Telnet Session Traces....Needing help! [7:44793]
To anybody that has experience with Sniffers. or more perhaps more specifically, Priscilla- I'm trying to hunt down the culprit of Telnet Session disconnects without Administrative or User interaction to invoke such action. The situation is Telnet clients on remote ends of PIX VPNs have their sessions dropped without warning, and without Administrative action to cause such sudden session endings. All users that connect to the same Telnet Server on the local subnet never experience this problem. For the remote users that do experience this problem, it usually occurs after roughly 30 minutes of inactivity. This used to not be the case when all such remote clients were connecting via private Frame Relay networks back to the Server in a hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to the Telnet Server's Private Network has this anomaly arisen. The Telnet Server is a custom application service for Unidata DB Server by Informix. It uses the standard Telnet port, and runs on NT 4.0. For everything I can see in the registry referencing the Telnet App Service, it doesn't specify any settings for keep-alive or session monitoring. Also, from the Unidata Application Server's point of view, the Server thinks the user is still connected, so it never clears the session. When the user finds his/her application rendering a Pop-Up dialogue stating that the session was disconnected, and asks if they want to reconnect, they choose Yes naturally. From the Server side, a second session for that user is started, and the first session becomes an orphan process (in my own words). This of course then causes a problem of exhausting the limited number of users licenses, and eventually causes users to not be able to get back on the system until the old orphaned processes are administratively cleared. So, I open a case with Cisco, and they say Slap a Sniffer on the Server side of the network, and see what is causing the disconnects. They also say that they are suspect that the Telnet Server is sending its session keep-alives via Broadcast, and that by design of Security, the VPN tunnels don't pass Broadcast Traffic. The Sniffer capture is supposed to prove or disprove this. I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window of data, but am at a loss as to how to identify the disconnect process of a telnet session..Which is where I could use a few pointers. Could someone tell me what to look for in a session trace that identifies a sudden termination of a specific telnet session (most probably initiated by the server)?? Unfortunately, I'm not a very well experienced person in following the SYN, FIN, PSH, ACK, SYN ACK, etc. process. But I want to learn! If I had the time and money, I'd go take a Sniffer class, but that's another story. so, in the mean time, if someone would be kind enough to point me in a direction on how to interpret and follow a sniffer trace, I'd be eternally greatful. Thanks, Mark Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44793t=44793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Provider backbone engineering [7:44778]
Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 11:27 PM -0400 5/22/02, dre wrote: The first key question to ask here: what is the broad routing paradigm? Cold potato/closest exit or hot potato/best exit? For a peering routes example, yes best-exit/closest-exist problems are super high on the agenda. However, that seems to be more of an IGP problem, and that's where regular knowledge of say, OSPF, is taken to a whole new level. Not necessarily an IGP problem, but possibly an edge router that classifies traffic, possibly with communities signaled to an aggregating router, or using policy routing to MPLS tunnels. You really think that's likely? I always saw it as: same weight/local_pref - external route - same as-path - same origin type - *then* MED (some people doing annoying internal IGP metrics (based on fiber distances) to MED's, others doing more intelligent, yet also annoying values that force you to do best-exit, but end up costing you money until you local_pref and force shortest-exit, and lastly smart people who tell you they are doing MED's based on delay or congested peers or *ahem* antiquated equipment (can you say AGS+?) and you listen to them because you are friends with the guy or some equally similar situation). Now, what's the next step if MED is the same? Your IGP metric. Boom. Doing something like DS-TE (which it sounds like you are mentioning as common practice for best-exit routing) is unheard of to me. Reversal routing concepts are common in the workplace and unheard of in any labs/certification courses. Are you mentioning reverse path verification as well? Good catch. ; Actually, I had the idea of reverse triggers using BGP and source-specified routing a long time ago (to actually stop spoofed addresses). I sort of borrowed the concept from MAPS RBL's BGP reverse trigger for stopping unsolicited commercial email and other blackholing concepts. Then Cisco (and now Juniper) started doing this with a FIB and calling it uRPF. Funny name for a simple concept. Well I guess it's not very simple. I'm still trying to get my head around loose vs. strict uRPF and some of the strange ideas I've had recently involving IRRToolSet peval and router configruations for strict mode (or was that loose mode? heh). We've been learning a lot about that IGP metric direct translation to MED can be dangerous, and produce persistent oscillation. Those route maps may be the better way to set MED. http://www.ietf.org/internet-drafts/draft-ietf-idr-route-oscillation-01.txt Ok well that's easy. Implement your RR's correctly (duh). And I personally say Keep It Simple Stupid and use every possibility before considering MED's (never do always-compare, but always use deterministic when you do use MED's), and just stick to good old IGP costing based on whatever you want (fiber distances, delay, etc), but make it overly simple and easy. One way to avoid using MED's is to call your peer and say hey can you local_pref or change your IGP metric around this for me?. That generally works pretty well ; There also some unusual uses of MED, where IOS has knobs to implement certain behavior. Always-compare-MED can compare the MEDs of different AS, as long as they are adjacent. Avi Freedman had a presentation on an informal standard for exchange-point MED values, based on delay, at the Denver NANOG. Wish there was more out there, but thanks for the pointers =] Cisco docs are lacking, and I hadn't seen those (woo!) 3 slides before. I guess something is better than nothing, so I'll stop complaining now. that's totally black-art. Cisco certs clearly don't have the whole ball-of-wax, but a lot of this can be easily incorporated into their curriculum. Well, it depends how complex you want to make the curriculum. I don't really see, for example, why an ISP routing engineer needs a particular knowledge of VoIP. If the ISP offers voice, they are likely to have full-time voice specialist. If the ISP is just providing connectivity, the VoIP and AVVID in general becomes the enterprise's problem. I'd rather see more certification types, in more depth than breadth, in more areas. That's the way the TAC is internally organized, anyway. I sort of like how the Cisco SE's are organized: Core Transmission (e.g. SONET, ATM, Frame-Relay, Ethernet/Etherchannel) IP Multi-Layer / IP VPN (e.g. MPLS VPN, IPSec, BGP, OSPF, VLAN) IP Aggregation / Access (e.g. xDSL, Cable, Dial, Fixed Wireless, WLAN) Packet Telephony (e.g. VoIP, VoX, SS7, IPBX, H.323, MGCP, SIP) Network Management (SNMP, TFTP, CLI, HTML, XML, CORBA) Is this what you are talking about? Cisco is starting to organize a lot of concepts around good models; I think they have this stuff down (but that doesn't mean it can't be improved - they need a lot of industry feedback). Other companies are also starting to get some momentum (well I'm talking about Juniper, although
Re: filter snmp MIB send out on a router [7:44777]
You might be able to accomplish this goal with the view option of the snmp-server command. If the message parsing doesn't strip it out, here's a URL that might shed some light: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_ r/frprt3/frd3001.htm#1023313 - Original Message - From: Adam Wang To: Sent: Wednesday, May 22, 2002 9:01 PM Subject: filter snmp MIB send out on a router [7:44777] Hi group, Is there a way to filter the SNMP MIB sned out on a cisco router. For example, I want a community string only send out router interface status info. How would I accomplish this? Thanks Adam __ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44795t=44777 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Provider backbone engineering [7:44778]
Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Two more things (going back to more original topics I want to cover again). The first key question to ask here: what is the broad routing paradigm? Cold potato/closest exit or hot potato/best exit? For a peering routes example, yes best-exit/closest-exist problems are super high on the agenda. However, that seems to be more of an IGP problem, and that's where regular knowledge of say, OSPF, is taken to a whole new level. And one that is never taught in any course or material in any classroom or even online. You learn that on the job at an ISP (does anybody else have any resources for this?). Many ISP's may want to inject their IGP into their BGP for customer static routes (using a route-map to filter out all the junk). With considerable aggregation, yes. Alternatively, though, redistributing blackhole statics for their allocations is common enough. Reversal routing concepts are common in the workplace and unheard of in any labs/certification courses. We've been learning a lot about that IGP metric direct translation to MED can be dangerous, and produce persistent oscillation. Those route maps may be the better way to set MED. Where is there information available in-print/online about the MED's topic? Another one completely skipped over. Most people are using IGP metrics alone these days, no need to try to translate. At least in the environments I've seen. This is a part of that whole closest-/best- exit argument above. I've never really seen any configs or designs for translating IGP metrics to MED, something like that would interesting to see - even if it produces oscillatory routing. Do you know why this happens? Can you try to explain the problems more effectively? So we've covered the how with MED's and IGP costing... now let's discuss the why. There is no broad paradigm for shortest-/best- exit routing. This is because somebody loses either way. One ISP is going to have to take the big content traffic, and the other ISP is going to have to take the small user traffic (on an asymmetrical path). This equation gets worse when more ISP's get involved. This equation gets even more worse when longer fiber routes are involved (across states, across coast-to-coast, across *oceans*, etc). Who is going to take the bulk of the traffic the longest distance? Somebody got the short end of the stick here, and it was clearly the access providers (should i say, Tier 2's? or would that be bad?). Content providers, and content-heavy ISP's made it out big-time during the whole period that the shortest-exit routing paradigm was king. Now, you have access providers desparately looking to peer with content providers and skipping the middlemen pointing their shortest-exit at them. However, they aren't getting anywhere when those same middlemen don't explain to the content providers how to be Internet correct, when they can make tons of money. They would rather sell transit to content providers at sub $100/Mbps per month (outbound only even) instead of lose that traffic ratio that's putting their competitors out of business. Look at this another way, and see that content providers aren't going to bother peering when they get these super-low prices. And content providers (and therefore their upstreams even moreso) control the whole flow of the Internet because local_pref *trumps*. It's not only better to give than to receive according to your original statement -- it keeps you in business and puts your competitors and the Internet access providers (whatever really happened to ExciteAtHome?) and really, when it comes down to it -- the end-user *consumers* in the same situation as the rest of corporate america -- a big fat short end of the stick. Just to make matters worse, as a content provider... or content-heavy ISP -- you can actually *force* that competitor/access-provider/user- heavy community (the eyeballs of the Internet) to use their *most* expensive bandwidth (by resonable interpretation or corporate espionage, social engineering, etc). Now *that* is truly scary. Sorry for the conspiracy theories, but maybe this will allow some readers to understand the whole shortest-/best- exit routing concepts better (or it just might confuse them, hhehehe). But you can sort of find out what's changed and what hasn't changed. One way to look at the churn is to do a show ip route | i , 00:00 every minute (shows you routes that have converged in the past minute). Another would be to collect dumps of the routing table and/or BGP table in intervals and compare them Unix diff-style. You can then make comparisons against the rest of the BGP table (like AS-paths) and/or SNMP IF-MIB-like data to find out what changed where (and possibly why). Another thought I wanted to add in here. 7 areas of study I find interesting in this space: 1) Netsys (Cisco bought em. Cisco
PIX and MS Active Directory [7:44797]
The company I work for are looking to deploy Microsoft's Active Directory across the intranet. Most sites have a PIX firewall running 5.3(2) and will have many clients per site using AD. The problem seems to be that when clients pass through the PIX and are assigned a global address/PAT AD is not working. Static NAT translations work but due to the number of clients per site it's not feasible to use static translations. Has anyone done this or know any good links, can't find a thing on it at the CCO Cheers Pat -- email me on : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44797t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DDR logging line opening ? [7:44798]
