Show Interface: Available Bandwidth [7:48891]

[Jens von Bülow]

Greetings,

I am struggling to understand the output of the "Show Interface" command, in
particular the "Output Queue" and "Available Bandwidth" line.

Why on a 256Kb line does it show Available Bandwidth 192Kb?

I look forward to your responses.

Thanks & Regards
Jens




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48891&t=48891
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ATM fore CCIE [7:48892]

[Casey, Paul (6822)]

Hello

Can some tell me the requirments for atm for the lab 
I have the following 3640 ATM Support (NM-4T1-IMA) and the 3640 routers. 

Are those cards any good to me, 
Do I need an ATM switch or can I put this stuff back to back. 

Any help appreciated. 

Kind regards.
Paul




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48892&t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Pix internal access [7:48886]

[Ciaron Gogarty]

Hi,

Assuming you only have one IP on the external interface try the following

Global (outside) 10 interface
Nat (inside) 10 0 0
static (inside,outside) tcp interface www  www
netmask 255.255.255.255

access-list out-in permit tcp any host  eq www

Of course this would be to allow people on the Internet to access a WWW
server on the external IP address, which is your single routable IP.

But it sounds like the trouble your having is with user's reaching your web
server over a vpn tunnel??  Is this correct?  If so I would suspect you
haven't got a "NAT 0" statement to not nat packets from your web server to
the far side of the tunnel...  basically, without seeing your config you
need to have a line of code that tells the PIX what traffic not to nat,
specifically traffic that is going into the vpn tunnel to the far side.
This can be the same access-list that you define for traffic that will bring
up the tunnel - using the line of code like such:

nat (inside) 0 access-list NONAT
access-list NONAT permit ip  mask  mask

hope this helps.

C

-Original Message-
From: eo [mailto:[EMAIL PROTECTED]]
Sent: 16 July 2002 04:56
To: [EMAIL PROTECTED]
Subject: Pix internal access [7:48886]


Hello,

Normally I wouldn't ask this but cisco's documentation on pix is far
from 
acceptable. 

What I am trying to  do is simple. I have a pix 501 here with a single
public
static ip on outside and a private network in the range of 10.251.35.0/24.

The pix is setup to nat the internal network out to the internet... This
works
fine. It also has a functional ipsec tunnel to a cisco vpn concentrator
which
works just dandy. The folks at the main site have requested that I open port

80 for web access internally. Noting that the network inside is PAT'd, there

will have to be a 'static' map to make this function... right..

I wont paste the entire config here unless requested but will give you the 
basic rundown.

I use access-list 101 to define two different subnets just to define 
interesting traffic for my crypto map. That works just fine.

if my external IP is 192.168.1.1, I (according to CCO and Pix configuration 
books) have to:

Add a static mapping as such:

static (inside,outside) 192.168.1.1 10.251.35.1 (I've done a few variants of

this)

Then enforce this with an acl as such:

access-list 102 permit tcp any host 192.168.1.1 eq www

then

access-group 102 in interface outsideto apply it

Now if I do this, it drops everything. I run logging console debugging and
see
tons and tons of drops for tcp, udp and ipsec. All network conectivity comes

to a total halt. 

So I tried to implement the acl like the old way I do my ciscos to make sure

by allowing ip any any and protocol 50 any any.  - Nothing

I also get a huge mess of errors stating that port mapping has failed, both 
IP's are correct and reachable.

I've tried every thing I can think of but the thing will not behave.
Conduits
and acl's. Once again, I wont touch my crypto map acl because I don't want
it
futzing with my tunnel and makes very little sense to me.

Has anyone gotten this kind of "Static" mapping working in a Pat'd/ipsec'd 
system? If so, how?

I will provide any needed information upon request.

Thanks a bunch in advance for any interest.


eo
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48893&t=48886
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ip unnumbered [7:48894]

[richard dumoulin]

Hey guys,
I have to connect a Cisco router to the internet (Worldcom) and I was told
the following "If your router is a CISCO model, then there is no
need to assign actual IP addresses to the WAN serial
interfaces since CISCO's un-numbered technology can
be employed". Does this mean that I can configure IP unnumbered ethernet0 or
loopback0 (with one of them having a routable IP address) and so I must
configure ppp encap on the serial ??

I am a bit confused, thx for your help !! 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48894&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN to VOIP:Cause i = 0x809C - Invalid number format [7:48896]

[TP]

I have a cisco 2621 gateway voip/isdn, the gateway has  fastethernet
interfaces to the lan/voip network and a 2vic BRI S/T TE connected to a ISDN
BRI.

Calls from a voip terminal to the pstn are OK.
Calls from pstn to a voip terminals are KO.

It seems I have no chance to digit the post-selection associated to the voip
terminal (the same voip architecture with analog line and FXO works fine)
I receive
 ISDN BRI1/0 TX -> DISCONNECT pd = 8  callref = 0xC7
Cause i = 0x809C - Invalid number format (incomplete number)

I'm sending the configuration, any suggestion will be appreciate.
Teresa


isdn switch-type basic-net3

!

interface BRI1/0

no ip address

isdn switch-type basic-net3

isdn overlap-receiving T302 5000

isdn not-end-to-end 64

isdn incoming-voice voice

isdn send-alerting

isdn sending-complete

isdn skipsend-idverify




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48896&t=48896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Collision Detecting [7:48830]

[Jeffrey Reed]

You'll never see collisions on a full duplex link if there is a duplex
mismatch. What you will see on the side that is set for full duplex are
CRC's, undersized packets, fragments etc. that are the result of malformed
packets being on the network as the other side stops transmitting when it
senses a collision. Remember in this scenario the other side is set for half
duplex.


Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dan
Penn
Sent: Tuesday, July 16, 2002 2:34 AM
To: [EMAIL PROTECTED]
Subject: RE: Collision Detecting [7:48830]

You should not see collisions on a full duplex link...If you do there is
probably a duplex mismatch.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, July 15, 2002 11:28 PM
To: [EMAIL PROTECTED]
Subject: RE: Collision Detecting [7:48830]

I am just going to generalise here. Lets take just one port of a switch
or
one collision domain since that's what switches do.

If we run 10 or 100 Half Duplex to a switch ... Is there a chance of a
collision occuring?
If we then run 10 or 100 Full Duplex to a switch ... Is there a chance
of a
collision occuring, besides late collisions, etc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48897&t=48830
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Show Interface: Available Bandwidth [7:48891]

[Steven A. Ridder]

Router takes 75% for overhead.  This is for queuing.

--

RFC 1149 Compliant.



""Jens von B|low""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Greetings,
>
> I am struggling to understand the output of the "Show Interface" command,
in
> particular the "Output Queue" and "Available Bandwidth" line.
>
> Why on a 256Kb line does it show Available Bandwidth 192Kb?
>
> I look forward to your responses.
>
> Thanks & Regards
> Jens




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48898&t=48891
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Collision Detecting [7:48830]

[Michael L. Williams]

Comments inline.

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If we run 10 or 100 Half Duplex to a switch ... Is there a chance of a
> collision occuring?

Yes, definitely.  Anytime you run half-duplex there is a possibility of
collisions.

> If we then run 10 or 100 Full Duplex to a switch ... Is there a chance of
a
> collision occuring, besides late collisions, etc.

If you are running full-duplex, there is no possibility for collisions.

> From what I have read (or remember to have read):
> When we run in full duplex we have seperate TX/RX wire pairs i.e the TX
pair
> on one side is wired to the RX pair on the other side and vice versa...
> hence there should be no collisions and that's why there is no collision
> detection mechanism in 100MB ... Right?

You are correct that there is a dedicated TX and RX pair that are
crosswired, and you are correct that is why there isn't collision
detection.. but it has nothing to do with 100Mbps.  When you put a
switchport or NIC in full-duplex mode, the collision detection circuitry is
bypassed, since it's not needed.  However, this isn't a function of speed.

> But the reason I ask this, is that yesterday I had a problem with a NIC,
and
> the options I had listed in the NIC Device Driver Software was this: 100Mb
> Half Duplex.  I thought 100Mb could only run in full duplex? However when
we
> run Half Duplex, the TX/RX occurs on then same wire pair so how does 100Mb
> Half Duplex work if there is no collision detection mechanism for 100Mb?

Yeah basically, you're making the mistake of assuming 100Mbps = Full
Duplex, and it does not.  Speed and duplex are independant of each other.

Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48899&t=48830
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE written on resume? [7:48868]

[[EMAIL PROTECTED]]

it is a good discussion that is going on here.  Roberts that is a good
advice..

If u r not putting ccie written on ur resume how can u show the time and
efforts that u have been putting on acheiving it.. 

I have this freind of mine who worked for a body shopping firm and the
company that had a contract scrapped it and he lost his job, when he was
preparing for the Ccie lab when he had not written any other certification
other than the one he is pursuing... 

the mention of ccie (pursuing) i think highlight's  both.


rgds,
Murali

-Original Message-
From: Roberts, Larry [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 4:25 AM
To: [EMAIL PROTECTED]
Subject: RE: CCIE written on resume? [7:48868]


Personal advice. List your certifications only. CCNP,CCDP,CCNA,MCSE,etc...
There is no certification called "CCIE written". I would instead place this
under experience section. 

When I was a hiring manager, I frowned heavily upon candidates who made up
certifications like putting "CNE 6/8", which I was meant to take as having
passed 6 of 8 tests for the CNE ( I don't remember the exact numbers that
were on it )

I would also mention the fact that you have passed the CCIE written in your
opening paragraph. It's an accomplishment to be proud of! Its just not a
certification.
While I cant tell you the most effective way of presenting your skillset, I
can tell you from personal experience that you will loose far more
interviews that you will gain with "CCIE Written" on your resume , or at
least that is the case in the states.

It might also be helpful to get in contact with a headhunter/placement
company in your area that has a good reputation and get their advice.
Experience counts when it comes time to creating the most effective resume
that you can.

Other words of advice would be to be specific in what you have done. Don't
put "assisted in the global migration of Layer 3 devices", instead use
something along the lines of "lead engineer in the Design,installation and
turn-up of Cisco routers in an IP/IPX network at 250 locations with varying
access circuits from T-1 to T-3,DS-3 and OC-12."

I say this because your resume is going to be scanned into a database and
someone is going to do a search on keywords. In small companies a very
experienced HR person will look at the first statement and say "fluff". With
a tight market, they are going to choose the person that is the best match,
and they are not going to call you to find out even though it not on your
resume', your are the absolute perfect match . They will assume that because
you didn't say Cisco, you don't have experience. Bad assumptions I know, but
in a tight market this tends to happen. What will happen is the further
investigation will happen to the 50 people that did put it on there resume.

I'm sure that others will have even better information and job searching
hints to provide to you so take them all in, figure out what is best for you
and be persistent.

Good luck to you in your search.

Thanks

Larry
 

-Original Message-
From: G Z [mailto:[EMAIL PROTECTED]] 
Sent: Monday, July 15, 2002 6:28 PM
To: [EMAIL PROTECTED]
Subject: CCIE written on resume? [7:48868]


I am persuing the written portion of the CCIE. I want to put this on my
resume when the test is passed but it is not a certification in itself.
There is no logical reason not to put it there as it shows additional
knowledge and that is what the resume is for. But awhile back I think this
topic was discussed but don't remember the particulars (I was not a CCNA at
the time even). It seems to be like saying that you don't have a degree but
have completed some college. Also where would this go on a resume? Any input
would be appreciated. Thanks,
   George Zutaut




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48900&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: TAR Files in Windows [7:48904]

[John Neiberger]

I'm looking for a Windows program that can create a .tar file comprised
of files from an NT file system to be transferred to a Solaris box. 
WinZip can open .tar files but it can't create them.

Is there some other product similar to WinZip that can create .tar
files?

Thanks!
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48904&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ip unnumbered [7:48894]

[Chuck]

recall that the link between you and whomever is a two host network. if you
were numbering, you would most likely use a /30. even when connecting to the
internet, this link need not use public IP space. Your ISP is most likely
using a static route to you, and you in turn are using a static route to
them.

them: ip route "your public space" out interface X

You: ip route 0.0.0.0 0.0.0.0 interface Y

this is a regular practice.

IP unnumbered is even better, because then no one has to commit to or agree
upon address, and no one has to waste public space.

Usually, you would number your ethernet port with a public number, and you
would use an ip unnumbered off that publicly addressed interface.

