RE: Does cisco IOS support Frame Relay over ISDN... [7:51641]
I have set it up here with another colleague using frame relay encapsulation and dialing up into a Nortel passport. In both IOS ver 12.1 and 12.0, the router crashed with a software error. When you use IOS ver 11.3 it works perfectly!! I haven't had a chance yet to get TACs opinion on this one yet. HTH Andrew -Original Message- From: richard dumoulin [mailto:[EMAIL PROTECTED]] Sent: 25 August 2002 13:01 To: [EMAIL PROTECTED] Subject: RE: Does cisco IOS support Frame Relay over ISDN... [7:51641] Yes it supports it. I have seen it over 1 b channel. It also works over adsl. Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52063&t=51641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Which IOS supports PE Feature in Cisco 7206 VXR Router [7:52062]
Hello All,
Currently we have Cisco 7206VXR Router with c7200-js-mz.122-10.bin
image.(12.2(10)T.).
What upgradation/image is required to support 6PE ("IPv6 provider edge
router over MPLS" feature.
Which IOS is supporting "IPv6 provider edge router over MPLS(6PE) " feature
for Cisco 7206 VXR Router.
Which IOS version software supports 6PE feature in All Hardware Platforms?
Regards,
R.S.Sundar
***
This message is proprietary to Future Software Limited (FSL)
and is intended solely for the use of the individual to whom it
is addressed. It may contain privileged or confidential information
and should not be circulated or used for any purpose other than for
what it is intended.
If you have received this message in error, please notify the
originator immediately. If you are not the intended recipient,
you are notified that you are strictly prohibited from using,
copying, altering, or disclosing the contents of this message.
FSL accepts no responsibility for loss or damage arising from
the use of the information transmitted by this email including
damage from virus.
***
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52062&t=52062
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Security Policy [7:52061]
Hi All, does any one have a copy of a security policy (like a corporate security outline for the company) that they are willing to share, so I can create one using that as a template/guide ? Thanks all John Sydney, Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52061&t=52061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
i`m a chinese [7:52060]
can you speak chinese 你们能看懂吗 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52060&t=52060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question [7:52059]
Dear Sir/Madam, I have two NASs in my network. The first NAS is Cisco Router(2511) and the second is a Win2000 Advaned Server. My Win2000 NAS is a Radius client but my Cisco router use TACAC+ protocol. I'm using "NTTacPlus" software for Authentication & Accounting & Authorising. Some of users log in to my network by Win2000 NAS and the others enter to my network by the Router. When I see to my NTTacPlus users monitor, I can see "Caller ID" = "async/" that assigned to users who loged in by Router NAS. But the "Caller ID" field in NTTAC Monitor has blank value for the users who loged in by Win2000 Radius client. Please let me to know if I can assign a same value to "Caller ID", when a use login to my network by Win2000 Radius Client. Regards, H.Sedighi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52059&t=52059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: routing problem? [7:52054]
Try putting 'no ip address' on the serial interfaces. You don't need a ip unnumbered or ip address on them if they are part of a multilink-group. Have you tried removing the NAT? Don't see a complete config for NAT so can't see if it may be a issue. Erick --- Beckwith Rod wrote: > Hello, > > This looks to be a very straight forward > configuration, but it is > giving me fits. It's a simple Multilink PPP setup. > > I can "ping" from Router A to Router B, but I can't > do any > TCP i.e. Telnet, SSH, Traceroute, etc. > > All I want to be able to do is telnet from > Router A to Router B... > > The weird thing is, I can telnet from > Router B to Router A. > > Please tell me if I have done something stupid. > > > > Router A > > ip subnet-zero > ! > no ip bootp server > ! > ! > ! > process-max-time 200 > ! > interface Multilink1 > ip address 192.168.1.1 255.255.255.0 > ip directed-broadcast > ip nat outside > no cdp enable > ppp multilink > multilink load-threshold 2 either > multilink-group 1 > ! > interface Ethernet0/0 > no ip address > no ip directed-broadcast > no ip mroute-cache > shutdown > no cdp enable > ! > interface Serial0/0 > ip unnumbered Multilink1 > ip directed-broadcast > encapsulation ppp > no ip mroute-cache > no fair-queue > service-module t1 clock source internal > ppp multilink > multilink-group 1 > ! > interface Serial0/1 > ip unnumbered Multilink1 > ip directed-broadcast > encapsulation ppp > no ip mroute-cache > no fair-queue > service-module t1 clock source internal > ppp multilink > multilink-group 1 > ! > interface FastEthernet1/0 > ip address 172.16.XXX.XXX 255.255.0.0 secondary > ip address 209.17.XXX.XXX 255.255.255.0 > ip directed-broadcast > no cdp enable > ! > ip classless > ip route 0.0.0.0 0.0.0.0 209.17.95.1 > ip route 209.17.XXX.144 255.255.255.240 Multilink1 > no ip http server > > > > > Router B > > ip subnet-zero > ip dhcp excluded-address 192.168.4.1 192.168.4.20 > ! > ip dhcp pool wc >network 192.168.4.0 255.255.255.0 >default-router 192.168.4.1 >dns-server 206.13.XXX.12 206.13.XXX.12 >domain-name XXX.net >lease 2 > ! > ! > ! > ! > process-max-time 200 > ! > interface Multilink1 > ip address 192.168.1.2 255.255.255.0 > ip directed-broadcast > ip nat outside > no cdp enable > ppp multilink > multilink load-threshold 2 either > multilink-group 1 > ! > interface Ethernet0/0 > ip address 209.17.XXX.145 255.255.255.240 > ip directed-broadcast > full-duplex > ! > interface Serial0/0 > ip unnumbered Multilink1 > ip directed-broadcast > encapsulation ppp > no ip mroute-cache > no fair-queue > ppp multilink > multilink-group 1 > ! > interface Serial0/1 > ip unnumbered Multilink1 > ip directed-broadcast > encapsulation ppp > no ip mroute-cache > no fair-queue > ppp multilink > multilink-group 1 > ! > interface FastEthernet1/0 > ip address 192.168.4.1 255.255.255.0 > ip directed-broadcast > ip nat inside > ! > ip nat translation timeout 43200 > ip nat inside source list 101 interface Ethernet0/0 > overload > ip classless > ip route 0.0.0.0 0.0.0.0 Multilink1 > no ip http server > > > Both routers are identical > > Cisco Internetwork Operating System Software > IOS (tm) C2600 Software (C2600-IS-M), Version > 12.0(5)T1, RELEASE SOFTWARE > (fc1) > Copyright (c) 1986-1999 by cisco Systems, Inc. > Compiled Tue 17-Aug-99 14:39 by cmong > Image text-base: 0x80008088, data-base: 0x80B5E15C > > ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE > SOFTWARE (fc1) > > Rhapsody@FIC uptime is 1 week, 20 hours, 21 minutes > System returned to ROM by power-on > System image file is "flash:c2600-is-mz.120-5.T1" > > cisco 2610 (MPC860) processor (revision 0x202) with > 32768K/8192K bytes of > memory. > Processor board ID JAD03342330 (2663084462) > M860 processor: part number 0, mask 49 > Bridging software. > X.25 software, Version 3.0.0. > 1 Ethernet/IEEE 802.3 interface(s) > 1 FastEthernet/IEEE 802.3 interface(s) > 2 Serial network interface(s) > 32K bytes of non-volatile configuration memory. > 16384K bytes of processor board System flash > (Read/Write) > > Configuration register is 0x2102 > > > > Any clues? > > Thanks > > Rod __ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52058&t=52054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
how to config CSS [7:52056]
hi everyone,i have two css 11801 and two servers which link as cluster,for the port in every server is only one gigabit ethernet port and the ports in css are gigabit ports too! now i want only link one server to one css by one link,and two css link together ,so can i achieve the redundance and the server cluster? any someone give me a sample configure? any answer is appreciated! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52056&t=52056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
css with cluster server [7:52055]