Hello, ddr, dialer profiles, isdn (ininfluent though I think). When a connection comes up something like this is logged: %LINK-3-UPDOWN: Interface BRI1/0:2, changed state to up %DIALER-6-BIND: Interface BR1/0:2 bound to profile Di99 %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:2, changed state to up %ISDN-6-CONNECT: Interface BRI1/0:2 is now connected to 0123456789 remotename Unfortunately that log is always the same, if the router itself called out or was called nothing changes. On the router itself at the moment it is easy to find that info (sh dialer, sh isdn hist, sh isdn act), but not in the logfile. The only way I found is keeping active debug dialer event, probably not the best thing on a production router. Any idea how to get some meaningfull log ? Thanks Heiko -- -- PREVINET S.p.A.[EMAIL PROTECTED] -- Via Ferretto, 1ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 -- ITALY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44798t=44798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Content Switches [7:44742]
It should be inside to the firewall...near to your servers. Kind Regards /Thangavel 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Jason Forrester To: [EMAIL PROTECTED] Fax to: Sent by: Subject: Content Switches [7:44742] nobody@groups tudy.com 22/05/2002 20:40 Please respond to Jason Forrester All, I have a quick question regarding content switches. Should the content switched be placed inside or outside of a firewall. I can not find any documentation to support which is better. Thanks, Jason Forrester CCIE 8748 ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44799t=44742 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Tools to monitor PIX health [7:44800]
Hi, Can anyone suggest me which tool can be used to monitor the health of PIX and collect historic information which can provide the memory , CPU and interface utilization. I know PDM shows this on real time basis...I want to know a tool which collects historic information. Any suggestions will be highly helpful Kind Regards /Thangavel 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44800t=44800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2924 with atm uplink [7:44801]
Hi Is it possible to trunk multiple VLANs on an ATM RFC1483 bridged PVC? The PVC originates from a 2924 switch with ATM uplink. I managed to configure separate VLAN's per PVC, but would like to pass multiple VLANs on a single PVC. Any idea how this can be achieved? Thanks in advance Geoff Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44801t=44801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dynamic nat on a pix decided by destination [7:44802]
Hey Gang, I am running a PIX firewall version 6.1 on my network. I am wondering if it is possible to create a NAT pool for users to use dependant upon their destination instead of their source. I have 2 class C VLANs where connections might originate from but I would like to create a pool of about 20 addresses. Then if users are trying to get to destination X grab an address from the NAT pool. If they are going anywhere else use the PAT address. Any examples, web sites, info would be greatly appreciated. Thanks Steve D. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44802t=44802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IP phone [7:44803]
Is it possible to configure Cisco IP phone from the phone set itself, and use it without Call Manager software? I need to use IP phone from home to place calls over internet without additional software or PC's, any idea? Regards Osama Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44803t=44803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Relation between port and interface [7:44804]
So what's the relation between a port and an interface in a IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE INTERIM SOFTWARE when in debug ethernet-controller address. For instance: May 23 12:00:00 aaa.bbb.ccc.ddd 622964: 1y9w: 0050.8bd3.f768 has moved from port 10 to port 51 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622966: 1y9w: 0050.8bd3.f768 has moved from port 51 to port 10 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622968: 1y9w: 0002.a5e8.d9a1 has moved from port 39 to port 51 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622970: 1y9w: 0002.a5e8.d9a1 has moved from port 51 to port 39 in vlan 1 How can I locate port 39 and port 51 physically on the switch? Is this int fa0/39 and gi 0/2 ? -- Jose Celestino SAPO.pt::Systems http://www.sapo.pt - Quod licet Iovi non licet bovi. (What Jove may do, is not permitted to a cow.) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44804t=44804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token ring Question. [7:44805]
Hi all, I have a interest question, doesn't any one know the answer? A router is being used as a translation bridge between a Token Ring network and an Ethernet network. Host X on the Token ring sends a packet to Host Y on the Ethernet. The soursce MAC address of the packet is 400.a089.0002. How would the MAC address be interpreted in an Ethernet environment? does anyone know the answer? thank you. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44805t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bridge and switch [7:44649]
If you substitute the word segment where they have subnet then I'd be happy with the description. I've seen others use the two terms to mean the same thing, I suppose you could argue it both ways. In my mind, segment = L2; subnet = L3. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kevin Jones Sent: Wednesday, May 22, 2002 1:59 PM To: [EMAIL PROTECTED] Subject: Re: Bridge and switch [7:44649] I was under the impression that, while a switch is often termed a multiport bridge, there is one fundamental difference in the way the two devices forward frames. While my source is not always the most credible or reliable (Course Technology Networks Plus book), it does cause me to stop and think for a minute. Anyway, the difference (as described in the book) is as follows: If a multiport bridge determines (based on the destination MAC address) that the destination node is on another subnet, it will broadcast the frame out all ports except the originating port. A switch, on the other hand, is smart enough to only forward the frame out the destination port. Both devices handle unknown frames and broadcasts the same way, ie. they will forward the packets out all ports except the one the frame was received on. Any thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44806t=44649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and MS Active Directory [7:44797]
Pat, Are the clients having the problem, or are the servers having the problem? If it's the servers, it's probably just RPC, but if it's the clients, it could be lots of things. What exactly isn't working? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44808t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 515E routing issue [7:44749]
Can you ping a system on the inside? From Pix - ping inside x.x.x.x To: Sent: Wednesday, May 22, 2002 4:14 PM Subject: FW: PIX 515E routing issue [7:44749] Oh yeah I'm running PIX 6.1(2) -Original Message- From: Jablonski, Michael Sent: Wednesday, May 22, 2002 3:35 PM To: 'Cisco Study List (E-mail)' Subject: PIX 515E routing issue Just recently installed a PIX 515E. I can ping from the PIX to an outside address (and inside box to ethernet on PIX); but trying to ping through the PIX comes back as unreachable. Basic layout as follows: Netopia DSL Router -- PIX 515E -- LAN I'm using the default allow rule, along with the following access list... everything else is pretty much default for now. (just want to try and get connectivity) access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any time-exceeded access-list 100 permit icmp any any unreachable pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside 192.168.1.6 255.255.255.252 ip address inside 192.168.200.1 255.255.255.0 ip verify reverse-path interface outside ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-group 100 in interface outside route outside 0.0.0.0 0.0.0.0 192.168.1.5 1 timeout xlate 0:05:00 no sysopt route dnat I've tried running RIP on it; didn't solve the problem. Seems like the PIX doesn't understand the default route. I've cleared the arp table still no luck Any help is GREATLY appreciated thanx ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44807t=44749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token ring Question. [7:44805]
Hi Ivan, Mac addresses only have local significance. So for your scenario, host X sends a packet with it's own MAC address as the source and the router TR interface as the destination MAC address. The router then rebuilds the packet and sends it out the ethernet interface with the Ethernet interface as the source MAc address and host Y as the destination MAC address. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44809t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP phone [7:44803]
The Cisco IP Phones are slave devices, incapable of independent thought (so to speak). While you can provide configuration parameters through the telephone interface, you are limited to setting IP address, TFTP address and default CallManager information. Without a CallManager to communicate with, the phones are not capable of any logical decisions (they receive all information through TFTP files and RTP streams with the CallManager for communication decisions). Mike - Original Message - From: Osama Kamal To: Sent: Thursday, May 23, 2002 6:55 AM Subject: IP phone [7:44803] Is it possible to configure Cisco IP phone from the phone set itself, and use it without Call Manager software? I need to use IP phone from home to place calls over internet without additional software or PC's, any idea? Regards Osama Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44810t=44803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP phone [7:44803]
Is there any other IP phone that is capable of working as a stand alone voip set? Osama -Original Message- From: Michael J. Doherty [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 2:25 PM To: Osama Kamal; [EMAIL PROTECTED] Subject: Re: IP phone [7:44803] The Cisco IP Phones are slave devices, incapable of independent thought (so to speak). While you can provide configuration parameters through the telephone interface, you are limited to setting IP address, TFTP address and default CallManager information. Without a CallManager to communicate with, the phones are not capable of any logical decisions (they receive all information through TFTP files and RTP streams with the CallManager for communication decisions). Mike - Original Message - From: Osama Kamal To: Sent: Thursday, May 23, 2002 6:55 AM Subject: IP phone [7:44803] Is it possible to configure Cisco IP phone from the phone set itself, and use it without Call Manager software? I need to use IP phone from home to place calls over internet without additional software or PC's, any idea? Regards Osama Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44811t=44803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fwd: no lmi - dlci inactive - telco says my proble [7:44774]
Hmmmwho is your telco? For the old Concert network (now BT Ignite) I know they use ANSI LMI with a keep-alive interval of 10 secs. Make sure your settings match your telco's. What I always advise to do is to use a sniffer to see what's actually going on on the line. This way you can quickly identify if your router is receiving the right LMI type at the interval the telco states. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44812t=44774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Telnet Session Traces....Needing help! [7:44793]
Hey Mark, First thing to do is use filters. Personally I use NAI's Sniffer Pro, which quickly allows you to select a session based on IP addresses and/or protocol. Ethereal should have this functionality as well. First create a filter based on the server's IP address, and look for any broadcast-traffic. This should quickly let you determine wether it's keepalives are send as broadcast or unicast. If you can't find any broadcast keep-alives (i.e. this is not the problem), enhance your filter to show you one specific session. Check the entire packetflow step-by-step and determine the set-up of the connection, data transfer and finally the termination of the connection. This should give you a better idea of what's going on. I'd recommend taking traces on both sides of the connection (so both server and client side) and compare them. Personally I don't think broadcast keep-alives are the problem, since keep-alives imply terminating a connection after a certain amount of missed keep-alives. And you already stated your server does not terminate the session. Anyway, hope this helps. Rgds, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44814t=44793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DDR logging line opening ? [7:44798]
Use a sniffer in combination with this log. This will help you identify which traffic opens the DDR link and which not. If there are any other ways, let me know. Rgds, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44815t=44798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FW: PIX 515E routing issue [7:44749]
Just for grins, try removing the ip verify reverse-path statement. From CCO Before using this command, add static route command statements for every network that can be accessed on the interfaces you wish to protect. Only enable this command if routing is fully specified. Otherwise, PIX Firewall will stop traffic on the interface you specify if routing is not in place. Hope this helps, Craig At 05:14 PM 5/22/2002 -0400, you wrote: Oh yeah I'm running PIX 6.1(2) -Original Message- From: Jablonski, Michael Sent: Wednesday, May 22, 2002 3:35 PM To: 'Cisco Study List (E-mail)' Subject: PIX 515E routing issue Just recently installed a PIX 515E. I can ping from the PIX to an outside address (and inside box to ethernet on PIX); but trying to ping through the PIX comes back as unreachable. Basic layout as follows: Netopia DSL Router -- PIX 515E-- LAN I'm using the default allow rule, along with the following access list... everything else is pretty much default for now. (just want to try and get connectivity) access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any time-exceeded access-list 100 permit icmp any any unreachable pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside 192.168.1.6 255.255.255.252 ip address inside 192.168.200.1 255.255.255.0 ip verify reverse-path interface outside ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-group 100 in interface outside route outside 0.0.0.0 0.0.0.0 192.168.1.5 1 timeout xlate 0:05:00 no sysopt route dnat I've tried running RIP on it; didn't solve the problem. Seems like the PIX doesn't understand the default route. I've cleared the arp table still no luck Any help is GREATLY appreciated thanx ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44816t=44749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Relation between port and interface [7:44804]
