Telnet Session Traces....Needing help! [7:44793]

[Mark Odette II]

To anybody that has experience with Sniffers. or more perhaps more
specifically, Priscilla-
 
I'm trying to hunt down the culprit of Telnet Session disconnects
without Administrative or User interaction to invoke such action.
 
The situation is Telnet clients on remote ends of PIX VPNs have their
sessions dropped without warning, and without Administrative action to
cause such sudden session endings.
 
All users that connect to the same Telnet Server on the local subnet
never experience this problem.  For the remote users that do experience
this problem, it usually occurs after roughly 30 minutes of inactivity.
This used to not be the case when all such remote clients were
connecting via private Frame Relay networks back to the Server in a
hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to
the Telnet Server's Private Network has this anomaly arisen.
 
The Telnet Server is a custom application service for Unidata DB Server
by Informix.  It uses the standard Telnet port, and runs on NT 4.0.  For
everything I can see in the registry referencing the Telnet App Service,
it doesn't specify any settings for keep-alive or session monitoring.
 
Also, from the Unidata Application Server's point of view, the Server
thinks the user is still connected, so it never clears the session.
When the user finds his/her application rendering a Pop-Up dialogue
stating that the session was disconnected, and asks if they want to
reconnect, they choose Yes naturally.  From the Server side, a second
session for that user is started, and the first session becomes an
orphan process (in my own words).  This of course then causes a
problem of exhausting the limited number of users licenses, and
eventually causes users to not be able to get back on the system until
the old orphaned processes are administratively cleared.
 
So, I open a case with Cisco, and they say Slap a Sniffer on the Server
side of the network, and see what is causing the disconnects.  They
also say that they are suspect that the Telnet Server is sending its
session keep-alives via Broadcast, and that by design of Security, the
VPN tunnels don't pass Broadcast Traffic.  The Sniffer capture is
supposed to prove or disprove this.
 
I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window
of data, but am at a loss as to how to identify the disconnect process
of a telnet session..Which is where I could use a few pointers.
 
Could someone tell me what to look for in a session trace that
identifies a sudden termination of a specific telnet session (most
probably initiated by the server)??
 
Unfortunately, I'm not a very well experienced person in following the
SYN, FIN, PSH, ACK, SYN ACK, etc. process.  But I want to learn!
 
If I had the time and money, I'd go take a Sniffer class, but that's
another story. so, in the mean time, if someone would be kind enough to
point me in a direction on how to interpret and follow a sniffer trace,
I'd be eternally greatful.
 
Thanks,
Mark




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44793t=44793
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider backbone engineering [7:44778]

[dre]

Howard C. Berkowitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 At 11:27 PM -0400 5/22/02, dre wrote:
   The first key question to ask here:  what is the broad routing
   paradigm?  Cold potato/closest exit or hot potato/best exit?
 
 For a peering routes example, yes best-exit/closest-exist problems
 are super high on the agenda.  However, that seems to be more of
 an IGP problem, and that's where regular knowledge of say, OSPF,
 is taken to a whole new level.

 Not necessarily an IGP problem, but possibly an edge router that
 classifies traffic, possibly with communities signaled to an
 aggregating router, or using policy routing to MPLS tunnels.

You really think that's likely?  I always saw it as:
same weight/local_pref - external route - same as-path - same
origin type - *then* MED (some people doing annoying internal
IGP metrics (based on fiber distances) to MED's, others doing more
intelligent, yet also annoying values that force you to do best-exit, but
end up costing you money until you local_pref and force shortest-exit,
and lastly smart people who tell you they are doing MED's based on
delay or congested peers or *ahem* antiquated equipment (can you
say AGS+?) and you listen to them because you are friends with the
guy or some equally similar situation).

Now, what's the next step if MED is the same?  Your IGP metric.
Boom.

Doing something like DS-TE (which it sounds like you are mentioning
as common practice for best-exit routing) is unheard of to me.

 Reversal routing concepts are common in the workplace and unheard
 of in any labs/certification courses.

 Are you mentioning reverse path verification as well?

Good catch. ;  Actually, I had the idea of reverse triggers using BGP
and source-specified routing a long time ago (to actually stop spoofed
addresses).  I sort of borrowed the concept from MAPS RBL's BGP
reverse trigger for stopping unsolicited commercial email and other
blackholing concepts.  Then Cisco (and now Juniper) started doing
this with a FIB and calling it uRPF.  Funny name for a simple concept.
Well I guess it's not very simple.  I'm still trying to get my head around
loose vs. strict uRPF and some of the strange ideas I've had recently
involving IRRToolSet peval and router configruations for strict mode
(or was that loose mode? heh).

   We've been learning a lot about that IGP metric direct translation to
   MED can be dangerous, and produce persistent oscillation. Those route
   maps may be the better way to set MED.

http://www.ietf.org/internet-drafts/draft-ietf-idr-route-oscillation-01.txt

Ok well that's easy.  Implement your RR's correctly (duh).  And I
personally say Keep It Simple Stupid and use every possibility before
considering MED's (never do always-compare, but always use
deterministic when you do use MED's), and just stick to good old
IGP costing based on whatever you want (fiber distances, delay, etc),
but make it overly simple and easy.

One way to avoid using MED's is to call your peer and say hey can
you local_pref or change your IGP metric around this for me?.  That
generally works pretty well ;

 There also some unusual uses of MED, where IOS has knobs to implement
 certain behavior.  Always-compare-MED can compare the MEDs of
 different AS, as long as they are adjacent.  Avi Freedman had a
 presentation on an informal standard for exchange-point MED values,
 based on delay, at the Denver NANOG.

Wish there was more out there, but thanks for the pointers =]  Cisco
docs are lacking, and I hadn't seen those (woo!) 3 slides before.  I
guess something is better than nothing, so I'll stop complaining now.

 that's totally black-art.  Cisco certs clearly don't have the whole
 ball-of-wax,
 but a lot of this can be easily incorporated into their curriculum.

 Well, it depends how complex you want to make the curriculum.  I
 don't really see, for example, why an ISP routing engineer needs a
 particular knowledge of VoIP.  If the ISP offers voice, they are
 likely to have full-time voice specialist.  If the ISP is just
 providing connectivity, the VoIP and AVVID in general becomes the
 enterprise's problem.   I'd rather see more certification types, in
 more depth than breadth, in more areas.  That's the way the TAC is
 internally organized, anyway.

I sort of like how the Cisco SE's are organized:
Core Transmission (e.g. SONET, ATM, Frame-Relay, Ethernet/Etherchannel)
IP Multi-Layer / IP VPN (e.g. MPLS VPN, IPSec, BGP, OSPF, VLAN)
IP Aggregation / Access (e.g. xDSL, Cable, Dial, Fixed Wireless, WLAN)
Packet Telephony (e.g. VoIP, VoX, SS7, IPBX, H.323,  MGCP, SIP)
Network Management (SNMP, TFTP, CLI, HTML, XML, CORBA)

Is this what you are talking about?  Cisco is starting to organize a lot
of concepts around good models; I think they have this stuff down (but
that doesn't mean it can't be improved - they need a lot of industry
feedback).  Other companies are also starting to get some momentum
(well I'm talking about Juniper, although 

Re: filter snmp MIB send out on a router [7:44777]

[Kevin Cullimore]

You might be able to accomplish this goal with the view option of the
snmp-server command.

If the message parsing doesn't strip it out, here's a URL that might shed
some light:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_
r/frprt3/frd3001.htm#1023313



- Original Message -
From: Adam Wang 
To: 
Sent: Wednesday, May 22, 2002 9:01 PM
Subject: filter snmp MIB send out on a router [7:44777]


 Hi group,

 Is there a way to filter the SNMP MIB sned out on a
 cisco router.

 For example, I want a community string only send out
 router interface status info.

 How would I accomplish this?

 Thanks

 Adam

 __
 Do You Yahoo!?
 LAUNCH - Your Yahoo! Music Experience
 http://launch.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44795t=44777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider backbone engineering [7:44778]

[dre]

 Howard C. Berkowitz  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Two more things (going back to more original topics I want
to cover again).

  The first key question to ask here:  what is the broad routing
  paradigm?  Cold potato/closest exit or hot potato/best exit?

 For a peering routes example, yes best-exit/closest-exist problems
 are super high on the agenda.  However, that seems to be more of
 an IGP problem, and that's where regular knowledge of say, OSPF,
 is taken to a whole new level.  And one that is never taught in any
 course or material in any classroom or even online.  You learn that
 on the job at an ISP (does anybody else have any resources for this?).

  Many ISP's may want to inject their IGP into their BGP for
  customer static routes (using a route-map to filter out all the junk).
 
  With considerable aggregation, yes. Alternatively, though,
  redistributing blackhole statics for their allocations is common
  enough.

 Reversal routing concepts are common in the workplace and unheard
 of in any labs/certification courses.

  We've been learning a lot about that IGP metric direct translation to
  MED can be dangerous, and produce persistent oscillation. Those route
  maps may be the better way to set MED.

 Where is there information available in-print/online about the MED's
 topic?  Another one completely skipped over.  Most people are using
 IGP metrics alone these days, no need to try to translate.  At least in
 the environments I've seen.  This is a part of that whole closest-/best-
 exit argument above.  I've never really seen any configs or designs for
 translating IGP metrics to MED, something like that would interesting
 to see - even if it produces oscillatory routing.  Do you know why this
 happens?  Can you try to explain the problems more effectively?

So we've covered the how with MED's and IGP costing... now let's
discuss the why.

There is no broad paradigm for shortest-/best- exit routing.  This is
because somebody loses either way.  One ISP is going to have to
take the big content traffic, and the other ISP is going to have to
take the small user traffic (on an asymmetrical path).  This equation
gets worse when more ISP's get involved.  This equation gets even
more worse when longer fiber routes are involved (across states,
across coast-to-coast, across *oceans*, etc).  Who is going to
take the bulk of the traffic the longest distance?

Somebody got the short end of the stick here, and it was clearly
the access providers (should i say, Tier 2's? or would that be bad?).

Content providers, and content-heavy ISP's made it out big-time
during the whole period that the shortest-exit routing paradigm was
king.  Now, you have access providers desparately looking to peer
with content providers and skipping the middlemen pointing their
shortest-exit at them.  However, they aren't getting anywhere when
those same middlemen don't explain to the content providers how
to be Internet correct, when they can make tons of money.  They
would rather sell transit to content providers at sub $100/Mbps per
month (outbound only even) instead of lose that traffic ratio that's
putting their competitors out of business.

Look at this another way, and see that content providers aren't going
to bother peering when they get these super-low prices.  And content
providers (and therefore their upstreams even moreso) control the
whole flow of the Internet because local_pref *trumps*.  It's not only
better to give than to receive according to your original statement --
it keeps you in business and puts your competitors and the Internet
access providers (whatever really happened to ExciteAtHome?) and
really, when it comes down to it -- the end-user *consumers* in the
same situation as the rest of corporate america -- a big fat short end
of the stick.

Just to make matters worse, as a content provider... or content-heavy
ISP -- you can actually *force* that competitor/access-provider/user-
heavy community (the eyeballs of the Internet) to use their *most*
expensive bandwidth (by resonable interpretation or corporate
espionage, social engineering, etc).  Now *that* is truly scary.

Sorry for the conspiracy theories, but maybe this will allow some readers
to understand the whole shortest-/best- exit routing concepts better (or
it just might confuse them, hhehehe).

 But you can sort of find out what's changed and what hasn't changed.
One
 way to look at the churn is to do a show ip route | i , 00:00 every
minute
 (shows you routes that have converged in the past minute).  Another would
 be to collect dumps of the routing table and/or BGP table in intervals and
 compare them Unix diff-style.  You can then make comparisons against
 the rest of the BGP table (like AS-paths) and/or SNMP IF-MIB-like data
 to find out what changed where (and possibly why).

Another thought I wanted to add in here.  7 areas of study I find
interesting
in this space:

1) Netsys (Cisco bought em.  Cisco 

PIX and MS Active Directory [7:44797]

[Patrick Donlon]

The company I work for are looking to deploy Microsoft's Active Directory
across the intranet. Most sites have a PIX firewall running 5.3(2) and will
have many clients per site using AD. The problem seems to be that when
clients pass through the PIX and are assigned a global address/PAT AD is not
working. Static NAT translations work but due to the number of clients per
site it's not feasible to use static translations. Has anyone done this or
know any good links, can't find a thing on it at the CCO

Cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44797t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DDR logging line opening ? [7:44798]

[Herold Heiko]

Hello,
ddr, dialer profiles, isdn (ininfluent though I think).
When a connection comes up something like this is logged:

%LINK-3-UPDOWN: Interface BRI1/0:2, changed state to up
%DIALER-6-BIND: Interface BR1/0:2 bound to profile Di99
%LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:2, changed state to
up
%ISDN-6-CONNECT: Interface BRI1/0:2 is now connected to 0123456789
remotename

Unfortunately that log is always the same, if the router itself called out
or was called nothing changes. On the router itself at the moment it is easy
to find that info (sh dialer, sh isdn hist, sh isdn act), but not in the
logfile.

The only way I found is keeping active debug dialer event, probably not the
best thing on a production router.

Any idea how to get some meaningfull log ?
Thanks
Heiko

-- 
-- PREVINET S.p.A.[EMAIL PROTECTED]
-- Via Ferretto, 1ph  x39-041-5907073
-- I-31021 Mogliano V.to (TV) fax x39-041-5907472
-- ITALY




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44798t=44798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Content Switches [7:44742]

[[EMAIL PROTECTED]]

It should be inside to the firewall...near to your servers.

Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela




   
   
   
Jason
Forrester   To:
[EMAIL PROTECTED]
 Fax
to:
Sent by: Subject: Content Switches
[7:44742]
   
nobody@groups
   
tudy.com
   
   
   
   
   
22/05/2002
   
20:40
   
Please
respond
to
   
Jason
   
Forrester
   
   
   
   




All,

I have a quick question regarding content switches.  Should the content
switched be placed inside or outside of a firewall.  I can not find any
documentation to support which is better.

Thanks,

Jason Forrester
CCIE 8748
**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44799t=44742
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Tools to monitor PIX health [7:44800]

[[EMAIL PROTECTED]]

Hi,

Can anyone suggest me which tool can be used to monitor the health of PIX
and collect historic information which can provide the memory , CPU and
interface utilization.

I know PDM shows this on real time basis...I want to know a tool which
collects historic information.

Any suggestions will be highly helpful


Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44800t=44800
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

2924 with atm uplink [7:44801]

[Geoffrey Cauchi]

Hi

Is it possible to trunk multiple VLANs on an ATM RFC1483 bridged PVC?  The
PVC originates from a 2924 switch with ATM uplink.  I managed to configure
separate VLAN's per PVC, but would like to pass multiple VLANs on a single
PVC.  Any idea how this can be achieved?