hi everyone,i have two css 11801 and two servers which link as cluster,for the port in every server is only one gigabit ethernet port and the ports in css are gigabit ports too! now i want only link one server to one css by one link,and two css link together ,so can i achieve the redundance and the server cluster? any answer is appreciated! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52055&t=52055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
routing problem? [7:52054]
Hello, This looks to be a very straight forward configuration, but it is giving me fits. It's a simple Multilink PPP setup. I can "ping" from Router A to Router B, but I can't do any TCP i.e. Telnet, SSH, Traceroute, etc. All I want to be able to do is telnet from Router A to Router B... The weird thing is, I can telnet from Router B to Router A. Please tell me if I have done something stupid. Router A ip subnet-zero ! no ip bootp server ! ! ! process-max-time 200 ! interface Multilink1 ip address 192.168.1.1 255.255.255.0 ip directed-broadcast ip nat outside no cdp enable ppp multilink multilink load-threshold 2 either multilink-group 1 ! interface Ethernet0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no cdp enable ! interface Serial0/0 ip unnumbered Multilink1 ip directed-broadcast encapsulation ppp no ip mroute-cache no fair-queue service-module t1 clock source internal ppp multilink multilink-group 1 ! interface Serial0/1 ip unnumbered Multilink1 ip directed-broadcast encapsulation ppp no ip mroute-cache no fair-queue service-module t1 clock source internal ppp multilink multilink-group 1 ! interface FastEthernet1/0 ip address 172.16.XXX.XXX 255.255.0.0 secondary ip address 209.17.XXX.XXX 255.255.255.0 ip directed-broadcast no cdp enable ! ip classless ip route 0.0.0.0 0.0.0.0 209.17.95.1 ip route 209.17.XXX.144 255.255.255.240 Multilink1 no ip http server Router B ip subnet-zero ip dhcp excluded-address 192.168.4.1 192.168.4.20 ! ip dhcp pool wc network 192.168.4.0 255.255.255.0 default-router 192.168.4.1 dns-server 206.13.XXX.12 206.13.XXX.12 domain-name XXX.net lease 2 ! ! ! ! process-max-time 200 ! interface Multilink1 ip address 192.168.1.2 255.255.255.0 ip directed-broadcast ip nat outside no cdp enable ppp multilink multilink load-threshold 2 either multilink-group 1 ! interface Ethernet0/0 ip address 209.17.XXX.145 255.255.255.240 ip directed-broadcast full-duplex ! interface Serial0/0 ip unnumbered Multilink1 ip directed-broadcast encapsulation ppp no ip mroute-cache no fair-queue ppp multilink multilink-group 1 ! interface Serial0/1 ip unnumbered Multilink1 ip directed-broadcast encapsulation ppp no ip mroute-cache no fair-queue ppp multilink multilink-group 1 ! interface FastEthernet1/0 ip address 192.168.4.1 255.255.255.0 ip directed-broadcast ip nat inside ! ip nat translation timeout 43200 ip nat inside source list 101 interface Ethernet0/0 overload ip classless ip route 0.0.0.0 0.0.0.0 Multilink1 no ip http server Both routers are identical Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by cisco Systems, Inc. Compiled Tue 17-Aug-99 14:39 by cmong Image text-base: 0x80008088, data-base: 0x80B5E15C ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Rhapsody@FIC uptime is 1 week, 20 hours, 21 minutes System returned to ROM by power-on System image file is "flash:c2600-is-mz.120-5.T1" cisco 2610 (MPC860) processor (revision 0x202) with 32768K/8192K bytes of memory. Processor board ID JAD03342330 (2663084462) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 1 Ethernet/IEEE 802.3 interface(s) 1 FastEthernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Any clues? Thanks Rod Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52054&t=52054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VLAN Tunneling Practice [7:52053]