Jose, Here's a snip that talks about your message... http://www.cisco.com/warp/public/473/62.shtml#casestudy5: Unfortunately, given their explanation, it doesn't really explain what port 51 is now does it... I know this is a cop out, but if you can you might want to look into upgrading code on the cat3500 because later versions produce better debug output. Here's a sample that I took from one of my 3548's: May 15 17:06:53: .0c07.ac01 has moved from port Gi0/2 to port Fa0/12 in vlan 115 May 15 17:06:56: Addaddress .0c07.ac01, on port Gi0/1 vlan 115 May 15 17:06:56: .0c07.ac01 has moved from port Fa0/12 to port Gi0/1 in vlan 115 The above is from a switch that I've been running 12.0(5)WC3b on for the last three months. HTH, Ben -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jose Celestino Sent: Thursday, May 23, 2002 6:02 AM To: [EMAIL PROTECTED] Subject: Relation between port and interface [7:44804] So what's the relation between a port and an interface in a IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE INTERIM SOFTWARE when in debug ethernet-controller address. For instance: May 23 12:00:00 aaa.bbb.ccc.ddd 622964: 1y9w: 0050.8bd3.f768 has moved from port 10 to port 51 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622966: 1y9w: 0050.8bd3.f768 has moved from port 51 to port 10 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622968: 1y9w: 0002.a5e8.d9a1 has moved from port 39 to port 51 in vlan 1 May 23 12:00:00 aaa.bbb.ccc.ddd 622970: 1y9w: 0002.a5e8.d9a1 has moved from port 51 to port 39 in vlan 1 How can I locate port 39 and port 51 physically on the switch? Is this int fa0/39 and gi 0/2 ? -- Jose Celestino SAPO.pt::Systems http://www.sapo.pt - Quod licet Iovi non licet bovi. (What Jove may do, is not permitted to a cow.) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44817t=44804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN BRI Simulator Comparison - way to expensi [7:44770]
Another thing to consider, is that you can carry this simulator with you to set-up test scenarios and configurations on site at any location, vs. having real ISDN lines installed at one location. I have a Merge 2000AFP and considering it abilities and portability, it is worth the investment, and as previously stated, when I am done I can always re-coup most if not all of my investment by re-selling through e-bay... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44818t=44770 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet Session Traces....Needing help! [7:44793]
I think you've hit on something that's usually a problem with capturesthere's usually far too much data rather than too little. The first place to start is by filtering the traffic capture based on the conversation that you want to follow. In your case, you can filter on: the IP address of the server to the IP address of the client on the telnet port. AND the IP address of the client to the IP address of the server on the telnet port. AND the IP address of the client to the broadcast address (to note the suspected session keepalives). Once you've gotten the conversation down to a manageable size, note the time that the client connects and look at the correlating traffic in your capture. Note the time of the disconnect and look at the correlating traffic in your capture. Now look at the traffic in the minutes before the disconnect. It won't take long before you recognize conversations (syn,ack,fin) between the talkers. It would be very helpful to see captures from both sides of the PIX. This way it will be apparent if the server is sending something to the client that never makes it (or vice-versa). Hope this helps. Craig P.S. - You may want to check you time-outs in your VPN configuration if you haven't already. In most sample configs and in many production configs, the time-outs are set to 1800 seconds (30 minutes). If your sessions are dying after 30 minutes, it may be that the tunnel is being disconnected. At 02:27 AM 5/23/2002 -0400, you wrote: To anybody that has experience with Sniffers. or more perhaps more specifically, Priscilla- I'm trying to hunt down the culprit of Telnet Session disconnects without Administrative or User interaction to invoke such action. The situation is Telnet clients on remote ends of PIX VPNs have their sessions dropped without warning, and without Administrative action to cause such sudden session endings. All users that connect to the same Telnet Server on the local subnet never experience this problem. For the remote users that do experience this problem, it usually occurs after roughly 30 minutes of inactivity. This used to not be the case when all such remote clients were connecting via private Frame Relay networks back to the Server in a hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to the Telnet Server's Private Network has this anomaly arisen. The Telnet Server is a custom application service for Unidata DB Server by Informix. It uses the standard Telnet port, and runs on NT 4.0. For everything I can see in the registry referencing the Telnet App Service, it doesn't specify any settings for keep-alive or session monitoring. Also, from the Unidata Application Server's point of view, the Server thinks the user is still connected, so it never clears the session. When the user finds his/her application rendering a Pop-Up dialogue stating that the session was disconnected, and asks if they want to reconnect, they choose Yes naturally. From the Server side, a second session for that user is started, and the first session becomes an orphan process (in my own words). This of course then causes a problem of exhausting the limited number of users licenses, and eventually causes users to not be able to get back on the system until the old orphaned processes are administratively cleared. So, I open a case with Cisco, and they say Slap a Sniffer on the Server side of the network, and see what is causing the disconnects. They also say that they are suspect that the Telnet Server is sending its session keep-alives via Broadcast, and that by design of Security, the VPN tunnels don't pass Broadcast Traffic. The Sniffer capture is supposed to prove or disprove this. I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window of data, but am at a loss as to how to identify the disconnect process of a telnet session..Which is where I could use a few pointers. Could someone tell me what to look for in a session trace that identifies a sudden termination of a specific telnet session (most probably initiated by the server)?? Unfortunately, I'm not a very well experienced person in following the SYN, FIN, PSH, ACK, SYN ACK, etc. process. But I want to learn! If I had the time and money, I'd go take a Sniffer class, but that's another story. so, in the mean time, if someone would be kind enough to point me in a direction on how to interpret and follow a sniffer trace, I'd be eternally greatful. Thanks, Mark Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44819t=44793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX and MS Active Directory [7:44797]
Brian I've just found out from the guy testing the AD stuff that it doesn't even work with static NAT translations, it'll only work with a static mapping with the same address across the firewall. The bit that isn't working is the replication between the servers Cheers Pat -- email me on : [EMAIL PROTECTED] Brian Hill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Pat, Are the clients having the problem, or are the servers having the problem? If it's the servers, it's probably just RPC, but if it's the clients, it could be lots of things. What exactly isn't working? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44820t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Provider backbone engineering [7:44778]
I'm responding to dre. Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 11:27 PM -0400 5/22/02, dre wrote: The first key question to ask here: what is the broad routing paradigm? Cold potato/closest exit or hot potato/best exit? For a peering routes example, yes best-exit/closest-exist problems are super high on the agenda. However, that seems to be more of an IGP problem, and that's where regular knowledge of say, OSPF, is taken to a whole new level. Not necessarily an IGP problem, but possibly an edge router that classifies traffic, possibly with communities signaled to an aggregating router, or using policy routing to MPLS tunnels. You really think that's likely? I always saw it as: same weight/local_pref - external route - same as-path - same origin type - *then* MED (some people doing annoying internal IGP metrics (based on fiber distances) to MED's, others doing more intelligent, yet also annoying values that force you to do best-exit, but end up costing you money until you local_pref and force shortest-exit, and lastly smart people who tell you they are doing MED's based on delay or congested peers or *ahem* antiquated equipment (can you say AGS+?) and you listen to them because you are friends with the guy or some equally similar situation). Oh--I probably wasn't clear enough. MED is really more appropriate as an interprovider route selection factor, where there is some real engineering consensus on what it means. Not necessarily just that you are providers, but it may be called for when you have a contractual relationship with the other provider for interprovider QoS. For signaling from the customer to the provider, communities are more useful than MED. If you are MPLS traffic engineering enabled, you can use community to assign to an LSP appropriate to the forwarding equivalence class of shared destinations and QoS. Even without MPLS, you can negotiate with the provider to pick a specific exit (e.g., I've done this to deliver to the POP closest to a different AS of the same enterprise, using private AS numbers) Now, what's the next step if MED is the same? Your IGP metric. Boom. Doing something like DS-TE (which it sounds like you are mentioning as common practice for best-exit routing) is unheard of to me. Reversal routing concepts are common in the workplace and unheard of in any labs/certification courses. Are you mentioning reverse path verification as well? Good catch. ; Actually, I had the idea of reverse triggers using BGP and source-specified routing a long time ago (to actually stop spoofed addresses). I sort of borrowed the concept from MAPS RBL's BGP reverse trigger for stopping unsolicited commercial email and other blackholing concepts. Then Cisco (and now Juniper) started doing this with a FIB and calling it uRPF. Funny name for a simple concept. Well I guess it's not very simple. I'm still trying to get my head around loose vs. strict uRPF and some of the strange ideas I've had recently involving IRRToolSet peval and router configruations for strict mode (or was that loose mode? heh). As I think about the loose aspect, it's establishing a class of interfaces over which the update could have arrived rather than a single interface. The class could consist of several interfaces of which destination-based load sharing has the update coming in a different interface than perfectly legitimate traffic. You might also create a class with, let's say, a low-bandwidth, low-delay link for control traffic and a high-bandwidth, high-delay path for bulk data transfer. We've been learning a lot about that IGP metric direct translation to MED can be dangerous, and produce persistent oscillation. Those route maps may be the better way to set MED. http://www.ietf.org/internet-drafts/draft-ietf-idr-route-oscillation-01.txt Ok well that's easy. Implement your RR's correctly (duh). And I personally say Keep It Simple Stupid and use every possibility before considering MED's (never do always-compare, but always use deterministic when you do use MED's), and just stick to good old IGP costing based on whatever you want (fiber distances, delay, etc), but make it overly simple and easy. One way to avoid using MED's is to call your peer and say hey can you local_pref or change your IGP metric around this for me?. That generally works pretty well ; There also some unusual uses of MED, where IOS has knobs to implement certain behavior. Always-compare-MED can compare the MEDs of different AS, as long as they are adjacent. Avi Freedman had a presentation on an informal standard for exchange-point MED values, based on delay, at the Denver NANOG. Wish there was more out there, but thanks for the pointers =] Cisco docs are lacking, and I hadn't seen those (woo!) 3 slides before. I guess something is better than nothing, so I'll stop complaining now. that's totally
RE: IP phone [7:44803]
Ask Google ... he(she?) knows damn near everything. Maybe Internet LineJACK fits the bill? In general - looking for answers on your own is not a bad idea ... Thanks! TJ -Original Message- From: Osama Kamal [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 8:31 AM To: [EMAIL PROTECTED] Subject: RE: IP phone [7:44803] Is there any other IP phone that is capable of working as a stand alone voip set? Osama -Original Message- From: Michael J. Doherty [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 2:25 PM To: Osama Kamal; [EMAIL PROTECTED] Subject: Re: IP phone [7:44803] The Cisco IP Phones are slave devices, incapable of independent thought (so to speak). While you can provide configuration parameters through the telephone interface, you are limited to setting IP address, TFTP address and default CallManager information. Without a CallManager to communicate with, the phones are not capable of any logical decisions (they receive all information through TFTP files and RTP streams with the CallManager for communication decisions). Mike - Original Message - From: Osama Kamal To: Sent: Thursday, May 23, 2002 6:55 AM Subject: IP phone [7:44803] Is it possible to configure Cisco IP phone from the phone set itself, and use it without Call Manager software? I need to use IP phone from home to place calls over internet without additional software or PC's, any idea? Regards Osama * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44822t=44803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP phone [7:44803]
