date:20020624

Re: Flash upgrade problems [7:46990]

2002-06-24 Thread Wesley


I'd always thought there was a specific way of inserting the flash chip
regardless of where it's 'facing'.

Odd thing is I tried loading the IOS (v11.2) on two separate flash chips.
Tried it on two different routers (2511 and 2523), had the same errors.
Loaded a 12.0 and the errors just disappeared. I'm just waiting for the time
when I upgrade to an IOS that requires 16MB. Hope this same thing doesnt
happen again. Weird!

Wesley

Daniel Cotts  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 face a different way?? Sounds like Flash meant for a 4500/3600 etc that
 runs IOS from Memory rather than from Flash. That Flash is slower. You can
 use 2500 Flash in 4500s but I don't believe the reverse is true. I'm
 assuming that you have a newer version of Boot ROMs that are more
 understanding of different vendor's Flash.

 --Original Message-
  From: Karen Menpes [mailto:[EMAIL PROTECTED]]
  Sent: Sunday, June 23, 2002 4:14 PM
  To: [EMAIL PROTECTED]
  Subject: RE: Flash upgrade problems [7:46990]
 
 
  I had this issue when I tried to install an 8MB flash memory
  chip into an
  old 2500 series router.
 
  I eventually had to purchase a 4MB chip to make up the flash
  memory to a
  total of only 8MB ! This 4MB memory module worked OK. It
  seems that some
  older Cisco 2500 series routers just don't like the new 8MB
  memory modules
  simply because they face a different way when they are installed.
 
  Karen




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47281t=46990
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cat 6k IOS upgrade failure [7:47282]

2002-06-24 Thread Patrick Donlon


I attempted to upgrade a Cat6K on Sunday with little success, shame as the
5Ks worked a treat. If I show the steps below if anyone can point out where
I went wrong.
Here's the IOS version I started with: IOS (tm) c6sup2_rp Software
(c6sup2_rp-IS-M), Version 12.1(3a)E4
I wanted the load this version of IOS c6sup12-is-mz.121-4.E3 which is an IP
image.

I copied the image into the bootflash of the Cat6k, here's the file below:
CAT6k#sh bootflash:
-#- ED --type-- --crc--- -seek-- nlen -length- -date/time-- name
1   .. image6031AC06  206DF4   25  1600884 Aug 02 2001 18:36:39
c6msfc2-boot-mz.121-3a.E4
2   .. image1F7C0C69  C20430   22  8977828 Jun 19 2002 08:12:06
c6sup12-is-mz.121-4.E3

I didn't place it in the sup-bootflash as I didn't have room for both
images. Also I didn't want to erase an image I new that worked and then go
through the laborious process of copying files via xmodem if the new image
wouldn't load. Here's the file on the sup-bootflash
CAT6k#sh sup-bootflash:
-#- ED --type-- --crc--- -seek-- nlen -length- -date/time-- name
1   .. imageB3497649  8C4B74   23  8932084 Aug 02 2001 18:33:46
c6sup12-is-mz.121-3a.E4

To load the image I placed the following line in the config
boot system flash bootflash:c6sup12-is-mz.121-4.E3.
Saved the config and checked the bootvar and all seemed OK.
I reloaded the switch and got the following error on bootup

System Bootstrap, Version 5.3(1)
Copyright (c) 1994-1999 by cisco Systems, Inc.
c6k_sup1 processor with 65536 Kbytes of main memory

Autoboot executing command: boot bootflash:c6sup12-is-mz.121-4.E3
open(): Open Error = -9
loadprog: error - on file open
boot: cannot load bootflash:c6sup12-is-mz.121-4.E3
Exit at the end of BOOT string
rommon 1 

Any obvious mistakes in my approach?

Cheers

Pat


--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47282t=47282
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: remote router IOS upgrade best practice [7:47283]

2002-06-24 Thread Alex Lee


Hi group,

I am trying to get info from the Groupstudy mail list archive as I remember
this was posted several times before. It seems that the archive is having
problem, gives me error message 'Glimpse Index Not found'. Can anyone offer
some insight ?

I have two 1720, each in a different subnet. One router had two 'memory
allocation error' problem in two months. Both times required power-cycle the
router. Opened a TAC case but could not find any memory hardware issue.  The
two 1720 are linked by a fractional frame-relay with an ISDN BRI dial
backup. TAC said there could be IOS bug related to ISDN BRI, recommended us
to upgrade from 12.1.1 to 12.1.15.
Anyone has similar problem ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47283t=47283
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Need suggestion on MAC based VLAN [7:47284]

2002-06-24 Thread Hitesh Pathak R


Dear Group

I want to know about implementing Mac based Vlan in Cisco. Can anybody help
me.

Many thanks in advance.

Hitesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47284t=47284
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RE: VPN CLIENT + Dns [7:47125]

2002-06-24 Thread Roberts, Larry


The VPN Client is an IPSec tunnel. If your using it, and the concentrator is
set to hand them out, it should work. We use the 3030 and the VPN Client
(3.5) and it works wonderfully.

Its really hard to go wrong with this. Under group/general properties, make
sure that the Primary and secondary DNS entries are present and that Inherit
are checked. That's All I had to do to make it work.

You did click on the save icon correct?

Thanks

Larry
 

-Original Message-
From: Smart Student [mailto:[EMAIL PROTECTED]] 
Sent: Monday, June 24, 2002 1:12 AM
To: [EMAIL PROTECTED]
Subject: Re: RE: VPN CLIENT + Dns [7:47125]


Thanks for the reply Larry , I am using IPSEC tunnels , is it possible to do
the same in IPSEC tunnels .


regards,


Smart Student




Roberts, Larry wrote:



Are these PPTP tunnels or IPSec.

PPTP appends those listed in the concentrator, while the cisco client will
remove the local ones and replace them with the ones from the concentrator.

If you have more than 3 listed, I don't know if they would show up.

Thanks

Larry


-Original Message-
From: Smart Student [mailto:[EMAIL PROTECTED]] 
Sent: Friday, June 21, 2002 5:05 AM
To: [EMAIL PROTECTED]
Subject: VPN CLIENT + Dns [7:47125]


Hi All Guru's ,


I Need to config dns servers entries for all the VPN clients that login to 
VPN concentrator but after adding the entries in the appropiate group
configuartions also I have not being able to set any dns entries on the VPN
client machines .Can anybody out their suggest me what I am doing wrong.








regards,


Bharat



Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com
Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from
http://www.planetm.co.in Get Your Private, Free E-mail from Indiatimes at
http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music
Accessories from http://www.planetm.co.in




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47285t=47125
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passing score of MPLS exam ? [7:47286]

2002-06-24 Thread [EMAIL PROTECTED]


Hello,

I have scheduled the MPLS exam for July 1'st.

Can someone tell me the passing score of this exam.Also any
suggestion/comments regarding this exam  will be highly helpful.

TIA for your help.



Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47286t=47286
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Rogue Wireless LANs [7:47287]

2002-06-24 Thread Patrick Donlon


I've just found a wireless LAN set up by someone in the building, I found it
by chance when I was checking something with a colleague from another dept.
The WLAN has zero security which is not a surprise and lets the user into
the main LAN in the site with a DHCP address served up too! Does anyone have
any tips on preventing users and dept's who don't think about security from
plugging whatever they like into the network,

Cheers

Pat



--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47287t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread chris


WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses.  You can implement LEAP on the
cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the AP
outside the LAN/Firewall and require VPN to access the LAN resources.

Cisco has good whitepaper on securing wireless.  What you have experienced
pretty common.

Chris
Patrick Donlon  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I've just found a wireless LAN set up by someone in the building, I found
it
 by chance when I was checking something with a colleague from another
dept.
 The WLAN has zero security which is not a surprise and lets the user into
 the main LAN in the site with a DHCP address served up too! Does anyone
have
 any tips on preventing users and dept's who don't think about security
from
 plugging whatever they like into the network,

 Cheers

 Pat



 --

 email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47288t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: HSRP [7:47177]

2002-06-24 Thread Chuck


Howard C. Berkowitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 At 9:21 PM -0400 6/23/02, Kevin Cullimore wrote:
 It's a problem when:
 
 people assume that symmetry exists when HSRP  similar L3 failover
 technologies are implemented.
 
 It's a problem getting in the way of:
 
 people's understanding of those failover technologies.
 
 Otherwise, I'm thinking that the flexibility (wherein conversations in
 different directions may be treated differently) is quite welcome.
 
 Comments?

 I was not assuming load-sharing (i.e., multiple HSRP groups), so I'd
 expect to have the two routers essentially with the same routing
 table.  What would be different would be their uplinks, unless,
 possibly, there were an additional link connecting the two routers.
 In other words, I had considered the simple case of two redundant
 routers, each of which could handle the full load. Perhaps they might
 have physically diverse uplinks, but I wouldn't expect them to have
 radically different optimal routes.