Thanks in advance
Geoff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44801t=44801
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Dynamic nat on a pix decided by destination [7:44802]

[Steve Donohue]

Hey Gang,

I am running a PIX firewall version 6.1 on my network.  

I am wondering if it is possible to create a NAT pool for users to use
dependant upon their destination instead of their source.  I have 2 class C
VLANs where connections might originate from but I would like to create a
pool of about 20 addresses.  Then if users are trying to get to destination
X grab an address from the NAT pool.  If they are going anywhere else use
the PAT address.

Any examples, web sites, info would be greatly appreciated.

Thanks

Steve D.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44802t=44802
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IP phone [7:44803]

[Osama Kamal]

Is it possible to configure Cisco IP phone from the phone set itself, and
use it without Call Manager software?

I need to use IP phone from home to place calls over internet without
additional software or PC's, any idea?

 

Regards

Osama




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44803t=44803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Relation between port and interface [7:44804]

[Jose Celestino]

So what's the relation between a port and an interface in a

IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.2)XU,
MAINTENANCE INTERIM SOFTWARE

when in debug ethernet-controller address.

For instance:

May 23 12:00:00 aaa.bbb.ccc.ddd 622964: 1y9w: 0050.8bd3.f768 has moved from
port 10 to port 51 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622966: 1y9w: 0050.8bd3.f768 has moved from
port 51 to port 10 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622968: 1y9w: 0002.a5e8.d9a1 has moved from
port 39 to port 51 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622970: 1y9w: 0002.a5e8.d9a1 has moved from
port 51 to port 39 in vlan 1

How can I locate port 39 and port 51 physically on the switch?

Is this int fa0/39 and gi 0/2 ?

-- 
Jose Celestino  SAPO.pt::Systems http://www.sapo.pt
-
Quod licet Iovi non licet bovi.
(What Jove may do, is not permitted to a cow.)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44804t=44804
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Token ring Question. [7:44805]

[Ivan]

Hi all,

I have a interest question, doesn't any one know the answer?

A router is being used as a translation bridge between a Token Ring network
and an Ethernet network. Host X on the Token ring sends a packet to Host Y
on the Ethernet. The soursce MAC address of the packet is 400.a089.0002. How
would the MAC address be interpreted in an Ethernet environment?

does anyone know the answer? thank you.

Ivan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44805t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Bridge and switch [7:44649]

[R. Benjamin Kessler]

If you substitute the word segment where they have subnet then I'd
be happy with the description.

I've seen others use the two terms to mean the same thing, I suppose you
could argue it both ways.  In my mind, segment = L2; subnet = L3.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kevin Jones
Sent: Wednesday, May 22, 2002 1:59 PM
To: [EMAIL PROTECTED]
Subject: Re: Bridge and switch [7:44649]

I was under the impression that, while a switch is often termed a
multiport
bridge, there is one fundamental difference in the way the two devices
forward frames.  While my source is not always the most credible or
reliable
(Course Technology Networks Plus book), it does cause me to stop and
think
for a minute.  Anyway, the difference (as described in the book) is as
follows:

If a multiport bridge determines (based on the destination MAC address)
that
the destination node is on another subnet, it will broadcast the frame
out
all ports except the originating port.  A switch, on the other hand, is
smart enough to only forward the frame out the destination port.  Both
devices handle unknown frames and broadcasts the same way, ie. they will
forward the packets out all ports except the one the frame was received
on.

Any thoughts?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44806t=44649
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX and MS Active Directory [7:44797]

[Brian Hill]

Pat,

Are the clients having the problem, or are the servers having the problem?
If it's the servers, it's probably just RPC, but if it's the clients, it
could be lots of things. What exactly isn't working?

Brian Hill
CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), 
MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
http://www.alfageek.com


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44808t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 515E routing issue [7:44749]

[netman]

Can you ping a system on the inside?

From Pix - ping inside x.x.x.x 
To: 
Sent: Wednesday, May 22, 2002 4:14 PM
Subject: FW: PIX 515E routing issue [7:44749]


 Oh yeah I'm running PIX 6.1(2)

 -Original Message-
 From: Jablonski, Michael
 Sent: Wednesday, May 22, 2002 3:35 PM
 To: 'Cisco Study List (E-mail)'
 Subject: PIX 515E routing issue


 Just recently installed a PIX 515E.  I can ping from the PIX to an outside
 address (and inside box to ethernet on PIX); but trying to ping through
the
 PIX comes back as unreachable.  Basic layout as follows:

 Netopia DSL Router -- PIX 515E -- LAN


 I'm using the default allow rule, along with the following access list...
 everything else is pretty much default for now. (just want to try and get
 connectivity)

 access-list 100 permit icmp any any echo-reply
 access-list 100 permit icmp any any time-exceeded
 access-list 100 permit icmp any any unreachable
 pager lines 24
 interface ethernet0 10baset
 interface ethernet1 10full
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.1.6 255.255.255.252
 ip address inside 192.168.200.1 255.255.255.0
 ip verify reverse-path interface outside
 ip audit info action alarm
 ip audit attack action alarm
 arp timeout 14400
 global (outside) 1 interface
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 access-group 100 in interface outside
 route outside 0.0.0.0 0.0.0.0 192.168.1.5 1
 timeout xlate 0:05:00
 no sysopt route dnat

 I've tried running RIP on it; didn't solve the problem.  Seems like the
PIX
 doesn't understand the default route.  I've cleared the arp table still no
 luck
 Any help is GREATLY appreciated
 thanx

 ~~~
 Michael Jablonski
 ABN AMRO Asset Management Holdings, Inc.
 161 North Clark St.
 9th Flr
 Chicago, IL  60601-2468
 PH: 312.884.2996
 FAX: 312.278.5550
 ~~~

 
 This message (including any attachments) is confidential and may be
 privileged. If you have received it by mistake please notify the sender
 by return e-mail and delete this message from your system. Any
 unauthorized use or dissemination of this message in whole or in part
 is strictly prohibited. Please note that e-mails are susceptible to
 change. ABN AMRO Bank N.V. (including its group companies) shall not be
 responsible nor liable for the proper and complete transmission of the
 information contained in this communication nor for any delay in its
 receipt or damage to your system. ABN AMRO Bank N.V. (or its group
 companies) does not guarantee that the integrity of this communication
 has been maintained nor that this communication is free of viruses,
 interceptions or interference.
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44807t=44749
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token ring Question. [7:44805]

[C restion]

Hi Ivan,

Mac addresses only have local significance. So for your scenario, host X
sends a packet with it's own MAC address as the source and the router TR
interface as the destination MAC address. The router then rebuilds the
packet and sends it out the ethernet interface with the Ethernet interface
as the source MAc address and host Y as the destination MAC address.

Hth,
Crestion


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44809t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP phone [7:44803]

[Michael J. Doherty]

The Cisco IP Phones are slave devices, incapable of independent thought (so
to speak).  While you can provide configuration parameters through the
telephone interface, you are limited to setting IP address, TFTP address and
default CallManager information.  Without a CallManager to communicate with,
the phones are not capable of any logical decisions (they receive all
information through TFTP files and RTP streams with the CallManager for
communication decisions).

Mike

- Original Message -
From: Osama Kamal 
To: 
Sent: Thursday, May 23, 2002 6:55 AM
Subject: IP phone [7:44803]


 Is it possible to configure Cisco IP phone from the phone set itself, and
 use it without Call Manager software?

 I need to use IP phone from home to place calls over internet without
 additional software or PC's, any idea?



 Regards

 Osama




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44810t=44803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IP phone [7:44803]

[Osama Kamal]

Is there any other IP phone that is capable of working as a stand alone voip
set?

Osama

-Original Message-
From: Michael J. Doherty [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 2:25 PM
To: Osama Kamal; [EMAIL PROTECTED]
Subject: Re: IP phone [7:44803]

The Cisco IP Phones are slave devices, incapable of independent thought (so
to speak).  While you can provide configuration parameters through the
telephone interface, you are limited to setting IP address, TFTP address and
default CallManager information.  Without a CallManager to communicate with,
the phones are not capable of any logical decisions (they receive all
information through TFTP files and RTP streams with the CallManager for
communication decisions).

Mike

- Original Message -
From: Osama Kamal 
To: 
Sent: Thursday, May 23, 2002 6:55 AM
Subject: IP phone [7:44803]


 Is it possible to configure Cisco IP phone from the phone set itself, and
 use it without Call Manager software?

 I need to use IP phone from home to place calls over internet without
 additional software or PC's, any idea?



 Regards

 Osama




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44811t=44803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Fwd: no lmi - dlci inactive - telco says my proble [7:44774]

[C restion]

Hmmmwho is your telco? For the old Concert network (now BT Ignite) I
know they use ANSI LMI with a keep-alive interval of 10 secs. Make sure your
settings match your telco's.

What I always advise to do is to use a sniffer to see what's actually going
on on the line. This way you can quickly identify if your router is
receiving the right LMI type at the interval the telco states.

Hth,
Crestion


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44812t=44774
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet Session Traces....Needing help! [7:44793]

[C restion]

Hey Mark,

First thing to do is use filters. Personally I use NAI's Sniffer Pro, which
quickly allows you to select a session based on IP addresses and/or
protocol. Ethereal should have this functionality as well.

First create a filter based on the server's IP address, and look for any
broadcast-traffic. This should quickly let you determine wether it's
keepalives are send as broadcast or unicast.

If you can't find any broadcast keep-alives (i.e. this is not the problem),
enhance your filter to show you one specific session. Check the entire
packetflow step-by-step and determine the set-up of the connection, data
transfer and finally the termination of the connection. This should give you
a better idea of what's going on. I'd recommend taking traces on both sides
of the connection (so both server and client side) and compare them.

Personally I don't think broadcast keep-alives are the problem, since
keep-alives imply terminating a connection after a certain amount of missed
keep-alives. And you already stated your server does not terminate the
session.

Anyway, hope this helps. 

Rgds,
Crestion




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44814t=44793
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DDR logging line opening ? [7:44798]

[C restion]

Use a sniffer in combination with this log. This will help you identify
which traffic opens the DDR link and which not.

If there are any other ways, let me know.

Rgds,
Crestion


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44815t=44798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: FW: PIX 515E routing issue [7:44749]

[Craig Columbus]

Just for grins, try removing the ip verify reverse-path statement.
 From CCO Before using this command, add static route command statements 
for every network that can be accessed on the interfaces you wish to 
protect. Only enable this command if routing is fully specified. Otherwise, 
PIX Firewall will stop traffic on the interface you specify if routing is 
not in place.

Hope this helps,
Craig




At 05:14 PM 5/22/2002 -0400, you wrote:
Oh yeah I'm running PIX 6.1(2)

-Original Message-
From: Jablonski, Michael
Sent: Wednesday, May 22, 2002 3:35 PM
To: 'Cisco Study List (E-mail)'
Subject: PIX 515E routing issue


Just recently installed a PIX 515E.  I can ping from the PIX to an outside
address (and inside box to ethernet on PIX); but trying to ping through the
PIX comes back as unreachable.  Basic layout as follows:

Netopia DSL Router  --  PIX 515E--  LAN


I'm using the default allow rule, along with the following access list...
everything else is pretty much default for now. (just want to try and get
connectivity)

access-list 100 permit icmp any any echo-reply
access-list 100 permit icmp any any time-exceeded
access-list 100 permit icmp any any unreachable
pager lines 24
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside 192.168.1.6 255.255.255.252
ip address inside 192.168.200.1 255.255.255.0
ip verify reverse-path interface outside
ip audit info action alarm
ip audit attack action alarm
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
access-group 100 in interface outside
route outside 0.0.0.0 0.0.0.0 192.168.1.5 1
timeout xlate 0:05:00
no sysopt route dnat

I've tried running RIP on it; didn't solve the problem.  Seems like the PIX
doesn't understand the default route.  I've cleared the arp table still no
luck
Any help is GREATLY appreciated
thanx

~~~
Michael Jablonski
ABN AMRO Asset Management Holdings, Inc.
161 North Clark St.
9th Flr
Chicago, IL  60601-2468
PH: 312.884.2996
FAX: 312.278.5550
~~~


This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the sender
by return e-mail and delete this message from your system. Any
unauthorized use or dissemination of this message in whole or in part
is strictly prohibited. Please note that e-mails are susceptible to
change. ABN AMRO Bank N.V. (including its group companies) shall not be
responsible nor liable for the proper and complete transmission of the
information contained in this communication nor for any delay in its
receipt or damage to your system. ABN AMRO Bank N.V. (or its group
companies) does not guarantee that the integrity of this communication
has been maintained nor that this communication is free of viruses,
interceptions or interference.





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44816t=44749
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Relation between port and interface [7:44804]

[R. Benjamin Kessler]

Jose,

Here's a snip that talks about your message...

http://www.cisco.com/warp/public/473/62.shtml#casestudy5:

Unfortunately, given their explanation, it doesn't really explain what
port 51 is now does it...

I know this is a cop out, but if you can you might want to look into
upgrading code on the cat3500 because later versions produce better
debug output.

Here's a sample that I took from one of my 3548's:

May 15 17:06:53: .0c07.ac01 has moved from port Gi0/2 
to port Fa0/12 in vlan 115
May 15 17:06:56: Addaddress .0c07.ac01, on port Gi0/1 vlan 115
May 15 17:06:56: .0c07.ac01 has moved from port Fa0/12 
to port Gi0/1 in vlan 115

The above is from a switch that I've been running 12.0(5)WC3b on for the
last three months.

HTH,

Ben


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jose Celestino
Sent: Thursday, May 23, 2002 6:02 AM
To: [EMAIL PROTECTED]
Subject: Relation between port and interface [7:44804]

So what's the relation between a port and an interface in a

IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.2)XU,
MAINTENANCE INTERIM SOFTWARE

when in debug ethernet-controller address.

For instance:

May 23 12:00:00 aaa.bbb.ccc.ddd 622964: 1y9w: 0050.8bd3.f768 has moved
from
port 10 to port 51 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622966: 1y9w: 0050.8bd3.f768 has moved
from
port 51 to port 10 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622968: 1y9w: 0002.a5e8.d9a1 has moved
from
port 39 to port 51 in vlan 1
May 23 12:00:00 aaa.bbb.ccc.ddd 622970: 1y9w: 0002.a5e8.d9a1 has moved
from
port 51 to port 39 in vlan 1

How can I locate port 39 and port 51 physically on the switch?

Is this int fa0/39 and gi 0/2 ?