Find an h.323 compliant device. Osama Kamal wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is there any other IP phone that is capable of working as a stand alone voip set? Osama -Original Message- From: Michael J. Doherty [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 2:25 PM To: Osama Kamal; [EMAIL PROTECTED] Subject: Re: IP phone [7:44803] The Cisco IP Phones are slave devices, incapable of independent thought (so to speak). While you can provide configuration parameters through the telephone interface, you are limited to setting IP address, TFTP address and default CallManager information. Without a CallManager to communicate with, the phones are not capable of any logical decisions (they receive all information through TFTP files and RTP streams with the CallManager for communication decisions). Mike - Original Message - From: Osama Kamal To: Sent: Thursday, May 23, 2002 6:55 AM Subject: IP phone [7:44803] Is it possible to configure Cisco IP phone from the phone set itself, and use it without Call Manager software? I need to use IP phone from home to place calls over internet without additional software or PC's, any idea? Regards Osama Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44823t=44803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Boson CCIE BootCamp [7:44780]
I attended a CCNA/CCDA course by GlobalNet Training, (which is affiliated with Todd Lammle the author of many of the Sybex Cisco Series books). I thought the course was Great... although I would not specifically call it a bootcamp... There was no time spent discussing tests during class or lecture and they did not use any testing material for study... The purpose of the course was to give hands on training on using the cisco equipment (3 routers and 1 switch per student)... I studied on my own time after labs and lectures and used the time in class appropriately to configure and re-configure the cisco gear... Passed the exams within 2 weeks of attending the course, but felt I had some (minimal, but some) experience instead of just book smarts... Would I recommend the GlobalNet Training Course... Yes In my opinion, for the higher level certs CCNP/CCIE $8000 could be spent on some great equipment and study aids which you could use over and over again to really gain hands on experience, and when finished with, could be re-sold.. vs. 2 weeks in class... A co-worker just finished his CCNP... without ever touching any set-based switches or most of the equipment covered in the tests... Another went to a 2 week Windows 2000 MCSE bootcamp... He came back an MCSE with no real world knowledge or experience (and a 3 year, $300 per month loan committment)... Good Luck in your decision... As you can tell by my slanted view, For my CCNP/CCIE studies, I have opted to go the personal lab route... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44813t=44780 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and MS Active Directory [7:44797]
Tell him to use SMTP for AD replication, and disable the fixup feature for SMTP on the PIX. -Original Message- From: Patrick Donlon [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 8:16 AM To: [EMAIL PROTECTED] Subject: Re: PIX and MS Active Directory [7:44797] Brian I've just found out from the guy testing the AD stuff that it doesn't even work with static NAT translations, it'll only work with a static mapping with the same address across the firewall. The bit that isn't working is the replication between the servers Cheers Pat -- email me on : [EMAIL PROTECTED] Brian Hill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Pat, Are the clients having the problem, or are the servers having the problem? If it's the servers, it's probably just RPC, but if it's the clients, it could be lots of things. What exactly isn't working? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44824t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP problems [7:44825]
I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44825t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
is portfast on the end-user ports? Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44826t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
I have had to start and stop DHCP in the Past. I run it on Linux now with no problems. Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44827t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Banner MOTD [7:44828]
Can I put a banner on the PIX? for ssh? for telnet to the inside interface? THanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44828t=44828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 515E routing issue [7:44749]
From the PIX, i can ping the inside workstations I tried adding a permit all icmp rule didn't work did the no ip verify reverse-path statement and changed the outside network from /30 to a /28. This seemed to work. Thanks for the help!!! cheers, mikej -Original Message- From: netman [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 6:53 AM To: [EMAIL PROTECTED] Subject: Re: PIX 515E routing issue [7:44749] Can you ping a system on the inside? From Pix - ping inside x.x.x.x To: Sent: Wednesday, May 22, 2002 4:14 PM Subject: FW: PIX 515E routing issue [7:44749] Oh yeah I'm running PIX 6.1(2) -Original Message- From: Jablonski, Michael Sent: Wednesday, May 22, 2002 3:35 PM To: 'Cisco Study List (E-mail)' Subject: PIX 515E routing issue Just recently installed a PIX 515E. I can ping from the PIX to an outside address (and inside box to ethernet on PIX); but trying to ping through the PIX comes back as unreachable. Basic layout as follows: Netopia DSL Router -- PIX 515E -- LAN I'm using the default allow rule, along with the following access list... everything else is pretty much default for now. (just want to try and get connectivity) access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any time-exceeded access-list 100 permit icmp any any unreachable pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside 192.168.1.6 255.255.255.252 ip address inside 192.168.200.1 255.255.255.0 ip verify reverse-path interface outside ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-group 100 in interface outside route outside 0.0.0.0 0.0.0.0 192.168.1.5 1 timeout xlate 0:05:00 no sysopt route dnat I've tried running RIP on it; didn't solve the problem. Seems like the PIX doesn't understand the default route. I've cleared the arp table still no luck Any help is GREATLY appreciated thanx ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44829t=44749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DDR logging line opening ? [7:44798]
You may try adjusting your logging levels and see if you can get anything more meaningful. I don't have any ISDN interfaces or simulators at the moment so please post back if you find anything good. Herold Heiko wrote: Hello, ddr, dialer profiles, isdn (ininfluent though I think). When a connection comes up something like this is logged: %LINK-3-UPDOWN: Interface BRI1/0:2, changed state to up %DIALER-6-BIND: Interface BR1/0:2 bound to profile Di99 %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:2, changed state to up %ISDN-6-CONNECT: Interface BRI1/0:2 is now connected to 0123456789 remotename Unfortunately that log is always the same, if the router itself called out or was called nothing changes. On the router itself at the moment it is easy to find that info (sh dialer, sh isdn hist, sh isdn act), but not in the logfile. The only way I found is keeping active debug dialer event, probably not the best thing on a production router. Any idea how to get some meaningfull log ? Thanks Heiko -- -- PREVINET S.p.A.[EMAIL PROTECTED] -- Via Ferretto, 1ph x39-041-5907073 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472 -- ITALY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44830t=44798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
I am not a guru in that area but start stop dhcp, dhcp use UDP broadcast and port 67 and 68 see anythihg related to that for accesslist or something is slowing down...even if you have some filter list for that can cause timeout. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44831t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QoS question [7:44832]
Hello I have some questions about QoS. I have two T1 links (with BGP) to diffrent ISP's. And I want set on my BGP router diffrent QoS Policies. For example: 10.10.10.0/24 - subnet with highest priority (nearly guaranted) 10.10.10.1/24 - subnet with normal priority 10.10.10.2/24 - subnet with low priority Which QoS technic is recommended in my configuration ? best regards, TMS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44832t=44832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
yeah aside from portfast I would suggest linux as well :) check this out... 11:20am up 487 days, 7:53, 1 user, load average: 0.08, 0.02, 0.01 hehe Frank Hafta 05/23/02 10:43AM I have had to start and stop DHCP in the Past. I run it on Linux now with no problems. Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44833t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token ring Question. [7:44805]
This is achieved by bit swapping. I do not know the complete ins and outs of it but I has attached a URL which is a bit swapping tool which can be used to verify translation. http://www.cisco.com/cgi-bin/Support/Bitswap/bitswap.pl Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44835t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: QoS question [7:44832]
LLQ. TMS wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello I have some questions about QoS. I have two T1 links (with BGP) to diffrent ISP's. And I want set on my BGP router diffrent QoS Policies. For example: 10.10.10.0/24 - subnet with highest priority (nearly guaranted) 10.10.10.1/24 - subnet with normal priority 10.10.10.2/24 - subnet with low priority Which QoS technic is recommended in my configuration ? best regards, TMS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44834t=44832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN BRI Simulator Comparison - way to expensi [7:44770]
Try the following link... http://www.cheapisdn.com/ for $1199 that is not bad. I may pick one up this week. I will use it for my commercial lab I will be making available to potential CCNP/IE candidates in the fall. Yeah, with my luck Cisco will remove it from the lab this summer. My lab is in september... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44836t=44770 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed the written... Now on to the lab!! [7:44442]
Correct... I took the beta, then took the current written and passed Still don't know about passing the beta because it takes them 6-8 weeks to get you the results (actually, the last beta I took, I saw the results on their tracking site a week before I received notification via the mail). If I had to bet, I would bet that I didn't pass the new written beta I also didn't study MPLS except to know some terms (which actually helped on a couple of questions). Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44837t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 515E routing issue [7:44749]
Mikej the problem doesn't seem to be in your access list it is in you ip-ing. With a /30 you are routing to the netid and not the other router. ip address outside 192.168.1.6 255.255.255.252 route outside 0.0.0.0 0.0.0.0 192.168.1.5 1 192.168.1.1 Netid 192.168.1.2 host1 192.168.1.3 host2 192.168.1.4 Broadcast 192.168.1.5 Netid 192.168.1.6 host1 192.168.1.7 host2 192.168.1.8 Broadcast Verify what the other routers ip is. Hope this does it. ~M -Original Message- From: Jablonski, Michael [mailto:mike.jablonski@abnamrousa. com] Sent: Thursday, May 23, 2002 10:07 AM To: [EMAIL PROTECTED] Subject: RE: PIX 515E routing issue [7:44749] From the PIX, i can ping the inside workstations I tried adding a permit all icmp rule didn't work did the no ip verify reverse-path statement and changed the outside network from /30 to a /28. This seemed to work. Thanks for the help!!! cheers, mikej -Original Message- From: netman [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 6:53 AM To: [EMAIL PROTECTED] Subject: Re: PIX 515E routing issue [7:44749] Can you ping a system on the inside? From Pix - ping inside x.x.x.x To: Sent: Wednesday, May 22, 2002 4:14 PM Subject: FW: PIX 515E routing issue [7:44749] Oh yeah I'm running PIX 6.1(2) -Original Message- From: Jablonski, Michael Sent: Wednesday, May 22, 2002 3:35 PM To: 'Cisco Study List (E-mail)' Subject: PIX 515E routing issue Just recently installed a PIX 515E. I can ping from the PIX to an outside address (and inside box to ethernet on PIX); but trying to ping through the PIX comes back as unreachable. Basic layout as follows: Netopia DSL Router -- PIX 515E -- LAN I'm using the default allow rule, along with the following access list... everything else is pretty much default for now. (just want to try and get connectivity) access-list 100 permit icmp any any echo-reply access-list 100 permit icmp any any time-exceeded access-list 100 permit icmp any any unreachable pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside 192.168.1.6 255.255.255.252 ip address inside 192.168.200.1 255.255.255.0 ip verify reverse-path interface outside ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 access-group 100 in interface outside route outside 0.0.0.0 0.0.0.0 192.168.1.5 1 timeout xlate 0:05:00 no sysopt route dnat I've tried running RIP on it; didn't solve the problem. Seems like the PIX doesn't understand the default route. I've cleared the arp table still no luck Any help is GREATLY appreciated thanx ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V. (including its group companies) shall not be responsible nor liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference. -- -- Message Posted at: http://www .groupstudy.com/form/read.php?f=7i=44829t=44749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/li st/cisco.html Report
Removing stuff from our router [7:44839]
To remove this: route-map MyISP-In permit 10 match as-path 6 set local-preference 200 Do I just do this?: no route-map MyISP-In permit 10 Also, to remove: ip as-path access-list 1 permit ^[0-9]* ip as-path access-list 2 permit ^$ ip as-path access-list 3 permit ^1234$ ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$ Do I just?: no ip as-path access-list 1 permit ^[0-9]* no ip as-path access-list 2 no ip as-path access-list 3 Also what is that permit ^$ and permit ^[0-9]* for? What does it do? Thanx for the help. Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44839t=44839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44840t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Banner MOTD [7:44828]
yes Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44841t=44828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token ring Question. [7:44805]
