sun, 2002-04-07 at 09:22, Phil Barker wrote: > > Hi Group, > > > > Hope someone can help out with this as I don4t have > > access to my kit at the moment. > > > > I tried to set up my first BGP lab last week. > > I configured a full iBGP mesh, three routers connected > > in a triangle via serial lines. > > > > I set up (neighbour( statements on each router (Hope > > Radia can forgive the extra vowel !!!) and advertised > > the networks. > > > > I got the BGP table working but nothing was promoted > > to the main routing table, and therefore could4nt ping > > non directly connected interfaces. I tried various > > approaches like putting a default route in and running > > an IGP but still no promotion to the main table. > > > > Should this be possible with iBGP ? or is it a matter > > of loop avoidance i.e the AS Numbers won4t be > > prepended for the case of iBGP peers. > > > > Phil. > > > > __ > > Do You Yahoo!? > > Everything you'll ever need on one web page > > from News and Sport to Email and Music Charts > > http://uk.my.yahoo.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40814&t=40741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
port mirroring and vlans [7:40816]
Hi all, can anyone tell me if you have two cat3548's configured with an crossover connecting them (trunk port for all intensive purposes) and you port mirror vlan 1 on a single port on one of the switches (all ports are in vlan 1) will you get all traffic to the mirror port including those from the second switch??? thanks, Ciaron ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. For more information contact [EMAIL PROTECTED] phone + 353 1 4093000 fax + 353 1 4093001 ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40816&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDP or CCIE [7:40732]
Not once you have successfully completed your CCNP. As long as you shift yourself into the "design-frame" of mind, you should have no problem. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of amanda lalli-cafini Sent: Sunday, April 07, 2002 10:26 PM To: [EMAIL PROTECTED] Subject: RE: CCDP or CCIE [7:40732] Hi Andy, gee... passing a cisco test in 2 weeks would be pretty fast. regards, amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40819&t=40732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP or CCIE [7:40732]
test ""amanda lalli-cafini"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Andy, > > gee... passing a cisco test in 2 weeks would be pretty fast. > > > regards, > > amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40817&t=40732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: iBGP full mesh ? [7:40741]
It's not default for the same reason why unicast rpf (antispoofing) is not default in ISO; because people are stupid, and under poor design, it could produce very undesirable and hard to troubleshoot results. In other words, if you don't know why you are disabling synchronization, don't do it. Take the following scenario: A multihop iBGP link between routers (A) and (B) in which a non-bgp IGP router (C) is routing packets between them. Both BGP links are advertising full tables to each other, and, under your suggested default config, would attempt to forward packets to destinations that router C has no clue about. Then what does router C do with these destinations? The answer, of course, is to set up a iBGP full mesh, and then to disable synchronization , and if you are smart, design your network so that your IGP learns only about downstream routes and set a default route up to the core of your network. Anyway, the point being, sync is enabled by default because you really should know what you are doing before you disable it. On Mon, 2002-04-08 at 10:44, MADMAN wrote: > I can think one one good reason why you would disable sync, you can't > redistribute 100K routes into ANY IGP. Why are you so concerned about > disabling sync?? It should be default. > > Dave > > Jay wrote: > > > > BGP Rules of thumb: > > > > BGP advertised prefix must also exist in local IGP table. > > iBGP learned prefix must also exist in local IGP table > > -or use #no sync on iBGP learning router, but if you do, you'd sure as > > hell better know why you disabled it. > > > > On Sun, 2002-04-07 at 09:22, Phil Barker wrote: > > > Hi Group, > > > > > > Hope someone can help out with this as I don4t have > > > access to my kit at the moment. > > > > > > I tried to set up my first BGP lab last week. > > > I configured a full iBGP mesh, three routers connected > > > in a triangle via serial lines. > > > > > > I set up (neighbour( statements on each router (Hope > > > Radia can forgive the extra vowel !!!) and advertised > > > the networks. > > > > > > I got the BGP table working but nothing was promoted > > > to the main routing table, and therefore could4nt ping > > > non directly connected interfaces. I tried various > > > approaches like putting a default route in and running > > > an IGP but still no promotion to the main table. > > > > > > Should this be possible with iBGP ? or is it a matter > > > of loop avoidance i.e the AS Numbers won4t be > > > prepended for the case of iBGP peers. > > > > > > Phil. > > > > > > __ > > > Do You Yahoo!? > > > Everything you'll ever need on one web page > > > from News and Sport to Email and Music Charts > > > http://uk.my.yahoo.com > -- > David Madland > Sr. Network Engineer > CCIE# 2016 > Qwest Communications Int. Inc. > [EMAIL PROTECTED] > 612-664-3367 > > "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40818&t=40741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP or CCIE [7:40732]
hey amanda.. passing a cisco (ccnp) test in 2 weeks is easy.. these ccnp tests are very easy but soon they would all change into 640-603,4,5,6 which are not going to be that easy.. i myself completely my ccnp-4 exams in 40 days. ""amanda lalli-cafini"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Andy, > > gee... passing a cisco test in 2 weeks would be pretty fast. > > > regards, > > amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40820&t=40732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
bscn test [7:40821]
took that bscn test today, 69 ?'s and a bunch of time, but finished with only about 8 minutes left. Equal mix of EIGRP/OSPF/BGP and a couple of questions (each) regarding the rest of the exam outline. scored an 801..but it's passing. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40821&t=40821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
I don't think it can. As far as I know, it can do IP/IPX/DecNet/AppleTalk/Vines/CLNS. NetBios over TCP/IP will work with GRE but not straight NetBios or SNA. If GRE works with NetBios or SNA, it will be cool. I think that is why we use DLSW with NetBios and SNA connection. Ed -Original Message- From: Jay [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 10:44 AM To: [EMAIL PROTECTED] Subject: Re: netbios over internet [7:40784] Is it possible to send nonroutable traffic through a GRE Tunnel? On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > How about NetBIOS over TCP/IP (NBT) and encapsulate > it with IPSec. Another idea is using a GRE tunnel to > pass the NetBIOS to the next hop. > > > > I don't think you can, besides bridging on every internet hop. > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > how can I make the netbios over Internet except the dlsw+ ? * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40823&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson Test Help [7:40822]
Hello all, I schedule myself to take the new CCNA exam next week, could someone let me know should I buy all three Boson exams or just the #1 exam is good enough for the new version. Thanks Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40822&t=40822 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN and VPN (IPSEC 3DES) [7:40807]
It might be good to post some sanitized configs. Without that, my first guess would be to check what you define as interesting traffic. > -Original Message- > From: Curious [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 08, 2002 8:38 AM > To: [EMAIL PROTECTED] > Subject: ISDN and VPN (IPSEC 3DES) [7:40807] > > > Guys > Any of you familier with issues between ISDN and Cisco VPN > Client (IPSEC > 3DES). All of my ISDN users unable to VPN using Cisco VPN > Client, and we > have pICX 515. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40824&t=40807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Routing Question [7:40766]
This is why we love Priscilla. :-) Here we were making the ASSumption that we were using a classfull subnet mask. Thank you, Priscilla, for once again letting us know we aren't really worthy! :-) --Tim Priscilla Oppenheimer wrote: > > How many bits are defining network IDs and how many are > defining node IDs? > (that is, what's the subnet mask?) > > With some subnet masks, you have 3 segments in Scenario 2. With > other > subnet masks, you have a broken network (the routers can't talk > to each > other across the middle). > > Priscilla > > At 05:16 PM 4/7/02, Kent Browning wrote: > >Scenario 1 > >== > > > >---int0-(R1)-int1 int0-(R2)-int1 --- > > > >Router 1 > >Int 0: 192.168.1.1 > >Int 1: 192.168.2.1 > > > >Router 2 > >Int 0: 192.168.2.2 > >Int 1: 192.168.3.1 > > > > > >Scenario 2 > >== > > > >---int0-(R1)-int1 int0-(R2)-int1 --- > > > >Router 1 > >Int 0: 192.168.1.1 > >Int 1: 192.168.2.1 > > > >Router 2 > >Int 0: 192.168.3.1 > >Int 1: 192.168.4.1 > > > > > >Question: > >= > >In Scenario 1, there are 3 segments: > >Segment1: 192.168.1.0 > >Segment2: 192.168.2.0 > >Segment3: 192.168.3.0 > >I know this is correct. > > > >In Scenario 2, how many segments are there? > >Is there anything wrong with routing router 1 to router 2 and > not using a > >common segment? > > > Priscilla Oppenheimer > http://www.priscilla.com > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40825&t=40766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP and DOD [7:39657]
I worked my last contract I don't want to say where, but a major educational testing place. They still had banyan Vines in 2001. although I didn't touch it besides migration. I didn't think it was still around. We migrated them to Windows 2000. The banyan Vines servers left, but the mindsets of the admins were still banyan, even after the servers left. Every conversation was always "on banyan, we used to". Thankfully I was just a contractor and left after 7 Months. Me and the other contracters with current skills would always roll our eyes. -Original Message- From: William Gragido [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 10:45 AM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] No, we upgraded it ourselves Rico, I was there throughout the ninetieswe went from Banyan environments to IP (Unix/NT). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rico Ortiz Sent: Friday, April 05, 2002 6:42 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] When I was in the Marines (about 10 yrs ago) the used Banyard Vines for there networks. I believe EDS has been hired to upgrade there current network to an IP setup.. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Thursday, March 28, 2002 2:12 PM To: [EMAIL PROTECTED] Subject: RE: TCP/IP and DOD [7:39657] And I've heard that the US side in Desert Storm used Banyan for their networking systems, not TCP/IP!? Priscilla At 12:05 PM 3/28/02, Howard C. Berkowitz wrote: > >Thats what the DoD taught in their DataCommunications Schools. Sorry Dom. > >Absolutely, positively wrong, though. That's an urban legend that has >been disavowed by every early developer I can think of, including the >DARPA people. It developed out of pure DARPA sponsored research in >networking. > >I'm hard-pressed to think of any nuclear command & control >communications system, before the mid-80's or so, that used TCP/IP, >and at one time I knew pretty much every system that was deployed. >Among the ones I can talk about, they were circuit-switched or radio. >Some of the circuit-switched networks were computer controlled, >including AUTODIN I and a variety of intelligent networks. > >Without detailed research, I'd tend to say the first military TCP/IP >applications were in tactical, not strategic, nets. > >Actually, the first demonstration that packet switched networks were >resilient to massive attack came from the Iraqi air defense system in >Desert Storm. > > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >Chuck > >Sent: Thursday, March 28, 2002 9:00 AM > >To: [EMAIL PROTECTED] > >Subject: Re: TCP/IP and DOD [7:39657] > > > > > >the real reason being.? > > > > > > > > > > wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Sorry, the > >> > >> "be resilient to Global Thermal Nuclear attacks" > >> > >> is a myth. > >> > >> Dom Stocqueler > >> > >> > >> > >> > >> > >> "William > >> Gragido" To: > >> [EMAIL PROTECTED] > >>Subject: RE: TCP/IP and DOD > >> [7:39657] > >> Sent > >> by: > >> > >> nobody@groups > >> > >> tudy.com > >> > >> > >> > >> 27/03/2002 > >> > >> 20:17 > >> > >> Please > >> respond > >> to > >> > >> "William > >> > >> Gragido" > >> > >> > >> > >> > >> > >> > >> The DoD adopted TCP/IP as its native protocol for communications in 1983. > >> DARPA lead the charge for a communications system that would be resilient > >> to > >> Global Thermal Nuclear attacks (therein allowing for continued, > >> uninterrupted comm), and would allow for common connectivity of > >> multi-vendor > >> solutions. This of course did yield 'ARPA NET' which, by a decision of > >the > >> DCA (Defense Communications Agency), in 1983 was split in two yielding a > >> smaller version of 'ARPA NET' and 'MILNET'. The evolution of the modern > >> internet can followed done the line from 'ARPA NET' and as we all know by > >> virtue of adding new networks to the mix, 'ARPA NET' was de-regulated in > >> 1991 ushering the age of the modern internet. > >> > >> Hope that helps, > >> > >> Will Gragido > >> > >> -Original Message- > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >> Michael Williams > >> Sent: Wednesday, March 27, 2002 1:37 PM > >> To: [EMAIL PROTECTED] > >> Subject: RE: TCP/IP and DOD [7:39657] > >> > >> > >> It's kinda fuzzy. I myself just got through doing a tech review of a >book > >> covering this topic as well as have written my own "materials" for > >> training, > >> etc covering this topic. IMHO, DoD is credited with "creating the > >> internet" > >> even though at the time it wasn't called the internet and didn't use the > >> same protocols we do now. Although the D
