RE: Time-Base ISDN connection [7:48991]

[_ Einstooge _]

Yes, Yes, Here is THE link
http://www.cisco.com/warp/public/793/access_dial/10.html;
Later,
M


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48993t=48991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE LAB Date 8-15-02 [7:48964]

[Stout, Terry]

Would anyone like to switch dates with me , I am looking for Mid September
to early October, 2002.

Terry Stout
Design Engineer
504-846-7697 Office
504-723-5375 Cell
[EMAIL PROTECTED]



**
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48964t=48964
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM fore CCIE [7:48892]

[Roberts, Larry]

You will not have to configure an ATM switch nor LANE. You WILL however be
responsible for connecting to an ATM switch from your router.
I would know how to do PVC/SVC's on the LAB, especially PVC
autodiscovery
I haven't sat the lab so this is not an NDA violation.
If you follow the link that you provided and click on the section titled ATM
content under the FAQ's sweeps you away to :

http://www.cisco.com/warp/public/625/ccie/certifications/ATM_FAQs.html

Thanks

Larry
 

-Original Message-
From: Calorifer Gogu [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 4:43 PM
To: [EMAIL PROTECTED]
Subject: RE: ATM fore CCIE [7:48892]


According to the info on the CISCO's own web site ATM is not required any
more to pass, that is no testing on ATM. Just do a search on CISCO WEB for
CCIE requirements there is a list with
stuff:
http://www.cisco.com/warp/public/625/ccie/certifications/routing.html#42




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48978t=48892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Time-Base ISDN connection [7:48991]

[Andrew Larkins]

you need normal ISDN dialup config. The only difference is that on the
access lists for interesting traffic, you add a time range.

I have attached the time range and sample access list below:

access-list 145 remark Interesting traffic
access-list 145 deny   eigrp any any
access-list 145 deny   ip any host 224.0.0.10
access-list 145 deny   udp any any eq snmp
access-list 145 permit ip any any time-range Office_Hours

time-range Office_Hours
 periodic weekdays 6:00 to 18:00

-Original Message-
From: Jimmy [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 06:34
To: [EMAIL PROTECTED]
Subject: Time-Base ISDN connection [7:48991]


   Does anyone have the sample configuration for
Time-Base ISDN connection.

   What I want to do is the only specific time , like
from 9am to 6pm , ISDN link bettwen 2 router will be
up. 


  Thanks in advance.


regards
Jimmy

__
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48995t=48991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New Lab Format [7:48731]

[The_Jester]

If there weren't any bugs, it wouldn't be Cisco.

Ken Diliberto  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I interpret the question to inquire if one should take Lab version 1.0
 or wait for Lab version 1.01.  There are bound to be bugs.

  The_Jester  07/14/02 04:40PM 
 The point I was trying to make is that the subject matter is not
 so hard that one needs to cheat to pass.

 Howard C. Berkowitz  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  At 7:48 AM + 7/14/02, The_Jester wrote:
  Take the exam on the 5th. If you need to rely on others to break the
 NDA
  before you can pass (as Chuck suggests), then you don't deserve the
  certification anyway. None of this stuff is Rocket Science.
 
  Years ago, I was teaching a networking seminar at Kennedy Space
  Center.  On a break, I wandered to the door of one of the other
  classrooms and listened in on the course in progress, which dealt
  with the Shuttle propulsion system. I'd swear I heard the
 instructor,
  frustrated with his class, say Hey, this is rocket science, not
 BGP!
 
  In the many mergers that led up to Global Knowledge, PSC was
 acquired
  by MacDonald Detweiler, which, in turn, was acquired by Orbital
  Sciences--which does actually do satellites and rockets.  At our
  first get-together, we inquired if it was now politically incorrect
  for us to refer to something as rocket science, and they went into
  hysterical giggles.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48997t=48731
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Broadcasting and the all ones subnet [7:48996]

[Wesley]

Hello Group,

Three things to confirm about broadcasts.

a) the all ones broadcast i.e 255.255.255.255 by default will only be
propagated to the local network and is not forwarded by routers

b) network and subnet directed broadcasts. If I were to broadcast to
192.168.1.255, and I have subnets 192.168.1.32/27, 192.168.1.64/27 and
192.168.1.96/27, would all the subnets receive it as well?

c) referring to scenario b), I believe that broadcasts with destination
192.168.1.255 is forwarded. Is this true?

I was going thru this article about the effect of using the all ones subnet.
There are somethings that I'm still confused about. The link is

http://www.cisco.com/warp/public/105/40.html

1. In the first example, when host 195.1.1.24 sends a local broadcast to
195.1.1.255, will hosts attached to router 2's async lines receive the
broadcast?

2. OK, its a directed broadcast and router 2 looks up its routing table and
forwards it out using the default route. Router 1 receives the packet. I
believe the packet is forwarded out to all 192.1.1.x/26 subnets, right? Will
Router 1  forward the packet back to Router 2? I hope not

2a. Another way of looking at it is router 1 thinks that it is a broadcast
only for subnet 195.1.1.192  and forwards it out only to router 5. Hmmm 
I'm definitely confused

3. Router 5 receives the packet from router 1. How will it interpret the
packet? I'm guessing that the router sees it as a directed broadcast and
send it out via the default route. Is it normal that routers forward a
packet out from an interface that it received on? As in its received on e0
and forwarded out e0 as well

4. Once router 1 receives the packet from router 5, will it forward the
packet out to all 192.1.1.x/26 subnets again or just to router 5. The
article did not detail this part and just specified that it will bounce
between routers 1 and 5. It also says that routers 2 thru 4 see the
'broadcast' only once. The way I see it , if all subnets receive the
broadcast then routers 2 thru 4 should receive the packets as many times as
router 5.

I would appreciate all the help I can get. I know you gurus can help me out.
Thanks!!

Wes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48996t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

running Realserver behind PIX to server realplayer [7:48998]

[Magdy Ibrahim]

Hi all,

I have internal LAN behind my PIX firewall with 6.0(1)...
My realserver8.0 installed in the internal LAN . I need to allow the outside
users using real player to access and run videos and movies...
My PIX conf.as the following:

fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
no fixup protocol skinny 2000
fixup protocol rtsp 554
fixup protocol rtsp 8554
!
static (inside,outside) 62.32.20.15 10.0.10.1 netmask 255.255.255.255 0 0
conduit permit tcp host 62.32.20.15 eq 554 any
conduit permit tcp host 62.32.20.15 eq www any
conduit permit tcp host 62.32.20.15 eq 7070 any
conduit permit tcp host 62.32.20.15 eq 4040 any
conduit permit udp host 62.32.20.15 eq 554 any
conduit permit udp host 62.32.20.15 eq www any
conduit permit udp host 62.32.20.15 eq 7070 any
conduit permit udp host 62.32.20.15 eq 4040 any


are there any extra commands I need to add to allow the outside users to
access and run the movies and clips which running on the Internal real
server 8.0
Please help


Best regards,,
Magdy





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48998t=48998
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TCP timeout question [7:48934]

[[EMAIL PROTECTED]]

Let me tell you about this experience I have with this and if someone could
please explain it.

I usually telnet into my mini-lab and open a session for each router and
switch. I also have the exec-timeout 0 0 command for the vty interfaces.
So at night when I go to bed ... I put my W2K machine into hibernate mode
while leaving all the telnet sessions open. So technically, the ethernet
interface goes down for the, and the routers/switch still have an open
session.

The next day I will power up the computer and carry on as if nothing has
happened. The connection is still live, the router doesn't force me to login
again, etc.

I understand the exec-timeout 0 0 means the the connection should not
timeout, but if the 'session' is lost when my computer is powered of,
shouldn't the router be clever enough to realise that that session is not
active, since this is through the network? I understand there is no CD
facility since it is vty and not tty. That's a good way I guess to teach
people about 'uncleared sessions for BCRAN and how to use the clear line
vty x command!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48999t=48934
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Broadcasting and the all ones subnet [7:48996]

[Vicuna, Mark]

Hi Wesley,

a) correct

b) no, as 192.168.1.32/27, 192.168.1.64/27 and
192.168.1.96/27 are on a different subnet to the broadcast 192.168.1.255
(this is for the 192.168.1.224/27 subnet).

c) from the answer to b), no.  Only hosts on the 192.168.1.224/27 subnet
will see the broadcast packet of 192.168.1.225.


HTH,
Mark.
-Original Message-
From: Wesley [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 17 July 2002 16:49
To: [EMAIL PROTECTED]
Subject: Broadcasting and the all ones subnet [7:48996]


Hello Group,

Three things to confirm about broadcasts.

a) the all ones broadcast i.e 255.255.255.255 by default will only be
propagated to the local network and is not forwarded by routers

b) network and subnet directed broadcasts. If I were to broadcast to
192.168.1.255, and I have subnets 192.168.1.32/27, 192.168.1.64/27 and
192.168.1.96/27, would all the subnets receive it as well?

c) referring to scenario b), I believe that broadcasts with destination
192.168.1.255 is forwarded. Is this true?

I was going thru this article about the effect of using the all ones
subnet.
There are somethings that I'm still confused about. The link is

http://www.cisco.com/warp/public/105/40.html

1. In the first example, when host 195.1.1.24 sends a local broadcast to
195.1.1.255, will hosts attached to router 2's async lines receive the
broadcast?

2. OK, its a directed broadcast and router 2 looks up its routing table
and
forwards it out using the default route. Router 1 receives the packet. I
believe the packet is forwarded out to all 192.1.1.x/26 subnets, right?
Will
Router 1  forward the packet back to Router 2? I hope not

2a. Another way of looking at it is router 1 thinks that it is a
broadcast
only for subnet 195.1.1.192  and forwards it out only to router 5. Hmmm

I'm definitely confused

3. Router 5 receives the packet from router 1. How will it interpret the
packet? I'm guessing that the router sees it as a directed broadcast and
send it out via the default route. Is it normal that routers forward a
packet out from an interface that it received on? As in its received on
e0
and forwarded out e0 as well

4. Once router 1 receives the packet from router 5, will it forward the
packet out to all 192.1.1.x/26 subnets again or just to router 5. The
article did not detail this part and just specified that it will bounce
between routers 1 and 5. It also says that routers 2 thru 4 see the
'broadcast' only once. The way I see it , if all subnets receive the
broadcast then routers 2 thru 4 should receive the packets as many times
as
router 5.

I would appreciate all the help I can get. I know you gurus can help me
out.
Thanks!!

Wes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49000t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Broadcasting and the all ones subnet [7:48996]

[Wesley]

Then how would you define an all /27 subnets broadcast i.e. not just
192.168.1.224 subnet getting the broadcast but all subnets? Thank you for
the reply BTW.

Vicuna, Mark  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Wesley,

 a) correct

 b) no, as 192.168.1.32/27, 192.168.1.64/27 and
 192.168.1.96/27 are on a different subnet to the broadcast 192.168.1.255
 (this is for the 192.168.1.224/27 subnet).

 c) from the answer to b), no.  Only hosts on the 192.168.1.224/27 subnet
 will see the broadcast packet of 192.168.1.225.


 HTH,
 Mark.
 -Original Message-
 From: Wesley [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, 17 July 2002 16:49
 To: [EMAIL PROTECTED]
 Subject: Broadcasting and the all ones subnet [7:48996]


 Hello Group,

 Three things to confirm about broadcasts.

 a) the all ones broadcast i.e 255.255.255.255 by default will only be
 propagated to the local network and is not forwarded by routers

 b) network and subnet directed broadcasts. If I were to broadcast to
 192.168.1.255, and I have subnets 192.168.1.32/27, 192.168.1.64/27 and
 192.168.1.96/27, would all the subnets receive it as well?

 c) referring to scenario b), I believe that broadcasts with destination
 192.168.1.255 is forwarded. Is this true?

 I was going thru this article about the effect of using the all ones
 subnet.
 There are somethings that I'm still confused about. The link is

 http://www.cisco.com/warp/public/105/40.html

 1. In the first example, when host 195.1.1.24 sends a local broadcast to
 195.1.1.255, will hosts attached to router 2's async lines receive the
 broadcast?

 2. OK, its a directed broadcast and router 2 looks up its routing table
 and
 forwards it out using the default route. Router 1 receives the packet. I
 believe the packet is forwarded out to all 192.1.1.x/26 subnets, right?
 Will
 Router 1  forward the packet back to Router 2? I hope not

 2a. Another way of looking at it is router 1 thinks that it is a
 broadcast
 only for subnet 195.1.1.192  and forwards it out only to router 5. Hmmm
 
 I'm definitely confused

 3. Router 5 receives the packet from router 1. How will it interpret the
 packet? I'm guessing that the router sees it as a directed broadcast and
 send it out via the default route. Is it normal that routers forward a
 packet out from an interface that it received on? As in its received on
 e0
 and forwarded out e0 as well

 4. Once router 1 receives the packet from router 5, will it forward the
 packet out to all 192.1.1.x/26 subnets again or just to router 5. The
 article did not detail this part and just specified that it will bounce
 between routers 1 and 5. It also says that routers 2 thru 4 see the
 'broadcast' only once. The way I see it , if all subnets receive the
 broadcast then routers 2 thru 4 should receive the packets as many times
 as
 router 5.

 I would appreciate all the help I can get. I know you gurus can help me
 out.
 Thanks!!

 Wes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49001t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

bandwidth question [7:49002]

[birdy]

Can anyone tell me why

I have 2 Mbps WAN connection that reached 95 % utilisation during peak time.
When I try to ping to my provider serial interface(next hop),it register 10%
packet loss

My router serial interface is showing 1.9Mbps (incoming traffic). Since the
router is receiving 1.9 Mbps out of the 2M pipe,which means that there is
still a balance of 0.1 Mbps (100 k) and so therotically speaking, there
should not be any packet loss.

I think is time for me to upgrade my bandwidth




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49002t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Passed MPLS exam [7:48825]

[Chee Kin]

Congrats!

Have you taken the mcast+qos paper?  If you already have, what books do you
recommend?  Thanks.

Regards,
cheekin

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello Group,

 Last,Saturday I passed the cisco MPLS exam.

 Kind Regards /Thangavel

 186K
 Reading,Brkshire
 Direct No   -0118 9064259
 Mobile No  -07796292416
 Post code: RG16LH
 www.186k.co.uk

 --
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela

 



 **
 This e-mail is from 186k Ltd and is intended only for the
 addressee named above. As this e-mail may contain confidential
 or priveleged information, if you are not the named addressee or
 the person responsible for delivering the message to the named
 addressee, please advise the sender by return e-mail. The
 contents should not be disclosed to any other person nor copies
 taken.
 186k Ltd is a Lattice Group company, registered in England
  Wales No. 3751494 Registered Office 130 Jermyn Street
 London SW1Y 4UR
 **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49005t=48825
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: bandwidth question [7:49002]

[Richard Botham]

Birdy,
What about the interface buffer that has to cope with buffering the packets.
Just because you've got 100k left to deal with it doesn't necessarily mean
that the router can
HTH 
Richard


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49003t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ATM Question [7:49007]

[Casey, Paul (6822)]

Hello

Can some tell me the requirments for atm for the lab 
I have the following 3640 ATM Support (NM-4T1-IMA) and the 3640 routers. 

Are those cards any good to me, 
Do I need an ATM switch or can I put this stuff back to back. 

Any help appreciated. 

Kind regards.
Paul





This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49007t=49007
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Broadcasting and the all ones subnet [7:48996]

[Vicuna, Mark]

It will be the all 1's bit for that subnet eg. for 192.168.1.224/27 it
would be 192.168.1.255 and for 192.168.1.32/27 it would be 192.168.1.63.


HTH,
Mark.

-Original Message-
From: Wesley [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 17 July 2002 6:21 PM
To: [EMAIL PROTECTED]
Subject: Re: Broadcasting and the all ones subnet [7:48996]


Then how would you define an all /27 subnets broadcast i.e. not just
192.168.1.224 subnet getting the broadcast but all subnets? Thank you
for
the reply BTW.

Vicuna, Mark  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Wesley,

 a) correct

 b) no, as 192.168.1.32/27, 192.168.1.64/27 and
 192.168.1.96/27 are on a different subnet to the broadcast
192.168.1.255
 (this is for the 192.168.1.224/27 subnet).

 c) from the answer to b), no.  Only hosts on the 192.168.1.224/27
subnet
 will see the broadcast packet of 192.168.1.225.