He said the router is acting as a translation (sic) bridge. So the router (bridge) address does not come into play. The router (bridge) translates the non-canonical TR address to a canonical Ethernet address. The bridge reverses the bits in each byte of the address. We have had many discussions on how to do this. It's as simple as writing your name backwards. For example, let's say one byte was 4A in hex. Put that in binary, one digit at a time. 4A 0100 1010 Now write it backwards: 0101 0010 Put it back in hex: 52 If this seems mysterious or difficult to apply in a generic fashion to any hex representation of a byte, then it's not time yet to go for CCIE. Priscilla At 08:20 AM 5/23/02, C restion wrote: Hi Ivan, Mac addresses only have local significance. So for your scenario, host X sends a packet with it's own MAC address as the source and the router TR interface as the destination MAC address. The router then rebuilds the packet and sends it out the ethernet interface with the Ethernet interface as the source MAc address and host Y as the destination MAC address. Hth, Crestion Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44842t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
setting spped and duplex on cisco 4700 IOS 11 [7:44844]
I'm trying to force an interface to 10 MB full duplex on a 4700 router. The docemntation for 4700 is not on cisco's site. Does anyone know the command. Also doing a show int does not tell whether is running at half or full duplex and the speed. Thanks in advance. Cisco-4700#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Cisco-4700#sh int e1 Ethernet1 is up, line protocol is up Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) Description: To Internal Ethernet Internet address is 62.119.136.65/29 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 17/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 00:06:34 Queueing strategy: fifo Output queue 0/150, 0 drops; input queue 0/150, 0 drops 5 minute input rate 135000 bits/sec, 121 packets/sec 5 minute output rate 676000 bits/sec, 146 packets/sec 51738 packets input, 7410570 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 62904 packets output, 35275588 bytes, 0 underruns 0 output errors, 612 collisions, 0 interface resets 0 babbles, 0 late collision, 685 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Cisco-4700# Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44844t=44844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
filtering Nimda on content switch [7:44843]
Hi, Did anyone tried filtering Nimda Virus on the content switch.I have configured it but do not see that it is filtering the virus, the show summary is not showing the counter incrementing even though the IDS reports Nimda. Here is what I configured,Created a HTTP header group and rule which will look at the http header request for the strings .ida , cmd.exe, default.ida and x.ida and if found should direct this to the Dummy service which points to a nonexisting server. Any inputs regarding this be helpful !* HEADER FIELD GROUP * header-field-group .ida header-field .ida request-line contain .ida header-field-group cmd.exe header-field cmd.exe request-line contain cmd.exe header-field-group default.ida header-field default.ida request-line contain default.ida header-field-group root.exe header-field root.exe request-line contain root.exe header-field-group x.ida header-field x.ida request-line contain x.ida !*** OWNER *** content block_.ida url /* protocol tcp port 80 header-field-rule .ida weight 0 add service dummy active content block_cmd.exe url /* protocol tcp port 80 header-field-rule cmd.exe weight 0 add service dummy active content block_default.ida header-field-rule default.ida weight 0 add service dummy protocol tcp port 80 url /* active content block_root.exe protocol tcp port 80 url /* header-field-rule root.exe weight 0 add service dummy active content block_x.ida protocol tcp port 80 url /* header-field-rule x.ida weight 0 add service dummy active !** SERVICE ** service dummy ip address 10.10.10.10 keepalive type none active Kind Regards /Thangavel 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44843t=44843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed the written... Now on to the lab!! [7:44442]
Do you know when the current 350-001 is set to expire? -Original Message- From: Frank Merrill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 11:05 PM To: [EMAIL PROTECTED] Subject: RE: Passed the written... Now on to the lab!! [7:2] Michael L. Williams wrote: (just to echo what others have said) If you're anywhere close to ready to take the written, do it now! I took the beta for the new written, and it's much different. Aside from information on routing protocols, I assume this means you took the Beta, and then also took the current version (maybe assuming you didn't pass the Beta??) and passed that? fm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44845t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Removing stuff from our router [7:44839]
Removing the route map and as-path filters will work the way you have it (if you do no route-map MyISP-In it will remove the entire route-map), but you should also remove the neighbor statements in your config. that reference these things. By looking at the configs., I'm assuming this is in a lab environment and not a real implementation. permit ^$ is simply permitting an empty as path. In other words, only routes originating in the local AS will be permitted. It's a common way to ensure that your AS does not become transit for somebody else's traffic. permit ^[0-9]* is a little more complicated. This statement is saying to permit zero or more instances of a number between 0 and 9. Do a search on CCO for AS path filters and you should find some good info. to help you on your way. HTH, Scott CCIE #9340 Anil Gupte wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... To remove this: route-map MyISP-In permit 10 match as-path 6 set local-preference 200 Do I just do this?: no route-map MyISP-In permit 10 Also, to remove: ip as-path access-list 1 permit ^[0-9]* ip as-path access-list 2 permit ^$ ip as-path access-list 3 permit ^1234$ ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$ Do I just?: no ip as-path access-list 1 permit ^[0-9]* no ip as-path access-list 2 no ip as-path access-list 3 Also what is that permit ^$ and permit ^[0-9]* for? What does it do? Thanx for the help. Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44846t=44839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: filtering Nimda on content switch [7:44843]
You can do it on the router (before it gets to CSS) with NBAR and rate-limiting. I know that works. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Did anyone tried filtering Nimda Virus on the content switch.I have configured it but do not see that it is filtering the virus, the show summary is not showing the counter incrementing even though the IDS reports Nimda. Here is what I configured,Created a HTTP header group and rule which will look at the http header request for the strings .ida , cmd.exe, default.ida and x.ida and if found should direct this to the Dummy service which points to a nonexisting server. Any inputs regarding this be helpful !* HEADER FIELD GROUP * header-field-group .ida header-field .ida request-line contain .ida header-field-group cmd.exe header-field cmd.exe request-line contain cmd.exe header-field-group default.ida header-field default.ida request-line contain default.ida header-field-group root.exe header-field root.exe request-line contain root.exe header-field-group x.ida header-field x.ida request-line contain x.ida !*** OWNER *** content block_.ida url /* protocol tcp port 80 header-field-rule .ida weight 0 add service dummy active content block_cmd.exe url /* protocol tcp port 80 header-field-rule cmd.exe weight 0 add service dummy active content block_default.ida header-field-rule default.ida weight 0 add service dummy protocol tcp port 80 url /* active content block_root.exe protocol tcp port 80 url /* header-field-rule root.exe weight 0 add service dummy active content block_x.ida protocol tcp port 80 url /* header-field-rule x.ida weight 0 add service dummy active !** SERVICE ** service dummy ip address 10.10.10.10 keepalive type none active Kind Regards /Thangavel 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44847t=44843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Removing stuff from our router [7:44839]
Yes, that will remove the route-map. The ip as-path access-list stuff are called regular expressions. If you are running BGP on this router, I would Highly recommend leaving this stuff alone. You really need to provide more information about what this router is doing and include its config ( sans PW'D and use xxx's for IP's ) That ip as-path access-list is most likely restricting the propagation of BGP paths through your network. If this is an edge router that is receiving the full internet routes ( 115K as of yesterday ), this *could* be setup to restrict to certain ones only. If you have a downstream neighbor that is using you as a transit AS, these are most likely the ASN's that they are reaching through you. These would allow ASN's : 1-9,blank(internal routes) and ( I think...) 123400-123499, although Im not sure on the last one without my reference book in front of me. Thanks Larry -Original Message- From: Anil Gupte [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 11:04 AM To: [EMAIL PROTECTED] Subject: Removing stuff from our router [7:44839] To remove this: route-map MyISP-In permit 10 match as-path 6 set local-preference 200 Do I just do this?: no route-map MyISP-In permit 10 Also, to remove: ip as-path access-list 1 permit ^[0-9]* ip as-path access-list 2 permit ^$ ip as-path access-list 3 permit ^1234$ ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$ Do I just?: no ip as-path access-list 1 permit ^[0-9]* no ip as-path access-list 2 no ip as-path access-list 3 Also what is that permit ^$ and permit ^[0-9]* for? What does it do? Thanx for the help. Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44848t=44839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token ring Question. [7:44805]
At 07:25 AM 5/23/02, Ivan wrote: Hi all, I have a interest question, doesn't any one know the answer? A router is being used as a translation bridge between a Token Ring network and an Ethernet network. Host X on the Token ring sends a packet to Host Y on the Ethernet. The soursce MAC address of the packet is 400.a089.0002. That's not a valid address. A MAC address is 48 bits or 6 bytes. In hex a byte is written with 2 digits. So the address must have 12 digits. I assume you are missing a 0 and that you meant to say: 4000.a089.0002 The bridge will translate the non-canonical address to canonical (see my other message and numerous other messages on that computing 101 topic). On the other hand, maybe the question expects you to know these other details: The first byte of that address in binary is: 0100 Token Ring transmits the most significant bit first. (the one in the 2^7 position). IEEE says that the first bit transmitted is the Specific/Group bit. (A group address is used for multicast and broadcast). 0 = Specific 1 = Group So this is a specific address. No problem. Ethernet can handle that (and could handle a multicast or broadcast too, of course.) IEEE says that the second bit transmitted is the Globally Administered/Locally Administered bit. 0 = Global 1 = Local So this is a locally-administered address. Although IEEE 802.3 (Ethernet) does officially support locally-administered addresses, they aren't often used on Ethernet. So that's a minor issue. The second byte is IEEE 802.5 (Token Ring) says that the least significant bit of the second byte is the Functional/Non Functional address. IEEE 802.3 (Ethernet) does not say this and does not support functional addresses. 0 = Functional 1 = Non functional So here we have a slightly more interesting issue. This is a functional address. Ethernet won't recognize that it's a functional address, however. From a troubleshooting viewpoint, you would want to figure out what function this was supposed to carry out on the Token Ring side. Whatever it was, it's not going to also get carried out on the Ethernet side. For most functional addresses, this isn't an issue. The well-known ones are used for purposes such as: Sending to the active monitor (which doesn't exist on Ethernet) Sending to the ring parameter server (which doesn't exist on Ethernet) Sending to LAN manager (which doesn't exist on Ethernet) etc. You get the picture This particular address is one that I don't recognize though. It may be used for a proprietary (non-standard) function on the Token Ring side. Perhaps you are expected to know these sorts of things to answer this question correctly. Priscilla How would the MAC address be interpreted in an Ethernet environment? does anyone know the answer? thank you. Ivan Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44849t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: PIX 515E routing issue [7:44749]
Mike Wrote: 192.168.1.1 Netid 192.168.1.2 host1 192.168.1.3 host2 192.168.1.4 Broadcast 192.168.1.5 Netid 192.168.1.6 host1 192.168.1.7 host2 192.168.1.8 Broadcast This is not correct with a /30 subnet mask. This is the correct numbering. 192.168.1.0 Netid 192.168.1.1 host 1 192.168.1.2 host 2 192.168.1.3 Broadcast 192.168.1.4 Netid 192.168.1.5 host 1 192.168.1.6 host 2 192.168.1.7 Broadcast 192.168.1.8 Netid If the outside address was .5 and the route outside statement was everything to .6 this would be correct syntax... HTH, Stephen Manuel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44850t=44749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Support Beta exam results [7:44853]
Folks Just a quick question, I took the CCNP Beta on March 18 and am still awaiting the results. Does anyone have any experience of just how long I have to wait for the results. I am checking the cert tracker every day and am starting to realize that I dont have the patience to wait for Beta exam results :-). Its frustrating to know that a friend who took the standard exam two months after me has his results :-) Should I be concerned that I havent received my results yet? Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44853t=44853 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: filtering Nimda on content switch [7:44843]
