RE: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54698]
No it's always the Id-10-t's! (that's us ... Humans!) Routers and servers always work, until we decide to configure them ;-) Sorry for getting so late into this thread,only catching up with emails now, The problem with hibernating / and suspend on w2k/WinXP computers, is also this: If the user suspends or hibernates his computer, goes to another location, First plugs the NIC Cable in and then resumes from his session, the OS will keep the old DHCP address. The computer doesn't realise that the network location has changed. Of course if you resume and THEN plug in the cable, it would get sorted out, unless the new location doesn't have a DHCP server, in which case, WinDows will tell you that an error has occurred while reconnecting to the network. Hope this helps (although it may be a bit too late) Manish -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: 01 October 2002 22:23 To: [EMAIL PROTECTED] Subject: Problem Solved: WAS Re: OT: Serves Me Right - DHCP problem [7:54661] fortunately, smarter people than I took the troubleshooting. The problem was this: The Network Admin decided to use a DHCP super scope on the Win2K server, with several DHCP subscopes ( one for each office ) underneath. He had understood that the purpose of the superscope was to pass values common to all subscopes - things like NTP server, DNS server, SMTP server - while things like the default gateway would remain with the sub scopes. Turns out this was a misunderstanding. The superscope ( apparently, if I understand what I am being told ) is only for segments where there are numbers of subnets on the same wire. This actually might explain why Microsoft tech support misunderstood what was happening, and gave the seemingly ludicrous advice to revert back to a Big Flat Bridged Network. They were actually saying something else, but we misinterpreted. As of today, the customer is testing, without the superscope in place, and all appears well. Win2K and WinXP workstations are mobile, and are behaving the way many of you described as proper. See- the problem is always a server problem. It's NEVER the routers ;-> Chuck ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Evans, TJ wrote: > > > > IIRC: > > Win2k and later detect 'cable disconnects', and de-IP your system. > > > > Strangely, they also detect 'cable reconnects' and attempt to re-IP > > (via DHCP, or autoconfig if enabled) you at that time. > > Not to beat this to death, but that must indeed be the explanation. > W2K and > XP recognize when the user connects the Ethernet cable and resend a > DHCP request, assuming DHCP is being used. So when the PC is moved to > a new location and new subnet, it gets a proper address without any > user twidling > beyond inserting the cable. This seems too smart for Windoze, but I > can't think of any other explanataion. > > So, Chuck's users are using W2K and XP. What could they be doing > wrong?? > > Also, of course, this doesn't solve the problem for wireless users. > That's not what Chuck was asking about, but it's still an interesting > issue. They could benefit from Mobile IP. (I really want to recommend > that. ;-) > > The reason I say that the cable insertion theory is the explanation is that > there's no other way for the operating system and protocol stack to > know that it needs to send a new DHCP request. Remember, we're talking > about laptops that haven't been shut down. (Maybe they go to sleep > though? Awaking > from sleep might also cause a new DHCP request?) > > The PC can't tell that it's on a different network by just looking at > packets. Even though it could see the IP addresses being used by other > devices, it couldn't know the subnet mask and default gateway to use. > > Contrast this with AppleTalk, which solved this problem years ago. ;-) An > AppleTalk end node hears the incessant RTMPs coming from routers. Not > only does the end node learn the address of a gateway to use from > that, but it also learns its own network number because the local net > number is always the first one in the RTMP packet. Of course, the > tradeoff was those incessant RTMPs. ;-) But moving a Mac to a new > network has always been pretty straightforward, despite a rather > annoying message that comes up and > confuses users. > > ___ > > Priscilla Oppenheimer > www.troubleshootingnetworks.com > www.priscilla.com > > > > > > Thanks! > > TJ > > > > > > -Original Message- > > From: Larry Letterman [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, October 01, 2002 1:20 PM > > To: [EMAIL PROTECTED] > > Subject: Re: OT: Serves Me Right - DHCP problem [7:54402] > > > > Nothing to fess up to, Chuck..My w2K works the same way at home.. > > connect, get a number..disconnect and reconnect , get a > > different number.. > > Linksys routers are pretty simple devices...I have two of them > > currently > > and >
Re: MPPP Question [7:54691]