HTH



""richard dumoulin""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey guys,
> I have to connect a Cisco router to the internet (Worldcom) and I was told
> the following "If your router is a CISCO model, then there is no
> need to assign actual IP addresses to the WAN serial
> interfaces since CISCO's un-numbered technology can
> be employed". Does this mean that I can configure IP unnumbered ethernet0
or
> loopback0 (with one of them having a routable IP address) and so I must
> configure ppp encap on the serial ??
>
> I am a bit confused, thx for your help !!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48903&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Network Management Tools [7:48906]

[Ronald James]

anyone knows there is network management tools would providing reports on
round trip delay between a central site to several regional sites?  the
reports must be presented in hard copies or email format...

thank in advance !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48906&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Addendum Re: OT: TAR Files in Windows [7:48904]

[John Neiberger]

I should have made it clear that I need to retain the directory
structure when transferring files from multiple directories.  TAR is the
ideal method for me but someone else was suggesting that I should be
able to zip files from multiple directories and have that structure
retained when I unzip the file on the unix box.  It ought to be possible
but I'm still researching the details.  

John

>>> "John Neiberger"  7/16/02 8:16:38 AM
>>>
I'm looking for a Windows program that can create a .tar file
comprised
of files from an NT file system to be transferred to a Solaris box. 
WinZip can open .tar files but it can't create them.

Is there some other product similar to WinZip that can create .tar
files?

Thanks!
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48908&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ip unnumbered [7:48894]

[Lupi, Guy]

You can use ip unnumbered with or without PPP, depending on how your
provider is set up.  You would just use ip unnumbered to the ethernet port
or to a loopback interface, whichever you prefer, I prefer the loopback.

*-Original Message-
*From: richard dumoulin [mailto:[EMAIL PROTECTED]]
*Sent: Tuesday, July 16, 2002 5:32 AM
*To: [EMAIL PROTECTED]
*Subject: ip unnumbered [7:48894]
*
*
*Hey guys,
*I have to connect a Cisco router to the internet (Worldcom) 
*and I was told
*the following "If your router is a CISCO model, then there is no
*need to assign actual IP addresses to the WAN serial
*interfaces since CISCO's un-numbered technology can
*be employed". Does this mean that I can configure IP 
*unnumbered ethernet0 or
*loopback0 (with one of them having a routable IP address) and so I must
*configure ppp encap on the serial ??
*
*I am a bit confused, thx for your help !! 
*
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48907&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Addendum Re: OT: TAR Files in Windows [7:48904]

[Steven A. Ridder]

I did a search under WinTar and here's what I found:

pad
pad

http://www.spiralcomm.com/



""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I should have made it clear that I need to retain the directory
> structure when transferring files from multiple directories.  TAR is the
> ideal method for me but someone else was suggesting that I should be
> able to zip files from multiple directories and have that structure
> retained when I unzip the file on the unix box.  It ought to be possible
> but I'm still researching the details.
>
> John
>
> >>> "John Neiberger"  7/16/02 8:16:38 AM
> >>>
> I'm looking for a Windows program that can create a .tar file
> comprised
> of files from an NT file system to be transferred to a Solaris box.
> WinZip can open .tar files but it can't create them.
>
> Is there some other product similar to WinZip that can create .tar
> files?
>
> Thanks!
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48914&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network Management Tools [7:48906]

[Steven A. Ridder]

If you have CM, you can do it with CRM records.

If you have Cisco Works, there's a VoIP package for it.  You can probably
get pretty graphs from that.

There's probably others, like HPOV, What's up Gold, PDM may have something
(that's free from Cisco) but reporting is probably limited.

""Ronald James""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> anyone knows there is network management tools would providing reports on
> round trip delay between a central site to several regional sites?  the
> reports must be presented in hard copies or email format...
>
> thank in advance !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48915&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TAR Files in Windows [7:48904]

[Kevin Stone]

UltimateZip (http://www.ultimatezip.com) or you can use Tar from Cygwin
(http://www.cygwin.com), both are free.

-Kevin


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On 
> Behalf Of John Neiberger
> Sent: Tuesday, July 16, 2002 10:17 AM
> To: [EMAIL PROTECTED]
> Subject: OT: TAR Files in Windows [7:48904]
> 
> 
> I'm looking for a Windows program that can create a .tar file 
> comprised of files from an NT file system to be transferred 
> to a Solaris box. 
> WinZip can open .tar files but it can't create them.
> 
> Is there some other product similar to WinZip that can create 
> .tar files?
> 
> Thanks!
> John
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48916&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Network Management Tools [7:48906]

[Clayton Dukes]

Internet Service Monitors will do that, and much more :-)

http://www.micromuse.com/vidchan/demos.html



Clayton Dukes
CCNA, CCDA, CCDP, CCNP, NCC


-=]-Original Message-
-=]From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
-=]Ronald James
-=]Sent: Tuesday, July 16, 2002 10:35 AM
-=]To: [EMAIL PROTECTED]
-=]Subject: Network Management Tools [7:48906]
-=]
-=]anyone knows there is network management tools would providing
reports on
-=]round trip delay between a central site to several regional sites?
the
-=]reports must be presented in hard copies or email format...
-=]
-=]thank in advance !
-=]
-=]
-=]
-=]
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48919&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Citrix connection keeps on dropping [7:48877]

[tony scarlett]

You may try looking at prioritizing the ica protocolbut I have never
found that to be the proble. Has this been an ongoing problem? Have any
chances been made in the Metaframe farm (software upgrades, hotfixes, etc)?
you may want to check out this link...
http://knowledgebase.citrix.com/cgi-bin/webcgi.exe?New,KB=CitrixKB
and do a search for CTX757449.

good lucki think you will find the problem on the Metaframe boxes...as
this is usually the case..


Regards

Tony Scarlett
CCNP CCEA MCSE


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48920&t=48877
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Addendum Re: OT: TAR Files in Windows [7:48904]

[Davis, Scott [ISE/RAC]]

John,

 There are several Win based archive utilities available that can handle
RAR, TAR, ARC, and ARJ as well as ZIP. Check sites like www.tucows.com or
www.download.com. I use one called BitZipper that I got from Tucows that
works as well as WinZip.


-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 9:41 AM
To: [EMAIL PROTECTED]
Subject: Addendum Re: OT: TAR Files in Windows [7:48904]


I should have made it clear that I need to retain the directory
structure when transferring files from multiple directories.  TAR is the
ideal method for me but someone else was suggesting that I should be
able to zip files from multiple directories and have that structure
retained when I unzip the file on the unix box.  It ought to be possible
but I'm still researching the details.  

John

>>> "John Neiberger"  7/16/02 8:16:38 AM
>>>
I'm looking for a Windows program that can create a .tar file
comprised
of files from an NT file system to be transferred to a Solaris box. 
WinZip can open .tar files but it can't create them.

Is there some other product similar to WinZip that can create .tar
files?

Thanks!
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48921&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Network Management Tools [7:48906]

[Kevin Stone]

You can use SmokePing
(http://people.ee.ethz.ch/~oetiker/webtools/smokeping/index.en.html) or
MRTG with PingProbe (ftp://ftp.pwo.de/pub/pwo/mrtg/mrtg-ping-probe/) to
capture the data and create graphs, how you distribute it is up to you.
I don't know of anything that will print or email the reports directly
from the application. If you're handy with Perl a scipt could do it for
you.

-Kevin


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On 
> Behalf Of Ronald James
> Sent: Tuesday, July 16, 2002 10:35 AM
> To: [EMAIL PROTECTED]
> Subject: Network Management Tools [7:48906]
> 
> 
> anyone knows there is network management tools would 
> providing reports on round trip delay between a central site 
> to several regional sites?  the reports must be presented in 
> hard copies or email format...
> 
> thank in advance !
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48922&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE written on resume? [7:48868]

[Chris Harshman]

George,

As someone who has been interviewing alot of candidates recently, I agree
with Peter's point completely.  Everyone I've ever interviewed with CCIE
written on their resume has been a waste of my time, and most of them
haven't done anything more to pursue the lab.  When I see that, it is a big
flashing red light that says grill this guy to make sure he knows what he
claims too, because they always go on to list every networking acronym and
buzz word (not to say this is you or anything, just my experience).  Out of
12 or so interviews, I ended up hiring a guy with no Cisco certs because he
could answer the techical questions regarding the technologies on his
resume.  If you have other Cisco certs on your resume, at some point in the
interview the question of pursuing the CCIE will come up.

And not that the written doesn't say something about a candidate, but almost
anyone can read the books and regurgitate them on a multiple choice exam. 
The written is a qualification exam, nothing more.

Chris Harshman
Sr. Systems Engineer
Northrop Grumman IT


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48924&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FAQ: Traffic Shaping (Multiple streams on a single interface) [7:48925]

[Jens von Bülow]

Greetings,

I am struggling to configure the ability to traffic shape 3 distinct traffic
streams over a single interface.

What I have is a 256Kb line to a client; the line is logically proportioned
into 3 channels

1) Support (64kb)
(IP addresses origination from internal network)

2) Backend database integration (64Kb)
(IP addresses originating from DMZ)

3) General Internet Traffic (128Kb)
(All other traffic)

What I am trying to achieve is to stop the "General" internet traffic
portion from killing the line and ensuring that the other streams have their
required bandwidth available to them at all times.

Any good pointers (and yes I have hunted the Cisco website, but I must be
missing something)

I look forward to your response.

Thanks & Regards
Jens




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48925&t=48925
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Where are the networking jobs? (was: question [7:48701]

[sam sneed]

I would hope the govt would be more eager to take care of its own unemployed
people before importing labor just because its slightly cheaper.
I'm curious where you got this info, because if its true, now would be a
good time to speak to our congressman and representatives. Not after we
import the labor. Let me know if you have a link to reputable site.


""Shaheen Gagan""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> IS this also true for CCIE 
> Are CCIE's finding any jobs ???
>
> What's the point and hype about all this
> grueling studies when there are no jobs
> out there 
>
> According to the news most major companies
> are hiring cheap labor with H1-B Visas.
> Who are working their butts off for 40K / yr.
>
> There is a big lobby in congress that wants
> to increse the H1-B visas by another 163,000
> a year ??
>
> Imagine this In this economy ??
> The govt is not for the people.its for the fortune 500.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48926&t=48701
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame Relay & multi site [7:48927]

[Kiddo Guy]

I have 3 sites that I need to connect together.  Telco has setup a port and
a single PVC for each site.  Basically you have the following diagram

Site A

  /\

   /  \

   Site B  Site C

It's basically a triangle with three circuits each going to each other. 
Telco has a single DLCI and built one PVC for each site.  So Site A would
have DLCI 1, Site B would have DLCI 2 and Site C would have DLCI 3.  How
would I configure it so that all three sites can talk to each other.  Would
it be using frame relay multipoint subinterface with two DLCIs define under
the subinterface.  Any comments would be appreciated.

Kid

 

 



-
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48927&t=48927
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Network Management Tools [7:48906]

[Ciaron Gogarty]

Netsaint may be an idea, it's a network monitoring tool and has some neat
abilities, plus it's free and runs quite will on linux.  It has the built in
ability to send e-mail/pager alerts.  It also would allow you to write
custom scripts to do just about anything.  Plus, it's a Web front end, so
you could make it available to anyone in the company, or just a few.

www.netsaint.org

Rgds,

Ciaron

-Original Message-
From: Kevin Stone [mailto:[EMAIL PROTECTED]]
Sent: 16 July 2002 17:01
To: [EMAIL PROTECTED]
Subject: RE: Network Management Tools [7:48906]


You can use SmokePing
(http://people.ee.ethz.ch/~oetiker/webtools/smokeping/index.en.html) or
MRTG with PingProbe (ftp://ftp.pwo.de/pub/pwo/mrtg/mrtg-ping-probe/) to
capture the data and create graphs, how you distribute it is up to you.
I don't know of anything that will print or email the reports directly
from the application. If you're handy with Perl a scipt could do it for
you.

-Kevin


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On 
> Behalf Of Ronald James
> Sent: Tuesday, July 16, 2002 10:35 AM
> To: [EMAIL PROTECTED]
> Subject: Network Management Tools [7:48906]
> 
> 
> anyone knows there is network management tools would 
> providing reports on round trip delay between a central site 
> to several regional sites?  the reports must be presented in 
> hard copies or email format...
> 
> thank in advance !
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48928&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN problem [7:48929]

[Semion Lisyansky]

Hi List,

I have problem with one of 2504 ISDN routers
in my home lab. I have two routers connected
to same line, and the second one working OK,
so the line is OK, when I got the router I
placed a calls between the routers, so the
hardware was OK, at least then.
The router just neither calls nor answer
incoming calls.