I've also used nbar...works well... go here. http://www.cisco.com/warp/public/63/nimda.shtml there is also a list of supported platforms Steven A. Ridder 05/23/02 01:10PM You can do it on the router (before it gets to CSS) with NBAR and rate-limiting. I know that works. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Did anyone tried filtering Nimda Virus on the content switch.I have configured it but do not see that it is filtering the virus, the show summary is not showing the counter incrementing even though the IDS reports Nimda. Here is what I configured,Created a HTTP header group and rule which will look at the http header request for the strings .ida , cmd.exe, default.ida and x.ida and if found should direct this to the Dummy service which points to a nonexisting server. Any inputs regarding this be helpful !* HEADER FIELD GROUP * header-field-group .ida header-field .ida request-line contain .ida header-field-group cmd.exe header-field cmd.exe request-line contain cmd.exe header-field-group default.ida header-field default.ida request-line contain default.ida header-field-group root.exe header-field root.exe request-line contain root.exe header-field-group x.ida header-field x.ida request-line contain x.ida !*** OWNER *** content block_.ida url /* protocol tcp port 80 header-field-rule .ida weight 0 add service dummy active content block_cmd.exe url /* protocol tcp port 80 header-field-rule cmd.exe weight 0 add service dummy active content block_default.ida header-field-rule default.ida weight 0 add service dummy protocol tcp port 80 url /* active content block_root.exe protocol tcp port 80 url /* header-field-rule root.exe weight 0 add service dummy active content block_x.ida protocol tcp port 80 url /* header-field-rule x.ida weight 0 add service dummy active !** SERVICE ** service dummy ip address 10.10.10.10 keepalive type none active Kind Regards /Thangavel 186K Reading,Brkshire Direct No -0118 9064259 Mobile No -07796292416 Post code: RG16LH www.186k.co.uk -- The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela ** This e-mail is from 186k Ltd and is intended only for the addressee named above. As this e-mail may contain confidential or priveleged information, if you are not the named addressee or the person responsible for delivering the message to the named addressee, please advise the sender by return e-mail. The contents should not be disclosed to any other person nor copies taken. 186k Ltd is a Lattice Group company, registered in England Wales No. 3751494 Registered Office 130 Jermyn Street London SW1Y 4UR ** Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44851t=44843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]
sam sneed wrote: I'm trying to force an interface to 10 MB full duplex on a 4700 router. No can do, unless it's an NP-2E-FDX. If so, the command (in interface config) would be 'full-duplex' See http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2e_fdx.htm for that. The docemntation for 4700 is not on cisco's site. Does anyone know the command. It is. See the link above one level up. Most of the rest is IOS docs. Also doing a show int does not tell whether is running at half or full duplex and the speed. That's because the NP you have (NP-2E or NP-6E?) can't do anything but 10/half, so it doesn't display it. There would be a 'hdx' or 'fdx' if it did, something like this: Encapsulation ARPA, loopback not set, keepalive not set, hdx, 100BaseTX This is from a FE interface, obviously, but it should look similar with a NP-2E-FDX. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44854t=44844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet Session Traces....Needing help! [7:44793]
See comments in line. At 02:27 AM 5/23/02, Mark Odette II wrote: To anybody that has experience with Sniffers. or more perhaps more specifically, Priscilla- I'm trying to hunt down the culprit of Telnet Session disconnects without Administrative or User interaction to invoke such action. The situation is Telnet clients on remote ends of PIX VPNs have their sessions dropped without warning, and without Administrative action to cause such sudden session endings. All users that connect to the same Telnet Server on the local subnet never experience this problem. For the remote users that do experience this problem, it usually occurs after roughly 30 minutes of inactivity. This used to not be the case when all such remote clients were connecting via private Frame Relay networks back to the Server in a hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to the Telnet Server's Private Network has this anomaly arisen. The Telnet Server is a custom application service for Unidata DB Server by Informix. It uses the standard Telnet port, and runs on NT 4.0. For everything I can see in the registry referencing the Telnet App Service, it doesn't specify any settings for keep-alive or session monitoring. How about the clients? Do they have some setting for keepalive or disconnecting after no activity? How about the VPN software? It might have something like that. I would definitely focus on the VPN aspects since that's the one thing you say that changed. Also, from the Unidata Application Server's point of view, the Server thinks the user is still connected, so it never clears the session. When the user finds his/her application rendering a Pop-Up dialogue stating that the session was disconnected, and asks if they want to reconnect, they choose Yes naturally. From the Server side, a second session for that user is started, and the first session becomes an orphan process (in my own words). This of course then causes a problem of exhausting the limited number of users licenses, and eventually causes users to not be able to get back on the system until the old orphaned processes are administratively cleared. So, I open a case with Cisco, and they say Slap a Sniffer on the Server side of the network, and see what is causing the disconnects. They also say that they are suspect that the Telnet Server is sending its session keep-alives via Broadcast A server sending its keepalives via broadcast sounds extremely unlikely. Ask that this be escalated to a more senior TAC engineer?! ;-) (On the other hand, they see a lot of strange things and probably wouldn't say this unless they had seen something similar. So there may be some germ of truth in it.) But, from the symptoms that you are experiencing, I would put the sniffer on the client side, not the server side. You said the server still thinks the session is open. It probably didn't send anything. Actually put a sniffer on both sides to get the best results. , and that by design of Security, the VPN tunnels don't pass Broadcast Traffic. The Sniffer capture is supposed to prove or disprove this. I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window of data, but am at a loss as to how to identify the disconnect process of a telnet session..Which is where I could use a few pointers. A good sniffer would let you search for the text FIN in the detail. Also, be sure to set up a filter for Telnet traffic just from that server so you'll have less data to look at. Could someone tell me what to look for in a session trace that identifies a sudden termination of a specific telnet session (most probably initiated by the server)?? Either FIN or maybe RST (reset). Unfortunately, I'm not a very well experienced person in following the SYN, FIN, PSH, ACK, SYN ACK, etc. process. But I want to learn! That's what you have to do. You just have to follow it, packet by packet. There's no magic. It just takes practice and a willingness to spend lots of time studying the details. If I had the time and money, I'd go take a Sniffer class, but that's another story. You may not need a class, if you have the time to work on it yourself. Good luck. Let us know the resolution! Thanks. Priscilla so, in the mean time, if someone would be kind enough to point me in a direction on how to interpret and follow a sniffer trace, I'd be eternally greatful. Thanks, Mark Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44855t=44793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]
I don't think a 4700 supports 10M full duplex. I have one running 12.0.16 in the lab and it doesn't support it. The 4700 doc is on CCO though: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/index.htm Dave sam sneed wrote: I'm trying to force an interface to 10 MB full duplex on a 4700 router. The docemntation for 4700 is not on cisco's site. Does anyone know the command. Also doing a show int does not tell whether is running at half or full duplex and the speed. Thanks in advance. Cisco-4700#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Cisco-4700#sh int e1 Ethernet1 is up, line protocol is up Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) Description: To Internal Ethernet Internet address is 62.119.136.65/29 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 17/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 00:06:34 Queueing strategy: fifo Output queue 0/150, 0 drops; input queue 0/150, 0 drops 5 minute input rate 135000 bits/sec, 121 packets/sec 5 minute output rate 676000 bits/sec, 146 packets/sec 51738 packets input, 7410570 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 62904 packets output, 35275588 bytes, 0 underruns 0 output errors, 612 collisions, 0 interface resets 0 babbles, 0 late collision, 685 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Cisco-4700# -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44856t=44844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: filtering Nimda on content switch [7:44843]
Passed the BSCN test, it's got some difficult questions with a few cupcakes here and there. Just like everyone else has said, know your BGP, OSPF, and EIGRP as well as a tad of IGRP and RIP. No surprises there. I used the Cisco Press book by Clare Gough, not a great book but I guess it got the job done. Probably won't be able to get in switching before the new exam. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44857t=44843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token ring Question. [7:44805]
I just noticed that I misplaced the functional/non-functional bit. I hate that! ;-) The functional/non-functional bit is the most significant bit of the 3rd byte (not the least significant bit of the 2nd byte as I said before.) So, the address is: 4000.a089.0002 0100 1010 ... First bit transmitted (most significant of 1st byte) is 0 (specific) Second bit transmitted is 1 (locally-administered) Most significant bit of the third byte is 1 (non-functional) That makes more sense now that I see he was referring to a source address. A source address shouldn't be a functional address. Priscilla At 01:17 PM 5/23/02, Priscilla Oppenheimer wrote: At 07:25 AM 5/23/02, Ivan wrote: Hi all, I have a interest question, doesn't any one know the answer? A router is being used as a translation bridge between a Token Ring network and an Ethernet network. Host X on the Token ring sends a packet to Host Y on the Ethernet. The soursce MAC address of the packet is 400.a089.0002. That's not a valid address. A MAC address is 48 bits or 6 bytes. In hex a byte is written with 2 digits. So the address must have 12 digits. I assume you are missing a 0 and that you meant to say: 4000.a089.0002 The bridge will translate the non-canonical address to canonical (see my other message and numerous other messages on that computing 101 topic). On the other hand, maybe the question expects you to know these other details: The first byte of that address in binary is: 0100 Token Ring transmits the most significant bit first. (the one in the 2^7 position). IEEE says that the first bit transmitted is the Specific/Group bit. (A group address is used for multicast and broadcast). 0 = Specific 1 = Group So this is a specific address. No problem. Ethernet can handle that (and could handle a multicast or broadcast too, of course.) IEEE says that the second bit transmitted is the Globally Administered/Locally Administered bit. 0 = Global 1 = Local So this is a locally-administered address. Although IEEE 802.3 (Ethernet) does officially support locally-administered addresses, they aren't often used on Ethernet. So that's a minor issue. The second byte is IEEE 802.5 (Token Ring) says that the least significant bit of the second byte is the Functional/Non Functional address. IEEE 802.3 (Ethernet) does not say this and does not support functional addresses. 0 = Functional 1 = Non functional So here we have a slightly more interesting issue. This is a functional address. Ethernet won't recognize that it's a functional address, however. From a troubleshooting viewpoint, you would want to figure out what function this was supposed to carry out on the Token Ring side. Whatever it was, it's not going to also get carried out on the Ethernet side. For most functional addresses, this isn't an issue. The well-known ones are used for purposes such as: Sending to the active monitor (which doesn't exist on Ethernet) Sending to the ring parameter server (which doesn't exist on Ethernet) Sending to LAN manager (which doesn't exist on Ethernet) etc. You get the picture This particular address is one that I don't recognize though. It may be used for a proprietary (non-standard) function on the Token Ring side. Perhaps you are expected to know these sorts of things to answer this question correctly. Priscilla How would the MAC address be interpreted in an Ethernet environment? does anyone know the answer? thank you. Ivan Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44852t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: setting spped and duplex on cisco 4700 IOS 11 [7:44844]
Sam, It depends on the module installed in the 4700. The NP-2E-FDX supports Full Duplex, but the other Ethernet (NP-6E I believe) modules do not. Configuration examples for duplex settings on the NP-2D-FDX can be found here: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2 e_fdx.htm (watch for wrap) HTH, Nick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of sam sneed Sent: Thursday, May 23, 2002 11:05 AM To: [EMAIL PROTECTED] Subject: setting spped and duplex on cisco 4700 IOS 11 [7:44844] I'm trying to force an interface to 10 MB full duplex on a 4700 router. The docemntation for 4700 is not on cisco's site. Does anyone know the command. Also doing a show int does not tell whether is running at half or full duplex and the speed. Thanks in advance. Cisco-4700#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Cisco-4700#sh int e1 Ethernet1 is up, line protocol is up Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) Description: To Internal Ethernet Internet address is 62.119.136.65/29 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 17/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 00:06:34 Queueing strategy: fifo Output queue 0/150, 0 drops; input queue 0/150, 0 drops 5 minute input rate 135000 bits/sec, 121 packets/sec 5 minute output rate 676000 bits/sec, 146 packets/sec 51738 packets input, 7410570 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 62904 packets output, 35275588 bytes, 0 underruns 0 output errors, 612 collisions, 0 interface resets 0 babbles, 0 late collision, 685 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Cisco-4700# Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44858t=44844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44859t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