Consider the following:

Local_LAN
  |
 --
  |   |
R1
R2
  |
|
 telco_1
telco_2
  |
|
   R3
R4
  |
|
  --

Corporate_Network


Seems to me that of R3 and R4, the coproarate network knows one of those as
the route to the Local_LAN, preferably the router that is the HSRP primary.

hhh thinking about this, interesting design study.  HSRP effects
only Local_LAN traffic to the Corporate_net. Does return traffic route
matter?

hhm. would good design consider that R3 and R4 also be an HSRP pair?
If they were, what would the effect be, as opposed to if they were not?

Maybe I'm outsmarting myself about the data flow implications?




 Certainly, one can create scenarios where load-sharing or other
 factors make the two routers significantly different. Depending on
 the goals and budget, you might even have HSRP in edge routers and
 more complex routing at a distribution tier.

 For that matter, people often don't consider L2 failover techniques
 (e.g., UplinkFast and EtherChannel) with switches feeding the HSRP
 routers as another aspect of no-single-point-of-failure.

 
 - Original Message -
 From: Howard C. Berkowitz
 To:
 Sent: 23 June 2002 3:54 pm
 Subject: Re: Re: HSRP [7:47177]
 
 
   At 3:08 PM -0400 6/23/02, Kevin Cullimore wrote:
   A useful notion to keep in mind is that hsrp and its un-patented
   counterparts (you'd think that during the past century, people would
 learn
   from IBM's example, but apparently that isn't the case) are
profoundly
   asymmetric in scope:
   
   they are concerned with the host-default gateway portion of the
   conversation, not the return path (although implementational
specifics
 might
   force them to address the return path in some circumstances).
 
 
   Kevin, how is the asymmetry a problem? The HSRP linked routers
   presumably have the same routing tables, although the backup might
   have to ARP for its first packet forwarded. Even if that's an issue,
   promiscuous ARP learning shouldn't be all that much of a problem.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47289t=47177
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: authentication and router [7:46932]

2002-06-24 Thread Blair, Philip S


Try to change:
line con0 
line authentication no_tacacs

To:
line con0 
login authentication no_tacacs

-Original Message-
From: GEORGE [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 21, 2002 11:52 AM
To: [EMAIL PROTECTED]
Subject: FW: authentication and router [7:46932]


I wouldn't like any username prompt at the console

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Blair, Philip S
Sent: Thursday, June 20, 2002 3:20 PM
To: [EMAIL PROTECTED]
Subject: FW: authentication and router [7:46932]

At the password prompt, if you enter your configured enable password you
get
access?

Sounds like it's working as you have it configured, how did you want it
to
work?

Philip

-Original Message-
From: GEORGE [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 18, 2002 5:37 PM
To: [EMAIL PROTECTED]
Subject: authentication and router [7:46932]


I just configured my router to authenticate with cisco secure every
works ok, except if I try to
Console I get a password promt, and I stop cisco secure I get a password
promt
Now I tried to enter my enable password and wont work
Am I missing something here
 
 
 
aaa new-model
aaa authentication login default group tacacs+ enable
aaa authentication login local local
aaa authentication login no_tacacs enable
aaa authentication ppp default if-needed group tacacs+
aaa authorization exec default group tacacs+ local
aaa authorization network default group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
 
 
 
line con0 
line authentication no_tacacs




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47290t=46932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Chuck


It's only a matter of time. It's bad enough they can buy their own servers
and switches down at CompUSA and set up situations that can bring your
network down while spanning tree runs..

1) does your employer have a written security policy in place? Will your
management enforce such a policy if it does exist?

2) would a demonstration to senior management about how easily anyone can
get into the company net help? Especially if it were done from the Visitors
Parking Lot?

3) is it just easier to take on the responsibility for these kinds of rogue
operations by initiating the practices recommended by others who have
responded? meaning configuring the WAP's, installing the appropriate
software on the wireless client machines, etc? not to mention the inevitable
troubleshooting, and listening to and having to do something about the
inevitable complaints about slow network?

best of luck. long experience suggests that in the end, whoever set up this
rogue net will win any argument you may have.


Patrick Donlon  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I've just found a wireless LAN set up by someone in the building, I found
it
 by chance when I was checking something with a colleague from another
dept.
 The WLAN has zero security which is not a surprise and lets the user into
 the main LAN in the site with a DHCP address served up too! Does anyone
have
 any tips on preventing users and dept's who don't think about security
from
 plugging whatever they like into the network,

 Cheers

 Pat



 --

 email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47291t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread John Golovich


What about restricting DHCP based on MAC Address. 
Problem is a lot more administration.

--- Patrick Donlon  wrote:
 I've just found a wireless LAN set up by someone in
 the building, I found it
 by chance when I was checking something with a
 colleague from another dept.
 The WLAN has zero security which is not a surprise
 and lets the user into
 the main LAN in the site with a DHCP address served
 up too! Does anyone have
 any tips on preventing users and dept's who don't
 think about security from
 plugging whatever they like into the network,
 
 Cheers
 
 Pat
 
 
 
 --
 
 email me on : [EMAIL PROTECTED]
 [EMAIL PROTECTED]
 
 


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47292t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Patrick Donlon


Thanks Chris, I was thinking more about securing the switch ports by
authenticating mac's (probably a bit OTT) or using SNMP to check for new
devices, any other ideas?  I've already set up a wireless LAN here with WEP
with authentication on an ACS server, which is a waste of time when you have
people setting up there own kit,

Cheers

Pat


--

email me on : [EMAIL PROTECTED]

chris  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 WEP for starters, then you can set the acccess point to only accept
 connections from specific MAC addresses.  You can implement LEAP on the
 cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the AP
 outside the LAN/Firewall and require VPN to access the LAN resources.

 Cisco has good whitepaper on securing wireless.  What you have experienced
 pretty common.

 Chris
 Patrick Donlon  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I've just found a wireless LAN set up by someone in the building, I
found
 it
  by chance when I was checking something with a colleague from another
 dept.
  The WLAN has zero security which is not a surprise and lets the user
into
  the main LAN in the site with a DHCP address served up too! Does anyone
 have
  any tips on preventing users and dept's who don't think about security
 from
  plugging whatever they like into the network,
 
  Cheers
 
  Pat
 
 
 
  --
 
  email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47293t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Bob Timmons


Don't know if you know about this or not, but NetStumbler is a good freeware
(begware) app for finding those rogue wireless apps that you might not know
about.  Check them out at:

http://www.netstumbler.org/



 What about restricting DHCP based on MAC Address.
 Problem is a lot more administration.

 --- Patrick Donlon  wrote:
  I've just found a wireless LAN set up by someone in
  the building, I found it
  by chance when I was checking something with a
  colleague from another dept.
  The WLAN has zero security which is not a surprise
  and lets the user into
  the main LAN in the site with a DHCP address served
  up too! Does anyone have
  any tips on preventing users and dept's who don't
  think about security from
  plugging whatever they like into the network,
 
  Cheers
 
  Pat
 
 
 
  --
 
  email me on : [EMAIL PROTECTED]
  [EMAIL PROTECTED]
 
 


 __
 Do You Yahoo!?
 Yahoo! - Official partner of 2002 FIFA World Cup
 http://fifaworldcup.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47294t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN Simulator offer [7:47295]

2002-06-24 Thread Gillian Wylie


arca technologies are offering special discount pricing on their ISDN
simulators for Cisco Students and Trainers.

The emutel|Solo has 2 ports which offer either S/T or U interfaces (software
switchable) and a choice of Euro-ISDN, North American or NTT support.

Please see www.isdnsimulator.com for more details




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47295t=47295
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Ken Diliberto


When we find access points like that, we disable the switch port they
connect to.

We are using Network Stumbler to find rogue access points.  Works well
and it's free.

Ken

 Patrick Donlon  06/24/02 08:48AM 
I've just found a wireless LAN set up by someone in the building, I
found it
by chance when I was checking something with a colleague from another
dept.
The WLAN has zero security which is not a surprise and lets the user
into
the main LAN in the site with a DHCP address served up too! Does anyone
have
any tips on preventing users and dept's who don't think about security
from
plugging whatever they like into the network,

Cheers

Pat



--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47296t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN Simulator offer [7:47295]

2002-06-24 Thread Andy Barkl

I've been happy with my $1095 unit from www.CheapISDN.com

-Original Message-
From: Gillian Wylie [mailto:[EMAIL PROTECTED]] 
Sent: Monday, June 24, 2002 9:51 AM
To: [EMAIL PROTECTED]
Subject: ISDN Simulator offer [7:47295]

arca technologies are offering special discount pricing on their ISDN
simulators for Cisco Students and Trainers.

The emutel|Solo has 2 ports which offer either S/T or U interfaces
(software
switchable) and a choice of Euro-ISDN, North American or NTT support.

Please see www.isdnsimulator.com for more details

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47297t=47295
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Beta results [7:47144]

2002-06-24 Thread groupstudy.com


Did anyone receive the score ?

I would like to know
Nigel Taylor  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Folks,
  I'm trying to understand how cisco went about grading this exam.
 Much like everyone else
 I too was told by Prometric when I called in that I had passed the exam
 however, the score report
 I received had something totally different in mind( yes I failed!)

