Re: CSPFA Beta Exams [7:50984]
Hey Larry, Would like to know how it went for you. I'm scheduled to take the exam on the 22nd! Last day to take the beta exam. Did the questions follow the blueprint exactly or is the scope wider? Thanks. Wes Roberts, Larry wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51033t=50984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Edsger Dijkstra? [7:50896]
Hmmm... From the link... He and his wife had a fondness for exploring state and national parks in their Volkswagen bus, dubbed the Touring Machine, in which he wrote many technical papers. Whoever came up with *that* name (Dijkstra, or someone else??) had a warped sense of humour... JMcL David j wrote: I'm afraid it's true... http://www.cs.utexas.edu/users/UTCS/notices/dijkstra/ewdobit.html Jenny McLeod wrote: I received a rumour that Edsger Dijkstra, known for his dislike of Goto statements as much as for the shortest path first algorithm, has died. I haven't been able to confirm this, though. True? False? JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51035t=50896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New CCIE Written Exam [7:50946]
Hi all, I actually sat for the beta of this exam and failed by one percent The exam was a monster BUT it was very good and very well written. I have read this CCIE Study guide during Networkers and it is kinda overview of all key topics, period! No one book should and can cover this exam fully for a time being. The only solution is to STUDY STUDY and STUDY. That what i summarized when i sat for this exam. The only shortcut is if somebody break the NDA and submit all questions to u and u go there and pass it. The questions are from large variety of techs and NEW techologies plus in great depth. Like u should know IP QoS and Multicasting around the same level as u were preparing for CCIP. Also I passed the old wriiten yesterday with 78% but I studied for only one night (Dennis book) plus i am no cisco guru @ all. This simply tells u the difference between the two exams. I went through the Cisco press book but its OK as a review. The best place is CCO for the new beast. TRUST ME!! Consult all the links thoroughly which r given in the blue print and u MIGHT survive. Shahid Keith wrote:Cisco Press has a new study guide out that covers the new exam. Stepp Harless wrote in message news:[EMAIL PROTECTED]... Are there any new study guides or practice tests out for the new exam yet? I see that Dennis has updated his study notes but I have not been able to find any other updates than what is on Cisco's website which do not tell you much. I took the old exam on the 6th and I scored a 58 percent. I was not really ready to take the exam but thought I would give it a shot before it was retired. I know some on this forum have taken the beta of the new test and wanted to know what new items do you need to know in addition to the items tested on the old test. Shahid Muhammad Shafi Every man dies; not every man really lives remember, if God bringz u 2 it, He WILL bring u thru it!!!- Please help feed hungry people worldwide http://www.hungersite.com/ A small thing each of us can do to help others less fortunate than ourselves - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51037t=50946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Toronto CCIE study partner [7:50992]
Ain't love grand? :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51038t=50992 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Virtual Rack Promotion. [7:51039]
Hi group, Thought this might benefit some of you. LittleRack.Com, a virtual rack provider, is having a September promo where a full-day slot cost only US$10.00. You might want to go over to http://www.littlerack.com to have a look. Ron Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51039t=51039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Edsger Dijkstra? [7:50896]
At 6:43 AM + 8/9/02, Jenny McLeod wrote: Hmmm... From the link... He and his wife had a fondness for exploring state and national parks in their Volkswagen bus, dubbed the Touring Machine, in which he wrote many technical papers. Whoever came up with *that* name (Dijkstra, or someone else??) had a warped sense of humour... JMcL A colleague from my OSI research days, Stephen Nightingale, selected as his first vanity license plate OSI 4. He explained this was logical because his car was his transport. Subsequently, he bought a Jeep, and obtained new license plates: OSI 4X4 David j wrote: I'm afraid it's true... http://www.cs.utexas.edu/users/UTCS/notices/dijkstra/ewdobit.html Jenny McLeod wrote: I received a rumour that Edsger Dijkstra, known for his dislike of Goto statements as much as for the shortest path first algorithm, has died. I haven't been able to confirm this, though. True? False? JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51040t=50896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Cisco Franken Pix Firewall [7:51041]
Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51041t=51041 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE WORTH IT? [7:50941]
I think GroupStudy already have a forum for people who prepare for the lab test. But you have to book you sit on the lab first, then subcribe in, otherwise you couldn't post your message. - Original Message - From: Robert D. Cluett To: Sent: Friday, August 09, 2002 6:14 AM Subject: Re: CCIE WORTH IT? [7:50941] True, rather than a database, it might be benificial to allow for links to personal sites whereby a brief synopsis of skills and such can be locatedjust an idea...I have time...no job! Jim Brown wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You guys are talking about a lot or work and we all know Paul has other things to do besides gathering and maintaining data on list members. In a perfect world it would be great to have the information suggested below, but someone has to expend the time and effort. I know it won't be me, I need to study so I can fail my next attempt. ;-) -Original Message- From: Michael L. Williams [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 3:44 PM To: [EMAIL PROTECTED] Subject: Re: CCIE WORTH IT? [7:50941] I agree. Mike W. David j wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yes, I agree but only if it's voluntary... Robert D. Cluett wrote: It would be nice to know where each member is located and what there level of knowledge/certification is. I wonder if we could request this to be added to the site. Maybe member profiles or something. Anyone agree? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51042t=50941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSPFA Beta Exams [7:50984]
I would say that the blueprint is pretty accurate, or at least it seemed it to me. I only felt the question went from being to vague to completely wrong, but that's just my opinion. I would love to talk to the test writer and say ok, what were you wanting to test me on in this question ?. I am taking all three so I should be completely crazy by the 22nd ! Thanks Larry -Original Message- From: Wesley [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 1:33 AM To: [EMAIL PROTECTED] Subject: Re: CSPFA Beta Exams [7:50984] Hey Larry, Would like to know how it went for you. I'm scheduled to take the exam on the 22nd! Last day to take the beta exam. Did the questions follow the blueprint exactly or is the scope wider? Thanks. Wes Roberts, Larry wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51043t=50984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR traffic shaping [7:51044]
I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51044t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSPFA Beta Exams [7:50984]
Larry, I can only hope the other 2 are better! What do you mean? Was the exam tough, incorrect/obscure question, too easy??? Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: Roberts, Larry [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 3:34 PM To: [EMAIL PROTECTED] Subject: CSPFA Beta Exams [7:50984] Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51045t=50984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
d/c 4000 to a/c [7:51047]
(originally posted on wanted to buy) What is the easiest and/or best way to convert a DC-powered 4000 to A/C? Is it as simple as switching power supplies? Or do they differ in a more substantial way? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51047t=51047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSPFA Beta Exams [7:50984]
Incorrect/obscure , or at least it seemed that way to me. Thanks Larry -Original Message- From: Creighton Bill-BCREIGH1 [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:20 AM To: 'Roberts, Larry'; '[EMAIL PROTECTED]' Subject: RE: CSPFA Beta Exams [7:50984] Larry, I can only hope the other 2 are better! What do you mean? Was the exam tough, incorrect/obscure question, too easy??? Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: Roberts, Larry [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 3:34 PM To: [EMAIL PROTECTED] Subject: CSPFA Beta Exams [7:50984] Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51046t=50984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
You can configure separate queue thresholds for committed and excess traffic. Configure the Be (excess) ECN threshold so that it is greater than or equal to zero and less than or equal to the Bc (committed) ECN threshold. Configure the Bc ECN threshold so that it is less than or equal to 100 - based on CIR. Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data 1301 Algonquin Rd. Rm. 434 Schaumburg, IL 60193 Office: (847) 761-7069 Mobile: (847) 815-0436 Skytel: (877) 681-2614 [EMAIL PROTECTED] -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51048t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Erase Flash of a 2513.....Help [7:51049]
Team, I wan to be able to upgrade the ios of a 2513, the problem that I am having is that I don't seem to be able to erase the current flash, what I am doing wrong here???, I have done this so many times but some how is not working now.Nothing can replace years of experience Router#show flash System flash directory: File Length Name/status 1 5014268 igs-inr-l.110-18 [5014332 bytes used, 11762884 available, 16777216 total] 16384K bytes of processor board System flash (Read ONLY) Router#erase flash System flash directory: File Length Name/status 1 5014268 igs-inr-l.110-18 [5014332 bytes used, 11762884 available, 16777216 total] Erase flash device? [confirm]y Are you sure? [yes/no]: yes %dev_open: System flash not writable Router# Router# Router#show ver Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-INR-L), Version 11.0(18), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Compiled Mon 01-Dec-97 18:21 by jaturner Image text-base: 0x030293A4, data-base: 0x1000 ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) ROM: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Router uptime is 1 minute System restarted by power-on System image file is flash:igs-inr-l.110-18, booted via flash cisco 2500 (68030) processor (revision M) with 14336K/2048K bytes of memory. Processor board ID 10571384, with hardware revision Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 1 Ethernet/IEEE 802.3 interface. 1 Token Ring/IEEE 802.5 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102 Router# Thanks, Juan Blanco The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51049t=51049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
Scott, I'm sure you know how to configure it, so I'll leave configuration examples out. To get a conceptual overview of how shaping and policing actually works, check out this link: (wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos _c/fqcprt4/qcfpolsh.htm as well as picking up the book IP Quality of Service (its actually a good read!) The most important section that explains traffic shaping on frame is the section Traffic Shaping and Rate of Transfer. Look for that, it explains it very well! Short answer, you can define Be/Bc values, but you're really better off leaving it to IOS to figure out. hth, -Mark -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51050t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Notes on salaries [7:51052]
From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci843400,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51052t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSPFA Beta Exams [7:50984]
I just came back from taking the first out of 3, MCNS beta. I have no comparison to the 2.0 version, never really was planning to take these tests but since they're free then why not... Anyway, I studied for the test using the MCNS 2.0 Ciscopress book for the last 4 evenings. I can say there is not all that much different on this new exam than what you get from the old book. Just follow the blueprint, I think it really represents the scope of what you need to know for the test. And finally, I think with a little bit of luck I passed this test. Out of 97 questions, there were maybe 5 that didn't make any sense. There were few that I just didn't know answers to, but overall the exam wasn't bad at all. Worth noting again is that there was no options for comments at all. Good luck everyone. Roberts, Larry wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51056t=50984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