 HTH,
 Mark.
 -Original Message-
 From: Wesley [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, 17 July 2002 16:49
 To: [EMAIL PROTECTED]
 Subject: Broadcasting and the all ones subnet [7:48996]


 Hello Group,

 Three things to confirm about broadcasts.

 a) the all ones broadcast i.e 255.255.255.255 by default will only be
 propagated to the local network and is not forwarded by routers

 b) network and subnet directed broadcasts. If I were to broadcast to
 192.168.1.255, and I have subnets 192.168.1.32/27, 192.168.1.64/27 and
 192.168.1.96/27, would all the subnets receive it as well?

 c) referring to scenario b), I believe that broadcasts with
destination
 192.168.1.255 is forwarded. Is this true?

 I was going thru this article about the effect of using the all ones
 subnet.
 There are somethings that I'm still confused about. The link is

 http://www.cisco.com/warp/public/105/40.html

 1. In the first example, when host 195.1.1.24 sends a local broadcast
to
 195.1.1.255, will hosts attached to router 2's async lines receive the
 broadcast?

 2. OK, its a directed broadcast and router 2 looks up its routing
table
 and
 forwards it out using the default route. Router 1 receives the packet.
I
 believe the packet is forwarded out to all 192.1.1.x/26 subnets,
right?
 Will
 Router 1  forward the packet back to Router 2? I hope not

 2a. Another way of looking at it is router 1 thinks that it is a
 broadcast
 only for subnet 195.1.1.192  and forwards it out only to router 5.
Hmmm
 
 I'm definitely confused

 3. Router 5 receives the packet from router 1. How will it interpret
the
 packet? I'm guessing that the router sees it as a directed broadcast
and
 send it out via the default route. Is it normal that routers forward a
 packet out from an interface that it received on? As in its received
on
 e0
 and forwarded out e0 as well

 4. Once router 1 receives the packet from router 5, will it forward
the
 packet out to all 192.1.1.x/26 subnets again or just to router 5. The
 article did not detail this part and just specified that it will
bounce
 between routers 1 and 5. It also says that routers 2 thru 4 see the
 'broadcast' only once. The way I see it , if all subnets receive the
 broadcast then routers 2 thru 4 should receive the packets as many
times
 as
 router 5.

 I would appreciate all the help I can get. I know you gurus can help
me
 out.
 Thanks!!

 Wes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49006t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[[EMAIL PROTECTED]]

I am not a VOIP expert but this is just an idea based on my other job and
one at which I have lots of unplanned experience with. 

From my experience with running data over analog lines, I would say an
analog modem is probably the best option. 

Modems are extremely sensitive to noise / etc on a analog link. They pick up
things that our humans ears cannot. 
If there is noise you can hear the modem(s) renegotiating to a lower level
which means you could use the speed at which the modems connect to judge the
quality of the call. If the modem connect speed is say 28K, then you already
know there is noise on the line. If the call completes with a 48K connect
speed, then you have good voice quality. 

I say this because our PABX got hit by lightning once, and although the main
boards got replaced ... I told the PABX techie, that I could hear a slight
noise in the background when I was making calls. The noise was not there
before. Of course, he listened and told me it was normal. Then the proof
came. Every modem in the company which was connected to PABX extension could
not make calls. You could hear the modem renegotiating at least three times
before an acceptable transfer rate was set, which was 21Kbps instead of the
48Kbps we were used to. So I use that as a standard to judge line quality.

Of course you use the debug commands to see at what speeds the modems are
connecting at

Just an idea.
Manish

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] 
Sent: 17 July 2002 01:16 
To: [EMAIL PROTECTED]
Subject: RE: Voice of IP / Frame-Relay and remote labs [7:48947]


Tangled Up in Blue wrote:
 
 Maybe this is not what you're asking, but when I test my voip stuff i 
 just call my cell phone.

When he's first getting it working with basic FXS ports on a Cisco router,
he probably won't have a gateway to the public switched network. So calling
a cell phone won't work! ;-)

I know there are some debug commands, just can't remember what they are.
They tell you if the call works and maybe some quality too

Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49008t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: bandwidth question [7:49002]

[Phil Barker]

Possibly, but is anyone actually complaining about the
speed ?

Check the serial interface at your end also for
dropped packets, load, reliability etc over a period
of about a week. If that average is over 90% then you
may well do with an upgrade.

Phil.
 
 --- birdy  wrote:  Can anyone
tell me why
 
 I have 2 Mbps WAN connection that reached 95 %
 utilisation during peak time.
 When I try to ping to my provider serial
 interface(next hop),it register 10%
 packet loss
 
 My router serial interface is showing 1.9Mbps
 (incoming traffic). Since the
 router is receiving 1.9 Mbps out of the 2M
 pipe,which means that there is
 still a balance of 0.1 Mbps (100 k) and so
 therotically speaking, there
 should not be any packet loss.
 
 I think is time for me to upgrade my bandwidth
[EMAIL PROTECTED] 

__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49009t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AS5300 Mica modems [7:49010]

[Reza]

Hi Group
I'm setting up a new Cisco As5300 NAS .
it has one 4 E1 Module and two mica 60 digital modem modules.
every thing is OK but when I dial-up to it , there is not any beep from the
modems .
I debuged the CAS , CSM on it , but I can't find the Problem

00:53:07: from Trunk(0): (0/8): Rx SEIZURE (ABCD=0001)
00:53:08: VDEV_ALLOCATE: 2/1 is allocated
00:53:08:  3.dsx0 call reset dnis_collected  fap_notify
00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(cid0008): EVENT_CALL_DIAL_IN at slot 2
and port 1
00:53:08: CSM_PROC_IDLE: CSM_EVENT_DSX0_CALL at slot 2, port 1
00:53:08: Mica Modem(2/1): Configure(0x1 = 0x0)
00:53:08: Mica Modem(2/1): Configure(0x23 = 0x2)
00:53:08: Mica Modem(2/1): Call Setup
00:53:08: csm_connect_pri_vdev: TS allocated at bp_stream 0, bp_Ch 7,
vdev_common 0x61B93DC8 2/1
00:53:08: to NEAT:(cid0008) EVENT_CHANNEL_LOCK for slot0 ctlr0 chan8
00:53:08: Mica Modem(2/1): State Transition to Call Setup
RM-NAS#
00:53:08: Mica Modem(2/1): Went offhook
00:53:08: CSM_PROC_IC2_RING: CSM_EVENT_MODEM_OFFHOOK at slot 2, port 1
00:53:08:  cas_group=1, service=2
00:53:08: csm_res_response: service_type=0, fax_call=0, fap_notify=0
00:53:08: CSM_PROC_IC3_WAIT_FOR_RES_RESP: CSM_EVENT_RESOURCE_OK at slot 2,
port 1
00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_START_RX_TONE at slot 2
and port 1
00:53:08: from Trunk(0): (0/8): Tx SEIZURE_ACK (ABCD=1101)
00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_CHANNEL_CONNECTED at
slot 2 and port 1
00:53:08: CSM_PROC_IC6_WAIT_FOR_CONNECT: CSM_EVENT_DSX0_CONNECTED at slot 2,
port 1
00:53:08: Mica Modem(2/1): Link Initiate
00:53:08: from Trunk(0): (0/8): Tx ANSWERED (ABCD=0101)
00:53:09: Mica Modem(2/1): State Transition to Connect
00:53:13: from Trunk(0): (0/8): Rx IDLE (ABCD=1001)
00:53:14: Mica Modem(2/1): State Transition to Link
RM-NAS#
RM-NAS#
RM-NAS#
RM-NAS#
00:53:15: from Trunk(0): (0/8): Tx IDLE (ABCD=1001)
00:53:15: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_CALL_IDLE at slot 2 port
1 cause 200
00:53:15: CSM_PROC_IC7_OC6_CONNECTED: CSM_EVENT_DSX0_DISCONNECTED at slot 2,
port 1
00:53:15: Mica Modem(2/1): Link Terminate(0x6)
00:53:15: CSM(2/1): Enter csm_enter_disconnecting_state
00:53:15: VDEV_DEALLOCATE: slot 2 and port 1 is deallocated

00:53:15: Mica Modem(2/1): State Transition to Terminating
00:53:15: Mica Modem(2/1): State Transition to Idle
00:53:15: Mica Modem(2/1): Went onhook
00:53:15: CSM_PROC_IC8_OC8_DISCONNECTING: CSM_EVENT_MODEM_ONHOOK at slot 2,
port 1
00:53:15: CSM(2/1): Enter csm_enter_idle_state
00:53:15: from Trunk(0): (0/9): Rx SEIZURE (ABCD=0001)
00:53:15: VDEV_ALLOCATE: 2/2 is allocated
00:53:15:  3.dsx0 call reset dnis_collected  fap_notify
00:53:15: CSM_RX_CAS_EVENT_FROM_NEAT:(cid0009): EVENT_CALL_DIAL_IN at slot 2
and port 2
00:53:15: CSM_PROC_IDLE: CSM_EVENT_DSX0_CALL at slot 2, port 2
00:53:15: Mica Modem(2/2): Configure(0x1 = 0x0)
00:53:15: Mica Modem(2/2): Configure(0x23 = 0x2)
00:53:15: Mica Modem(2/2): Call Setup
00:53:15: csm_connect_pri_vdev: TS allocated at bp_stream 0, bp_Ch 8,
vdev_common 0x61B95A30 2/2
00:53:15: to NEAT:(cid0009) EVENT_CHANNEL_LOCK for slot0 ctlr0 chan9
00:53:16: Mica Modem(2/2): State Transition to Call Setup
00:53:16: Mica Modem(2/2): Went offhook
00:53:16: CSM_PROC_IC2_RING: CSM_EVENT_MODEM_OFFHOOK at slot 2, port 2
00:53:16:  cas_group=1, service=2
00:53:16: csm_res_response: service_type=0, fax_call=0, fap_notify=0
00:53:16: CSM_PROC_IC3_WAIT_FOR_RES_RESP: CSM_EVENT_RESOURCE_OK at slot 2,
port 2
00:53:16: CSM_RX_CAS_EVENT_FROM_NEAT:(0009):  EVENT_START_RX_TONE at slot 2
and port 2
00:53:16: from Trunk(0): (0/9): Tx SEIZURE_ACK (ABCD=1101)
00:53:16: CSM_RX_CAS_EVENT_FROM_NEAT:(0009):  EVENT_CHANNEL_CONNECTED at
slot 2 and port 2
00:53:16: CSM_PROC_IC6_WAIT_FOR_CONNECT: CSM_EVENT_DSX0_CONNECTED at slot 2,
port 2
00:53:16: Mica Modem(2/2): Link Initiate
00:53:16: from Trunk(0): (0/9): Tx ANSWERED (ABCD=0101)
00:53:17: Mica Modem(2/2): State Transition to Connect
00:53:22: Mica Modem(2/2): State Transition to Link
00:53:26: Mica Modem(2/2): State Transition to Trainup
00:53:34: Mica Modem(2/2): State Transition to Terminating
00:53:34: Mica Modem(2/2): State Transition to Idle
00:53:34: Mica Modem(2/2): Went onhook
00:53:34: CSM_PROC_IC7_OC6_CONNECTED: CSM_EVENT_MODEM_ONHOOK at slot 2, port
2
00:53:34: CSM(2/2): Enter csm_enter_idle_state
00:53:34: VDEV_DEALLOCATE: slot 2 and port 2 is deallocated

00:53:34: from Trunk(0): (0/9): Tx BWD_CLEAR (ABCD=1101)
00:53:41: from Trunk(0): (0/9): Rx IDLE (ABCD=1001)
00:53:43: from Trunk(0): (0/9): Tx IDLE (ABCD=1001)

here is my running config  :

spe 1/0 2/9
 firmware location flash:mica-modem-pw.2.9.2.0.bin
!
controller E1 0
 framing NO-CRC4
 clock source line secondary 1
 ds0-group 1 timeslots 1-15,17-31 type r2-digital
 cas-custom 1
 description E1 Demodulator 1
!
controller E1 1
 framing NO-CRC4
 ds0-group 1 timeslots 1-15,17-31 type r2-digital
 cas-custom 1
!
controller E1 2
 framing NO-CRC4
 ds0-group 1 timeslots 1-15,17-31 type r2-digital
 cas-custom 1
!

RE: Need Cheap ATM Switch [7:48945]

[Terry Hines]

Thanks for the info,
My objective would be to get a feel for end to end ATM then migrate to xdsl.
My current Environment has several 25xx devices 2 2620's and 2 3620's. When
I buy a switch I will need to interface it to these devices.

-Original Message-
From: Bernard [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 3:21 PM
To: [EMAIL PROTECTED]
Cc: 'Terry Hines'
Subject: RE: Need Cheap ATM Switch [7:48945]


Terry,

You should buy an ATM switch based on your objectives.
If you want to do SVC and PVC auto-discovery, you need a LS-1010
If you want to do PVC, SVC, but no auto-discovery, you can go for LS100.
If you want to confine yourself to PVC only with no auto-discovery and
no SVC, you might as well go for a back to back cable and no switch at
all.

Please note that you are NOT required to configure the ATM switch in the
CCIE lab.

HTH.

Bernard



 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
 Terry Hines
 Sent: Tuesday, July 16, 2002 12:28 PM
 To: [EMAIL PROTECTED]
 Subject: Need Cheap ATM Switch [7:48945]

 I am in need of suggestions on which device to purchase for atm in my
home
 lab. I have read ls 100 is a good choice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49011t=48945
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

A BGP questiion. [7:49013]

[Casey, Paul (6822)]

Can anyone help me with this. 


How do you configure a router, so that when its neighbours make a BGP
change, the BGP change will take effect without resetting the BGP TCP
session. 

Kind regards,
Paul.





This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49013t=49013
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: PIX 520 Motherboard repair replace [7:48959]

[cebuano]

Mike,
If this has been asked before, I apologize for missing it.
Is there a specific Intel NIC model required for this to work?
Is there a way to tell if it's a 2Mb or 8 or 16 Flash card?
Do you have some info on types of errors you see if the Flash is DOA?
Last, what flash file are you running on your featured frankenpix?

TIA,
Elmer

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, July 16, 2002 6:29 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX 520 Motherboard repair replace [7:48959]

Special drivers? bunk-

http://www.packetattack.com/frankenpix.html


It can be replaced with a normal, garden varity Intel SE440BX
motherboard. I
happen to use a recycled PII 300Mhz slot1 processor which had been used
as a
paperweight for the last year ;)

MikeS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49012t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Design Considerations [7:48979]

[Richard Tufaro]

Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49014t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Jeffrey Reed]

Richard, I used Nokia appliances running CheckPoint in a previous life and
it truly was a real router with a firewall application running on it. Very
capable of many different configuration options. I purchased a 501 PIX to
start playing with in the lab and a damn customer borrowed it and is now
asking me questions. I thought I heard on this board that the PIX is not a
router, hence my design question. I'm hoping I can get a better
understanding... Thanks!!


Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290


-Original Message-
From: Richard Tufaro [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 7:47 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: PIX Design Considerations [7:48979]

Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
Confidential e-mail for addressee only.  Access to this e-mail by anyone
else is unauthorized.  If you have received this message in error, please
notify the sender immediately by reply e-mail and destroy the original
communication.  1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49015t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: A BGP questiion. [7:49013]

[Vicuna, Mark]

Hi Paul,

What you mean by change?  Assuming that an UPDATE is sent, and
everything going smoothly - will keep the TCP session alive.  Receipt of
a Notification as a result of what may happen during and after the
neighbor's 'change' will disconnect the tcp session with the peer.


HTH,
Mark.


-Original Message-
From: Casey, Paul (6822) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 17 July 2002 9:21 PM
To: [EMAIL PROTECTED]
Subject: A BGP questiion. [7:49013]


Can anyone help me with this. 


How do you configure a router, so that when its neighbours make a BGP
change, the BGP change will take effect without resetting the BGP TCP
session. 

Kind regards,
Paul.






This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and
intended
solely for the use of the individual or entity to whom they are
addressed.
Any unauthorised direct or indirect dissemination, distribution or
copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.


*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49016t=49013
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: A BGP questiion. [7:49013]

[Johnny Routin]

Router config# neighbor {ip-address | peer-group-name} soft-reconfiguration
inbound

JR




Casey, Paul (6822)  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Can anyone help me with this.


 How do you configure a router, so that when its neighbours make a BGP
 change, the BGP change will take effect without resetting the BGP TCP
 session.

 Kind regards,
 Paul.







 This E-mail is from O2. The E-mail and any files
 transmitted with it are confidential and may also be privileged and
intended
 solely for the use of the individual or entity to whom they are addressed.
 Any unauthorised direct or indirect dissemination, distribution or copying
 of this message and any attachments is strictly prohibited. If you have
 received the E-mail in error please notify [EMAIL PROTECTED] or
   telephone ++ 353 1 6095000.