 What I thought was strange was the passing score which was 45%.   I guess
 44% leaves short of the mark.
 This beta reminds me of the CCIE Security beta in which not many folks
on
 the list passed.

 Good thing this test didn't count as a recert credit.  I guess I'll be
 thinking about taking the
 recert exam sometime next year...:-

 Nigel

 - Original Message -
 From: Michael L. Williams
 To:
 Sent: Sunday, June 23, 2002 6:44 PM
 Subject: Re: CCIE Beta results [7:47144]


  Are the scores starting to come in now?  I still haven't received mine
  yet... =(
 
  Although, banking on the fact I would fail, I went ahead and took the
  current written and passed, so I'm not too worried about the beta
  results... just curious =)
 
  Mike W.
 
  Semiglia Bodero  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Did you receive the score?.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47298t=47144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WHEN WILL CCIE 350-001 EXPIRE [7:47184]

2002-06-24 Thread Steven A. Ridder


I'm at the Networkers CCIE power session as I type, and I heard July.

Steve


Frank Merrill  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 My guess is no later than the middle of August based on previous Cisco
 Beta-to-production life cycles.  However, anything is possible.
 The Beta test itself ended on May 6, and the results from that are just
 coming in about now.

 The Beta was a 'brutal' exam so to speak.  The current written is
relatively
 easy compared to the Beta questions.

 I would guess they will have the new questions on the test very soon.

 Good Luck!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47299t=47184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: HSRP [7:47177]

2002-06-24 Thread Priscilla Oppenheimer


I think the picture got messed up. But, let's say R1 and R2 are running 
HSRP on the Local LAN. It doesn't matter which one becomes primary. If the 
clients send to one router, but the other router has a better route, than 
the router will send the packet back out the Local LAN to the other router. 
It's the typical extra hop that many networks have. The router should send 
an ICMP Redirect (although that is disabled by default when using HSRP.) 
But it works without any major hitches because both routers have complete 
routing tables that describe the entire internetwork.

Since your picture is symmetrical (or at least I think it was?) the same 
thing can occur on the Corporate LAN. R3 and R3 can run HSRP too.

Now, for traffic coming back, we have a more interesting problem It 
would depend on the routing protocol and the maximum-paths configuration, 
wouldn't it? For some routing protocols, each router would only know one 
way back. If that way includes the broken interface, then the protocol will 
have to converge before traffic can make it back.

A few more comments in line...



Consider the following:

 Local_LAN
   |
  --
   |   |
 R1
R2
   |
|
  telco_1
telco_2
   |
|
R3
R4
   |
|
  
--

 Corporate_Network


Seems to me that of R3 and R4, the coproarate network knows one of those as
the route to the Local_LAN, preferably the router that is the HSRP primary.

You mean the HSRP primary on the Local LAN? Of course the routers on the 
Corporate Network don't know anything about HSRP on the Local LAN. Plus, it 
doesn't matter whether their path goes back via R1 or R2. Which one it 
chooses would depend on the routing protocol. Maybe it's IGRP and one of 
the links has much less bandwidth so the other is preferred. Maybe you're 
using variance so that both routes are known.


hhh thinking about this, interesting design study.  HSRP effects
only Local_LAN traffic to the Corporate_net. Does return traffic route
matter?

HSRP on the Local LAN doesn't affect it. Other things do.


hhm. would good design consider that R3 and R4 also be an HSRP pair?

In your simple design, sure, I would say make them HSRP pairs too. You 
might want to know some load balancing and make one the active for some 
VLANs and the other the active for other VLANs.

I know you know all this basic stuff. ;-) If you meant for this to be a 
more advanced discussion, just let me know. Thanks.

Priscilla

If they were, what would the effect be, as opposed to if they were not


Maybe I'm outsmarting myself about the data flow implications?




  Certainly, one can create scenarios where load-sharing or other
  factors make the two routers significantly different. Depending on
  the goals and budget, you might even have HSRP in edge routers and
  more complex routing at a distribution tier.
 
  For that matter, people often don't consider L2 failover techniques
  (e.g., UplinkFast and EtherChannel) with switches feeding the HSRP
  routers as another aspect of no-single-point-of-failure.
 
  
  - Original Message -
  From: Howard C. Berkowitz
  To:
  Sent: 23 June 2002 3:54 pm
  Subject: Re: Re: HSRP [7:47177]
  
  
At 3:08 PM -0400 6/23/02, Kevin Cullimore wrote:
A useful notion to keep in mind is that hsrp and its un-patented
counterparts (you'd think that during the past century, people would
  learn
from IBM's example, but apparently that isn't the case) are
profoundly
asymmetric in scope:

they are concerned with the host-default gateway portion of the
conversation, not the return path (although implementational
specifics
  might
force them to address the return path in some circumstances).
  
  
Kevin, how is the asymmetry a problem? The HSRP linked routers
presumably have the same routing tables, although the backup might
have to ARP for its first packet forwarded. Even if that's an issue,
promiscuous ARP learning shouldn't be all that much of a problem.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47300t=47177
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN DDR and Routing Protocols [7:47301]

2002-06-24 Thread hagedorn


Hy

I have a ISDN Dial up and dont want have any Routing Protocol over it. What
is the right access-list, and which features should you Block over the
ISDN link.

access-list 101 permit icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
( or any any )
access-list 101 deny Tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq
bgp ( or 179 )
access-list 101 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255

ip access-group 101 out ( on the BRI interface both sites )
no cdp enable ( is this nessecary? )

passiv-interface BRI 0 ( on specific Routing process )

is this enough to stop all the Routing Protocols over the ISDN link or
missed I something

Thanks for Help




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47301t=47301
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Priscilla Oppenheimer


At 11:54 AM 6/24/02, chris wrote:
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses.

I don't think he was asking how to secure a wireless network. He was asking 
how to control non-IS user types from installing new equipment on the 
network, including wireless LANs.

The question is as old as the hills, really. I remember back in the olden 
days when we had similar problems because people would add modems and 
software-based routers, etc.

Anyway, about the only modern solution I can think of is the MAC-based 
security on switches.

Presumably for this rogue wireless network to work, they first installed an 
access point into an Ethernet port. That access point has a different MAC 
address than the device that's supposed to be on that switch port. So 
MAC-based security on the switch would help because it would say only let 
the configured MAC address in. (I think that's how it works?)

It's probably a huge hassle to do MAC based security, however.

The other solution is based on the eighth layer of the OSI model: Policies. 
Make your users sign an Acceptable Use Policy statement and make sure there 
are consequences if they go against it (torture chambers and the like.)

Priscilla

You can implement LEAP on the
cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the AP
outside the LAN/Firewall and require VPN to access the LAN resources.

Cisco has good whitepaper on securing wireless.  What you have experienced
pretty common.

Chris
Patrick Donlon  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I've just found a wireless LAN set up by someone in the building, I found
it
  by chance when I was checking something with a colleague from another
dept.
  The WLAN has zero security which is not a surprise and lets the user into
  the main LAN in the site with a DHCP address served up too! Does anyone
have
  any tips on preventing users and dept's who don't think about security
from
  plugging whatever they like into the network,
 
  Cheers
 
  Pat
 
 
 
  --
 
  email me on : [EMAIL PROTECTED]


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47303t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread chris


Sorry misread the question, best option is to disable unused swithcports and
resric them to mac, like you were mentioning.

Chris

Patrick Donlon  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Thanks Chris, I was thinking more about securing the switch ports by
 authenticating mac's (probably a bit OTT) or using SNMP to check for new
 devices, any other ideas?  I've already set up a wireless LAN here with
WEP
 with authentication on an ACS server, which is a waste of time when you
have
 people setting up there own kit,

 Cheers

 Pat


 --

 email me on : [EMAIL PROTECTED]

 chris  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  WEP for starters, then you can set the acccess point to only accept
  connections from specific MAC addresses.  You can implement LEAP on the
  cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the
AP
  outside the LAN/Firewall and require VPN to access the LAN resources.
 
  Cisco has good whitepaper on securing wireless.  What you have
experienced
  pretty common.
 
  Chris
  Patrick Donlon  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   I've just found a wireless LAN set up by someone in the building, I
 found
  it
   by chance when I was checking something with a colleague from another
  dept.
   The WLAN has zero security which is not a surprise and lets the user
 into
   the main LAN in the site with a DHCP address served up too! Does
anyone
  have
   any tips on preventing users and dept's who don't think about security
  from
   plugging whatever they like into the network,
  
   Cheers
  
   Pat
  
  
  
   --
  
   email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47305t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Rogue Wireless LANs [7:47287]

2002-06-24 Thread [EMAIL PROTECTED]

Ah the old eighth layer. Policy policy policy = termination termination
termination. Usually the first one to go gets the point across to the other
folks. ;

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] 
Sent: Monday, June 24, 2002 1:27 PM
To: [EMAIL PROTECTED]
Subject: Re: Rogue Wireless LANs [7:47287]

At 11:54 AM 6/24/02, chris wrote:
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses.