I guess maybe I need to make sure I understand the whole theory here. My understanding is that by setting Bc in conjunction with CIR, you are defining the delay by defining the timing interval with a maximum burst size and that by defining Be to anything other than 0 you are allowing specific instances where a burst larger than Bc will be allowed but marked DE ... or something like that but less jumbled that makes sense. I understand the mechanics of the commands, I just want to make sure I understand the theory. Thanks for the link Mark ... the explanation in that document is a bit clearer than the one in the FRTS docs. Thanks again Scott -Original Message- From: Turpin, Mark [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 10:10 AM To: 'Davis, Scott [ISE/RAC]'; [EMAIL PROTECTED] Subject: RE: FR traffic shaping [7:51044] Scott, I'm sure you know how to configure it, so I'll leave configuration examples out. To get a conceptual overview of how shaping and policing actually works, check out this link: (wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos _c/fqcprt4/qcfpolsh.htm as well as picking up the book IP Quality of Service (its actually a good read!) The most important section that explains traffic shaping on frame is the section Traffic Shaping and Rate of Transfer. Look for that, it explains it very well! Short answer, you can define Be/Bc values, but you're really better off leaving it to IOS to figure out. hth, -Mark -Original Message- From: Davis, Scott [ISE/RAC] [ mailto:[EMAIL PROTECTED] ] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott i=51044t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51057t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
If you know the fundamentals of traffic shaping and why it's used - the Be and Bc values are based on your own discretion after observation of traffic patterns on your FR network with your CIR (or CAR) as a guide. Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data 1301 Algonquin Rd. Rm. 434 Schaumburg, IL 60193 Office: (847) 761-7069 Mobile: (847) 815-0436 Skytel: (877) 681-2614 [EMAIL PROTECTED] -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51058t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load balance/share [7:50988]
Mark, Your diagram is correct. I am trying to load balance/share across the links to the PER (per-packet preferably). The clients are behind Rtr A B using an HSRP address. So say Rtr A is the active router. I want to load balance across both links (half of the traffic needs to traverse out Rtr A's ser0 and the other half across the link to Rtr B and then out it's ser0). If I use a static and one link goes down, half of my traffic becomes blackholed. I was trying to find a way to have a default route put into a routing protocol so the routing process would recognize that if one link was down that it needed to send all traffic out the remaining link. Is this clearer? Turpin, Mark wrote: Jason, Is this your lab network? + PE Rtr + / \ / \ + + RtrA +--+ Rtr B + + \- Client Networks With that diagram, or a revised one, can you clarify your question? You mention statics; what routers are you trying to advertise statics to, and from what router are you wishing to advertise them? In regards to load balancing, are you asking if you can load balance clients to router A and router B? Or do you want to load balance the PE router to AB? Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: load balance/share [7:50988] I am trying to lab up a scenario where I can load balance/share across two routers (for redundancy) connected into an MPLS cloud. Additionally, I have HSRP running between the two (I don't want to use MHSRP because I don't want two gateways on the LAN). There is a direct connection between the routers. I know I can use statics, however I want all traffic to be able to failover to the remaining link if one goes down, instead of being being blackholed. | | | | Router 1---Router 2 active standby I have tried with EIGRP, however I was having trouble with getting a default route injected in (without using statics). Is there any way to do this? The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51060t=50988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load balance/share [7:50988]
Jason, Is this your lab network? + PE Rtr + / \ / \ + + RtrA +--+ Rtr B + + \- Client Networks -/ With that diagram, or a revised one, can you clarify your question? You mention statics; what routers are you trying to advertise statics to, and from what router are you wishing to advertise them? In regards to load balancing, are you asking if you can load balance clients to router A and router B? Or do you want to load balance the PE router to AB? Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: load balance/share [7:50988] I am trying to lab up a scenario where I can load balance/share across two routers (for redundancy) connected into an MPLS cloud. Additionally, I have HSRP running between the two (I don't want to use MHSRP because I don't want two gateways on the LAN). There is a direct connection between the routers. I know I can use statics, however I want all traffic to be able to failover to the remaining link if one goes down, instead of being being blackholed. | | | | Router 1---Router 2 activestandby I have tried with EIGRP, however I was having trouble with getting a default route injected in (without using statics). Is there any way to do this? The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51055t=50988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Output Drops [7:51062]
After you have exhausted all means of queueing and an interface is still recording output drops, at what unacceptible level of drops/hr/min do have the bandwidth increased on that link? Thanks Chris Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51062t=51062 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame-relay DLCI [7:51065]
When you configured frame with frame-relay map statements, no frame inverse arp and no arp frame relay, did any one still receive dlcis (ip 0.0.0.0 dlci xxx) and static map entries, even after you cleared frame relay? The question is, is there a way to clear frame-relay so it only will show static map entries and got rid of these ip 0.0.0.0 dlci xxx part? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51065t=51065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Network Deployment Boot Camp [7:51013]
Cisco is teaching some courses at its main campuses. FYI * Building Core Networks with OSPF, BGP, and MPLS Technologies * Cisco ONS 15540 Test and Turn Up * Advanced Implementing and Troubleshooting MPLS VPN Networks Don't miss this opportunity to learn how to speed your time to market with network applications in a no-risk, state-of-the-art lab environment. Register today and save U.S.$500! Visit http://www.cisco.com/offer/bootcamp/109077_10 for detailed course descriptions and to register. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51013t=51013 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What to expect from the lab? [7:50926]
As someone who expects to walk out of the process a CCIE, my best advice is to learn to think and act as a CCIE. Lesson #1 - http://www.cisco.com/warp/public/625/ccie/ Lesson #2 - http://www.cisco.com/univercd/home/home.htm ( the doc CD is faster on your PC, but CCO has the latest skinny ) Lesson #3 - assemble your reading material. use both CCO and this list as your source for books to buy Lesson # 4 - You will need lots of finger time. either buy some used routers and set up a home lab, plan on spending some money on rack rentals, or ask your employer to invest in a practice lab Lesson # 5 - there are plenty of good practice labs around - free or otherwise. check the groupstudy archives for sources Best wishes. Good luck. Most importantly - have fun!!! Persio Pucci wrote in message news:[EMAIL PROTECTED]... Folks, I've just passed recently the 350-001 (the old one, thank God), and now I am preparing myself to prepare for the lab... and here I am stuck with this question: What shall I expect on the lab test? I mean, we all know sort of what to expect on the written, thanks to boson-et-all tests, and the books. However, I have no Idea on what you have to do in the Lab... I mean, of course I have an idea of how is the lab, but it is not clear how you take it, I mean, how many items do you have to complete, how they are apllied to you, what are the exact rack equipment you have available, this kind of information. The only thing that I know for sure thaqt I shall expect from the lab is it to be very very hard :) I appreciate any light :) Persio Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51007t=50926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco quot;Frankenquot; Pix Firewall [7:51061]
In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51061t=51061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE WORTH IT? [7:50941]
Hardcore, BABY!! I love it Shawn K. -Original Message- From: Robert D. Cluett [SMTP:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 10:40 PM To: [EMAIL PROTECTED] Subject: Re: CCIE WORTH IT? [7:50941] I will be a CCIE before I die? Man, is that how we look at this? Vogel Matthew GS-11 CFAO/IRMD wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I would like to add my 2 cents on this topic as well. This is a debate that I have heard over and over and the answer is that it depends on the individual person and what they wish to achieve with a CCIE certification. A couple of points need to be made. 1. Certifications, including the CCIE, are not a guarantee of a job or a particular salary. I am studying for the CCIE now and everyone tells me that I am going to make six figures when I get my cert. I do not believe that that will happen and I am not getting my cert for the money. I work for the government for less than my peers and will continue to do so after I get my cert. A government job has great benefits and good job security. I also get to go home at 4:30 everyday. 2. Certification does not mean you know it all. True the CCIE is the pinnacle of Cisco certs but is does not mean you know it all. There are many more topics that are not covered in the CCIE that a person may not have knowledge of. That is why there are multiple CCIE tracks. 3. Continuing one's education is never a bad thing. In the networking world things change by the day. Working toward a cert and staying certified is a good way to force yourself to stay up with the technology. 4. Better to have the cert than not to. If you are applying for a job and their are two other candidates with the same experience level and training but you have a CCIE cert and they do not, who do you think is going to get the job? In today's job market every little bit helps. For ever person I have heard say it did not make a difference when they got hired, I know three more people that say a cert did make the difference. I know that my certs, MCSE, CCNP, and CCDA helped me get my current job right after Sept. 11. Like I said, it boils down to each individual making a decision. Personally I am not going for the CCIE for the money or a job. I already have both. The payback for me in the knowledge that I got the cert when others said I could not. The prestige is also a good thing. To me it does not matter how long or how much money it takes, I will be a CCIE before I die. Matt -Original Message- From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 10:42 AM To: [EMAIL PROTECTED] Subject: RE: CCIE WORTH IT? [7:50941] I am not so sure it is worth it. I had a CCNP, CCDP, and experience as a network engineer and was out of work for almost an entire year. I think it is only worth it for the challenge and if you really love it , becuase your going to have to put so much time and effort into passing the lab unless your willing to make a huge sacrifice and really enjoy it then just not going to be fun. Just my 2 cents. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51027t=50941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco quot;Frankenquot; Pix Firewall [7:51063]
And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51063t=51063 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Output Drops [7:51062]
Got it...according to Cisco, no more than 100 drops per hour... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51068t=51062 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson Exams [7:51034]
Has anyone used the Boson tests to study for the CCIE written and did they help? I am thinking about purchasing them. Matt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51034t=51034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Cisco quot;Frankenquot; Pix Firewall [7:51051]
For the love of God, *please* don't start another huge thread on the Franken PIX ... If you want technical advice on using the PIX, I'm your man. If you want legal advice, I'm not Johnny Cochrane. I'm not a lawyer nor do I play one on TV. But if you *think* it's illegal, it probably is ... At 06:18 AM 8/9/2002 -0700, patrick ramsey wrote: Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51051t=51051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco quot;Frankenquot; Pix Firewall [7:51066]
Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing:
RE: Cisco quot;Frankenquot; Pix Firewall [7:51067]
Cisco Software is NON-TRANSFERABLE. Unless you bought the software license for the PIX from Cisco you are guilty of theft. Owning an ISA card doesn't give you the right for the software. The new owner would also be required to purchase a software license. Cisco is under no obligation to sell you software and the license they sell you is revocable, so they could choose to revoke the license you purchased, or just flatly refuse to sell you one in the first place. You really are that powerless against Cisco, you really need to read the software agreement again. It really is black and white. Thanks Larry -Original Message- From: Sabertech Networks [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:22 AM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces
Re: Erase Flash of a 2513.....Help [7:51049]
change the config register (ex, 0x141 or 0x101) and reload the router. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Juan Blanco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I wan to be able to upgrade the ios of a 2513, the problem that I am having is that I don't seem to be able to erase the current flash, what I am doing wrong here???, I have done this so many times but some how is not working now.Nothing can replace years of experience Router#show flash System flash directory: File Length Name/status 1 5014268 igs-inr-l.110-18 [5014332 bytes used, 11762884 available, 16777216 total] 16384K bytes of processor board System flash (Read ONLY) Router#erase flash System flash directory: File Length Name/status 1 5014268 igs-inr-l.110-18 [5014332 bytes used, 11762884 available, 16777216 total] Erase flash device? [confirm]y Are you sure? [yes/no]: yes %dev_open: System flash not writable Router# Router# Router#show ver Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-INR-L), Version 11.0(18), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1997 by cisco Systems, Inc. Compiled Mon 01-Dec-97 18:21 by jaturner Image text-base: 0x030293A4, data-base: 0x1000 ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) ROM: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Router uptime is 1 minute System restarted by power-on System image file is flash:igs-inr-l.110-18, booted via flash cisco 2500 (68030) processor (revision M) with 14336K/2048K bytes of memory. Processor board ID 10571384, with hardware revision Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 1 Ethernet/IEEE 802.3 interface. 1 Token Ring/IEEE 802.5 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102 Router# Thanks, Juan Blanco The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51059t=51049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco amp;quot;Frankenamp;quot; Pix Firewall [7:51061]
Yes, but Mercedes doesn't have a user license on their engine. Cisco DOES have a license on the PIX OS. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 10:29 AM To: [EMAIL PROTECTED] Subject: RE: Cisco quot;Frankenquot; Pix Firewall [7:51061] In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51069t=51061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
passed BCMSN [7:51070]
hi all yestarday i passed BCMSN with a score of 815. not much changed in the exam. i studied 640-504 book. one year back i had cleared routing and remote access. by reading all the mails about new version of ccnp, i was bit nervous. but after facing the exam, i think not much has changed from 504 to 604. now i am preparing for CIT. Thanks deepak n achar mcp,ccna network engineer wipro technologies bangalore india Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51070t=51070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
flash probs [7:51071]
Hi group!! I have a problem gett running my new 8mb flash for 2501 router. i got the flash with IOS 12.1 (15) already on it. after i installed the flash, following error message occur: ERR: Invalid chip id 0x80B5 (reversed = 0x1AD ) detected in System flash i tried already: erasing the flash also: o/r 0x2101 i ena conf t config-regi 0x2102 copy tftp flash but nothing works. is there a possibility to erase flash in rx-boot mode? i have no idea :( need help !! thx in advance andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51071t=51071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51072t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: flash probs [7:51071]
Check the version of your boot ROM. Older versions only recognized certain Flash chips. If that is the problem you can contact Cisco for new ROMs. I believe you just have to pay for postage. Check the archives for details. -Original Message- From: crow [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 12:59 PM To: [EMAIL PROTECTED] Subject: flash probs [7:51071] Hi group!! I have a problem gett running my new 8mb flash for 2501 router. i got the flash with IOS 12.1 (15) already on it. after i installed the flash, following error message occur: ERR: Invalid chip id 0x80B5 (reversed = 0x1AD ) detected in System flash i tried already: erasing the flash also: o/r 0x2101 i ena conf t config-regi 0x2102 copy tftp flash but nothing works. is there a possibility to erase flash in rx-boot mode? i have no idea :( need help !! thx in advance andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51075t=51071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Erase Flash of a 2513.....Help [7:51049]
You can't erase flash if it's in use. Config t boot system rom wr reload blah blah (router loads from boot rom image) router(boot)#erase flash (or change the config register manually then reload) If it still doesn't erase even though nothing is running off it you might try replacing the flash. This particular error message however means that you can't erase the flash while it's image is in use. For some reason I couldn't erase this flash even when I had booted the image from a tftp server, I could only do it from boot mode. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51078t=51049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. That's ridiculous, to put it bluntly. :-) The technology becomes more complex every year. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Hey, I have experience trying to teach Cisco Networking Academy at the high school level. It doesn't work. Many of the students didn't even have the reading skills to follow the materials, let alone the sophisticated brain CPU power required to understand the concepts. Only a few of the math whiz types even got subnet maksing, and they don't plan to install routers for a living. They plan to be computer scientists. Cisco Networking Academy does work at the college level, though. Priscilla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51080t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
At 6:02 PM + 8/9/02, Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. A router? Quite possibly. A network of real complexity? Probably not. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Good point. Although I know people that did their first (simple) programs at 7. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51082t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
This is some information that I found that may help you... frame relay mincir The actual guaranteed rate obtained from service provider in bps. This value should be the minimum rate you should drop to in the event of congestion (dropping below this rate implies you are not getting the bandwidth you are paying for). In certain cases (listed above) the mincir and cir values must be the same. The value of mincir is half of the CIR value in bps by default. frame relay bc The amount of data to send per each Tc interval in bits. Ideally for data PVCs Bc = CIR/8 so that Tc = 125msec. If we are doing voice on the PVC, then Bc = CIR/100 is preferable, so that the interval Tc = 10msec (as voice packets cannot tolerate a longer delay). The value of Bc by default is the CIR in bits. frame relay be The amount of excess data allowed to be sent during first Tc interval in bits once credit is built up. Configure Be only if the Frame Relay CIR value is less than the AR. For PVCs carrying voice packets, the Be must be set to zero to ensure best possible voice quality. The router only bursts (Be) when there are tokens in the token bucket. The token bucket does not accrue tokens unless the amount of traffic being sent out is less than the CIR. The router can only burst for the first Tc, after which the token bucket is empty. The value of Be by default is zero bits. frame relay adaptive-shaping becn Implies that the PVC adapts the rate of transmit in response to the BECNs received. The behaviour is as below: If the PVC receives any BECNs during the current time interval (it doesn't matter if this is one or 1000) the transmit rate is decreased by 25 percent. It continues to drop with each BECN (limit one drop per time interval) until the traffic rate gets to the mincir (guaranteed rate) where it stops. Once the traffic rate has decreased, it must allow 16 time intervals of receiving no BECNs before starting to increase traffic again. The amount it increases by is the byte limit that shows up in the show frame pvc x output divided by 16. This increase occurs only if traffic shaping is active. Thus, it takes much longer to get back to the CIR than it did to drop to mincir. Non-Configurable Parameters interval (Tc) The time interval during which you send the Bc bits in order to maintain the average rate of the CIR in seconds. Tc = Bc/CIR in seconds. The range for Tc is between 10 ms and 125 ms. The router internally calculates this value based on the CIR and Bc values in the map class. If Bc/CIR is more than or equal to 125 msec, it uses the internal Tc value. If Bc/CIR is less than 125 ms, it uses the Tc calculated from that equation. byte increment The actual number of committed bytes sent per Tc. We can calculate this using the following formula: Cir * Tc / 8. byte limit The actual number of bytes sent in the first Tc. We can calculate this using the following formula: byte increment + Be/8 (measured in bytes) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51084t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Stange thing [7:50911]
He Shuchen wrote: Thank you Priscilla Oppenheimer and other people here. and I am sorry because English is not my native language. No problem. I think it's admirable that you can speak English at all. At the bottom of the box where you type messages, if you are using the Web interface, is a button that says Quote. If you click on that button, then your message will include the message to which you are responding. Most of us read these messages in a connectionless, stateless fashion. We can't understand messages that don't have any history with them. It's too much work to go back and look at previous messages. It's a little difficult to read a lot of information in the group. I will notice previous messages before I ask question. Noticing isn't the problem. Use the Quote button please. That's the point. Or if you do GroupStudy via e-mail, then configure your e-mail application to include the message to which you are responding. Thanks. I configured the 2520 router as Frame Relay switch and connected it to a 2501 with a DTE to DCE v.35 Cross-over cable. It's my lab environment. The 2520 is DCE and 2501 is DTE. The 2520's RTS=down, but 2501's DCD=up DSR=up DTR=up RTS=up CTS=up. It have up for several days. I think it's a hardware problem with the 2520's serial problem. Other interfaces in 2520 are ok. and I'm sure it's not a cable problem because I have used another cable. The IOS is c2500-i-l.121-7.bin. I think it may be a hardware problem too. It may be a problem with the 2501, however. It should assert RTS since it's the DTE side. By doing more testing, you can determine if the problem resides with the DTE side not asserting RTS or the DCE side not recognizing that RTS has been asserted. But for now it works, so that's good! Please keep us informed if it continues to work. It's an interesting question. Thanks for bringing it to our attention. I'm sorry if my English is too complicated or for any errors. I don't spell check anymore now that I use the Web interface. :-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51083t=50911 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
And, can you stand one more message on this topic? ;-) Instead of reading that rather silly interpretation of the salary study, be sure to go to the actual study at TCP Magazine. It's very interesting, and one could easily come away with a good impression of the market, not the bad one that we are hearing from the interpretation. Sure the market isn't as good as it was, but network industry wages are still way ahead of the average American household income. There's also a great interview with our own Howard C. Berkowitz! ;-) Anyway, the TCP Magazine salary survey pages are here: http://tcpmag.com/salarysurveys/article.asp?EditorialsID=198 Priscilla Howard C. Berkowitz wrote: At 6:02 PM + 8/9/02, Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. A router? Quite possibly. A network of real complexity? Probably not. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Good point. Although I know people that did their first (simple) programs at 7. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51086t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Quoting Robert D. Cluett : I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. Spoken like a true member of upper management. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51085t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