RE: Pix Labs ... [7:40801]
Paul, Go to Ole Drews Jensen's website: www.routerchief.com, Free Software, and download the PIX QUIZ - PIX command trainer. This is an excellent, free software. This small software will help you master the PIX commands in no time! Bernard > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Paul > Sent: Monday, April 08, 2002 6:00 AM > To: [EMAIL PROTECTED] > Subject: Pix Labs ... [7:40801] > > Does anybody know of any sites similiar to R1R2.com that allow you to > configure a Pix Firewall ??? Or any software similiar to Boson Router Sim > that > will allow you to configure a Pix ??? > > Or any other suggestions regarding Pix hands-on training ... > > Kind regards ... > > Paul .. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40827&t=40801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configure transparent bridging on Cisco router [7:40709]
I believe you are right... You are working on a ROUTER, therefore, it prefers to ROUTE ROUTABLE traffic. If you take the ROUTING option away, then it will attempt other configured methods of forwarding traffic. --Tim Priscilla Oppenheimer wrote: > > At 11:50 AM 4/6/02, nntp.groupstudy.com wrote: > >I put two FA interfaces into same bridge group, and enable > bridge protocol > >ieee. There is not IP address configured on the bridge port. > But it will > >not > >bridge any IP traffic unless I disable IP routing on the router > > I think that's normal. If you want to bridge IP, you must > disable IP > routing because IP routing is enabled by default. See this: > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fibm_c/bcfpart1/bcftb.htm#xtocid30 > > >or use bridge > >irb. I was expecting the bridged ports will bridge IP, > because there is no > >IP configured on these two interface. Can somebody explain > why? > > > >Thanks > > > >Ruihai > > > Priscilla Oppenheimer > http://www.priscilla.com > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40828&t=40709 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson test help [7:40829]
Hello all, I schedule myself to take the new CCNA exam next week, could someone let me know should I buy all three Boson exams or just the #1 exam is good enough for the new version. Thanks Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40829&t=40829 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Question [7:40766]
There may be another problem with the Scenario 3: How R1 int0 will talk to R2 int1 if they are on the same subnet? Are you going to bridge ip traffic? -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, April 07, 2002 9:20 PM To: [EMAIL PROTECTED] Subject: RE: Routing Question [7:40766] Thanks a lot Priscilla. This is what I was looking for. I suppose my part 2 to the previous question would make more sense if I used live IPs like Scenario 3 Scenario 3 == ---int0-(R1)-int1 int0-(R2)-int1 --- Router 1 Int 0: 192.168.1.1 Int 1: 200.100.2.1 Router 2 Int 0: 200.100.2.2 Int 1: 192.168.1.1 So basically every router in the world would need to create a subnet? I suppose a company is on the same subnet as the ISP, then the ISP is on the same subnet as their teir 1 ISP then all the teir 1 ISPs are connected - between each AS using BGP. Is this right? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40830&t=40766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
AFAIK, if you have to two switches connected via a trunk link and you mirror VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all switches involved in that VLAN). You'll probably run into a situation where all of the traffic in VLAN1 will overrun your mirror port (which on a busy switch isn't hard to do). We have two 5500s trunked together, and we span (mirror) a port on a VLAN quite frequently. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40831&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: iBGP full mesh ? [7:40741]
I understand the what sync does and I also assume that someone setting up such an config, dual homed full routing, should understand BGP fundamentals. It's like auto summerization, I have never seen it fix anything but I have seen it cause problems many times. Dave Jay wrote: > > It's not default for the same reason why unicast rpf (antispoofing) is > not default in ISO; because people are stupid, and under poor design, it > could produce very undesirable and hard to troubleshoot results. In > other words, if you don't know why you are disabling synchronization, > don't do it. > > Take the following scenario: A multihop iBGP link between routers (A) > and (B) in which a non-bgp IGP router (C) is routing packets between > them. Both BGP links are advertising full tables to each other, and, > under your suggested default config, would attempt to forward packets to > destinations that router C has no clue about. Then what does router C > do with these destinations? > > The answer, of course, is to set up a iBGP full mesh, and then to > disable synchronization , and if you are smart, design your network so > that your IGP learns only about downstream routes and set a default > route up to the core of your network. > > Anyway, the point being, sync is enabled by default because you really > should know what you are doing before you disable it. > > On Mon, 2002-04-08 at 10:44, MADMAN wrote: > > I can think one one good reason why you would disable sync, you can't > > redistribute 100K routes into ANY IGP. Why are you so concerned about > > disabling sync?? It should be default. > > > > Dave > > > > Jay wrote: > > > > > > BGP Rules of thumb: > > > > > > BGP advertised prefix must also exist in local IGP table. > > > iBGP learned prefix must also exist in local IGP table > > > -or use #no sync on iBGP learning router, but if you do, you'd sure as > > > hell better know why you disabled it. > > > > > > On Sun, 2002-04-07 at 09:22, Phil Barker wrote: > > > > Hi Group, > > > > > > > > Hope someone can help out with this as I don4t have > > > > access to my kit at the moment. > > > > > > > > I tried to set up my first BGP lab last week. > > > > I configured a full iBGP mesh, three routers connected > > > > in a triangle via serial lines. > > > > > > > > I set up (neighbour( statements on each router (Hope > > > > Radia can forgive the extra vowel !!!) and advertised > > > > the networks. > > > > > > > > I got the BGP table working but nothing was promoted > > > > to the main routing table, and therefore could4nt ping > > > > non directly connected interfaces. I tried various > > > > approaches like putting a default route in and running > > > > an IGP but still no promotion to the main table. > > > > > > > > Should this be possible with iBGP ? or is it a matter > > > > of loop avoidance i.e the AS Numbers won4t be > > > > prepended for the case of iBGP peers. > > > > > > > > Phil. > > > > > > > > __ > > > > Do You Yahoo!? > > > > Everything you'll ever need on one web page > > > > from News and Sport to Email and Music Charts > > > > http://uk.my.yahoo.com > > -- > > David Madland > > Sr. Network Engineer > > CCIE# 2016 > > Qwest Communications Int. Inc. > > [EMAIL PROTECTED] > > 612-664-3367 > > > > "Emotion should reflect reason not guide it" -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40832&t=40741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
You can use NetBIOS over TCP/IP (using some kind of encryption if you choose), or if you have Cisco routers at either end connected to the internet, you can use DLSw+ to form peers between those two routers to tunnel the NetBIOS across any IP network (LAN/WAN, etc) which allows Layer 2 acknowledgements to be preserved (you may need to tweak the NetBIOS timers in DLSw+ if there is alot of latency over the internet between the two DLSw+ peers). Check out the following URLs (watch for wrap): DLSw+ Overview http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/dlsw.htm Configuring DLSw+ http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt2/bcddlsw.htm DLSw+ IOS Command Reference http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_r/brprt2/br1ddlsw.htm HTH, Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40833&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should supposedly work over the Internet. For example, can't you do file sharing over the Internet? That uses NetBIOS and SMB of CIFS. (I'm a Mac person, but in theory it should work. ;-) Priscilla At 10:43 AM 4/8/02, Jay wrote: >Is it possible to send nonroutable traffic through a GRE Tunnel? > >On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > > How about NetBIOS over TCP/IP (NBT) and encapsulate > > it with IPSec. Another idea is using a GRE tunnel to > > pass the NetBIOS to the next hop. > > > > > > > I don't think you can, besides bridging on every internet hop. > > > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > > how can I make the netbios over Internet except the dlsw+ ? Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40834&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
The biggest obstacle is the fact that most ISP's filter NBT traffic. It works just fine over a VPN connection, as the ISP doesn't see the NBT packets; they see VPN traffic. Basically all you have to do is get around an access list blocking ports 137, 138, and 139. -Original Message- From: Kim Edward B [mailto:[EMAIL PROTECTED]] Sent: Mon 4/8/2002 11:45 AM To: [EMAIL PROTECTED] Cc: Subject: RE: netbios over internet [7:40784] I don't think it can. As far as I know, it can do IP/IPX/DecNet/AppleTalk/Vines/CLNS. NetBios over TCP/IP will work with GRE but not straight NetBios or SNA. If GRE works with NetBios or SNA, it will be cool. I think that is why we use DLSW with NetBios and SNA connection. Ed -Original Message- From: Jay [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 10:44 AM To: [EMAIL PROTECTED] Subject: Re: netbios over internet [7:40784] Is it possible to send nonroutable traffic through a GRE Tunnel? On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > How about NetBIOS over TCP/IP (NBT) and encapsulate > it with IPSec. Another idea is using a GRE tunnel to > pass the NetBIOS to the next hop. > > > > I don't think you can, besides bridging on every internet hop. > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > how can I make the netbios over Internet except the dlsw+ ? * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40835&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
At 12:15 PM 4/8/02, Michael Williams wrote: >AFAIK, if you have to two switches connected via a trunk link and you mirror >VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all >switches involved in that VLAN). Only traffic that actually crosses the mirrored port, though, right? Broadcast /multicast traffic for the VLAN as well as traffic directed to ports on the switch doing mirroring that are in VLAN 1. I got the impression he thought he was going to see traffic on other switches that happened to have ports in VLAN 1 too. I doubt that's true. Think of all the extra work you would be requiring of the switches. Priscilla > You'll probably run into a situation where >all of the traffic in VLAN1 will overrun your mirror port (which on a busy >switch isn't hard to do). We have two 5500s trunked together, and we span >(mirror) a port on a VLAN quite frequently. > >Mike W. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40836&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN question [7:37481]