I don't think he was asking how to secure a wireless network. He was asking 
how to control non-IS user types from installing new equipment on the 
network, including wireless LANs.

The question is as old as the hills, really. I remember back in the olden 
days when we had similar problems because people would add modems and 
software-based routers, etc.

Anyway, about the only modern solution I can think of is the MAC-based 
security on switches.

Presumably for this rogue wireless network to work, they first installed an 
access point into an Ethernet port. That access point has a different MAC 
address than the device that's supposed to be on that switch port. So 
MAC-based security on the switch would help because it would say only let 
the configured MAC address in. (I think that's how it works?)

It's probably a huge hassle to do MAC based security, however.

The other solution is based on the eighth layer of the OSI model: Policies. 
Make your users sign an Acceptable Use Policy statement and make sure there 
are consequences if they go against it (torture chambers and the like.)

Priscilla

You can implement LEAP on the
cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the AP
outside the LAN/Firewall and require VPN to access the LAN resources.

Cisco has good whitepaper on securing wireless.  What you have experienced
pretty common.

Chris
Patrick Donlon  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I've just found a wireless LAN set up by someone in the building, I
found
it
  by chance when I was checking something with a colleague from another
dept.
  The WLAN has zero security which is not a surprise and lets the user
into
  the main LAN in the site with a DHCP address served up too! Does anyone
have
  any tips on preventing users and dept's who don't think about security
from
  plugging whatever they like into the network,

  Cheers

  Pat

  --

  email me on : [EMAIL PROTECTED]

Priscilla Oppenheimer
http://www.priscilla.com

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47306t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Multi-Switch SPAN/Monitor question [7:47026]

2002-06-24 Thread Group Study Mailbox


I'm doing exactly that.  I have two 5509s spanning into a smaller
switch, and the smaller switch spanning into my sensor.  But we're
moving in a few months, and after the move, I'll be trunking the 5509s,
so I won't need to do that anymore.

Bob German
CCNA, MCSE, CNE
Sr Sys Eng - Irides, LLC

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Wednesday, June 19, 2002 10:20 PM
To: [EMAIL PROTECTED]
Subject: Multi-Switch SPAN/Monitor question [7:47026]


Okay...  Let's say I have three switches (or four or whatever).
assume these switches are capable of SPANning/Monitoring *all* of the
traffic on the switch to a single port. (assume the bandwidth
required for the span port isn't more than the bandwidth of the port,
which for this discussion is 100Mbps).

So, now I have 3 switches , each of which are sending all of their
traffic out of a span port.  Is it possible to take each of those
100Mbps span links, then connect them into another switch (say a 3550 or
something that takes 100Mbps ports and has Gig out) and span them out on
a single link? Since a 3550 can span all traffic in a VLAN (which would
be all traffic coming into the switch by default) to a port, could I use
that 3550 so combine all of the data coming in across all 3 of those
100Mbps span ports from the other switches and combine them and span
them out of a gig port on the 3550?

Reason I ask, is that we were trying to think of a way to span all of
the traffic across multiple switches into a single line to connection to
an IDS sensor..

Anyone ever do this?  Any of your security/IDS people every do this?

TIA,

Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47307t=47026
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CSS1 exams [7:47308]

2002-06-24 Thread [EMAIL PROTECTED]


Since I can't get my cheap company to send me to classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does anyone
have any suggestion which books would help for each of the exams?

Thank you in advance,

Joy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47308t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco IP support Certification [7:47309]

2002-06-24 Thread jp taylor


Can anyone recommend which books to prepare for the three tests to complete
the certification?

jp


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47309t=47309
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-24 Thread Shahid Muhammad Shafi


Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
 
Shahid
  [EMAIL PROTECTED]  wrote: Since I can't get my cheap company to send me to
classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does anyone
have any suggestion which books would help for each of the exams?

Thank you in advance,

Joy
Shahid Muhammad Shafi
Every man dies; not every man really lives

remember, if God bringz u 2 it, He WILL bring u thru it!!!-

Please help feed hungry people worldwide http://www.hungersite.com/
A small thing each of us can do to help others less fortunate than ourselves


-
Do You Yahoo!?
Sign-up for Video Highlights of 2002 FIFA World Cup




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47313t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-24 Thread Shahid Muhammad Shafi


Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
 
Shahid
  [EMAIL PROTECTED]  wrote: Since I can't get my cheap company to send me to
classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does anyone
have any suggestion which books would help for each of the exams?

Thank you in advance,

Joy
Shahid Muhammad Shafi
Every man dies; not every man really lives

remember, if God bringz u 2 it, He WILL bring u thru it!!!-

Please help feed hungry people worldwide http://www.hungersite.com/
A small thing each of us can do to help others less fortunate than ourselves


-
Do You Yahoo!?
Sign-up for Video Highlights of 2002 FIFA World Cup




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47314t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-24 Thread Shahid Muhammad Shafi


Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
 
Shahid
  [EMAIL PROTECTED]  wrote: Since I can't get my cheap company to send me to
classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does anyone
have any suggestion which books would help for each of the exams?

Thank you in advance,

Joy
Shahid Muhammad Shafi
Every man dies; not every man really lives

remember, if God bringz u 2 it, He WILL bring u thru it!!!-

Please help feed hungry people worldwide http://www.hungersite.com/
A small thing each of us can do to help others less fortunate than ourselves


-
Do You Yahoo!?
Sign-up for Video Highlights of 2002 FIFA World Cup




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47312t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-24 Thread Peter Walker


Obviously the corresponding books for each of the classes/exams from cisco 
press.

Managing Cisco Network Security
Cisco Secure Pix Firewalls
Cisco Secure Virtual Private Networks
Cisco Secure Intrusion Detection System

Some other publishers have books that cover these subjects too, but I have 
no real experience of these.

Some other books that might also be useful are

Enhanced IP services for Cisco networks
Cisco Secure Internet Security Solutions
Cisco IOS Network Security (there may be a release specific version of this)

There are also a bunch of really good technical documents on the CCO site. 
You should look into the product docs and data sheets for IOS, PIX, VPN 
Concentrator and IDS system, then read through some of the TAC technical 
documents and sample configurations. They cover the information you need to 
know but you will have to do more work to find the information you need.


Hope these help.

Peter Walker
CISSP, CCSE, CSS1, CCNP, CCIP, etc


--On Monday, June 24, 2002 3:20 PM -0400 [EMAIL PROTECTED] 
 wrote:

 Since I can't get my cheap company to send me to classes, I have to do
 self-study go get my Cisco Security Specialist Certification. Does anyone
 have any suggestion which books would help for each of the exams?

 Thank you in advance,

 Joy
 Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47315t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN Simulator offer [7:47295]

2002-06-24 Thread Kaminski, Shawn G


Don't forget eBay, as well. I just picked up a Teltone ILS-1000 for a decent
price. Also, I've seen some auctions for the units from Cheap ISDN and
Emutel at decent prices.

Shawn K.

 -Original Message-
 From: Andy Barkl [SMTP:[EMAIL PROTECTED]]
 Sent: Monday, June 24, 2002 1:30 PM
 To:   [EMAIL PROTECTED]
 Subject:  RE: ISDN Simulator offer [7:47295]
 
 I've been happy with my $1095 unit from www.CheapISDN.com
 
 
 -Original Message-
 From: Gillian Wylie [mailto:[EMAIL PROTECTED]] 
 Sent: Monday, June 24, 2002 9:51 AM
 To: [EMAIL PROTECTED]
 Subject: ISDN Simulator offer [7:47295]
 
 arca technologies are offering special discount pricing on their ISDN
 simulators for Cisco Students and Trainers.
 
 The emutel|Solo has 2 ports which offer either S/T or U interfaces
 (software
 switchable) and a choice of Euro-ISDN, North American or NTT support.
 
 Please see www.isdnsimulator.com for more details




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47304t=47295
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CSS1 exams [7:47308]

2002-06-24 Thread Leo Song


1. Managing Cisco Network Security -- Cisco Press
2. Boson Test.

It should be enough to pass the MCNS, VPN, PIX, but regarding the IDS
you'd better to have some hands-on experience on that, otherwise, you
have to remember lots of operation menus, commands, etc. good luck

Best Regards.
Leo

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
[EMAIL PROTECTED]
Sent: 2002?6?24? 15:21
To: [EMAIL PROTECTED]
Subject: CSS1 exams [7:47308]

Since I can't get my cheap company to send me to classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does
anyone
have any suggestion which books would help for each of the exams?

Thank you in advance,

Joy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47310t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: about ciscofan [7:47279]

2002-06-24 Thread Cuong Q. Nguyen


Does it have English Version?