To bring this topic to a conclusion, here are the basic ideas for a vlan tunneling lab exercise Customer A and Customer B each use the same provider to carry network traffic between their respective sites. Necessary Equipment To properly perform this Lab exercise, the following equipment is required 1) Four routers capable of 802.1Q trunking on their Ethernet interfaces. Two such ethernet interfaces on each of the routers is preferable, but the Lab can be modified to use routers with only one such ethernet port on each. In fact, for my practice, I used two 2621's and two 2620's 2) Two Catalyst 3550 switches. Layer 3 capability is not required for this Lab exercise. 3) Patch cables for connecting router ethernet ports to switches 4) Patch cables for connecting the two switches. These may be fiber via GBIC, Gigastack, or Cat5 ethernet crossover cables. General Configuration Information All Customer routers are configured identically. Two routing protocols are in place - OSPF and EIGRP Networks 172.20.x.x/24 are OSPF routes Networks 172.21.x.x/24 are EIGRP routes The VLAN to subnet relationship is the same on both customer networks, as follows: VLAN 10 = 172.20.10.0/24 VLAN 20 = 172.20.20.0/24 VLAN 30 = 172.20.30.0/24 VLAN 40 = 172.21.40.0/24 VLAN 50 = 172.21.50.0/24 VLAN 60 = 172.20.60.0/24 As a sanity check, to assure that leaking is not taking place, each router should be configured with two loopback interfaces, one placed into the OSPF process and the other being placed into the EIGRP process. Something along the lines of: Customer A, Router 1 Loopback 1 = 192.168.1.0/24 Loopback 2 = 192.168.11.0/24 Customer A, Router 2 Loopback 1 = 192.168.101.0/24 Loopback 2 = 192.168.111.0/24 Customer B, Router 1 Loopback 1 = 192.168.2.0/24 Loopback 2 = 192.168.22.0/24 Customer B, Router 2 Loopback 1 = 192.168.202.0/24 Loopback 2 = 192.168.222.0/24 At the end of the day, thanks to VLAN tunneling, Customer_A routers saw eachother, and the OSPF and EIGRP routes propagated properly. Same for Customer_B CUSTOMER_A_ROUTER_1#sh ip route C192.168.11.0/24 is directly connected, Loopback21 172.21.0.0/24 is subnetted, 4 subnets C 172.21.60.0 is directly connected, FastEthernet0/1.60 C 172.21.50.0 is directly connected, FastEthernet0/1.50 C 172.21.40.0 is directly connected, FastEthernet0/1.40 C 172.21.0.0 is directly connected, FastEthernet0/1 172.20.0.0/24 is subnetted, 4 subnets C 172.20.30.0 is directly connected, FastEthernet0/0.30 C 172.20.20.0 is directly connected, FastEthernet0/0.20 C 172.20.10.0 is directly connected, FastEthernet0/0.10 C 172.20.0.0 is directly connected, FastEthernet0/0 C192.168.1.0/24 is directly connected, Loopback20 O IA 192.168.101.0/24 [110/2] via 172.20.30.2, 00:24:04, FastEthernet0/0.30 <<< [110/2] via 172.20.10.2, 00:24:04, FastEthernet0/0.10 [110/2] via 172.20.20.2, 00:24:05, FastEthernet0/0.20 D192.168.111.0/24 [90/156160] via 172.21.50.2, 00:24:27, FastEthernet0/1.50 <<<=== [90/156160] via 172.21.40.2, 00:24:27, FastEthernet0/1.40 [90/156160] via 172.21.60.2, 00:24:27, FastEthernet0/1.60 CUSTOMER_B_ROUTER_1#sh ip route D192.168.222.0/24 [90/156160] via 172.21.50.2, 00:25:06, FastEthernet0/1.50 <<< [90/156160] via 172.21.60.2, 00:25:06, FastEthernet0/1.60 [90/156160] via 172.21.40.2, 00:25:06, FastEthernet0/1.40 172.21.0.0/24 is subnetted, 4 subnets C 172.21.60.0 is directly connected, FastEthernet0/1.60 C 172.21.50.0 is directly connected, FastEthernet0/1.50 C 172.21.40.0 is directly connected, FastEthernet0/1.40 C 172.21.0.0 is directly connected, FastEthernet0/1 172.20.0.0/24 is subnetted, 4 subnets C 172.20.30.0 is directly connected, FastEthernet0/0.30 C 172.20.20.0 is directly connected, FastEthernet0/0.20 C 172.20.10.0 is directly connected, FastEthernet0/0.10 C 172.20.0.0 is directly connected, FastEthernet0/0 C192.168.22.0/24 is directly connected, Loopback21 O IA 192.168.202.0/24 [110/2] via 172.20.30.2, 00:13:09, FastEthernet0/0.30 <<<= [110/2] via 172.20.10.2, 00:13:09, FastEthernet0/0.10 [110/2] via 172.20.20.2, 00:13:09, FastEthernet0/0.20 C192.168.2.0/24 is directly connected, Loopback20 CUSTOMER_B_ROUTER_1# The documentation I used for switch configurations can be found on the following CCO link: http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1219ea1/3550scg/sw tunnel.htm -- TANSTAAFL "there ain't no such thing as a free lunch" Robert A. Heinlein may his soul grumble in peace Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52053&t=52053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report miscondu
CCIE R/S Cert. Guide Book [7:52052]