I agree that the statement of the 12-year-old is going too far. Having said that, I do agree that knowledge of basic networking has been commoditized. To be perfectly honest, if all you know how to do is connect a router and configure some basic static routes, you don't know much, not in this economy. And just knowing routing protocols probably isn't going to cut it either. The fact of the matter is that many enterprises get along just fine with basic static routes. I believe that people who can see how the network fits into the rest of the IT infrastructure will still continue to do well. Those who can articulate an integrated fully-functional technological system, combining knowledge of networks, security, servers, storage, databases, applications, etc. etc. rather than just point-pieces will do well. But that means that network jockeys will have to start diversifying away from just knowing networks. Mark Smith wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Quoting Robert D. Cluett : I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. Spoken like a true member of upper management. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51089t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
But can the twelve year old solve a BGP neighbor issue? More then likely his answer will be, well I put everything in the GUI where it asked. --- Mark Smith wrote: Quoting Robert D. Cluett : I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. Spoken like a true member of upper management. [EMAIL PROTECTED] __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51090t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load balance/share [7:50988]
Jason, Lots! Basically your network looks like this: PER m10/ \m10 AB m10 Let's say a metric of 10 for each link for example? A-PER = 10 A-B-PER = 20 Before we get really far into this, have you looked into EIGRP's capability to load balance across unequal cost paths? Modifying the variance on your CE routers should do the trick. http://www.cisco.com/warp/public/103/eigrp1.html http://www.cisco.com/warp/public/103/eigrp9.html http://www.cisco.com/warp/public/103/19.html One question though when you do this: I have not tried a HSRP impelmentation like this. Variance should be local to the router. Please let me know if Router A changes the way it advertises its metrics to router B once variance is implemented. Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:05 AM To: [EMAIL PROTECTED] Subject: RE: load balance/share [7:50988] Mark, Your diagram is correct. I am trying to load balance/share across the links to the PER (per-packet preferably). The clients are behind Rtr A B using an HSRP address. So say Rtr A is the active router. I want to load balance across both links (half of the traffic needs to traverse out Rtr A's ser0 and the other half across the link to Rtr B and then out it's ser0). If I use a static and one link goes down, half of my traffic becomes blackholed. I was trying to find a way to have a default route put into a routing protocol so the routing process would recognize that if one link was down that it needed to send all traffic out the remaining link. Is this clearer? Turpin, Mark wrote: Jason, Is this your lab network? + PE Rtr + / \ / \ + + RtrA +--+ Rtr B + + \- Client Networks With that diagram, or a revised one, can you clarify your question? You mention statics; what routers are you trying to advertise statics to, and from what router are you wishing to advertise them? In regards to load balancing, are you asking if you can load balance clients to router A and router B? Or do you want to load balance the PE router to AB? Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: load balance/share [7:50988] I am trying to lab up a scenario where I can load balance/share across two routers (for redundancy) connected into an MPLS cloud. Additionally, I have HSRP running between the two (I don't want to use MHSRP because I don't want two gateways on the LAN). There is a direct connection between the routers. I know I can use statics, however I want all traffic to be able to failover to the remaining link if one goes down, instead of being being blackholed. | | | | Router 1---Router 2 active standby I have tried with EIGRP, however I was having trouble with getting a default route injected in (without using statics). Is there any way to do this? The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51092t=50988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Priscilla, I'd have to disagree with you here. We have many, many programs that are doing well in the high schools. We supervise 20 Local Acadamies of which 18 are high schools. In fact, the Academy Program was originally intended just for high schools and they comprise the bulk of our acadamies. The key, we have found, is to be selective in the students you allow into the program. Without that, it can indeed be a very difficult curriculum to teach at the high school level. Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy Priscilla Oppenheimer wrote: Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. That's ridiculous, to put it bluntly. :-) The technology becomes more complex every year. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Hey, I have experience trying to teach Cisco Networking Academy at the high school level. It doesn't work. Many of the students didn't even have the reading skills to follow the materials, let alone the sophisticated brain CPU power required to understand the concepts. Only a few of the math whiz types even got subnet maksing, and they don't plan to install routers for a living. They plan to be computer scientists. Cisco Networking Academy does work at the college level, though. Priscilla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51091t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
At 7:04 PM + 8/9/02, Priscilla Oppenheimer wrote: Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. That's ridiculous, to put it bluntly. :-) The technology becomes more complex every year. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Hey, I have experience trying to teach Cisco Networking Academy at the high school level. It doesn't work. Many of the students didn't even have the reading skills to follow the materials, let alone the sophisticated brain CPU power required to understand the concepts. Only a few of the math whiz types even got subnet maksing, and they don't plan to install routers for a living. They plan to be computer scientists. Cisco Networking Academy does work at the college level, though. Priscilla But do they understand how many computer scientists it takes to change a light bulb? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51093t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: flash probs [7:51071]
hi again, what does this mean? (the second flash is the new one and isn't possible to erase, the 1. wasn't a problem(my old one) ) routerB(boot)#erase flash Partition SizeUsed Free Bank-Size State Copy Mode 1 8192K 0K 8192K 8192K Read/Write Direct 2 8192K 7825K 366K 8192K Read/Write Direct [Type ? for partition directory; ? for full directory; q to abort] Which partition? [default = 1] 2 System flash directory, partition 2: File Length Name/status 1 8013396 c2500-i-l.121-15.bin [8013460 bytes used, 375148 available, 8388608 total] Erase flash device, partition 2? [confirm] Are you sure? [yes/no]: y Erasing device... % System flash is set to read-only in hardwareee % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree this message i get after reloading: Cisco Internetwork Operating System Software IOS (tm) 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1995 by cisco Systems, Inc. Compiled Thu 23-Mar-95 02:08 by kmac Image text-base: 0x0102, data-base: 0x1000 ERR: Invalid chip id 0x80B5 (reversed = 0x1AD ) detected in System flash % System flash query failed. Access will be RD-ONLYcisco 2500 (68030) processor (revision L) with 14332K/2 048K bytes of memory. Processor board serial number 02094596 X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Authorized for Enterprise software set. (0x0) 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash partition 1 (Read/Write) 8192K bytes of processor board System flash partition 2 (Read/Write) and the sh version: routerB(boot)sh version Cisco Internetwork Operating System Software IOS (tm) 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1995 by cisco Systems, Inc. Compiled Thu 23-Mar-95 02:08 by kmac Image text-base: 0x0102, data-base: 0x1000 ROM: System Bootstrap, Version 5.2(5), RELEASE SOFTWARE routerB uptime is 0 minutes System restarted by power-on Running default software cisco 2500 (68030) processor (revision L) with 14332K/2048K bytes of memory. Processor board serial number 02094596 X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Authorized for Enterprise software set. (0x0) 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash partition 1 (Read/Write) 8192K bytes of processor board System flash partition 2 (Read/Write) Configuration register is 0x2101 routerB(boot)sh flash System flash directory, partition 1: No files in System flash [0 bytes used, 8388608 available, 8388608 total] 8192K bytes of processor board System flash (Read/Write) System flash directory, partition 2: File Length Name/status 1 8013396 c2500-i-l.121-15.bin [8013460 bytes used, 375148 available, 8388608 total] 8192K bytes of processor board System flash (Read/Write) What is happening here? i want to add to 16MB flash, but it isnt possible. anyone with any suggestions? Thx in advance Andy Daniel Cotts schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Check the version of your boot ROM. Older versions only recognized certain Flash chips. If that is the problem you can contact Cisco for new ROMs. I believe you just have to pay for postage. Check the archives for details. -Original Message- From: crow [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 12:59 PM To: [EMAIL PROTECTED] Subject: flash probs [7:51071] Hi group!! I have a problem gett running my new 8mb flash for 2501 router. i got the flash with IOS 12.1 (15) already on it. after i installed the flash, following error message occur: ERR: Invalid chip id 0x80B5 (reversed = 0x1AD ) detected in System flash i tried already: erasing the flash also: o/r 0x2101 i ena conf t config-regi 0x2102 copy tftp flash but nothing works. is there a possibility to erase flash in rx-boot mode? i have no idea :( need help !! thx in advance andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51094t=51071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Question [7:51095]
Hi All, I have got a PIX firewall with two interfaces, the outside interface has a public IP address and inside a private IP address. I will need to connect a server with a public IP address. I know that the PIX firewall can be configured not to NAT a specific IP address. Can I connect a server with a public IP address on the inside interface of the PIX ? If yes, what will be the default gateway, the inside or the outside interface of the PIX ? Thanks in advance. Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51095t=51095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Most bug-free IOS version for the lab [7:51097]
Hi all, I'd like to get a general feedback from people gearing up for the lab which 12.0 IOS release you find least problematic. I'm running flash:c4500-a3jk8s-mz.122-5.bin and flash:/c2500-jk8os-l.122-1b.bin. Haven't had any major issues until I hit OSPF labs. From clear ip ospf proc not working and requiring a reload to NBMA routes/LSA issues. Please post your recommendations or comments. Thank you. Elmer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51097t=51097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Can't agree more. If I've been through subnet masks once I've been through it ten times with my son. He's still not happy with wildcard masks and goes off the handle if the addresses aren't contiguous. I'm going to leave it until he's at least six years old now. I'm wasting my time with him. :-) Gaz Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. That's ridiculous, to put it bluntly. :-) The technology becomes more complex every year. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Hey, I have experience trying to teach Cisco Networking Academy at the high school level. It doesn't work. Many of the students didn't even have the reading skills to follow the materials, let alone the sophisticated brain CPU power required to understand the concepts. Only a few of the math whiz types even got subnet maksing, and they don't plan to install routers for a living. They plan to be computer scientists. Cisco Networking Academy does work at the college level, though. Priscilla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51098t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:51095]
You will have to do a NAT 0 (zero) to use the public address on the inside, and the default gateway will not be on the pix, but on the router on the other side (outside) of the pix. Hth, Ole ~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~ http://www.RouterChief.com ~ Need a Job? http://www.OleDrews.com/job ~ -Original Message- From: Zahid Hassan [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 2:36 PM To: [EMAIL PROTECTED] Subject: PIX Question [7:51095] Hi All, I have got a PIX firewall with two interfaces, the outside interface has a public IP address and inside a private IP address. I will need to connect a server with a public IP address. I know that the PIX firewall can be configured not to NAT a specific IP address. Can I connect a server with a public IP address on the inside interface of the PIX ? If yes, what will be the default gateway, the inside or the outside interface of the PIX ? Thanks in advance. Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51099t=51095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:51095]