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
LEOSHEN
Sent: Monday, June 24, 2002 12:43 AM
To: [EMAIL PROTECTED]
Subject: about ciscofan [7:47279]


the present url of ciscofan is ciscofan.yeah.net
welcome to visit it!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47316t=47279
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Beta results [7:47144]

2002-06-24 Thread Michael L. Williams


I received my score in the mail today.. I PASSED!!!   I have *no* idea
how I slid by, but I got a 50 on it.  (passing score was 45)

The beta was very difficult, so much so that I forked up the $300 and took
the current written a week or so later (and passed)... So I could look at
this as $300 wasted, or not. I choose not.  If anything, I look at
it as $50 well spent, just to keep me up on what changes are going to be
made to the written.

Mike W.

groupstudy.com  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Did anyone receive the score ?

 I would like to know




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47317t=47144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Qualified specialist [7:47263]

2002-06-24 Thread Godswill HO


Hi,
They will send a congratulatory letter, a certificate
and nothing moreno ID card.

Enjoy
--- Dwayne Saunders  wrote:
 Hi all
   Was Just wondering after completing your  Cisco
 Qualified specialist
 exam what does Cisco send out if anything
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47319t=47263
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN DDR and Routing Protocols [7:47301]

2002-06-24 Thread Pierre-Alex Guanel


I don't know which IGP protocols you run on your network (if any)... so this
is just a wild guess.

If you were running RIP it could trigger the link ...

(I would add: access-list 101 deny udp any any eq 520)

If you were running  OSPF 

(I would add: access-list 101 deny ospf any any)


Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47321t=47301
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

klez crashed our router [7:47323]

2002-06-24 Thread Gary Crouch


I user brought in the   w32.klez.h.mm virus our virus software was able to
stop it from spreading but our router 3640 router stop responding and had to
be restarted.

Can this virus attack shares on networks connected to the router?  can klez
spread across the router using other then smtp?

we curently have NBAR set up for block code red type viruses.

Thanks

Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47323t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: WHEN WILL CCIE 350-001 EXPIRE [7:47184]

2002-06-24 Thread Shaheen Gagan


Suppose someone registers with prometric to take the exam 350-001
in August,and this exam retires in July.
What happens then, he/she still takes the 350-001 version
or the newest version of it (351-001).

Thanks 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47324t=47184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Fw: WHEN WILL CCIE 350-001 EXPIRE [7:47184]

2002-06-24 Thread Shaheen Gagan


  Steve :

  Suppose someone registers with prometric to take the exam 350-001
  in August,and this exam retires in July.
  What happens then, he/she still takes the 350-001 version
  or the newest version of it (351-001).

  Thanks

  Reply To This Message  Newer

- Original Message -
From: Steven A. Ridder 
To: 
Sent: Monday, June 24, 2002 1:07 PM
Subject: Re: WHEN WILL CCIE 350-001 EXPIRE [7:47184]


 I'm at the Networkers CCIE power session as I type, and I heard July.

 Steve


 Frank Merrill  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  My guess is no later than the middle of August based on previous Cisco
  Beta-to-production life cycles.  However, anything is possible.
  The Beta test itself ended on May 6, and the results from that are just
  coming in about now.
 
  The Beta was a 'brutal' exam so to speak.  The current written is
 relatively
  easy compared to the Beta questions.
 
  I would guess they will have the new questions on the test very soon.
 
  Good Luck!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47325t=47184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Benchmark CCIE [7:47320]

2002-06-24 Thread Stanford Wong


About 10-15 minutes would be about right.  Speed is important, but more than
anything else, the knowledge and reason why are you are doing it.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47326t=47320
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Please remove my e-mail from this newsgroup. Thanks. [7:47327]

2002-06-24 Thread Marlon Brown


_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47327t=47327
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: klez crashed our router [7:47323]

2002-06-24 Thread Dan Penn

Yes, some forms of the Klez infects network shares.

Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Gary Crouch
Sent: Monday, June 24, 2002 4:50 PM
To: [EMAIL PROTECTED]
Subject: klez crashed our router [7:47323]

I user brought in the   w32.klez.h.mm virus our virus software was able
to
stop it from spreading but our router 3640 router stop responding and
had to
be restarted.

Can this virus attack shares on networks connected to the router?  can
klez
spread across the router using other then smtp?

we curently have NBAR set up for block code red type viruses.

Thanks

Gary

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47329t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-24 Thread LongTrip


Recently I had the pleasure of taking one of the courses CSVPN via a
training partner.  Most of the course material is echo'd on the cisco site.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt4/index.htm

If you step down a layer from that directory you will find another set of
docs that may help you with other sections of the CSS1.

Other than that the instructor I had mentioned reading the Safe Blueprint. 
Or check out http://www.cisco.com/warp/public/707/index.shtml

As mentioned, I am not sure of the other sections of the course but those
sites may help.

Don't forget hands on is a good teacher. 

Just my $0.02

Kim

 
 From: [EMAIL PROTECTED] 
 Date: 2002/06/24 Mon PM 03:20:31 EDT
 To: [EMAIL PROTECTED]
 Subject: CSS1 exams [7:47308]
 
 Since I can't get my cheap company to send me to classes, I have to do
 self-study go get my Cisco Security Specialist Certification. Does anyone
 have any suggestion which books would help for each of the exams?
 
 Thank you in advance,
 
 Joy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47328t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: klez crashed our router [7:47323]

2002-06-24 Thread Michael L. Williams


Shares?  On Routers?  Tell me more..

Mike W.

Dan Penn  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Yes, some forms of the Klez infects network shares.

 Dan
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Gary Crouch
 Sent: Monday, June 24, 2002 4:50 PM
 To: [EMAIL PROTECTED]
 Subject: klez crashed our router [7:47323]

 I user brought in the   w32.klez.h.mm virus our virus software was able
 to
 stop it from spreading but our router 3640 router stop responding and
 had to
 be restarted.

 Can this virus attack shares on networks connected to the router?  can
 klez
 spread across the router using other then smtp?

 we curently have NBAR set up for block code red type viruses.

 Thanks

 Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47330t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WHEN WILL CCIE 350-001 EXPIRE [7:47184]

2002-06-24 Thread Michael L. Williams


He/She will take the newer version doesn't matter when you register.  It
matters when you take it.

HTH,
Mike W.

Shaheen Gagan  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Suppose someone registers with prometric to take the exam 350-001
 in August,and this exam retires in July.
 What happens then, he/she still takes the 350-001 version
 or the newest version of it (351-001).

 Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47331t=47184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]

2002-06-24 Thread Kevin Love


Hey Team,

I am trying to pass data through a WIC-1DSU-T1 to test it.  In order to do
this, I need to put a couple of modular routers back-to-back.  I can handle
the configuration if I can just get the right cable.  I have cable and a
crimper.  Does anybody have any idea what pinout I would need to use to do
this correctly?  I have checked Cisco's web site and can't find anything.

Thanks for your help!

Kevin Love
[EMAIL PROTECTED]


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47332t=47332
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

here is the ANSWER from CISCO on the dlsw [7:47333]

2002-06-24 Thread Mirza, Timur


CISCO'S ANSWER:
---

peer-on-demand defaults does not change what we learn from the peer during
CapEx.  We have learned the default cost
value from the remote, which is 3 - and that is what we show in 'sh dls
cap'.  However, the value configured on peer-on-
demand defaults (5) overrides this operationally.  So even though the
capabilities reported a value of 3, the value
that is actually being used is 5.

Unfortunately, other than the config there is no show command that shows
the operational cost value of the peer.

  - Scott

PROBLEM/ISSUE:
--

i have the following config...r5 is the border peer  r8  r4 are
clients...i configure a default cost of 5 on r5 but when i issue a show
dlsw cap on either client, the peer cost stays @ 3...is this a bug or
misconfig?

r5 (the border peer)
dlsw local-peer peer-id 100.100.5.5 group 100 border promiscuous
dlsw peer-on-demand-defaults cost 5

#also tried configuring dlsw prom-peer-defaults cost 5 here but it did not
work as well - the only thing that works is when i explictly configure the
cost on the dlsw local-peer statement (then it shows up on r8  r4 w/ a cost
of 2)

--

r8 (a border peer client)
dlsw local-peer peer-id 100.100.8.8 group 100
dlsw remote-peer 0 tcp 100.100.5.5

--

r4 (a border peer client)
dlsw local-peer peer-id 100.100.4.4 group 100
dlsw remote-peer 0 tcp 100.100.5.5




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47333t=47333
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Benchmark CCIE [7:47320]

2002-06-24 Thread Bernard


Alex,

I am sure you can improve your time as you go along.
But, I have another advice on ISDN for you.
Do NOT get in to the habit of configuring your Chap to use your router's
name as the username. Whatever you configure (CHAP, Callback, Callin
one-way authentication..), make sure Chap's username is different than
the router's name.
No way you can change your bad habits in the ccie lab if needed, even if
you know how to.

Good luck,

Bernard


 

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Monday, June 24, 2002 3:20 PM
 To: [EMAIL PROTECTED]
 Subject: Benchmark CCIE [7:47320]
 
 How fast should a well prepared CCIE candidate take to setup the
network
 below: (watch the wrap)
 
 http://www.cisco.com/warp/customer/129/bri-backup-map-watch.html
 
 Right now I am taking 30 minutes. Is that too slow or about right
right?
 