A little bird told me that old, non IOS routers were still topics on the beta for RA... --- Steve Ringley wrote: > Its an interesting question about the exam though as > the 700 series is not > on the current product list. I am working on this > exam next, and hate to > spend time on something that has passed from > relevance. > > ""Kaminski, Shawn G"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > OK, I'm going to break the NDA. > > > > Not much on the 700's except for very basic stuff. > It doesn't go into any > > detail on the 700 commands, so don't worry too > much about them. > Concentrate > > more on other stuff. > > > > Did I really break the NDA? No, but I just wanted > some people out there to > > poop their pants when they thought I might! :-) > > > > -Original Message- > > From: John McCartney > [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, March 06, 2002 5:07 PM > > To: [EMAIL PROTECTED] > > Subject: BCRAN question [7:37481] > > > > > > I'd like to ask those that have passed the BCRAN > was there a lot of ??'s > on > > the 700 series? I'm reading it an its very dry and > I'm trying to decide if > I > > really need to focus on this aspect or focus on > other areas. Any info is > > appreciated, don't break the NDA [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40837&t=37481 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Question [7:40766]
See comments below. At 11:19 PM 4/7/02, Kent Browning wrote: >Thanks a lot Priscilla. This is what I was looking for. > >I suppose my part 2 to the previous question would make more sense if I used >live IPs like Scenario 3 > >Scenario 3 >== > >---int0-(R1)-int1 int0-(R2)-int1 --- > >Router 1 >Int 0: 192.168.1.1 >Int 1: 200.100.2.1 > >Router 2 >Int 0: 200.100.2.2 >Int 1: 192.168.1.1 Yes, that sounds reasonably real-world. The 200.100.2.0 network is an ISP perhaps. I assume that you know that you are using private addresses and are not worried about both companies using 192.168.1.1 on their interfaces that face their private networks. You would need NAT for this to work. >So basically every router in the world would need to create a subnet? Routers connect subnets. On a point-to-point WAN link that connects two companies, it could be a very small subnet. Some people even use 255.255.255.254 for the subnet mask (although some people claim this is illegal and insist on 255.255.255.252). >I >suppose a company is on the same subnet as the ISP, A company uses address space from its ISP (or private addressing). >then the ISP is on the >same subnet as their teir 1 ISP then all Uses address space from their tier 1 ISP. >the teir 1 ISPs are connected - >between each AS using BGP. Is this right? Sounds right to me. Hopefully we haven't oversimplified so much as to introduce errors. That happens sometimes. Howard Berkowitz wrote a Routing Principles paper for http://www.certificationzone.com that might help you. Also, be sure to read the classics like books by Comer, Perlman, Stevens. Priscilla Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40838&t=40766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
You certainly can do file sharing over the internet - saying 'NetBIOS' is routable is a bit misleading though... It's the underlying protocol that determines its ability to be routed... -mike bray [EMAIL PROTECTED] -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 11:59 AM To: [EMAIL PROTECTED] Subject: Re: netbios over internet [7:40784] NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should supposedly work over the Internet. For example, can't you do file sharing over the Internet? That uses NetBIOS and SMB of CIFS. (I'm a Mac person, but in theory it should work. ;-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40841&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
This thread has been taken out of context. The real initial question was whether or not you could bridge over the internet. E.g., have 2 LANs that are Layer 2 Bridged over the internet. Somewhat like DLSw+ can do for NetBIOS and SNA. It would have the same effect as doing this: (which you can't do) int tunnel0 tun sour 10.10.10.1 tun dest 10.20.20.1 bridge-group 1 int eth0 bridge-group 1 Somehow IP would have to encapsulate the incoming MAC frame as the data portion of the packet, and then release it as an ethernet frame on the other end. On Mon, 2002-04-08 at 12:58, Priscilla Oppenheimer wrote: > NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should > supposedly work over the Internet. For example, can't you do file sharing > over the Internet? That uses NetBIOS and SMB of CIFS. > > (I'm a Mac person, but in theory it should work. ;-) > > Priscilla > > At 10:43 AM 4/8/02, Jay wrote: > >Is it possible to send nonroutable traffic through a GRE Tunnel? > > > >On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > > > How about NetBIOS over TCP/IP (NBT) and encapsulate > > > it with IPSec. Another idea is using a GRE tunnel to > > > pass the NetBIOS to the next hop. > > > > > > > > > > I don't think you can, besides bridging on every internet hop. > > > > > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > > > how can I make the netbios over Internet except the dlsw+ ? > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40840&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
I agree. -Original Message- From: Michael Bray [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 1:30 PM To: [EMAIL PROTECTED] Subject: RE: netbios over internet [7:40784] You certainly can do file sharing over the internet - saying 'NetBIOS' is routable is a bit misleading though... It's the underlying protocol that determines its ability to be routed... -mike bray [EMAIL PROTECTED] -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 11:59 AM To: [EMAIL PROTECTED] Subject: Re: netbios over internet [7:40784] NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should supposedly work over the Internet. For example, can't you do file sharing over the Internet? That uses NetBIOS and SMB of CIFS. (I'm a Mac person, but in theory it should work. ;-) Priscilla * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40842&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
The original question was: "how can I make the netbios over Internet except the dlsw+ ?" He didn't say bridging. You did. Priscilla At 01:29 PM 4/8/02, Jay wrote: >This thread has been taken out of context. The real initial question >was whether or not you could bridge over the internet. E.g., have 2 >LANs that are Layer 2 Bridged over the internet. Somewhat like DLSw+ >can do for NetBIOS and SNA. It would have the same effect as doing >this: (which you can't do) > >int tunnel0 > tun sour 10.10.10.1 > tun dest 10.20.20.1 > bridge-group 1 > >int eth0 > bridge-group 1 > >Somehow IP would have to encapsulate the incoming MAC frame as the data >portion of the packet, and then release it as an ethernet frame on the >other end. > > > >On Mon, 2002-04-08 at 12:58, Priscilla Oppenheimer wrote: > > NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should > > supposedly work over the Internet. For example, can't you do file sharing > > over the Internet? That uses NetBIOS and SMB of CIFS. > > > > (I'm a Mac person, but in theory it should work. ;-) > > > > Priscilla > > > > At 10:43 AM 4/8/02, Jay wrote: > > >Is it possible to send nonroutable traffic through a GRE Tunnel? > > > > > >On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > > > > How about NetBIOS over TCP/IP (NBT) and encapsulate > > > > it with IPSec. Another idea is using a GRE tunnel to > > > > pass the NetBIOS to the next hop. > > > > > > > > > > > > > I don't think you can, besides bridging on every internet hop. > > > > > > > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > > > > how can I make the netbios over Internet except the dlsw+ ? > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40843&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDP or CCIE [7:40732]
Of course it may require more than 2 weeks for your CCDP if you haven't completed your CCDA which is a requirement. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of amanda lalli-cafini Sent: Sunday, April 07, 2002 10:26 PM To: [EMAIL PROTECTED] Subject: RE: CCDP or CCIE [7:40732] Hi Andy, gee... passing a cisco test in 2 weeks would be pretty fast. regards, amanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40844&t=40732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ip/tv [7:40845]
im discussing here at my company to deploy ip/tv . has anyone tried it what do i need. i was reading at cisco web site that you need a nt server which will have the digitizer card... George Gittins Internet Systems Manager Weslaco, Tx 78599 Phone (956)9696557 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40845&t=40845 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
The only traffic from the mirror port that would be from the other switch would be trunked data. Local traffic on the other switch will not traverse the trunk and would not be seen. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Monday, April 08, 2002 10:06 AM To: [EMAIL PROTECTED] Subject: RE: port mirroring and vlans [7:40816] At 12:15 PM 4/8/02, Michael Williams wrote: >AFAIK, if you have to two switches connected via a trunk link and you mirror >VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all >switches involved in that VLAN). Only traffic that actually crosses the mirrored port, though, right? Broadcast /multicast traffic for the VLAN as well as traffic directed to ports on the switch doing mirroring that are in VLAN 1. I got the impression he thought he was going to see traffic on other switches that happened to have ports in VLAN 1 too. I doubt that's true. Think of all the extra work you would be requiring of the switches. Priscilla > You'll probably run into a situation where >all of the traffic in VLAN1 will overrun your mirror port (which on a busy >switch isn't hard to do). We have two 5500s trunked together, and we span >(mirror) a port on a VLAN quite frequently. > >Mike W. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40846&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
OK, OK, well what about my question then? Is there any way to do this? > >this: (which you can't do) > > > >int tunnel0 > > tun sour 10.10.10.1 > > tun dest 10.20.20.1 > > bridge-group 1 > > > >int eth0 > > bridge-group 1 On Mon, 2002-04-08 at 14:15, Priscilla Oppenheimer wrote: > The original question was: > > "how can I make the netbios over Internet except the dlsw+ ?" > > He didn't say bridging. You did. > > Priscilla > > At 01:29 PM 4/8/02, Jay wrote: > >This thread has been taken out of context. The real initial question > >was whether or not you could bridge over the internet. E.g., have 2 > >LANs that are Layer 2 Bridged over the internet. Somewhat like DLSw+ > >can do for NetBIOS and SNA. It would have the same effect as doing > >this: (which you can't do) > > > >int tunnel0 > > tun sour 10.10.10.1 > > tun dest 10.20.20.1 > > bridge-group 1 > > > >int eth0 > > bridge-group 1 > > > >Somehow IP would have to encapsulate the incoming MAC frame as the data > >portion of the packet, and then release it as an ethernet frame on the > >other end. > > > > > > > >On Mon, 2002-04-08 at 12:58, Priscilla Oppenheimer wrote: > > > NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP should > > > supposedly work over the Internet. For example, can't you do file sharing > > > over the Internet? That uses NetBIOS and SMB of CIFS. > > > > > > (I'm a Mac person, but in theory it should work. ;-) > > > > > > Priscilla > > > > > > At 10:43 AM 4/8/02, Jay wrote: > > > >Is it possible to send nonroutable traffic through a GRE Tunnel? > > > > > > > >On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > > > > > How about NetBIOS over TCP/IP (NBT) and encapsulate > > > > > it with IPSec. Another idea is using a GRE tunnel to > > > > > pass the NetBIOS to the next hop. > > > > > > > > > > > > > > > > I don't think you can, besides bridging on every internet hop. > > > > > > > > > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > > > > > how can I make the netbios over Internet except the dlsw+ ? > > > > > > > > > Priscilla Oppenheimer > > > http://www.priscilla.com > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40847&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Puzzles -> WAS RE: My interview story [7:40553]