Hi, I'm currently studying for the CCIE R/S written exam. Could somebody please give me an opinion on the CCIE R&S Exam Certification Guide Book by A. Brune (Cisco Press) It has just been released in the UK and I am considering getting it to add to my never ending collection of reading material. If any of you guys recommend other books then I would be interested to know about them as well. Thanks Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52052&t=52052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPv6 despair (IOS 12.2T psychosis) [7:52032]
Neal Rauhauser wrote: > > BGP is funny with RIB-failure, OSPF is weird with dropping > subnets > that are visible elsewhere in a simple network, NAT some times > explodes > depending on version, EIGRP is a little screwy, and now I've > got a truly > exceptional problem :-( This would make a great Blues song! Can I suggest the key of E? ;-) Do you already know about this doc from Cisco about Troubleshooting Dialup Connections: http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/tr1916.htm Sorry I can't be of more help. I got those Asynch config blues too. Priscilla > > I've got a working async config - two 1750s back to back with > aux > ports, Paradyne 3820 plus modems, and a Teltone pots simulator. > The > router running 12.1.15 dials the other, can telnet to it, etc, > but the > 12.2T box can not ping, telnet, or anything. YES! I'm not > kidding - > complete failure from one side, but the box on the other side > can cross > the link. > > > I've been running this stuff in a production network and I've > just hit > the wall - its all coming out in a week after I get back from > class and > some nice, conservative GD image is taking its place. > > I didn't even get to touch IPv6 in production ... the IPv4 > stuff is > just too screwy. > > > > -- > Neal Rauhauser CCNP, CCDP voice: 402-301-9555 > mailto:[EMAIL PROTECTED] fcc : k0bsd > "I've seen the angels wearing their disguise, > ordinary people leading ordinary lives" - Tracy Chapman > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52051&t=52032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
pix and xlate timeouts [7:52048]
Has anyone here experienced problems with the new ios 6.2 on the pix. I have noticed when I installed it that some users can connect to the internet until I issue clear xlate command. These are my current timeouts: timeout xlate 3:00:00 timeout conn 12:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 s ip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52048&t=52048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
GRE tunnelling [7:52050]
Can some one let me know useful links to understand GRE tunnelling or can explain it. Thanks as always Jaspreet _ Consultant Andrew NZ Inc Box 50 691, Porirua Wellington 6230, New Zealand Phone +64 4 238 0723 Fax +64 4 238 0701 e-mail [EMAIL PROTECTED] WARNING: The contents of this e-mail and any attached files may contain information that is legally privileged and/or confidential to the named recipient. This information is not to be used by any other person and/or organisation. The views expressed in this document do not necessarily reflect those of Andrew NZ Inc If you have received this e-mail and any attached files in error please notify the sender by reply e-mail and destroy your copy of this message. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52050&t=52050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pix 501 [7:52044]
Here is how I configured every thing. I do not see a ping or anything logging to the syslog server to the outside interface. ip audit name Outbound-Info info action alarm drop ip audit name Outbound-Attack attack action alarm drop ip audit name Inbound-Info info action drop ip audit name Inbound-Attack attack action alarm drop reset ip audit interface outside Inbound-Info ip audit interface outside Inbound-Attack ip audit interface inside Outbound-Info ip audit interface inside Outbound-Attack ip audit info action alarm ip audit attack action alarm -Original Message- From: Elijah Savage III Sent: Sunday, August 25, 2002 1:44 PM To: [EMAIL PROTECTED] Subject: Pix 501 [7:52044] Should a pix 501 be able to pick nmap port scans from a unix box? I have the pix book and have applied everything as said but it will not pick up a port scan. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52049&t=52044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: NEWS! Cisco Boot Proms No Longer Available. [7:51989]