Here's relevant config:
interface BRI0
no ip address
encapsulation ppp
no keepalive
dialer pool-member 1
isdn switch-type basic-net3
cdapi buffers regular 0
cdapi buffers raw 0
cdapi buffers large 0
no cdp enable
!
interface Dialer1
ip address negotiated
encapsulation ppp
no keepalive
dialer pool 1
dialer idle-timeout 300
dialer string XX
dialer-group 1
!
dialer-list 1 protocol ip permit
!

Here's some debug output:

00:20:59: ISDN BR0: Outgoing call id = 0x8001, dsl 0
00:20:59: ISDN BR0: Event: Call to XX at 64 Kb/s
00:20:59: ISDN BR0: process_bri_call(): call id 0x8001, called_number 
XX, speed 64, call type DATA
00:20:59: CCBRI_Go Fr Host InPkgInfo (Len=22) :
00:20:59: 1 0 1 80 1 0 4 2 88 90 18 1 83 70 7 80 3X 3X 3X 3X 3X 3X
00:20:59:
00:20:59: CC_CHAN_GetIdleChanbri: dsl 0
00:20:59: Found idle channel B1
00:20:59: ISDN BR0: Activating
00:20:59: ISDN BR0 EVENT: isdn_sw_cstate: State = 4, Old State = 4
00:20:59: ISDN BR0: Recvd MPH_IIC_IND from L1.
00:21:01: ISDN BR0: Could not bring up interface
00:21:01: ISDN BR0: Shutting down ISDN Layer 3
00:21:01: ISDN BR0: Activating
00:21:01: ISDN BR0 EVENT: isdn_sw_cstate: State = 4, Old State = 4
00:21:01: ISDN BR0: LIF_EVENT: ces/callid 1/0x8001 HOST_DISCONNECT_ACK
00:21:01: ISDN BR0: Error: Unfound B-channel on Disconnect_Ack - callid 
0x8001
00:21:01: ISDN BR0: HOST_DISC_ACK Voice cid 0x8001 error no table entry to 
free
00:21:01: ISDN BR0: Recvd MPH_IIC_IND from L1.

Any sugggestions would be highly appreciated.

--
Semion Lisyansky


_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48929&t=48929
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCO CD-Rom [7:48931]

[Mark Godfrey]

Can someone help me find the latest and greatest  version for the CCIE Lab
test.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48931&t=48931
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Best Path [7:48932]

[Mark Godfrey]

Could someone share a memory aid for the BGP best path selection process?
Like the old: Never Eat Sour Watermelons to remember the points on a
compass. Going down for the ccie written tomorrow.

Thanks,

MG




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48932&t=48932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

TCP timeout question [7:48934]

[sam sneed]

Lets say we have host  A 22.12.12.12 and host B 99.99.99.99. Host B is a
server listening on port 3055. Host A connects to the server B and sends
data.  Now neither host A or B send anything to each other for 1 hour. Is
the connection still there? Is there a timeout for the connection? I do not
see anything in the RFC's about keepalives for TCP connections, so how would
Host B know the difference between host A not sneding data for a long time
or host A crashes?
If I unplug the power on host A while the TCP connection is up and leave it
unplugged for a week and will the server still have the the connection in
its tables when I do a netstat -an? I doubt it, so I figure the server must
have its own timeout on idle connections?

Anyone known any real values for these timeouts for various OS's?

Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48934&t=48934
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Network Management Tools [7:48906]

[John Golovich]

What I have set up is, a shell script running FTP.  
Every hour it FTPs a large file and parses out the
data I need, sending email if the time is showing some
congestion. 


> > 
> > 
> > anyone knows there is network management tools
> would 
> > providing reports on round trip delay between a
> central site 
> > to several regional sites?  the reports must be
> presented in 
> > hard copies or email format...
> > 
> > thank in advance !
> > Report misconduct 
> > and Nondisclosure violations to
> [EMAIL PROTECTED]
>
**
> This email and any files transmitted with it are
> confidential and
> intended solely for the use of the individual or
> entity to whom they
> are addressed. If you have received this email in
> error please notify
> the system manager.
> 
> This footnote also confirms that this email message
> has been swept for the
> presence of computer viruses.
> 
> For more information contact [EMAIL PROTECTED]
> 
> phone + 353 1 4093000
> 
> fax + 353 1 4093001
> 
>
**
> [EMAIL PROTECTED]
> 
> 


__
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48933&t=48906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE written on resume? [7:48868]

[jeff sicuranza]

>From experience speaking

I put my COMPLETED certifications on the resume. On the cover email I do
list some of the certs. NP/DP etc.. but I also put CCIE(lab candidate). To
just show that I am pursuing it.  I do not need the IE, the resume speaks
for itself so when potential clients ask, I am doing if for the challenge,
and it shows I continue to train and invest in myself. It is fun but
somewhat boring going over the legacy stuff I haven’t touched in years. I
will probably get my butt kicked in the lab soon but so what. My track
record is all that really matters.



As for the newbie or Jr./Mid level person working his/her way up listing it
this way is an honest and helpful method since the recruiting agencies or HR
search engines pick up(sort) your resume by buzz words.

For companies willing to take on a JR level person who is at least a lab
candidate you do not want to be missed.

There are some job reqs. that state this ”CCIE or lab candidates apply”
especially for FT opportunities from a VAR or systems integrator. Better for
them to hire someone already with the written passed and some experience and
help sponsor them for the lab and potentially helping the VAR out in partner
status as apposed doing this from the start. Why miss out on these potential
opportunities for long term career growth if you are passed over because of
a stupid buzz word search...

Just be honest with yourself and you should be fine. If you get grilled by
some lazy prima donna who has been in the same position forever just roll
with it and learn from the experience…

I remember doing just this when I was a CNE ten years ago and I needed to
hire staff for projects temp or perm. I stated any CNE candidates welcomed.
This worked well depending on the role and I met/hired some good folks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48935&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ip unnumbered [7:48894]

[Priscilla Oppenheimer]

Chuck wrote:
> 
> recall that the link between you and whomever is a two host
> network. 

And I would add to that, recall that the link is just a transit for
end-to-end traffic. With the exception of network management, it doesn't
matter what the network-layer addressing is on that link. It carries
host-to-host traffic which is identified by the network-layer addresses of
the end hosts.

What I'm trying to get at is that you may be concerned because of a common
misconception that the network-layer addressing changes from hop-to-hop,
which it doesn't. (If you're studying for CCIE, then of course you wouldn't
have that micsonception, but I don't know how far you are in your studies
yet. :-)

Now, network management is a concern, however. If your serial interface is
unnumbered, you can't ping it or send it SNMP messages. With those
functions, the serial port acts as an end host and must have a network-layer
address. That's the tradeoff. As Chuck says, it's common practice to use
unnumbered with static and default routing pointing to the interface,
however. So many people take the tradeoff. Even though you can't ping the
serial interface, you can still get a lot of info from it with the show
interface command.



Priscilla Oppenheimer
http://www.priscilla.com



> if you
> were numbering, you would most likely use a /30. even when
> connecting to the
> internet, this link need not use public IP space. Your ISP is
> most likely
> using a static route to you, and you in turn are using a static
> route to
> them.
> 
> them: ip route "your public space" out interface X
> 
> You: ip route 0.0.0.0 0.0.0.0 interface Y
> 
> this is a regular practice.
> 
> IP unnumbered is even better, because then no one has to commit
> to or agree
> upon address, and no one has to waste public space.
> 
> Usually, you would number your ethernet port with a public
> number, and you
> would use an ip unnumbered off that publicly addressed
> interface.
> 
> HTH
> 
> 
> 
> ""richard dumoulin""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hey guys,
> > I have to connect a Cisco router to the internet (Worldcom)
> and I was told
> > the following "If your router is a CISCO model, then there is
> no
> > need to assign actual IP addresses to the WAN serial
> > interfaces since CISCO's un-numbered technology can
> > be employed". Does this mean that I can configure IP
> unnumbered ethernet0
> or
> > loopback0 (with one of them having a routable IP address) and
> so I must
> > configure ppp encap on the serial ??
> >
> > I am a bit confused, thx for your help !!
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48936&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Re: BGP Best Path [7:48932]

[John Neiberger]

People need a saying to remember four directions??   ;-)

>>> "Mark Godfrey"  7/16/02 11:04:48 AM >>>
Could someone share a memory aid for the BGP best path selection
process?
Like the old: Never Eat Sour Watermelons to remember the points on a
compass. Going down for the ccie written tomorrow.

Thanks,

MG




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48937&t=48932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Another CCNP is born... [7:48870]

[John Neiberger]

Congratulations!  Good luck on the CCDA and CSS1.

Regards,
John

>>> "Mark W. Odette II"  7/15/02 6:30:39 PM
>>>
Well, after many months of off-and-on studying as work would permit, I
finally passed the Support exam to complete the CCNP chapter in my
Cisco
Career Certification saga.

For those preparing for it, let me warn that it is not an easy exam.
It's not that the technologies tested on are hard to learn, but rather
the ambiguous questions posed to test your knowledge. There are more
than a few questions that had me scratching my head and saying to
myself
"Huh!?!?"

My advice... if you don't get to work with some of the technologies on
a
regular basis, then based on the Test outline on CCO, read up on more
than one study source multiple times until you are dreaming of what
does
what and how to tell what from what.

IF that isn't ambiguous enough... Gotta love the Cisco NDA.

Any way, I'm now off to study the CCDA and CSS1 concurrently :-)

Good luck to all those planning to take the Support exam in the near
future... it's one nasty exam.


Oh, I must also give thanks to all that have posted on this forum for
the last 2 years I've been faithfully monitoring it.  All of your
input
has been quite valuable.

If you want a nice alternative to the Boson Exams for this test... I
would highly recommend CCXXProductions.com! Their study materials are
top notch... Not to mention their support staff for updates.

Cheers!
Mark Odette II
CCNP, MCSE (2K & 4.0), A+ Certified.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48902&t=48870
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CIPT Boson tests [7:48617]

[SF]

Thanks a lot Vance.

Regards
Sonal


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48901&t=48617
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CID Exam 3.0 [7:48839]

[Dan Penn]

Thanks for the heads up Bernard, I hadn't even looked at the outline
lately.  Any ideas as when this all changed approximately?  Well I might
be doing CID a lot sooner now that I don't have to worry about SNA.

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Bernard
Sent: Monday, July 15, 2002 12:46 PM
To: [EMAIL PROTECTED]
Subject: RE: CID Exam 3.0 [7:48839]

Cisco has made changes to its CID objectives. The following is the
updated link: 

http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_
exams/640-025.html

 
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_
exams/640-025.html 

IPX, AppleTalk, SNA and Stratacom questions have been removed from the
objectives.

HTH,

Bernard Omrani
Author of Boson practice tests
 



 

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> Dan Penn
> Sent: Monday, July 15, 2002 10:01 AM
> To: [EMAIL PROTECTED]
> Subject: RE: CID Exam 3.0 [7:48839]
> 
> Check out the outline on CCO.  As far as I know SNA, IPX, and
Applecrap,
> I mean I talk, are still there for CID.
> 
> Dan
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> suaveguru
> Sent: Monday, July 15, 2002 9:53 AM
> To: [EMAIL PROTECTED]
> Subject: CID Exam 3.0 [7:48839]
> 
> hi anyone knows what I should emphasize for the CID
> exam ? Should I drop SNA , appletalk? What should I
> concentrate on
> 
> 
> thanks
> 
> suaveguru
> 
> __
> Do You Yahoo!?
> Yahoo! Autos - Get free new car price quotes
> http://autos.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48880&t=48839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix internal access [7:48886]

[eo]

Hmm.. that didn't seem to work. 

The thing is, internal users have connections to two different networks. One 
network is an ipsec tunnel. This tunnel works grand. I can do any ip over 
that link. The other link is just to the internet. To avoid (maybe) some 
confusion, I will use the term I am familiar with as NAT. So loosers like me 
who don't have a /* can access the internet and piss my isp off at the same 
time :) At current, nothing is wrong with my config in this regard. What I 
want is one of my rfc1918 hosts's web servers to be accessable to the public 
internet. To do this there has to be some sort of reverse translation. Pix's 
are awful awkward at such a task. I'm used to using cisco routers with 
overload port mappings, but now I'm given a pix to fiddle with. 