-- 
Jose Celestino  SAPO.pt::Systems http://www.sapo.pt
-
Quod licet Iovi non licet bovi.
(What Jove may do, is not permitted to a cow.)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44817t=44804
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN BRI Simulator Comparison - way to expensi [7:44770]

[Joseph Carreira]

Another thing to consider, is that you can carry this simulator with you to
set-up test scenarios and configurations on site at any location, vs. having
real ISDN lines installed at one location.

I have a Merge 2000AFP and considering it abilities and portability, it is
worth the investment, and as previously stated, when I am done I can always
re-coup most if not all of my investment by re-selling through e-bay...


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44818t=44770
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet Session Traces....Needing help! [7:44793]

[Craig Columbus]

I think you've hit on something that's usually a problem with 
capturesthere's usually far too much data rather than too little.
The first place to start is by filtering the traffic capture based on the 
conversation that you want to follow.
In your case, you can filter on:
  the IP address of the server to the IP address of the client on the 
telnet port.
AND
  the IP address of the client to the IP address of the server on the 
telnet port.
AND
  the IP address of the client to the broadcast address (to note the 
suspected session keepalives).

Once you've gotten the conversation down to a manageable size, note the 
time that the client connects and look at the correlating traffic in your 
capture.
Note the time of the disconnect and look at the correlating traffic in your 
capture.  Now look at the traffic in the minutes before the disconnect.
It won't take long before you recognize conversations (syn,ack,fin) 
between the talkers.

It would be very helpful to see captures from both sides of the PIX.  This 
way it will be apparent if the server is sending something to the client 
that never makes it (or vice-versa).

Hope this helps.

Craig

P.S. - You may want to check you time-outs in your VPN configuration if you 
haven't already.  In most sample configs and in many production configs, 
the time-outs are set to 1800 seconds (30 minutes).  If your sessions are 
dying after 30 minutes, it may be that the tunnel is being disconnected.

At 02:27 AM 5/23/2002 -0400, you wrote:
To anybody that has experience with Sniffers. or more perhaps more
specifically, Priscilla-

I'm trying to hunt down the culprit of Telnet Session disconnects
without Administrative or User interaction to invoke such action.

The situation is Telnet clients on remote ends of PIX VPNs have their
sessions dropped without warning, and without Administrative action to
cause such sudden session endings.

All users that connect to the same Telnet Server on the local subnet
never experience this problem.  For the remote users that do experience
this problem, it usually occurs after roughly 30 minutes of inactivity.
This used to not be the case when all such remote clients were
connecting via private Frame Relay networks back to the Server in a
hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to
the Telnet Server's Private Network has this anomaly arisen.

The Telnet Server is a custom application service for Unidata DB Server
by Informix.  It uses the standard Telnet port, and runs on NT 4.0.  For
everything I can see in the registry referencing the Telnet App Service,
it doesn't specify any settings for keep-alive or session monitoring.

Also, from the Unidata Application Server's point of view, the Server
thinks the user is still connected, so it never clears the session.
When the user finds his/her application rendering a Pop-Up dialogue
stating that the session was disconnected, and asks if they want to
reconnect, they choose Yes naturally.  From the Server side, a second
session for that user is started, and the first session becomes an
orphan process (in my own words).  This of course then causes a
problem of exhausting the limited number of users licenses, and
eventually causes users to not be able to get back on the system until
the old orphaned processes are administratively cleared.

So, I open a case with Cisco, and they say Slap a Sniffer on the Server
side of the network, and see what is causing the disconnects.  They
also say that they are suspect that the Telnet Server is sending its
session keep-alives via Broadcast, and that by design of Security, the
VPN tunnels don't pass Broadcast Traffic.  The Sniffer capture is
supposed to prove or disprove this.

I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window
of data, but am at a loss as to how to identify the disconnect process
of a telnet session..Which is where I could use a few pointers.

Could someone tell me what to look for in a session trace that
identifies a sudden termination of a specific telnet session (most
probably initiated by the server)??

Unfortunately, I'm not a very well experienced person in following the
SYN, FIN, PSH, ACK, SYN ACK, etc. process.  But I want to learn!

If I had the time and money, I'd go take a Sniffer class, but that's
another story. so, in the mean time, if someone would be kind enough to
point me in a direction on how to interpret and follow a sniffer trace,
I'd be eternally greatful.

Thanks,
Mark




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44819t=44793
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX and MS Active Directory [7:44797]

[Patrick Donlon]

Brian
I've just found out from the guy testing the AD stuff that it doesn't even
work with static NAT translations, it'll only work with a static mapping
with the same address across the firewall. The bit that isn't working is the
replication between the servers

Cheers

Pat
--
email me on : [EMAIL PROTECTED]


Brian Hill  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Pat,

 Are the clients having the problem, or are the servers having the problem?
 If it's the servers, it's probably just RPC, but if it's the clients, it
 could be lots of things. What exactly isn't working?

 Brian Hill
 CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0),
 MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
 Lead Technology Architect, TechTrain
 Author: Cisco, The Complete Reference
 http://www.alfageek.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44820t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider backbone engineering [7:44778]

[Howard C. Berkowitz]

I'm responding to dre.

Howard C. Berkowitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  At 11:27 PM -0400 5/22/02, dre wrote:
The first key question to ask here:  what is the broad routing
paradigm?  Cold potato/closest exit or hot potato/best exit?
  
  For a peering routes example, yes best-exit/closest-exist problems
  are super high on the agenda.  However, that seems to be more of
  an IGP problem, and that's where regular knowledge of say, OSPF,
  is taken to a whole new level.

  Not necessarily an IGP problem, but possibly an edge router that
  classifies traffic, possibly with communities signaled to an
  aggregating router, or using policy routing to MPLS tunnels.

You really think that's likely?  I always saw it as:
same weight/local_pref - external route - same as-path - same
origin type - *then* MED (some people doing annoying internal
IGP metrics (based on fiber distances) to MED's, others doing more
intelligent, yet also annoying values that force you to do best-exit, but
end up costing you money until you local_pref and force shortest-exit,
and lastly smart people who tell you they are doing MED's based on
delay or congested peers or *ahem* antiquated equipment (can you
say AGS+?) and you listen to them because you are friends with the
guy or some equally similar situation).

Oh--I probably wasn't clear enough.  MED is really more appropriate 
as an interprovider route selection factor, where there is some real 
engineering consensus on what it means. Not necessarily just that you 
are providers, but it may be called for when you have a contractual 
relationship with the other provider for interprovider QoS.

For signaling from the customer to the provider, communities are more 
useful than MED. If you are MPLS traffic engineering enabled, you can 
use community to assign to an LSP appropriate to the forwarding 
equivalence class of shared destinations and QoS.  Even without MPLS, 
you can negotiate with the provider to pick a specific exit (e.g., 
I've done this to deliver to the POP closest to a different AS of the 
same enterprise, using private AS numbers)

Now, what's the next step if MED is the same?  Your IGP metric.
Boom.

Doing something like DS-TE (which it sounds like you are mentioning
as common practice for best-exit routing) is unheard of to me.

  Reversal routing concepts are common in the workplace and unheard
  of in any labs/certification courses.

  Are you mentioning reverse path verification as well?

Good catch. ;  Actually, I had the idea of reverse triggers using BGP
and source-specified routing a long time ago (to actually stop spoofed
addresses).  I sort of borrowed the concept from MAPS RBL's BGP
reverse trigger for stopping unsolicited commercial email and other
blackholing concepts.  Then Cisco (and now Juniper) started doing
this with a FIB and calling it uRPF.  Funny name for a simple concept.
Well I guess it's not very simple.  I'm still trying to get my head around
loose vs. strict uRPF and some of the strange ideas I've had recently
involving IRRToolSet peval and router configruations for strict mode
(or was that loose mode? heh).

As I think about the loose aspect, it's establishing a class of 
interfaces over which the update could have arrived rather than a 
single interface.  The class could consist of several interfaces of 
which destination-based load sharing has the update coming in a 
different interface than perfectly legitimate traffic.  You might 
also create a class with, let's say, a low-bandwidth, low-delay link 
for control traffic and a high-bandwidth, high-delay path for bulk 
data transfer.

 We've been learning a lot about that IGP metric direct translation
to
MED can be dangerous, and produce persistent oscillation. Those route
maps may be the better way to set MED.

http://www.ietf.org/internet-drafts/draft-ietf-idr-route-oscillation-01.txt

Ok well that's easy.  Implement your RR's correctly (duh).  And I
personally say Keep It Simple Stupid and use every possibility before
considering MED's (never do always-compare, but always use
deterministic when you do use MED's), and just stick to good old
IGP costing based on whatever you want (fiber distances, delay, etc),
but make it overly simple and easy.




One way to avoid using MED's is to call your peer and say hey can
you local_pref or change your IGP metric around this for me?.  That
generally works pretty well ;

  There also some unusual uses of MED, where IOS has knobs to implement
  certain behavior.  Always-compare-MED can compare the MEDs of
  different AS, as long as they are adjacent.  Avi Freedman had a
  presentation on an informal standard for exchange-point MED values,
  based on delay, at the Denver NANOG.

Wish there was more out there, but thanks for the pointers =]  Cisco
docs are lacking, and I hadn't seen those (woo!) 3 slides before.  I
guess something is better than nothing, so I'll stop complaining now.

  that's totally 

RE: IP phone [7:44803]

[Evans, TJ]

Ask Google ... he(she?) knows damn near everything.
Maybe Internet LineJACK fits the bill?

In general - looking for answers on your own is not a bad idea ...


Thanks!
TJ


-Original Message-
From: Osama Kamal [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 8:31 AM
To: [EMAIL PROTECTED]
Subject: RE: IP phone [7:44803]

Is there any other IP phone that is capable of working as a stand alone voip
set?

Osama

-Original Message-
From: Michael J. Doherty [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 2:25 PM
To: Osama Kamal; [EMAIL PROTECTED]
Subject: Re: IP phone [7:44803]

The Cisco IP Phones are slave devices, incapable of independent thought (so
to speak).  While you can provide configuration parameters through the
telephone interface, you are limited to setting IP address, TFTP address and
default CallManager information.  Without a CallManager to communicate with,
the phones are not capable of any logical decisions (they receive all
information through TFTP files and RTP streams with the CallManager for
communication decisions).

Mike

- Original Message -
From: Osama Kamal 
To: 
Sent: Thursday, May 23, 2002 6:55 AM
Subject: IP phone [7:44803]


 Is it possible to configure Cisco IP phone from the phone set itself, and
 use it without Call Manager software?

 I need to use IP phone from home to place calls over internet without
 additional software or PC's, any idea?



 Regards

 Osama
*
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter. 
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44822t=44803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP phone [7:44803]

[Steven A. Ridder]

Find an h.323 compliant device.


Osama Kamal  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Is there any other IP phone that is capable of working as a stand alone
voip
 set?

 Osama

 -Original Message-
 From: Michael J. Doherty [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, May 23, 2002 2:25 PM
 To: Osama Kamal; [EMAIL PROTECTED]
 Subject: Re: IP phone [7:44803]

 The Cisco IP Phones are slave devices, incapable of independent thought
(so
 to speak).  While you can provide configuration parameters through the
 telephone interface, you are limited to setting IP address, TFTP address
and
 default CallManager information.  Without a CallManager to communicate
with,
 the phones are not capable of any logical decisions (they receive all
 information through TFTP files and RTP streams with the CallManager for
 communication decisions).

 Mike

 - Original Message -
 From: Osama Kamal
 To:
 Sent: Thursday, May 23, 2002 6:55 AM
 Subject: IP phone [7:44803]


  Is it possible to configure Cisco IP phone from the phone set itself,
and
  use it without Call Manager software?
 
  I need to use IP phone from home to place calls over internet without
  additional software or PC's, any idea?
 
 
 
  Regards
 
  Osama




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44823t=44803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Boson CCIE BootCamp [7:44780]

[Joseph Carreira]

I attended a CCNA/CCDA course by GlobalNet Training, (which is affiliated
with Todd Lammle the author of many of the Sybex Cisco Series books). I
thought the course was Great... although I would not specifically call it a
bootcamp... There was no time spent discussing tests during class or lecture
and they did not use any testing material for study... The purpose of the
course was to give hands on training on using the cisco equipment (3 routers
and 1 switch per student)...

I studied on my own time after labs and lectures and used the time in class
appropriately to configure and re-configure the cisco gear... Passed the
exams within 2 weeks of attending the course, but felt I had some (minimal,
but some) experience instead of just book smarts...

Would I recommend the GlobalNet Training Course... Yes

In my opinion, for the higher level certs CCNP/CCIE $8000 could be spent on
some great equipment and study aids which you could use over and over again
to really gain hands on experience, and when finished with, could be
re-sold.. vs. 2 weeks in class... A co-worker just finished his CCNP...
without ever touching any set-based switches or most of the equipment
covered in the tests... Another went to a 2 week Windows 2000 MCSE
bootcamp... He came back an MCSE with no real world knowledge or experience
(and a 3 year, $300 per month loan committment)...

Good Luck in your decision... As you can tell by my slanted view, For my
CCNP/CCIE studies, I have opted to go the personal lab route...


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44813t=44780
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX and MS Active Directory [7:44797]

[John Allhiser]

Tell him to use SMTP for AD replication, and disable the fixup feature for
SMTP
on the PIX.

-Original Message-
From: Patrick Donlon [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 8:16 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX and MS Active Directory [7:44797]


Brian
I've just found out from the guy testing the AD stuff that it doesn't even
work with static NAT translations, it'll only work with a static mapping
with the same address across the firewall. The bit that isn't working is the
replication between the servers

Cheers

Pat
--
email me on : [EMAIL PROTECTED]


Brian Hill  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Pat,

 Are the clients having the problem, or are the servers having the problem?
 If it's the servers, it's probably just RPC, but if it's the clients, it
 could be lots of things. What exactly isn't working?

 Brian Hill
 CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0),
 MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
 Lead Technology Architect, TechTrain
 Author: Cisco, The Complete Reference
 http://www.alfageek.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44824t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DHCP problems [7:44825]

[Brian Zeitz]

I am having an issue with a 3550-24 Cisco switch and a windows 2000
Network. DHCP is not working correctly, I get sephamore timeouts on a
lot of the workstations. I set the port and the servers to 100M Full. Is
there anything else I should be looking for? Could there be something
preventing DCHP from working right, maybe it is not allowing a
broadcast. Maybe it is something simple, I guess this is a newbie
question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44825t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP problems [7:44825]

[Steven A. Ridder]

is portfast on the end-user ports?


Brian Zeitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I am having an issue with a 3550-24 Cisco switch and a windows 2000
 Network. DHCP is not working correctly, I get sephamore timeouts on a
 lot of the workstations. I set the port and the servers to 100M Full. Is
 there anything else I should be looking for? Could there be something
 preventing DCHP from working right, maybe it is not allowing a
 broadcast. Maybe it is something simple, I guess this is a newbie
 question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44826t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP problems [7:44825]

[Frank Hafta]

I have had to start and stop DHCP in the Past.  I run it on Linux now with
no problems.