I remember their was a link to get 2 boot romms, does any one know it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 24, 2002 7:13 PM To: [EMAIL PROTECTED] Subject: RE: NEWS! Cisco Boot Proms No Longer Available. [7:51989] Thats a lie. They are still available, I obtained 2 sets 2 weeks ago. I know they ahve been removed from the parts list, but TAC can raise a case and supply them.. I called TAC US and had 2 sets sent to me free... they are still available depending on WHO you talk to in Cisco. Search google, there is a guy @ cisco that can assist.. I had trouble finding them, but I got them :) Cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52047&t=51989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NEWS! Cisco Boot Proms No Longer Available. [7:51989]
I'll second this...As stated in an earlier post, I just got bootROMS for a 3104 from Cisco, though it wasn't the revision I was hoping for. These routers are older than the 2500 series, and they didn't even bat an eye at being able to provide them. I had them "next-day" as a matter of fact. There was no charge for them, though I have a contract # with Cisco, so that may have helped things a little. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 24, 2002 8:13 PM To: [EMAIL PROTECTED] Subject: RE: NEWS! Cisco Boot Proms No Longer Available. [7:51989] Thats a lie. They are still available, I obtained 2 sets 2 weeks ago. I know they ahve been removed from the parts list, but TAC can raise a case and supply them.. I called TAC US and had 2 sets sent to me free... they are still available depending on WHO you talk to in Cisco. Search google, there is a guy @ cisco that can assist.. I had trouble finding them, but I got them :) Cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52046&t=51989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Off Topic: VPN Router to Router Understanding? [7:52040]
Robert, If you look at the route tables, your VPN tunnel endpoint (the other end) will have a better metric since this gets installed AFTER your connection to your ISP. Thus ALL traffic will be sent through this VPN tunnel. When you disconnect from the tunnel, your ISP's default gateway metric will be restored, typically a value of 1. To further illustrate, after you have connected to either ISP or VPN, you then DIAL into a RAS server, the default gateway will change to prefer the RAS server IP and not the former two. In other words, whatever gets connected last will be the preferred gateway. HTH, Elmer -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Robert D. Cluett Sent: Sunday, August 25, 2002 12:02 PM To: [EMAIL PROTECTED] Subject: Off Topic: VPN Router to Router Understanding? [7:52040] All, My apologies for having to post this here, but I have not been able to get an answer from anyone. The scenario is this, I have 2 linksys routers connected to each other over a VPN tunnel (dsl). My question is, if I was to access the internet would it need to travel on the tunnel to the other linksys and out to the internet, or would it simply travel my dsl connection to my ISP'd gateway router and out? I am trying to understand what type of load I will be putting on my dsl connection. Any thoughts would help..thanks Cluett Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52045&t=52040 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix 501 [7:52044]
Should a pix 501 be able to pick nmap port scans from a unix box? I have the pix book and have applied everything as said but it will not pick up a port scan. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52044&t=52044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52043]