any dynamic routing for dial-peers? [7:44860]
Does anyone at Cisco know if a dynamic routing-like protocol will be coming out for h.323 zones or dial-peers? It's seems to be a pain to statically enter in dial-peers for all routers and h.323 zones. -- RFC 1149 Compliant Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44860t=44860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Removing stuff from our router [7:44839]
No, this is a real implementation on our network. Since I am not even a CCNA yet (maybe in a couple of weeks), I wanted to make sure I would not break something. I just substituted names and AS numbers. I am hopefully going to take advanced routing and learn more about the BGP soon after my test. Thanx, Anil Gupte - Original Message - From: Scott H. To: Sent: Thursday, May 23, 2002 12:09 PM Subject: Re: Removing stuff from our router [7:44839] Removing the route map and as-path filters will work the way you have it (if you do no route-map MyISP-In it will remove the entire route-map), but you should also remove the neighbor statements in your config. that reference these things. By looking at the configs., I'm assuming this is in a lab environment and not a real implementation. permit ^$ is simply permitting an empty as path. In other words, only routes originating in the local AS will be permitted. It's a common way to ensure that your AS does not become transit for somebody else's traffic. permit ^[0-9]* is a little more complicated. This statement is saying to permit zero or more instances of a number between 0 and 9. Do a search on CCO for AS path filters and you should find some good info. to help you on your way. HTH, Scott CCIE #9340 Anil Gupte wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... To remove this: route-map MyISP-In permit 10 match as-path 6 set local-preference 200 Do I just do this?: no route-map MyISP-In permit 10 Also, to remove: ip as-path access-list 1 permit ^[0-9]* ip as-path access-list 2 permit ^$ ip as-path access-list 3 permit ^1234$ ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$ Do I just?: no ip as-path access-list 1 permit ^[0-9]* no ip as-path access-list 2 no ip as-path access-list 3 Also what is that permit ^$ and permit ^[0-9]* for? What does it do? Thanx for the help. Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44862t=44839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RIP default routing [7:44863]
In both the Caslow (1E p. 349) and Solie (p. 625) books it is stated that if you are running RIPv1, and if you put a default route using ip route 0.0.0.0 0.0.0.0 on one of the routers, a default route is automagically injected into the RIP process. I am sure I have seen this before working as a lab-rat (oops not that again) but I cannot reproduce it now. I am using three 2500 series routers and have tried all combinations of statements and wiring. I am now wondering if it is a matter of IOS versioning. I just put on the IP version of 12.1.15, which was just put out a few days ago. Has anybody got this to work, and if so, with what version of IOS? By the way, ip default-network works just fine. Thank you, John Dorffler CCIE #6677 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44863t=44863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]
I remember downloading the tutorial a few years ago. Looks like it's gone now - google shows it on the 3com website, but when you go there all you get is a blank page that says Technical Papers. Doing a search on the 3Com website doesn't come up with any hits. Other links on google all point back to various places on the 3Com website that don't exist anymore. Anyone still have the original PDF? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44865t=44865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
Brian Zeitz wrote: problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. Yup. That will probably fix it. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44864t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]
Thanks alot. I can't believe it can't run full duplex. Piece of sh*t! M.C. van den Bovenkamp wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... sam sneed wrote: I'm trying to force an interface to 10 MB full duplex on a 4700 router. No can do, unless it's an NP-2E-FDX. If so, the command (in interface config) would be 'full-duplex' See http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2e_fd x.htm for that. The docemntation for 4700 is not on cisco's site. Does anyone know the command. It is. See the link above one level up. Most of the rest is IOS docs. Also doing a show int does not tell whether is running at half or full duplex and the speed. That's because the NP you have (NP-2E or NP-6E?) can't do anything but 10/half, so it doesn't display it. There would be a 'hdx' or 'fdx' if it did, something like this: Encapsulation ARPA, loopback not set, keepalive not set, hdx, 100BaseTX This is from a FE interface, obviously, but it should look similar with a NP-2E-FDX. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44866t=44844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN-BRI [7:44867]
Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44867t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Support Beta exam results [7:44853]
I took the beta exam for the next-generation BCRAN (640-605) around Mar. 15 and still have heard anything. I was told then that it would be 8 - 12 weeks and that the website would be the only notification. If it goes beyond 12 weeks call the exam administrator (either Prometric or Vue) -Original Message- From: Peter Walker [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:37 PM To: [EMAIL PROTECTED] Subject: Support Beta exam results [7:44853] Folks Just a quick question, I took the CCNP Beta on March 18 and am still awaiting the results. Does anyone have any experience of just how long I have to wait for the results. I am checking the cert tracker every day and am starting to realize that I dont have the patience to wait for Beta exam results :-). Its frustrating to know that a friend who took the standard exam two months after me has his results :-) Should I be concerned that I havent received my results yet? Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44868t=44853 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
Without portfast, it can take up to about 40 seconds for the network connection to come up on the workstatsion. This document is the one your looking for: http://www.cisco.com/warp/public/473/100.html Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44870t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN-BRI [7:44867]
I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44872t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
portfast is a must man When a client comes online the port goes active immediately so any requests go out. (you can see this action on the switch...the light will go straight to green instead of flickering orange) While the led is flickering orange, you have no connectivity. so if the client makes it's request then, the server will not ever get the packet. -Patrick Brian Zeitz 05/23/02 02:18PM Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44869t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP default routing [7:44863]
I have several 2501 routers and a couple of 4500's at home running 12.1 and rip1 with static routes is working as you describe. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Dorffler Sent: Thursday, May 23, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: RIP default routing [7:44863] In both the Caslow (1E p. 349) and Solie (p. 625) books it is stated that if you are running RIPv1, and if you put a default route using ip route 0.0.0.0 0.0.0.0 on one of the routers, a default route is automagically injected into the RIP process. I am sure I have seen this before working as a lab-rat (oops not that again) but I cannot reproduce it now. I am using three 2500 series routers and have tried all combinations of statements and wiring. I am now wondering if it is a matter of IOS versioning. I just put on the IP version of 12.1.15, which was just put out a few days ago. Has anybody got this to work, and if so, with what version of IOS? By the way, ip default-network works just fine. Thank you, John Dorffler CCIE #6677 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44871t=44863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and MS Active Directory [7:44797]
John, SMTP only works if you have two sites in two different domains. In addition, you have to have an exchange server with KMS and a CA to encrypt. Pat, I would suggest creating a tunnel from pix to pix and running the replication through there. AD uses RPC, which doesn't translate due to the fact that it uses random port numbers after the initial session establishment. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44874t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Provider backbone engineering (was: Logic and Lab Rats) [7:44875]
Great reply, Thanks! From: Howard C. Berkowitz Reply-To: Howard C. Berkowitz To: [EMAIL PROTECTED] Subject: Provider backbone engineering (was: Logic and Lab Rats) [7:44743] Date: Wed, 22 May 2002 15:42:01 -0400 At 7:03 PM + 5/22/02, Cisco Nuts wrote: Could you elaborate on the backbone engineering is at a level far more specialized and complex than the CCIE level, and there haven't been formalized ways to learn it. I would love to know more about what you actually mean? Thank you. Regards. :-) well, my book on the subject, Building Service Provider Networks, should be about to ship. Seriously, let's talk about several areas, beginning with BGP. Every BGP scenario I've seen or or heard of in the CCIE context, at best, looks at an extremely simple configuration with rules NEVER used in the real world. A few contrasts: -- in the real world, it's VERY rare to redistribute between a dynamic IGP and BGP. Sure, there are exceptions, but they are VERY carefully chosen. A provider backbone CANNOT survive having 100,000-plus routes in its IGP, nor should it. -- In provider use, the main purpose of the IGP (or multiple instances of an IGP) is to maintain connectivity among BGP routers. You may have a separate IGP instance for each POP or group of POPs. -- To connect customers, there is MUCH more use of static and default routes. You could not possibly run a provider network with the CCIE lab rule of no statics or defaults. -- AS paths are longer and more complex than you can create with six or so routers. -- There's a HUGE amount of things to be concerned with that aren't strictly configuration, such as justifying/obtaining/managing address space, intercarrier relationships involving both economics and cooperative troubleshooting, DNS management, protecting against distributed denial of service, etc. -- BGP communities are far more important than in typical scenarios. You need to know why and when to set up your own, learn the values of communities set by other AS and under what circumstances you should act on them, etc. -- You may be dealing literally thousands of routers in your own network, interconnected with thousands of enterprise networks. You may also have a complex ATM, SONET, MPLS, or other intelligent sub-IP technology that must coordinate with the IP. -- There's a different viewpoint on convergence. It's generally accepted among large providers and researchers that the worldwide BGP table never truly converges -- changes come too fast. We have to work in that environment. -- Customers frequently multihome in ways that require coordinating between their providers, even when those providers are competitors. -- As opposed to an enterprise network where SOMEBODY is in control, the provider space involves cooperative anarchy. One AS fouling up its configuration can and has had worldwide effects. These are just a start. There are other people that can comment on some of the differences. Peter van Oene (yes, I'm volunteering you) is one with lots of good experience. There are others, and this actually might be an interesting thread. -- What Problem are you trying to solve? ***send Cisco questions to the list, so all can benefit -- not directly to me*** Howard C. Berkowitz [EMAIL PROTECTED] Chief Technology Officer, GettLab/Gett Communications http://www.gettlabs.com Technical Director, CertificationZone.com http://www.certificationzone.com retired Certified Cisco Systems Instructor (CID) #93005 _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44875t=44875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN-BRI [7:44867]
I'm going to guess that it would need to be crossover as well, but I'm not sure. Probaly though. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44873t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Provider Backbone Engineering and CCIEs [7:44876]
Howard and dre, First of all, thanks for the excellent thread! You've given me a great deal of information about service provider issues. I was dimly aware of some of them, but now I see how they really affect ISP operations. I've printed out the whole thread and when I can get some quiet time away from the wife and kids (ha!), I'm going to go over it in detail. Thanks for all the links too! It's helpful to know what the best things to read are. At the risk of extended an already belabored subject, I did want to comment on the whole CCIE issue. I'm not sure it's fair to blame Cisco for not making the lab exam deal with real-life issues, especially those for service providers. Cisco's goal, after all, is not to make great network engineers, but to make engineers who are proficient with all of Cisco's features and functions. That is why some of the lab scenarios are a bit contrived, and also why you should be fired for trying to use some of those features on a real network. Cisco's aim is to make sure CCIEs know how to configure a Cisco router to solve any problem, even those that shouldn't be solved with a router! You guys have obviously great expertise in a relatively specialized field. Should everyone have to understand all these issues before they can rightly call themselves a network engineer? How many SP jobs are there at that level, especially in today's market? I would love to be able to specialize like you have, but the realities of my job require me to be conversant in everything Cisco sells. To use Howard's medical analogy, while I want to master neurosurgery, I work in the ER and have to deal with everything from heart attacks to broken bones to earwax. To push the medical analogy just a bit farther, I think having the CCIE is like graduating from medical school. You have mastered a body of knowledge and have earned the right to put letters after your name, but no one is going to give you a scalpel until you have completed a lengthy internship. That's where the experience comes in. It's important to know where to cut. It is even more important to know when not to cut. Ron Trunk, CCIE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44876t=44876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Removing stuff from our router [7:44839]