*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49017t=49013
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[Marty Adkins]

GEORGE wrote:
 
 Hi all I have a question ,I configured my e-mail server to only accept
 local e-mail, and deny other relay , however im still vulnerable to
 spam. My question is how do the ips block other e-mail going to their
 smtp
 Do they do it by access-list? Allowing only the local network with port
 25?
 Or just the e-mail server?
 If cisco routers have to be involved does anyone have some links. Im
 behind a pix and would like to allow only my network to use smtp.

Network layer filtering can't really do much to prevent relaying; it
has to be done in the SMTP application.  The techniques that I'm
familiar with include:
1) Disallow mail sent to non-local (different domain) addresses unless
   the SMTP source is within the local domain, as resolved in a reverse DNS.
   This is simple but prevents one from sourcing mail while traveling,
   using a different ISP, at work, etc.
2) Same as #1 but require U/P authentication for outgoing mail.
3) Same as #1 but indirectly authenticate by correlating an outgoing
   mail connection with a recent successful POP3 fetch, which naturally
   requires a U/P.  My DSL ISP, Speakeasy, does this and it works quite
   well.  If you attempt outbound mail without having done a POP fetch
   in the last several minutes, an error message tells you that you must
   do that first.

And BTW, none of these reduce spam, only the relaying of it!

  Marty Adkins Email: [EMAIL PROTECTED]
  Chesapeake NetCraftsmen, LLC o:410.757.3050,
p:[EMAIL PROTECTED]
  1290 Bay Dale Drive, Suite 312   http://www.netcraftsmen.NET
  Arnold, MD  21012-2325   Cisco CCIE #1289




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49018t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT Q. SSL Accelerators [7:49020]

[Richard Tufaro]

Hey all, kinda off topic but wanted to throw it out there and see what info
I could gleen. My company is looking into a SSL Accelerator for use with a
Lotus web client. Anyone have any recommendations, horror stories, etc?
Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49020t=49020
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: AS5300 Mica modems [7:49010]

[MADMAN]

The Micas don't beep.

 Dave

Reza wrote:
 
 Hi Group
 I'm setting up a new Cisco As5300 NAS .
 it has one 4 E1 Module and two mica 60 digital modem modules.
 every thing is OK but when I dial-up to it , there is not any beep from the
 modems .
 I debuged the CAS , CSM on it , but I can't find the Problem
 
 00:53:07: from Trunk(0): (0/8): Rx SEIZURE (ABCD=0001)
 00:53:08: VDEV_ALLOCATE: 2/1 is allocated
 00:53:08:  3.dsx0 call reset dnis_collected  fap_notify
 00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(cid0008): EVENT_CALL_DIAL_IN at slot
2
 and port 1
 00:53:08: CSM_PROC_IDLE: CSM_EVENT_DSX0_CALL at slot 2, port 1
 00:53:08: Mica Modem(2/1): Configure(0x1 = 0x0)
 00:53:08: Mica Modem(2/1): Configure(0x23 = 0x2)
 00:53:08: Mica Modem(2/1): Call Setup
 00:53:08: csm_connect_pri_vdev: TS allocated at bp_stream 0, bp_Ch 7,
 vdev_common 0x61B93DC8 2/1
 00:53:08: to NEAT:(cid0008) EVENT_CHANNEL_LOCK for slot0 ctlr0 chan8
 00:53:08: Mica Modem(2/1): State Transition to Call Setup
 RM-NAS#
 00:53:08: Mica Modem(2/1): Went offhook
 00:53:08: CSM_PROC_IC2_RING: CSM_EVENT_MODEM_OFFHOOK at slot 2, port 1
 00:53:08:  cas_group=1, service=2
 00:53:08: csm_res_response: service_type=0, fax_call=0, fap_notify=0
 00:53:08: CSM_PROC_IC3_WAIT_FOR_RES_RESP: CSM_EVENT_RESOURCE_OK at slot 2,
 port 1
 00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_START_RX_TONE at slot 2
 and port 1
 00:53:08: from Trunk(0): (0/8): Tx SEIZURE_ACK (ABCD=1101)
 00:53:08: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_CHANNEL_CONNECTED at
 slot 2 and port 1
 00:53:08: CSM_PROC_IC6_WAIT_FOR_CONNECT: CSM_EVENT_DSX0_CONNECTED at slot
2,
 port 1
 00:53:08: Mica Modem(2/1): Link Initiate
 00:53:08: from Trunk(0): (0/8): Tx ANSWERED (ABCD=0101)
 00:53:09: Mica Modem(2/1): State Transition to Connect
 00:53:13: from Trunk(0): (0/8): Rx IDLE (ABCD=1001)
 00:53:14: Mica Modem(2/1): State Transition to Link
 RM-NAS#
 RM-NAS#
 RM-NAS#
 RM-NAS#
 00:53:15: from Trunk(0): (0/8): Tx IDLE (ABCD=1001)
 00:53:15: CSM_RX_CAS_EVENT_FROM_NEAT:(0008):  EVENT_CALL_IDLE at slot 2
port
 1 cause 200
 00:53:15: CSM_PROC_IC7_OC6_CONNECTED: CSM_EVENT_DSX0_DISCONNECTED at slot
2,
 port 1
 00:53:15: Mica Modem(2/1): Link Terminate(0x6)
 00:53:15: CSM(2/1): Enter csm_enter_disconnecting_state
 00:53:15: VDEV_DEALLOCATE: slot 2 and port 1 is deallocated
 
 00:53:15: Mica Modem(2/1): State Transition to Terminating
 00:53:15: Mica Modem(2/1): State Transition to Idle
 00:53:15: Mica Modem(2/1): Went onhook
 00:53:15: CSM_PROC_IC8_OC8_DISCONNECTING: CSM_EVENT_MODEM_ONHOOK at slot 2,
 port 1
 00:53:15: CSM(2/1): Enter csm_enter_idle_state
 00:53:15: from Trunk(0): (0/9): Rx SEIZURE (ABCD=0001)
 00:53:15: VDEV_ALLOCATE: 2/2 is allocated
 00:53:15:  3.dsx0 call reset dnis_collected  fap_notify
 00:53:15: CSM_RX_CAS_EVENT_FROM_NEAT:(cid0009): EVENT_CALL_DIAL_IN at slot
2
 and port 2
 00:53:15: CSM_PROC_IDLE: CSM_EVENT_DSX0_CALL at slot 2, port 2
 00:53:15: Mica Modem(2/2): Configure(0x1 = 0x0)
 00:53:15: Mica Modem(2/2): Configure(0x23 = 0x2)
 00:53:15: Mica Modem(2/2): Call Setup
 00:53:15: csm_connect_pri_vdev: TS allocated at bp_stream 0, bp_Ch 8,
 vdev_common 0x61B95A30 2/2
 00:53:15: to NEAT:(cid0009) EVENT_CHANNEL_LOCK for slot0 ctlr0 chan9
 00:53:16: Mica Modem(2/2): State Transition to Call Setup
 00:53:16: Mica Modem(2/2): Went offhook
 00:53:16: CSM_PROC_IC2_RING: CSM_EVENT_MODEM_OFFHOOK at slot 2, port 2
 00:53:16:  cas_group=1, service=2
 00:53:16: csm_res_response: service_type=0, fax_call=0, fap_notify=0
 00:53:16: CSM_PROC_IC3_WAIT_FOR_RES_RESP: CSM_EVENT_RESOURCE_OK at slot 2,
 port 2
 00:53:16: CSM_RX_CAS_EVENT_FROM_NEAT:(0009):  EVENT_START_RX_TONE at slot 2
 and port 2
 00:53:16: from Trunk(0): (0/9): Tx SEIZURE_ACK (ABCD=1101)
 00:53:16: CSM_RX_CAS_EVENT_FROM_NEAT:(0009):  EVENT_CHANNEL_CONNECTED at
 slot 2 and port 2
 00:53:16: CSM_PROC_IC6_WAIT_FOR_CONNECT: CSM_EVENT_DSX0_CONNECTED at slot
2,
 port 2
 00:53:16: Mica Modem(2/2): Link Initiate
 00:53:16: from Trunk(0): (0/9): Tx ANSWERED (ABCD=0101)
 00:53:17: Mica Modem(2/2): State Transition to Connect
 00:53:22: Mica Modem(2/2): State Transition to Link
 00:53:26: Mica Modem(2/2): State Transition to Trainup
 00:53:34: Mica Modem(2/2): State Transition to Terminating
 00:53:34: Mica Modem(2/2): State Transition to Idle
 00:53:34: Mica Modem(2/2): Went onhook
 00:53:34: CSM_PROC_IC7_OC6_CONNECTED: CSM_EVENT_MODEM_ONHOOK at slot 2,
port
 2
 00:53:34: CSM(2/2): Enter csm_enter_idle_state
 00:53:34: VDEV_DEALLOCATE: slot 2 and port 2 is deallocated
 
 00:53:34: from Trunk(0): (0/9): Tx BWD_CLEAR (ABCD=1101)
 00:53:41: from Trunk(0): (0/9): Rx IDLE (ABCD=1001)
 00:53:43: from Trunk(0): (0/9): Tx IDLE (ABCD=1001)
 
 here is my running config  :
 
 spe 1/0 2/9
  firmware location flash:mica-modem-pw.2.9.2.0.bin
 !
 controller E1 0
  framing NO-CRC4
  clock source line secondary 1
  ds0-group 1 timeslots 1-15,17-31 type r2-digital
  cas-custom 1
  description E1 Demodulator 1
 !
 controller E1 1
  framing NO-CRC4
  

FW: PIX Design Considerations [7:48979]

[GEORGE]

I would say place an internal router behind the pix so I can route
Your internal network, or vlans's that's the way we design it here
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jeffrey Reed
Sent: Tuesday, July 16, 2002 7:19 PM
To: [EMAIL PROTECTED]
Subject: PIX Design Considerations [7:48979]

Im still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router
(not
controlled by them) that has three public class C subnets defined. They
are
not using VLANs, so the router has an interface and two sub-interfaces
going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is
not
a router. Do I need to have another router between the PIX and the LAN
to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces
on
the internal interface of the PIX if we didnt need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49022t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Robertson, Douglas]

I am not sure I would class a PIX as a router in the true sense of the word,
yes it does route traffic from interface to interface but would I use it as
a router, NO, it only supports ONE routing protocol RIP, that does not
constitute a good router in my eyes. 

Now to the question, just reading the description (I may be
mis-understanding the topology a bit) but it sounds like you have one router
ethernet interface with subinterfaces with separate subnets going to a
switch.  
I do not see how the switches are not running VLAN's and the interface must
have ISL or 802.1q. Or you don't have subinterfaces but secondary addresses.
The PIX does not support subinterfaces or secondary addressing on any
interfaces, so in this case you would require a router.

Doug

-Original Message-
From: Richard Tufaro [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 7:47 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX Design Considerations [7:48979]


Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49023t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[Nigel Taylor]

George,
 Priscilla brings up a good point in that this will not be easy.
The most important issue here
is as Priscilla pointed out, is going to revolve around the architecture of
your networks or the network
you use for connectivity(to the rest of the world). Some other questions
that may apply are very specific
to your email services.  If you have your own domain and don't relay any
mail for specific purposes, then
this will help, however mail directly address to your domain's users will be
delivered.  The problem here
is how do you determine who is allowed to send you email.  This is somewhat
of an impossible task because
there's no real way of identifying your SMTP-specific Community of
Interest (COI).

 The reason being that smtp(tcp) connections are made from any
server-to-server(your server) for the
delivery of mail.  I'm sure your smtp requirements are much like the typical
domain, in which filtering inbound mail
falls outside the area of the routed network.  It's one thing to filter a
specific hosts or number of host to
prevent the spread of a new virus. This would still only be accomplished
through monitoring of existing smtp
traffic flows,  in which you could address the issue by resolving the source
of the infected mail traffic.
Again, the traffic is only identified based on a criteria which can now be
tracked or filtered.

Where I'm going with this is that the only effective way of containing
spam is by identifying who is sending it and
most importantly what subject lines are being used in the SPAM email
received.  This is important because you might
not want to block or filter all mail inbound from hotmail.com so finding
another way to identify the spam is very
important. I'm not sure of the flexibility of  Micro$oft's exchange to
filter mail based on subject lines but,  I know
that sendmail(the best mail server) through the use of the cf file can
aide in this process.  There is assistance in the
form of various programs that does do this type of filtering, however the
need to providing the rules for the filter still
falls within the area of monitoring and prevention

Currently, we use Solaris on all of our mail servers(16 of them).  We do
relay mail for all or most of our users and
with some scripting and MySql was able compile a database of the domains and
subject lines of typical spam specific
emails. All inbound email is processed through this script which will tag
the spam email and forwards it into a separate
mail server queue for profiling(to check the validity), before being
forwarded to the user.  We have just begun to use a program
called SPAM Assassin which uses our daily updated list of spammers and
subject lines.

HTH

Nigel

P.S.  Please note the use of Howard-isms in this email..:-



- Original Message -
From: Priscilla Oppenheimer 
To: 
Sent: Tuesday, July 16, 2002 10:50 PM
Subject: Re: blocking spam with cisco routers [7:48971]


 Brad Ellis wrote:
 
  Yup, use an access list filtering IPs on port 25 (only allow
  yours through)

 Yes, but, other SMTP servers for legitimate reasons are also going to be
 opening TCP sessions to port 25 because they have e-mail to send to your
 users. It's not as easy as it sounds.

 I guess it depends on the ISP's network architecture too. We have a
 challenge where I work in that our users are on cable modems that connect
to
 the cable provider (which isn't technically us). Their e-mail requests
come
 into our network on the same interface that all Internet traffic comes in
on.

 Priscilla


 
  thanks,
  -Brad Ellis
  CCIE#5796 (RS / Security)
  [EMAIL PROTECTED]
  Cisco home labs:  www.optsys.net
  GEORGE  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Hi all I have a question ,I configured my e-mail server to
  only accept
   local e-mail, and deny other relay , however im still
  vulnerable to
   spam. My question is how do the ips block other e-mail going
  to their
   smtp
   Do they do it by access-list? Allowing only the local network
  with port
   25?
   Or just the e-mail server?
   If cisco routers have to be involved does anyone have some
  links. Im
   behind a pix and would like to allow only my network to use
  smtp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48994t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Please help me with my new baby(Pix 501) [7:48760]

[GEORGE]

conduit permit icmp any any



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Juan Blanco
Sent: Sunday, July 14, 2002 9:24 AM
To: [EMAIL PROTECTED]
Subject: Please help me with my new baby(Pix 501) [7:48760]

Team,
I just got my new baby Pix 501 (wow...how small it is, it looks like a
toy)Below is my configuration, my problem is that Pat does not seems
to
be able to work, I have cable-modem and they only provided one ip, I am
able
to ping from the firewall to any pc on my LAN, I am able to ping from
the
firewall to any ip on the Internet but I am not able to ping from any PC
on
my LAN to any ip on the Internet, Be aware that this id the first time I
am
using a Cisco Firewall, This morning I got the book Cisco Secure PIX
Firewall. Your help is very appreciated as always...Another
question,
The ios on this baby is the same on the high end firewalls, If I am able
to
learn as much as my brain can take will I be able to configure a
high-end
pix and feel comfortable.


Thanks, (What I am doing wrong..)


JB

pixfirewall# show config
: Saved
:
PIX Version 6.1(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password MTz0ptrM4U8gsjGv encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pixfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
pager lines 24
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.74.11 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 192.168.74.11 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
telnet timeout 5
ssh timeout 5
dhcpd auto_config outside
terminal width 80




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49024t=48760
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

boson Router Simulator ..Verdict [7:49004]

[Kerry]

Ladies  Gents,
   I am considering buying Boson's Router Simulator!
   I would be grateful if anyone out there that has used it can give a
feedback on what they think about the software! I am CCNP, I just need
something on my laptop I can used to try thing out.

Thanks for your anticipated help
Kerry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49004t=49004
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Ciaron Gogarty]

Hi Richard,

The simple answer to your question is yes you need a seperate router
outside the pix.  Leave your internal router alone and just add a default
route pointing at the pix interface .   

He doesn't necessarily have to be using VLANS as long as all the subnets is
routing for are on the same lan segment than the router just routes between
ip networks on the same wire.

The router you add to the scenario would be on the outside of the pix, and
would usually be connected to the  internet via a serial line, or possibly
another untrusted network.  This router than becomes the default route for
the pix itself.

You need to add a route inside command on the pix to route to the other
subnets hanging off your internal router.