Correct -Original Message- From: John Allhiser [mailto:[EMAIL PROTECTED]] Sent: Saturday, April 06, 2002 6:38 AM To: [EMAIL PROTECTED] Subject: RE: Puzzles -> WAS RE: My interview story [7:40553] The first one is simple if you relate it to public key sharing in network security. Place the diamond in the box. Secure the box with your lock. Send it to your friend. So far, it's safe from the courier. When your friend receives the box, she secures the box with her lock and sends it back to you. Still safe. You remove your lock and send it back to her. Still safe. She removes her lock and retrieves the diamond. All of this is done without the use of relatively prime numbers. ;o) The second puzzle has already been answered using the details given --- 0'-32' > > -Original Message- > > From: Dusty Harper [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 05, 2002 4:55 PM > > To: [EMAIL PROTECTED] > > Subject: RE: My interview story [7:40553] > > > The goal is to determine how you think. Most real world solutions to > > problems can be applied to technological hurdles, or problems. > > > > As an example: > > > > Prep: > > You have an empty box, a lock, a key for your lock, and a > > diamond. > > Your friend has an empty box, and a lock for his box. > > > > Goal: > > You want to get the diamond to your friend via courier. However > > the courier will steal anything that is not locked. How do you do > > this? > > > > > > Another example: > > > > If you have 2 20' poles, a 32' rope strung between them, and the > > lowest point of the rope is 4' off of the ground, how far apart are > > the poles? > > > > It gauges how one thinks and handles situations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40848&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Puzzles -> WAS RE: My interview story [7:40553]
Actually 0' is physically impossible due to the width of the rope needing to be taken into account, but that's just a technicality. -Original Message- From: Craig Columbus [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 9:58 PM To: [EMAIL PROTECTED] Subject: Re: Puzzles -> WAS RE: My interview story [7:40553] Part A: I heard this one where the friend also has a key that will open his lock, but not yours. Also, the condition is that no destructive techniques are allowed, so breaking or cutting wasn't a possible solution. Part B: He never states that the rope is attached to the top of the pole, just that it's attached to the pole. So, the answer is that the poles are somewhere between 0 and 32 feet apart. Craig At 11:33 PM 4/5/2002 -0500, you wrote: >I'll bite. >a) Boxes and diamond. Gordian Knot technique. Lock the diamond in your box >and send it to your friend. He breaks the lock or cuts open the box. >b) Poles and rope. The poles are touching. > > > -Original Message- > > From: Dusty Harper [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 05, 2002 4:55 PM > > To: [EMAIL PROTECTED] > > Subject: RE: My interview story [7:40553] > > > The goal is to determine how you think. Most real world solutions to > > problems can be applied to technological hurdles, or problems. > > > > As an example: > > > > Prep: > > You have an empty box, a lock, a key for your lock, and a > > diamond. > > Your friend has an empty box, and a lock for his box. > > > > Goal: > > You want to get the diamond to your friend via courier. However > > the courier will steal anything that is not locked. How do you do > > this? > > > > > > Another example: > > > > If you have 2 20' poles, a 32' rope strung between them, and the > > lowest point of the rope is 4' off of the ground, how far apart are > > the poles? > > > > It gauges how one thinks and handles situations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40849&t=40553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ip/tv [7:40845]
we use ip/tv extensively at the cisco campus for all sorts of multicast video. I can put you in touch with our ip/tv broadcast manager if you like... Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 11:42 AM To: [EMAIL PROTECTED] Subject: ip/tv [7:40845] im discussing here at my company to deploy ip/tv . has anyone tried it what do i need. i was reading at cisco web site that you need a nt server which will have the digitizer card... George Gittins Internet Systems Manager Weslaco, Tx 78599 Phone (956)9696557 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40850&t=40845 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Backup bridging [7:40851]
Gurus- I have a situation where I am using IRB to bridge a network over a T1. I have been trying to get this backed up by using an ISDN BRI dialback with dialer profiles. I have been mostly unsuccessful except for roughly 3 minutes where it worked and then ceased working and has not worked since. The ISDN dials and connects but no traffic seems to cross the link even though lights on the front panel are flashing as though the traffic was going across normally. I was just informed by TAC that ISDN will not work with IRB and that I need to switch to CRB. This would also entail that I add an extra interface to each router in order to communicate with them via IP since CRB would eliminate the BVI's that I have been using for this purpose. My question for the group is: * Is this true? I really have no faith in what the TAC guy told me because he really seemed to have difficulty communicating with me. * What do people use to backup IRB configurations? Has anyone else out there stumbled across this problem? *Can I use CRB on sub-if's or tunnel interfaces? Basically I am going for some sort of fancy solution that will get this working the way that I expected it would when I planned this whole setup. *Is there anything preventing me from throwing out these expensive Cisco routers and using Adtran TSU 600's which do this sort of thing in their sleep? On a related note, I am really not thrilled about the new TAC format whereby you create your own ticket on the web and then an engineer sends a link to a TAC HOW-TO article and tries to close your case. It really leaves you with the feeling that you shouldn't be paying the premium for Cisco anymore. Thanks in advance, Chris Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40851&t=40851 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hardening Ports? [7:40852]
Hello, all :-) I was hoping one (or many) of you could help me with a question I have: how do I lock-down ports on a server? I know how to lock them down on firewalls and routers, but how to do it on a server is my question. I know it's a general question but any assistance would be most appreciated. Truly, Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40852&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
Which operating systems? On windows the most common way to to disable services from the control panel. Do a netstat -an to see which ports are open. Then you can shutdown services that have those ports open. On UNIX/LINUX you can do the same netstat -an. Most of the services can be disabled in inetd.conf or xinted.conf. Just comment them out and restart inetd daemon. Also services are started from startup scripts which are in different locations on different versions of UNIX and Linux. ""Charlie"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, all :-) > > I was hoping one (or many) of you could help me with a question I have: how > do I lock-down ports on a server? I know how to lock them down on firewalls > and routers, but how to do it on a server is my question. I know it's a > general question but any assistance would be most appreciated. > > Truly, > Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40853&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
do you men ethernet ports or tcpip ports?
Ethernet ports are done in the driver autonegotiate/speed/duplex settings
locking down tcpip ports is entirely different. TCPwrappers will wrap
daemons and applications under *nix... not so sure there is an equivalent
for microsoft or novellTCPWrappers just handles the negotiation really
between the client and daemon.
-Patrick
>>> Charlie 04/08/02 03:50PM >>>
Hello, all :-)
I was hoping one (or many) of you could help me with a question I have: how
do I lock-down ports on a server? I know how to lock them down on firewalls
and routers, but how to do it on a server is my question. I know it's a
general question but any assistance would be most appreciated.
Truly,
Charlie
> Confidentiality Disclaimer
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. ("WellStar") and is intended only for the individual or entity to whom
addressed. This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40854&t=40852
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
Thank you, Sam. Your instructions were clear and simple to follow. I was refering to a Windows system. I gave it a try and already idenitified open ports (which I also learned from using WS PingPro). I will now attempt to close/end some services. Thanks again. Charlie ""sam sneed"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Which operating systems? > > On windows the most common way to to disable services from the control > panel. Do a netstat -an to see which ports are open. Then you can shutdown > services that have those ports open. > > On UNIX/LINUX you can do the same netstat -an. Most of the services can be > disabled in inetd.conf or xinted.conf. Just comment them out and restart > inetd daemon. Also services are started from startup scripts which are in > different locations on different versions of UNIX and Linux. > > ""Charlie"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hello, all :-) > > > > I was hoping one (or many) of you could help me with a question I have: > how > > do I lock-down ports on a server? I know how to lock them down on > firewalls > > and routers, but how to do it on a server is my question. I know it's a > > general question but any assistance would be most appreciated. > > > > Truly, > > Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40855&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to keep BGP's session open indefinitly with no [7:40856]
I got a message saying it was not a valid value. Is that because I tried to just do one zero (my thinking being it would then give me the valid options for holdtime) I tried ROUTER BGP 100 neighbor 1.1.1.1 timers 0 ? Anthony Pace ""Chris Camplejohn"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > router bgp 100 > bgp log-neighbor-changes > timers bgp 0 0 > > > ""Anthony Pace"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > CCO say's if the holdtime is "0" then the sessions are assumed up and do > not > > exchange keepalives, but on the command line "timers" does not permit 0 > for > > the hello or hlodrime interval. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40856&t=40856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
Patrick -
I was refering to TCP/IP ports. Thanks for your reply. Sam's message came
in very handy and answered my question as well. Thanks again.
Charlie
""Patrick Ramsey"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> do you men ethernet ports or tcpip ports?
>
> Ethernet ports are done in the driver autonegotiate/speed/duplex settings
>
> locking down tcpip ports is entirely different. TCPwrappers will wrap
> daemons and applications under *nix... not so sure there is an equivalent
> for microsoft or novellTCPWrappers just handles the negotiation really
> between the client and daemon.
>
> -Patrick
>
> >>> Charlie 04/08/02 03:50PM >>>
> Hello, all :-)
>
> I was hoping one (or many) of you could help me with a question I have:
how
> do I lock-down ports on a server? I know how to lock them down on
firewalls
> and routers, but how to do it on a server is my question. I know it's a
> general question but any assistance would be most appreciated.
>
> Truly,
> Charlie
> > Confidentiality DisclaimerThis email and any files
transmitted with it may contain confidential and
> /or proprietary information in the possession of WellStar Health System,
> Inc. ("WellStar") and is intended only for the individual or entity to
whom
> addressed. This email may contain information that is held to be
> privileged, confidential and exempt from disclosure under applicable law.
If
> the reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized access, dissemination, distribution or
> copying of any information from this email is strictly prohibited, and may
> subject you to criminal and/or civil liability. If you have received this
> email in error, please notify the sender by reply email and then delete
this
> email and its attachments from your computer. Thank you.