""Tim Benner"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Any one running MPPP out there? Specifically on mulitple point-to-point T-1 > interfaces? I am doing some research on using MPPP to bundle mulitple T-1s > together to look like 1 fat pipe. I have some documentation that states > there > is 12.5% overhead. I was wondering if anyone else has played around with > it. MPPP can increase the encapsulation overhead, but it does so only when it fragments a packet. The standard PPP encapsulation is 48bits (32bit header + 16bit FCS), with MPPP fragments an additional fragment header (16 or 32bit) is added. The amount that this increases the overhead compared to standard PPP would depend on your average packet size. I would imagine that it's going to be considerably less than 12.5% though. A more relevant thing to consider is the way that IOS deals with the packets. With MPPP the router first looks up the packet's destination in the route-cache, hands the packet to the virtual interface, the virtual interface code then decides whether to fragment the packet and passes the fragments to the physical interface(s) for encapsulation. If you use equal cost load balancing, the packet is passed directly to the physical interface without virtual interface processing. Also, traditionally cisco's HDLC implementation was more efficient than the PPP implementation, but take that with a pinch of salt, as software changes, and IOS PPP may have improved by now. Here's a sample config from CCO doing exactly what you're talking about. Personally I'd probably go with equal cost load balancing over HDLC encapsulation if it's an all cisco network though. It makes the config simpler, and I'm a big believer in Occam's Razor :) http://www.cisco.com/warp/public/131/7.html -- Russell Heilling http://www.ccie.org.uk/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54699&t=54691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cable Broadband Question!!!! [7:54700]
Hi, Can anyone offer me any advice on whether it's possible to configure one of my cisco routers to work as a cable broadband router instead of having to purchase a model that specifically does the task. I currently have a 1601R, 1603R and 2 x 2503 and im sure somebody last year had something posted about being able to use one of these routers.. Any help would be appreciated Matt CCNA UK Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54700&t=54700 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
experience with vpn over directway satellite (2way)? [7:54701]
does anyone have experience (preferably successful) with using vpn over a directway 2way satellite? if so please contact me off list. thanks. garrett Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54701&t=54701 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN Issue [7:54702]
I have a question regarding VPN setup, I have some clients connect to me with 828 G.Shdsl routers, most of the also have PIX 501 and can tunnel between them selfs then I have a 2610 Router that routes the internet traffic from the clients to the internet, Now they want to be able to VPN in from the internet, and connect to there network, so the Problem is what can I use that can take a VPN connection and only send it to one network, depending on who made the VPN connection can I use the VPN conncentrator 3005 a PIX 506, or just the 2610 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54702&t=54702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Issue [7:54702]
You can use the VPN Concentrator and create groups and set up routes to specific networks or specific machines according to which group the person logs in under. Bill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54703&t=54702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Issue [7:54702]
Ok,thanx for the info, would it be possible any other way, as I already have a PIX506 and a 2610 router or is the VPN 3005 the only and best way to go Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54704&t=54702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cable Broadband Question!!!! [7:54700]
Well, if you only have one Ethernet then you'll need to NAT-on-a-stick. But, any router w/Ethernet will be able to plug into a cable modem w/Ethernet connection. Config: interface Loopback1 ip address 172.16.2.10 255.255.255.0 no ip directed-broadcast ip nat inside ip policy route-map nat ! interface Ethernet0 mac-address 0040.1c60.9337 ip address 172.16.1.10 255.255.255.0 secondary ip address 66.200.150.4 255.255.255.0 (or ip address dhcp) no ip directed-broadcast ip nat outside ! ip nat inside source list 1 interface Ethernet0 overload ip classless ip route 0.0.0.0 0.0.0.0 Loopback1 ! access-list 1 permit 172.16.0.0 0.0.255.255 route-map nat permit 10 set ip next-hop 66.200.150.1 --- Matt wrote: > Hi, > > Can anyone offer me any advice on whether it's > possible to configure one of > my cisco routers to work as a cable broadband router > instead of having to > purchase a model that specifically does the task. > > I currently have a 1601R, 1603R and 2 x 2503 and im > sure somebody last year > had something posted about being able to use one of > these routers.. > > Any help would be appreciated > > Matt > CCNA > > UK [EMAIL PROTECTED] __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54705&t=54700 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay: connectionless or connection-oriented? [7:54706]
Dear Silent Bob: Okay lunchbox, my co-workers and I are trying to figure out if Frame Relay is connectionless or connection-oriented. A lot of documentation I'm reading says it *is*, but somewhere in the chasms of my memory banks I can't help but think that it is *not*, because a) it would be redundant given TCP's function and b) it would add latency to the Frame cloud, which is supposedly optimized for speed (one of the improvements Frame made to X.25). Am I right, or have I been hitting the pipe a little too hard lately? Your hetero life-mate, Jay Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54706&t=54706 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-oriented? [7:54707]