I wouldn't suggest playing with this until you really understand what you are doing. You could do some major damage to your network. Anil Gupte wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... No, this is a real implementation on our network. Since I am not even a CCNA yet (maybe in a couple of weeks), I wanted to make sure I would not break something. I just substituted names and AS numbers. I am hopefully going to take advanced routing and learn more about the BGP soon after my test. Thanx, Anil Gupte - Original Message - From: Scott H. To: Sent: Thursday, May 23, 2002 12:09 PM Subject: Re: Removing stuff from our router [7:44839] Removing the route map and as-path filters will work the way you have it (if you do no route-map MyISP-In it will remove the entire route-map), but you should also remove the neighbor statements in your config. that reference these things. By looking at the configs., I'm assuming this is in a lab environment and not a real implementation. permit ^$ is simply permitting an empty as path. In other words, only routes originating in the local AS will be permitted. It's a common way to ensure that your AS does not become transit for somebody else's traffic. permit ^[0-9]* is a little more complicated. This statement is saying to permit zero or more instances of a number between 0 and 9. Do a search on CCO for AS path filters and you should find some good info. to help you on your way. HTH, Scott CCIE #9340 Anil Gupte wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... To remove this: route-map MyISP-In permit 10 match as-path 6 set local-preference 200 Do I just do this?: no route-map MyISP-In permit 10 Also, to remove: ip as-path access-list 1 permit ^[0-9]* ip as-path access-list 2 permit ^$ ip as-path access-list 3 permit ^1234$ ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$ Do I just?: no ip as-path access-list 1 permit ^[0-9]* no ip as-path access-list 2 no ip as-path access-list 3 Also what is that permit ^$ and permit ^[0-9]* for? What does it do? Thanx for the help. Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44878t=44839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN-BRI [7:44867]
You cant do this with ISDN, from what I know if you want to simulate an ISDN link you NEED either an ISDN simulator or actual ISDN line. Erich -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: May 23, 2002 12:25 To: [EMAIL PROTECTED] Subject: Re: ISDN-BRI [7:44867] I'm going to guess that it would need to be crossover as well, but I'm not sure. Probaly though. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44877t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]
Go to http://www.packetattack.com/downloads.html About halfway down the page I have PDF versions posted. 3 files. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44879t=44865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN-BRI [7:44867]
You can use a 3600 to simulate the ISDN switch. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Erich Kuehn wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You cant do this with ISDN, from what I know if you want to simulate an ISDN link you NEED either an ISDN simulator or actual ISDN line. Erich -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: May 23, 2002 12:25 To: [EMAIL PROTECTED] Subject: Re: ISDN-BRI [7:44867] I'm going to guess that it would need to be crossover as well, but I'm not sure. Probaly though. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44880t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]
Yes, that's the one. Google is usually pretty good; the best link it gave me was http://www.3com.com/corpinfo/en_US/technology/tech_paper.jsp?DOC_ID=135 and that's the one that came up with the blank page. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44882t=44865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]
Is this the one you're after? http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf Robert Kulagowski wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I remember downloading the tutorial a few years ago. Looks like it's gone now - google shows it on the 3com website, but when you go there all you get is a blank page that says Technical Papers. Doing a search on the 3Com website doesn't come up with any hits. Other links on google all point back to various places on the 3Com website that don't exist anymore. Anyone still have the original PDF? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44881t=44865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN-BRI [7:44867]
Steven, Quick - someone else is using your computer :-) Have you really got a cable that connects two ISDN ports together. If it's cheaper than my ISDN simulator I'll order two. Have I misunderstood the question, or did you? Gaz Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm going to guess that it would need to be crossover as well, but I'm not sure. Probaly though. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44884t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: any dynamic routing for dial-peers? [7:44860]
At 02:19 PM 5/23/02, Steven A. Ridder wrote: Does anyone at Cisco know if a dynamic routing-like protocol will be coming out for h.323 zones or dial-peers? It's seems to be a pain to statically enter in dial-peers for all routers and h.323 zones. Interesting question! It sort of relates to that CCIE lab rat conversation we had that included a line something like Do the PBX guys know VoIP? This is the other way around. With dial peers, you're doing the sort of nitty-gritty administrative work that PBX administrators have done for years. Whether some protocols will be designed to make it easier and more dynamic or not, I don't know. It's a good idea, but it might involve some philosophical paradigm shifts. Now I'm sounding like an old-timer. ;-) Seriously it might take a youngster who wouldn't even consider that the task is extremely difficult for both technical and philosophical reasons. That's my 0.0010 cents. Priscilla -- RFC 1149 Compliant Get in my head: http://sar.dynu.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44883t=44860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed the qualification exam [7:44885]
Hi I passed the written today but it feels like a hollow victory. The exam is a tired old beast and needs to be brought up to date. Im sure the new one will be a big improvement. The idea of the qualification exam is to screen candidates for the lab. This one doesnt seem to do a very good job of that. To pass this exam and think that youre ready would be a sad mistake. I would rather have a tough qualification exam and a high success rate at the lab than the other way around. I was shocked to find that several of the on-line study guides have violated the NDA and offer test questions copied directly from the real exam. To anyone who tries to take shortcuts and sneak by I can only say, Dont even think about it, you will just fail the lab. For preparation I used Caslow and that pretty well covers it. I thought the book was light on the protocols, but so is the exam. You certainly do need to know token ring and how to read RIFs. You really dont need to do any math to answer the questions. If you know how things work, the correct answer pops right out at you. Anyway, its now time to start climbing the big mountain. I hope to be ready in six months. I have a small lab at home with five routers and a couple of switches. I plan to practice my skills on those and expand the lab as needed. For the big stuff, Ill use the on-line labs and maybe do a boot camp when Im almost ready. This group has been a big help and sometimes provides great entertainment. I hope we dont get too serious and start filtering the flame wars. That would be a shame. Richard __ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44885t=44885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interface Resets [7:44791]
Zero. Seriously tho I don't like to see many interface resets. Mike W. Sujal G. Ajmera wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is there any acceptable limit for this? Thanks, Sujal [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44888t=44791 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco IDS 4230 - sensor software [7:44887]
Hi all, I needed the IDs sensor software version 2.5(0) S0 - URGENTLY !!! Apparently this is not Cisco CCO downloadable anymore since version 3.0 is now available . However, I just have to have the 2.5 version Any help will be GREATLY appreciated in locating this software, wouldn't even mind paying .. as I need this urgently thank you, HD Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44887t=44887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed the written... Now on to the lab!! [7:44442]
Not for sure Cisco moved pretty quick on the other betas I took, so I would think sometime in July or August but I read someone else say September or so. Mike W. Creighton Bill-BCREIGH1 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Do you know when the current 350-001 is set to expire? -Original Message- From: Frank Merrill [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 11:05 PM To: [EMAIL PROTECTED] Subject: RE: Passed the written... Now on to the lab!! [7:2] Michael L. Williams wrote: (just to echo what others have said) If you're anywhere close to ready to take the written, do it now! I took the beta for the new written, and it's much different. Aside from information on routing protocols, I assume this means you took the Beta, and then also took the current version (maybe assuming you didn't pass the Beta??) and passed that? fm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44886t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token ring Question. [7:44805]
This is correct if the router is acting as a router but when the router is bridging, this is no longer true. To answer your question, Ivan, you would simply perform bitswapping on the TR MAC to find the ethernet equivalent. There were a series of posts on this topic (some by me) that specifically lay out this process in both Hex and binary. Do a quick search for messages from the past couple of weeks for the work 'bitswapping' and you'll find them. HTH, Mike W. C restion wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Ivan, Mac addresses only have local significance. So for your scenario, host X sends a packet with it's own MAC address as the source and the router TR interface as the destination MAC address. The router then rebuilds the packet and sends it out the ethernet interface with the Ethernet interface as the source MAc address and host Y as the destination MAC address. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44889t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IS-IS distribute list? [7:44890]
Is there an ISIS equivalent to the following command? ! router ospf 10 distribute-list 15 out serial 3/0 ! I realize I can filter during redistribution in and out of ISIS with route maps, and filter with route leaking, etc. I need to be able to filter a router out between two L2 ISIS routers. thanks Mike --- Mike Bernico [EMAIL PROTECTED] Illinois Century Network http://www.illinois.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44890t=44890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token ring Question. [7:44805]
Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If this seems mysterious or difficult to apply in a generic fashion to any hex representation of a byte, then it's not time yet to go for CCIE. Thank you for verifying my feelings about this. As you may, or may not, have seen the conversations on this topic of late, I may have stepped on peoples toes a bit with my attitude toward learning binary, but i still stand by what I said.. (which, in case you missed out (LOL), was Learn binary. computers are binary. networks are binary this is not rocket science!! =) Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44891t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
test [7:44893]
test Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44893t=44893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN-BRI [7:44867]
Here's the links I have seen from in this group. Maybe it is only for PRI, but some do talk about BRI's. pad pad pad http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t3/dt_q931.htm http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t2/dt_qsig.htm http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 limit/121x/121xi/121xi_3/dt_brint.htm -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Jeff Harris wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I thought you could only back-to-back a PRI this way? -- Jeff Harris - Cisco/Unix Engineer CCNA, CCNP Routing, Remote Access Passed On Thu, May 23, 2002 at 04:33:48PM -0400, Steven A. Ridder wrote: You can use a 3600 to simulate the ISDN switch. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Erich Kuehn wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You cant do this with ISDN, from what I know if you want to simulate an ISDN link you NEED either an ISDN simulator or actual ISDN line. Erich -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: May 23, 2002 12:25 To: [EMAIL PROTECTED] Subject: Re: ISDN-BRI [7:44867] I'm going to guess that it would need to be crossover as well, but I'm not sure. Probaly though. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I believe any cable with pins 3456 active will work. jb wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I have two routers with a BRI module, which cable should I used in order for each router be able to talk to the other via ISDN. I do not have an ISDN simulater.. J Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44895t=44867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]