So, when I try any of the commands publicly available, it totally kills my
NAT
to the internet (That should be illegal!) and it also Denies my ipsec protos.
I've tried quite a few different commands for this, static backwards, 
forwards, ACLs and conduits in all sorts of arrangments.

To clarify things, I will paste my config in this email and I appologize for 
the long email in advance but I hope it will help to see what I'm doing.
This config is sans static and acls for it (otherwise you wouldn't see this 
email at all)

note: Host that is to be used as a www server is 10.251.35.5
(Watch the wrap)


: Saved
: Written by enable_15 at 15:16:02.285 UTC Tue Jul 2 2002
PIX Version 6.2(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password FlkeSLjlkjRjskF encrypted
passwd kl3kmFKekCskE encrypted
hostname eo
domain-name ciscophile.org
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
access-list 101 permit ip 10.251.35.0 255.255.255.0 10.7.0.0 255.255.255.0
access-list 101 permit ip 10.251.35.0 255.255.255.0 10.4.0.0 255.255.0.0
pager lines 24
logging on
logging console debugging
logging monitor debugging
logging buffered debugging
logging trap debugging
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside pppoe setroute
ip address inside 10.251.35.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list 101
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
conduit permit icmp any any
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00
sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
http server enable
http 10.251.35.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
no sysopt route dnat
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto map newmap 10 ipsec-isakmp
crypto map newmap 10 match address 101
crypto map newmap 10 set peer 6.6.6.6
crypto map newmap 10 set transform-set myset
crypto map newmap interface outside
isakmp enable outside
isakmp key d8kk4k.4e address 6.6.6.6 netmask 255.255.255.255
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
telnet 10.0.0.0 255.0.0.0 outside
telnet 10.251.35.0 255.255.255.0 inside
telnet timeout 30
ssh 10.251.35.0 255.255.255.0 inside
ssh timeout 5
vpdn group pppoe_group request dialout pppoe
vpdn group pppoe_group localname [EMAIL PROTECTED]
vpdn group pppoe_group ppp authentication pap
vpdn username [EMAIL PROTECTED] password m0r0n
dhcpd address 10.251.35.11-10.251.35.42 inside
dhcpd dns 10.4.2.22 207.69.188.185
dhcpd wins 10.4.2.1 10.4.2.29
dhcpd lease 292000
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80



Thanks again for the intrest.
eo

On Tuesday 16 July 2002 03:56 am, Ciaron Gogarty wrote:
> Hi,
>
> Assuming you only have one IP on the external interface try the following
>
> Global (outside) 10 interface
> Nat (inside) 10 0 0
> static (inside,outside) tcp interface www  www
> netmask 255.255.255.255
>
> access-list out-in permit tcp any host  eq www
>
> Of course this would be to allow people on the Internet to access a WWW
> server on the external IP address, which is your single routable IP.
>
> But it sounds like the trouble your having is with user's reaching your web
> server over a vpn tunnel??  Is this correct?  If so I would suspect you
> haven't got a "NAT 0" statement to not nat packets from your web server to
> the far side of the tunnel...  basically, without seeing your conf

Boson CSPFA [7:48905]

[SF]

Hi,

Does anybody know which exam set is good on Boson for CSPFA(Pix) exam out of
1,2 & 3.

Thanks
SF


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48905&t=48905
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Another CCNP is born... [7:48870]

[John McCartney]

Congrats Mark, and thanks for the warning. I'm planning on taking it as soon
as my schedule allows me too.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48939&t=48870
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE written on resume? [7:48868]

[G Z]

Thanks all for the constructive response, these where the kind of answers
that I needed.
  George Zutaut


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48938&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TCP timeout question [7:48934]

[Priscilla Oppenheimer]

sam sneed wrote:
> 
> Lets say we have host  A 22.12.12.12 and host B 99.99.99.99.
> Host B is a
> server listening on port 3055. Host A connects to the server B
> and sends
> data.  Now neither host A or B send anything to each other for
> 1 hour. Is
> the connection still there? Is there a timeout for the
> connection? I do not
> see anything in the RFC's about keepalives for TCP connections,

The TCP RFC doesn't include keepalives, as you say. But some implementations
use them. It's actually a controversial issue. Some protocol experts
consider it a bad feature. It can cause an otherwise good connection to be
terminated due to a temporary problem.

The host requirements RFC, RFC 1112, says that implementations may implement
a TCP keepalive but it must default to off. There's an entire discussion of
it in section 4.2.3.6 of that RFC. Keepalive packets are sent when no data
or acknowledgement packets have been received for the connection within an
interval. This interval must be configurable and must default to no less
than two hours.

BSD UNIX has a tcp_keepidle variable which is the number of 500-ms clock
ticks before sending a keepalive probe. I'm not sure about recent versions,
but the default value used to be 14,400 (2 hours). Changing this would
affect all TCP sessions that are using the keepalive function.

I think I've seen a lot of implementations that have the keepalive set to
much shorter than 2 hours, even though the RFC says it shouldn't be shorter.
I know I've seen implementations repeatedly resend the previous sequence
number with no data, which is what a keepalive looks like, before two hours
have elapsed.

An application can do its own application-layer probing of the connection,
of course, and that's less controversial. For example, BGP sends its own
keepalive every 60 seconds. An application can also make sure that
connections don't stay open unnecessarily by cleanly closing the connection
with FINs or by sending a RESET. A lot of HTTP servers send resets, for
example.

So that's some info. Not all the pieces of the puzzle. I hope someone else
will know more about other specific operating systems and application timers.

Good question! Thanks.



Priscilla Oppenheimer
http://www.priscilla.com
 


> so how would
> Host B know the difference between host A not sneding data for
> a long time
> or host A crashes?
> If I unplug the power on host A while the TCP connection is up
> and leave it
> unplugged for a week and will the server still have the the
> connection in
> its tables when I do a netstat -an? I doubt it, so I figure the
> server must
> have its own timeout on idle connections?
> 
> Anyone known any real values for these timeouts for various
> OS's?
> 
> Thanks.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48940&t=48934
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TAR Files in Windows [7:48904]

[Dan Penn]

Try WinRAR from www.rarlabs.com 

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
John Neiberger
Sent: Tuesday, July 16, 2002 8:17 AM
To: [EMAIL PROTECTED]
Subject: OT: TAR Files in Windows [7:48904]

I'm looking for a Windows program that can create a .tar file comprised
of files from an NT file system to be transferred to a Solaris box. 
WinZip can open .tar files but it can't create them.

Is there some other product similar to WinZip that can create .tar
files?

Thanks!
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48917&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ip unnumbered [7:48894]

[Lupi, Guy]

Comments inline:

*-Original Message-
*From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
*Sent: Tuesday, July 16, 2002 1:32 PM
*To: [EMAIL PROTECTED]
*Subject: Re: ip unnumbered [7:48894]
*
*
*Chuck wrote:
*> 
*> recall that the link between you and whomever is a two host
*> network. 
*
*And I would add to that, recall that the link is just a transit for
*end-to-end traffic. With the exception of network management, 
*it doesn't
*matter what the network-layer addressing is on that link. It carries
*host-to-host traffic which is identified by the network-layer 
*addresses of
*the end hosts.
*
*What I'm trying to get at is that you may be concerned because 
*of a common
*misconception that the network-layer addressing changes from 
*hop-to-hop,
*which it doesn't. (If you're studying for CCIE, then of course 
*you wouldn't
*have that micsonception, but I don't know how far you are in 
*your studies
*yet. :-)
*
*Now, network management is a concern, however. If your serial 
*interface is
*unnumbered, you can't ping it or send it SNMP messages. With those
*functions, the serial port acts as an end host and must have a 
*network-layer
*address. That's the tradeoff. As Chuck says, it's common 
*practice to use
*unnumbered with static and default routing pointing to the interface,
*however. So many people take the tradeoff. Even though you 
*can't ping the
*serial interface, you can still get a lot of info from it with the show
*interface command.

As Priscilla states, a ping monitor wouldn't work for the serial interface,
but you can still poll the router via SNMP using a loopback or other
interface network layer address for the status of the unnumbered interface.
So if your monitoring system is using the output of the SNMP interface
status, you can still monitor the interface.

*
*
*
*Priscilla Oppenheimer
*http://www.priscilla.com
*
*
*
*> if you
*> were numbering, you would most likely use a /30. even when
*> connecting to the
*> internet, this link need not use public IP space. Your ISP is
*> most likely
*> using a static route to you, and you in turn are using a static
*> route to
*> them.
*> 
*> them: ip route "your public space" out interface X
*> 
*> You: ip route 0.0.0.0 0.0.0.0 interface Y
*> 
*> this is a regular practice.
*> 
*> IP unnumbered is even better, because then no one has to commit
*> to or agree
*> upon address, and no one has to waste public space.
*> 
*> Usually, you would number your ethernet port with a public
*> number, and you
*> would use an ip unnumbered off that publicly addressed
*> interface.
*> 
*> HTH
*> 
*> 
*> 
*> ""richard dumoulin""  wrote in message
*> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
*> > Hey guys,
*> > I have to connect a Cisco router to the internet (Worldcom)
*> and I was told
*> > the following "If your router is a CISCO model, then there is
*> no
*> > need to assign actual IP addresses to the WAN serial
*> > interfaces since CISCO's un-numbered technology can
*> > be employed". Does this mean that I can configure IP
*> unnumbered ethernet0
*> or
*> > loopback0 (with one of them having a routable IP address) and
*> so I must
*> > configure ppp encap on the serial ??
*> >
*> > I am a bit confused, thx for your help !!
*> 
*> 
*
*
*
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48942&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: IP v8 [7:48943]

[John Neiberger]

This has been around before but I just ran across it again.  It's still
kinda funny...

http://ipv8.vrx.net/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48943&t=48943
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE written on resume? [7:48868]

[Frank Jimenez]

One thing that I've seen that works well is to list that you are
scheduled to take the CCIE lab on xx/xx/.  That lets a prospective
employer know that you are at least scheduled.

Frank Jimenez, CCIE #5738
[EMAIL PROTECTED]



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
G Z
Sent: Monday, July 15, 2002 6:28 PM
To: [EMAIL PROTECTED]
Subject: CCIE written on resume? [7:48868]


I am persuing the written portion of the CCIE. I want to put this on my
resume when the test is passed but it is not a certification in itself.
There is no logical reason not to put it there as it shows additional
knowledge and that is what the resume is for. But awhile back I think
this topic was discussed but don't remember the particulars (I was not a
CCNA at the time even). It seems to be like saying that you don't have a
degree but have completed some college. Also where would this go on a
resume? Any input would be appreciated. Thanks,
   George Zutaut




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48911&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Collision Detecting [7:48830]

[Priscilla Oppenheimer]

[EMAIL PROTECTED] wrote:
> 
> Question:
> 
> I am just going to generalise here. Lets take just one port of
> a switch or
> one collision domain since that's what switches do.
> 
> If we run 10 or 100 Half Duplex to a switch ... Is there a
> chance of a
> collision occuring? 

Yes. 

> If we then run 10 or 100 Full Duplex to a switch ... Is there a
> chance of a
> collision occuring, besides late collisions, etc.

No, collisions have no meaning in full duplex.

> 
> From what I have read (or remember to have read): 
> When we run in full duplex we have seperate TX/RX wire pairs
> i.e the TX pair
> on one side is wired to the RX pair on the other side and vice
> versa...

Well, I see you have gotten some good basic answers, but I'm going to make
you do some more thinking and generalize even more than you already have.
;-) The TX is always wired to the RX on the other side . Transmit has to be
converted to receive or there's no point in doing networking at all! Either
a hub or switch better do this. If not, then you better use a cross-over
cable.

What makes full duplex different is that receiving on your RX circuit (which
is the other side's TX circuit) is OK. With old-style Ethernet, receiving
while you were sending was a collision. Only one station could send at a time.

What you actually read is that for full duplex to work each side must have a
dedicated TX and RX circuit. The point of that statement is that full duplex
doesn't work on coax cable. Coax cable has a single copper core that is used
by all stations on the bus for both TX and RX.

> hence there should be no collisions and that's why there is no
> collision
> detection mechanism in 100MB ... Right? 