 Thanks,
 
 Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47334t=47320
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Neighbor distribute-list command w/ Extended ACL [7:47272]

2002-06-24 Thread Charles D Hammonds


The statement

access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0

could also be re-written as:

access-list 100 permit ip host 192.108.0.0 host 255.255.0.0

which means that only the aggregate /16 will be accepted.

The second statement:

access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255

denies the VLSM networks under the /16.


Charles

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Dain Deutschman
Sent: Sunday, June 23, 2002 9:05 PM
To: [EMAIL PROTECTED]
Subject: Re: Neighbor distribute-list command w/ Extended ACL [7:47272]


It's kind of wierd. The source portion of the access list defines the
network whose updates are permited/denied...no suprise...the wierd part is
that the destination portion specifies the subnet mask of that network. So,
in your example;

access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0
( 192.108.0.0 [wildcard] 0.0.0.0 [subnet mask] 255.255.0.0 [wildcard]
0.0.0.0)
( 192.108.0.0/16 will be advertised )

Maybe someone else can jump in...because the wildcard is 0.0.0.0 does it
mean that any other VLSM networks under the 192.108.0.0/16 supernet would
also be advertised?

access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255
( 192.108.0.0 [wildcard] 0.0.255.255 [ subnet mask ] 255.255.0.0 [wildcard ]
0.0.255.255)
(192.108.0.0/16 would be denied...the last two octets are ignored )

I'm new to all this and learning it myself...so please...someone correct me
if I am wrong or add to my comments. Thanks. Dain.
Hunt Lee  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi all,

 Can anyone please explain this to me?? I have read some examples regarding
 neighbor x.x.x.x distribute-list  in | out using extended Access-List
 from CCO, Internet Routing Arch (by Halabi)  BGP 4 Command  Reference
(by
 Parkhurst), yet I'm still very confused.

 Below is one of them

 neighbor 120.23.4.1 distribute-list 100 in

 access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0

 access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255



 How do you read these things?? Any help will be greatly appreciated.

 Thanks,

 Hunt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47335t=47272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP NLRI [7:47337]

2002-06-24 Thread rick


I am having some trouble understanding NLRI as opposed to 
straight network routing updates.
Anyone got a pointer to information that might clear up NLRI 
some?

Thanks

-- 
--Rick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47337t=47337
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: klez crashed our router [7:47323]

2002-06-24 Thread Brian Backer


Dude, you mis read. it's shares on attached networks, not on the
routers :)
B


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Monday, June 24, 2002 8:41 PM
To: [EMAIL PROTECTED]
Subject: Re: klez crashed our router [7:47323]

Shares?  On Routers?  Tell me more..

Mike W.

Dan Penn  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Yes, some forms of the Klez infects network shares.

 Dan
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
 Gary Crouch
 Sent: Monday, June 24, 2002 4:50 PM
 To: [EMAIL PROTECTED]
 Subject: klez crashed our router [7:47323]

 I user brought in the   w32.klez.h.mm virus our virus software was
able
 to
 stop it from spreading but our router 3640 router stop responding and
 had to
 be restarted.

 Can this virus attack shares on networks connected to the router?  can
 klez
 spread across the router using other then smtp?

 we curently have NBAR set up for block code red type viruses.

 Thanks

 Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47338t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]

2002-06-24 Thread Brian Backer

Kevin,

Check out http://www2.adtran.com/support/technotes/t1ddsadptxvr/

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kevin Love
Sent: Monday, June 24, 2002 8:50 PM
To: [EMAIL PROTECTED]
Subject: T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]

Hey Team,

I am trying to pass data through a WIC-1DSU-T1 to test it.  In order to
do
this, I need to put a couple of modular routers back-to-back.  I can
handle
the configuration if I can just get the right cable.  I have cable and a
crimper.  Does anybody have any idea what pinout I would need to use to
do
this correctly?  I have checked Cisco's web site and can't find
anything.

Thanks for your help!

Kevin Love
[EMAIL PROTECTED]

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47339t=47332
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]

2002-06-24 Thread Michael L. Williams


Yeah... you can make one pretty easily.

http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/6015/6015hig/05inap
pc.htm

http://www2.adtran.com/support/technotes/t1ddsadptxvr/

HTH,
Mike W.

Kevin Love  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hey Team,

 I am trying to pass data through a WIC-1DSU-T1 to test it.  In order to do
 this, I need to put a couple of modular routers back-to-back.  I can
handle
 the configuration if I can just get the right cable.  I have cable and a
 crimper.  Does anybody have any idea what pinout I would need to use to do
 this correctly?  I have checked Cisco's web site and can't find anything.

 Thanks for your help!

 Kevin Love
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47340t=47332
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Need suggestion on MAC based VLAN [7:47284]

2002-06-24 Thread Andy Hoang


Assuming you are using catOS, here is a start

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/v
mps.htm

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hitesh Pathak R
Sent: Monday, June 24, 2002 6:42 AM
To: [EMAIL PROTECTED]
Subject: Need suggestion on MAC based VLAN [7:47284]


Dear Group

I want to know about implementing Mac based Vlan in Cisco. Can anybody help
me.

Many thanks in advance.

Hitesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47341t=47284
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

2002-06-24 Thread Kevin Cullimore

- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: 24 June 2002 2:26 pm
Subject: Re: Rogue Wireless LANs [7:47287]

 At 11:54 AM 6/24/02, chris wrote:
 WEP for starters, then you can set the acccess point to only accept
 connections from specific MAC addresses.

 I don't think he was asking how to secure a wireless network. He was
asking
 how to control non-IS user types from installing new equipment on the
 network, including wireless LANs.

 The question is as old as the hills, really. I remember back in the olden
 days when we had similar problems because people would add modems and
 software-based routers, etc.

Those problems might constitute an instance where the plaintext
authentication mechanisms that modern routing protocols support could serve
a purpose other than RFC-2223 compliance. Their use generally don't provide
an adequate level of security, but they might provide enough of an obstacle
to deter some of the end-users bent on bringing the network down via their
participation on (in?) it.

 Anyway, about the only modern solution I can think of is the MAC-based
 security on switches.

 Presumably for this rogue wireless network to work, they first installed
an
 access point into an Ethernet port. That access point has a different MAC
 address than the device that's supposed to be on that switch port. So
 MAC-based security on the switch would help because it would say only let
 the configured MAC address in. (I think that's how it works?)

 It's probably a huge hassle to do MAC based security, however.

 The other solution is based on the eighth layer of the OSI model:
Policies.
 Make your users sign an Acceptable Use Policy statement and make sure
there
 are consequences if they go against it (torture chambers and the like.)

 Priscilla

 You can implement LEAP on the
 cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the
AP
 outside the LAN/Firewall and require VPN to access the LAN resources.

 Cisco has good whitepaper on securing wireless.  What you have
experienced
 pretty common.

 Chris
 Patrick Donlon  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   I've just found a wireless LAN set up by someone in the building, I
found
 it
   by chance when I was checking something with a colleague from another
 dept.
   The WLAN has zero security which is not a surprise and lets the user
into
   the main LAN in the site with a DHCP address served up too! Does
anyone
 have
   any tips on preventing users and dept's who don't think about security
 from
   plugging whatever they like into the network,

   Cheers

   Pat

   --

   email me on : [EMAIL PROTECTED]

 Priscilla Oppenheimer
 http://www.priscilla.com

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47343t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: klez crashed our router [7:47323]

2002-06-24 Thread Michael L. Williams


Yes. being very aware of Klez and what it does/can do, I was taking his
statement that the 3640 needed to be restarted as an implication that
perhaps the router got the virus.  That's why I was asking for a
clarification.  =)

Mike W.

Brian Backer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Dude, you mis read. it's shares on attached networks, not on the
 routers :)
 B


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Michael L. Williams
 Sent: Monday, June 24, 2002 8:41 PM
 To: [EMAIL PROTECTED]
 Subject: Re: klez crashed our router [7:47323]

 Shares?  On Routers?  Tell me more..

 Mike W.

 Dan Penn  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Yes, some forms of the Klez infects network shares.
 
  Dan
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
 Of
  Gary Crouch
  Sent: Monday, June 24, 2002 4:50 PM
  To: [EMAIL PROTECTED]
  Subject: klez crashed our router [7:47323]
 
  I user brought in the   w32.klez.h.mm virus our virus software was
 able
  to
  stop it from spreading but our router 3640 router stop responding and
  had to
  be restarted.
 
  Can this virus attack shares on networks connected to the router?  can
  klez
  spread across the router using other then smtp?
 
  we curently have NBAR set up for block code red type viruses.
 
  Thanks
 
  Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47345t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: klez crashed our router [7:47323]

2002-06-24 Thread Dan Penn


Now that would be a tricky virus...but I guess if someone wanted to do
it, it would be possible to write up a little worm that instead of
trying to find unpatched IIS servers looks for routers with the RW
community of private then erases their config.  However I don't think
you are going to find that many routers compared to unpatched IIS
systems.