Some documentation may say that it's connection oriented because you have to set up a PVC (or an SVC) so you pre-establish a connection. But in fact it's connectionless, since it doesn't have, like you say, a retransmission system or error checking mechanism like TCP. And the terms connection oriented and connectionless, refer to the protocol, not to the circuit. Peter -Original Message- From: ""B.J. Wilson"" [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 1:25 PM To: [EMAIL PROTECTED] Subject: Frame Relay: connectionless or connection-oriented? [7:54706] Dear Silent Bob: Okay lunchbox, my co-workers and I are trying to figure out if Frame Relay is connectionless or connection-oriented. A lot of documentation I'm reading says it *is*, but somewhere in the chasms of my memory banks I can't help but think that it is *not*, because a) it would be redundant given TCP's function and b) it would add latency to the Frame cloud, which is supposedly optimized for speed (one of the improvements Frame made to X.25). Am I right, or have I been hitting the pipe a little too hard lately? Your hetero life-mate, Jay Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54707&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-oriented [7:54706]
Frame-Relay is connection-oriented because of the establishment of virtual circuits, that is, before any packet transfer, there is already an established path. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54709&t=54706 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RADIUS Authentication [7:54628]
Well, as it turns out, what I'm trying to accomplish can only be done using TACACS. So, I will have to use privilege levels within the switch to restrict access. ""Robert Edmonds"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am trying to configure the MSFC2 on my 6506 to use RADIUS authentication > from my Windows 2000 Server. What I would like is to have the MSFC > authenticate users using the RADIUS server on login. I would also like a > backup account locally in case RADIUS authentication is not available. If > it is possible, I would like to have a group (we'll call them netadmins) > that has level 15 access on the MSFC, while all others have restricted > access, to be defined later. > The backup account is already created, and is called switchadmin. Can > somebody please help me with this configuration. I have it configured now, > but I don't think it's configured properly, because when I log in, I can't > do anything. No show run, no nothing. :) > How about a little help here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54710&t=54628 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
Pre-established path, that is it. It surprises me all this confusing literature I read. When I was reading for my CCNA a few months back, I was going through this thing time and again from a Cisco-Authorized Course, namely, Frame Relay is connection-oriented because of a pre-established path. What do I believe?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54711&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay: connectionless or connection-oriented? [7:54712]
At 11:24 AM + 10/2/02, \"\"B.J. Wilson\"\" wrote: >Dear Silent Bob: > >Okay lunchbox, my co-workers and I are trying to figure out if Frame Relay is >connectionless or connection-oriented. A lot of documentation I'm reading >says it *is*, but somewhere in the chasms of my memory banks I can't help but >think that it is *not*, because a) it would be redundant given TCP's function >and b) it would add latency to the Frame cloud, which is supposedly optimized >for speed (one of the improvements Frame made to X.25). Am I right, or have >I >been hitting the pipe a little too hard lately? > >Your hetero life-mate, > >Jay As are many things in networking, It Depends. FR is connection-oriented (without user-controlled connection and disconnection phases) as far as its topology. That refers to the endpoints, remembering FR is an access rather than a backbone protocol. FR does not do error correction. Just because something is connection-oriented doesn't mean it does error correction. FR does do error detection and a primitive form of congestion notification. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54712&t=54712 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
Well, I tend to look at things from a "global" or "Layer 1 through 7" perspective: does Frame Relay perform the same functions that TCP does? In other words, does it perform a check to make sure every single IP packet (or Frame Relay frame) makes it from the ingress point of the Frame cloud to the egress point? I don't believe it does, and therefore I consider it connectionless. Now, from a *test* perspective (g...), I suppose the "correct" answer is "connection-oriented" due to the reasons that Peter specified. BJ On Wed, 2 Oct 2002 13:03:09 GMT ccnp ccnp2002 wrote: > Pre-established path, that is it. It surprises > me all this confusing > literature I read. > > When I was reading for my CCNA a few months > back, I was going through this > thing time and again from a Cisco-Authorized > Course, namely, Frame Relay is > connection-oriented because of a > pre-established path. > > What do I believe?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54713&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
But should be different? True for the test and untrue in the real-world?? Just curious! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54714&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ccnp routing [7:54579]