As Michael said, what you mean to say is that there's no collistion
detection on full duplex. 100 Mbps supports both half and full. So does 10
Mbps.

> 
> But the reason I ask this, is that yesterday I had a problem
> with a NIC, and
> the options I had listed in the NIC Device Driver Software was
> this: 100Mb
> Half Duplex.  I thought 100Mb could only run in full duplex?
> However when we
> run Half Duplex, the TX/RX occurs on then same wire pair so how
> does 100Mb

No, when you run half duplex in a 10Base-T environment with twisted pair
cabling, each side still has its own TX pair, (which is RX on the other
end). But receiving while sending is a collision.

> Half Duplex work if there is no collision detection mechanism
> for 100Mb?

100 Mbps supports collision detection. It's just disabled when full duplex
is used.

Priscilla


> 
> Of course I could be completely wrong?
> 
> Thanks
> Manish
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48944&t=48830
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

running Realserver behind PIX to server realplayer in the [7:48909]

[Magdy H. Ibrahim]

Hi all,

I have internal LAN behind my PIX firewall with 6.0(1)...
My realserver8.0 installed in the internal LAN . I need to allow the outside
users using real player to access and run videos and movies...
My PIX conf.as the following:

fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
no fixup protocol skinny 2000
fixup protocol rtsp 554
fixup protocol rtsp 8554
!
static (inside,outside) 62.32.20.15 10.0.10.1 netmask 255.255.255.255 0 0
conduit permit tcp host 62.32.20.15 eq 554 any
conduit permit tcp host 62.32.20.15 eq www any
conduit permit tcp host 62.32.20.15 eq 7070 any
conduit permit tcp host 62.32.20.15 eq 4040 any
conduit permit udp host 62.32.20.15 eq 554 any
conduit permit udp host 62.32.20.15 eq www any
conduit permit udp host 62.32.20.15 eq 7070 any
conduit permit udp host 62.32.20.15 eq 4040 any


are there any extra commands I need to add to allow the outside users to
access and run the movies and clips which running on the Internal real
server 8.0
Please help


Best regards,,
Magdy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48909&t=48909
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: TAR Files in Windows [7:48904]

[[EMAIL PROTECTED]]

Try using the tar that comes with cygwin.

HTH

Dom Stocqueler




   
   
"John
Neiberger"
  
cc:
Sent by: Subject: OT: TAR Files
in Windows [7:48904]
   
[EMAIL PROTECTED]
   
   
   
   
16/07/2002 03:16
PM
Please respond
to
"John
Neiberger"
   
   
   
   




I'm looking for a Windows program that can create a .tar file comprised
of files from an NT file system to be transferred to a Solaris box.
WinZip can open .tar files but it can't create them.

Is there some other product similar to WinZip that can create .tar
files?

Thanks!
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48912&t=48904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Need Cheap ATM Switch [7:48945]

[Terry Hines]

I am in need of suggestions on which device to purchase for atm in my home
lab. I have read ls 100 is a good choice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48945&t=48945
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: enquiry on CCNP 2.0 expiration--urgent! [7:48873]

[Johnny Routin]

You can take the 3.0 exam to complete your CCNP but you will be CCNP 2.0
certified, not that there's anything wrong with that.

JR


""Sim, CT (Chee Tong)""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> I had completed my CCNP support 2.0, Remote Access 2.0, Switching 2.0.
When
> I want to register for CCNP routing just now, the telephone operator told
me
> the CCNP 2.0 routing exam is expiring and I can only take CCNP routing
3.0.
> I am very sad and worry.  I want to know if I want to be a CCNP , how many
> exam that I have to take, just the Routing 3.0 or I have to take the four
> more paper--routing 3.0, Remote Access 3.0, Switching 3.0, support 3.0.
>
> Besides, if they allow me to get my CCNP with just taking one more paper
> routing 3.0.  The CCNP that I get is CCNP 2.0 or CCNP 3.0
>
> Please help
>
> CT
>
> ==
> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
> is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
> onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
> de afzender direct te informeren door het bericht te retourneren.
> ==
> The information contained in this message may be confidential
> and is intended to be exclusively for the addressee. Should you
> receive this message unintentionally, please do not use the contents
> herein and notify the sender immediately by return e-mail.
>
>
> ==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48913&t=48873
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IP unnumbered [7:48894]

[Casey, Paul (6822)]

Depending what your provider is selling you, 
If the provider offers you an IP address for the WAN take, it as it makes
things easier to troubleshoot.

You usually use IP unnumbered on point to point links where the traffic
doesn't need to use the address because it is point to point and can really
go anywhere else.Or in here used for dial in connections for ISDN, where the
dial in client dials the number of the router and is assigned IP addresses
from dial in pool, and the WAN interface is referenced using a unnumbered
loopback 0

If you are dialing to your provider, you can use the  IP negotiate on the
wan interface, and  when you dial your provider he assigned you the address
dynamically and you can NAT of this, ( This is a clever solution).. its
called "easy IP"

Kind regards.
 



> -Original Message-
> From: Lupi, Guy [SMTP:[EMAIL PROTECTED]]
> Sent: 16 July 2002 15:38
> To:   [EMAIL PROTECTED]
> Subject:  RE: ip unnumbered [7:48894]
> 
> You can use ip unnumbered with or without PPP, depending on how your
> provider is set up.  You would just use ip unnumbered to the ethernet port
> or to a loopback interface, whichever you prefer, I prefer the loopback.
> 
> *-Original Message-
> *From: richard dumoulin [mailto:[EMAIL PROTECTED]]
> *Sent: Tuesday, July 16, 2002 5:32 AM
> *To: [EMAIL PROTECTED]
> *Subject: ip unnumbered [7:48894]
> *
> *
> *Hey guys,
> *I have to connect a Cisco router to the internet (Worldcom) 
> *and I was told
> *the following "If your router is a CISCO model, then there is no
> *need to assign actual IP addresses to the WAN serial
> *interfaces since CISCO's un-numbered technology can
> *be employed". Does this mean that I can configure IP 
> *unnumbered ethernet0 or
> *loopback0 (with one of them having a routable IP address) and so I must
> *configure ppp encap on the serial ??
> *
> *I am a bit confused, thx for your help !! 
> *
> *


This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48910&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CIPTSS [7:48946]

[Lan Wong]

Hi Group,

After recently passing my CCIE Written Exam, I am planning to take three 
months to complete the CIPTSS certification. I have reviewed Cisco's website 
and went through the recommended list of books. However, I am surprised to 
see the low rating on these books on Amazon.com.
Could someone that is currently pursuing or finished this cert. recommend 
the list of books and equipments required for the CIPTSS.

TIA,

LW



_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48946&t=48946
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Voice of IP / Frame-Relay and remote labs [7:48947]

[Pierre-Alex Guanel]

I am about to start studying Voice topics for the CCIE lab 

How does one test that a call has actually been placed succesffuly when
doing remote-labs? Or maybe this is not possible and you actually have to
buy the gears to see the stuff working ...

I bet you would neeed some type of robot to pickup the phone  (just
kidding).

Thanks,

Pierre-Alex


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48947&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE written on resume? [7:48868]

[Eric Rogers]

I'll second that approach...

-Eric

- Original Message -
From: "Frank Jimenez" 
To: 
Sent: Tuesday, July 16, 2002 7:56 AM
Subject: RE: CCIE written on resume? [7:48868]


> One thing that I've seen that works well is to list that you are
> scheduled to take the CCIE lab on xx/xx/.  That lets a prospective
> employer know that you are at least scheduled.
>
> Frank Jimenez, CCIE #5738
> [EMAIL PROTECTED]
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> G Z
> Sent: Monday, July 15, 2002 6:28 PM
> To: [EMAIL PROTECTED]
> Subject: CCIE written on resume? [7:48868]
>
>
> I am persuing the written portion of the CCIE. I want to put this on my
> resume when the test is passed but it is not a certification in itself.
> There is no logical reason not to put it there as it shows additional
> knowledge and that is what the resume is for. But awhile back I think
> this topic was discussed but don't remember the particulars (I was not a
> CCNA at the time even). It seems to be like saying that you don't have a
> degree but have completed some college. Also where would this go on a
> resume? Any input would be appreciated. Thanks,
>George Zutaut




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48949&t=48868
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Need Cheap ATM Switch [7:48945]

[Bernard]

Terry,

You should buy an ATM switch based on your objectives.
If you want to do SVC and PVC auto-discovery, you need a LS-1010
If you want to do PVC, SVC, but no auto-discovery, you can go for LS100.
If you want to confine yourself to PVC only with no auto-discovery and
no SVC, you might as well go for a back to back cable and no switch at
all.  

Please note that you are NOT required to configure the ATM switch in the
CCIE lab. 

HTH.

Bernard 
 


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> Terry Hines
> Sent: Tuesday, July 16, 2002 12:28 PM
> To: [EMAIL PROTECTED]
> Subject: Need Cheap ATM Switch [7:48945]
> 
> I am in need of suggestions on which device to purchase for atm in my
home
> lab. I have read ls 100 is a good choice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48950&t=48945
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP with 2600 Router [7:48709]

[Gaz]

On a similar subject - Is it possible to use a destination-pattern of for
instance 70 (no wild cards or anything) and still get it to work. The reason
for this is to allow users to phone the operator of another site using just
the trunk code and a "0".
As it is the router comes back with something like 'no number to dial' even
when used with prefix 70, because there is nothing except the
destination-pattern.

Basically the destination-pattern needs to be the full number.

Hope I've explained myself well enough.

Please excuse the VoIP newbie.


Gaz


""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'd do some dubugs like "debug voice ccapi inout" to see what numbers are
> being sent to the PBX and across the IP call leg (on both sides).
>
> I'd also try to validate your dialing plan by doing a "show dialplan
number
> (DN you wish to test)" to see whci dial-peer the router thinks it should
be
> using.
>
> Finally check for codec mismatches, missing routes in the routing table
> etc..
>
>
>
> ""Firesox""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Site A
> > voice-card 1
> > !
> > ip subnet-zero
> > no ip source-route
> > no ip finger
> > !
> > lane client flush
> > !
> > !
> > controller T1 1/0
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-wink-start
> >  cas-custom 1
> > !
> > !
> > voice-port 1/0:1
> >  operation 4-wire
> > !
> > !
> > dial-peer voice 1 pots
> >  destination-pattern 370..
> >  port 1/0:1
> >  prefix 370
> > !
> > dial-peer voice 10 voip
> >  destination-pattern 79..
> >  session target ipv4:1.1.1.2
> > !
> > dial-peer voice 2 pots
> >  destination-pattern 374..
> >  port 1/0:1
> >  prefix 374
> > !
> > !
> > interface FastEthernet0/0
> >  bandwidth 1
> >  ip address x.x.x.x x.x.x.x
> >  speed 10
> >  full-duplex
> > !
> > interface Serial0/0
> >  bandwidth 1536
> >  ip address 2.2.2.2 255.255.255.252
> >  no fair-queue
> >  down-when-looped
> > !
> > ip classless
> > ip route 0.0.0.0 0.0.0.0 Serial0/0
> > 
> > Site B
> >
> > voice-card 1
> > !
> > ip subnet-zero
> > no ip source-route
> > !
> > lane client flush
> > !
> > !
> > controller T1 1/0
> >  framing esf
> >  linecode b8zs
> >  ds0-group 1 timeslots 1-24 type e&m-wink-start
> >  cas-custom 1
> > !
> > !
> > voice-port 1/0:1
> >  operation 4-wire
> > !
> > !
> > dial-peer voice 1 pots
> >  destination-pattern 79..
> >  port 1/0:1
> >  prefix 79
> > !
> > dial-peer voice 10 voip
> >  destination-pattern 370..
> >  session target ipv4:2.2.2.2
> > !
> > dial-peer voice 11 voip
> >  destination-pattern 374..
> >  session target ipv4:2.2.2.2
> > !
> > !
> > interface FastEthernet0/0
> >  ip address x.x.x.x x.x.x.x
> >  duplex auto
> >  speed auto
> > !
> > interface Serial0/0
> >  bandwidth 1544
> >  ip address 1.1.1.2 255.255.255.252
> >  no ip mroute-cache
> >  no fair-queue
> > !
> > ip classless
> > ip route 0.0.0.0 0.0.0.0 1.1.1.1
> > no ip http server




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48951&t=48709
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TFTP Server [7:48763]

[Gaz]

I agree - Pumpkin.
Every one of our engineers use it now and never heard of a problem.
Also supports multiple simultaneous TFTP - not sure if this is a feature of
others or not. don't suppose it's that much of a selling point, but the
reliability is.