You are correct, the pix performs some routing funtions but is not a fully
functional router - so you can't have things like secondary ip's on a pix
interface, therefor you need a device behind the pix that can route between
your internal networks.

outside router--pix--internalrouterip-segment
|-second-ip
segment 
|third-ip
segment


hope this helps,

C

-Original Message-
From: Robertson, Douglas [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 15:50
To: [EMAIL PROTECTED]
Subject: RE: PIX Design Considerations [7:48979]


I am not sure I would class a PIX as a router in the true sense of the word,
yes it does route traffic from interface to interface but would I use it as
a router, NO, it only supports ONE routing protocol RIP, that does not
constitute a good router in my eyes. 

Now to the question, just reading the description (I may be
mis-understanding the topology a bit) but it sounds like you have one router
ethernet interface with subinterfaces with separate subnets going to a
switch.  
I do not see how the switches are not running VLAN's and the interface must
have ISL or 802.1q. Or you don't have subinterfaces but secondary addresses.
The PIX does not support subinterfaces or secondary addressing on any
interfaces, so in this case you would require a router.

Doug

-Original Message-
From: Richard Tufaro [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 7:47 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX Design Considerations [7:48979]


Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49025t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Robertson, Douglas]

This is actually a little of topic now but it raised a question for me, how
do you add subinterfaces to a ethernet interface without enabling ISL/802.1q
from my experience the router does not permit this and requires that you
first enable ISL/802.1q. If you have ISL/802.1q you must have VLANs. Unless
you are using secondary addresses and not subinterfaces.

Doug

-Original Message-
From: Ciaron Gogarty [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 11:18 AM
To: Robertson, Douglas; [EMAIL PROTECTED]
Subject: RE: PIX Design Considerations [7:48979]


Hi Richard,

The simple answer to your question is yes you need a seperate router
outside the pix.  Leave your internal router alone and just add a default
route pointing at the pix interface .   

He doesn't necessarily have to be using VLANS as long as all the subnets is
routing for are on the same lan segment than the router just routes between
ip networks on the same wire.

The router you add to the scenario would be on the outside of the pix, and
would usually be connected to the  internet via a serial line, or possibly
another untrusted network.  This router than becomes the default route for
the pix itself.

You need to add a route inside command on the pix to route to the other
subnets hanging off your internal router.

You are correct, the pix performs some routing funtions but is not a fully
functional router - so you can't have things like secondary ip's on a pix
interface, therefor you need a device behind the pix that can route between
your internal networks.

outside router--pix--internalrouterip-segment
|-second-ip
segment 
|third-ip
segment


hope this helps,

C

-Original Message-
From: Robertson, Douglas [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 15:50
To: [EMAIL PROTECTED]
Subject: RE: PIX Design Considerations [7:48979]


I am not sure I would class a PIX as a router in the true sense of the word,
yes it does route traffic from interface to interface but would I use it as
a router, NO, it only supports ONE routing protocol RIP, that does not
constitute a good router in my eyes. 

Now to the question, just reading the description (I may be
mis-understanding the topology a bit) but it sounds like you have one router
ethernet interface with subinterfaces with separate subnets going to a
switch.  
I do not see how the switches are not running VLAN's and the interface must
have ISL or 802.1q. Or you don't have subinterfaces but secondary addresses.
The PIX does not support subinterfaces or secondary addressing on any
interfaces, so in this case you would require a router.

Doug

-Original Message-
From: Richard Tufaro [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 7:47 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX Design Considerations [7:48979]


Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49027t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Jeffrey Reed]

Can you do a dot1q trunk into a PIX?


Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: FW: PIX Design Considerations [7:48979]

I would say place an internal router behind the pix so I can route
Your internal network, or vlans's that's the way we design it here
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jeffrey Reed
Sent: Tuesday, July 16, 2002 7:19 PM
To: [EMAIL PROTECTED]
Subject: PIX Design Considerations [7:48979]

Im still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router
(not
controlled by them) that has three public class C subnets defined. They
are
not using VLANs, so the router has an interface and two sub-interfaces
going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is
not
a router. Do I need to have another router between the PIX and the LAN
to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces
on
the internal interface of the PIX if we didnt need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
Confidential e-mail for addressee only.  Access to this e-mail by anyone
else is unauthorized.  If you have received this message in error, please
notify the sender immediately by reply e-mail and destroy the original
communication.  1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49026t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BSCI [7:49028]

[[EMAIL PROTECTED]]

Hello,

Anyone taken the latest BSCI exam ?Heard that it has simulations,Any idea
about that ?
Does anyone knows the passing score of this ?

Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49028t=49028
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Jeffrey Reed]

Sorry, I meant secondary interfaces... but you answered the question.
Thanks!!


Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Robertson, Douglas
Sent: Wednesday, July 17, 2002 10:50 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX Design Considerations [7:48979]

I am not sure I would class a PIX as a router in the true sense of the word,
yes it does route traffic from interface to interface but would I use it as
a router, NO, it only supports ONE routing protocol RIP, that does not
constitute a good router in my eyes.

Now to the question, just reading the description (I may be
mis-understanding the topology a bit) but it sounds like you have one router
ethernet interface with subinterfaces with separate subnets going to a
switch.
I do not see how the switches are not running VLAN's and the interface must
have ISL or 802.1q. Or you don't have subinterfaces but secondary addresses.
The PIX does not support subinterfaces or secondary addressing on any
interfaces, so in this case you would require a router.

Doug

-Original Message-
From: Richard Tufaro [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 7:47 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX Design Considerations [7:48979]


Why don't people get the notion that a Firewall is essentially a router.
PIX = Firewall = Router... Firewall = Router. It ROUTES

 Jeffrey Reed  07/16 8:19 PM 
I?m still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router (not
controlled by them) that has three public class C subnets defined. They are
not using VLANs, so the router has an interface and two sub-interfaces going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is not
a router. Do I need to have another router between the PIX and the LAN to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces on
the internal interface of the PIX if we didn?t need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
Confidential e-mail for addressee only.  Access to this e-mail by anyone
else is unauthorized.  If you have received this message in error, please
notify the sender immediately by reply e-mail and destroy the original
communication.  1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49029t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

nbar [7:49030]

[GEORGE]

Is nbar supported on layer 3 switches?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49030t=49030
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TCP timeout question [7:48934]

[sam sneed]

By default, most OS's will keep the sockets open. When you created a socket,
you can include the SO_KEEPALIVE option. This will keep the socket open for
tcp_keepalive_interval  value of the OS, the defult is 2 hours on microsoft
and Solaris sysems. If you do not use this socket options they will stay
open forever theoretically unless the OS does some type of housekeeping that
closes old/stale file descriptors or something similiar since a socket is
simply a file descriptor. This keepalive in the OS is configurable through
ndd command in solaris or through the registry in Windows.

Thanks everyone for the info.

sam sneed  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Lets say we have host  A 22.12.12.12 and host B 99.99.99.99. Host B is a
 server listening on port 3055. Host A connects to the server B and sends
 data.  Now neither host A or B send anything to each other for 1 hour. Is
 the connection still there? Is there a timeout for the connection? I do
not
 see anything in the RFC's about keepalives for TCP connections, so how
would
 Host B know the difference between host A not sneding data for a long time
 or host A crashes?
 If I unplug the power on host A while the TCP connection is up and leave
it
 unplugged for a week and will the server still have the the connection in
 its tables when I do a netstat -an? I doubt it, so I figure the server
must
 have its own timeout on idle connections?

 Anyone known any real values for these timeouts for various OS's?

 Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49032t=48934
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice of IP / Frame-Relay and remote labs [7:48947]

[Pierre-Alex Guanel]

Manish, I think you have solved my problem ...Thanks also to Steven,
Priscilla, Tangled up in Blue, Brad and Bernard; I will try your suggestions
to.

Pierre-Alex


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49031t=48947
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Design Considerations [7:48979]

[Ciaron Gogarty]

Not yet, hopefully soon.  The only Firewall hardware platform that I'm aware
of that supports it is the Nokia with Checkpoint.

-Original Message-
From: Jeffrey Reed [mailto:[EMAIL PROTECTED]]
Sent: 17 July 2002 16:33
To: [EMAIL PROTECTED]
Subject: RE: PIX Design Considerations [7:48979]


Can you do a dot1q trunk into a PIX?


Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: FW: PIX Design Considerations [7:48979]

I would say place an internal router behind the pix so I can route
Your internal network, or vlans's that's the way we design it here
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jeffrey Reed
Sent: Tuesday, July 16, 2002 7:19 PM
To: [EMAIL PROTECTED]
Subject: PIX Design Considerations [7:48979]

Im still pretty green with PIX in general and was talking today about
introducing a PIX into an existing network. The customer has a router
(not
controlled by them) that has three public class C subnets defined. They
are
not using VLANs, so the router has an interface and two sub-interfaces
going
into a switches network. We want to put the PIX in between the outside
router and the LAN. I know this group has said several times the PIX is
not
a router. Do I need to have another router between the PIX and the LAN
to
perform routing between subnets? I assume the PIX will not facilitate
routing between the internal subnets. Can you define multiple interfaces
on
the internal interface of the PIX if we didnt need to route between the
internal VLANs?

Any suggestions would be appreciated!

Jeffrey Reed
Classic Networking, Inc.
Cell 717-805-5536
Office 717-737-8586
FAX 717-737-0290
Confidential e-mail for addressee only.  Access to this e-mail by anyone
else is unauthorized.  If you have received this message in error, please
notify the sender immediately by reply e-mail and destroy the original
communication.  1
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49033t=48979
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN with Cisco 806 [7:49034]

[Dain Deutschman]

Hi Everyone,

VPN Question: I have a client with 16 small locations ( 2-8 nodes per
location ) that may want to access a Windows Terminal Server at a central
site in the future to run thier database app. Not all the locations have
broadband internet access...although they will within a year or two. The
speed of the broadband is on average around 400-500Kbps ( with the exception
of the dial-up ).
Will a Cisco 806 at the central site and a mix of software VPN clients and
806 routers at the remote sites work? Or would an 806 not be able to keep up
on the performance side? Any suggestions?

--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49034t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Bridging LANs over VPN [7:49035]

[exchange]

Hi All,

Does anybody know of a way to setup VPN to bridge traffic between two
LANs using a Cisco router and either a VPN client or something else?  I
only have one Cisco router and the other end can be anything.  I tried
setting up IPSEC over VPN under Cisco IOS and it works but it doesn't
bridge traffic.  Any ideas or advice?

Thanks!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49035t=49035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco VPN client and dial-up [7:49036]

[Paul]

Hi guy's ...

If I dial-up to an ISP .. get a connection .. then activate the Cisco VPN
client 3.1 .. I get a secure VPN connection ... However, if I set the VPN
client to dial the ISP automatically then create a secure VPN connection .. I
fail to get connected nad get a connection to ISP error !!!
I am waiting for a newer Cisco VPN client  Has anyone experienced
this
connectivity issue 

Regards

Paul ...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49036t=49036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: AS5300 Mica modems [7:49010]

[Michael Williams]

That's what I was thinking (and about to reply with) but I wasn't for sure
if there wasn't some option to turn on some sound capability.  But now that
I'm thinking about it, you can look at those MICA SIMMS and there is clearly
no speaker on them =)

Mike W.

MADMAN wrote:
 
 The Micas don't beep.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49037t=49010
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: bandwidth question [7:49002]

[Priscilla Oppenheimer]

birdy wrote:
 
 Can anyone tell me why
 
 I have 2 Mbps WAN connection that reached 95 % utilisation
 during peak time.

For how long was it at 95%? That would definitely worry me, unless it turned
out that the peak was just a few seconds or something.

 When I try to ping to my provider serial interface(next hop),it
 register 10%
 packet loss
 
 My router serial interface is showing 1.9Mbps (incoming
 traffic). Since the
 router is receiving 1.9 Mbps out of the 2M pipe,which means
 that there is
 still a balance of 0.1 Mbps (100 k) and so therotically
 speaking, there
 should not be any packet loss.

Pings may not be a good way to measure packet loss because the provider may
rate limit its responses to pings. But even if that's not the case, there
could be packet loss when the average utilization was 95%. Over how much
time was the average calculated? There could have been times when the
utilization was 50% and there could have been times (like right when you
were sending the pings) when the utilization was 100% and packets had to get
dropped. That could still work out to an average of 95%.

 
 I think is time for me to upgrade my bandwidth

That could be true, but you may want to do a more detailed study over a
longer timeframe, (unless users are already making a stink).

Good luck.

Priscilla


 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49038t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

2 T1's to our provider [7:49039]

[W. Kevin Hunt]

We are upgrading to 2 T1's to our provider, Fractional DS3 is prohibitively
expensive in our rural area.
Has anyone done any speed comparisons on using round robin style static
routes
(i.e. 2 default routes w/ same cost) versus EIGRP's load balanceing versus
running MLPPP on the Serial interfaces?  We're currently using a 2621 but are
open to bigger routers.



Kevin Hunt
CCNP, MCSE, MCT, Linux+ SME




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49039t=49039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[W. Kevin Hunt]

I wouldn't even think of using a router for this purpose unless you are only
using smtp mail between your own sites and don't want outside email f/
anywhere.
We run spamassasin (www.spamassasin.org) on our mail server and it cuts out
80-90% of our SPAM.

Kevin Hunt
CCNP, MCSE, MCT, Linux+ SME

- Original Message -
From: Marty Adkins 
To: 
Sent: Wednesday, July 17, 2002 8:01 AM
Subject: Re: blocking spam with cisco routers [7:48971]


 GEORGE wrote:
 
  Hi all I have a question ,I configured my e-mail server to only accept
  local e-mail, and deny other relay , however im still vulnerable to
  spam. My question is how do the ips block other e-mail going to their
  smtp
  Do they do it by access-list? Allowing only the local network with port
  25?
  Or just the e-mail server?
  If cisco routers have to be involved does anyone have some links. Im
  behind a pix and would like to allow only my network to use smtp.

 Network layer filtering can't really do much to prevent relaying; it
 has to be done in the SMTP application.  The techniques that I'm
 familiar with include:
 1) Disallow mail sent to non-local (different domain) addresses unless
the SMTP source is within the local domain, as resolved in a reverse
DNS.
This is simple but prevents one from sourcing mail while traveling,
using a different ISP, at work, etc.
 2) Same as #1 but require U/P authentication for outgoing mail.
 3) Same as #1 but indirectly authenticate by correlating an outgoing
mail connection with a recent successful POP3 fetch, which naturally
requires a U/P.  My DSL ISP, Speakeasy, does this and it works quite
well.  If you attempt outbound mail without having done a POP fetch
in the last several minutes, an error message tells you that you must
do that first.

 And BTW, none of these reduce spam, only the relaying of it!

   Marty Adkins Email: [EMAIL PROTECTED]
   Chesapeake NetCraftsmen, LLC o:410.757.3050,
 p:[EMAIL PROTECTED]
   1290 Bay Dale Drive, Suite 312   http://www.netcraftsmen.NET
   Arnold, MD  21012-2325   Cisco CCIE #1289




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49040t=48971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP with 2600 Router [7:48709]

[Gaz]

I'm not sure.

I think I found the answer. I didn't understand the two stage dialling which
I think I do now.
The voip dial peer sends all digits whereas the pots dial peer strips the
matched digits.
The destination pattern for an operator (dial 0) on a remote site would be
something like:

dial-peer voice 1 voip
  destination-pattern 70
  session target ipv4:1.1.1.1

Then at the remote site the corresponding pattern would be:

dial-peer voice 1 pots
 destination-pattern 7.
 port 2/1


Is this correct?  i.e. would this allow users to dial 70 for the remote
operator as well as dialled numbers such as 7201 as long as there is also a
dial-peer like this on the remote site:

dial-peer voice 2 pots
 destination-pattern 7...
 port 2/1

I'm just trying to confirm whether the first dial peer would intercept the
longer string and throw the other two digits away.

Thanks,

Gaz



Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm not sure I understand the question.  If the question is, if there's a
 number 335, and I tell the router 355 is over on a different router, is
that
 a valid dial-peer (355).  If that's the question, yes it is.

 Did I understand the question correctly?


 Gaz  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  On a similar subject - Is it possible to use a destination-pattern of
for
  instance 70 (no wild cards or anything) and still get it to work. The
 reason
  for this is to allow users to phone the operator of another site using
 just
  the trunk code and a 0.
  As it is the router comes back with something like 'no number to dial'
 even
  when used with prefix 70, because there is nothing except the
  destination-pattern.
 
  Basically the destination-pattern needs to be the full number.
 
  Hope I've explained myself well enough.
 
  Please excuse the VoIP newbie.
 
 
  Gaz
 
 
  Steven A. Ridder  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   I'd do some dubugs like debug voice ccapi inout to see what numbers
 are
   being sent to the PBX and across the IP call leg (on both sides).
  
   I'd also try to validate your dialing plan by doing a show dialplan
  number
   (DN you wish to test) to see whci dial-peer the router thinks it
should
  be
   using.
  