Brian Zeitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I am having an issue with a 3550-24 Cisco switch and a windows 2000
 Network. DHCP is not working correctly, I get sephamore timeouts on a
 lot of the workstations. I set the port and the servers to 100M Full. Is
 there anything else I should be looking for? Could there be something
 preventing DCHP from working right, maybe it is not allowing a
 broadcast. Maybe it is something simple, I guess this is a newbie
 question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44827t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Banner MOTD [7:44828]

[Frank Hafta]

Can I put a banner on the PIX?  for ssh?  for telnet to the inside
interface?

THanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44828t=44828
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 515E routing issue [7:44749]

[Jablonski, Michael]

From the PIX, i can ping the inside workstations
I tried adding a permit all icmp rule  didn't work

did the no ip verify reverse-path statement and changed the outside
network from /30 to a /28.  This seemed to work.

Thanks for the help!!!
cheers,
mikej



-Original Message-
From: netman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 6:53 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX 515E routing issue [7:44749]


Can you ping a system on the inside?

From Pix - ping inside x.x.x.x 
To: 
Sent: Wednesday, May 22, 2002 4:14 PM
Subject: FW: PIX 515E routing issue [7:44749]


 Oh yeah I'm running PIX 6.1(2)

 -Original Message-
 From: Jablonski, Michael
 Sent: Wednesday, May 22, 2002 3:35 PM
 To: 'Cisco Study List (E-mail)'
 Subject: PIX 515E routing issue


 Just recently installed a PIX 515E.  I can ping from the PIX to an outside
 address (and inside box to ethernet on PIX); but trying to ping through
the
 PIX comes back as unreachable.  Basic layout as follows:

 Netopia DSL Router -- PIX 515E -- LAN


 I'm using the default allow rule, along with the following access list...
 everything else is pretty much default for now. (just want to try and get
 connectivity)

 access-list 100 permit icmp any any echo-reply
 access-list 100 permit icmp any any time-exceeded
 access-list 100 permit icmp any any unreachable
 pager lines 24
 interface ethernet0 10baset
 interface ethernet1 10full
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.1.6 255.255.255.252
 ip address inside 192.168.200.1 255.255.255.0
 ip verify reverse-path interface outside
 ip audit info action alarm
 ip audit attack action alarm
 arp timeout 14400
 global (outside) 1 interface
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 access-group 100 in interface outside
 route outside 0.0.0.0 0.0.0.0 192.168.1.5 1
 timeout xlate 0:05:00
 no sysopt route dnat

 I've tried running RIP on it; didn't solve the problem.  Seems like the
PIX
 doesn't understand the default route.  I've cleared the arp table still no
 luck
 Any help is GREATLY appreciated
 thanx

 ~~~
 Michael Jablonski
 ABN AMRO Asset Management Holdings, Inc.
 161 North Clark St.
 9th Flr
 Chicago, IL  60601-2468
 PH: 312.884.2996
 FAX: 312.278.5550
 ~~~

 
 This message (including any attachments) is confidential and may be
 privileged. If you have received it by mistake please notify the sender
 by return e-mail and delete this message from your system. Any
 unauthorized use or dissemination of this message in whole or in part
 is strictly prohibited. Please note that e-mails are susceptible to
 change. ABN AMRO Bank N.V. (including its group companies) shall not be
 responsible nor liable for the proper and complete transmission of the
 information contained in this communication nor for any delay in its
 receipt or damage to your system. ABN AMRO Bank N.V. (or its group
 companies) does not guarantee that the integrity of this communication
 has been maintained nor that this communication is free of viruses,
 interceptions or interference.
 
This message (including any attachments) is confidential and may be 
privileged. If you have received it by mistake please notify the sender 
by return e-mail and delete this message from your system. Any 
unauthorized use or dissemination of this message in whole or in part 
is strictly prohibited. Please note that e-mails are susceptible to 
change. ABN AMRO Bank N.V. (including its group companies) shall not be 
responsible nor liable for the proper and complete transmission of the 
information contained in this communication nor for any delay in its 
receipt or damage to your system. ABN AMRO Bank N.V. (or its group 
companies) does not guarantee that the integrity of this communication 
has been maintained nor that this communication is free of viruses, 
interceptions or interference.





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44829t=44749
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DDR logging line opening ? [7:44798]

[s vermill]

You may try adjusting your logging levels and see if you can get anything
more meaningful.  I don't have any ISDN interfaces or simulators at the
moment so please post back if you find anything good.

Herold Heiko wrote:
 
 Hello,
 ddr, dialer profiles, isdn (ininfluent though I think).
 When a connection comes up something like this is logged:
 
 %LINK-3-UPDOWN: Interface BRI1/0:2, changed state to up
 %DIALER-6-BIND: Interface BR1/0:2 bound to profile Di99
 %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI1/0:2,
 changed state to
 up
 %ISDN-6-CONNECT: Interface BRI1/0:2 is now connected to
 0123456789
 remotename
 
 Unfortunately that log is always the same, if the router itself
 called out
 or was called nothing changes. On the router itself at the
 moment it is easy
 to find that info (sh dialer, sh isdn hist, sh isdn act), but
 not in the
 logfile.
 
 The only way I found is keeping active debug dialer event,
 probably not the
 best thing on a production router.
 
 Any idea how to get some meaningfull log ?
 Thanks
 Heiko
 
 -- 
 -- PREVINET S.p.A.[EMAIL PROTECTED]
 -- Via Ferretto, 1ph  x39-041-5907073
 -- I-31021 Mogliano V.to (TV) fax x39-041-5907472
 -- ITALY
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44830t=44798
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP problems [7:44825]

[test toby]

I am not a guru in that area but start stop dhcp, dhcp use UDP broadcast and
port 67 and 68 see anythihg related to that for accesslist or something is
slowing down...even if you have some filter list for that can cause timeout.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44831t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QoS question [7:44832]

[TMS]

Hello

I have some questions about QoS. I have two T1 links (with BGP)
to diffrent ISP's. And I want set on my BGP router diffrent
QoS Policies. For example:

10.10.10.0/24 - subnet with highest priority (nearly guaranted)
10.10.10.1/24 - subnet with normal priority
10.10.10.2/24 - subnet with low priority

Which QoS technic is recommended in my configuration ?

best regards,

TMS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44832t=44832
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP problems [7:44825]

[Patrick Ramsey]

yeah aside from portfast I would suggest linux as well :)

check this out...

11:20am  up 487 days,  7:53,  1 user,  load average: 0.08, 0.02, 0.01

hehe

 Frank Hafta  05/23/02 10:43AM 
I have had to start and stop DHCP in the Past.  I run it on Linux now with
no problems.


Brian Zeitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I am having an issue with a 3550-24 Cisco switch and a windows 2000
 Network. DHCP is not working correctly, I get sephamore timeouts on a
 lot of the workstations. I set the port and the servers to 100M Full. Is
 there anything else I should be looking for? Could there be something
 preventing DCHP from working right, maybe it is not allowing a
 broadcast. Maybe it is something simple, I guess this is a newbie
 question :-) thanks for your help in advance.
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44833t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token ring Question. [7:44805]

[trevor gordon]

This is achieved by bit swapping. I do not know the complete ins and outs of
it but I has attached a URL which is a bit swapping tool which can be used
to verify translation.
http://www.cisco.com/cgi-bin/Support/Bitswap/bitswap.pl


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44835t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: QoS question [7:44832]

[Steven A. Ridder]

LLQ.


TMS  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello

 I have some questions about QoS. I have two T1 links (with BGP)
 to diffrent ISP's. And I want set on my BGP router diffrent
 QoS Policies. For example:

 10.10.10.0/24 - subnet with highest priority (nearly guaranted)
 10.10.10.1/24 - subnet with normal priority
 10.10.10.2/24 - subnet with low priority

 Which QoS technic is recommended in my configuration ?

 best regards,

 TMS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44834t=44832
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN BRI Simulator Comparison - way to expensi [7:44770]

[jeff sicuranza]

Try the following link...
http://www.cheapisdn.com/

for $1199 that is not bad. I may pick one up this week. I will use it for my
commercial lab I will be making available to potential CCNP/IE candidates in
the fall. Yeah, with my luck Cisco will remove it from the lab this summer.
My lab is in september...


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44836t=44770
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Passed the written... Now on to the lab!! [7:44442]

[Michael Williams]

Correct... I took the beta, then took the current written and
passed  Still don't know about passing the beta because it takes them
6-8 weeks to get you the results (actually, the last beta I took, I saw the
results on their tracking site a week before I received notification via the
mail).

If I had to bet, I would bet that I didn't pass the new written beta  I
also didn't study MPLS except to know some terms (which actually helped on a
couple of questions).

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44837t=2
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 515E routing issue [7:44749]

[Michael Eaves]

Mikej the problem doesn't seem to be in your access list it is in you
ip-ing.
With a /30 you are routing to the netid and not the other router.

 ip address outside 192.168.1.6 255.255.255.252
 route outside 0.0.0.0 0.0.0.0 192.168.1.5 1

192.168.1.1 Netid
192.168.1.2 host1
192.168.1.3 host2
192.168.1.4 Broadcast
192.168.1.5 Netid
192.168.1.6 host1
192.168.1.7 host2
192.168.1.8 Broadcast

Verify what the other routers ip is.

Hope this does it.
~M

-Original Message-
From: Jablonski, Michael [mailto:mike.jablonski@abnamrousa. com]
Sent: Thursday, May 23, 2002 10:07 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX 515E routing issue [7:44749]

From the PIX, i can ping the inside workstations
I tried adding a permit all icmp rule  didn't work

did the no ip verify reverse-path statement and changed the outside
network from /30 to a /28.  This seemed to work.

Thanks for the help!!!
cheers,
mikej

-Original Message-
From: netman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 6:53 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX 515E routing issue [7:44749]

Can you ping a system on the inside?

From Pix - ping inside x.x.x.x
To:
Sent: Wednesday, May 22, 2002 4:14 PM
Subject: FW: PIX 515E routing issue [7:44749]

 Oh yeah I'm running PIX 6.1(2)

 -Original Message-
 From: Jablonski, Michael
 Sent: Wednesday, May 22, 2002 3:35 PM
 To: 'Cisco Study List (E-mail)'
 Subject: PIX 515E routing issue


 Just recently installed a PIX 515E.  I can ping from the PIX to an
outside
 address (and inside box to ethernet on PIX); but trying to ping through
the
 PIX comes back as unreachable.  Basic layout as follows:

 Netopia DSL Router -- PIX 515E -- LAN


 I'm using the default allow rule, along with the following access
list...
 everything else is pretty much default for now. (just want to try and
get
 connectivity)

 access-list 100 permit icmp any any echo-reply
 access-list 100 permit icmp any any time-exceeded
 access-list 100 permit icmp any any unreachable
 pager lines 24
 interface ethernet0 10baset
 interface ethernet1 10full
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.1.6 255.255.255.252
 ip address inside 192.168.200.1 255.255.255.0
 ip verify reverse-path interface outside
 ip audit info action alarm
 ip audit attack action alarm
 arp timeout 14400
 global (outside) 1 interface
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 access-group 100 in interface outside
 route outside 0.0.0.0 0.0.0.0 192.168.1.5 1
 timeout xlate 0:05:00
 no sysopt route dnat
 I've tried running RIP on it; didn't solve the problem.  Seems like the
PIX
 doesn't understand the default route.  I've cleared the arp table still
no
 luck
 Any help is GREATLY appreciated
 thanx

 ~~~
 Michael Jablonski
 ABN AMRO Asset Management Holdings, Inc.
 161 North Clark St.
 9th Flr
 Chicago, IL  60601-2468
 PH: 312.884.2996
 FAX: 312.278.5550
 ~~~



 This message (including any attachments) is confidential and may be
 privileged. If you have received it by mistake please notify the sender
 by return e-mail and delete this message from your system. Any
 unauthorized use or dissemination of this message in whole or in part
 is strictly prohibited. Please note that e-mails are susceptible to
 change. ABN AMRO Bank N.V. (including its group companies) shall not be
 responsible nor liable for the proper and complete transmission of the
 information contained in this communication nor for any delay in its
 receipt or damage to your system. ABN AMRO Bank N.V. (or its group
 companies) does not guarantee that the integrity of this communication
 has been maintained nor that this communication is free of viruses,
 interceptions or interference.


This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the sender
by return e-mail and delete this message from your system. Any
unauthorized use or dissemination of this message in whole or in part
is strictly prohibited. Please note that e-mails are susceptible to
change. ABN AMRO Bank N.V. (including its group companies) shall not be
responsible nor liable for the proper and complete transmission of the
information contained in this communication nor for any delay in its
receipt or damage to your system. ABN AMRO Bank N.V. (or its group
companies) does not guarantee that the integrity of this communication
has been maintained nor that this communication is free of viruses,
interceptions or interference.
-- --

Message Posted at:
http://www .groupstudy.com/form/read.php?f=7i=44829t=44749
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/li
st/cisco.html
Report 

Removing stuff from our router [7:44839]

[Anil Gupte]

To remove this:

route-map MyISP-In permit 10
 match as-path 6
 set local-preference 200

Do I just do this?:
no route-map MyISP-In permit 10

Also, to remove:
ip as-path access-list 1 permit ^[0-9]*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit ^1234$
ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$

Do I just?:
no ip as-path access-list 1 permit ^[0-9]*
no ip as-path access-list 2
no ip as-path access-list 3


Also what is that permit ^$ and permit ^[0-9]* for?  What does it do?

Thanx for the help.

Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44839t=44839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP problems [7:44825]

[Davis, Scott [ISE/RAC]]

Is your DHCP server connected to this switch and are the workstations in
question and the DHCP server on the same subnet/VLAN. If not you need to use
ip helper addresses on the L3 device between them. Are any workstations able
to get DHCP addresses from the server? Is the DHCP scope active?

-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 9:20 AM
To: [EMAIL PROTECTED]
Subject: DHCP problems [7:44825]


I am having an issue with a 3550-24 Cisco switch and a windows 2000
Network. DHCP is not working correctly, I get sephamore timeouts on a
lot of the workstations. I set the port and the servers to 100M Full. Is
there anything else I should be looking for? Could there be something
preventing DCHP from working right, maybe it is not allowing a
broadcast. Maybe it is something simple, I guess this is a newbie
question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44840t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Banner MOTD [7:44828]

[test toby]

yes


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44841t=44828
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token ring Question. [7:44805]

[Priscilla Oppenheimer]

He said the router is acting as a translation (sic) bridge. So the router 
(bridge) address does not come into play. The router (bridge) translates 
the non-canonical TR address to a canonical Ethernet address. The bridge 
reverses the bits in each byte of the address.