Gaz

""Charles D Hammonds""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I really like PumpKIN found at:
>
> http://www.klever.net/kin/pumpkin.html
>
>
> Charles
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, July 14, 2002 7:39 AM
> To: [EMAIL PROTECTED]
> Subject: TFTP Server [7:48763]
>
>
> I have a cisco TFTP Server v 1.1, It is creating some problems
> with my XP Machine.
>  Is there a better TFTP Server or is there a better Version
> Available.
>
>   Regards,
>
> Muhammad Usman
> Network Engineer
> al Alamiah Electronics Co.
> Network Section
> www.alamiah.com.sa
> Tel. : (+966-1) 477 0106
> Fax. : (+966-2) 477 7629
> Mob. : (+966-5) 301 4903
> P.O. Box 5954, Riyadh 11432
> Kingdom of Saudi Arabia.
>
> ~~The End-to-End Networkers~~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48952&t=48763
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Priscilla Oppenheimer]

Pierre-Alex Guanel wrote:
> 
> I am about to start studying Voice topics for the CCIE lab 
> 
> How does one test that a call has actually been placed
> succesffuly when doing remote-labs? Or maybe this is not
> possible and you actually have to buy the gears to see the
> stuff working ...
> 
> I bet you would neeed some type of robot to pickup the phone
>  (just kidding).

Like an answering machine?! ;-) Seriously, I have heard lab designers
discuss that as a serious option.

The other option is various debug and show commands, that hopefully someone
else remembers

Priscilla


> 
> Thanks,
> 
> Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48953&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Bernard]

Hi Alex,

Here is what you do:
Hook up a modem to the router's voice port. Then hook the serial
interface of the modem to the aux interface of that same router / or to
another line on the termserver.

That way a user can have console access to the modem and will visually
see a 
RING on the screen.
HTH

Bernard Omrani



> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 16, 2002 12:53 PM
> To: [EMAIL PROTECTED]
> Subject: Voice of IP / Frame-Relay and remote labs [7:48947]
> 
> I am about to start studying Voice topics for the CCIE lab
> 
> How does one test that a call has actually been placed succesffuly
when
> doing remote-labs? Or maybe this is not possible and you actually have
to
> buy the gears to see the stuff working ...
> 
> I bet you would neeed some type of robot to pickup the phone 
(just
> kidding).
> 
> Thanks,
> 
> Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48954&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TCP timeout question [7:48934]

[sam sneed]

Someone sent me this link which I think was helpful:
http://www.sean.de/Solaris/soltune.html#common

I will have to do more research.
The problem I need to solve:

My firewall keeps connections in its state table for 1 hour. So after one
hour if you did a netstat on each host the connection appears up. But when
host A sends data to host B, the firewall silently drops the packet. Host A
will keep resending and its packets will get dropped. Host A times out and
closes its socket.   Host B nevers receives the FIN and it still shows the
connection is up according to netstat. This is a pain because I have to
constantly reeastblish connections between host A and B.I'd like to raise
the timeout on my server to a lower value and maybe bump up the timeut value
on the firewall to a higher value. I will do my research and post a summary
since I've similiar types of posts in the past without complete explanations

FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TFTP Server [7:48763]

[Bolton, Travis D]

I use the Solarwinds TFTP server and have never had a problem with it
either.  I also like the pumpkin tftp version as well.

-Original Message-
From: Gaz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 3:24 PM
To: [EMAIL PROTECTED]
Subject: Re: TFTP Server [7:48763]


I agree - Pumpkin.
Every one of our engineers use it now and never heard of a problem.
Also supports multiple simultaneous TFTP - not sure if this is a feature of
others or not. don't suppose it's that much of a selling point, but the
reliability is.


Gaz

""Charles D Hammonds""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I really like PumpKIN found at:
>
> http://www.klever.net/kin/pumpkin.html
>
>
> Charles
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, July 14, 2002 7:39 AM
> To: [EMAIL PROTECTED]
> Subject: TFTP Server [7:48763]
>
>
> I have a cisco TFTP Server v 1.1, It is creating some problems
> with my XP Machine.
>  Is there a better TFTP Server or is there a better Version
> Available.
>
>   Regards,
>
> Muhammad Usman
> Network Engineer
> al Alamiah Electronics Co.
> Network Section
> www.alamiah.com.sa
> Tel. : (+966-1) 477 0106
> Fax. : (+966-2) 477 7629
> Mob. : (+966-5) 301 4903
> P.O. Box 5954, Riyadh 11432
> Kingdom of Saudi Arabia.
>
> ~~The End-to-End Networkers~~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48955&t=48763
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ip unnumbered [7:48894]

[Kohli, Jaspreet]

Hi Chuck

Could you explain the statement : " Usually, you would number your ethernet
port with a public number, and you
would use an ip unnumbered off that publicly addressed interface." -
Normally we number the port with private address I am not sure what you mean
by public number here!!! Just a bit puzzled .

Cheers

Jas

-Original Message-
From: Chuck [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 17 July 2002 2:15 a.m.
To: [EMAIL PROTECTED]
Subject: Re: ip unnumbered [7:48894]


recall that the link between you and whomever is a two host network. if you
were numbering, you would most likely use a /30. even when connecting to the
internet, this link need not use public IP space. Your ISP is most likely
using a static route to you, and you in turn are using a static route to
them.

them: ip route "your public space" out interface X

You: ip route 0.0.0.0 0.0.0.0 interface Y

this is a regular practice.

IP unnumbered is even better, because then no one has to commit to or agree
upon address, and no one has to waste public space.

Usually, you would number your ethernet port with a public number, and you
would use an ip unnumbered off that publicly addressed interface.

HTH



""richard dumoulin""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey guys,
> I have to connect a Cisco router to the internet (Worldcom) and I was told
> the following "If your router is a CISCO model, then there is no
> need to assign actual IP addresses to the WAN serial
> interfaces since CISCO's un-numbered technology can
> be employed". Does this mean that I can configure IP unnumbered ethernet0
or
> loopback0 (with one of them having a routable IP address) and so I must
> configure ppp encap on the serial ??
>
> I am a bit confused, thx for your help !!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48958&t=48894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CID Exam 3.0 [7:48839]

[Bernard]

Dan,

My first e-mail to the CID practice test users informing them of the
changes is dated March 1, 2002. That must be the approximate date that
the CID objectives changed. Good luck with the exam.
This exam is still tricky and you must read the questions very
carefully.

Bernard Omrani
 


 

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> Dan Penn
> Sent: Tuesday, July 16, 2002 10:37 AM
> To: [EMAIL PROTECTED]
> Subject: RE: CID Exam 3.0 [7:48839]
> 
> Thanks for the heads up Bernard, I hadn't even looked at the outline
> lately.  Any ideas as when this all changed approximately?  Well I
might
> be doing CID a lot sooner now that I don't have to worry about SNA.
> 
> Dan
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> Bernard
> Sent: Monday, July 15, 2002 12:46 PM
> To: [EMAIL PROTECTED]
> Subject: RE: CID Exam 3.0 [7:48839]
> 
> Cisco has made changes to its CID objectives. The following is the
> updated link:
> 
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_
> exams/640-025.html
> 
> 
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_
> exams/640-025.html
> 
> IPX, AppleTalk, SNA and Stratacom questions have been removed from the
> objectives.
> 
> HTH,
> 
> Bernard Omrani
> Author of Boson practice tests




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48948&t=48839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Another CCNP is born... [7:48870]

[Priscilla Oppenheimer]

Mark W. Odette II wrote:
> 
> Well, after many months of off-and-on studying as work would
> permit, I
> finally passed the Support exam to complete the CCNP chapter in
> my Cisco
> Career Certification saga.
> 
> For those preparing for it, let me warn that it is not an easy
> exam.
> It's not that the technologies tested on are hard to learn, but
> rather
> the ambiguous questions posed to test your knowledge. There are
> more
> than a few questions that had me scratching my head and saying
> to myself
> "Huh!?!?"

Indeed, a lot of people are surprised by the Support test. It's not as
strange as the CID test, but from what I hear, some of the questions are
hard to parse.

I have a practice test for those of you still working on CCNP. I didn't word
the questions too weirdly, though. ;-) But it covers the topics at the same
level. See this URL:

http://www.priscilla.com/cit/toc.html

Also, rumor has it that my new support book is finally shipping from the
printers! There's more info here:

http://www.troubleshootingnetworks.com/

Congratulations on your CCNP status, Mark!

Priscilla Oppenheimer

> 
> My advice... if you don't get to work with some of the
> technologies on a
> regular basis, then based on the Test outline on CCO, read up
> on more
> than one study source multiple times until you are dreaming of
> what does
> what and how to tell what from what.
> 
> IF that isn't ambiguous enough... Gotta love the Cisco NDA.
> 
> Any way, I'm now off to study the CCDA and CSS1
> concurrently :-)
> 
> Good luck to all those planning to take the Support exam in the
> near
> future... it's one nasty exam.
> 
> 
> Oh, I must also give thanks to all that have posted on this
> forum for
> the last 2 years I've been faithfully monitoring it.  All of
> your input
> has been quite valuable.
> 
> If you want a nice alternative to the Boson Exams for this
> test... I
> would highly recommend CCXXProductions.com! Their study
> materials are
> top notch... Not to mention their support staff for updates.
> 
> Cheers!
> Mark Odette II
> CCNP, MCSE (2K & 4.0), A+ Certified.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48941&t=48870
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Back to back Connection with 2 DTE Cables [7:48829]

[Priscilla Oppenheimer]

Dan Penn wrote:
> 
> Well, someone correct me if I'm wrong, but I'm pretty sure that
> one of
> your cables has to dte,
> the other dce.  

Both back-to-back routers can use DTE. They do in my lab. The crossover can
be handled by a synchronous modem eliminator (SME). That's how we always
used to do it, both in labs and real-world applications. There's more info
here:

http://www.bomara.com/ecd/smev35.htm

or simply look up SME V.35 on google for lots of info.

>The easiest way to
> accomplish
> this is buying a crossover cable from the sources already
> mentioned.  

That's true. The crossover cables are simpler to use, don't require power,
of course, and are less expensive (though not cheap!)

Priscilla

>I
> just picked up another 3 3 foot cables from kg2.com from an
> ebay auction
> for 48 bucks shipped.
> 
> Dan
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, July 15, 2002 4:12 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Back to back Connection with 2 DTE Cables [7:48829]
> 
> Muhammad Usman wrote:
> > 
> > Hi Guys,
> > Well  if I have 2 DTE Cables, say
> > the
> > Cab-232MT cables, and want to connect 2 routers back to back,
> > while
> > using an interface convertor in between the 2 cables, would it
> > work. Did
> > any body try that.
> 
> What is the interface connector? If it does the cross-over
> between
> transmit
> and receive, it should work.
> 
> My routers are connected with an ancient Black Box converter
> that does
> this.
> (It wouldn't have been my choice, but I inherited an ancient
> lab that
> already had these boxes.)
> 
> Priscilla
> 
> 
> > Thanks all,
> > 
> > 
> > Muhammad Usman
> > Network Engineer
> > al Alamiah Electronics Co.
> > Network Section
> > www.alamiah.com.sa
> > Tel. : (+966-1) 477 0106
> > Fax. : (+966-2) 477 7629
> > Mob. : (+966-5) 301 4903
> > P.O. Box 5954, Riyadh 11432
> > Kingdom of Saudi Arabia.
> > 
> > ~~The End-to-End Networkers~~
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48956&t=48829
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CID Exam 3.0 [7:48839]

[Dan Penn]

Words of advice for any test.

Thanks,
Dan

-Original Message-
From: Bernard [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 2:08 PM
To: [EMAIL PROTECTED]
Cc: 'Dan Penn'
Subject: RE: CID Exam 3.0 [7:48839]

Dan,

My first e-mail to the CID practice test users informing them of the
changes is dated March 1, 2002. That must be the approximate date that
the CID objectives changed. Good luck with the exam.
This exam is still tricky and you must read the questions very
carefully.