   Finally check for codec mismatches, missing routes in the routing
table
   etc..
  
  
  
   Firesox  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Site A
voice-card 1
!
ip subnet-zero
no ip source-route
no ip finger
!
lane client flush
!
!
controller T1 1/0
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type em-wink-start
 cas-custom 1
!
!
voice-port 1/0:1
 operation 4-wire
!
!
dial-peer voice 1 pots
 destination-pattern 370..
 port 1/0:1
 prefix 370
!
dial-peer voice 10 voip
 destination-pattern 79..
 session target ipv4:1.1.1.2
!
dial-peer voice 2 pots
 destination-pattern 374..
 port 1/0:1
 prefix 374
!
!
interface FastEthernet0/0
 bandwidth 1
 ip address x.x.x.x x.x.x.x
 speed 10
 full-duplex
!
interface Serial0/0
 bandwidth 1536
 ip address 2.2.2.2 255.255.255.252
 no fair-queue
 down-when-looped
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0

Site B
   
voice-card 1
!
ip subnet-zero
no ip source-route
!
lane client flush
!
!
controller T1 1/0
 framing esf
 linecode b8zs
 ds0-group 1 timeslots 1-24 type em-wink-start
 cas-custom 1
!
!
voice-port 1/0:1
 operation 4-wire
!
!
dial-peer voice 1 pots
 destination-pattern 79..
 port 1/0:1
 prefix 79
!
dial-peer voice 10 voip
 destination-pattern 370..
 session target ipv4:2.2.2.2
!
dial-peer voice 11 voip
 destination-pattern 374..
 session target ipv4:2.2.2.2
!
!
interface FastEthernet0/0
 ip address x.x.x.x x.x.x.x
 duplex auto
 speed auto
!
interface Serial0/0
 bandwidth 1544
 ip address 1.1.1.2 255.255.255.252
 no ip mroute-cache
 no fair-queue
!
ip classless
ip route 0.0.0.0 0.0.0.0 1.1.1.1
no ip http server




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49041t=48709
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: management platforms [7:49042]

[Roberts, Larry]

Guys,

I'm trying to justify why I don't want a single management platform for all
our servers, as well as our routers and switches.
We are 2 distinct group with no cross-functionality between the Wan group
and the Server group. 
Our Server guys are trying to purchase OpenView to manage it all, but we
already have a fully functional CW2K installation
And don't see the advantages of using OpenView. 

I'm looking for all of your experiences and recommendations for and against
a single platform.
We use CW2K,Solarwinds and What's Up currently to manage and report on
up/down and utilization..


Thanks

Larry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49042t=49042
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

mpls vis a vis the routing switching track [7:49048]

[Mirza, Timur]

based on the url above, can i understand that after token, igrp  token over
dlsw will no longer be on the routing  switching exam after october, that
mpls will NOT become part of the routing  switching track, since it has
already been classified as part of the communications  services track?

Timur Mirza
Principal Network Engineer
Network Planning  Engineering, West Region
15505-B Sand Canyon Avenue
Irvine, California 92618
Verizon Wireless
949.286.6623 (o)
949.697.7964 (c)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49048t=49048
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New Lab Format [7:48731]

[Michael Witte]

I personally had a Nov 4th lab date and was able to swap to a Oct 24th date
a couple of weeks ago. My thinking was that if they are getting rid of IPX
and token switch stuff(fairly easy), that content will be replaced by other
areas, not neccesarily the 3550 switch. I was totally geared up to take a
test that had token ring and IPX in it and have been preparing for that
since Jan. To throw out all of the study effort was painful and I didn't
want to conquer new ground right now. I still need some more work on ATM,
VOIP and BGP but everything else is pretty good. One good thing is that I am
taking Caslow's class in Sept and he will be covering both the pre Nov 4th
material and post Nov 4th material. This way if I am one of the 85% taking
it over I will know what else to cover.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49049t=48731
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Broadcasting and the all ones subnet [7:48996]

[Priscilla Oppenheimer]

Wesley wrote:
 
 So there isn't a broadcast address for all /27 subnets?

I don't think sending to all subnets of a network is something that IP ever
defined.

 I
 basically
 understand that the last address of each subnet is reserved for
 subnet
 broadcast. I was just wondering if the broadcasting
 architecture allowed for
 all subnets to be broadcasted at once. And Mark, since you are
 the only one
 replying mind if you check out the CCO link in the original

I hope Mark will answer too, but since we're the only ones talking now, I'll
jump in. ;-)

 post and tell me
 your views on the issues that I have highlighted. I'll provide
 the link
 again
 
 http://www.cisco.com/warp/public/105/40.html

I think the main thing to realize about the article is that it's a very
strange case. Notice that the Asynch routers have a bunch of host-specific
routes (/32). And then their E0's are configured with a /24 subnet mask,
even though they probably should really be /26 to fit the network design.

And then to make the problem happen they had to have a host misconfigured
for /24 also and have it send a NetBIOS (or other) broadcast to x.x.x.255.

I suggest that you set up a more normal situation in your lab and see if you
can get the problem to happen. Perhaps TAC ran into a problem matching the
scenario they describe. But is the problem reproducible under more normal
condistions? (Perhaps TAC just made up the scenario too!? There are parts of
it that aren't too believable. ;-)

Please see a few more comments below.

snip

  
   I was going thru this article about the effect of using the
 all ones
   subnet.
   There are somethings that I'm still confused about. The
 link is
  
   http://www.cisco.com/warp/public/105/40.html
  
   1. In the first example, when host 195.1.1.24 sends a local
 broadcast
  to
   195.1.1.255, will hosts attached to router 2's async lines
 receive the
   broadcast?

No, the asynch lines are using /32.

  
   2. OK, its a directed broadcast and router 2 looks up its

I don't think Router 2 thinks it's a directed broadcast. The destination
address doesn't match any of the /32 host routes, so Router 2 sends the
packet out the default route.

 routing
  table
   and
   forwards it out using the default route. Router 1 receives
 the packet.
  I
   believe the packet is forwarded out to all 192.1.1.x/26
 subnets,
  right?

No, not all subnets. Router 1 has a specific route for subnet 192.1.1.192.
(1100 in the last octet). If a packet comes into that subnet, it's
supposed to go to Router 5. See the static route that points to Router 5
(195.1.2.5).

Now, Router 1 should recognize that the incoming packet is a directed
broadcast for subnet 192 and not forward it if no ip directed-broadcast is
configured, which is the default these days.

   Will
   Router 1  forward the packet back to Router 2? I hope not
  

No.

   2a. Another way of looking at it is router 1 thinks that it
 is a
   broadcast
   only for subnet 195.1.1.192  and forwards it out only to
 router 5.

That's my interpretation too.

  Hmmm
   
   I'm definitely confused
  
   3. Router 5 receives the packet from router 1. How will it
 interpret
  the
   packet? I'm guessing that the router sees it as a directed
 broadcast

Router 5, like Router 2, has a bunch of /32 host routes. The incoming packet
doesn't match any of those, so Router 5 sends it out the default route.

  and
   send it out via the default route. Is it normal that
 routers forward a
   packet out from an interface that it received on? 

Well, not too common, but it does happen sometimes. 

 As in its
 received
  on
   e0
   and forwarded out e0 as well
  
   4. Once router 1 receives the packet from router 5, will it
 forward
  the
   packet out to all 192.1.1.x/26 subnets again or just to
 router 5.

Just to Router 5

 The
   article did not detail this part and just specified that it
 will
  bounce
   between routers 1 and 5. It also says that routers 2 thru 4
 see the
   'broadcast' only once. The way I see it , if all subnets
 receive the
   broadcast then routers 2 thru 4 should receive the packets
 as many
  times
   as
   router 5.
  
   I would appreciate all the help I can get. I know you gurus
 can help
  me
   out.
   Thanks!!
  
   Wes
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49050t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN with Cisco 806 [7:49034]

[chris]

Why don't you elimated the software vpn clients and terminate a single vpn
tunnel on the 806, perfromance will be alot better.  The 806 should be fine
in this scenario.

Chris
Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Everyone,

 VPN Question: I have a client with 16 small locations ( 2-8 nodes per
 location ) that may want to access a Windows Terminal Server at a central
 site in the future to run thier database app. Not all the locations have
 broadband internet access...although they will within a year or two. The
 speed of the broadband is on average around 400-500Kbps ( with the
exception
 of the dial-up ).
 Will a Cisco 806 at the central site and a mix of software VPN clients and
 806 routers at the remote sites work? Or would an 806 not be able to keep
up
 on the performance side? Any suggestions?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49051t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: boson Router Simulator ..Verdict [7:49004]

[Michael Witte]

Don't waste your time. Get a couple of 2500 routers and serial crossover on
EBAY. I got mine for around $450. The Boson won't do debugs and a lot of
other things you need. You will want the equipment anyway when you go for
the lab.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49047t=49004
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: blocking spam with cisco routers [7:48971]

[Don Queen]

You'll need a mail relay program like Worldsecure(now Tumbleweed)  that
searches the content of the message before relaying it to the internal
e-mail server. As others have stated, other e-mail servers will open smtp
connections to your mail server in order to send mail. Most spammers change
IP addresses constantly to avoid being blocked by devices such as routers.
- Original Message -
From: Nigel Taylor 
To: 
Sent: Wednesday, July 17, 2002 10:22 AM
Subject: Re: blocking spam with cisco routers [7:48971]


 George,
  Priscilla brings up a good point in that this will not be
easy.
 The most important issue here
 is as Priscilla pointed out, is going to revolve around the architecture
of
 your networks or the network
 you use for connectivity(to the rest of the world). Some other questions
 that may apply are very specific
 to your email services.  If you have your own domain and don't relay any
 mail for specific purposes, then
 this will help, however mail directly address to your domain's users will
be
 delivered.  The problem here
 is how do you determine who is allowed to send you email.  This is
somewhat
 of an impossible task because
 there's no real way of identifying your SMTP-specific Community of
 Interest (COI).

  The reason being that smtp(tcp) connections are made from any
 server-to-server(your server) for the
 delivery of mail.  I'm sure your smtp requirements are much like the
typical
 domain, in which filtering inbound mail
 falls outside the area of the routed network.  It's one thing to filter a
 specific hosts or number of host to
 prevent the spread of a new virus. This would still only be accomplished
 through monitoring of existing smtp
 traffic flows,  in which you could address the issue by resolving the
source
 of the infected mail traffic.
 Again, the traffic is only identified based on a criteria which can now
be
 tracked or filtered.

 Where I'm going with this is that the only effective way of containing
 spam is by identifying who is sending it and
 most importantly what subject lines are being used in the SPAM email
 received.  This is important because you might
 not want to block or filter all mail inbound from hotmail.com so finding
 another way to identify the spam is very
 important. I'm not sure of the flexibility of  Micro$oft's exchange to
 filter mail based on subject lines but,  I know
 that sendmail(the best mail server) through the use of the cf file can
 aide in this process.  There is assistance in the
 form of various programs that does do this type of filtering, however the
 need to providing the rules for the filter still
 falls within the area of monitoring and prevention

 Currently, we use Solaris on all of our mail servers(16 of them).  We do
 relay mail for all or most of our users and
 with some scripting and MySql was able compile a database of the domains
and
 subject lines of typical spam specific
 emails. All inbound email is processed through this script which will tag
 the spam email and forwards it into a separate
 mail server queue for profiling(to check the validity), before being
 forwarded to the user.  We have just begun to use a program
 called SPAM Assassin which uses our daily updated list of spammers and
 subject lines.

 HTH

 Nigel

 P.S.  Please note the use of Howard-isms in this email..:-



 - Original Message -
 From: Priscilla Oppenheimer
 To:
 Sent: Tuesday, July 16, 2002 10:50 PM
 Subject: Re: blocking spam with cisco routers [7:48971]


  Brad Ellis wrote:
  
   Yup, use an access list filtering IPs on port 25 (only allow
   yours through)
 
  Yes, but, other SMTP servers for legitimate reasons are also going to be
  opening TCP sessions to port 25 because they have e-mail to send to your
  users. It's not as easy as it sounds.
 
  I guess it depends on the ISP's network architecture too. We have a
  challenge where I work in that our users are on cable modems that
connect
 to
  the cable provider (which isn't technically us). Their e-mail requests
 come
  into our network on the same interface that all Internet traffic comes
in
 on.
 
  Priscilla
 
 
  
   thanks,
   -Brad Ellis
   CCIE#5796 (RS / Security)
   [EMAIL PROTECTED]
   Cisco home labs:  www.optsys.net
   GEORGE  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi all I have a question ,I configured my e-mail server to
   only accept
local e-mail, and deny other relay , however im still
   vulnerable to
spam. My question is how do the ips block other e-mail going
   to their
smtp
Do they do it by access-list? Allowing only the local network
   with port
25?
Or just the e-mail server?
If cisco routers have to be involved does anyone have some
   links. Im
behind a pix and would like to allow only my network to use
   smtp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49044t=48971
--
FAQ, list archives, and 

Re: 2 T1's to our provider [7:49039]

[Chuck]

Just had something come up with a customer along these lines.

Your provider may or may not do MPPP with customers. I believe SBCIS, for
example, will not do it no way no how.  So first thing, check with your
provider as to what they are willing to do.

Per packet load share on the 26xx platform may not perform very well. The
customer I referred to complained to me that their network performance was
LOTS faster with a single T1 than with per packet load share across 2 T-1s
( this is a frame network, and I don't recall the CIR's or other factors. No
I did not design it. Someone else did. Now I have to fix it  :- wrote in
message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 We are upgrading to 2 T1's to our provider, Fractional DS3 is
prohibitively
 expensive in our rural area.
 Has anyone done any speed comparisons on using round robin style static
 routes
 (i.e. 2 default routes w/ same cost) versus EIGRP's load balanceing versus
 running MLPPP on the Serial interfaces?  We're currently using a 2621 but
are
 open to bigger routers.



 Kevin Hunt
 CCNP, MCSE, MCT, Linux+ SME




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49056t=49039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Off Topic - Whither IS-IS - Cisco's vision going forward [7:49057]

[Chuck]

I have now seen and heard this from several sources within Cisco - IS-IS is
not being considered in the L3 switches other than those we would call
core

I.e. the 4cxxx and the 3550-xx L3 switches do not support IS-IS, nor are
there plans to do so on those boxes.

Recognizing that things can always change, I'm wondering what might be the
reason? Lack of customer interest? Recognition of IS-IS as a specialized
protocol less suitable for normal enterprise type stuff?

Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49057t=49057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Control Break Sequence [7:4988]

[Daniel Cotts]

Original question was to jobs list. DanC moved it to Groupstudy.

Can you get into any other router with the same laptop running the same
terminal emulation software? i.e. Is the problem the router or the terminal
emulation software? If software you can go to Hilgraeve.com and download a
version of Hyperterminal that works. Also teraterm has been favorably
mentioned. Check the GroupStudy archives for where to find it.

 -Original Message-
 From: McHugh Randy [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, July 17, 2002 3:02 PM
 To: [EMAIL PROTECTED]
 Subject: Control Break Sequence [3:4988]
 
 
 I am trying to break into  a 4000 router and cant seem to get 
 into ROMMON
 mode with all fo the standards break key combinations. I have 
 a dell lap top
 and have tried control-break sequence . Does any one have any 
 suggestions
 that I may have not tried?
 thx
 Randy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49059t=4988
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN with Cisco 806 [7:49034]

[Ciaron Gogarty]

Hi Chris,

I would suggest going with one of the bigger VPN optimized routers such as
the 1700 series.  I'm pretty sure the 800 would not be able to support 15
tunnels using 3des (assuming your going to use 3des).  Normally the 800
would be used in one of the remote sites, with a 1700 or so in the central
site.

hope this helps,

C
-Original Message-
From: chris
To: [EMAIL PROTECTED]
Sent: 17/07/02 20:05
Subject: Re: VPN with Cisco 806 [7:49034]

Why don't you elimated the software vpn clients and terminate a single
vpn
tunnel on the 806, perfromance will be alot better.  The 806 should be
fine
in this scenario.

Chris
Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Everyone,

 VPN Question: I have a client with 16 small locations ( 2-8 nodes per
 location ) that may want to access a Windows Terminal Server at a
central
 site in the future to run thier database app. Not all the locations
have
 broadband internet access...although they will within a year or two.
The
 speed of the broadband is on average around 400-500Kbps ( with the
exception
 of the dial-up ).
 Will a Cisco 806 at the central site and a mix of software VPN clients
and
 806 routers at the remote sites work? Or would an 806 not be able to
keep
up
 on the performance side? Any suggestions?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept for the
presence of computer viruses.