We have had many discussions on how to do this. It's as simple as writing 
your name backwards. For example, let's say one byte was 4A in hex.

Put that in binary, one digit at a time.

   4A
0100 1010

Now write it backwards:

0101 0010

Put it back in hex:

52

If this seems mysterious or difficult to apply in a generic fashion to any 
hex representation of a byte, then it's not time yet to go for CCIE.

Priscilla

At 08:20 AM 5/23/02, C restion wrote:
Hi Ivan,

Mac addresses only have local significance. So for your scenario, host X
sends a packet with it's own MAC address as the source and the router TR
interface as the destination MAC address. The router then rebuilds the
packet and sends it out the ethernet interface with the Ethernet interface
as the source MAc address and host Y as the destination MAC address.

Hth,
Crestion


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44842t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

setting spped and duplex on cisco 4700 IOS 11 [7:44844]

[sam sneed]

I'm trying to force an interface to 10 MB full duplex on a 4700 router. The
docemntation for 4700 is not on cisco's site. Does anyone know the command.
Also doing a show int does not tell whether is running at half or full
duplex and the speed. Thanks in advance.

Cisco-4700#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1997 by cisco Systems, Inc.
Cisco-4700#sh int e1
Ethernet1 is up, line protocol is up
  Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b)
  Description: To Internal Ethernet
  Internet address is 62.119.136.65/29
  MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 17/255
  Encapsulation ARPA, loopback not set, keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of show interface counters 00:06:34
  Queueing strategy: fifo
  Output queue 0/150, 0 drops; input queue 0/150, 0 drops
  5 minute input rate 135000 bits/sec, 121 packets/sec
  5 minute output rate 676000 bits/sec, 146 packets/sec
 51738 packets input, 7410570 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 0 input packets with dribble condition detected
 62904 packets output, 35275588 bytes, 0 underruns
 0 output errors, 612 collisions, 0 interface resets
 0 babbles, 0 late collision, 685 deferred
 0 lost carrier, 0 no carrier
 0 output buffer failures, 0 output buffers swapped out
Cisco-4700#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44844t=44844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

filtering Nimda on content switch [7:44843]

[[EMAIL PROTECTED]]

Hi,

Did anyone tried filtering Nimda Virus on the content switch.I have
configured it but do not see that it is filtering the virus, the show
summary is not showing the counter incrementing  even though the IDS
reports Nimda.

Here is what I configured,Created a HTTP header group and rule  which will
look at the http header request for the strings .ida , cmd.exe, default.ida
and x.ida and if found should direct this to the Dummy service which points
to a nonexisting server.

Any inputs regarding this be helpful


!* HEADER FIELD GROUP *
header-field-group .ida
  header-field .ida request-line contain .ida

header-field-group cmd.exe
  header-field cmd.exe request-line contain cmd.exe

header-field-group default.ida
  header-field default.ida request-line contain default.ida

header-field-group root.exe
  header-field root.exe request-line contain root.exe

header-field-group x.ida
  header-field x.ida request-line contain x.ida

!*** OWNER ***


 content block_.ida
   url /*
   protocol tcp
   port 80
   header-field-rule .ida weight 0
   add service dummy
   active

 content block_cmd.exe
   url /*
   protocol tcp
   port 80
   header-field-rule cmd.exe weight 0
   add service dummy
   active

 content block_default.ida
   header-field-rule default.ida weight 0
   add service dummy
   protocol tcp
   port 80
   url /*
   active

 content block_root.exe
   protocol tcp
   port 80
   url /*
   header-field-rule root.exe weight 0
   add service dummy
   active

 content block_x.ida
   protocol tcp
   port 80
   url /*
   header-field-rule x.ida weight 0
   add service dummy
   active


!** SERVICE **
service dummy
  ip address 10.10.10.10
  keepalive type none
  active





Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44843t=44843
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Passed the written... Now on to the lab!! [7:44442]

[Creighton Bill-BCREIGH1]

Do you know when the current 350-001 is set to expire?

-Original Message-
From: Frank Merrill [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, May 22, 2002 11:05 PM
To: [EMAIL PROTECTED]
Subject: RE: Passed the written... Now on to the lab!! [7:2]

Michael L. Williams wrote:
 


 (just to echo what others have said) If you're anywhere close
 to ready to
 take the written, do it now!  I took the beta for the new
 written, and it's
 much different.  Aside from information on routing protocols,



I assume this means you took the Beta, and then also took the current
version (maybe assuming you didn't pass the Beta??) and passed that?

fm




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44845t=2
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Removing stuff from our router [7:44839]

[Scott H.]

Removing the route map and as-path filters will work the way you have it (if
you do no route-map MyISP-In it will remove the entire route-map), but you
should also remove the neighbor statements in your config. that reference
these things.  By looking at the configs., I'm assuming this is in a lab
environment and not a real implementation.

permit ^$ is simply permitting an empty as path.  In other words, only
routes originating in the local AS will be permitted.  It's a common way to
ensure that your AS does not become transit for somebody else's traffic.

permit ^[0-9]* is a little more complicated.  This statement is saying to
permit zero or more instances of a number between 0 and 9.  Do a search on
CCO for AS path filters and you should find some good info. to help you on
your way.

HTH,
Scott
CCIE #9340

Anil Gupte  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 To remove this:

 route-map MyISP-In permit 10
  match as-path 6
  set local-preference 200

 Do I just do this?:
 no route-map MyISP-In permit 10

 Also, to remove:
 ip as-path access-list 1 permit ^[0-9]*
 ip as-path access-list 2 permit ^$
 ip as-path access-list 3 permit ^1234$
 ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$

 Do I just?:
 no ip as-path access-list 1 permit ^[0-9]*
 no ip as-path access-list 2
 no ip as-path access-list 3


 Also what is that permit ^$ and permit ^[0-9]* for?  What does it do?

 Thanx for the help.

 Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44846t=44839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: filtering Nimda on content switch [7:44843]

[Steven A. Ridder]

You can do it on the router (before it gets to CSS) with NBAR and
rate-limiting.  I know that works.


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Did anyone tried filtering Nimda Virus on the content switch.I have
 configured it but do not see that it is filtering the virus, the show
 summary is not showing the counter incrementing  even though the IDS
 reports Nimda.

 Here is what I configured,Created a HTTP header group and rule  which will
 look at the http header request for the strings .ida , cmd.exe,
default.ida
 and x.ida and if found should direct this to the Dummy service which
points
 to a nonexisting server.

 Any inputs regarding this be helpful


 !* HEADER FIELD GROUP *
 header-field-group .ida
   header-field .ida request-line contain .ida

 header-field-group cmd.exe
   header-field cmd.exe request-line contain cmd.exe

 header-field-group default.ida
   header-field default.ida request-line contain default.ida

 header-field-group root.exe
   header-field root.exe request-line contain root.exe

 header-field-group x.ida
   header-field x.ida request-line contain x.ida

 !*** OWNER ***


  content block_.ida
url /*
protocol tcp
port 80
header-field-rule .ida weight 0
add service dummy
active

  content block_cmd.exe
url /*
protocol tcp
port 80
header-field-rule cmd.exe weight 0
add service dummy
active

  content block_default.ida
header-field-rule default.ida weight 0
add service dummy
protocol tcp
port 80
url /*
active

  content block_root.exe
protocol tcp
port 80
url /*
header-field-rule root.exe weight 0
add service dummy
active

  content block_x.ida
protocol tcp
port 80
url /*
header-field-rule x.ida weight 0
add service dummy
active


 !** SERVICE **
 service dummy
   ip address 10.10.10.10
   keepalive type none
   active





 Kind Regards /Thangavel

 186K
 Reading,Brkshire
 Direct No   -0118 9064259
 Mobile No  -07796292416
 Post code: RG16LH
 www.186k.co.uk

 --
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela

 



 **
 This e-mail is from 186k Ltd and is intended only for the
 addressee named above. As this e-mail may contain confidential
 or priveleged information, if you are not the named addressee or
 the person responsible for delivering the message to the named
 addressee, please advise the sender by return e-mail. The
 contents should not be disclosed to any other person nor copies
 taken.
 186k Ltd is a Lattice Group company, registered in England
  Wales No. 3751494 Registered Office 130 Jermyn Street
 London SW1Y 4UR
 **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44847t=44843
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Removing stuff from our router [7:44839]

[Roberts, Larry]

Yes, that will remove the route-map.
The ip as-path access-list stuff are called regular expressions.
If you are running BGP on this router, I would Highly recommend leaving this
stuff alone. 
You really need to provide more information about what this router is doing
and include its config ( sans PW'D and use xxx's for IP's )

That ip as-path access-list is most likely restricting the propagation of
BGP paths through your network. If this is an edge router that is receiving
the full internet routes ( 115K as of yesterday ), this *could* be setup to
restrict to certain ones only. If you have a downstream neighbor that is
using you as a transit AS, these are most likely the ASN's that they are
reaching through you.

These would allow ASN's :
1-9,blank(internal routes) and ( I think...) 123400-123499, although Im not
sure on the last one without my reference book in front of me.



Thanks

Larry 

-Original Message-
From: Anil Gupte [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 11:04 AM
To: [EMAIL PROTECTED]
Subject: Removing stuff from our router [7:44839]


To remove this:

route-map MyISP-In permit 10
 match as-path 6
 set local-preference 200

Do I just do this?:
no route-map MyISP-In permit 10

Also, to remove:
ip as-path access-list 1 permit ^[0-9]*
ip as-path access-list 2 permit ^$
ip as-path access-list 3 permit ^1234$
ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$

Do I just?:
no ip as-path access-list 1 permit ^[0-9]*
no ip as-path access-list 2
no ip as-path access-list 3


Also what is that permit ^$ and permit ^[0-9]* for?  What does it do?

Thanx for the help.

Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44848t=44839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Token ring Question. [7:44805]

[Priscilla Oppenheimer]

At 07:25 AM 5/23/02, Ivan wrote:
Hi all,

I have a interest question, doesn't any one know the answer?

A router is being used as a translation bridge between a Token Ring network
and an Ethernet network. Host X on the Token ring sends a packet to Host Y
on the Ethernet. The soursce MAC address of the packet is 400.a089.0002.

That's not a valid address. A MAC address is 48 bits or 6 bytes. In hex a 
byte is written with 2 digits. So the address must have 12 digits.

I assume you are missing a 0 and that you meant to say: 4000.a089.0002

The bridge will translate the non-canonical address to canonical (see my 
other message and numerous other messages on that computing 101 topic).

On the other hand, maybe the question expects you to know these other
details:

The first byte of that address in binary is:

0100

Token Ring transmits the most significant bit first. (the one in the 2^7 
position).

IEEE says that the first bit transmitted is the Specific/Group bit. (A 
group address is used for multicast and broadcast).

0 = Specific
1 = Group

So this is a specific address. No problem. Ethernet can handle that (and 
could handle a multicast or broadcast too, of course.)

IEEE says that the second bit transmitted is the Globally 
Administered/Locally Administered bit.

0 = Global
1 = Local

So this is a locally-administered address. Although IEEE 802.3 (Ethernet) 
does officially support locally-administered addresses, they aren't often 
used on Ethernet. So that's a minor issue.

The second byte is


IEEE 802.5 (Token Ring) says that the least significant bit of the second 
byte is the Functional/Non Functional address. IEEE 802.3 (Ethernet) does 
not say this and does not support functional addresses.

0 = Functional
1 = Non functional

So here we have a slightly more interesting issue. This is a functional 
address. Ethernet won't recognize that it's a functional address, however. 
 From a troubleshooting viewpoint, you would want to figure out what 
function this was supposed to carry out on the Token Ring side. Whatever 
it was, it's not going to also get carried out on the Ethernet side. For 
most functional addresses, this isn't an issue. The well-known ones are 
used for purposes such as:

Sending to the active monitor (which doesn't exist on Ethernet)
Sending to the ring parameter server (which doesn't exist on Ethernet)
Sending to LAN manager (which doesn't exist on Ethernet)
etc.
You get the picture

This particular address is one that I don't recognize though. It may be 
used for a proprietary (non-standard) function on the Token Ring side.

Perhaps you are expected to know these sorts of things to answer this 
question correctly.

Priscilla


  How
would the MAC address be interpreted in an Ethernet environment?

does anyone know the answer? thank you.

Ivan


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44849t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RE: PIX 515E routing issue [7:44749]

[[EMAIL PROTECTED]]

Mike Wrote:

 192.168.1.1 Netid
 192.168.1.2 host1
 192.168.1.3 host2
 192.168.1.4 Broadcast
 192.168.1.5 Netid
 192.168.1.6 host1
 192.168.1.7 host2
 192.168.1.8 Broadcast

This is not correct with a /30 subnet mask.

This is the correct numbering.

192.168.1.0 Netid
192.168.1.1 host 1
192.168.1.2 host 2
192.168.1.3 Broadcast
192.168.1.4 Netid
192.168.1.5 host 1
192.168.1.6 host 2
192.168.1.7 Broadcast
192.168.1.8 Netid

If the outside address was .5 and the route outside statement was everything
to .6 this would be correct syntax...

HTH,

Stephen Manuel




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44850t=44749
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Support Beta exam results [7:44853]

[Peter Walker]

Folks

Just a quick question, I took the CCNP Beta on March 18 and am still 
awaiting the results. Does anyone have any experience of just how long I 
have to wait for the results.  I am checking the cert tracker every day and 
am starting to realize that I dont have the patience to wait for Beta exam 
results :-). Its frustrating to know that a friend who took the standard 
exam two months after me has his results :-)

Should I be concerned that I havent received my results yet?

Peter Walker




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44853t=44853
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: filtering Nimda on content switch [7:44843]

[Patrick Ramsey]

I've also used nbar...works well...

go here.

http://www.cisco.com/warp/public/63/nimda.shtml 

there is also a list of supported platforms

 Steven A. Ridder  05/23/02 01:10PM 
You can do it on the router (before it gets to CSS) with NBAR and
rate-limiting.  I know that works.


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Did anyone tried filtering Nimda Virus on the content switch.I have
 configured it but do not see that it is filtering the virus, the show
 summary is not showing the counter incrementing  even though the IDS
 reports Nimda.

 Here is what I configured,Created a HTTP header group and rule  which will
 look at the http header request for the strings .ida , cmd.exe,
default.ida
 and x.ida and if found should direct this to the Dummy service which
points
 to a nonexisting server.