Address in access-list should be 224.0.0.10my bad sorry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Raul F. Fernandez Sent: Sunday, August 25, 2002 12:23 PM To: [EMAIL PROTECTED] Subject: RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52042] The reason the DDR is staying up 24 hours is the eigrp hello packeats are causing the diealer to dial. The address that eigrp multicasts its hello packets is 224.0.0.10. Your dialer list does not preclude eigrp hello multicast address. Your dialer list should go something like this : First use extended access-list to blobk the eigro multicast address: access-list 100 deny ip any host 224.0.0.9 --- prevents eigrp multicast packets access-list 100 permit ip any any or access-list 100 deny eigrp any any access-list 100 permit ip any any your new dialer list will read like this: dialer-list 1 protocol ip list 100 - point to access list 100 also I recommend you disable cdp on both sides od the isdn connection by using the command: no cdp enable Also since you are using PPP, you may want to implement chap authentication since you are running no authentication. Sincerely, Raul F. Fernandez -Original Message- From: Eng. ABDALLAH QUQAS [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 25, 2002 3:25 AM To: 'Raul F. Fernandez' Subject: RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] see attached wordpad config file below: -Original Message- From: Raul F. Fernandez [mailto:[EMAIL PROTECTED]] Sent: Sun, August 25, 2002 11:08 AM To: Eng. ABDALLAH QUQAS; [EMAIL PROTECTED] Subject: RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] Check your dialer list statement and make sure that it is restrictive enough to keep routing protocols from bringing up the ddr. You may want to let us look at the config. Raul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eng. ABDALLAH QUQAS Sent: Sunday, August 25, 2002 2:11 AM To: [EMAIL PROTECTED] Subject: Ref: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] Dear ALL, i have a cisco 3600 router , with BRI INTERFACE, DDR enabled, but it seems all the time the connection (BRI) up (protocol up) 24 hours, anybody can help me what make the connetion 24 hours up, it should be activated upon traffic, dial on demand routing, what's going on? regards Abd quqas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52043&t=52043 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52042]
The reason the DDR is staying up 24 hours is the eigrp hello packeats are causing the diealer to dial. The address that eigrp multicasts its hello packets is 224.0.0.10. Your dialer list does not preclude eigrp hello multicast address. Your dialer list should go something like this : First use extended access-list to blobk the eigro multicast address: access-list 100 deny ip any host 224.0.0.9 --- prevents eigrp multicast packets access-list 100 permit ip any any or access-list 100 deny eigrp any any access-list 100 permit ip any any your new dialer list will read like this: dialer-list 1 protocol ip list 100 - point to access list 100 also I recommend you disable cdp on both sides od the isdn connection by using the command: no cdp enable Also since you are using PPP, you may want to implement chap authentication since you are running no authentication. Sincerely, Raul F. Fernandez -Original Message- From: Eng. ABDALLAH QUQAS [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 25, 2002 3:25 AM To: 'Raul F. Fernandez' Subject: RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] see attached wordpad config file below: -Original Message- From: Raul F. Fernandez [mailto:[EMAIL PROTECTED]] Sent: Sun, August 25, 2002 11:08 AM To: Eng. ABDALLAH QUQAS; [EMAIL PROTECTED] Subject: RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] Check your dialer list statement and make sure that it is restrictive enough to keep routing protocols from bringing up the ddr. You may want to let us look at the config. Raul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eng. ABDALLAH QUQAS Sent: Sunday, August 25, 2002 2:11 AM To: [EMAIL PROTECTED] Subject: Ref: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] Dear ALL, i have a cisco 3600 router , with BRI INTERFACE, DDR enabled, but it seems all the time the connection (BRI) up (protocol up) 24 hours, anybody can help me what make the connetion 24 hours up, it should be activated upon traffic, dial on demand routing, what's going on? regards Abd quqas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52042&t=52042 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NEWS! Cisco Boot Proms No Longer Available. [7:51989]