For more information contact [EMAIL PROTECTED]

phone + 353 1 4093000

fax + 353 1 4093001

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49058t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Opinions on Cisco Interactive Mentor [7:49060]

[Christopher Supino]

All,

Has anyone tried the CIM products? I was considering purchasing the BGP
CIM and wanted to get some feedback before making the investment.

Chris 

Christopher Supino
CCDP, CCNP, MCSE, Compaq ASE, CNA 
Senior Network Design Engineer
TransNet Corp.
45 Columbia Road
Somerville, New Jersey 08876
Ph 908 947 0198
Cell 908 296 0446
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49060t=49060
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Off Topic - Whither IS-IS - Cisco's vision going forward [7:49061]

[Moffett, Ryan]

I attended Networkers 2002 in San Diego and got the impression to look out
for more IS-IS in the future.   Specifically, Cisco is working to achieve
feature parity between OSPF and IS-IS, plus comments were made in the Router
Architecture Power Session that IS-IS is getting a stronger Enterprise
following, especially in Europe.   

-Original Message-
From: Chuck [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, July 17, 2002 4:48 PM
To: [EMAIL PROTECTED]
Subject: Off Topic - Whither IS-IS - Cisco's vision going forward [7:49057]


I have now seen and heard this from several sources within Cisco - IS-IS is
not being considered in the L3 switches other than those we would call
core

I.e. the 4cxxx and the 3550-xx L3 switches do not support IS-IS, nor are
there plans to do so on those boxes.

Recognizing that things can always change, I'm wondering what might be the
reason? Lack of customer interest? Recognition of IS-IS as a specialized
protocol less suitable for normal enterprise type stuff?

Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49061t=49061
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2 T1's to our provider [7:49039]

[Scott Nawalaniec]

Hi Kevin,

We were in the same scenario in which you have described. The way I choose
to do is keep it simple and efficient and cost effective. We have dual PTP
connections on a Cisco 2650 with CEF, default routes, and per packet load
sharing. I can max out the t1's and it barely taxes the router resources and
on top of this I have about a 20 line access control list filtering traffic.
=) This router is a workhorse and I'm in love it. The 2650 uses a faster
memory and cpu than the 2621 but I think the 2621 would work. 

Hope this helps you in some way,

Scott 

-Original Message-
From: W. Kevin Hunt [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, July 17, 2002 10:22 AM
To: [EMAIL PROTECTED]
Subject: 2 T1's to our provider [7:49039]

We are upgrading to 2 T1's to our provider, Fractional DS3 is prohibitively
expensive in our rural area.
Has anyone done any speed comparisons on using round robin style static
routes
(i.e. 2 default routes w/ same cost) versus EIGRP's load balanceing versus
running MLPPP on the Serial interfaces?  We're currently using a 2621 but
are
open to bigger routers.



Kevin Hunt
CCNP, MCSE, MCT, Linux+ SME




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49065t=49039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Control Break Sequence [7:4988]

[YASSER ALY]

Once upon a time I have been told that doing the following will let you
to the ROMMON even if you don't know the proper break key combinations

1- Open your software that you use to access the router through the
console.

2- Adjust the Baud Rate to be 2400 bps

3- Power on your router.

4- Keep pressing on the space bar for like a min.

5- Re-adjust the Baud Rate to the normal speed.

6- Reconnecting to the router you will find it in the ROMMON.

 

The concept behind this procedure is playing with the 1's and 0's signal
level that a router should expect to go to ROMMON.

Sounds wierd but I tried it and it works.

HTH

  I am trying to break into a 4000 router and cant seem to get
  into ROMMON   mode with all fo the standards break key
combinations. I have   a dell lap top   and have tried control-break
sequence . Does any one have any   suggestions   that I may have not
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49066t=4988
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: blocking spam with cisco routers [7:48971]

[GEORGE]

Thanks for your replies

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Don Queen
Sent: Wednesday, July 17, 2002 2:47 PM
To: [EMAIL PROTECTED]
Subject: Re: blocking spam with cisco routers [7:48971]

You'll need a mail relay program like Worldsecure(now Tumbleweed)  that
searches the content of the message before relaying it to the internal
e-mail server. As others have stated, other e-mail servers will open
smtp
connections to your mail server in order to send mail. Most spammers
change
IP addresses constantly to avoid being blocked by devices such as
routers.
- Original Message -
From: Nigel Taylor 
To: 
Sent: Wednesday, July 17, 2002 10:22 AM
Subject: Re: blocking spam with cisco routers [7:48971]


 George,
  Priscilla brings up a good point in that this will not be
easy.
 The most important issue here
 is as Priscilla pointed out, is going to revolve around the
architecture
of
 your networks or the network
 you use for connectivity(to the rest of the world). Some other
questions
 that may apply are very specific
 to your email services.  If you have your own domain and don't relay
any
 mail for specific purposes, then
 this will help, however mail directly address to your domain's users
will
be
 delivered.  The problem here
 is how do you determine who is allowed to send you email.  This is
somewhat
 of an impossible task because
 there's no real way of identifying your SMTP-specific Community of
 Interest (COI).

  The reason being that smtp(tcp) connections are made from any
 server-to-server(your server) for the
 delivery of mail.  I'm sure your smtp requirements are much like the
typical
 domain, in which filtering inbound mail
 falls outside the area of the routed network.  It's one thing to
filter a
 specific hosts or number of host to
 prevent the spread of a new virus. This would still only be
accomplished
 through monitoring of existing smtp
 traffic flows,  in which you could address the issue by resolving the
source
 of the infected mail traffic.
 Again, the traffic is only identified based on a criteria which can
now
be
 tracked or filtered.

 Where I'm going with this is that the only effective way of containing
 spam is by identifying who is sending it and
 most importantly what subject lines are being used in the SPAM email
 received.  This is important because you might
 not want to block or filter all mail inbound from hotmail.com so
finding
 another way to identify the spam is very
 important. I'm not sure of the flexibility of  Micro$oft's exchange to
 filter mail based on subject lines but,  I know
 that sendmail(the best mail server) through the use of the cf file
can
 aide in this process.  There is assistance in the
 form of various programs that does do this type of filtering, however
the
 need to providing the rules for the filter still
 falls within the area of monitoring and prevention

 Currently, we use Solaris on all of our mail servers(16 of them).  We
do
 relay mail for all or most of our users and
 with some scripting and MySql was able compile a database of the
domains
and
 subject lines of typical spam specific
 emails. All inbound email is processed through this script which will
tag
 the spam email and forwards it into a separate
 mail server queue for profiling(to check the validity), before being
 forwarded to the user.  We have just begun to use a program
 called SPAM Assassin which uses our daily updated list of spammers
and
 subject lines.

 HTH

 Nigel

 P.S.  Please note the use of Howard-isms in this email..:-



 - Original Message -
 From: Priscilla Oppenheimer
 To:
 Sent: Tuesday, July 16, 2002 10:50 PM
 Subject: Re: blocking spam with cisco routers [7:48971]


  Brad Ellis wrote:
  
   Yup, use an access list filtering IPs on port 25 (only allow
   yours through)
 
  Yes, but, other SMTP servers for legitimate reasons are also going
to be
  opening TCP sessions to port 25 because they have e-mail to send to
your
  users. It's not as easy as it sounds.
 
  I guess it depends on the ISP's network architecture too. We have a
  challenge where I work in that our users are on cable modems that
connect
 to
  the cable provider (which isn't technically us). Their e-mail
requests
 come
  into our network on the same interface that all Internet traffic
comes
in
 on.
 
  Priscilla
 
 
  
   thanks,
   -Brad Ellis
   CCIE#5796 (RS / Security)
   [EMAIL PROTECTED]
   Cisco home labs:  www.optsys.net
   GEORGE  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi all I have a question ,I configured my e-mail server to
   only accept
local e-mail, and deny other relay , however im still
   vulnerable to
spam. My question is how do the ips block other e-mail going
   to their
smtp
Do they do it by access-list? Allowing only the local network
   with port
25?
Or just the e-mail server?
If cisco routers have to be involved does anyone have some
   

gk_process Error decoding RAS Message...discarding [7:49067]

[Reza]

Hi Group
I have a problem on my gatekeeper , I turned ras, h225 , gatekeeper debugs
on and then
I get this error message when my gateway sends a call to my gatekeeper

gk_process Error decoding RAS Message...discarding


I searched for the meaning of the message and I found :

When a router is configured and used as a gatekeeper, the gatekeeper process
does not return the held memory. This behavior causes subsequent calls to be
refused and the following error message to be displayed:


but I can't understand it...
plz help me




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49067t=49067
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: mpls vis a vis the routing switching track [7:49048]

[Mirza, Timur]

i forgot to include the url, here it is:

http://www.cisco.com/warp/public/625/ccie/certifications/cert.html

-Original Message-
From: Mirza, Timur [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 17, 2002 11:53 AM
To: [EMAIL PROTECTED]
Subject: mpls vis a vis the routing  switching track [7:49048]


based on the url above, can i understand that after token, igrp  token over
dlsw will no longer be on the routing  switching exam after october, that
mpls will NOT become part of the routing  switching track, since it has
already been classified as part of the communications  services track?

Timur Mirza
Principal Network Engineer
Network Planning  Engineering, West Region
15505-B Sand Canyon Avenue
Irvine, California 92618
Verizon Wireless
949.286.6623 (o)
949.697.7964 (c)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49054t=49048
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Voice jargon [7:49068]

[blitzlight]

Hi all,

I'm currenty preparing for CIPTSS certification, and as I'm coming from 
data background, I find myself swimming in a foreign pool and start getting 
drowned with different voice codecs, standards, signalling etc. I should 
say the learning curve is really steep.
Having said that, it's the voice-related-jargon which I can't make sense 
out of it.

Hairpining?
Tromboning? (can't find satisfactory definition from CCO)
Is hairpining=tromboning?

Any help/pointers is appreciated.

Regards,
Blitz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49068t=49068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MCP Magazine's 7th Annual Salary Survey [7:49063]

[Ole Drews Jensen]

FYI,

http://mcpmag.com/salarysurveys/

Ole

~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~
 http://www.RouterChief.com
~
 Need a Job?
 http://www.OleDrews.com/job
~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49063t=49063
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: FW: PIX 520 Motherboard repair replace [7:48959]

[Mike Sweeney]

Intel Etherexpress 10/100B  which has a S82557 chipset. Others may work but
these I've tested and have been very reliable. I have a close up shot of the
NIC here(along with other parts)

www.packetattack.com/frankenpix.html

I dont know of a way to tell the 16Meg flash apart from the 2 meg flash only
because I do not have the 16 to take a look at. I would suspect you could
look at the PN on the flash chips.

One error that seems to be very common is that the video card screws up the
IRQ that that PIX bios wants to use. Since you need to config the
motherboard BIOS for things like CPU speed and so on, you need a video card.
Once the PIX bios takes over, the video card is useless. But.. when testing,
the IRQ conflict happens pretty often.

My FP is running 5.1(4) which is the last 2meg flash image I'm aware of..
there might be one slightly newer but this one does everything I need it to
do for now.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49053t=48959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

I need a help from you guys. (NAT, IPSEC and Extended [7:49069]

[Leonardo Borda]

Hello ALL

I am having a very interesting problem here. Please any help will be very
appreciate because I have tried to find out documents and so on and I did
not find nothing yet...

SCENARIO:
I have a cisco 2600 router doing NAT and VPN.
- My ethernet has 192.168.25.0/255.255.255.0 as primary and ip address
200.2x.y.z / 255.255.255.192 as secondary (doing nat inside - allow my users
access the internet)
- My S0/0 is doing nat outside and establishing tunnel between my other
countries.
ip address - 200.18x.y.z / 255.255.255.252
This serial has an access-list 120 out which is denying some ports and
blocking user access from some p2p applications and etc.

PROBLEM:
I have an Exchange Server wich does synchronization between other
servers around the world through the VPN. It has an external ip configured
and an internal ip configured in the same interface. (its working until
now).
It has sync through the VPN not over the Internet.

My job is apply an access-list in S0/0 to permit just smtp, pop3, www
and 443 traffic from the internet to that exchange server, but still
synchronize through the VPN my exchange server connections around the world.

Now is the problem: I have configured an (access-list 121 in) in s0/0 and I
cannot sync my Exchange Organization anymore and my users does not receive
messages coming from my internal Exchange Server organization. But users
from the internet can send messages to my exchange server ( in fact the
access-list 121 in is correct to traffic from internet, but not from the
VPN).

Does anybody know how to solve that weird problem
Which ports do I have to open to allow VPN and Internet access using
together an access-list?

My best regards to everybody!

Leonardo Borda
Systems Engineer
Brazil




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49069t=49069
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

dhcp and subinterfaces [7:49070]

[GEORGE]

If I have subinterfaces configured for my vlans' and I wanted a dhcp
server for one vlan can I create the dhcp server and assign it to that
subinterfaces pertaining the vlan in question. I don't have a server on
that vlan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49070t=49070
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

500CS Comm Server [7:49071]

[trammer]

By any chance would anyone have a sample config for the 500-CS box that they
wouldn't mind posting.

Trying to get reverse telnet working and most configs are for the 2509-2511.


I'm either not looking in the right place or I'm not configuring it right
for this older box.



Thanks in advance.



Cheers.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49071t=49071
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Back to back serial connection [7:49046]

[[EMAIL PROTECTED]]

Hi,

When configuring a back to back serial connection on cisco 2600 router,When
configuring the clock rate(DCE ROUTER) I can see the max clock rate speed
of 800 bits per sec (8 mbps).I have two questions regarding this

1.When I try to configure this I get an error message Invalid input
detected at the marker pointing at 8 (in 800).But when I try for
400 (4 Mbps) it accepts this.Does it really supports 8Mbps ?

2The interface speed supported by serial interface is 1.55 Mbps(Bandwidth)
as seen from the show interface command but when I configure the DCE clock
rate of 4 mbps .In this case what is the actual speed ? 4mbps or 1.55 mbps
?

Kind Regards /Thangavel

186K
Reading,Brkshire
Direct No   -0118 9064259
Mobile No  -07796292416
Post code: RG16LH
www.186k.co.uk

--
The greatest glory in living lies not in never falling,
 but in rising every time we fall .
 -- Nelson Mandela





**
This e-mail is from 186k Ltd and is intended only for the 
addressee named above. As this e-mail may contain confidential
or priveleged information, if you are not the named addressee or
the person responsible for delivering the message to the named 
addressee, please advise the sender by return e-mail. The
contents should not be disclosed to any other person nor copies
taken.
186k Ltd is a Lattice Group company, registered in England 
 Wales No. 3751494 Registered Office 130 Jermyn Street 
London SW1Y 4UR
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49046t=49046
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Voice jargon [7:49068]

[Steven A. Ridder]

Yes, it's the same thing.  Everything I learned was from Cisco press,
there's a couple of great books out there.


blitzlight  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi all,

 I'm currenty preparing for CIPTSS certification, and as I'm coming from
 data background, I find myself swimming in a foreign pool and start
getting
 drowned with different voice codecs, standards, signalling etc. I should
 say the learning curve is really steep.
 Having said that, it's the voice-related-jargon which I can't make sense
 out of it.

 Hairpining?
 Tromboning? (can't find satisfactory definition from CCO)
 Is hairpining=tromboning?

 Any help/pointers is appreciated.

 Regards,
 Blitz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49072t=49068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN with Cisco 806 [7:49034]

[chris]

Ah I read the post wrong, I was thinking deploying the 806s at the remote
sites, and using a larger rotuer at the headend.  I would use a 2651 there,
the vpn bundles are reasonable and have the aim card for encrytion.

Re-readng id software clients are what he want to deploy then I would
suggest looking at a concentrator 3005 or 3015.  They are much better suited
for remote access (SW client) environments.

You are correct the 806 will not handle that many tunnels.

Chris

Ciaron Gogarty  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Chris,

 I would suggest going with one of the bigger VPN optimized routers such as
 the 1700 series.  I'm pretty sure the 800 would not be able to support 15
 tunnels using 3des (assuming your going to use 3des).  Normally the 800
 would be used in one of the remote sites, with a 1700 or so in the central
 site.

 hope this helps,

 C
 -Original Message-
 From: chris
 To: [EMAIL PROTECTED]
 Sent: 17/07/02 20:05
 Subject: Re: VPN with Cisco 806 [7:49034]

 Why don't you elimated the software vpn clients and terminate a single
 vpn
 tunnel on the 806, perfromance will be alot better.  The 806 should be
 fine
 in this scenario.