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Monday, June 24, 2002 8:05 PM
To: [EMAIL PROTECTED]
Subject: Re: klez crashed our router [7:47323]

Yes. being very aware of Klez and what it does/can do, I was taking
his
statement that the 3640 needed to be restarted as an implication that
perhaps the router got the virus.  That's why I was asking for a
clarification.  =)

Mike W.

Brian Backer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Dude, you mis read. it's shares on attached networks, not on the
 routers :)
 B


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
 Michael L. Williams
 Sent: Monday, June 24, 2002 8:41 PM
 To: [EMAIL PROTECTED]
 Subject: Re: klez crashed our router [7:47323]

 Shares?  On Routers?  Tell me more..

 Mike W.

 Dan Penn  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Yes, some forms of the Klez infects network shares.
 
  Dan
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
 Of
  Gary Crouch
  Sent: Monday, June 24, 2002 4:50 PM
  To: [EMAIL PROTECTED]
  Subject: klez crashed our router [7:47323]
 
  I user brought in the   w32.klez.h.mm virus our virus software was
 able
  to
  stop it from spreading but our router 3640 router stop responding
and
  had to
  be restarted.
 
  Can this virus attack shares on networks connected to the router?
can
  klez
  spread across the router using other then smtp?
 
  we curently have NBAR set up for block code red type viruses.
 
  Thanks
 
  Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47346t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]

2002-06-24 Thread Michael L. Williams


LOL. I posted the exact same link. gotta love Google =)

Mike W.

Brian Backer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Kevin,

 Check out http://www2.adtran.com/support/technotes/t1ddsadptxvr/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47347t=47332
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ATM T-1 cards for a 3640 [7:47348]

2002-06-24 Thread Anil Gupte


Someone sent me the following:
 Here are the prices that I found (approx. prices):
 
 4 port T1 ATM interfaces NEW=$3000 Refurb (no returns etc.)=$2100
 8 port T1 ATM interfaces NEW=$5250 Refurb (no returns etc.)=$4100
 

Is there not a less expensive card with a single ATM interface for a 3640?

Thanx,
Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47348t=47348
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: klez crashed our router [7:47323]

2002-06-24 Thread Michael L. Williams


True, true however, a buddy of mine in security has said (from his
experiences wearing the black hat) that you wouldn't believe how many
routers are setup with 'cisco/cisco' as the telnet and enable password.
=)

Mike W.

Dan Penn  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Now that would be a tricky virus...but I guess if someone wanted to do
 it, it would be possible to write up a little worm that instead of
 trying to find unpatched IIS servers looks for routers with the RW
 community of private then erases their config.  However I don't think
 you are going to find that many routers compared to unpatched IIS
 systems.

 Dan

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Michael L. Williams
 Sent: Monday, June 24, 2002 8:05 PM
 To: [EMAIL PROTECTED]
 Subject: Re: klez crashed our router [7:47323]

 Yes. being very aware of Klez and what it does/can do, I was taking
 his
 statement that the 3640 needed to be restarted as an implication that
 perhaps the router got the virus.  That's why I was asking for a
 clarification.  =)

 Mike W.

 Brian Backer  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Dude, you mis read. it's shares on attached networks, not on the
  routers :)
  B
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
 Of
  Michael L. Williams
  Sent: Monday, June 24, 2002 8:41 PM
  To: [EMAIL PROTECTED]
  Subject: Re: klez crashed our router [7:47323]
 
  Shares?  On Routers?  Tell me more..
 
  Mike W.
 
  Dan Penn  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Yes, some forms of the Klez infects network shares.
  
   Dan
   -Original Message-
   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
  Of
   Gary Crouch
   Sent: Monday, June 24, 2002 4:50 PM
   To: [EMAIL PROTECTED]
   Subject: klez crashed our router [7:47323]
  
   I user brought in the   w32.klez.h.mm virus our virus software was
  able
   to
   stop it from spreading but our router 3640 router stop responding
 and
   had to
   be restarted.
  
   Can this virus attack shares on networks connected to the router?
 can
   klez
   spread across the router using other then smtp?
  
   we curently have NBAR set up for block code red type viruses.
  
   Thanks
  
   Gary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47349t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Neighbor distribute-list command w/ Extended ACL [7:47272]

2002-06-24 Thread Vicuna, Mark


Hunt,

Simply put, a distribute list simply has an ACL associated with it (in
your example it's an extended ACL).  

Traffic inbound from the peered router (120.23.4.1) has extended ACL
applied to it.

You are probably familiar of defining ACL's and applying it on an
interface.  In this example you are simply applying it on the peer
(called a distribute list).


HTH,
Mark.

-Original Message-
From: Hunt Lee [mailto:[EMAIL PROTECTED]]
Sent: Monday, 24 June 2002 1:04 PM
To: [EMAIL PROTECTED]
Subject: Neighbor distribute-list command w/ Extended ACL [7:47272]


Hi all,

Can anyone please explain this to me?? I have read some examples
regarding
neighbor x.x.x.x distribute-list  in | out using extended Access-List
from CCO, Internet Routing Arch (by Halabi)  BGP 4 Command  Reference
(by
Parkhurst), yet I'm still very confused.

Below is one of them

neighbor 120.23.4.1 distribute-list 100 in

access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0

access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255



How do you read these things?? Any help will be greatly appreciated.

Thanks,

Hunt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47350t=47272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Need suggestion on MAC based VLAN [7:47284]

2002-06-24 Thread Hitesh Pathak R


Thanks for the info. Is it possible that normal Vlan  dynamic Vlan can
co-exist ?

-Original Message-
From: Andy Hoang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 25, 2002 7:16 AM
To: [EMAIL PROTECTED]
Subject: RE: Need suggestion on MAC based VLAN [7:47284]


Assuming you are using catOS, here is a start

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/v
mps.htm

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hitesh Pathak R
Sent: Monday, June 24, 2002 6:42 AM
To: [EMAIL PROTECTED]
Subject: Need suggestion on MAC based VLAN [7:47284]


Dear Group

I want to know about implementing Mac based Vlan in Cisco. Can anybody help
me.

Many thanks in advance.

Hitesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47351t=47284
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: klez crashed our router [7:47323]

2002-06-24 Thread Dan Penn

Tis very true...

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Monday, June 24, 2002 9:25 PM
To: [EMAIL PROTECTED]
Subject: Re: klez crashed our router [7:47323]

True, true however, a buddy of mine in security has said (from his
experiences wearing the black hat) that you wouldn't believe how many
routers are setup with 'cisco/cisco' as the telnet and enable
password.
=)

Mike W.

Dan Penn  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Now that would be a tricky virus...but I guess if someone wanted to do
 it, it would be possible to write up a little worm that instead of
 trying to find unpatched IIS servers looks for routers with the RW
 community of private then erases their config.  However I don't
think
 you are going to find that many routers compared to unpatched IIS
 systems.

 Dan

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
 Michael L. Williams
 Sent: Monday, June 24, 2002 8:05 PM
 To: [EMAIL PROTECTED]
 Subject: Re: klez crashed our router [7:47323]

 Yes. being very aware of Klez and what it does/can do, I was
taking
 his
 statement that the 3640 needed to be restarted as an implication that
 perhaps the router got the virus.  That's why I was asking for a
 clarification.  =)

 Mike W.

 Brian Backer  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Dude, you mis read. it's shares on attached networks, not on the
  routers :)
  B

  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
 Of
  Michael L. Williams
  Sent: Monday, June 24, 2002 8:41 PM
  To: [EMAIL PROTECTED]
  Subject: Re: klez crashed our router [7:47323]

  Shares?  On Routers?  Tell me more..

  Mike W.

  Dan Penn  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Yes, some forms of the Klez infects network shares.

   Dan
   -Original Message-
   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf
  Of
   Gary Crouch
   Sent: Monday, June 24, 2002 4:50 PM
   To: [EMAIL PROTECTED]
   Subject: klez crashed our router [7:47323]

   I user brought in the   w32.klez.h.mm virus our virus software was
  able
   to
   stop it from spreading but our router 3640 router stop responding
 and
   had to
   be restarted.

   Can this virus attack shares on networks connected to the router?
 can
   klez
   spread across the router using other then smtp?

   we curently have NBAR set up for block code red type viruses.

   Thanks

   Gary

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47352t=47323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN Gurus HElp! [7:47353]

2002-06-24 Thread Juli Hato


Halo CIscoer, help me on this ISDN debug:

12:24:38: CALL_PROC pd = 8  callref = 0xF5
12:24:163208757248: ISDN BR1/4: TX -  RRr sapi = 0  tei = 64  nr = 2
12:24:45: ISDN BR1/4: RX   RRr sapi = 0  tei = 64  nr = 3
12:24:193273528320: BRI1/4: wait for isdn carrier timeout, call id=0x817F
12:24:195440255788: DDR: Dialing failed, 5 packets unqueued and discarded
12:24:195440239956: ISDN BR1/4: TX -  INFOc sapi = 0  tei = 64  ns = 1  nr 
= 3
i = 0x0801754D08028090
12:24:193273528320: RELEASE pd = 8  callref = 0x75
12:24:195440240252: Cause i = 0x8090 - Normal call clearing
12:24:45: ISDN BR1/4: RX   RRr sapi = 0  tei

Thank YOu

HATO

_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47353t=47353
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ASYNC-to-MODEM Cabling [7:47354]

2002-06-24 Thread Edward Sohn


Hey all,
 
I've been having problems setting up my access server (2511) to accept
incoming PPP sessions via an external modem, and I finally figured out
it is a cabling problem.  
 