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40858&t=40852
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hardening Ports? [7:40852]
Charlie, As others noted, it depends on your OS. I would recommend doing a search on google for "your OS"+hardening. You'll probably find what your looking for. Also consult your vendors web site and http://www.sans.org for more info. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charlie Sent: Monday, April 08, 2002 12:51 PM To: [EMAIL PROTECTED] Subject: Hardening Ports? [7:40852] Hello, all :-) I was hoping one (or many) of you could help me with a question I have: how do I lock-down ports on a server? I know how to lock them down on firewalls and routers, but how to do it on a server is my question. I know it's a general question but any assistance would be most appreciated. Truly, Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40861&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
Priscilla is correct, normally a span only shows unicast for the VLAN on the switch where the span is enabled plus any bcast or mcast from other switches that have active ports in the VLAN in question. However, there is a "remote span" capability that has been added to the 6000 series in 5.3 code that does allow you to see the traffic for an entire vlan from any switch in the net: http://www.cisco.com/warp/public/473/41.html#remote Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Monday, April 08, 2002 10:06 AM To: [EMAIL PROTECTED] Subject: RE: port mirroring and vlans [7:40816] At 12:15 PM 4/8/02, Michael Williams wrote: >AFAIK, if you have to two switches connected via a trunk link and you mirror >VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all >switches involved in that VLAN). Only traffic that actually crosses the mirrored port, though, right? Broadcast /multicast traffic for the VLAN as well as traffic directed to ports on the switch doing mirroring that are in VLAN 1. I got the impression he thought he was going to see traffic on other switches that happened to have ports in VLAN 1 too. I doubt that's true. Think of all the extra work you would be requiring of the switches. Priscilla > You'll probably run into a situation where >all of the traffic in VLAN1 will overrun your mirror port (which on a busy >switch isn't hard to do). We have two 5500s trunked together, and we span >(mirror) a port on a VLAN quite frequently. > >Mike W. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40860&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FS: Catalyst 3920 switches (OEM Olicom 8601) (fwd) [7:40863]
I know that many of you studying for your CCIE lab are looking for good deals on some of the more critical peices of CCIE lab gear. As some of you may or may not know, the Catalyst 3900 series was originally made by Olicom, and known as the Olicom OC-8600 (Catalyst 3900) and the OC-8601 (Catalyst 3920). Later Cisco made these there catalyst line. I have a handfull of Olicom OC-8601 switches, which have the same interface as a Catalyst 3920. These are 20 port token ring switches. They do not support CDP, since they are the Olicom version, but they support everything else including the identical interface and method of creating TrCRF's and TrBRF's, which is the part most seem to concentrate on for CCIE lab study. These are very minty and clean. I am making them available to this list for $800/each. This is a very good deal on an affordable solution. These are running the latest version of the Olicom code, which like i said is is an identical interface as the Cisco code only this says Olicom instead of Cisco and does not support the CDP part of it. Brian --- Brian Feeny, CCIE #8036e: [EMAIL PROTECTED] Network Engineer p: 318.222.2638x109 ShreveNet Inc. f: 318.221.6612 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40863&t=40863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
""Jay"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > OK, OK, well what about my question then? Is there any way to do this? Yes - UTI > > > >this: (which you can't do) > > > > > >int tunnel0 > > > tun sour 10.10.10.1 > > > tun dest 10.20.20.1 > > > bridge-group 1 > > > > > >int eth0 > > > bridge-group 1 > > > On Mon, 2002-04-08 at 14:15, Priscilla Oppenheimer wrote: > > The original question was: > > > > "how can I make the netbios over Internet except the dlsw+ ?" > > > > He didn't say bridging. You did. > > > > Priscilla > > > > At 01:29 PM 4/8/02, Jay wrote: > > >This thread has been taken out of context. The real initial question > > >was whether or not you could bridge over the internet. E.g., have 2 > > >LANs that are Layer 2 Bridged over the internet. Somewhat like DLSw+ > > >can do for NetBIOS and SNA. It would have the same effect as doing > > >this: (which you can't do) > > > > > >int tunnel0 > > > tun sour 10.10.10.1 > > > tun dest 10.20.20.1 > > > bridge-group 1 > > > > > >int eth0 > > > bridge-group 1 > > > > > >Somehow IP would have to encapsulate the incoming MAC frame as the data > > >portion of the packet, and then release it as an ethernet frame on the > > >other end. > > > > > > > > > > > >On Mon, 2002-04-08 at 12:58, Priscilla Oppenheimer wrote: > > > > NetBEUI is non-routable. NetBIOS is routable. NetBIOS over TCP/IP > should > > > > supposedly work over the Internet. For example, can't you do file > sharing > > > > over the Internet? That uses NetBIOS and SMB of CIFS. > > > > > > > > (I'm a Mac person, but in theory it should work. ;-) > > > > > > > > Priscilla > > > > > > > > At 10:43 AM 4/8/02, Jay wrote: > > > > >Is it possible to send nonroutable traffic through a GRE Tunnel? > > > > > > > > > >On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > > > > > > How about NetBIOS over TCP/IP (NBT) and encapsulate > > > > > > it with IPSec. Another idea is using a GRE tunnel to > > > > > > pass the NetBIOS to the next hop. > > > > > > > > > > > > > > > > > > > I don't think you can, besides bridging on every internet hop. > > > > > > > > > > > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > > > > > > how can I make the netbios over Internet except the dlsw+ ? > > > > > > > > > > > > Priscilla Oppenheimer > > > > http://www.priscilla.com > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40864&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configure transparent bridging on Cisco router [7:40709]
The router will "bridge" all traffic on those interfaces EXCEPT IP. If you want to bridge IP you disable IP routing or use CRB or IRB which lets you configure your choice of bridge/route per protocol per interface (in the case of IRB you route into the bridge group via the BVI. Anthony Pace ""timothy thielen"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I believe you are right... You are working on a ROUTER, therefore, it > prefers to ROUTE ROUTABLE traffic. If you take the ROUTING option away, > then it will attempt other configured methods of forwarding traffic. > > --Tim > > Priscilla Oppenheimer wrote: > > > > At 11:50 AM 4/6/02, nntp.groupstudy.com wrote: > > >I put two FA interfaces into same bridge group, and enable > > bridge protocol > > >ieee. There is not IP address configured on the bridge port. > > But it will > > >not > > >bridge any IP traffic unless I disable IP routing on the router > > > > I think that's normal. If you want to bridge IP, you must > > disable IP > > routing because IP routing is enabled by default. See this: > > > > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fibm _c/bcfpart1/bcftb.htm#xtocid30 > > > > >or use bridge > > >irb. I was expecting the bridged ports will bridge IP, > > because there is no > > >IP configured on these two interface. Can somebody explain > > why? > > > > > >Thanks > > > > > >Ruihai > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40865&t=40709 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: standard trunk protocol [7:40809]
Yes there is, it's called GVRP which is part/extension of 802.1q. Not all vendors support this though so YMMV. VTP, DTP are Cisco propiertary. --- TP wrote: > Dear Group, > I'm confused. > In a multi-vendor enviroment I've to design a VLANs > scenario. > So I can prefer 802.1Q tagging (standard) on the > trunk link. And then? How > to > manage the VLAN informations? > Is VTP (or DTP) a cisco protocol? > Is there a standard in order to manage the vlan > information dynamically? > Thanks. > Teresa [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40867&t=40809 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ancient Isdn bri wisdom ? [7:40586]
I meant to add to this thread yesterday and didn't get around to it. Be aware that there are bugs with PPP Multilink and "fancy" queueing (as Cisco puts it) in IOS 12.0. Or at least when interworking 12.0 with either 11.2 or 12.1 - I don't think I've confirmed it with 12.0 at both ends. By fancy queueing I think Cisco means priority queuing, custom queuing, possibly WFQ (not sure on that), etc. What I've seen is that with 12.0 on one end and 11.2 or 12.1 on the other (various combinations of hardware), if PPP multilink and queueing are configured, the PPP connection doesn't establish properly. Of course, if you're only using a single channel, PPP multilink is usually not required. JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 09/04/2002 08:44 am - "Herold Heiko" Sent by: [EMAIL PROTECTED] 08/04/2002 08:16 pm Please respond to "Herold Heiko" To: [EMAIL PROTECTED] cc: Subject:RE: Ancient Isdn bri wisdom ? [7:40586] To everyone, thank you for your advice, what you wrote seems reasonable. However it seems this would mean if there are only single channel connections (64k or 56k only) [m]route-cache and fair-queue can remain enabled. I'll try that asap. Heiko Herold -- -- PREVINET S.p.A.[EMAIL PROTECTED] -- Via Ferretto, 1ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 -- ITALY > -Original Message- > From: Lomker, Michael [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 05, 2002 5:31 PM > To: [EMAIL PROTECTED] > Subject: RE: Ancient Isdn bri wisdom ? [7:40586] > > > > Now I tried to research the reason for that and really didn't > > find any. > > It is done because ISDN lines are considered two physical > paths that are > bonded together using PPP multilink or Cisco's proprietary > bonding. If you > don't disable route caching then the tcp/ip conversation will > always be > switched out the same physical path (your big download will > only use 1/2 of > the 128k connection). It's easy to test that...just remove > it sometime. > > no-fair queue appears to be the default for asynchronous > interfaces on the > later versions of IOS. To be honest, I'm not certain why > FIFO offers better > performance than WFQ would on asynch lines; I can't find a > good explanation > on CCO right now. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40868&t=40586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MS Security Operation Guide for Windows 2000 Server - [Was : [7:40869]
Hi Charlie,
FYI, Microsoft just release the Security Operation Guide for Windows 2000
server. Here is the link to it
Hope this help!
Bac
-Original Message-
From: Charlie [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 08, 2002 2:12 PM
To: [EMAIL PROTECTED]
Subject: Re: Hardening Ports? [7:40852]
Patrick -
I was refering to TCP/IP ports. Thanks for your reply. Sam's message came
in very handy and answered my question as well. Thanks again.
Charlie
""Patrick Ramsey"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> do you men ethernet ports or tcpip ports?
>
> Ethernet ports are done in the driver autonegotiate/speed/duplex settings
>
> locking down tcpip ports is entirely different. TCPwrappers will wrap
> daemons and applications under *nix... not so sure there is an equivalent
> for microsoft or novellTCPWrappers just handles the negotiation really
> between the client and daemon.
>
> -Patrick
>
> >>> Charlie 04/08/02 03:50PM >>>
> Hello, all :-)
>
> I was hoping one (or many) of you could help me with a question I have:
how
> do I lock-down ports on a server? I know how to lock them down on
firewalls
> and routers, but how to do it on a server is my question. I know it's a
> general question but any assistance would be most appreciated.