 Chris
 Dain Deutschman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi Everyone,
 
  VPN Question: I have a client with 16 small locations ( 2-8 nodes per
  location ) that may want to access a Windows Terminal Server at a
 central
  site in the future to run thier database app. Not all the locations
 have
  broadband internet access...although they will within a year or two.
 The
  speed of the broadband is on average around 400-500Kbps ( with the
 exception
  of the dial-up ).
  Will a Cisco 806 at the central site and a mix of software VPN clients
 and
  806 routers at the remote sites work? Or would an 806 not be able to
 keep
 up
  on the performance side? Any suggestions?
 
  --
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
 **
 This email and any files transmitted with it are confidential and
 intended solely for the use of the individual or entity to whom they
 are addressed. If you have received this email in error please notify
 the system manager.

 This footnote also confirms that this email message has been swept for the
 presence of computer viruses.

 For more information contact [EMAIL PROTECTED]

 phone + 353 1 4093000

 fax + 353 1 4093001

 **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49062t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Broadcasting and the all ones subnet [7:48996]

[Priscilla Oppenheimer]

Vicuna, Mark wrote:
 
 It will be the all 1's bit for that subnet eg. for
 192.168.1.224/27 it
 would be 192.168.1.255 and for 192.168.1.32/27 it would be
 192.168.1.63.

I think he was asking how would you send to all the subnets. And the answer
is, you wouldn't. Why would you want to do such a thing? I can't think of
any legitimate application that needs to do that. It's alwasy been a fuzzy
area. I know there have been rumors for years that if you use the all ones
subnet it will confuse routers into thinking that they should send to all
the subnets, but I've never seen that actually happen.

Priscilla


 
 
 HTH,
 Mark.
 
 -Original Message-
 From: Wesley [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, 17 July 2002 6:21 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Broadcasting and the all ones subnet [7:48996]
 
 
 Then how would you define an all /27 subnets broadcast i.e. not
 just
 192.168.1.224 subnet getting the broadcast but all subnets?
 Thank you
 for
 the reply BTW.
 
 Vicuna, Mark  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi Wesley,
 
  a) correct
 
  b) no, as 192.168.1.32/27, 192.168.1.64/27 and
  192.168.1.96/27 are on a different subnet to the broadcast
 192.168.1.255
  (this is for the 192.168.1.224/27 subnet).
 
  c) from the answer to b), no.  Only hosts on the
 192.168.1.224/27
 subnet
  will see the broadcast packet of 192.168.1.225.
 
 
  HTH,
  Mark.
  -Original Message-
  From: Wesley [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, 17 July 2002 16:49
  To: [EMAIL PROTECTED]
  Subject: Broadcasting and the all ones subnet [7:48996]
 
 
  Hello Group,
 
  Three things to confirm about broadcasts.
 
  a) the all ones broadcast i.e 255.255.255.255 by default will
 only be
  propagated to the local network and is not forwarded by
 routers
 
  b) network and subnet directed broadcasts. If I were to
 broadcast to
  192.168.1.255, and I have subnets 192.168.1.32/27,
 192.168.1.64/27 and
  192.168.1.96/27, would all the subnets receive it as well?
 
  c) referring to scenario b), I believe that broadcasts with
 destination
  192.168.1.255 is forwarded. Is this true?
 
  I was going thru this article about the effect of using the
 all ones
  subnet.
  There are somethings that I'm still confused about. The link
 is
 
  http://www.cisco.com/warp/public/105/40.html
 
  1. In the first example, when host 195.1.1.24 sends a local
 broadcast
 to
  195.1.1.255, will hosts attached to router 2's async lines
 receive the
  broadcast?
 
  2. OK, its a directed broadcast and router 2 looks up its
 routing
 table
  and
  forwards it out using the default route. Router 1 receives
 the packet.
 I
  believe the packet is forwarded out to all 192.1.1.x/26
 subnets,
 right?
  Will
  Router 1  forward the packet back to Router 2? I hope not
 
  2a. Another way of looking at it is router 1 thinks that it
 is a
  broadcast
  only for subnet 195.1.1.192  and forwards it out only to
 router 5.
 Hmmm
  
  I'm definitely confused
 
  3. Router 5 receives the packet from router 1. How will it
 interpret
 the
  packet? I'm guessing that the router sees it as a directed
 broadcast
 and
  send it out via the default route. Is it normal that routers
 forward a
  packet out from an interface that it received on? As in its
 received
 on
  e0
  and forwarded out e0 as well
 
  4. Once router 1 receives the packet from router 5, will it
 forward
 the
  packet out to all 192.1.1.x/26 subnets again or just to
 router 5. The
  article did not detail this part and just specified that it
 will
 bounce
  between routers 1 and 5. It also says that routers 2 thru 4
 see the
  'broadcast' only once. The way I see it , if all subnets
 receive the
  broadcast then routers 2 thru 4 should receive the packets as
 many
 times
  as
  router 5.
 
  I would appreciate all the help I can get. I know you gurus
 can help
 me
  out.
  Thanks!!
 
  Wes
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49045t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: dhcp and subinterfaces [7:49070]

[Tim Potier]

You can.  Just need to put the ip helper-address statement on those
sub-ints.  As long as the router can reach the DHCP server, so will the DHCP
requests/replies.  Hope this helps.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49073t=49070
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: management platforms [7:49042]

[Steven A. Ridder]

You would be going against conventional wisdom, Cisco's Kool-ade and every
other help-desk manager.  I think one platform SHOULD manage all the stuf.


Roberts, Larry  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Guys,

 I'm trying to justify why I don't want a single management platform for
all
 our servers, as well as our routers and switches.
 We are 2 distinct group with no cross-functionality between the Wan group
 and the Server group.
 Our Server guys are trying to purchase OpenView to manage it all, but we
 already have a fully functional CW2K installation
 And don't see the advantages of using OpenView.

 I'm looking for all of your experiences and recommendations for and
against
 a single platform.
 We use CW2K,Solarwinds and What's Up currently to manage and report on
 up/down and utilization..


 Thanks

 Larry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49074t=49042
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Broadcasting and the all ones subnet [7:48996]

[Wesley]

So there isn't a broadcast address for all /27 subnets? I basically
understand that the last address of each subnet is reserved for subnet
broadcast. I was just wondering if the broadcasting architecture allowed for
all subnets to be broadcasted at once. And Mark, since you are the only one
replying mind if you check out the CCO link in the original post and tell me
your views on the issues that I have highlighted. I'll provide the link
again

http://www.cisco.com/warp/public/105/40.html

In that example, I have a feeling that routers do forward subnet directed
broadcasts. Can anyone else explain the behaviour of the routers in the
example i.e. broadcast packets bouncing between Routers 1 and 5. Any
comments is greatly appreciated. Thank you.

Vicuna, Mark  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 It will be the all 1's bit for that subnet eg. for 192.168.1.224/27 it
 would be 192.168.1.255 and for 192.168.1.32/27 it would be 192.168.1.63.


 HTH,
 Mark.

 -Original Message-
 From: Wesley [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, 17 July 2002 6:21 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Broadcasting and the all ones subnet [7:48996]


 Then how would you define an all /27 subnets broadcast i.e. not just
 192.168.1.224 subnet getting the broadcast but all subnets? Thank you
 for
 the reply BTW.

 Vicuna, Mark  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi Wesley,
 
  a) correct
 
  b) no, as 192.168.1.32/27, 192.168.1.64/27 and
  192.168.1.96/27 are on a different subnet to the broadcast
 192.168.1.255
  (this is for the 192.168.1.224/27 subnet).
 
  c) from the answer to b), no.  Only hosts on the 192.168.1.224/27
 subnet
  will see the broadcast packet of 192.168.1.225.
 
 
  HTH,
  Mark.
  -Original Message-
  From: Wesley [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, 17 July 2002 16:49
  To: [EMAIL PROTECTED]
  Subject: Broadcasting and the all ones subnet [7:48996]
 
 
  Hello Group,
 
  Three things to confirm about broadcasts.
 
  a) the all ones broadcast i.e 255.255.255.255 by default will only be
  propagated to the local network and is not forwarded by routers
 
  b) network and subnet directed broadcasts. If I were to broadcast to
  192.168.1.255, and I have subnets 192.168.1.32/27, 192.168.1.64/27 and
  192.168.1.96/27, would all the subnets receive it as well?
 
  c) referring to scenario b), I believe that broadcasts with
 destination
  192.168.1.255 is forwarded. Is this true?
 
  I was going thru this article about the effect of using the all ones
  subnet.
  There are somethings that I'm still confused about. The link is
 
  http://www.cisco.com/warp/public/105/40.html
 
  1. In the first example, when host 195.1.1.24 sends a local broadcast
 to
  195.1.1.255, will hosts attached to router 2's async lines receive the
  broadcast?
 
  2. OK, its a directed broadcast and router 2 looks up its routing
 table
  and
  forwards it out using the default route. Router 1 receives the packet.
 I
  believe the packet is forwarded out to all 192.1.1.x/26 subnets,
 right?
  Will
  Router 1  forward the packet back to Router 2? I hope not
 
  2a. Another way of looking at it is router 1 thinks that it is a
  broadcast
  only for subnet 195.1.1.192  and forwards it out only to router 5.
 Hmmm
  
  I'm definitely confused
 
  3. Router 5 receives the packet from router 1. How will it interpret
 the
  packet? I'm guessing that the router sees it as a directed broadcast
 and
  send it out via the default route. Is it normal that routers forward a
  packet out from an interface that it received on? As in its received
 on
  e0
  and forwarded out e0 as well
 
  4. Once router 1 receives the packet from router 5, will it forward
 the
  packet out to all 192.1.1.x/26 subnets again or just to router 5. The
  article did not detail this part and just specified that it will
 bounce
  between routers 1 and 5. It also says that routers 2 thru 4 see the
  'broadcast' only once. The way I see it , if all subnets receive the
  broadcast then routers 2 thru 4 should receive the packets as many
 times
  as
  router 5.
 
  I would appreciate all the help I can get. I know you gurus can help
 me
  out.
  Thanks!!
 
  Wes




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49043t=48996
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 500CS Comm Server [7:49071]

[Vance Krier]

Cheers.  V--


ANM-508CS#wr t

Current configuration:
!
hostname ANM-508CS
!
enable-password 
!
!
!
!
!
!
interface Ethernet 0
ip address 192.168.0.253 255.255.255.0
!
ip default-gateway 192.168.0.1
!
!
!
ip name-server 255.255.255.255
snmp-server community
!
!
line vty 0 4
login
line con 0
stopbits 1.5
line 1
no exec
exec-timeout 0 0
stopbits 1
line 2
no exec
exec-timeout 0 0
stopbits 1
line 3
no exec
exec-timeout 0 0
stopbits 1
line 4
no exec
exec-timeout 0 0
stopbits 1
line 5
no exec
exec-timeout 0 0
stopbits 1
line 6
no exec
exec-timeout 0 0
stopbits 1
line 7
no exec
exec-timeout 0 0
stopbits 1
line 8
no exec
exec-timeout 0 0
stopbits 1
line vty 0
password 
line vty 1
password 
line vty 2
password 
line vty 3
password 
line vty 4
password 
!
end


trammer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 By any chance would anyone have a sample config for the 500-CS box that
they
 wouldn't mind posting.

 Trying to get reverse telnet working and most configs are for the
2509-2511.


 I'm either not looking in the right place or I'm not configuring it right
 for this older box.



 Thanks in advance.



 Cheers.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49075t=49071
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP with 2600 Router [7:48709]

[Steven A. Ridder]

You are correct.  the default behavior is to just send the matched digits to
the pots dial-peer unless you use forward digits all command



Gaz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm not sure.

 I think I found the answer. I didn't understand the two stage dialling
which
 I think I do now.
 The voip dial peer sends all digits whereas the pots dial peer strips the
 matched digits.
 The destination pattern for an operator (dial 0) on a remote site would be
 something like:

 dial-peer voice 1 voip
   destination-pattern 70
   session target ipv4:1.1.1.1

 Then at the remote site the corresponding pattern would be:

 dial-peer voice 1 pots
  destination-pattern 7.
  port 2/1


 Is this correct?  i.e. would this allow users to dial 70 for the remote
 operator as well as dialled numbers such as 7201 as long as there is also
a
 dial-peer like this on the remote site:

 dial-peer voice 2 pots
  destination-pattern 7...
  port 2/1

 I'm just trying to confirm whether the first dial peer would intercept the
 longer string and throw the other two digits away.

 Thanks,

 Gaz



 Steven A. Ridder  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I'm not sure I understand the question.  If the question is, if there's
a
  number 335, and I tell the router 355 is over on a different router, is
 that
  a valid dial-peer (355).  If that's the question, yes it is.
 
  Did I understand the question correctly?
 
 
  Gaz  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   On a similar subject - Is it possible to use a destination-pattern of
 for
   instance 70 (no wild cards or anything) and still get it to work. The
  reason
   for this is to allow users to phone the operator of another site using
  just
   the trunk code and a 0.
   As it is the router comes back with something like 'no number to dial'
  even
   when used with prefix 70, because there is nothing except the
   destination-pattern.
  
   Basically the destination-pattern needs to be the full number.
  
   Hope I've explained myself well enough.
  
   Please excuse the VoIP newbie.
  
  
   Gaz
  
  
   Steven A. Ridder  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I'd do some dubugs like debug voice ccapi inout to see what
numbers
  are
being sent to the PBX and across the IP call leg (on both sides).
   
I'd also try to validate your dialing plan by doing a show dialplan
   number
(DN you wish to test) to see whci dial-peer the router thinks it
 should
   be
using.
   
Finally check for codec mismatches, missing routes in the routing
 table
etc..
   
   
   
Firesox  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Site A
 voice-card 1
 !
 ip subnet-zero
 no ip source-route
 no ip finger
 !
 lane client flush
 !
 !
 controller T1 1/0
  framing esf
  linecode b8zs
  ds0-group 1 timeslots 1-24 type em-wink-start
  cas-custom 1
 !
 !
 voice-port 1/0:1
  operation 4-wire
 !
 !
 dial-peer voice 1 pots
  destination-pattern 370..
  port 1/0:1
  prefix 370
 !
 dial-peer voice 10 voip
  destination-pattern 79..
  session target ipv4:1.1.1.2
 !
 dial-peer voice 2 pots
  destination-pattern 374..
  port 1/0:1
  prefix 374
 !
 !
 interface FastEthernet0/0
  bandwidth 1
  ip address x.x.x.x x.x.x.x
  speed 10
  full-duplex
 !
 interface Serial0/0
  bandwidth 1536
  ip address 2.2.2.2 255.255.255.252
  no fair-queue
  down-when-looped
 !
 ip classless
 ip route 0.0.0.0 0.0.0.0 Serial0/0
 
 Site B

 voice-card 1
 !
 ip subnet-zero
 no ip source-route
 !
 lane client flush
 !
 !
 controller T1 1/0
  framing esf
  linecode b8zs
  ds0-group 1 timeslots 1-24 type em-wink-start
  cas-custom 1
 !
 !
 voice-port 1/0:1
  operation 4-wire
 !
 !
 dial-peer voice 1 pots
  destination-pattern 79..
  port 1/0:1
  prefix 79
 !
 dial-peer voice 10 voip
  destination-pattern 370..
  session target ipv4:2.2.2.2
 !
 dial-peer voice 11 voip
  destination-pattern 374..
  session target ipv4:2.2.2.2
 !
 !
 interface FastEthernet0/0
  ip address x.x.x.x x.x.x.x
  duplex auto
  speed auto
 !
 interface Serial0/0
  bandwidth 1544
  ip address 1.1.1.2 255.255.255.252
  no ip mroute-cache
  no fair-queue
 !
 ip classless
 ip route 0.0.0.0 0.0.0.0 1.1.1.1
 no ip http server




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49052t=48709
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure 

mac address [7:49076]

[MADMAN]

Does anyone know if/how you can change to mac addresses of VLAN
interfaces on a MSFC2?  I tried using the mac-address x.x.x command
but it changed the mac address on all the interfaces.   I want to have a
unique mac on each VLAN interface.

  Thanks in advance

  Dave

--
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications Inc.
612-664-3367
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49076t=49076
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Modem on Aux [7:49077]

[supernet]

I've got a US Robatics modem on 2621 Aux port. When I dialed up to the
router, I got connected to the modem but not router. I know the
configuration is good. Do I have to do anything on the modem? I can
reverse telnet to the modem.
 
I heard that if I connect to 2621 Console port, I won't get disconnected
if I reboot the router. Do I have to do anything special on the modem?
 
Thanks.
Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49077t=49077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: bandwidth question [7:49002]

[birdy]

Dear priscilla

Thanks for your reply :)

Wellthe 10% packet loss happen at the peak time...and that can happen
for a period of 3-4 hours

No packet loss was observed during off peak hours.