Therefore, I need the model and availability of a cable that connects my
Hayes Accura modem (female DB-9) to a cisco octal cable (male RJ-45),
with all the correct pinouts.
 
The only reason I am not including all the correct pinouts for the
cabling is because someone HAS to have run into this issue before.  I am
simply trying to locate a couple of these cables so I can set up my
access servers on one of the 16 Async lines on my 2511...
 
I really need your help with this.  Please email me directly, if
possible.
 
Thanks in advance!
 
Eddie

[GroupStudy.com removed an attachment of type image/jpeg which had a name of
Notebook.jpg]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47354t=47354
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Undeliverable mail--Alto Bound [7:47355]

2002-06-24 Thread postmaster


The following mail can't be sent to [EMAIL PROTECTED]:

From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Alto Bound
The attachment is the original mail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47355t=47355
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ATM T-1 cards for a 3640 [7:47348]

2002-06-24 Thread Chuck


the cards in question are the ATM T1 IMA cards, which list for 4,000 for the
4 port and 7,000 for the 8 port. You do the math.

No there is no 1 port ATM T1 for the 36xx box.

OTOH, there is a 1 port ATM T1 card for the 2650 router - I don't have my
pricing tools handy, so I can't get you a part number or list price.
Something like AIM module, which takes a WIC T1 card inserted into it to
become a T! ATM port. Last I looked, this option was not available for the
36xx series.

HTH


Anil Gupte  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Someone sent me the following:
  Here are the prices that I found (approx. prices):
 
  4 port T1 ATM interfaces NEW=$3000 Refurb (no returns etc.)=$2100
  8 port T1 ATM interfaces NEW=$5250 Refurb (no returns etc.)=$4100
 

 Is there not a less expensive card with a single ATM interface for a 3640?

 Thanx,
 Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47356t=47348
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN Gurus HElp! [7:47353]

2002-06-24 Thread [EMAIL PROTECTED]


Let me take a swing at this..

Looking at the debug I would assume, that ISDN Service provider is not
'there' by looking at this line.
12:24:193273528320: BRI1/4: wait for isdn carrier timeout, call id=0x817F

Can I assume that the D Channel is up looking looking at the TEI number
which is normally automatically assigned a number from 63 (or was that 62)
onwards.


-Original Message-
From: Juli Hato [mailto:[EMAIL PROTECTED]]
Sent: 25 June 2002 06:38 
To: [EMAIL PROTECTED]
Subject: ISDN Gurus HElp! [7:47353]


Halo CIscoer, help me on this ISDN debug:

12:24:38: CALL_PROC pd = 8  callref = 0xF5
12:24:163208757248: ISDN BR1/4: TX -  RRr sapi = 0  tei = 64  nr = 2
12:24:45: ISDN BR1/4: RX   RRr sapi = 0  tei = 64  nr = 3
12:24:193273528320: BRI1/4: wait for isdn carrier timeout, call id=0x817F
12:24:195440255788: DDR: Dialing failed, 5 packets unqueued and discarded
12:24:195440239956: ISDN BR1/4: TX -  INFOc sapi = 0  tei = 64  ns = 1  nr 
= 3
i = 0x0801754D08028090
12:24:193273528320: RELEASE pd = 8  callref = 0x75
12:24:195440240252: Cause i = 0x8090 - Normal call clearing
12:24:45: ISDN BR1/4: RX   RRr sapi = 0  tei

Thank YOu

HATO

_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47357t=47353
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Please remove my e-mail from this newsgroup. T [7:47336]

2002-06-24 Thread Paul Borghese


To remove yourself simply type your e-mail address in the List Manager
found on www.groupstudy.com and click unsubscribe all lists (which is
the default value).

Or you can follow the directions under the list link
(http://www.groupstudy.com/list/cisco.html), or follow the directions
from the e-mail sent to you when you subscribed.

In general, I tried to make unsubscribing much easier then subscribing.
If you can subscribe to the list, you should be able to unsubscribe.

Take care,

Paul

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Marlon Brown
Sent: Monday, June 24, 2002 7:30 PM
To: [EMAIL PROTECTED]
Subject: Please remove my e-mail from this newsgroup. Thanks. [7:47327]

_
Get your FREE download of MSN Explorer at
http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47336t=47336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Documentation CD Errors [7:47358]

2002-06-24 Thread Magondo, Michael


Hi guys

I have a problem that I'm sure you guys may have encountered before.
Even after installing the recommended software, I still get gibberish
when I click on any link on the documentation CD home page. I am
currently using the November 2001 CD and have tried with various other
editions of this CD. Can anyone suggest a quick course of action.

Michael




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47358t=47358
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

!!!For the curious Minds; Here's The 3550-EMI !!! [7:47322]

2002-06-24 Thread Eric R


Just got a new 3550-EMI 24port.  
Check the sh ip portion. Yep, it's an IP router! 
Looks like this little bad boy could actually throw a rather large monkey
wrech into the works.

-Eric

##

3550-EMI#?
Exec commands:
  access-enableCreate a temporary Access-List entry
  access-template  Create a temporary Access-List entry
  archive  manage archive files
  cd   Change current directory
  clearReset functions
  clockManage the system clock
  cluster  cluster exec mode commands
  configureEnter configuration mode
  connect  Open a terminal connection
  copy Copy from one file to another
  debugDebugging functions (see also 'undebug')
  delete   Delete a file
  dir  List files on a filesystem
  disable  Turn off privileged commands
  disconnect   Disconnect an existing network connection
  dot1xIEEE 801.1X commands
  enable   Turn on privileged commands
  eraseErase a filesystem
  exit Exit from the EXEC
  format   Format a filesystem
  fsck Fsck a filesystem
  help Description of the interactive help system
  lock Lock the terminal
  loginLog in as a particular user
  logout   Exit from the EXEC
  mkdirCreate new directory
  more Display the contents of a file
  mrinfo   Request neighbor and version information from a multicast
   router
  mrm  IP Multicast Routing Monitor Test
  mstatShow statistics after multiple multicast traceroutes
  mtrace   Trace reverse multicast path from destination to source
  name-connection  Name an existing network connection
  no   Disable debugging functions
  ping Send echo messages
  pwd  Display current working directory
  rcommand Run command on remote switch
  reload   Halt and perform a cold restart
  rename   Rename a file
  resume   Resume an active network connection
  rmdirRemove existing directory
  rsh  Execute a remote command
  send Send a message to other tty lines
  setupRun the SETUP command facility
  show Show running system information
  systat   Display information about terminal lines
  telnet   Open a telnet connection
  terminal Set terminal line parameters
  test Test subsystems, memory, and interfaces
  traceroute   Trace route to destination
  tunnel   Open a tunnel connection
  udld UDLD protocol commands
  undebug  Disable debugging functions (see also 'debug')
  verify   Verify a file
  vlan Configure VLAN parameters
  vmps VMPS actions
  whereList active connections
  writeWrite running configuration to memory, network, or
terminal

##

3550-EMI#sh ip ?
  access-lists  List IP access lists
  accountingThe active IP accounting database
  aliases   IP alias table
  arp   IP ARP table
  cache IP fast-switching route cache
  cef   Cisco Express Forwarding
  dvmrp DVMRP information
  eigrp IP-EIGRP show commands
  flow  NetFlow switching
  igmp  IGMP information
  interface IP interface status and configuration
  irdp  ICMP Router Discovery Protocol
  local IP local options
  masks Masks associated with a network
  mcacheIP multicast fast-switching cache
  mpacket   Display possible duplicate multicast packets
  mrm   IP Multicast Routing Monitor information
  mrouteIP multicast routing table
  msdp  Multicast Source Discovery Protool (MSDP)
  nat   IP NAT information
  ospf  OSPF information
  pim   PIM information
  prefix-list   List IP prefix lists
  protocols IP routing protocol process parameters and statistics
  redirects IP redirects
  rip   IP RIP show commands
  route IP routing table
  rpf   Display RPF information for multicast source
  sdr   Session Directory (SDPv2) cache
  sockets   Open IP sockets
  traffic   IP protocol statistics
  vrf   VPN Routing/Forwarding instance information

##

3550-EMI(config)#?
Configure commands:
  aaa Authentication, Authorization and Accounting.
  access-list Add an access list entry
  alias   Create command alias
  arp Set a static ARP entry
  banner  Define a login banner
  bootBoot Commands
  bridge

72 matches

Mail list logo