What you normally do in this situation is to use static's. Lets assume the following: Inside server address 10.10.10.10 Outside server address 20.20.20.20 Ports needed 80,443,25 You place the server on the inside network, then use the following commands: Static (inside,outside) 20.20.20.20 10.10.10.10 netmask 255.255.255.255 This tells the FW to take any request for address 20.20.20.20 and send them to 10.10.10.10 Next assuming ACL's on the PIX you would do this: ( and assuming the ACL that is applied to the external interface is outside_acl ) Access-list outside_acl permit tcp any host 20.20.20.20 eq 80 Access-list outside_acl permit tcp any host 20.20.20.20 eq 443 Access-list outside_acl permit tcp any host 20.20.20.20 eq 25 Notice that you permit traffic to the external address. That's the normal way to do it and protect the server when 2 interfaces are all that are available. Thanks Larry -Original Message- From: Zahid Hassan [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 3:36 PM To: [EMAIL PROTECTED] Subject: PIX Question [7:51095] Hi All, I have got a PIX firewall with two interfaces, the outside interface has a public IP address and inside a private IP address. I will need to connect a server with a public IP address. I know that the PIX firewall can be configured not to NAT a specific IP address. Can I connect a server with a public IP address on the inside interface of the PIX ? If yes, what will be the default gateway, the inside or the outside interface of the PIX ? Thanks in advance. Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51100t=51095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: passed BCMSN [7:51070]
Congrats! Deepak Achar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all yestarday i passed BCMSN with a score of 815. not much changed in the exam. i studied 640-504 book. one year back i had cleared routing and remote access. by reading all the mails about new version of ccnp, i was bit nervous. but after facing the exam, i think not much has changed from 504 to 604. now i am preparing for CIT. Thanks deepak n achar mcp,ccna network engineer wipro technologies bangalore india Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51101t=51070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:51095]
So you have: Server --- inside- PIX -outside --- Internet How would a server with the public ip address talk to the PIX inside interface, that has a private ip address? It's like having two PC's with different ip addresses and trying to make them talk through a hub. For two devices to talk on the same wire they have to be on the same subnet. So you either have to reconfigure the server to have a private ip address or use a router on the inside of the PIX. PIX doesn't support secondary ip addresses. -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Zahid Hassan Sent: Friday, August 09, 2002 3:36 PM To: [EMAIL PROTECTED] Subject: PIX Question [7:51095] Hi All, I have got a PIX firewall with two interfaces, the outside interface has a public IP address and inside a private IP address. I will need to connect a server with a public IP address. I know that the PIX firewall can be configured not to NAT a specific IP address. Can I connect a server with a public IP address on the inside interface of the PIX ? If yes, what will be the default gateway, the inside or the outside interface of the PIX ? Thanks in advance. Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51102t=51095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Tom Lisa wrote: Priscilla, I'd have to disagree with you here. We have many, many programs that are doing well in the high schools. We supervise 20 Local Acadamies of which 18 are high schools. In fact, the Academy Program was originally intended just for high schools and they comprise the bulk of our acadamies. The key, we have found, is to be selective in the students you allow into the program. Sure you can be selective in the students allowed into the program. Then you get smart, well-to-do students who are probably going to go on to college and not immediately get a job configuring routers. So, while they could have been studying AP Math, Chemistry, etc., they have learned the file naming convention for Cisco IOS images. Very useful thing to know as a college student. The program was meant to be a vocational program for students who will work out of high school. It doesn't work for those students. They don't have the requisite reading skills, problem-solving skills, or analytical abilities. High school brains are not well developed, in general. In the case of the vocational students, their brains just can't handle networking concepts in many cases. The small percentage of high school students that the program works for are the smart students who will work part-time while in college and may find a job doing networking instead of working in the dorm cafeteria. That's a really small number of people. At high schools where there is a shortages of resources, teachers, etc., Cisco Networking Academy is a waste. Instead of teaching the vocational students file naming conventions, subnet masking, OSI, etc. etc., why not teach them something they can actually be good at and use on the outside right out of high school, such as tech support, hardware configuration and repair, desktop support, etc. Of course, your situation may be very different from what we have here in Southern Oregon. Priscilla Without that, it can indeed be a very difficult curriculum to teach at the high school level. Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy Priscilla Oppenheimer wrote: Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. That's ridiculous, to put it bluntly. :-) The technology becomes more complex every year. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Hey, I have experience trying to teach Cisco Networking Academy at the high school level. It doesn't work. Many of the students didn't even have the reading skills to follow the materials, let alone the sophisticated brain CPU power required to understand the concepts. Only a few of the math whiz types even got subnet maksing, and they don't plan to install routers for a living. They plan to be computer scientists. Cisco Networking Academy does work at the college level, though. Priscilla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51103t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:51095]
You're talking about NAT 0. The default gateway address will be the same address as the default outside route on the PIX: either it will be your Bastion Router or your ISPs router. HTH Richard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Zahid Hassan Sent: Friday, August 09, 2002 1:36 PM To: [EMAIL PROTECTED] Subject: PIX Question [7:51095] Hi All, I have got a PIX firewall with two interfaces, the outside interface has a public IP address and inside a private IP address. I will need to connect a server with a public IP address. I know that the PIX firewall can be configured not to NAT a specific IP address. Can I connect a server with a public IP address on the inside interface of the PIX ? If yes, what will be the default gateway, the inside or the outside interface of the PIX ? Thanks in advance. Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51104t=51095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3 questions while studying [7:51105]
Hello all, Excuse me in advance if these questions are rather elementary in nature, but I'm getting frustrated at some contradictions I am seeing while studying for the CID exam. 1. Should access lists be placed at the distribution or access layer in a hierarchical topology? I realize it depends on the purpose, but I've got a Sybex book that says that for the sake of the CID exam, they go at the access layer, while everything else says to place them, generally speaking, at the distribution layer. Why would the general recommendation be different for the CID, or is it? 2. In an ATM LANE newtwork, is it the LEC or LES that performs address resolution from ATM to MAC addresses? I'm seeing that both devices perform the address resolution and figure it must only be one of them, which one is that? 3. Are 'secondaries' and 'subinterfaces' synonymous? They're two separate entities in the materials I'm reading, but they seem to point to the same thing? I just want to make sure that I answer these questions correctly should they come up on the exam. Thanks in advance, this list is great! :-) mitzy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51105t=51105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: flash probs [7:51071]
I had this exact problem when I upgraded my flash a year ago. You need to boot from ROM and remove the partition Change your configuration register to boot from ROM - http://www.cisco.com/warp/public/471/13.html Use the command no partition flash see http://www.cisco.com/univercd/cc/td/doc/product/software/ios11/arbook/arsysi mg.htm#xtocid1594131 Erase your flash, reload, copy tftp -Original Message- From: crow [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 1:30 PM To: [EMAIL PROTECTED] Subject:Re: flash probs [7:51071] hi again, what does this mean? (the second flash is the new one and isn't possible to erase, the 1. wasn't a problem(my old one) ) routerB(boot)#erase flash Partition SizeUsed Free Bank-Size State Copy Mode 1 8192K 0K 8192K 8192K Read/Write Direct 2 8192K 7825K 366K 8192K Read/Write Direct [Type ? for partition directory; ? for full directory; q to abort] Which partition? [default = 1] 2 System flash directory, partition 2: File Length Name/status 1 8013396 c2500-i-l.121-15.bin [8013460 bytes used, 375148 available, 8388608 total] Erase flash device, partition 2? [confirm] Are you sure? [yes/no]: y Erasing device... % System flash is set to read-only in hardwareee % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree % System flash is set to read-only in hardwaree this message i get after reloading: Cisco Internetwork Operating System Software IOS (tm) 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1995 by cisco Systems, Inc. Compiled Thu 23-Mar-95 02:08 by kmac Image text-base: 0x0102, data-base: 0x1000 ERR: Invalid chip id 0x80B5 (reversed = 0x1AD ) detected in System flash % System flash query failed. Access will be RD-ONLYcisco 2500 (68030) processor (revision L) with 14332K/2 048K bytes of memory. Processor board serial number 02094596 X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Authorized for Enterprise software set. (0x0) 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash partition 1 (Read/Write) 8192K bytes of processor board System flash partition 2 (Read/Write) and the sh version: routerB(boot)sh version Cisco Internetwork Operating System Software IOS (tm) 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1995 by cisco Systems, Inc. Compiled Thu 23-Mar-95 02:08 by kmac Image text-base: 0x0102, data-base: 0x1000 ROM: System Bootstrap, Version 5.2(5), RELEASE SOFTWARE routerB uptime is 0 minutes System restarted by power-on Running default software cisco 2500 (68030) processor (revision L) with 14332K/2048K bytes of memory. Processor board serial number 02094596 X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Authorized for Enterprise software set. (0x0) 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash partition 1 (Read/Write) 8192K bytes of processor board System flash partition 2 (Read/Write) Configuration register is 0x2101 routerB(boot)sh flash System flash directory, partition 1: No files in System flash [0 bytes used, 8388608 available, 8388608 total] 8192K bytes of processor board System flash (Read/Write) System flash directory, partition 2: File Length Name/status 1 8013396 c2500-i-l.121-15.bin [8013460 bytes used, 375148 available, 8388608 total] 8192K bytes of processor board
User name and passwords for routers [7:51107]
Can someone please tell me why if you only set an enable password on a router like enable password password and then set the line vty 0 4 line vty 0 4 exec-timeout 0 0 password 7 00131C140F0F09030A330D logging synchronous login local You get prompted for a username coming in from a telnet session when no username is set ? So then I would have to do username user privledge 15 password password to allow access through telnet? I dont understand that behavior. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51107t=51107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
I thought you were supposed to write about what you know. This guy probably thinks the lab is just a typing test. D. At 03:15 PM 8/9/2002 +, [EMAIL PROTECTED] wrote: From the web...just posted for dicussion fodder, I'm not making any statements here or trying to discourage anyone... http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci8434 00,00.html x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x International Network Services Darren S. Crawford - CCNP, CCDP, CISSP Sr. Network Systems Consultant Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x Every Job is a Self-Portrait of the person Who Did It Autograph Your Work With EXCELLENCE! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51108t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2610 router performance with NM-HDV-1T1-24 [7:51109]
Does anybody know if there will be performance problems when using 2610 router with T1 voice card with 24 channel? I know it is supported, but i want to be sure about performance issues. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51109t=51109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: User name and passwords for routers [7:51107]