>
> Truly,
> Charlie
> > Confidentiality DisclaimerThis email and any files
transmitted with it may contain confidential and
> /or proprietary information in the possession of WellStar Health System,
> Inc. ("WellStar") and is intended only for the individual or entity to
whom
> addressed. This email may contain information that is held to be
> privileged, confidential and exempt from disclosure under applicable law.
If
> the reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized access, dissemination, distribution or
> copying of any information from this email is strictly prohibited, and may
> subject you to criminal and/or civil liability. If you have received this
> email in error, please notify the sender by reply email and then delete
this
> email and its attachments from your computer. Thank you.
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40869&t=40869
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Firewall without NAT [7:40871]
I am trying to configure a PIX firewall behind the Cayman DSL router. Because we only have one Public IP address which is used by Cayman router. I will use 192.168.1.x and 192.168.0.x for the two segments of PIX. Cayman router does NAT job for all users. In this case, could I configure the PIX without NAT, i.e., NAT (inside) 0 0.0.0.0 0.0.0.0 I wonder whether it works, internal users are still able to connect to internet. Thanks, Daniel Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40871&t=40871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
You can also try using the IP Filtering feature from Windows NT/2000. It should be under the advanced configuration for TCP/IP. cheekin - Original Message - From: "Charlie" To: Sent: Tuesday, April 09, 2002 4:40 AM Subject: Re: Hardening Ports? [7:40852] > Thank you, Sam. Your instructions were clear and simple to follow. I was > refering to a Windows system. I gave it a try and already idenitified open > ports (which I also learned from using WS PingPro). I will now attempt to > close/end some services. Thanks again. > > Charlie > > ""sam sneed"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Which operating systems? > > > > On windows the most common way to to disable services from the control > > panel. Do a netstat -an to see which ports are open. Then you can shutdown > > services that have those ports open. > > > > On UNIX/LINUX you can do the same netstat -an. Most of the services can be > > disabled in inetd.conf or xinted.conf. Just comment them out and restart > > inetd daemon. Also services are started from startup scripts which are in > > different locations on different versions of UNIX and Linux. > > > > ""Charlie"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hello, all :-) > > > > > > I was hoping one (or many) of you could help me with a question I have: > > how > > > do I lock-down ports on a server? I know how to lock them down on > > firewalls > > > and routers, but how to do it on a server is my question. I know it's a > > > general question but any assistance would be most appreciated. > > > > > > Truly, > > > Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40872&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
Thanks for the info. What will they think of next? ;-) You better have big pipes between those switches. I love the way Cisco gives you enough rope to hang yourself. I was glad to see that they don't let you SPAN BPDUs. You could really screw things up that way! ;-) Priscilla At 05:37 PM 4/8/02, Kent Hundley wrote: >Priscilla is correct, normally a span only shows unicast for the VLAN on the >switch where the span is enabled plus any bcast or mcast from other switches >that have active ports in the VLAN in question. However, there is a "remote >span" capability that has been added to the 6000 series in 5.3 code that >does allow you to see the traffic for an entire vlan from any switch in the >net: > >http://www.cisco.com/warp/public/473/41.html#remote > >Regards, >Kent > > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Priscilla Oppenheimer >Sent: Monday, April 08, 2002 10:06 AM >To: [EMAIL PROTECTED] >Subject: RE: port mirroring and vlans [7:40816] > > >At 12:15 PM 4/8/02, Michael Williams wrote: > >AFAIK, if you have to two switches connected via a trunk link and you >mirror > >VLAN1 to a port, you should see all of the traffic in VLAN1 (i.e. from all > >switches involved in that VLAN). > >Only traffic that actually crosses the mirrored port, though, right? >Broadcast /multicast traffic for the VLAN as well as traffic directed to >ports on the switch doing mirroring that are in VLAN 1. > >I got the impression he thought he was going to see traffic on other >switches that happened to have ports in VLAN 1 too. I doubt that's true. >Think of all the extra work you would be requiring of the switches. > >Priscilla > > > You'll probably run into a situation where > >all of the traffic in VLAN1 will overrun your mirror port (which on a busy > >switch isn't hard to do). We have two 5500s trunked together, and we span > >(mirror) a port on a VLAN quite frequently. > > > >Mike W. > > >Priscilla Oppenheimer >http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40873&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 3920 switches (OEM Olicom 8601) (fwd) [7:40863]
4/8/2002 9:45pm Monday I have two Catalyst 3920's connected to two 3640 router w/ NM 1FE1R2W. I do not see what the big deal is about this switch !!! Can you please explain the TrCRF and TrBRF thing ? Thanks a great deal, Richard // ""Brian"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I know that many of you studying for your CCIE lab are looking for good > deals on some of the more critical peices of CCIE lab gear. > > As some of you may or may not know, the Catalyst 3900 series was > originally made by Olicom, and known as the Olicom OC-8600 (Catalyst 3900) > and the OC-8601 (Catalyst 3920). Later Cisco made these there catalyst > line. > > I have a handfull of Olicom OC-8601 switches, which have the same > interface as a Catalyst 3920. These are 20 port token ring switches. > They do not support CDP, since they are the Olicom version, but they > support everything else including the identical interface and method of > creating TrCRF's and TrBRF's, which is the part most seem to concentrate > on for CCIE lab study. > > These are very minty and clean. I am making them available to this list > for $800/each. This is a very good deal on an affordable solution. These > are running the latest version of the Olicom code, which like i said is is > an identical interface as the Cisco code only this says Olicom instead of > Cisco and does not support the CDP part of it. > > Brian > > --- > Brian Feeny, CCIE #8036e: [EMAIL PROTECTED] > Network Engineerp: 318.222.2638x109 > ShreveNet Inc.f: 318.221.6612 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40874&t=40863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Firewall without NAT [7:40871]
hello daniel : you can do it ""Daniel Ma"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am trying to configure a PIX firewall behind the Cayman DSL router. > Because we only have one Public IP address which is used by Cayman router. I > will use 192.168.1.x and 192.168.0.x for the two segments of PIX. Cayman > router does NAT job for all users. In this case, could I configure the PIX > without NAT, i.e., > NAT (inside) 0 0.0.0.0 0.0.0.0 > > I wonder whether it works, internal users are still able to connect to > internet. > > Thanks, > > Daniel Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40875&t=40871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
6509 trunk to 3524? Any suggestions [7:40876]
Team, can anyone help out. I am seeing the following messages on one of our 6509's. Port 7/2 is connected via fiber to a 3524 closet switch. We've tried replacing the gbic's on both the 6509 and 3524. The port keeps going from connected state to non-connect stat and the trunk port messages underneath is what we see. Can anyone offer any suggestions? distribution 6509 port 7/2 -fiber- cisco3524 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk distribution6509> (enable) sh port 7/2 Port Name Status Vlan Duplex Speed Type - -- -- -- -- - 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex - - - --- 7/2 disabled shutdown 001 enabled 95 Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr Shutdown/Time-Left - - - -- 7/2 0 -- -- - Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40876&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 6509 trunk to 3524? Any suggestions [7:40876]
3524 .try it. ""Ouellette, Tim"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Team, > > can anyone help out. I am seeing the following messages on one of our > 6509's. Port 7/2 is connected via fiber to a 3524 closet switch. We've > tried replacing the gbic's on both the 6509 and 3524. The port keeps going > from connected state to non-connect stat and the trunk port messages > underneath is what we see. Can anyone offer any suggestions? > > > > distribution 6509 port 7/2 -fiber- cisco3524 > > > > 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > distribution6509> (enable) sh port 7/2 > Port Name Status Vlan Duplex Speed Type > - -- -- -- -- - > 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX > > > Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex > - - - --- > 7/2 disabled shutdown 001 enabled 95 > > Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr > Shutdown/Time-Left > - - - > -- > 7/2 0 -- -- > - Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40877&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hardening Ports? [7:40852]
My apologies. Posted to the wrong group. cheekin - Original Message - From: "Chee Kin" To: Sent: Tuesday, April 09, 2002 9:35 AM Subject: Re: Hardening Ports? [7:40852] > You can also try using the IP Filtering feature from Windows NT/2000. It > should be under the advanced configuration for TCP/IP. > > cheekin > > - Original Message - > From: "Charlie" > To: > Sent: Tuesday, April 09, 2002 4:40 AM > Subject: Re: Hardening Ports? [7:40852] > > > > Thank you, Sam. Your instructions were clear and simple to follow. I was > > refering to a Windows system. I gave it a try and already idenitified > open > > ports (which I also learned from using WS PingPro). I will now attempt to > > close/end some services. Thanks again. > > > > Charlie > > > > ""sam sneed"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Which operating systems? > > > > > > On windows the most common way to to disable services from the control > > > panel. Do a netstat -an to see which ports are open. Then you can > shutdown > > > services that have those ports open. > > > > > > On UNIX/LINUX you can do the same netstat -an. Most of the services can > be > > > disabled in inetd.conf or xinted.conf. Just comment them out and restart > > > inetd daemon. Also services are started from startup scripts which are > in > > > different locations on different versions of UNIX and Linux. > > > > > > ""Charlie"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Hello, all :-) > > > > > > > > I was hoping one (or many) of you could help me with a question I > have: > > > how > > > > do I lock-down ports on a server? I know how to lock them down on > > > firewalls > > > > and routers, but how to do it on a server is my question. I know it's > a > > > > general question but any assistance would be most appreciated. > > > > > > > > Truly, > > > > Charlie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40878&t=40852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 6509 trunk to 3524? Any suggestions [7:40876]