 Any inputs regarding this be helpful


 !* HEADER FIELD GROUP *
 header-field-group .ida
   header-field .ida request-line contain .ida

 header-field-group cmd.exe
   header-field cmd.exe request-line contain cmd.exe

 header-field-group default.ida
   header-field default.ida request-line contain default.ida

 header-field-group root.exe
   header-field root.exe request-line contain root.exe

 header-field-group x.ida
   header-field x.ida request-line contain x.ida

 !*** OWNER ***


  content block_.ida
url /*
protocol tcp
port 80
header-field-rule .ida weight 0
add service dummy
active

  content block_cmd.exe
url /*
protocol tcp
port 80
header-field-rule cmd.exe weight 0
add service dummy
active

  content block_default.ida
header-field-rule default.ida weight 0
add service dummy
protocol tcp
port 80
url /*
active

  content block_root.exe
protocol tcp
port 80
url /*
header-field-rule root.exe weight 0
add service dummy
active

  content block_x.ida
protocol tcp
port 80
url /*
header-field-rule x.ida weight 0
add service dummy
active


 !** SERVICE **
 service dummy
   ip address 10.10.10.10
   keepalive type none
   active





 Kind Regards /Thangavel

 186K
 Reading,Brkshire
 Direct No   -0118 9064259
 Mobile No  -07796292416
 Post code: RG16LH
 www.186k.co.uk 

 --
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela

 



 **
 This e-mail is from 186k Ltd and is intended only for the
 addressee named above. As this e-mail may contain confidential
 or priveleged information, if you are not the named addressee or
 the person responsible for delivering the message to the named
 addressee, please advise the sender by return e-mail. The
 contents should not be disclosed to any other person nor copies
 taken.
 186k Ltd is a Lattice Group company, registered in England
  Wales No. 3751494 Registered Office 130 Jermyn Street
 London SW1Y 4UR
 **
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44851t=44843
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]

[M.C. van den Bovenkamp]

sam sneed wrote:

 I'm trying to force an interface to 10 MB full duplex on a 4700 router.

No can do, unless it's an NP-2E-FDX. If so, the command (in interface
config) would be 'full-duplex'

See
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2e_fdx.htm
for that.

 The
 docemntation for 4700 is not on cisco's site. Does anyone know the command.

It is. See the link above  one level up. Most of the rest is IOS docs.

 Also doing a show int does not tell whether is running at half or full
 duplex and the speed.

That's because the NP you have (NP-2E or NP-6E?) can't do anything but
10/half, so it doesn't display it. There would be a 'hdx' or 'fdx' if it
did, something like this:

Encapsulation ARPA, loopback not set, keepalive not set, hdx, 100BaseTX

This is from a FE interface, obviously, but it should look similar with
a NP-2E-FDX.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44854t=44844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet Session Traces....Needing help! [7:44793]

[Priscilla Oppenheimer]

See comments in line.

At 02:27 AM 5/23/02, Mark Odette II wrote:
To anybody that has experience with Sniffers. or more perhaps more
specifically, Priscilla-

I'm trying to hunt down the culprit of Telnet Session disconnects
without Administrative or User interaction to invoke such action.

The situation is Telnet clients on remote ends of PIX VPNs have their
sessions dropped without warning, and without Administrative action to
cause such sudden session endings.

All users that connect to the same Telnet Server on the local subnet
never experience this problem.  For the remote users that do experience
this problem, it usually occurs after roughly 30 minutes of inactivity.
This used to not be the case when all such remote clients were
connecting via private Frame Relay networks back to the Server in a
hub-n-spoke fashion.. Only since the switch to VPNs for connectivity to
the Telnet Server's Private Network has this anomaly arisen.

The Telnet Server is a custom application service for Unidata DB Server
by Informix.  It uses the standard Telnet port, and runs on NT 4.0.  For
everything I can see in the registry referencing the Telnet App Service,
it doesn't specify any settings for keep-alive or session monitoring.

How about the clients? Do they have some setting for keepalive or 
disconnecting after no activity?

How about the VPN software? It might have something like that. I would 
definitely focus on the VPN aspects since that's the one thing you say that 
changed.


Also, from the Unidata Application Server's point of view, the Server
thinks the user is still connected, so it never clears the session.
When the user finds his/her application rendering a Pop-Up dialogue
stating that the session was disconnected, and asks if they want to
reconnect, they choose Yes naturally.  From the Server side, a second
session for that user is started, and the first session becomes an
orphan process (in my own words).  This of course then causes a
problem of exhausting the limited number of users licenses, and
eventually causes users to not be able to get back on the system until
the old orphaned processes are administratively cleared.

So, I open a case with Cisco, and they say Slap a Sniffer on the Server
side of the network, and see what is causing the disconnects.  They
also say that they are suspect that the Telnet Server is sending its
session keep-alives via Broadcast

A server sending its keepalives via broadcast sounds extremely unlikely. 
Ask that this be escalated to a more senior TAC engineer?! ;-) (On the 
other hand, they see a lot of strange things and probably wouldn't say this 
unless they had seen something similar. So there may be some germ of truth 
in it.)

But, from the symptoms that you are experiencing, I would put the sniffer 
on the client side, not the server side. You said the server still thinks 
the session is open. It probably didn't send anything. Actually put a 
sniffer on both sides to get the best results.

, and that by design of Security, the
VPN tunnels don't pass Broadcast Traffic.  The Sniffer capture is
supposed to prove or disprove this.

I put a Sniffer (Ethereal on Windows 2K) out and collected a Time Window
of data, but am at a loss as to how to identify the disconnect process
of a telnet session..Which is where I could use a few pointers.

A good sniffer would let you search for the text FIN in the detail. Also, 
be sure to set up a filter for Telnet traffic just from that server so 
you'll have less data to look at.


Could someone tell me what to look for in a session trace that
identifies a sudden termination of a specific telnet session (most
probably initiated by the server)??

Either FIN or maybe RST (reset).


Unfortunately, I'm not a very well experienced person in following the
SYN, FIN, PSH, ACK, SYN ACK, etc. process.  But I want to learn!

That's what you have to do. You just have to follow it, packet by packet. 
There's no magic. It just takes practice and a willingness to spend lots of 
time studying the details.


If I had the time and money, I'd go take a Sniffer class, but that's
another story.

You may not need a class, if you have the time to work on it yourself. Good 
luck. Let us know the resolution! Thanks.

Priscilla

so, in the mean time, if someone would be kind enough to
point me in a direction on how to interpret and follow a sniffer trace,
I'd be eternally greatful.

Thanks,
Mark


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44855t=44793
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]

[MADMAN]

I don't think a 4700 supports 10M full duplex.  I have one running
12.0.16 in the lab and it doesn't support it.

  The 4700 doc is on CCO though:

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/index.htm

  Dave

sam sneed wrote:
 
 I'm trying to force an interface to 10 MB full duplex on a 4700 router. The
 docemntation for 4700 is not on cisco's site. Does anyone know the command.
 Also doing a show int does not tell whether is running at half or full
 duplex and the speed. Thanks in advance.
 
 Cisco-4700#sh ver
 Cisco Internetwork Operating System Software
 IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE
(fc1)
 Copyright (c) 1986-1997 by cisco Systems, Inc.
 Cisco-4700#sh int e1
 Ethernet1 is up, line protocol is up
   Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b)
   Description: To Internal Ethernet
   Internet address is 62.119.136.65/29
   MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 17/255
   Encapsulation ARPA, loopback not set, keepalive set (10 sec)
   ARP type: ARPA, ARP Timeout 04:00:00
   Last input 00:00:00, output 00:00:00, output hang never
   Last clearing of show interface counters 00:06:34
   Queueing strategy: fifo
   Output queue 0/150, 0 drops; input queue 0/150, 0 drops
   5 minute input rate 135000 bits/sec, 121 packets/sec
   5 minute output rate 676000 bits/sec, 146 packets/sec
  51738 packets input, 7410570 bytes, 0 no buffer
  Received 0 broadcasts, 0 runts, 0 giants
  0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
  0 input packets with dribble condition detected
  62904 packets output, 35275588 bytes, 0 underruns
  0 output errors, 612 collisions, 0 interface resets
  0 babbles, 0 late collision, 685 deferred
  0 lost carrier, 0 no carrier
  0 output buffer failures, 0 output buffers swapped out
 Cisco-4700#
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44856t=44844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: filtering Nimda on content switch [7:44843]

[[EMAIL PROTECTED]]

Passed the BSCN test, it's got some difficult questions with a few 
cupcakes here and there. Just like everyone else has said, know your 
BGP, OSPF, and EIGRP as well as a tad of IGRP and RIP. No surprises 
there. I used the Cisco Press book by Clare Gough, not a great book but 
I guess it got the job done. Probably won't be able to get in switching 
before the new exam.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44857t=44843
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Token ring Question. [7:44805]

[Priscilla Oppenheimer]

I just noticed that I misplaced the functional/non-functional bit. I hate 
that! ;-)

The functional/non-functional bit is the most significant bit of the 3rd 
byte (not the least significant bit of the 2nd byte as I said before.)

So, the address is:

4000.a089.0002

0100  1010 ...

First bit transmitted (most significant of 1st byte) is 0 (specific)
Second bit transmitted is 1 (locally-administered)
Most significant bit of the third byte is 1 (non-functional)

That makes more sense now that I see he was referring to a source address. 
A source address shouldn't be a functional address.

Priscilla

At 01:17 PM 5/23/02, Priscilla Oppenheimer wrote:
At 07:25 AM 5/23/02, Ivan wrote:
 Hi all,
 
 I have a interest question, doesn't any one know the answer?
 
 A router is being used as a translation bridge between a Token Ring
network
 and an Ethernet network. Host X on the Token ring sends a packet to Host Y
 on the Ethernet. The soursce MAC address of the packet is 400.a089.0002.

That's not a valid address. A MAC address is 48 bits or 6 bytes. In hex a
byte is written with 2 digits. So the address must have 12 digits.

I assume you are missing a 0 and that you meant to say: 4000.a089.0002

The bridge will translate the non-canonical address to canonical (see my
other message and numerous other messages on that computing 101 topic).

On the other hand, maybe the question expects you to know these other
details:

The first byte of that address in binary is:

0100

Token Ring transmits the most significant bit first. (the one in the 2^7
position).

IEEE says that the first bit transmitted is the Specific/Group bit. (A
group address is used for multicast and broadcast).

0 = Specific
1 = Group

So this is a specific address. No problem. Ethernet can handle that (and
could handle a multicast or broadcast too, of course.)

IEEE says that the second bit transmitted is the Globally
Administered/Locally Administered bit.

0 = Global
1 = Local

So this is a locally-administered address. Although IEEE 802.3 (Ethernet)
does officially support locally-administered addresses, they aren't often
used on Ethernet. So that's a minor issue.

The second byte is


IEEE 802.5 (Token Ring) says that the least significant bit of the second
byte is the Functional/Non Functional address. IEEE 802.3 (Ethernet) does
not say this and does not support functional addresses.

0 = Functional
1 = Non functional

So here we have a slightly more interesting issue. This is a functional
address. Ethernet won't recognize that it's a functional address, however.
  From a troubleshooting viewpoint, you would want to figure out what
function this was supposed to carry out on the Token Ring side. Whatever
it was, it's not going to also get carried out on the Ethernet side. For
most functional addresses, this isn't an issue. The well-known ones are
used for purposes such as:

Sending to the active monitor (which doesn't exist on Ethernet)
Sending to the ring parameter server (which doesn't exist on Ethernet)
Sending to LAN manager (which doesn't exist on Ethernet)
etc.
You get the picture

This particular address is one that I don't recognize though. It may be
used for a proprietary (non-standard) function on the Token Ring side.

Perhaps you are expected to know these sorts of things to answer this
question correctly.

Priscilla


   How
 would the MAC address be interpreted in an Ethernet environment?
 
 does anyone know the answer? thank you.
 
 Ivan


Priscilla Oppenheimer
http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44852t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: setting spped and duplex on cisco 4700 IOS 11 [7:44844]

[Nick Harris]

Sam,

It depends on the module installed in the 4700. The NP-2E-FDX supports
Full Duplex, but the other Ethernet (NP-6E I believe) modules do not.

Configuration examples for duplex settings on the NP-2D-FDX can be found
here:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2
e_fdx.htm

(watch for wrap)

HTH,
Nick

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
sam sneed
Sent: Thursday, May 23, 2002 11:05 AM
To: [EMAIL PROTECTED]
Subject: setting spped and duplex on cisco 4700 IOS 11 [7:44844]


I'm trying to force an interface to 10 MB full duplex on a 4700 router.
The docemntation for 4700 is not on cisco's site. Does anyone know the
command. Also doing a show int does not tell whether is running at half
or full duplex and the speed. Thanks in advance.

Cisco-4700#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 4500 Software (C4500-IS-M), Version 11.2(5), RELEASE SOFTWARE
(fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Cisco-4700#sh int
e1 Ethernet1 is up, line protocol is up
  Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b)
  Description: To Internal Ethernet
  Internet address is 62.119.136.65/29
  MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load
17/255
  Encapsulation ARPA, loopback not set, keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of show interface counters 00:06:34
  Queueing strategy: fifo
  Output queue 0/150, 0 drops; input queue 0/150, 0 drops
  5 minute input rate 135000 bits/sec, 121 packets/sec
  5 minute output rate 676000 bits/sec, 146 packets/sec
 51738 packets input, 7410570 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 0 input packets with dribble condition detected
 62904 packets output, 35275588 bytes, 0 underruns
 0 output errors, 612 collisions, 0 interface resets
 0 babbles, 0 late collision, 685 deferred
 0 lost carrier, 0 no carrier
 0 output buffer failures, 0 output buffers swapped out Cisco-4700#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44858t=44844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP problems [7:44825]

[Brian Zeitz]

Yes, the DHCP server is. Portfast is not enabled on any of the devices
or servers. It's a simple LAN setup. Yes everything should be on VLAN1
since I didn't change anything \on the switch. Also, everything is on
the same subnet. The scope is set, the workstations DO get them
eventually. But I get a lot of errors in their event logs, and they have
problems logging in sometimes. Something must not be set right. Thanks
for your help. Maybe I need to read up on portfast.

-Original Message-
From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 12:02 PM
To: Brian Zeitz; '[EMAIL PROTECTED]'
Subject: RE: DHCP problems [7:44825]

Is your DHCP server connected to this switch and are the workstations in
question and the DHCP server on the same subnet/VLAN. If not you need to
use
ip helper addresses on the L3 device between them. Are any workstations
able
to get DHCP addresses from the server? Is the DHCP scope active?