Try it without the login local command under the vty, then the router should just prompt you for the password you configured under the vty lines when you telnet in. -Original Message- From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: User name and passwords for routers [7:51107] Can someone please tell me why if you only set an enable password on a router like enable password password and then set the line vty 0 4 line vty 0 4 exec-timeout 0 0 password 7 00131C140F0F09030A330D logging synchronous login local You get prompted for a username coming in from a telnet session when no username is set ? So then I would have to do username user privledge 15 password password to allow access through telnet? I dont understand that behavior. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5t=51107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: User name and passwords for routers [7:51107]
Because the login local command is for using a user name in a list that you provide earlier in the config on the router, etc If you dont want that type of login, then just use this command: login password 12121212 Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of McHugh Randy Sent: Friday, August 09, 2002 3:36 PM To: [EMAIL PROTECTED] Subject: User name and passwords for routers [7:51107] Can someone please tell me why if you only set an enable password on a router like enable password password and then set the line vty 0 4 line vty 0 4 exec-timeout 0 0 password 7 00131C140F0F09030A330D logging synchronous login local You get prompted for a username coming in from a telnet session when no username is set ? So then I would have to do username user privledge 15 password password to allow access through telnet? I dont understand that behavior. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51110t=51107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3 questions while studying [7:51105]
mitzy miroy wrote: Hello all, Excuse me in advance if these questions are rather elementary in nature, but I'm getting frustrated at some contradictions I am seeing while studying for the CID exam. 1. Should access lists be placed at the distribution or access layer in a hierarchical topology? I realize it depends on the purpose, but I've got a Sybex book that says that for the sake of the CID exam, they go at the access layer, while everything else says to place them, generally speaking, at the distribution layer. Why would the general recommendation be different for the CID, or is it? I don't think CID disagrees with other tests on this. Access lists, generally speaking as you say, belong at the distribution layer. I checked the official Cisco Press CID book and a couple other books, including my book, Top-Down Network Design. I don't know where the Sybex authors got the impression that CID doesn't agree with other tests on this. 2. In an ATM LANE newtwork, is it the LEC or LES that performs address resolution from ATM to MAC addresses? I'm seeing that both devices perform the address resolution and figure it must only be one of them, which one is that? A LEC is a LAN Emulation Client. It's the one that knows that address resolution is necessary because it has some data to send on behalf of an upper layer, just like a normal client workstation would on Ethernet. However, unlike Ethernet, ATM is a non-broadcast multiaccess network, so the client can't do the resolution on its own. A LEC registers its own MAC address with a LAN Emulation Server (LES). In addition, a LEC queries its LES when it needs to resolve a MAC address to an ATM address. The LES responds directly to the LEC or may forward the query to other clients to let them respond. 3. Are 'secondaries' and 'subinterfaces' synonymous? They're two separate entities in the materials I'm reading, but they seem to point to the same thing? No, secondaries and subinterfaces are not synonymous, although they may be used to solve similar problems. This is something you will want to learn about for all exams. Check CCO documentation for more details. In general terms, secondary addressing is usually avoided these days. Subinterfaces are considered better. In the past subinterfaces were much more common on WANs, while secondary addressing was more often used on LANs. That's no longer true. So in the design reading material, you may be running into problems with legacy methods being described instead of newer methods. I hope this helps. Good luck with your CCDP! Priscilla Oppenheimer http://www.priscilla.com I just want to make sure that I answer these questions correctly should they come up on the exam. Thanks in advance, this list is great! :-) mitzy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51112t=51105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: User name and passwords for routers [7:51107]
Remove the Login Local command. It wants to check a local username/password database that does not exist.. HTH...Richard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of McHugh Randy Sent: Friday, August 09, 2002 3:36 PM To: [EMAIL PROTECTED] Subject: User name and passwords for routers [7:51107] Can someone please tell me why if you only set an enable password on a router like enable password password and then set the line vty 0 4 line vty 0 4 exec-timeout 0 0 password 7 00131C140F0F09030A330D logging synchronous login local You get prompted for a username coming in from a telnet session when no username is set ? So then I would have to do username user privledge 15 password password to allow access through telnet? I dont understand that behavior. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51113t=51107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR traffic shaping [7:51044]
Davis, Scott [ISE/RAC] wrote: I guess maybe I need to make sure I understand the whole theory here. My understanding is that by setting Bc in conjunction with CIR, you are defining the delay by defining the timing interval with a maximum burst size Maybe indirectly this could have an effect on delay, but that's not what you're setting. Don't think delay just because you see time. The time interval is used simply because otherwise a burst has no definite meaning. Sending at rate x for 10 minutes is a lot different from sending at rate x for 10 seconds. A lot of the descriptions are incomprehensible and get into token buckets and other obscure minutiae. :-) Here's how I understand it at a higher level. Someone please correct me if I have oversimplified to the point of being wrong. The CIR specifies that as long as the data input to the Frame Relay network is below or equal to the CIR, then the network provider will continue to forward data for that virtual circuit. If the data input rate exceeds the CIR, there is no longer any commitment. The provider might discard traffic beyond the CIR limit, although if there is sufficient bandwidth, it might continue to forward traffic. CIR is measured over a time interval. Let's say that CIR is measured over a time interval T. The committed burst size (Bc) specifies a maximum amount of data that the provider will transmit over the time interval T even after the CIR has been exceeded. The provider's Frame Relay switch is allowed to set the DE bit for frames at the Bc level. Beyond the Bc, the provider can also support an excess burst size (Be) that specifies the maximum amount in excess of Bc that the network will attempt to transfer under normal circumstances during the time interval T. The ingress switch at the provider immediately sets the DE bit on these frames and also has the right to immediately discard the frames if the switch or network is congested. Priscilla and that by defining Be to anything other than 0 you are allowing specific instances where a burst larger than Bc will be allowed but marked DE ... or something like that but less jumbled that makes sense. I understand the mechanics of the commands, I just want to make sure I understand the theory. Thanks for the link Mark ... the explanation in that document is a bit clearer than the one in the FRTS docs. Thanks again Scott -Original Message- From: Turpin, Mark [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 10:10 AM To: 'Davis, Scott [ISE/RAC]'; [EMAIL PROTECTED] Subject: RE: FR traffic shaping [7:51044] Scott, I'm sure you know how to configure it, so I'll leave configuration examples out. To get a conceptual overview of how shaping and policing actually works, check out this link: (wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos _c/fqcprt4/qcfpolsh.htm s_c/fqcprt4/qcfpolsh.htm as well as picking up the book IP Quality of Service (its actually a good read!) The most important section that explains traffic shaping on frame is the section Traffic Shaping and Rate of Transfer. Look for that, it explains it very well! Short answer, you can define Be/Bc values, but you're really better off leaving it to IOS to figure out. hth, -Mark -Original Message- From: Davis, Scott [ISE/RAC] [ mailto:[EMAIL PROTECTED] ] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott i=51044t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51114t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3 questions while studying [7:51105]
Thanks Priscilla, that helps a lot. As I said before, this list is a wonderful source of information sharing! Thanks again. :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51115t=51105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 questions while studying [7:51105]
At 10:01 PM + 8/9/02, mitzy miroy wrote: Hello all, Excuse me in advance if these questions are rather elementary in nature, but I'm getting frustrated at some contradictions I am seeing while studying for the CID exam. 1. Should access lists be placed at the distribution or access layer in a hierarchical topology? I realize it depends on the purpose, but I've got a Sybex book that says that for the sake of the CID exam, they go at the access layer, while everything else says to place them, generally speaking, at the distribution layer. Why would the general recommendation be different for the CID, or is it? I can't speak to why Sybex did it. At least from my perspective as a former CID instructor, it does depend on what you are trying to do. Putting them at the access layer minimizes bandwidth toward the core, and also provides lots of distributed processing resources to throw at the problem. Putting them at the distribution layer reduces maintenance, may put them on inherently faster processors, and can be useful in localizing multi-site broadcasts and the like (mostly in non-IP). 2. In an ATM LANE newtwork, is it the LEC or LES that performs address resolution from ATM to MAC addresses? I'm seeing that both devices perform the address resolution and figure it must only be one of them, which one is that? Primarily the LEC, but the LES helps the ELAN initially find the LEC. 3. Are 'secondaries' and 'subinterfaces' synonymous? They're two separate entities in the materials I'm reading, but they seem to point to the same thing? No. Secondaries apply multiple IP networks to the same conceptual medium (i.e., broadcast domain or point to point lines). Subinterfaces separate broadcast domains. I just want to make sure that I answer these questions correctly should they come up on the exam. Thanks in advance, this list is great! :-) mitzy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51116t=51105 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Network Deployment Boot Camp [7:51013]
Why not? Save $500.00 for signing up but shell out $2500.00. :) No way!! A little too much !! From: Daniel Cotts Reply-To: Daniel Cotts To: [EMAIL PROTECTED] Subject: Cisco Network Deployment Boot Camp [7:51013] Date: Fri, 9 Aug 2002 16:28:53 GMT Cisco is teaching some courses at its main campuses. FYI * Building Core Networks with OSPF, BGP, and MPLS Technologies * Cisco ONS 15540 Test and Turn Up * Advanced Implementing and Troubleshooting MPLS VPN Networks Don't miss this opportunity to learn how to speed your time to market with network applications in a no-risk, state-of-the-art lab environment. Register today and save U.S.$500! Visit http://www.cisco.com/offer/bootcamp/109077_10 for detailed course descriptions and to register. _ Chat with friends online, try MSN Messenger: http://messenger.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51074t=51013 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Boson Exams [7:51034]
I used them for the MCAST+QOS (CCIP) exam and the RS without the desktop protocols section for my CS written. I passed my tests, but I wouldn't rely on Boson alone =] -Mark -Original Message- From: Vogel Matthew GS-11 CFAO/IRMD [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 12:39 PM To: [EMAIL PROTECTED] Subject: Boson Exams [7:51034] Has anyone used the Boson tests to study for the CCIE written and did they help? I am thinking about purchasing them. Matt The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51073t=51034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco amp;quot;Frankenamp;quot; Pix Firewall [7:51067]