Bernard Omrani




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48960&t=48839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Pierre-Alex Guanel]

That is good ... but does the fact that the modem ring and indication that I
have a proper voice link? Could it be that if picked up the phones that I
would not be able to hear anything from the other side?
And could a simple debug demonstrate that I have a crystal clear voice
connection on the other side with no echos, etc  Seems to me that I
would be missing quite a lot in doing a voice lab other the Internet. Are my
assumptions correct? Or am I just paranoid ...

Thank you,

Pierre-Alex


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48961&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM fore CCIE [7:48892]

[Calorifer Gogu]

According to the info on the CISCO's own web site ATM is not required any
more to pass, that is no testing on ATM.
Just do a search on CISCO WEB for CCIE requirements there is a list with
stuff:
http://www.cisco.com/warp/public/625/ccie/certifications/routing.html#42



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48963&t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX 520 Motherboard repair replace [7:48959]

[Calorifer Gogu]

A couple of weeks back I bought for about $100 a defective CISCO PIX 520.
The box came complete with one 16 MB Flash card and one NIC. The box was
sold to me as "Motherboard defective" it is the Intell Al440LX moteherboard.
I took apart PIX boxes before at work and noticed that they were actuall PC
Mobos. That is why I reasoned that repairing the PIX 520 should be only a
matter of replacing the board with an identicall one that retails for no
more than $60.
I also noticed that the newer boards on the PIX 520's are Intel SE440BX2
without sound modules.
I went ahead and bought the new board and installed all cards but when I
power up I get no console output. I reasoned that the Flash card might be
bad and I installed one with 2 MB, still same results...No console output. I
went to CCO and downloaded the Boothelper utilities to boot the PIX from the
Floppy but that does not help either.
I have read multiple discussions about "Clone PIX" and "FrankenPIX" where
people stated that you can build one if you just have the Flash card...
Aparently there is more to that. Any Ideeas? CISCO TAC told me that there is
"special drivers for the console port" onboard the original Motherboards on
a chip. I have some doubts about that considering that in all the times I
contacted TAC with different issues I got vague answers and they allways
missed the point regardless of the fact that I have a "Partner" contract.
Meantime I acuired a "local director" with a working motherboard inside but
without flash. I took that out and swapped out the PIX Mobo but I still get
no console output. Meantime If I use the board as a PC board everithing is
fine.
Is there a certain BIOS that needs to be loaded on the Motherboard prior to
installing the cards ?
On the "sho ver" of some PIX 520 with 2 MB Flash there is a line:
"Finesse Bios V3.3" is this line refering to the bios on the board or on the
Flash card ?


Any insight in this issue will be appreciated


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48959&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Tangled Up in Blue]

Maybe this is not what you're asking, but when I test my voip stuff i just
call my cell phone.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48966&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 520 Motherboard repair replace [7:48959]

[Mike Sweeney]

Special drivers? bunk-

http://www.packetattack.com/frankenpix.html


It can be replaced with a normal, garden varity Intel SE440BX motherboard. I
happen to use a recycled PII 300Mhz slot1 processor which had been used as a
paperweight for the last year ;)

MikeS





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48968&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 520 Motherboard repair replace [7:48959]

[Alex Lei]

I don't know the details, but I would imagine that the boot roms are
different. I can't really see Cisco using a Phoenix bios... Finesse is the
original OS used in PIXes, the boot roms probably have the Finesse kernel
inside. Larry Letterman would probably know for sure.

Alex


Calorifer Gogu wrote:
> 
> A couple of weeks back I bought for about $100 a defective
> CISCO PIX 520.
> The box came complete with one 16 MB Flash card and one NIC.
> The box was sold to me as "Motherboard defective" it is the
> Intell Al440LX moteherboard. I took apart PIX boxes before at
> work and noticed that they were actuall PC Mobos. That is why I
> reasoned that repairing the PIX 520 should be only a matter of
> replacing the board with an identicall one that retails for no
> more than $60.
> I also noticed that the newer boards on the PIX 520's are Intel
> SE440BX2 without sound modules.
> I went ahead and bought the new board and installed all cards
> but when I power up I get no console output. I reasoned that
> the Flash card might be bad and I installed one with 2 MB,
> still same results...No console output. I went to CCO and
> downloaded the Boothelper utilities to boot the PIX from the
> Floppy but that does not help either.
> I have read multiple discussions about "Clone PIX" and
> "FrankenPIX" where people stated that you can build one if you
> just have the Flash card... Aparently there is more to that.
> Any Ideeas? CISCO TAC told me that there is "special drivers
> for the console port" onboard the original Motherboards on a
> chip. I have some doubts about that considering that in all the
> times I contacted TAC with different issues I got vague answers
> and they allways missed the point regardless of the fact that I
> have a "Partner" contract.
> Meantime I acuired a "local director" with a working
> motherboard inside but without flash. I took that out and
> swapped out the PIX Mobo but I still get no console output.
> Meantime If I use the board as a PC board everithing is fine.
> Is there a certain BIOS that needs to be loaded on the
> Motherboard prior to installing the cards ?
> On the "sho ver" of some PIX 520 with 2 MB Flash there is a
> line:
> "Finesse Bios V3.3" is this line refering to the bios on the
> board or on the Flash card ?
> 
> 
> Any insight in this issue will be appreciated




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48967&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 520 Motherboard repair replace [7:48959]

[Alex Lei]

Facts have spoken. I retract my prior statements. 

By extension, could you have used a differenet MB / CPU? 

Alex

Mike Sweeney wrote:
> 
> Special drivers? bunk-
> 
> http://www.packetattack.com/frankenpix.html
> 
> 
> It can be replaced with a normal, garden varity Intel SE440BX
> motherboard. I happen to use a recycled PII 300Mhz slot1
> processor which had been used as a paperweight for the last
> year ;)
> 
> MikeS
> 
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48969&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Terminal server configuration [7:48678]

[Mike Sweeney]

Dan-  put together a cheapo linux box and put a TACACS server on it. Now you
can go nuts with who gets what. Use webmin for a GUI interface to manage the
Linux box and you are set.

Or you can do what I do alot. I bought a copy of Virtual PC for Windows off
ebay for under 70 bucks. Install it on a workstation and run a virtual PC
session with either ACS running on a virtual session or Linux running on a
virtual session. This works very well for the occasional use application.

MikeS
[EMAIL PROTECTED]


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48970&t=48678
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

blocking spam with cisco routers [7:48971]

[GEORGE]

Hi all I have a question ,I configured my e-mail server to only accept
local e-mail, and deny other relay , however im still vulnerable to
spam. My question is how do the ips block other e-mail going to their
smtp
Do they do it by access-list? Allowing only the local network with port
25?
Or just the e-mail server?
If cisco routers have to be involved does anyone have some links. Im
behind a pix and would like to allow only my network to use smtp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48971&t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN troubles [7:10714]

[majid ansari]

Hi

You might have got the solution by now .. if not then read ..

When the packet leaves the router it will have the source address of its
outgoing interface in the IP packet. Now this address is not part of the
tunnel so it will be routed normally.

You need to have the router send the packets with an address which is part
of traffic permitted in the tunnel acl.

For your specific tacacs application, on 2600 enter the command

ip tacacs source-interface 

This interface can be the LAN side interface if its subnet is in the tunnel
or you can create a loopback with such an address.

You can find a similar command on PIX if you are trying to authenticate PIX
across VPN.

Hope that helps ..

Majid


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48974&t=10714
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX 520 Motherboard repair replace [7:48959]

[Kris Keen]

Im using the same BX2 Intel board :) no worries


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48976&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame Relay & multi site [7:48927]

[Kris Keen]

p2mp would work


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48977&t=48927
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Design Considerations [7:48979]

[Jeffrey Reed]

Im still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didnt need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48979&t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ACL fewest numbers of lines [7:48980]

[Peter van Oene]

No problem Alex.  I was simply saying that you can't aggregate those 
addresses without including a lot of addresses that you aren't supposed to 
aggregate.  The best way to do these is always in binary which I can do in 
my head quite easily as I do a fair amount of addressing.

Pete


At 08:39 PM 7/16/2002 -0300, Alex Paulino wrote:
>Hi Peter, i think the better choice is using "ANd" in each octets of IP 
>address, the result is your new network and doing a "xor" in the same 
>octet you'll get the mask.
>
>Example for the first octect= 140.And.161.And.201.and.201 = 128
>mask is: 140.xor.161.xor.201.xor.201 = 45
>
>i hope this help you
>
>sorry about my english! :-(
>
>alex
>
>-Original Message-
>From: Peter van Oene [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, July 16, 2002 6:48 PM
>To: [EMAIL PROTECTED]
>Subject: Re: ACL fewest numbers of lines
>
>
>The left most bits alone require 3 lines as they contain 100, 101, and 110.
>
>At 04:02 PM 7/16/2002 -0500, Alex wrote:
> >Requirement:
> >
> >Create an access list with the fewest numbers of lines to deny.
> >
> >140.199.57.0
> >161.199.57.0
> >201.59.1.0
> >201.63.1.0
> >
> >I can do it in 3 lines but I believe that there is a way to do it in 1
> >line? any body know?
> >_
> >Commercial lab list: http://www.groupstudy.com/list/commercial.html
> >Please discuss commercial lab solutions on this list.
>_
>Commercial lab list: http://www.groupstudy.com/list/commercial.html
>Please discuss commercial lab solutions on this list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48980&t=48980
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM fore CCIE [7:48892]

[Phil Lorenz]

I may be missing something, but the link you've included speaks to not
having to configure the ATM "switch."  

>From what I read- UNI interfaces will be tested.

Phil

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 5:43 PM
To: [EMAIL PROTECTED]
Subject: RE: ATM fore CCIE [7:48892]

According to the info on the CISCO's own web site ATM is not required
any
more to pass, that is no testing on ATM.
Just do a search on CISCO WEB for CCIE requirements there is a list with
stuff:
http://www.cisco.com/warp/public/625/ccie/certifications/routing.html#42




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48981&t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ATM fore CCIE [7:48892]

[Tom Scott]

Phil Lorenz wrote:

> I may be missing something, but the link you've included speaks to not
> having to configure the ATM "switch."  
> 
> From what I read- UNI interfaces will be tested.

That's correct: "Candidates will not be required to configure an ATM 
switch. However, they may be required to connect to a switch that is 
external to their rack."
Source: 
http://www.cisco.com/warp/public/625/ccie/certifications/ATM_FAQs.html

However, ATM LANE is no longer tested in the lab exam.
Source:
http://www.cisco.com/warp/public/625/ccie/certifications/routing.html

-- TT




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48983&t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[Brad Ellis]

Yup, use an access list filtering IPs on port 25 (only allow yours through)

thanks,
-Brad Ellis
CCIE#5796 (R&S / Security)
[EMAIL PROTECTED]
Cisco home labs:  www.optsys.net
""GEORGE""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all I have a question ,I configured my e-mail server to only accept
> local e-mail, and deny other relay , however im still vulnerable to
> spam. My question is how do the ips block other e-mail going to their
> smtp
> Do they do it by access-list? Allowing only the local network with port
> 25?
> Or just the e-mail server?
> If cisco routers have to be involved does anyone have some links. Im
> behind a pix and would like to allow only my network to use smtp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48973&t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 520 Motherboard repair replace [7:48959]

[Brad Ellis]

Actually, there are a couple mother boards that will work.  CPU is dependent
on the motherboard.  Ive seen frankenpix's with 850MHZ processors in them...

Mike - you've got frankenpix in your http address!  too funny.  can i come
after you for trademark infrindgement??  :)  (j/k)

thanks,
-Brad Ellis
CCIE#5796 (R&S / Security)
[EMAIL PROTECTED]
Cisco home labs:  www.optsys.net
""Alex Lei""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Facts have spoken. I retract my prior statements.
>
> By extension, could you have used a differenet MB / CPU?
>
> Alex
>
> Mike Sweeney wrote:
> >
> > Special drivers? bunk-
> >
> > http://www.packetattack.com/frankenpix.html
> >
> >
> > It can be replaced with a normal, garden varity Intel SE440BX
> > motherboard. I happen to use a recycled PII 300Mhz slot1
> > processor which had been used as a paperweight for the last
> > year ;)
> >
> > MikeS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48975&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP with 2600 Router [7:48709]

[Steven A. Ridder]

I'm not sure I understand the question.  If the question is, if there's a
number 335, and I tell the router 355 is over on a different router, is that
a valid dial-peer (355).  If that's the question, yes it is.

Did I understand the question correctly?