-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 9:20 AM
To: [EMAIL PROTECTED]
Subject: DHCP problems [7:44825]


I am having an issue with a 3550-24 Cisco switch and a windows 2000
Network. DHCP is not working correctly, I get sephamore timeouts on a
lot of the workstations. I set the port and the servers to 100M Full. Is
there anything else I should be looking for? Could there be something
preventing DCHP from working right, maybe it is not allowing a
broadcast. Maybe it is something simple, I guess this is a newbie
question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44859t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

any dynamic routing for dial-peers? [7:44860]

[Steven A. Ridder]

Does anyone at Cisco know if a dynamic routing-like protocol will be coming
out for h.323 zones or dial-peers?  It's seems to be a pain to statically
enter in dial-peers for all routers and h.323 zones.

--
RFC 1149 Compliant

Get in my head:
http://sar.dynu.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44860t=44860
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Removing stuff from our router [7:44839]

[Anil Gupte]

No, this is a real implementation on our network.  Since I am not even a
CCNA yet (maybe in a couple of weeks), I wanted to make sure I would not
break something.  I just substituted names and AS numbers.  I am hopefully
going to take advanced routing and learn more about the BGP soon after my
test.

Thanx,
Anil Gupte

- Original Message -
From: Scott H. 
To: 
Sent: Thursday, May 23, 2002 12:09 PM
Subject: Re: Removing stuff from our router [7:44839]


 Removing the route map and as-path filters will work the way you have it
(if
 you do no route-map MyISP-In it will remove the entire route-map), but
you
 should also remove the neighbor statements in your config. that reference
 these things.  By looking at the configs., I'm assuming this is in a lab
 environment and not a real implementation.

 permit ^$ is simply permitting an empty as path.  In other words, only
 routes originating in the local AS will be permitted.  It's a common way
to
 ensure that your AS does not become transit for somebody else's traffic.

 permit ^[0-9]* is a little more complicated.  This statement is saying to
 permit zero or more instances of a number between 0 and 9.  Do a search on
 CCO for AS path filters and you should find some good info. to help you on
 your way.

 HTH,
 Scott
 CCIE #9340

 Anil Gupte  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  To remove this:
 
  route-map MyISP-In permit 10
   match as-path 6
   set local-preference 200
 
  Do I just do this?:
  no route-map MyISP-In permit 10
 
  Also, to remove:
  ip as-path access-list 1 permit ^[0-9]*
  ip as-path access-list 2 permit ^$
  ip as-path access-list 3 permit ^1234$
  ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$
 
  Do I just?:
  no ip as-path access-list 1 permit ^[0-9]*
  no ip as-path access-list 2
  no ip as-path access-list 3
 
 
  Also what is that permit ^$ and permit ^[0-9]* for?  What does it
do?
 
  Thanx for the help.
 
  Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44862t=44839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RIP default routing [7:44863]

[John Dorffler]

In both the Caslow (1E p. 349) and Solie (p. 625) books it is stated that if
you are running RIPv1, and if you put a default route using ip route
0.0.0.0 0.0.0.0 on one of the routers, a default route is automagically
injected into the RIP process. I am sure I have seen this before working as
a lab-rat (oops not that again) but I cannot reproduce it now. I am using
three 2500 series routers and have tried all combinations of statements and
wiring. I am now wondering if it is a matter of IOS versioning. I just put
on the IP version of 12.1.15, which was just put out a few days ago. Has
anybody got this to work, and if so, with what version of IOS? By the way,
ip default-network works just fine.

Thank you,
John Dorffler
CCIE #6677




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44863t=44863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]

[Robert Kulagowski]

I remember downloading the tutorial a few years ago.  Looks like it's gone
now - google shows it on the 3com website, but when you go there all you get
is a blank page that says Technical Papers.  Doing a search on the 3Com
website doesn't come up with any hits.  Other links on google all point back
to various places on the 3Com website that don't exist anymore.

Anyone still have the original PDF?



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44865t=44865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP problems [7:44825]

[M.C. van den Bovenkamp]

Brian Zeitz wrote:

 problems logging in sometimes. Something must not be set right. Thanks
 for your help. Maybe I need to read up on portfast.

Yup. That will probably fix it.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44864t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: setting spped and duplex on cisco 4700 IOS 11 [7:44844]

[sam sneed]

Thanks alot.
I can't believe it can't run full duplex.
Piece of sh*t!


M.C. van den Bovenkamp  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 sam sneed wrote:

  I'm trying to force an interface to 10 MB full duplex on a 4700 router.

 No can do, unless it's an NP-2E-FDX. If so, the command (in interface
 config) would be 'full-duplex'

 See

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis4000/2e_fd
x.htm
 for that.

  The
  docemntation for 4700 is not on cisco's site. Does anyone know the
command.

 It is. See the link above  one level up. Most of the rest is IOS docs.

  Also doing a show int does not tell whether is running at half or full
  duplex and the speed.

 That's because the NP you have (NP-2E or NP-6E?) can't do anything but
 10/half, so it doesn't display it. There would be a 'hdx' or 'fdx' if it
 did, something like this:

 Encapsulation ARPA, loopback not set, keepalive not set, hdx, 100BaseTX

 This is from a FE interface, obviously, but it should look similar with
 a NP-2E-FDX.

 Regards,

 Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44866t=44844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN-BRI [7:44867]

[jb]

Team,
I have two routers with a BRI module, which cable should I used in order for
each router be able to talk to the other via ISDN. I do not have an ISDN
simulater..

J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44867t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Support Beta exam results [7:44853]

[Creighton Bill-BCREIGH1]

I took the beta exam for the next-generation BCRAN (640-605) around Mar. 15
and still have heard anything. I was told then that it would be 8 - 12 weeks
and that the website would be the only notification. If it goes beyond 12
weeks call the exam administrator (either Prometric or Vue)

-Original Message-
From: Peter Walker [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 12:37 PM
To: [EMAIL PROTECTED]
Subject: Support Beta exam results [7:44853]

Folks

Just a quick question, I took the CCNP Beta on March 18 and am still 
awaiting the results. Does anyone have any experience of just how long I 
have to wait for the results.  I am checking the cert tracker every day and 
am starting to realize that I dont have the patience to wait for Beta exam 
results :-). Its frustrating to know that a friend who took the standard 
exam two months after me has his results :-)

Should I be concerned that I havent received my results yet?

Peter Walker




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44868t=44853
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP problems [7:44825]

[sam sneed]

Without portfast, it can take up to about 40 seconds for the network
connection to come up on the workstatsion. This document is the one your
looking for:

http://www.cisco.com/warp/public/473/100.html

Brian Zeitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Yes, the DHCP server is. Portfast is not enabled on any of the devices
 or servers. It's a simple LAN setup. Yes everything should be on VLAN1
 since I didn't change anything \on the switch. Also, everything is on
 the same subnet. The scope is set, the workstations DO get them
 eventually. But I get a lot of errors in their event logs, and they have
 problems logging in sometimes. Something must not be set right. Thanks
 for your help. Maybe I need to read up on portfast.

 -Original Message-
 From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, May 23, 2002 12:02 PM
 To: Brian Zeitz; '[EMAIL PROTECTED]'
 Subject: RE: DHCP problems [7:44825]

 Is your DHCP server connected to this switch and are the workstations in
 question and the DHCP server on the same subnet/VLAN. If not you need to
 use
 ip helper addresses on the L3 device between them. Are any workstations
 able
 to get DHCP addresses from the server? Is the DHCP scope active?

 -Original Message-
 From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, May 23, 2002 9:20 AM
 To: [EMAIL PROTECTED]
 Subject: DHCP problems [7:44825]


 I am having an issue with a 3550-24 Cisco switch and a windows 2000
 Network. DHCP is not working correctly, I get sephamore timeouts on a
 lot of the workstations. I set the port and the servers to 100M Full. Is
 there anything else I should be looking for? Could there be something
 preventing DCHP from working right, maybe it is not allowing a
 broadcast. Maybe it is something simple, I guess this is a newbie
 question :-) thanks for your help in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44870t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN-BRI [7:44867]

[Steven A. Ridder]

I believe any cable with pins 3456 active will work.


jb  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Team,
 I have two routers with a BRI module, which cable should I used in order
for
 each router be able to talk to the other via ISDN. I do not have an ISDN
 simulater..

 J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44872t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP problems [7:44825]

[Patrick Ramsey]

portfast is a must man When a client comes online the port goes active
immediately so any requests go out.  (you can see this action on the
switch...the light will go straight to green instead of flickering orange)

While the led is flickering orange, you have no connectivity.  so if the
client makes it's request then, the server will not ever get the packet.

-Patrick

 Brian Zeitz  05/23/02 02:18PM 
Yes, the DHCP server is. Portfast is not enabled on any of the devices
or servers. It's a simple LAN setup. Yes everything should be on VLAN1
since I didn't change anything \on the switch. Also, everything is on
the same subnet. The scope is set, the workstations DO get them
eventually. But I get a lot of errors in their event logs, and they have
problems logging in sometimes. Something must not be set right. Thanks
for your help. Maybe I need to read up on portfast.

-Original Message-
From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 12:02 PM
To: Brian Zeitz; '[EMAIL PROTECTED]' 
Subject: RE: DHCP problems [7:44825]

Is your DHCP server connected to this switch and are the workstations in
question and the DHCP server on the same subnet/VLAN. If not you need to
use
ip helper addresses on the L3 device between them. Are any workstations
able
to get DHCP addresses from the server? Is the DHCP scope active?

-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, May 23, 2002 9:20 AM
To: [EMAIL PROTECTED] 
Subject: DHCP problems [7:44825]


I am having an issue with a 3550-24 Cisco switch and a windows 2000
Network. DHCP is not working correctly, I get sephamore timeouts on a
lot of the workstations. I set the port and the servers to 100M Full. Is
there anything else I should be looking for? Could there be something
preventing DCHP from working right, maybe it is not allowing a
broadcast. Maybe it is something simple, I guess this is a newbie
question :-) thanks for your help in advance.
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44869t=44825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RIP default routing [7:44863]

[Larry Letterman]

I have several 2501 routers and a couple of 4500's
at home running 12.1 and rip1 with static routes is working
as you describe.


Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
John Dorffler
Sent: Thursday, May 23, 2002 11:34 AM
To: [EMAIL PROTECTED]
Subject: RIP default routing [7:44863]


In both the Caslow (1E p. 349) and Solie (p. 625) books it is stated that if
you are running RIPv1, and if you put a default route using ip route
0.0.0.0 0.0.0.0 on one of the routers, a default route is automagically
injected into the RIP process. I am sure I have seen this before working as
a lab-rat (oops not that again) but I cannot reproduce it now. I am using
three 2500 series routers and have tried all combinations of statements and
wiring. I am now wondering if it is a matter of IOS versioning. I just put
on the IP version of 12.1.15, which was just put out a few days ago. Has
anybody got this to work, and if so, with what version of IOS? By the way,
ip default-network works just fine.

Thank you,
John Dorffler
CCIE #6677




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44871t=44863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX and MS Active Directory [7:44797]

[Brian Hill]

John,

SMTP only works if you have two sites in two different domains. In addition,
you have to have an exchange server with KMS and a CA to encrypt. Pat, I
would suggest creating a tunnel from pix to pix and running the replication
through there. AD uses RPC, which doesn't translate due to the fact that it
uses random port numbers after the initial session establishment.

Brian Hill
CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), 
MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
Lead Technology Architect, TechTrain
Author: Cisco, The Complete Reference
http://www.alfageek.com


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44874t=44797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider backbone engineering (was: Logic and Lab Rats) [7:44875]

[Cisco Nuts]

Great reply, Thanks!


From: Howard C. Berkowitz 
Reply-To: Howard C. Berkowitz 
To: [EMAIL PROTECTED]
Subject: Provider backbone engineering (was: Logic and Lab Rats) [7:44743]
Date: Wed, 22 May 2002 15:42:01 -0400

At 7:03 PM + 5/22/02, Cisco Nuts wrote:
 Could you elaborate on the backbone engineering is at a level far
 more specialized and complex than the CCIE level, and there haven't
 been formalized ways to learn it.
 
 I would love to know more about what you actually mean?
 
 Thank you.
 
 Regards.
 

:-) well, my book on the subject, Building Service Provider
Networks, should be about to ship.

Seriously, let's talk about several areas, beginning with BGP.  Every
BGP scenario I've seen or or heard of in the CCIE context, at best,
looks at an extremely simple configuration with rules NEVER used in
the real world.  A few contrasts:

-- in the real world, it's VERY rare to redistribute between a dynamic IGP
 and BGP. Sure, there are exceptions, but they are VERY carefully 
chosen.
 A provider backbone CANNOT survive having 100,000-plus routes in its
 IGP, nor should it.
-- In provider use, the main purpose of the IGP (or multiple instances of 
an
 IGP) is to maintain connectivity among BGP routers.  You may have a
 separate IGP instance for each POP or group of POPs.
-- To connect customers, there is MUCH more use of static and default 
routes.
 You could not possibly run a provider network with the CCIE lab rule 
of
 no statics or defaults.
-- AS paths are longer and more complex than you can create with six or
 so routers.
-- There's a HUGE amount of things to be concerned with that aren't 
strictly
 configuration, such as justifying/obtaining/managing address space,
 intercarrier relationships involving both economics and cooperative
 troubleshooting, DNS management, protecting against distributed denial
 of service, etc.
-- BGP communities are far more important than in typical scenarios.
 You need to know why and when to set up your own, learn the values of
 communities set by other AS and under what circumstances you should 
act
 on them, etc.
-- You may be dealing literally thousands of routers in your own network,
 interconnected with thousands of enterprise networks. You may also 
have
 a complex ATM, SONET, MPLS, or other intelligent sub-IP technology 
that
 must coordinate with the IP.
-- There's a different viewpoint on convergence.  It's generally accepted
 among large providers and researchers that the worldwide BGP table
 never truly converges -- changes come too fast. We have to work in 
that
 environment.
-- Customers frequently multihome in ways that require coordinating between
 their providers, even when those providers are competitors.
-- As opposed to an enterprise network where SOMEBODY is in control, the
 provider space involves cooperative anarchy.  One AS fouling up its
 configuration can and has had worldwide effects.


These are just a start.  There are other people that can comment on
some of the differences.  Peter van Oene (yes, I'm volunteering you)
is one with lots of good experience.  There are others, and this
actually might be an interesting thread.
--
What Problem are you trying to solve?
***send Cisco questions to the list, so all can benefit -- not
directly to me***

Howard C. Berkowitz  [EMAIL PROTECTED]
Chief Technology Officer, GettLab/Gett Communications 
http://www.gettlabs.com
Technical Director, CertificationZone.com http://www.certificationzone.com
retired Certified Cisco Systems Instructor (CID) #93005
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44875t=44875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN-BRI [7:44867]

[Steven A. Ridder]

I'm going to guess that it would need to be crossover as well, but I'm not
sure. Probaly though.


Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I believe any cable with pins 3456 active will work.


 jb  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Team,
  I have two routers with a BRI module, which cable should I used in order
 for
  each router be able to talk to the other via ISDN. I do not have an ISDN
  simulater..
 
  J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44873t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Provider Backbone Engineering and CCIEs [7:44876]

[Ron Trunk]

Howard and dre,
First of all, thanks for the excellent thread!  You've given me a great deal
of information about service provider issues.  I was dimly aware of some of
them, but now I see how they really affect ISP operations.  I've printed out
the whole thread and when I can get some quiet time away from the wife and
kids (ha!), I'm going to go over it in detail.  Thanks for all the links
too!  It's helpful to know what the best things to read are.

At the risk of extended an already belabored subject, I did want to comment
on the whole CCIE issue.  I'm not sure it's fair to blame Cisco for not
making the lab exam deal with real-life issues, especially those for service
providers.  Cisco's goal, after all, is not to make great network engineers,
but to make engineers who are proficient with all of Cisco's features and
functions.  That is why some of the lab scenarios are a bit contrived, and
also why you should be fired for trying to use some of those features on a
real network.  Cisco's aim is to make sure CCIEs know how to configure a
Cisco router to solve any problem, even those that shouldn't be solved with
a router!

You guys have obviously great expertise in a relatively specialized field.
Should everyone have to understand all these issues before they can rightly
call themselves a network engineer?  How many SP jobs are there at that
level, especially in today's market?  I would love to be able to specialize
like you have, but the realities of my job require me to be conversant in
everything Cisco sells.  To use Howard's medical analogy, while I want to
master neurosurgery, I work in the ER and have to deal with everything from
heart attacks to broken bones to earwax.

To push the medical analogy just a bit farther, I think having the CCIE is
like graduating from medical school.  You have mastered a body of knowledge
and have earned the right to put letters after your name, but no one is
going to give you a scalpel until you have completed a lengthy internship.
That's where the experience comes in.   It's important to know where to cut.
It is even more important to know when not to cut.

Ron Trunk, CCIE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44876t=44876
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Removing stuff from our router [7:44839]

[Scott H.]

I wouldn't suggest playing with this until you really understand what you
are doing.  You could do some major damage to your network.

Anil Gupte  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 No, this is a real implementation on our network.  Since I am not even a
 CCNA yet (maybe in a couple of weeks), I wanted to make sure I would not
 break something.  I just substituted names and AS numbers.  I am hopefully
 going to take advanced routing and learn more about the BGP soon after my
 test.

 Thanx,
 Anil Gupte

 - Original Message -
 From: Scott H.
 To:
 Sent: Thursday, May 23, 2002 12:09 PM
 Subject: Re: Removing stuff from our router [7:44839]


  Removing the route map and as-path filters will work the way you have it
 (if
  you do no route-map MyISP-In it will remove the entire route-map), but
 you
  should also remove the neighbor statements in your config. that
reference
  these things.  By looking at the configs., I'm assuming this is in a lab
  environment and not a real implementation.
 
  permit ^$ is simply permitting an empty as path.  In other words, only
  routes originating in the local AS will be permitted.  It's a common way
 to
  ensure that your AS does not become transit for somebody else's traffic.
 
  permit ^[0-9]* is a little more complicated.  This statement is saying
to
  permit zero or more instances of a number between 0 and 9.  Do a search
on
  CCO for AS path filters and you should find some good info. to help you
on
  your way.
 
  HTH,
  Scott
  CCIE #9340
 
  Anil Gupte  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   To remove this:
  
   route-map MyISP-In permit 10
match as-path 6
set local-preference 200
  
   Do I just do this?:
   no route-map MyISP-In permit 10
  
   Also, to remove:
   ip as-path access-list 1 permit ^[0-9]*
   ip as-path access-list 2 permit ^$
   ip as-path access-list 3 permit ^1234$
   ip as-path access-list 3 permit ^1234_[0-9]*_[0-9]*$
  
   Do I just?:
   no ip as-path access-list 1 permit ^[0-9]*
   no ip as-path access-list 2
   no ip as-path access-list 3
  
  
   Also what is that permit ^$ and permit ^[0-9]* for?  What does it
 do?
  
   Thanx for the help.
  
   Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44878t=44839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN-BRI [7:44867]

[Erich Kuehn]

You cant do this with ISDN, from what I know if you want to simulate an ISDN
link you NEED either an ISDN simulator or actual ISDN line.

Erich

-Original Message-
From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] 
Sent: May 23, 2002 12:25
To: [EMAIL PROTECTED]
Subject: Re: ISDN-BRI [7:44867]


I'm going to guess that it would need to be crossover as well, but I'm not
sure. Probaly though.


Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I believe any cable with pins 3456 active will work.


 jb  wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Team,
  I have two routers with a BRI module, which cable should I used in 
  order
 for
  each router be able to talk to the other via ISDN. I do not have an 
  ISDN simulater..
 
  J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44877t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]

[Mike Sweeney]

Go to http://www.packetattack.com/downloads.html

About halfway down the page I have PDF versions posted. 3 files.

MikeS



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44879t=44865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN-BRI [7:44867]

[Steven A. Ridder]

You can use a 3600 to simulate the ISDN switch.

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Erich Kuehn  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 You cant do this with ISDN, from what I know if you want to simulate an
ISDN
 link you NEED either an ISDN simulator or actual ISDN line.

 Erich

 -Original Message-
 From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
 Sent: May 23, 2002 12:25
 To: [EMAIL PROTECTED]
 Subject: Re: ISDN-BRI [7:44867]


 I'm going to guess that it would need to be crossover as well, but I'm not
 sure. Probaly though.


 Steven A. Ridder  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I believe any cable with pins 3456 active will work.
 
 
  jb  wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Team,
   I have two routers with a BRI module, which cable should I used in
   order
  for
   each router be able to talk to the other via ISDN. I do not have an
   ISDN simulater..
  
   J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44880t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]

[Robert Kulagowski]

Yes, that's the one.  Google is usually pretty good; the best link it gave
me was
http://www.3com.com/corpinfo/en_US/technology/tech_paper.jsp?DOC_ID=135 and
that's the one that came up with the blank page.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44882t=44865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Chuck Semeria's IP Addressing Tutorial - Gone? [7:44865]

[Gaz]

Is this the one you're after?

http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf



Robert Kulagowski  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I remember downloading the tutorial a few years ago.  Looks like it's gone
 now - google shows it on the 3com website, but when you go there all you
get
 is a blank page that says Technical Papers.  Doing a search on the 3Com
 website doesn't come up with any hits.  Other links on google all point
back
 to various places on the 3Com website that don't exist anymore.

 Anyone still have the original PDF?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44881t=44865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN-BRI [7:44867]

[Gaz]

Steven,

Quick - someone else is using your computer :-)

Have you really got a cable that connects two ISDN ports together. If it's
cheaper than my ISDN simulator I'll order two.

Have I misunderstood the question, or did you?


Gaz


Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm going to guess that it would need to be crossover as well, but I'm not
 sure. Probaly though.


 Steven A. Ridder  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I believe any cable with pins 3456 active will work.
 
 
  jb  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Team,
   I have two routers with a BRI module, which cable should I used in
order
  for
   each router be able to talk to the other via ISDN. I do not have an
ISDN
   simulater..
  
   J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44884t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: any dynamic routing for dial-peers? [7:44860]

[Priscilla Oppenheimer]

At 02:19 PM 5/23/02, Steven A. Ridder wrote:
Does anyone at Cisco know if a dynamic routing-like protocol will be coming
out for h.323 zones or dial-peers?  It's seems to be a pain to statically
enter in dial-peers for all routers and h.323 zones.

Interesting question! It sort of relates to that CCIE lab rat conversation 
we had that included a line something like Do the PBX guys know VoIP? 
This is the other way around.

With dial peers, you're doing the sort of nitty-gritty administrative work 
that PBX administrators have done for years. Whether some protocols will be 
designed to make it easier and more dynamic or not, I don't know. It's a 
good idea, but it might involve some philosophical paradigm shifts. Now I'm 
sounding like an old-timer. ;-) Seriously it might take a youngster who 
wouldn't even consider that the task is extremely difficult for both 
technical and philosophical reasons.

That's my 0.0010 cents.

Priscilla


--
RFC 1149 Compliant

Get in my head:
http://sar.dynu.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44883t=44860
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passed the qualification exam [7:44885]

[Richard Wilson]

Hi

I passed the written today but it feels like a hollow
victory.  The exam is a tired old beast and needs to
be brought up to date.  Im sure the new one will be a
big improvement.  

The idea of the qualification exam is to screen
candidates for the lab.  This one doesnt seem to do a
very good job of that.  To pass this exam and think
that youre ready would be a sad mistake.  

I would rather have a tough qualification exam and a
high success rate at the lab than the other way
around.

I was shocked to find that several of the on-line
study guides have violated the NDA and offer test
questions copied directly from the real exam.  To
anyone who tries to take shortcuts and sneak by I can
only say, Dont even think about it, you will just
fail the lab.

For preparation I used Caslow and that pretty well
covers it.  I thought the book was light on the
protocols, but so is the exam.

You certainly do need to know token ring and how to
read RIFs.  You really dont need to do any math to
answer the questions.  If you know how things work,
the correct answer pops right out at you.

Anyway, its now time to start climbing the big
mountain.  I hope to be ready in six months.  

I have a small lab at home with five routers and a
couple of switches.  I plan to practice my skills on
those and expand the lab as needed.  For the big
stuff, Ill use the on-line labs and maybe do a boot
camp when Im almost ready.

This group has been a big help and sometimes provides
great entertainment.  I hope we dont get too serious
and start filtering the flame wars.  That would be a
shame.

Richard



__
Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience
http://launch.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44885t=44885
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Interface Resets [7:44791]

[Michael L. Williams]

Zero.

Seriously tho   I don't like to see many interface resets.

Mike W.

Sujal G. Ajmera  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Is there any acceptable limit for this?

 Thanks,

 Sujal

 [GroupStudy.com removed an attachment of type application/ms-tnef which
had
 a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44888t=44791
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco IDS 4230 - sensor software [7:44887]

[Himanshu A. Dhinoja]

Hi all,

I needed the IDs sensor software version 2.5(0) S0  - URGENTLY !!!
Apparently this is not Cisco CCO downloadable anymore since version 3.0 is
now available . However, I just have to have the 2.5 version

Any help will be GREATLY appreciated in locating this software, wouldn't
even mind paying .. as I need this urgently

thank you,

HD




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44887t=44887
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Passed the written... Now on to the lab!! [7:44442]

[Michael L. Williams]

Not for sure Cisco moved pretty quick on the other betas I took, so I
would think sometime in July or August but I read someone else say
September or so.

Mike W.

Creighton Bill-BCREIGH1  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Do you know when the current 350-001 is set to expire?

 -Original Message-
 From: Frank Merrill [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, May 22, 2002 11:05 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Passed the written... Now on to the lab!! [7:2]

 Michael L. Williams wrote:
 


  (just to echo what others have said) If you're anywhere close
  to ready to
  take the written, do it now!  I took the beta for the new
  written, and it's
  much different.  Aside from information on routing protocols,



 I assume this means you took the Beta, and then also took the current
 version (maybe assuming you didn't pass the Beta??) and passed that?

 fm




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44886t=2
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Token ring Question. [7:44805]

[Michael L. Williams]

This is correct if the router is acting as a router but when the router
is bridging, this is no longer true.

To answer your question, Ivan,  you would simply perform bitswapping on the
TR MAC to find the ethernet equivalent.

There were a series of posts on this topic (some by me) that specifically
lay out this process in both Hex and binary.  Do a quick search for messages
from the past couple of weeks for the work 'bitswapping' and you'll find
them.

HTH,
Mike W.

C restion  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Ivan,

 Mac addresses only have local significance. So for your scenario, host X
 sends a packet with it's own MAC address as the source and the router TR
 interface as the destination MAC address. The router then rebuilds the
 packet and sends it out the ethernet interface with the Ethernet interface
 as the source MAc address and host Y as the destination MAC address.

 Hth,
 Crestion




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44889t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IS-IS distribute list? [7:44890]

[Mike Bernico]

Is there an ISIS equivalent to the following command?

!
router ospf 10
distribute-list 15 out serial 3/0
!

I realize I can filter during redistribution in and out of ISIS with route
maps, and filter with route leaking, etc.  I need to be able to filter a
router out between two L2 ISIS routers.


thanks
Mike

---
Mike Bernico [EMAIL PROTECTED]
Illinois Century Network  http://www.illinois.net




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44890t=44890
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Token ring Question. [7:44805]

[Michael L. Williams]

Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 If this seems mysterious or difficult to apply in a generic fashion to any
 hex representation of a byte, then it's not time yet to go for CCIE.

Thank you for verifying my feelings about this.  As you may, or may not,
have seen the conversations on this topic of late,  I may have stepped on
peoples toes a bit with my attitude toward learning binary, but i still
stand by what I said.. (which, in case you missed out (LOL), was Learn
binary. computers are binary. networks are binary  this is not
rocket science!!  =)

Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44891t=44805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

test [7:44893]

[Reza Sharifi]

test




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44893t=44893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN-BRI [7:44867]

[Steven A. Ridder]

Here's the links I have seen from in this group.  Maybe it is only for PRI,
but some do talk about BRI's.

pad

pad

pad

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
t/121t3/dt_q931.htm

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
t/121t2/dt_qsig.htm

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
limit/121x/121xi/121xi_3/dt_brint.htm

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Jeff Harris  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I thought you could only back-to-back a PRI this way?

 --

 Jeff Harris - Cisco/Unix Engineer
 CCNA, CCNP Routing, Remote Access Passed


 On Thu, May 23, 2002 at 04:33:48PM -0400, Steven A. Ridder wrote:
  You can use a 3600 to simulate the ISDN switch.
 
  --
 
  RFC 1149 Compliant.
  Get in my head:
  http://sar.dynu.com
 
 
  Erich Kuehn  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   You cant do this with ISDN, from what I know if you want to simulate
an
  ISDN
   link you NEED either an ISDN simulator or actual ISDN line.
  
   Erich
  
   -Original Message-
   From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
   Sent: May 23, 2002 12:25
   To: [EMAIL PROTECTED]
   Subject: Re: ISDN-BRI [7:44867]
  
  
   I'm going to guess that it would need to be crossover as well, but I'm
 not
   sure. Probaly though.
  
  
   Steven A. Ridder  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I believe any cable with pins 3456 active will work.
   
   
jb  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Team,
 I have two routers with a BRI module, which cable should I used in
 order
for
 each router be able to talk to the other via ISDN. I do not have
an
 ISDN simulater..

 J




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44895t=44867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]