Tim, I've had a similar problem in the past between a 5500 and 6509. It was a bad blade in the 5500. R/ Dave On 4/8/02 10:54 PM, in article [EMAIL PROTECTED], ""Ouellette, Tim"" wrote: > Team, > > can anyone help out. I am seeing the following messages on one of our > 6509's. Port 7/2 is connected via fiber to a 3524 closet switch. We've > tried replacing the gbic's on both the 6509 and 3524. The port keeps going > from connected state to non-connect stat and the trunk port messages > underneath is what we see. Can anyone offer any suggestions? > > > > distribution 6509 port 7/2 -fiber- cisco3524 > > > > 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > distribution6509> (enable) sh port 7/2 > Port Name Status Vlan Duplex Speed Type > - -- -- -- -- - > 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX > > > Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex > - - - --- > 7/2 disabled shutdown 001 enabled 95 > > Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr > Shutdown/Time-Left > - - - > -- > 7/2 0 -- -- > - Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40879&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6509 trunk to 3524? Any suggestions [7:40880]
Hi, You did not paste your configs, but they should be similar to below: On the 3524 switch interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk On the 3524, use the following command: show interface g0/1 switchport In the display, check the Operational Mode and the Operational Trunking Encapsulation fields On the 6509 switch set trunk 7/2 nonegotiate dot1q The 6509 trunk should be set to "nonegotiate" mode as the 3524 does not participate in DTP. DTP (dynamic trunk protocol) negotiates the two ends of the link to a compatible mode, reducing the possibility of incompatibility when configuring a link. When connecting a trunk port to a non DTP device, use the non-negotiate option on the DTP-capable device so that the switch port does not generate DTP frames. On the 6509, you should see something similar to this: Console> (enable) show trunk * - indicates vtp domain mismatch Port Mode Encapsulation StatusNative vlan --- - --- 7/2 nonegotiate dot1qtrunking 1 Port Vlans allowed on trunk - 7/2 1-1005,1025-4094 Port Vlans allowed and active in management domain - 7/2 Port Vlans in spanning tree forwarding state and not pruned - 7/2 Or it could be UDLD working it's magic...try the above first... Hope it helps, Daryl Wan CCIE #7261, CSS1, CCDP, CCSE, MSCE, FCNE, yada yada yada. -Original Message- From: Ouellette, Tim [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 10:55 AM To: '[EMAIL PROTECTED]' Cc: '[EMAIL PROTECTED]' Subject: 6509 trunk to 3524? Any suggestions Team, can anyone help out. I am seeing the following messages on one of our 6509's. Port 7/2 is connected via fiber to a 3524 closet switch. We've tried replacing the gbic's on both the 6509 and 3524. The port keeps going from connected state to non-connect stat and the trunk port messages underneath is what we see. Can anyone offer any suggestions? distribution 6509 port 7/2 -fiber- cisco3524 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk distribution6509> (enable) sh port 7/2 Port Name Status Vlan Duplex Speed Type - -- -- -- -- - 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex - - - --- 7/2 disabled shutdown 001 enabled 95 Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr Shutdown/Time-Left - - - -- 7/2 0 -- -- - _ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40880&t=40880 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
All you have to do to do NetBIOS over the internet is either use WINS or reference the share by IP address, assuming you are using either NT or Win2K. For instance, from a command prompt: net use X: \\123.123.123.123\C$ /user:ntdomain\ntusername Thththththats all folks. God knows why you would ever want to do anything as risky as that though :-) -- James D. Wilson, CCDA, MCP Sr. Network/Security Engineer "non sunt multiplicanda entia praeter necessitatem" William of Ockham (1285-1347/49) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of cage Sent: Sunday, April 07, 2002 8:15 PM To: [EMAIL PROTECTED] Subject: netbios over internet [7:40784] how can I make the netbios over Internet except the dlsw+ ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40881&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
Priscilla Oppenheimer wrote: > Only traffic that actually crosses the mirrored port, though, > right? > Broadcast /multicast traffic for the VLAN as well as traffic > directed to > ports on the switch doing mirroring that are in VLAN 1. You're absolutely right. I can't explain my lack of thorough explanation as that's what I was thinking (about broadcast/multicast traffic in addition to any traffic to/from the port you're mirroring). I respectfully submit my CCNP to you for shredding as penalty for my misleading comments =) Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40882&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6509 trunk to 3524? Any suggestions [7:40876]
Tim, This should do it for you http://www.cisco.com/warp/public/473/43.html It appears that you didn't disable trunk negotiation on the 6500. Since the 3500XL doesn't support DTP you are having trouble. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > yangchun > Sent: Monday, April 08, 2002 11:07 PM > To: [EMAIL PROTECTED] > Subject: Re: 6509 trunk to 3524? Any suggestions [7:40876] > > > 3524 .try it. > ""Ouellette, Tim"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Team, > > > > can anyone help out. I am seeing the following messages on one of our > > 6509's. Port 7/2 is connected via fiber to a 3524 closet > switch. We've > > tried replacing the gbic's on both the 6509 and 3524. The port keeps > going > > from connected state to non-connect stat and the trunk port messages > > underneath is what we see. Can anyone offer any suggestions? > > > > > > > > distribution 6509 port 7/2 -fiber- cisco3524 > > > > > > > > 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > > 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > > 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > > > distribution6509> (enable) sh port 7/2 > > Port Name Status Vlan Duplex Speed Type > > - -- -- -- -- - > > 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX > > > > > > Port Security Violation Shutdown-Time Age-Time Max-Addr Trap > IfIndex > > - - - > --- > > 7/2 disabled shutdown 001 > enabled 95 > > > > Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr > > Shutdown/Time-Left > > - - - > > -- > > 7/2 0 -- -- > > - Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40884&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: port mirroring and vlans [7:40816]
Kent Hundley wrote: > However, there > is a "remote > span" capability that has been added to the 6000 series in 5.3 > code that > does allow you to see the traffic for an entire vlan from any > switch in the > net: > > http://www.cisco.com/warp/public/473/41.html#remote Is there an equivalent version in Native IOS for the 6000/6500 series? I'll go and see if I can find one, but just thought if you knew of one off of the top of your head, I'd ask. Mike W. PS: As Priscilla mentioned, If you're running a 6500 with even one full blade of 10/100 ports worth of ports in a single VLAN, it seems that doing a "remote span" wouldn't do much good unless you're spanning to a Gig port (or better yet to a Gig etherchannel, if that's even possible) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40883&t=40816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: netbios over internet [7:40784]
Priscilla Oppenheimer wrote: > For example, can't you do > file sharing > over the Internet? That uses NetBIOS and SMB of CIFS. > > (I'm a Mac person, but in theory it should work. ;-) A Mac person? I thought you had good judgement? (Please no flames, it's a good natured joke) You *can* indeed to file and print sharing over the internet as I caught someone attempting to hack my PC over the net and in turn did a port scan on his machine (in France), found port 139 open and saw they were running Win2K, and attempted to attach to the : \\\c$ share. Upon doing this, I was prompted for a password, which would indicate that all Micro$oft networking was working fine (even behind the NAT of my DSL router). Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40885&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ethernet [7:40886]
Hi group , we have around 400 computers in the building on the lan .I have one 2610 router which is our gateway router on the ethernet of the router i am recieving huge amount of multicast and crc4 errors . I have one more Telendus router which connected with my customer on serial .The problem is that on the cutomers link after some time the ms get increase and then it chockes the link .What i am guessing is that one or more ethernetdevice is malfuntioning problem is how to find those devices which r malfuntioning .PLz help to solve this problem Thanx Kaushslender Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40886&t=40886 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6509 trunk to 3524? Any suggestions [7:40876]
You cant use dtp with 3524, use the set trunk */* nonegoitate dot1q to force it to trunk... Also make sure you enble on the ge 0/1 on the 3524 as a switch port mode trunk with dot1q encapsulation That will force it to trunk, and life will be sweet. We use Dual 6509's with 10 3548XLs and its working fine. Cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40887&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: netbios over internet [7:40784]
I disagree that most ISP's block the following: tcp or udp 135 (mapping) tcp or udp 137 (NetBIOS Name Service) udp 138 (NetBIOS datagrams - the actual data) tcp 139 (NetBIOS Session) Any more than they block the rest of it. If they did, for one thing, your firewalls wouldn't be blocking this stuff every minute as the script kiddies aim their pre-written tools at massive netblocks. Furthermore they would have to state this in their service agreements. I can tell you for a fact that Sprint, XO, New Edge (who bought @Work), MCI/UUNET, PSI, QWEST, and AT&T (not including the cable modem market - that is another story) do not block this traffic from/to customer networks. Cable providers do have a nasty habit of blocking udp 500 (isakmp) but that is for financial reasons (they want you to pay for "business class" service if you use a VPN.) That doesn't mean that they don't block it (NetBIOS) from their own servers, as most sane people would/should/do - but if they blocked their customers, however foolish, from doing this they would be violating service agreements. -- James D. Wilson, CCDA, MCP Sr. Network/Security Engineer "non sunt multiplicanda entia praeter necessitatem" William of Ockham (1285-1347/49) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Logan, Harold Sent: Monday, April 08, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: RE: netbios over internet [7:40784] The biggest obstacle is the fact that most ISP's filter NBT traffic. It works just fine over a VPN connection, as the ISP doesn't see the NBT packets; they see VPN traffic. Basically all you have to do is get around an access list blocking ports 137, 138, and 139. -Original Message- From: Kim Edward B [mailto:[EMAIL PROTECTED]] Sent: Mon 4/8/2002 11:45 AM To: [EMAIL PROTECTED] Cc: Subject: RE: netbios over internet [7:40784] I don't think it can. As far as I know, it can do IP/IPX/DecNet/AppleTalk/Vines/CLNS. NetBios over TCP/IP will work with GRE but not straight NetBios or SNA. If GRE works with NetBios or SNA, it will be cool. I think that is why we use DLSW with NetBios and SNA connection. Ed -Original Message- From: Jay [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 10:44 AM To: [EMAIL PROTECTED] Subject: Re: netbios over internet [7:40784] Is it possible to send nonroutable traffic through a GRE Tunnel? On Mon, 2002-04-08 at 10:12, Engelhard M. Labiro wrote: > How about NetBIOS over TCP/IP (NBT) and encapsulate > it with IPSec. Another idea is using a GRE tunnel to > pass the NetBIOS to the next hop. > > > > I don't think you can, besides bridging on every internet hop. > > > > On Sun, 2002-04-07 at 23:14, cage wrote: > > > how can I make the netbios over Internet except the dlsw+ ? * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40888&t=40784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW + [7:40889]