I guess you never read the Cisco NDA which you agreed to before you started the exam? Tch tch! :-) -Original Message- From: Simon Dartford [mailto:[EMAIL PROTECTED]] Sent: 01 October 2002 04:24 To: [EMAIL PROTECTED] Subject: RE: ccnp routing [7:54579] I sat this yesterday! It is a bit differnet, and in my opinion, better. Better because there is actual router simulation involved. I had to configure OSPF on one! I was caught out on IS-IS as I only started to study that at 6am the morning on the exam. My diligence was rewarded with %20 on IS-IS content. I fared better overall and go an excellent overall score (considering my performance on IS-IS). It focussed mainly on IS-IS (approx 10 questions), OSPF and BGP. Very little on EIGRP. I have only really ever configured EIGRP and BGP and I still did ok. Never seen OSPF before or since! I studied for one week beforehand. I used the old Ciscopress 503 exam guide. This was ok and went into more depth than the exam did. I borrowed the course notes for the IS-IS content, but did not retain anything much in the hour between 6am and 7am! IMHO, you will be fine with having done the course and a bit of revision. Some have said in cramsession it was way hard - only hard if you have not prepared well! I relied on my practical experience and just browsed the book. In the final 10 minutes, I was sure I had failed, as all the IS-IS questions were at the end. I was running through my head when I should resit, only to be surprised (really surprised...) that I had passed! Hope this info is helpful Simon Dartford Design Engineer Advanced Solutions Telecom New Zealand Internet: [EMAIL PROTECTED] Phone: +64 4 382-5453 Fax: +64 4 385-1223 Mobile: 025 243 7989 Important: This electronic message and attachments (if any) are confidential and may be legally privileged. If you are not the intended recipient do not copy, disclose or use the contents in any way. Please let us know by return email immediately and then destroy this message. -Original Message- From: Jesus Velazquez [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 1 October 2002 10:35 To: [EMAIL PROTECTED] Subject: ccnp routing [7:54579] i'm sitting in on the routing 901 bsci (new exam) next week...any good advice or look outs for the exam?? i took the global knowledge course 2 weeks ago and have the older version of the boson routing for exam 603. should this be suffice. i heard the cisco press routing book is not a very good book for this course. thanks - "This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you." - - [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Simon Dartford (E-mail).vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54708&t=54579 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MPPP Question [7:54691]
why dont you use cef instead? ie: ip cef ! interface Serial0/0 ip load-sharing per-packet interface Serial0/1 ip load-sharing per-packet interface Serial1/0 ip load-sharing per-packet thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) ""Tim Benner"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Any one running MPPP out there? Specifically on mulitple point-to-point T-1 > interfaces? I am doing some research on using MPPP to bundle mulitple T-1s > together to look like 1 fat pipe. I have some documentation that states > there > is 12.5% overhead. I was wondering if anyone else has played around with > it. > > Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54696&t=54691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Laptop won't respond to pings [7:54715]
This is probably something simple, or maybe it's a Microsoft thing, but my W2K laptop won't respond to pings or tftp requests. I have a 2621 router and the laptop plugged into a 2950 switch, all in Vlan1, all extremely simple. >From the laptop I can ping the switch and router and telnet to the switch and router. But if I ping the laptop from either, I can see the packets arrive at the laptop, but it doesn't respond. It also does not respond to a tftp request from the router. Any ideas? TIA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54715&t=54715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
Thinking of the subject again, I would have to come back to what I've said before. TCP is connection oriented because there's the three-way handshake session establishment. It's reliable because of the retransmission and error checking mechanismns. UDP is connectionless, because there's no session establishment and it's unreliable because of a lack of retransmission and error checking mechanismns. Frame relay is connection oriented because of the establishment of a circuit, but unreliable because there are no retransmission and error checking mechanismns. X25 is connection oriented and reliable. Peter -Original Message- From: ""B.J. Wilson"" [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 3:14 PM To: [EMAIL PROTECTED] Subject: RE: Frame Relay: connectionless or connection-orie [7:54707] Well, I tend to look at things from a "global" or "Layer 1 through 7" perspective: does Frame Relay perform the same functions that TCP does? In other words, does it perform a check to make sure every single IP packet (or Frame Relay frame) makes it from the ingress point of the Frame cloud to the egress point? I don't believe it does, and therefore I consider it connectionless. Now, from a *test* perspective (g...), I suppose the "correct" answer is "connection-oriented" due to the reasons that Peter specified. BJ On Wed, 2 Oct 2002 13:03:09 GMT ccnp ccnp2002 wrote: > Pre-established path, that is it. It surprises > me all this confusing > literature I read. > > When I was reading for my CCNA a few months > back, I was going through this > thing time and again from a Cisco-Authorized > Course, namely, Frame Relay is > connection-oriented because of a > pre-established path. > > What do I believe?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54718&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2950 cat sample config [7:54719]