People, you're making it way too difficult, just sell the FrankenPIX without the software! SHEESSS! Who doesn't have a copy of PIX OS? I love all this Guilty of theft stuff! Only a Court of Law can determine if someone is Guilty of Theft.. This Powerless against Cisco attitude is very cool, I'm gonna have that slogan put on some Tee-Shirts! I must say, the Herd is as predictable as ever... Party on! ..Richard Cisco Software is NON-TRANSFERABLE. Unless you bought the software license for the PIX from Cisco you are guilty of theft. Owning an ISA card doesn't give you the right for the software. The new owner would also be required to purchase a software license. Cisco is under no obligation to sell you software and the license they sell you is revocable, so they could choose to revoke the license you purchased, or just flatly refuse to sell you one in the first place. You really are that powerless against Cisco, you really need to read the software agreement again. It really is black and white. Thanks Larry -Original Message- From: Sabertech Networks [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:22 AM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure
RE: Cisco amp;quot;Frankenamp;quot; Pix Firewall [7:51067]
Might I suggest that you ask if they will let you print it on the license plates you could be making. I would be glad to buy your handy work. Ok I apologize to all for feeding the Troll, but I thought he was actually interested in knowing why it is illegal to sell the frankenpix. Obviously my mistake. Thanks Larry -Original Message- From: Sabertech Networks [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 1:33 PM To: Roberts, Larry; [EMAIL PROTECTED] Subject: RE: Cisco quot;Frankenquot; Pix Firewall [7:51067] People, you're making it way too difficult, just sell the FrankenPIX without the software! SHEESSS! Who doesn't have a copy of PIX OS? I love all this Guilty of theft stuff! Only a Court of Law can determine if someone is Guilty of Theft.. This Powerless against Cisco attitude is very cool, I'm gonna have that slogan put on some Tee-Shirts! I must say, the Herd is as predictable as ever... Party on! ..Richard Cisco Software is NON-TRANSFERABLE. Unless you bought the software license for the PIX from Cisco you are guilty of theft. Owning an ISA card doesn't give you the right for the software. The new owner would also be required to purchase a software license. Cisco is under no obligation to sell you software and the license they sell you is revocable, so they could choose to revoke the license you purchased, or just flatly refuse to sell you one in the first place. You really are that powerless against Cisco, you really need to read the software agreement again. It really is black and white. Thanks Larry -Original Message- From: Sabertech Networks [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:22 AM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of
RE: Cisco quot;Frankenquot; Pix Firewall [7:51081]
Just the word Franken-Pix made me laugh. Thanks for that! -Joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 9:22 AM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely say with confidence that you can learn a hell lot more with more than just inside and outside interfaces. - Do You Yahoo!? HotJobs, a Yahoo! service - Search Thousands of New Jobs
Re: CCIE WORTH IT? [7:50941]
A new moto for the group, maybe! Kaminski, Shawn G wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hardcore, BABY!! I love it Shawn K. -Original Message- From: Robert D. Cluett [SMTP:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 10:40 PM To: [EMAIL PROTECTED] Subject: Re: CCIE WORTH IT? [7:50941] I will be a CCIE before I die? Man, is that how we look at this? Vogel Matthew GS-11 CFAO/IRMD wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I would like to add my 2 cents on this topic as well. This is a debate that I have heard over and over and the answer is that it depends on the individual person and what they wish to achieve with a CCIE certification. A couple of points need to be made. 1. Certifications, including the CCIE, are not a guarantee of a job or a particular salary. I am studying for the CCIE now and everyone tells me that I am going to make six figures when I get my cert. I do not believe that that will happen and I am not getting my cert for the money. I work for the government for less than my peers and will continue to do so after I get my cert. A government job has great benefits and good job security. I also get to go home at 4:30 everyday. 2. Certification does not mean you know it all. True the CCIE is the pinnacle of Cisco certs but is does not mean you know it all. There are many more topics that are not covered in the CCIE that a person may not have knowledge of. That is why there are multiple CCIE tracks. 3. Continuing one's education is never a bad thing. In the networking world things change by the day. Working toward a cert and staying certified is a good way to force yourself to stay up with the technology. 4. Better to have the cert than not to. If you are applying for a job and their are two other candidates with the same experience level and training but you have a CCIE cert and they do not, who do you think is going to get the job? In today's job market every little bit helps. For ever person I have heard say it did not make a difference when they got hired, I know three more people that say a cert did make the difference. I know that my certs, MCSE, CCNP, and CCDA helped me get my current job right after Sept. 11. Like I said, it boils down to each individual making a decision. Personally I am not going for the CCIE for the money or a job. I already have both. The payback for me in the knowledge that I got the cert when others said I could not. The prestige is also a good thing. To me it does not matter how long or how much money it takes, I will be a CCIE before I die. Matt -Original Message- From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 10:42 AM To: [EMAIL PROTECTED] Subject: RE: CCIE WORTH IT? [7:50941] I am not so sure it is worth it. I had a CCNP, CCDP, and experience as a network engineer and was out of work for almost an entire year. I think it is only worth it for the challenge and if you really love it , becuase your going to have to put so much time and effort into passing the lab unless your willing to make a huge sacrifice and really enjoy it then just not going to be fun. Just my 2 cents. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51096t=50941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2610 router performance with NM-HDV-1T1-24 [7:51109]
We used NM-HDV-2T1-48 no problem. The module on board DSP does most of processing, so main CPU is free to do others. Zhen Cai www.shakespearenetwork.com Cisco IP Telephony Hands-on Training -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Osama Kamal Sent: Friday, August 09, 2002 3:59 PM To: [EMAIL PROTECTED] Subject: 2610 router performance with NM-HDV-1T1-24 [7:51109] Does anybody know if there will be performance problems when using 2610 router with T1 voice card with 24 channel? I know it is supported, but i want to be sure about performance issues. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51117t=51109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FR traffic shaping [7:51044]
Bit embarrassed. You say you may have simplified it too much, but my brain is still buzzing! How does the time interval T come in to it, and who decides the time interval. If you've got bursty traffic will a longer time interval let you get away with murder (on average). But if the Burst rate is already Bits per second and then we add another time interval, doesn't that make it bits/s/s. Isn't that bit acceleration? :-] My mind won't allow me to continue. After reading a bit more since I wrote the garbage above, I think I confused myself by calling it Burst rate rather than Burst size. Burst size makes it more sense. So do different providers have different time intervals to calculate mean rate from Burst size or is there a recognised standard. I take it that the longer the Tc the better (for the customer)? Help - Frame is my bogey subject Gaz Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Davis, Scott [ISE/RAC] wrote: I guess maybe I need to make sure I understand the whole theory here. My understanding is that by setting Bc in conjunction with CIR, you are defining the delay by defining the timing interval with a maximum burst size Maybe indirectly this could have an effect on delay, but that's not what you're setting. Don't think delay just because you see time. The time interval is used simply because otherwise a burst has no definite meaning. Sending at rate x for 10 minutes is a lot different from sending at rate x for 10 seconds. A lot of the descriptions are incomprehensible and get into token buckets and other obscure minutiae. :-) Here's how I understand it at a higher level. Someone please correct me if I have oversimplified to the point of being wrong. The CIR specifies that as long as the data input to the Frame Relay network is below or equal to the CIR, then the network provider will continue to forward data for that virtual circuit. If the data input rate exceeds the CIR, there is no longer any commitment. The provider might discard traffic beyond the CIR limit, although if there is sufficient bandwidth, it might continue to forward traffic. CIR is measured over a time interval. Let's say that CIR is measured over a time interval T. The committed burst size (Bc) specifies a maximum amount of data that the provider will transmit over the time interval T even after the CIR has been exceeded. The provider's Frame Relay switch is allowed to set the DE bit for frames at the Bc level. Beyond the Bc, the provider can also support an excess burst size (Be) that specifies the maximum amount in excess of Bc that the network will attempt to transfer under normal circumstances during the time interval T. The ingress switch at the provider immediately sets the DE bit on these frames and also has the right to immediately discard the frames if the switch or network is congested. Priscilla and that by defining Be to anything other than 0 you are allowing specific instances where a burst larger than Bc will be allowed but marked DE ... or something like that but less jumbled that makes sense. I understand the mechanics of the commands, I just want to make sure I understand the theory. Thanks for the link Mark ... the explanation in that document is a bit clearer than the one in the FRTS docs. Thanks again Scott -Original Message- From: Turpin, Mark [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 10:10 AM To: 'Davis, Scott [ISE/RAC]'; [EMAIL PROTECTED] Subject: RE: FR traffic shaping [7:51044] Scott, I'm sure you know how to configure it, so I'll leave configuration examples out. To get a conceptual overview of how shaping and policing actually works, check out this link: (wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos _c/fqcprt4/qcfpolsh.htm s_c/fqcprt4/qcfpolsh.htm as well as picking up the book IP Quality of Service (its actually a good read!) The most important section that explains traffic shaping on frame is the section Traffic Shaping and Rate of Transfer. Look for that, it explains it very well! Short answer, you can define Be/Bc values, but you're really better off leaving it to IOS to figure out. hth, -Mark -Original Message- From: Davis, Scott [ISE/RAC] [ mailto:[EMAIL PROTECTED] ] Sent: Friday, August 09, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: FR traffic shaping [7:51044] I am not clear on two of the settings when configuring a map-class. Frame-relay bc and be Are these values supplied by the carrier or a value that you can calculate yourself based on other parameters? TIA Scott i=51044t=51044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL
Re: FR traffic shaping [7:51044]