Dear guys, I have a stupid question (I'm sure) but I do not have any idea to approach this question. I was using promicious in RA, RB,RC, and remote peer Ra to RB, but I don't know how to use only one peer to build session Between RA,RB,RC. RA === RB === RC Can you build session from RA to RB and RC using only one peer without using DLSW border peer. Isianto Istiadi System Engineer PT. Nusantara Compnet Integrator Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40889&t=40889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6509 trunk to 3524? Any suggestions [7:40890]
Thanks for the quick response guys. Found a faulty mx extender between the 6509 and the 3524. Does the 3524 support pagp? I did receive a message from David mentioning something about having the 6509 being set to negotiate the dot1q. I'll have to look into this a little more. Anyone one else a lot of problems with these extenders as well as aobut 3-5% of all gbic's we put into production fail. Again, thanks for the help! Tim -Original Message- From: Ouellette, Tim [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 7:55 PM To: '[EMAIL PROTECTED]' Cc: '[EMAIL PROTECTED]' Subject: 6509 trunk to 3524? Any suggestions Team, can anyone help out. I am seeing the following messages on one of our 6509's. Port 7/2 is connected via fiber to a 3524 closet switch. We've tried replacing the gbic's on both the 6509 and 3524. The port keeps going from connected state to non-connect stat and the trunk port messages underneath is what we see. Can anyone offer any suggestions? distribution 6509 port 7/2 -fiber- cisco3524 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk distribution6509> (enable) sh port 7/2 Port Name Status Vlan Duplex Speed Type - -- -- -- -- - 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex - - - --- 7/2 disabled shutdown 001 enabled 95 Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr Shutdown/Time-Left - - - -- 7/2 0 -- -- - _ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40890&t=40890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6509 trunk to 3524? Any suggestions [7:40876]
usmdlz1329000101> (enable) sh trunk 7/2 * - indicates vtp domain mismatch Port Mode Encapsulation StatusNative vlan --- - --- 7/2 on dot1q not-trunking 1 Port Vlans allowed on trunk 7/2 1,224-227,1001-1005,1025-4094 Port Vlans allowed and active in management domain 7/2 1 Port Vlans in spanning tree forwarding state and not pruned 7/2 usmdlz1329000101> (enable) clear trunk 7/2 2-223,228-1000 set trunk 7/2 on dot1q 1,224-227,1001-1005,1025-4094 Is the "on" mode okay? Tim -Original Message- From: David C Prall [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 11:41 PM To: [EMAIL PROTECTED] Subject: RE: 6509 trunk to 3524? Any suggestions [7:40876] Tim, This should do it for you http://www.cisco.com/warp/public/473/43.html It appears that you didn't disable trunk negotiation on the 6500. Since the 3500XL doesn't support DTP you are having trouble. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > yangchun > Sent: Monday, April 08, 2002 11:07 PM > To: [EMAIL PROTECTED] > Subject: Re: 6509 trunk to 3524? Any suggestions [7:40876] > > > 3524 .try it. > ""Ouellette, Tim"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Team, > > > > can anyone help out. I am seeing the following messages on one of our > > 6509's. Port 7/2 is connected via fiber to a 3524 closet > switch. We've > > tried replacing the gbic's on both the 6509 and 3524. The port keeps > going > > from connected state to non-connect stat and the trunk port messages > > underneath is what we see. Can anyone offer any suggestions? > > > > > > > > distribution 6509 port 7/2 -fiber- cisco3524 > > > > > > > > 2002 Apr 08 22:26:26 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > 2002 Apr 08 22:26:52 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > > 2002 Apr 08 22:30:19 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > 2002 Apr 08 22:30:23 %DTP-5-NONTRUNKPORTON:Port 7/2 has become non-trunk > > 2002 Apr 08 22:30:28 %DTP-5-TRUNKPORTON:Port 7/2 has become dot1q trunk > > > > distribution6509> (enable) sh port 7/2 > > Port Name Status Vlan Duplex Speed Type > > - -- -- -- -- - > > 7/2 Tk1382014101-0/1 notconnect 1full 1000 1000BaseSX > > > > > > Port Security Violation Shutdown-Time Age-Time Max-Addr Trap > IfIndex > > - - - > --- > > 7/2 disabled shutdown 001 > enabled 95 > > > > Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr > > Shutdown/Time-Left > > - - - > > -- > > 7/2 0 -- -- > > - Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40891&t=40876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR SVCs [7:40893]
Has anyone worked with FR SVC's on 7200s and 1700's? Any known issues? Love it? Hate it? Wish it came is yellow? A coworker has opened a case with the TAC regarding configuring multiple FR SVCs on a single physical interface. I was wondering if anyone else has run into the same or similar issues. Thanks, Bill in AK [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40893&t=40893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Bridge Problem [7:40894]
Hi Group I have a Cisco 3660 Router with a NM-4T and a NM-8AS modoules. 128 MB memory and 16Mb Flash mem. I have 2 DSL modems on 8-AS module runing in bridge mode (irb) I am using cisco IOS Version 12.0(7)XK2 I want to upgrade my IOS , I tried to install 12.2(3) IOS , installation successed and everything seems normal , but bridged customers on 8AS module could'nt work. I could ping them but they could not. my IOS file is : c3660-is-mz.120-7.XK2.bin and I installed : c3660-is-mz.122-1.T.bin I tried to install other IOS , like 12.2.3 , 12.2.5 and others but the problem did not solve. is there any function in my old IOS that does'nt support in new IOSs ? plz help me Reza Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40894&t=40894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please confirm (conf#c217b7a4fcf9a99614a38be8d3f86545) [7:40895]
--- [EMAIL PROTECTED] wrote: > Hi, > > You have tried to post to GroupStudy.com's > Professional mailing list. Because > the server does not recognize you as a confirmed > poster, you will be required > to authenticate that you are using a valid e-mail > address and are not a > spammer. By confirming this e-mail you certify that > you are not sending > Unsolicited Bulk Email (UBE). > > PLEASE DO NOT SEND YOUR ORIGINAL MESSAGE AGAIN! BY > CONFIRMING THIS EMAIL > YOUR ORIGINAL MESSAGE (WHICH IS NOW QUEUED IN THE > SERVER) WILL BE POSTED. > > > By confirming this e-mail you also certify the > following: > > 1. The message does NOT break Cisco's Non-Disclosure > requirements. > > 2. The message is NOT designed to advertise a > commercial product. > > 3. You understand all postings become property of > GroupStudy.com > > 4. You have searched the archives prior to posting. > > 5. The message is NOT inflammatory. > > 6. The message is NOT a test message. > > To confirm, simply reply to this message. No > editing is necessary. Once > confirmed, you will be able to post without > additional confirmations. > > > Welcome to GroupStudy.com! > > > --ORIGINAL MESSAGE- > > From [EMAIL PROTECTED] Wed Mar 27 09:04:47 2002 > Received: from web14704.mail.yahoo.com > (web14704.mail.yahoo.com [216.136.224.121]) > by groupstudy.com (8.9.3/8.9.3) with SMTP id > BAA23076 > GroupStudy Mailer; Wed, 27 Mar 2002 01:17:16 -0500 > Message-ID: > > Received: from [12.253.88.51] by > web14704.mail.yahoo.com via HTTP; Tue, 26 Mar 2002 > 22:18:28 PST > Date: Tue, 26 Mar 2002 22:18:28 -0800 (PST) > From: Imran Moin > Subject: Taking BCRAN this monday !!! > To: [EMAIL PROTECTED] > MIME-Version: 1.0 > Content-Type: text/plain; charset=us-ascii > > Hi gang, > > I am planning to take my BCRAN exam this monday. I > have already passed my BCMSN and BSCN exams from the > CCNP track. > > I need some advice on BCRAN, and especially from > someone who took the exam recently. Also, if anyone > has any material to share, then i would greatly > appreciate it. > > I am planning to nail down CIT after this and then > CCIE written by the june hopefully. > > Thanks in advance, > > Imran Moin > Network Engineer > University of colorado > CCNA, MCP, CCNP/2 > > > = > Imran Moin > Network Engineering and Operations > University of Colorado, Boulder > CCNA, CCNP (switching) > > __ > Do You Yahoo!? > Yahoo! Movies - coverage of the 74th Academy Awards. > http://movies.yahoo.com/ > = Imran Moin Network Engineering and Operations University of Colorado, Boulder CCNA, CCNP (switching) __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40895&t=40895 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please confirm (conf#25ae7d8cbbdcbab1847847d75c268b9a) [7:40896]
--- [EMAIL PROTECTED] wrote: > Hi, > > You have tried to post to GroupStudy.com's > Professional mailing list. Because > the server does not recognize you as a confirmed > poster, you will be required > to authenticate that you are using a valid e-mail > address and are not a > spammer. By confirming this e-mail you certify that > you are not sending > Unsolicited Bulk Email (UBE). > > PLEASE DO NOT SEND YOUR ORIGINAL MESSAGE AGAIN! BY > CONFIRMING THIS EMAIL > YOUR ORIGINAL MESSAGE (WHICH IS NOW QUEUED IN THE > SERVER) WILL BE POSTED. > > > By confirming this e-mail you also certify the > following: > > 1. The message does NOT break Cisco's Non-Disclosure > requirements. > > 2. The message is NOT designed to advertise a > commercial product. > > 3. You understand all postings become property of > GroupStudy.com > > 4. You have searched the archives prior to posting. > > 5. The message is NOT inflammatory. > > 6. The message is NOT a test message. > > To confirm, simply reply to this message. No > editing is necessary. Once > confirmed, you will be able to post without > additional confirmations. > > > Welcome to GroupStudy.com! > > > --ORIGINAL MESSAGE- > > From [EMAIL PROTECTED] Fri Mar 29 07:42:37 2002 > Received: from web14703.mail.yahoo.com > (web14703.mail.yahoo.com [216.136.224.120]) > by groupstudy.com (8.9.3/8.9.3) with SMTP id > HAA04698 > GroupStudy Mailer; Fri, 29 Mar 2002 07:42:36 -0500 > Message-ID: > > Received: from [12.253.88.106] by > web14703.mail.yahoo.com via HTTP; Fri, 29 Mar 2002 > 04:43:52 PST > Date: Fri, 29 Mar 2002 04:43:52 -0800 (PST) > From: Imran Moin > Subject: Taking BCRAN this tueday > To: [EMAIL PROTECTED] > MIME-Version: 1.0 > Content-Type: text/plain; charset=us-ascii > > Hi gang, > > I am taking my BCRAN exam this tuesday. I have > already > nailed down the CCNP Ruting and switching exams. I > need some advice from you all about this exam. Has > anyone taken it recently? What kind of questions are > they asking? > > Has anyone got any materials to share with me? I > would > really appreciate if someone can share soft copy of > some exam material with me. > > Thanks a bunch > Imran Moin > CCNA, CCNP/2 > > = > Imran Moin > Network Engineering and Operations > University of Colorado, Boulder > CCNA, CCNP (switching) > > __ > Do You Yahoo!? > Yahoo! Greetings - send holiday greetings for > Easter, Passover > http://greetings.yahoo.com/ > = Imran Moin Network Engineering and Operations University of Colorado, Boulder CCNA, CCNP (switching) __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40896&t=40896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
connection to VPN server concentrator 3005 only 9.6kbps [7:40897]
hi all, I seems to only able to connect to a CISCO vpn server 3005 at 9.6kbps using win98 vpn pptp connection while my pstn connection to internet is 56kbps . However connection to a microsoft VPN server will not have a problem anyone knows why is that so? any forms of inputs will be greatly appreciated regards, suaveguru __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40897&t=40897 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