Hey, Does anyone have a sample config of a Cat 2950, just a basic config, thanks? -- Edwin R. Gonzalez (CCNP, Network+, A+) Network Engineer II CSXT (904) 366-5999 Life can only be understood backwards, but it must be lived forwards. -- Soren Kierkegaard Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54719&t=54719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
> But should be different? True for the test and > untrue in the real-world?? This is an unfortunate and all-too-common occurrence: the discrepancy between marketing, and how things actually work. Cisco is a victim of it (e.g. "hybrid" routing protocol), but Microsoft is arguably the worst offender. BJ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54717&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Laptop won't respond to pings [7:54715]
DOH! Okay, I will wear the dunce cap. I had forgotten about the Cisco VPN client I had installed. The concentrator I was testing had the same address as the router does now. I uninstalled the VPN and it's fine now. Excuse the wasted bandwidth :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54720&t=54715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FS: AGS+, good lab router [7:54721]
Cisco AGS+ CSC/4 16 meg of dram 4 meg flash CBUS controller, Environmental controller 12 ethernet interfaces 2 token ring interfaces, 1 FDDI interface Runs perfectly. $100.00 plus shipping Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54721&t=54721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MPPP Question [7:54691]
As I have ranted in the past I have configured MPPP but I would simply use CEF for load balancing. With PPP overhead, interleaving and fragmentation not to mention more complicated, and I have found in the past, more bug ridled why would you want to do MPPP over CEF? Dave Tim Benner wrote: > > Any one running MPPP out there? Specifically on mulitple point-to-point T-1 > interfaces? I am doing some research on using MPPP to bundle mulitple T-1s > together to look like 1 fat pipe. I have some documentation that states > there > is 12.5% overhead. I was wondering if anyone else has played around with > it. > > Tim -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "You don't make the poor richer by making the rich poorer." --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54722&t=54691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Laptop won't respond to pings [7:54715]
Do you have a personal firewall enabled? -Original Message- From: Black Jack [mailto:[EMAIL PROTECTED]] Sent: 02 October 2002 14:23 To: [EMAIL PROTECTED] Subject: Laptop won't respond to pings [7:54715] This is probably something simple, or maybe it's a Microsoft thing, but my W2K laptop won't respond to pings or tftp requests. I have a 2621 router and the laptop plugged into a 2950 switch, all in Vlan1, all extremely simple. From the laptop I can ping the switch and router and telnet to the switch and router. But if I ping the laptop from either, I can see the packets arrive at the laptop, but it doesn't respond. It also does not respond to a tftp request from the router. Any ideas? TIA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54724&t=54715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Bootp Relay [7:54725]
Hi all, I need to configure bootp relay on a 6509 running multiple vlans. I've been looking over cisco's site and I feel this should be easy, but I'm having trouble figuring out what i'm supposed to do. I found this on the 12.1 configuration guide. Can anyone verify that this is what i'm supposed to be doing? ip forward-protocol udp ! interface ethernet 1 ip helper-address 110.44.23.7 interface ethernet 2 ip helper-address 191.24.1.19 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54725&t=54725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Request [7:54723]
Dear Sir/Madam, I have a Cisco Router(2511) and I'm using "NTTacPlus 2.0" software as TACACS+ access control server. When a user login to my network, my router assign him/her a "Caller-ID" with "async/" value automatically. But I like to set the value of "Caller-ID" to a phone number that my user is connected to it. Please advise me if it is possible. Regards, Hamed Sedighi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54723&t=54723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: experience with vpn over directway satellite (2way)? [7:54726]
In most cases the latency associated with the link is to great for a successful VPN - that's been my experience with Direcway anyway... Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data MPS -Original Message- From: Garrett Allen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 5:20 AM To: [EMAIL PROTECTED] Subject: experience with vpn over directway satellite (2way)? [7:54701] does anyone have experience (preferably successful) with using vpn over a directway 2way satellite? if so please contact me off list. thanks. garrett Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54726&t=54726 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2950 cat sample config [7:54719]
I dont know what type of basic configuration you are looking for...but you can find all the information on the following link. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/index.htm regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54727&t=54719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bootp Relay [7:54725]