I just got 10 sets from TAC...very true...not easy to get, but it can be done. ""Robert D. Cluett"" wrote in message news:[EMAIL PROTECTED]... > Guess what, Boot Proms are no longer available for the 2500 series router. > They are no longer listed on the Cisco Pricing Tool. I've spoken with both > Pre-sales and I am currently speaking with TAC about this. Be forewarned! > I can't explain it since the 250x access servers are still being support. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52041&t=51989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Off Topic: VPN Router to Router Understanding? [7:52040]
All, My apologies for having to post this here, but I have not been able to get an answer from anyone. The scenario is this, I have 2 linksys routers connected to each other over a VPN tunnel (dsl). My question is, if I was to access the internet would it need to travel on the tunnel to the other linksys and out to the internet, or would it simply travel my dsl connection to my ISP'd gateway router and out? I am trying to understand what type of load I will be putting on my dsl connection. Any thoughts would help..thanks Cluett Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52040&t=52040 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Routers/Switches/Firewall for sale in UAE [7:52039]
I have the following router/Switch/Firewall for sale in UAE. Cisco 2509 Cisco 2502 Cisco 1601 Cisco 1720 PIX Firewall 501 Catalyst Switch Wic-1T Wic-2T All the above equipment has been upgraded with enough DRAM/Flash for all the IOS flavours. Even all the cables required for back to back connectivity is available. Ideal for CCIE RS/Security and CCNP studies. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52039&t=52039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Does cisco IOS support Frame Relay over ISDN... [7:51641]
Yes it supports it. I have seen it over 1 b channel. It also works over adsl. Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52038&t=51641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sizing Firewalls [7:52026]
Hello, Not a complete list, but the important factors are : Capacity planning, 1. What kind of throughput that is expected overall ? Can the firewall bus tackle this ? 2. What kind of encrypted throughput expected ? Can the CPU processes this fast enough ? 3. How many tunnel expected ? Some firewall limits on the tunnel although it may have enough througput and CPU to process. 4. Interface amounts. How many network segment you want to have ? 1 Internal, 1or2 External, xxx DMZ ? 5. How big is the hardware, does it fits your rack ? 6. Fail-over time in clustered/redundant setup. Shorter the better. The above can be done by baselining current network and adjust it with expected growth. Hope this helps Regards, Leonard Ong, CISSP, CSS-1, CCSE, MCSE, MCDBA, CCNP, CCDP, NSA, LCP Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax.+65 6723 1596 -Original Message- From: ext Smart Student [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 24, 2002 5:30 PM To: [EMAIL PROTECTED] Subject: Sizing Firewalls [7:52026] Hi Friends , I need help in figuring out what all parameters should be considered when sizing firewalls .Any URL or doc in this regard would really help. thanks in advance, Smart student Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52037&t=52026 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52036]
Check your dialer list statement and make sure that it is restrictive enough to keep routing protocols from bringing up the ddr. You may want to let us look at the config. Raul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eng. ABDALLAH QUQAS Sent: Sunday, August 25, 2002 2:11 AM To: [EMAIL PROTECTED] Subject: Ref: CISCO 3600 ROUTER DDR BRI IS ALWAYS CONNECTED 24 HOURS [7:52035] Dear ALL, i have a cisco 3600 router , with BRI INTERFACE, DDR enabled, but it seems all the time the connection (BRI) up (protocol up) 24 hours, anybody can help me what make the connetion 24 hours up, it should be activated upon traffic, dial on demand routing, what's going on? regards Abd quqas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=52036&t=52036 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