I rememeber reading something on a cisco article which states that WAN
performance will worsen when it gets over 70 % utilised. As for my link it
is around 96-98% utilised so i guess the cisco guideline is right ...



Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 birdy wrote:
 
  Can anyone tell me why
 
  I have 2 Mbps WAN connection that reached 95 % utilisation
  during peak time.

 For how long was it at 95%? That would definitely worry me, unless it
turned
 out that the peak was just a few seconds or something.

  When I try to ping to my provider serial interface(next hop),it
  register 10%
  packet loss
 
  My router serial interface is showing 1.9Mbps (incoming
  traffic). Since the
  router is receiving 1.9 Mbps out of the 2M pipe,which means
  that there is
  still a balance of 0.1 Mbps (100 k) and so therotically
  speaking, there
  should not be any packet loss.

 Pings may not be a good way to measure packet loss because the provider
may
 rate limit its responses to pings. But even if that's not the case, there
 could be packet loss when the average utilization was 95%. Over how much
 time was the average calculated? There could have been times when the
 utilization was 50% and there could have been times (like right when you
 were sending the pings) when the utilization was 100% and packets had to
get
 dropped. That could still work out to an average of 95%.

 
  I think is time for me to upgrade my bandwidth

 That could be true, but you may want to do a more detailed study over a
 longer timeframe, (unless users are already making a stink).

 Good luck.

 Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49078t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Voice jargon [7:49068]

[Priscilla Oppenheimer]

blitzlight wrote:
 
 Hi all,
 
 I'm currenty preparing for CIPTSS certification, and as I'm
 coming from
 data background, I find myself swimming in a foreign pool and
 start getting
 drowned with different voice codecs, standards, signalling etc.
 I should
 say the learning curve is really steep.
 Having said that, it's the voice-related-jargon which I can't
 make sense
 out of it.
 
 Hairpining?

I think you have to be a girl to get this one at first. ;-) It just means
going in and out the same way, in the shape of a hairpin. A hairpin looks
sort of like a tall V character on its side.

 Tromboning? (can't find satisfactory definition from CCO)

Think of what the horn part of a trombone looks like, kind of loopy.

 Is hairpining=tromboning?

Could be. I couldn't find a decent definition of tromboning either. I found
this use of the word, but it may have a more generic meaning too:

Connecting a service node to a legacy class 4 switch leads to
cost-intensive tromboning, as each call is routed in a loop from the switch
to the service node and back, using four switch interfaces for one call
instead of just two.

Priscilla



 
 Any help/pointers is appreciated.
 
 Regards,
 Blitz
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49079t=49068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

gk_process Error decoding RAS Message...discarding [7:49080]

[Reza]

Hi Group
I have a problem on my gatekeeper , I turned ras, h225 , gatekeeper debugs
on and then
I get this error message when my gateway sends a call to my gatekeeper

gk_process Error decoding RAS Message...discarding


I searched for the meaning of the message and I found :

When a router is configured and used as a gatekeeper, the gatekeeper process
does not return the held memory. This behavior causes subsequent calls to be
refused and the following error message to be displayed:


but I can't understand it...
plz help me




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49080t=49080
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: bandwidth question [7:49002]

[birdy]

Dear Phil

Thanks for the reply...:)

The below is from my router and it seems that both the tx and rx load is not
over 90% utilised.

reliability 255/255, txload 81/255, rxload 162/255

This reading is taken when my bandwidth usage is around 1.96Mbps. My pipe is
only 2Mbps. At this point in time, packet loss is still happening...



Phil Barker  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Possibly, but is anyone actually complaining about the
 speed ?

 Check the serial interface at your end also for
 dropped packets, load, reliability etc over a period
 of about a week. If that average is over 90% then you
 may well do with an upgrade.

 Phil.

  --- birdy  wrote:  Can anyone
 tell me why
 
  I have 2 Mbps WAN connection that reached 95 %
  utilisation during peak time.
  When I try to ping to my provider serial
  interface(next hop),it register 10%
  packet loss
 
  My router serial interface is showing 1.9Mbps
  (incoming traffic). Since the
  router is receiving 1.9 Mbps out of the 2M
  pipe,which means that there is
  still a balance of 0.1 Mbps (100 k) and so
  therotically speaking, there
  should not be any packet loss.
 
  I think is time for me to upgrade my bandwidth
 [EMAIL PROTECTED]

 __
 Do You Yahoo!?
 Everything you'll ever need on one web page
 from News and Sport to Email and Music Charts
 http://uk.my.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49081t=49002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

private addressing [7:49083]

[birdy]

Can anyone tell me.

172.16.0.0 - 172.31.0.0 is used for class B private addressing..

That means that it can use 16 class B network address

Now, let say I wan to use 172.35.0.0 block, so is this consider a private
address or a public address ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49083t=49083
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF Route Summary [7:49085]

[John Brandis]

G'Day All,

A client has sent me a list of IP's that are to be used in a new global
network. Our Global network will IP is 10.64.x.x  . Now, for for each
office, we will have two networks, for example, Paris is 10.64.4.0 through
to 10.64.6.0 . The only exception is Sydney, where the client will have 4
networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet mask
255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior
has handed me this


Sydney  10.64.0.0./22   
Paris   10.64.0.4./23   
LA  10.64.0.6./23   
NYC 10.64.0.8./23   


This looks wrong to me. What am I missing.


John Brandis



**

visit http://www.solution6.com
visit http://www.eccountancy.com - everything for accountants.

UK Customers - http://www.solution6.co.uk

*
This email message (and attachments) may contain information that is
confidential to Solution 6. If you are not the intended recipient you cannot
use, distribute or copy the message or attachments.  In such a case, please
notify the sender by return email immediately and erase all copies of the
message and attachments.  Opinions, conclusions and other information in
this message and attachments that do not relate to the official business of
Solution 6 are neither given nor endorsed by it.
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49085t=49085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: private addressing [7:49083]

[MADMAN]

Public though it apparently hasn't been doled out:

dmadlan horton:/aces/home/dmadlan $ whois 172.35.0.0
No match for 172.35.0.0.

  Dave

birdy wrote:

 Can anyone tell me.

 172.16.0.0 - 172.31.0.0 is used for class B private addressing..

 That means that it can use 16 class B network address

 Now, let say I wan to use 172.35.0.0 block, so is this consider a private
 address or a public address ?
--
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications Inc.
612-664-3367
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49084t=49083
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Opinions on Cisco Interactive Mentor [7:49060]

[Paul Jin]

Which one is the BGP CIM?  Is that the expert routing CIM?

Depends on what you are trying to do.

They are few labs and once you do it once or twice, that is it.
It is ok for someone that does not have real routers.
Or trying BGP labs for the first time and want someone to walk you through
it.

- Paul



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49086t=49060
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: mpls vis a vis the routing switching tra [7:49048]

[Paul Jin]

For a week or so, the CCIE proctors from Cisco
are answering ccie lab related questions at @!#$.

You can double check your questions there.

http://www.@!#$.com


- Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49087t=49048
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: private addressing [7:49083]

[Dan Penn]

Actually, it's 172.16.0.0 to 172.31.255.255.  So the answer is yes,
172.35.0.0 is from the public block.

Dan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
birdy
Sent: Wednesday, July 17, 2002 8:14 PM
To: [EMAIL PROTECTED]
Subject: private addressing [7:49083]

Can anyone tell me.

172.16.0.0 - 172.31.0.0 is used for class B private addressing..

That means that it can use 16 class B network address

Now, let say I wan to use 172.35.0.0 block, so is this consider a
private
address or a public address ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49088t=49083
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN with Cisco 806 [7:49034]

[Dain Deutschman]

Thanks for the advice guys...very helpful. Dain.

Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Everyone,

 VPN Question: I have a client with 16 small locations ( 2-8 nodes per
 location ) that may want to access a Windows Terminal Server at a central
 site in the future to run thier database app. Not all the locations have
 broadband internet access...although they will within a year or two. The
 speed of the broadband is on average around 400-500Kbps ( with the
exception
 of the dial-up ).
 Will a Cisco 806 at the central site and a mix of software VPN clients and
 806 routers at the remote sites work? Or would an 806 not be able to keep
up
 on the performance side? Any suggestions?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49089t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Exchange 5.5 Problem [7:49090]

[Firesox]

I have Exchange 5.5 running on Windows 2000 server.
All clients are using Outlook 2000.
For some reason users get this message when certain message comes in to
their mailbox.

The Microsoft Exchange Server received an Internet message that could not be
processed. To view the original message content, open the attached message.



Most messages come in just fine.  I am no sure why this is happening.  I
have an Exchange 2000 running at home and the same email comes in just fine.

I appreciate any help.

Thanks in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49090t=49090
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Broadcasting and the all ones subnet [7:48996]

[Wesley]

Heya Priscilla,

Thanks for the explaination. Is it safe to assume that Cisco routers do not
perform an all subnets broadcast? I found something off Google that I would
like to share with you guys. This is an excerpt from TCP/IP Tutorial by
IBM.

All-Subnets-Directed Broadcast Address

If the network number is a valid network number, the network is subnetted
and the local part is all ones (for example, 128.2.255.255), then the
address refers to all hosts on all subnets in the specified network. In
principle routers may propagate broadcasts for all subnets but are not
required to do so. In practice, they do not; there are few circumstances
where such a broadcast would be desirable, and it can lead to problems,
particularly if a host has been incorrectly configured with no subnet mask.
Consider the wasted resource involved if a host 9.180.214.114 in the
subnetted Class A network 9 thought that it was not subnetted and used
9.255.255.255 as a local broadcast address instead of 9.180.214.255 and all
of the routers in the network respected the request to forward the request
to all clients. If routers do respect all-subnets-directed broadcast
address, they use an algorithm called  reverse path forwarding to prevent
the broadcast messages from multiplying out of control. See RFC 922 for more
details on this algorithm.

I guess an important point here is whether routers respect the all-subnets
directed broadcast.

A question on the /32 entries in the routing table. I can understand that
each async line can only have one host at the remote end and therefore would
have a host route in the routing table. So how do the hosts on async lines
receive broadcasts? What would be their broadcast address? It would only
make sense that the broadcast packet was not delivered to the hosts
connected to Router 5. That is why the packets kept bouncing back and forth.
Otherwise it would have been delivered to the hosts and this problem would
not have surfaced.

Why is it that the all ones subnet was initially excluded as a valid subnet?
It would seem perfectly OK to me to use the all zeros and all ones subnet
numbers. I mean with prefix routing, these things can be distinguished. Like
you said, the problem discussed in the article was pretty 'artsy'.

As always, thank you so very much.

Wesley

Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Wesley wrote:
 
  So there isn't a broadcast address for all /27 subnets?

 I don't think sending to all subnets of a network is something that IP
ever
 defined.

  I
  basically
  understand that the last address of each subnet is reserved for
  subnet
  broadcast. I was just wondering if the broadcasting
  architecture allowed for
  all subnets to be broadcasted at once. And Mark, since you are
  the only one
  replying mind if you check out the CCO link in the original

 I hope Mark will answer too, but since we're the only ones talking now,
I'll
 jump in. ;-)

  post and tell me
  your views on the issues that I have highlighted. I'll provide
  the link
  again
 
  http://www.cisco.com/warp/public/105/40.html

 I think the main thing to realize about the article is that it's a very
 strange case. Notice that the Asynch routers have a bunch of host-specific
 routes (/32). And then their E0's are configured with a /24 subnet mask,
 even though they probably should really be /26 to fit the network design.

 And then to make the problem happen they had to have a host misconfigured
 for /24 also and have it send a NetBIOS (or other) broadcast to x.x.x.255.

 I suggest that you set up a more normal situation in your lab and see if
you
 can get the problem to happen. Perhaps TAC ran into a problem matching the
 scenario they describe. But is the problem reproducible under more normal
 condistions? (Perhaps TAC just made up the scenario too!? There are parts
of
 it that aren't too believable. ;-)

 Please see a few more comments below.

 snip

   
I was going thru this article about the effect of using the
  all ones
subnet.
There are somethings that I'm still confused about. The
  link is
   
http://www.cisco.com/warp/public/105/40.html
   
1. In the first example, when host 195.1.1.24 sends a local
  broadcast
   to
195.1.1.255, will hosts attached to router 2's async lines
  receive the
broadcast?

 No, the asynch lines are using /32.

   
2. OK, its a directed broadcast and router 2 looks up its

 I don't think Router 2 thinks it's a directed broadcast. The destination
 address doesn't match any of the /32 host routes, so Router 2 sends the
 packet out the default route.

  routing
   table
and
forwards it out using the default route. Router 1 receives
  the packet.
   I
believe the packet is forwarded out to all 192.1.1.x/26
  subnets,
   right?

 No, not all subnets. Router 1 has a specific route for subnet 192.1.1.192.
 (1100 in the last octet). If a packet comes into that subnet, it's
 supposed to go to 

Re: OSPF Route Summary [7:49085]

[Dain Deutschman]

I assume that Sydney is the backbone area 0?
10.64.0.0/22 would summarize all subnets in the OSPF network in the backbone

 Sydney 10.64.0.0./22
 Paris 10.64.0.4./23   -Do you mean 10.64.4.0/23?
 LA 10.64.0.6./23  ---Do you mean 10.64.6.0/23?
 NYC 10.64.0.8./23 -Do you mean 10.64.8.0/23?

If this is the case 10.64.4.0/23 would summarize for

10.64.4.0/24 and 10.64.5.0/24 Paris

10.64.6.0/23 would summarize for

10.64.6.0/24 and 10.64.7.0/24 LA

etcetc...

Am I helping or hindering???

Dain

John Brandis  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 G'Day All,

 A client has sent me a list of IP's that are to be used in a new global
 network. Our Global network will IP is 10.64.x.x  . Now, for for each
 office, we will have two networks, for example, Paris is 10.64.4.0 through
 to 10.64.6.0 . The only exception is Sydney, where the client will have 4
 networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet
mask
 255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior
 has handed me this


 Sydney 10.64.0.0./22
 Paris 10.64.0.4./23
 LA 10.64.0.6./23
 NYC 10.64.0.8./23


 This looks wrong to me. What am I missing.


 John Brandis



 **

 visit http://www.solution6.com
 visit http://www.eccountancy.com - everything for accountants.

 UK Customers - http://www.solution6.co.uk

 *
 This email message (and attachments) may contain information that is
 confidential to Solution 6. If you are not the intended recipient you
cannot
 use, distribute or copy the message or attachments.  In such a case,
please
 notify the sender by return email immediately and erase all copies of the
 message and attachments.  Opinions, conclusions and other information in
 this message and attachments that do not relate to the official business
of
 Solution 6 are neither given nor endorsed by it.
 *




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49092t=49085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OSPF Route Summary [7:49085]

[Roberts, Larry]

Your superior looks right to me.
If you use a /24 against the .4,.6 and .8, you would only have the .4,.6 and
.8 available.
With a /23 you would get .4.0(network)-.5.255(broadcast) at Paris. LA gets
.6.0(network)-.7.255(broadcast)
And NY would get .8.0(network)-.9.255(broadcast)

You could use a /24 at each site, but you would have to do this: ( ex: Paris
)
Int f0/0
Ip address 10.64.4.1 255.255.255.0
Ip address 10.64.5.1 255.255.255.0 secondary

That would also give you both networks at the locations.
Or for the really cruel you could do subinterfaces and trunking to a switch
if you wanted separate VLAN's at the locations..

Does this help?

Thanks

Larry
 

-Original Message-
From: John Brandis [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, July 17, 2002 9:56 PM
To: [EMAIL PROTECTED]
Subject: OSPF Route Summary [7:49085]


G'Day All,

A client has sent me a list of IP's that are to be used in a new global
network. Our Global network will IP is 10.64.x.x  . Now, for for each
office, we will have two networks, for example, Paris is 10.64.4.0 through
to 10.64.6.0 . The only exception is Sydney, where the client will have 4
networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet mask
255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior
has handed me this


Sydney  10.64.0.0./22   
Paris   10.64.0.4./23   
LA  10.64.0.6./23   
NYC 10.64.0.8./23   


This looks wrong to me. What am I missing.


John Brandis



**

visit http://www.solution6.com
visit http://www.eccountancy.com - everything for accountants.

UK Customers - http://www.solution6.co.uk

*
This email message (and attachments) may contain information that is
confidential to Solution 6. If you are not the intended recipient you cannot
use, distribute or copy the message or attachments.  In such a case, please
notify the sender by return email immediately and erase all copies of the
message and attachments.  Opinions, conclusions and other information in
this message and attachments that do not relate to the official business of
Solution 6 are neither given nor endorsed by it.
*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49093t=49085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]