what is 110.44.23.7 and 192.24.1.19? Your DHCP servers? Usually you will put the ip helper-address command on the interface that is your inside networks default gateway. I don't see ethernet 1 or ethernet 2 being your inside default gateway. For example, your inside network is 192.168.1.0/24 and the default gateway is 192.168.1.1, then on the interface that is 192.168.1.1 you need the ip helper-address command. That way the DHCP broadcasts will hit the default gateway, then the default gateway will forward to your helper address. [EMAIL PROTECTED] wrote: > > Hi all, > > I need to configure bootp relay on a 6509 running multiple > vlans. I've been > looking over cisco's site and I feel this should be easy, but > I'm having > trouble figuring out what i'm supposed to do. I found this on > the 12.1 > configuration guide. Can anyone verify that this is what i'm > supposed to be > doing? > > ip forward-protocol udp > ! > interface ethernet 1 > ip helper-address 110.44.23.7 > interface ethernet 2 > ip helper-address 191.24.1.19 > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54728&t=54725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay: connectionless or connection-oriented? [7:54729]
connection-oriented Jay you cocksmoker. B.J. Wilson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear Silent Bob: > > Okay lunchbox, my co-workers and I are trying to figure out if Frame Relay is > connectionless or connection-oriented. A lot of documentation I'm reading > says it *is*, but somewhere in the chasms of my memory banks I can't help but > think that it is *not*, because a) it would be redundant given TCP's function > and b) it would add latency to the Frame cloud, which is supposedly optimized > for speed (one of the improvements Frame made to X.25). Am I right, or have > I > been hitting the pipe a little too hard lately? > > Your hetero life-mate, > > Jay Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54729&t=54729 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Filtering NT domain listings at the router [7:54668]
Guess that I should have been a littler clearer on what is going on. Out at remote offices we have users/Tech's installing software in testing environments. There is no reason for their local Test Domain to be seen outside of that office. This is separate from our Single production domain, which as you can imagine needs to be visible and accessible everywhere. Some offices do have separate LAB interfaces or VLAN's for these testing environment, but those that don't and still put up test domains get those "really creative : ) " Domain names floating everywhere. My goal in all this, or what I'm trying to accomplish, is make it so that at any office, I only see our corporate Domain, and perhaps, a local domain if the office doesn't have a test lab. I am working with our NT Server guys to see how they can lock this down as well, and I suspect that the actual job may land on them with filtering WINS updates. Thanks Larry -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 6:46 PM To: [EMAIL PROTECTED] Subject: RE: Filtering NT domain listings at the router [7:54668] Roberts, Larry wrote: > > Hey all, > > Just curious if anyone has any links on filtering the domains on their > network at the router. > We are having a large amount of NT domains that are showing up > internally, > and I would like to start blocking these advertisements at the > remote > routers. I could be wrong here, but you shouldn't have to block these advertisements. They should get blocked by default. From what I understand, the default behavior would be that you would not see NT domains that aren't local. Resource advertisement on NT networks is based on NetBIOS naming, which uses UDP in a TCP/IP environment, and sends to the broadcast address, which should not be forwarded by routers. So I would look for a non-default router configuration line, in particular an ip helper address that is causing broadcasts to leak over into your network. Unless Cisco has finally changed this annoying behavior recently, (I think I heard that they did?), configuring a helper address causes lots of UDP broadcast traffic to get forwarded. You might have added a helper address to get DHCP to work and as a side affect caused the following broadcasts to also get forwarded: TFTP (port 69) DNS (port 53) Time (port 37) NetBIOS naming (port 137) NetBIOS datagram (port 138) TACACS (port 49) The fix is to add the ip forward-protocol udp command for the stuff you want and no ip forward-protocol udp for the stuff you don't want. If this doesn't help, just let us know. Thanks. __ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > Is this possible ? I can't figure out how, but I suspect that if it > can be done, someone on this list has done it. > > > > Thanks > > Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54730&t=54668 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: experience with vpn over directway satellite (2way)? [7:54731]
I had the same experience. Had a user who was trying to get VPN working over satellite with little success. Michael Greenbaum Senior Cisco Certified Engineer [EMAIL PROTECTED] www.mtcglabs.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Creighton Bill-BCREIGH1 Sent: Wednesday, October 02, 2002 10:52 AM To: [EMAIL PROTECTED] Subject: RE: experience with vpn over directway satellite (2way)? [7:54726] In most cases the latency associated with the link is to great for a successful VPN - that's been my experience with Direcway anyway... Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data MPS -Original Message- From: Garrett Allen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 5:20 AM To: [EMAIL PROTECTED] Subject: experience with vpn over directway satellite (2way)? [7:54701] does anyone have experience (preferably successful) with using vpn over a directway 2way satellite? if so please contact me off list. thanks. garrett Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54731&t=54731 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN Passed. [7:54732]