""Gaz""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> On a similar subject - Is it possible to use a destination-pattern of for
> instance 70 (no wild cards or anything) and still get it to work. The
reason
> for this is to allow users to phone the operator of another site using
just
> the trunk code and a "0".
> As it is the router comes back with something like 'no number to dial'
even
> when used with prefix 70, because there is nothing except the
> destination-pattern.
>
> Basically the destination-pattern needs to be the full number.
>
> Hope I've explained myself well enough.
>
> Please excuse the VoIP newbie.
>
>
> Gaz
>
>
> ""Steven A. Ridder""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I'd do some dubugs like "debug voice ccapi inout" to see what numbers
are
> > being sent to the PBX and across the IP call leg (on both sides).
> >
> > I'd also try to validate your dialing plan by doing a "show dialplan
> number
> > (DN you wish to test)" to see whci dial-peer the router thinks it should
> be
> > using.
> >
> > Finally check for codec mismatches, missing routes in the routing table
> > etc..
> >
> >
> >
> > ""Firesox""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Site A
> > > voice-card 1
> > > !
> > > ip subnet-zero
> > > no ip source-route
> > > no ip finger
> > > !
> > > lane client flush
> > > !
> > > !
> > > controller T1 1/0
> > >  framing esf
> > >  linecode b8zs
> > >  ds0-group 1 timeslots 1-24 type e&m-wink-start
> > >  cas-custom 1
> > > !
> > > !
> > > voice-port 1/0:1
> > >  operation 4-wire
> > > !
> > > !
> > > dial-peer voice 1 pots
> > >  destination-pattern 370..
> > >  port 1/0:1
> > >  prefix 370
> > > !
> > > dial-peer voice 10 voip
> > >  destination-pattern 79..
> > >  session target ipv4:1.1.1.2
> > > !
> > > dial-peer voice 2 pots
> > >  destination-pattern 374..
> > >  port 1/0:1
> > >  prefix 374
> > > !
> > > !
> > > interface FastEthernet0/0
> > >  bandwidth 1
> > >  ip address x.x.x.x x.x.x.x
> > >  speed 10
> > >  full-duplex
> > > !
> > > interface Serial0/0
> > >  bandwidth 1536
> > >  ip address 2.2.2.2 255.255.255.252
> > >  no fair-queue
> > >  down-when-looped
> > > !
> > > ip classless
> > > ip route 0.0.0.0 0.0.0.0 Serial0/0
> > > 
> > > Site B
> > >
> > > voice-card 1
> > > !
> > > ip subnet-zero
> > > no ip source-route
> > > !
> > > lane client flush
> > > !
> > > !
> > > controller T1 1/0
> > >  framing esf
> > >  linecode b8zs
> > >  ds0-group 1 timeslots 1-24 type e&m-wink-start
> > >  cas-custom 1
> > > !
> > > !
> > > voice-port 1/0:1
> > >  operation 4-wire
> > > !
> > > !
> > > dial-peer voice 1 pots
> > >  destination-pattern 79..
> > >  port 1/0:1
> > >  prefix 79
> > > !
> > > dial-peer voice 10 voip
> > >  destination-pattern 370..
> > >  session target ipv4:2.2.2.2
> > > !
> > > dial-peer voice 11 voip
> > >  destination-pattern 374..
> > >  session target ipv4:2.2.2.2
> > > !
> > > !
> > > interface FastEthernet0/0
> > >  ip address x.x.x.x x.x.x.x
> > >  duplex auto
> > >  speed auto
> > > !
> > > interface Serial0/0
> > >  bandwidth 1544
> > >  ip address 1.1.1.2 255.255.255.252
> > >  no ip mroute-cache
> > >  no fair-queue
> > > !
> > > ip classless
> > > ip route 0.0.0.0 0.0.0.0 1.1.1.1
> > > no ip http server




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48984&t=48709
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Voice of IP / Frame-Relay and remote labs [7:48947]

[Steven A. Ridder]

Here's a hidden command:  csim start (number).  If the call completes
correctly, it will tell you.  And the other thing is to do some debugs as
someone already wrote.


""Pierre-Alex Guanel""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> That is good ... but does the fact that the modem ring and indication that
I
> have a proper voice link? Could it be that if picked up the phones that I
> would not be able to hear anything from the other side?
> And could a simple debug demonstrate that I have a crystal clear voice
> connection on the other side with no echos, etc  Seems to me that I
> would be missing quite a lot in doing a voice lab other the Internet. Are
my
> assumptions correct? Or am I just paranoid ...
>
> Thank you,
>
> Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48985&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TCP timeout question [7:48934]

[Steven A. Ridder]

I think the RFC that say's keepalives must be at least 2 hours isn't very
security conscious.  What I mean is if you take a syn attack, it sets up
connections and then never sends any data, holding the connection in a
half-open state.  I know there's a finite number of connections that a host
can have open at one time, so once that number is reached, no one else can
communicate (I understand that this has been fixed in various ways in
different TCP/IP stacks).

But I'd have to say that one could hold open a bunch of these sessions, I
guess you'd call them open-hung states, and eventually knock off the system
as well.  I don't think a session should stay open for that long, but at the
same time, I wouldn't think it should close after 500 ms of not hearing any
data either. I guess you need a balance, but how much I'd have no idea.
\\



\"]"sam sneed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Someone sent me this link which I think was helpful:
> http://www.sean.de/Solaris/soltune.html#common
>
> I will have to do more research.
> The problem I need to solve:
>
> My firewall keeps connections in its state table for 1 hour. So after one
> hour if you did a netstat on each host the connection appears up. But when
> host A sends data to host B, the firewall silently drops the packet. Host
A
> will keep resending and its packets will get dropped. Host A times out and
> closes its socket.   Host B nevers receives the FIN and it still shows the
> connection is up according to netstat. This is a pain because I have to
> constantly reeastblish connections between host A and B.I'd like to raise
> the timeout on my server to a lower value and maybe bump up the timeut
value
> on the firewall to a higher value. I will do my research and post a
summary
> since I've similiar types of posts in the past without complete
explanations
>
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48986&t=48934
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 520 Motherboard repair replace [7:48959]

[Mike Sweeney]

You think thats bad-  I'm looking for a still of Dr. FrankenSTIEN to edit a
bit with the mad doc looking over a frankenpix on the table :)

idle minds...

MikeS


Brad Ellis wrote:
> 
> Actually, there are a couple mother boards that will work.  CPU
> is dependent
> on the motherboard.  Ive seen frankenpix's with 850MHZ
> processors in them...
> 
> Mike - you've got frankenpix in your http address!  too funny. 
> can i come
> after you for trademark infrindgement??  :)  (j/k)
> 
> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> [EMAIL PROTECTED]
> Cisco home labs:  www.optsys.net
> ""Alex Lei""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Facts have spoken. I retract my prior statements.
> >
> > By extension, could you have used a differenet MB / CPU?
> >
> > Alex
> >
> > Mike Sweeney wrote:
> > >
> > > Special drivers? bunk-
> > >
> > > http://www.packetattack.com/frankenpix.html
> > >
> > >
> > > It can be replaced with a normal, garden varity Intel
> SE440BX
> > > motherboard. I happen to use a recycled PII 300Mhz slot1
> > > processor which had been used as a paperweight for the last
> > > year ;)
> > >
> > > MikeS
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48988&t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[Priscilla Oppenheimer]

Brad Ellis wrote:
> 
> Yup, use an access list filtering IPs on port 25 (only allow
> yours through)

Yes, but, other SMTP servers for legitimate reasons are also going to be
opening TCP sessions to port 25 because they have e-mail to send to your
users. It's not as easy as it sounds.

I guess it depends on the ISP's network architecture too. We have a
challenge where I work in that our users are on cable modems that connect to
the cable provider (which isn't technically us). Their e-mail requests come
into our network on the same interface that all Internet traffic comes in on.

Priscilla


> 
> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> [EMAIL PROTECTED]
> Cisco home labs:  www.optsys.net
> ""GEORGE""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi all I have a question ,I configured my e-mail server to
> only accept
> > local e-mail, and deny other relay , however im still
> vulnerable to
> > spam. My question is how do the ips block other e-mail going
> to their
> > smtp
> > Do they do it by access-list? Allowing only the local network
> with port
> > 25?
> > Or just the e-mail server?
> > If cisco routers have to be involved does anyone have some
> links. Im
> > behind a pix and would like to allow only my network to use
> smtp.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48989&t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Off Topic - if you are building a home lab [7:48982]

[Chuck]

you may want to check this out:

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=2039658172&r=0&t=0&showTu
torial=0&ed=0&indexURL=0&rd=1
watch the wrap

Chuck
shameless commerce division




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48982&t=48982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Lab Swap!!!!!!!!! [7:48990]

[Stout, Terry]

Have the 15th of August in RTP would like to swap lab . I am looking for
anytime between September and December 2002.

Please email me at [EMAIL PROTECTED]

Thanks

Terry Stout
Design Engineer
[EMAIL PROTECTED]



**
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48990&t=48990
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Time-Base ISDN connection [7:48991]

[Jimmy]

   Does anyone have the sample configuration for
Time-Base ISDN connection.

   What I want to do is the only specific time , like
from 9am to 6pm , ISDN link bettwen 2 router will be
up. 


  Thanks in advance.


regards
Jimmy

__
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48991&t=48991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCO CD-Rom [7:48931]

[Steven A. Ridder]

I got April 2002 in a recent router.  You just have to open up a box at work
and get the latest.


""Mark Godfrey""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can someone help me find the latest and greatest  version for the CCIE Lab
> test.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48987&t=48931
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Time-Base ISDN connection [7:48991]

[Jim Brown]

Base your dialer list on a time based access list. This should do the trick.


-Original Message-
From: Jimmy [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 10:34 PM
To: [EMAIL PROTECTED]
Subject: Time-Base ISDN connection [7:48991]


   Does anyone have the sample configuration for
Time-Base ISDN connection.

   What I want to do is the only specific time , like
from 9am to 6pm , ISDN link bettwen 2 router will be
up. 


  Thanks in advance.


regards
Jimmy

__
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48992&t=48991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Priscilla Oppenheimer]

Tangled Up in Blue wrote:
> 
> Maybe this is not what you're asking, but when I test my voip
> stuff i just call my cell phone.

When he's first getting it working with basic FXS ports on a Cisco router,
he probably won't have a gateway to the public switched network. So calling
a cell phone won't work! ;-)

I know there are some debug commands, just can't remember what they are.
They tell you if the call works and maybe some quality too

Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48972&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM fore CCIE [7:48892]

[Jim Brown]

You are not responsible for configuring the switch, but ATM is still on the
test. You will need to configure routers to communicate through the cloud.


-Original Message-
From: Calorifer Gogu [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 3:43 PM
To: [EMAIL PROTECTED]
Subject: RE: ATM fore CCIE [7:48892]


According to the info on the CISCO's own web site ATM is not required any
more to pass, that is no testing on ATM.
Just do a search on CISCO WEB for CCIE requirements there is a list with
stuff:
http://www.cisco.com/warp/public/625/ccie/certifications/routing.html#42




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48965&t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Voice of IP / Frame-Relay and remote labs [7:48947]

[Brad Ellis]

You could use modems to make/receive calls, but it's really hard to tell the
quality of the line.

We have a robot that tests our VoIP for our customers... it's (his) name is
Marc Russell!  :)

thanks,
-Brad Ellis
CCIE#5796 (R&S / Security)
[EMAIL PROTECTED]
Cisco home labs:  www.optsys.net
""Pierre-Alex Guanel""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am about to start studying Voice topics for the CCIE lab
>
> How does one test that a call has actually been placed succesffuly when
> doing remote-labs? Or maybe this is not possible and you actually have to
> buy the gears to see the stuff working ...
>
> I bet you would neeed some type of robot to pickup the phone  (just
> kidding).
>
> Thanks,
>
> Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48962&t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Time-Base ISDN connection [7:48991]

[_ Einstooge _]

Yes, Yes, Here is THE link
"http://www.cisco.com/warp/public/793/access_dial/10.html";
Later,
M


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48993&t=48991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE LAB Date 8-15-02 [7:48964]

[Stout, Terry]

Would anyone like to switch dates with me , I am looking for Mid September
to early October, 2002.

Terry Stout
Design Engineer
504-846-7697 Office
504-723-5375 Cell
[EMAIL PROTECTED]



**
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48964&t=48964
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]