Gaz wrote: Bit embarrassed. You say you may have simplified it too much, but my brain is still buzzing! How does the time interval T come in to it, and who decides the time interval. If you've got bursty traffic will a longer time interval let you get away with murder (on average). Good questions. I don't think I described Bc correctly, so no wonder you're confused! I can tell you what Darren Spohn says in his book, Data Network Design. Then I'll tell you what Cisco says, and hopefully I won't leave the situation even messier than it already is, and if I do, hopefully somebody will clean it up. ;-) I'll insert my own pithy comments in parentheses. Here goes: Spohn: The CIR is computed as the number of bits in a committed Burst size, Bc, that can arrive during an averaging interval T such that CIR = Bc/T. If the number of bits that arrive during the interval T exceeds Bc, but is less than an excess threshold, Bc + Be, then the subsequent frames are marked as DE. At present, there is no uniform method for setting the interval T. If T is set too small, such that Bc is less than the length of a single frame, then every frame will be marked DE. If T is set too large, the buffer capacity in the FR access node may not be practical In public FR, it is the responsibility of the provider to set the value of T, and the value of 1 is often used to match the line measure of bps. And here's what Cisco says: frame relay bc The amount of data to send per each Tc interval in bits. Ideally for data PVCs Bc = CIR/8 so that Tc = 125msec. If we are doing voice on the PVC, then Bc = CIR/100 is preferable, so that the interval Tc = 10msec... The value of Bc by default is the CIR in bits. (which would match the Spohn statement, by the way) ... Non-Configurable Parameters interval (Tc) The time interval during which you send the Bc bits in order to maintain the average rate of the CIR in seconds. Tc = Bc/CIR in seconds. (algebraically the same as Spohn's equation, by the way) The range for Tc is between 10 ms and 125 ms. The router internally calculates this value based on the CIR and Bc values in the map class. If Bc/CIR is more than or equal to 125 msec, it uses the internal Tc value. If Bc/CIR is less than 125 ms, it uses the Tc calculated from that equation. (I hope I haven't just confused matters even more! ;-) Priscilla But if the Burst rate is already Bits per second and then we add another time interval, doesn't that make it bits/s/s. Isn't that bit acceleration? :-] My mind won't allow me to continue. After reading a bit more since I wrote the garbage above, I think I confused myself by calling it Burst rate rather than Burst size. Burst size makes it more sense. So do different providers have different time intervals to calculate mean rate from Burst size or is there a recognised standard. I take it that the longer the Tc the better (for the customer)? Help - Frame is my bogey subject Gaz Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Davis, Scott [ISE/RAC] wrote: I guess maybe I need to make sure I understand the whole theory here. My understanding is that by setting Bc in conjunction with CIR, you are defining the delay by defining the timing interval with a maximum burst size Maybe indirectly this could have an effect on delay, but that's not what you're setting. Don't think delay just because you see time. The time interval is used simply because otherwise a burst has no definite meaning. Sending at rate x for 10 minutes is a lot different from sending at rate x for 10 seconds. A lot of the descriptions are incomprehensible and get into token buckets and other obscure minutiae. :-) Here's how I understand it at a higher level. Someone please correct me if I have oversimplified to the point of being wrong. The CIR specifies that as long as the data input to the Frame Relay network is below or equal to the CIR, then the network provider will continue to forward data for that virtual circuit. If the data input rate exceeds the CIR, there is no longer any commitment. The provider might discard traffic beyond the CIR limit, although if there is sufficient bandwidth, it might continue to forward traffic. CIR is measured over a time interval. Let's say that CIR is measured over a time interval T. The committed burst size (Bc) specifies a maximum amount of data that the provider will transmit over the time interval T even after the CIR has been exceeded. The provider's Frame Relay switch is allowed to set the DE bit for frames at the Bc level. Beyond the Bc, the provider can also support an excess burst size (Be) that specifies the maximum amount in excess of Bc that the network will attempt to transfer under normal circumstances during the time interval T. The ingress switch at the provider immediately
RE: Cisco quot;Frankenquot; Pix Firewall [7:51119]
You know the only problem with the FrankenPIX is that the bolts on the side keep you from putting it into a standard rack... Frank Jimenez [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Gabriel Ruiz Sent: Friday, August 09, 2002 2:36 PM To: Scott Polano; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Cisco Franken Pix Firewall Making a Fraken-IDS shouldn't be something difficult either. It's an Intel PC running Solaris Intel and the Sensor Software... :-@ - Original Message - From: Scott Polano To: ; ; ; ; ; Sent: Friday, August 09, 2002 3:23 PM Subject: RE: Cisco Franken Pix Firewall Hey, I just found out how to make a Franken-Concentrator. Does anyone want the instructions ! -Scott From: Joseph Ezerski Reply-To: Joseph Ezerski To: 'Sabertech Networks' , [EMAIL PROTECTED], 'patrick ramsey' , [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Date: Fri, 9 Aug 2002 12:06:02 -0700 Just the word Franken-Pix made me laugh. Thanks for that! -Joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 9:22 AM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've
RE: Cisco quot;Frankenquot; Pix Firewall [7:51121]
This is why McDonald's builds in the self-destructing bacteria in case you choose to use your burger for a paperweight. Not only will it exude grease 'n' stuff all over your papers, but will become quite ripe in short order. Cisco hasn't quite figured out how to put those protections in their equipment yet! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 12:22 PM To: [EMAIL PROTECTED]; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall Scott, Thanks for setting me straight, I forgot about the legal concept of intention and design. When I buy a hamburger at McDonalds, they intended that I eat it, it was designed for that purpose, if use it as a paper weight, I'm according to you, committing a crime. That part about the prison really scared me though, I guess I'd better stop all this independent thinking and rejoin the herd. Party on...Richard -Original Message- From: Scott Morris [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 9:05 AM To: 'Sabertech Networks'; 'patrick ramsey'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall And you believe it's smart to box with Cisco's lawyers why? If you tried to sell your Franken Benz as something that performs exactly like a Mercedes Benz and runs the same software and commands and everything else but the outer shell, then I'd be willing to bet Mercedes would kick you around the courtroom too. Intel's NICs are a commodity designed to go with computers of any variety. PIX Flash cards are not. PIX Flash cards are designed to go in Cisco's PIX boxes. Period. No grey area. Knock yourself out, study how you will and quit arguing about the stupid point. Sell your franken-pix as such if you want, and write me from your prison's AOL account telling me that I was right. :) Get back to studying useful things. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sabertech Networks Sent: Friday, August 09, 2002 11:45 AM To: patrick ramsey; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cisco Franken Pix Firewall In spite of all the urban legends to the contrary, there is no law against buying a computer, buying a card, putting the card in the computer and selling it. You own both parts, do whatever you want, it's a free country. Last week I bought a Pentium 3 machine, added an Intel NIC and I will sell it next week. I'm serious, so now is the time to report this crime to Intel. The herd will say it's illegal and make lots of scary references to past legal action by Cisco in such cases, but NO ONE AS EVER PROVED that it has happened. Ghost stories. First off, a 501 costs $400 and will teach you everything except DMZ interfaces and Fail Over, each subject can be mastered in about five minutes. Secondly, a Franken Pix has no commercial value, I really don't think that I'm going to give my customers the choice of securing their networks with a cool Franken PIX that I assembled with various junk parts. That's silly. Here's a good analogy, say I start buying old junk cars, then I pay $20,000 each for factory built Mercedes Benz engines, I put them in my junk cars and sell them. Is Mercedes Benz going to worry about my Franken Benz? Party onRichard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of patrick ramsey Sent: Friday, August 09, 2002 6:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: OT: Cisco Franken Pix Firewall Hopefully someone in this group can help me answer it. I purchased a couple of ISA Pix Flash card on the Internet last year to build a couple of clone pix firewalls so that I can get hand-on experience with the platforms. I built two pix firewalls out of two Dell PII 233MHz box and they work great just like a regular Pix 520. Twelve months later, I have to say I've become an expert with Pix firewalls that I otherwise would not have been able to achieve had it not been for these two Pix clones. These two clone pix firewalls are running version 6.2(2) with PDM 2.0(2). Here is my question. I am pretty sure that it is illegal for me to sell these clone pix firewall (please confirm); however, can I sell just the Pix Flash card without the dell machine? Personally, I think this could be a great resource for someone who would like to learn Pix firewall. I just don't think the Pix 501 and 506 is adequate for someone to learn everything there is to learn about Pix because two interfaces are just not enough. You need to have at least three interfaces so that you can mimic a real production environment and frankly these clone pix520 firewall can provide up to six interfaces which work just great. I don't care what anybody say, after playing these clones for the past 12 months, 7 days a week, I can definitely
NAT Keyword has me puzzled [7:51122]
All, I've spent quite some time looking around on CCO for a definition of a keyword and have had little success. Can you help? What I'm looking for is clarification of what the keyword extendable in the following command is for: ip nat inside source static tcp 10.1.1.8 80 197.7.9.5 80 extendable. What does this mean, and what happens if I don't include it? I've found several references that list it in configs, but none of them explain it's purpose. Any input greatly appreciated. Thanks, Kelly Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51122t=51122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
B-link2 ISDN Simulator Help.....??????? [7:51123]
Team, I just try to use my new isdn simulator(B-Link2) by using the following example on page 156(chapter 5) of the book Cisco Certification Bridges, Routers and switches for CCIEs by Andrew Bruce Caslow. According to Caslow, the configuration below will be sufficient to have layer 1 working properly What I did was the following: Router a and Router b isdn switch-type basic-ni1 no shutdown I changed the switch-type on the simulator to usa-ni1 When I type show isdn status I get the following: r2#show isdn status Global ISDN Switchtype = basic-ni ISDN BRI0/0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 40 Total Allocated ISDN CCBs = 0 r2# r6#show version Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-DO3S-M), Version 12.2(10a), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Tue 21-May-02 14:07 by pwade Image text-base: 0x80008088, data-base: 0x8121A00C ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) r6 uptime is 2 hours, 28 minutes System returned to ROM by power-on System image file is flash:c2600-do3s-mz.122-10a.bin cisco 2610 (MPC860) processor (revision 0x202) with 53248K/12288K bytes of memory. Processor board ID JAD03342441 (1312753960) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. Basic Rate ISDN software, Version 1.1. 1 Ethernet/IEEE 802.3 interface(s) 1 Serial network interface(s) 1 ISDN Basic Rate interface(s) 2 Voice FXS interface(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Again, I am using the default configuration on the simulator, except for the switch-type. What I am doing wrong here. Thanks for your help.. Juan Blanco The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51123t=51123 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Notes on salaries [7:51052]
Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 6:02 PM + 8/9/02, Robert D. Cluett wrote: I like this statement Times have changed, he said. Six years ago the technology was complex. Certification was important because it told an employer and customers that the certified professional could find his way around complicated networks. But now networks are easier to install and maintain. Now they've dumbed it down to the point where a 12-year-old can install a Cisco router, Mazurek said. A router? Quite possibly. A network of real complexity? Probably not. Mazurek says that he pays little attention to certification when he is hiring. It is experience that matters to him. - A 12 year old, huh? Good point. Although I know people that did their first (simple) programs at 7. CL: Mozart died at 35. Eisnstein published relativity at 26. Most of the rest of us just do the best we can with what we have. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51125t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: B-link2 ISDN Simulator Help.....??????? [7:51123]
What interfaces are you using on your routers? Are they U or S/T? The BLink-2 is the same as my SlimLine-2 and it uses S/T ISDN interfaces, so if you are trying to use it with U type it will never work! Ref: http://www.yeti-gbr1.co.uk Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51126t=51123 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: recommended router. [7:50950]
george wrote: :Which router would anyone recommend for setting up a frame-relay switch : :4500 or the 2520 series? I use a 4500 just because I have a couple of them in my lab. Works great. :I found a 4500 4 serial ports, and 4 isdn ports for 399 is that good? Pretty good price. Of course you can always pay more or less depending on how lucky you are on the day you buy. -- --Rick Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51127t=50950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix logging to a Freebsd syslog server [7:51124]
Can anyone help me out with a PIX logging to a Freebsd syslog server. I thought I was sure about setting this up but I am not getting any messages on the server, see my configs below. logging on logging timestamp logging trap debugging logging facility 23 logging host inside 192.168.11.4 FreeBSD local7.debug/var/log/cisco.all I also startes syslogd with these parameters 29612 ?? Ss 0:00.03 syslogd -a 192.168.11.2/255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51124t=51124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]