Hi, I am really thankful to all of you Guys for helping me to pass BCRAn exam. It was agood experience & now I moved to the next one, SWITCHING. I will be thankful to all of you for you help & advises. Thanks & regards Amir - Do You Yahoo!? Yahoo! Health - Feel better, live better Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54732&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load on a serial link [7:54626]
The most important thing to understand about serial interfaces are that they are full duplex. Traffic can go an both directions at the same time so you can have 2MB going in each direction at the same time. ""vikramjskeer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > > I am into some debate with one of my friend, what would be the actual load > of a serial interface. > > > Suppose I am having a E1 Serial interface, so is it possible to have 2 MB > input and 2 MB output at the same time or for calculating total utilazation > of an interface just add on the 5 minute input/output rate. > > > Any light on this with supporting documents or URLs would be highly > apprecialted. > > > Thanks in advance. > > > Regards, > > > Vikram > Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com > Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from > http://www.planetm.co.in > Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone > service with clear voice at rates far less than the normal ISD rates. Go to > http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54734&t=54626 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN tunnel with IPSec over GRE [7:54634]
What kind of Proxy server is it? Hopefully UNIX so you can do a tcpdump to see what is actually getting to it. I'd suggest hooking up some packet sniffers in differernt places to see what is getting where and you'll be able to narrow down the problem. ""Thomas N."" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Thank you All for the confirmation! I used extended ping with DF bit set as > Richarde mentioned and found out that the packet size that can fit into the > tunnel without fragmentation is much less than 1500 bytes. I also went over > couple white papers from Cisco website. They mentions about using "ip tcp > adjust-mss ", "ip mtu " as well as "tunnel path-mtu-discovery" > command. I tried to apply these commands on the routers at the 2 endpoints > of the tunnel but it still didn't work. I see myself running into the > confusion and have couple questions regarding: > > - What's the difference between "ip tcp adjust-mss " and "ip mtu > " commands? > - Which one should I use? or both? > - Which and where I should apply these commands? on the tunnel interfaces, > Ethernet segment, or on the Internet interface? > > Below is my topology. Client machine needs to pass through the tunnel, then > hit the Proxy Server for Internet access. Again, thank you All for the > HELP!!! > > > Client ---> Fa0/0-RouterA-Fa0/1---> IPSec over GRE > tunnel --->Fa0/1-RouterB-Fa0/0---> Proxy Server---> Internet > > > > Thomas > > > > ""Richard Deal"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > It's probably an MTU problem. > > > > I have an IPSec connection being tunneled via GRE, which in turn, is > > tunneled by another IPSec connection. Don't ask why I'm doing this :-) But > > we had to set the MTU down to 1320 to prevent fragmentation, and thus > > performance, issues. > > > > In your case, you might want to try using the extended ping with the "no > > fragment" option to determine which MTU size will work in your situation. > > > > Cheers! > > > > Richarde > > ""Thomas N."" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hi All, > > > > > > I am setting up a site-to-site VPN between 2 LANs using Cisco IOS VPN > > (Cisco > > > 2600 routers). I could get the tunnel up and running between the two > LANs > > > with IPSec over GRE so that I can run EIGRP. Data transfer between 2 > LANs > > > across the tunnel looks OK, and all dynamic routes learned with EIGRP. > > > However, a problem come up when I put a Proxy Server on the first LAN > and > > > force Internet traffic from workstations from the second LAN to go out > > with > > > this Proxy server. Workstations from the second LAN could browse > Internet > > > across the tunnel to reach the Proxy server then hit the Internet; > > however, > > > the performance is very poor (seem like browsing over a 56k modem). I > am > > > thinking this may be because of fragmentation on the 2 routers. Is > there > > > any work around for this issue? If MTU size needs to be adjusted, what > > > would be the ideal MTU size for IPSec over GRE tunnel in "tunnel" mode? > > > Again, thank you All for the help! > > > > > > Thomas N. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54736&t=54634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Help [7:54623]
For lab equipment, go to www.ccxxproductions.com and click on the "Build a Home Lab" link to get some ideas on what you should purchase. For study guides, use www.ccxxproductions.com or www.ccbootcamp.com. Much less expensive than Boson and you still get what you need to help pass the exams. Shawn K. Disclaimer: I have done work for CCxx Productions, NLI (CCBootCamp), and Boson/Quizware > -Original Message- > From: Dave Bradshaw [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, October 01, 2002 8:56 AM > To: [EMAIL PROTECTED] > Subject: CCNP Help [7:54623] > > I am about to embark on my CCNP training, I would be very grateful for any > advice as how to go about getting this Cert. At present I am gathering lab > equipment for home use, does anyone have any suggestions as to what > equipment > I should get? i.e. what is essential & what is nice to have! Also if > anyone > can recommend any good study guides, or places to look for relevant > information, (obviously I've found one good place :-) ). I think it may be > worth mentioning I don't presently work in a Networking environment, I am > an > Engineer on Networked peripherals, which is what has got me interested in > this > field in the first place. I passed my CCNA earlier this year. Any advice > most > gratefully accepted. > > Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54733&t=54623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ccnp routing [7:54579]
You need to know IS-IS, BGP, EIGRP, and OSPF equally well for the exam because each exam will be different. When I took my routing exam (the old one), I had almost all OSPF (I think it was OSPF. I know it was very one-sided on one of the routing protocols). Other people I talked with said their exams were very one-sided on different routing protocols (one said BGP, the other said EIGRP). I'm sure the new exam is the same way. You never know what you're going to get! Shawn K. > -Original Message- > From: John Brandis [SMTP:[EMAIL PROTECTED]] > Sent: Monday, September 30, 2002 11:49 PM > To: [EMAIL PROTECTED] > Subject: RE: ccnp routing [7:54579] > > Wow, I am the opposite. I use OSPF as much as possible here, mainly due to > the fact I had used it whilst in my early stages of networking. I really > like OSPF and love how it it scales nicely in my networks. I honestly > thought that a large portion of the routing test would be focused on OSPF. > Guess I am wrong (again). > > Good luck and conratulations on your score. > > Hope the NZ Warriors have similar luck on Sunday night. > > John > > > -Original Message- > From: Simon Dartford [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 01, 2002 12:24 PM > To: [EMAIL PROTECTED] > Subject: RE: ccnp routing [7:54579] > > > I sat this yesterday! > > It is a bit differnet, and in my opinion, better. > > Better because there is actual router simulation involved. I had to > configure OSPF on one! > > I was caught out on IS-IS as I only started to study that at 6am the > morning > on the exam. My diligence was rewarded with %20 on IS-IS content. I fared > better overall and go an excellent overall score (considering my > performance > on IS-IS). > > It focussed mainly on IS-IS (approx 10 questions), OSPF and BGP. Very > little > on EIGRP. I have only really ever configured EIGRP and BGP and I still did > ok. Never seen OSPF before or since! > > I studied for one week beforehand. I used the old Ciscopress 503 exam > guide. > This was ok and went into more depth than the exam did. I borrowed the > course notes for the IS-IS content, but did not retain anything much in > the > hour between 6am and 7am! > > IMHO, you will be fine with having done the course and a bit of revision. > Some have said in cramsession it was way hard - only hard if you have not > prepared well! I relied on my practical experience and just browsed the > book. In the final 10 minutes, I was sure I had failed, as all the IS-IS > questions were at the end. I was running through my head when I should > resit, only to be surprised (really surprised...) that I had passed! > > Hope this info is helpful > > > Simon Dartford > Design Engineer > Advanced Solutions > Telecom New Zealand > > Internet: [EMAIL PROTECTED] > Phone: +64 4 382-5453 > Fax: +64 4 385-1223 > Mobile: 025 243 7989 > > Important: This electronic message and attachments (if any) are > confidential > and may be legally privileged. If you are not the intended recipient do > not > copy, disclose or use the contents in any way. Please let us know by > return > email immediately and then destroy this message. > > > > > -Original Message- > From: Jesus Velazquez [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 1 October 2002 10:35 > To: [EMAIL PROTECTED] > Subject: ccnp routing [7:54579] > > > i'm sitting in on the routing 901 bsci (new exam) next week...any good > advice or look outs for the exam?? i took the global knowledge course 2 > weeks ago and have the older version of the boson routing for exam 603. > should this be suffice. i heard the cisco press routing book is not a very > good book for this course. thanks > - > "This communication, including any attachments, is confidential. If you > are > not the intended recipient, you should not read it - please contact me > immediately, destroy it, and do not copy or use any part of this > communication or disclose anything about it. Thank you." > > -- > -- > - > - > > [GroupStudy.com removed an attachment of type text/x-vcard which had a > name > of Simon Dartford (E-mail).vcf] > ** > > visit http://www.solution6.com > > UK Customers - http://www.solution6.co.uk > > * > This email message (and attachments) may contain information that is > confidential to Solution 6. If you are not the intended recipient you > cannot > use, distribute or copy the message or attachments. In such a case, > please > notify the sender by return email immediately and erase all copies of the > message and attachments. Opinions, conclusions and other information in > this message and attachments that do not relate to the official business > of > Solution 6 are neither given nor endorsed by it. > *
Need help on BGP [7:54737]
Hi friends, I am preparing for my BSCI. I am totally confused about BGP configurations. I have RouterSim for my cofigurations. I request you to send me some basic BGP configs. I`ll put up a scenario, pls help me how to solve that. Situation 10.10.10.1 e0 s0192.168.0.0/30 s0 s1 192.168.0.4/30 s0e0 10.10.30.1 ---RouterA---RouterB -RouterC--- | e0 10.10.20.1 | Router B & Router C are running ospf 10 with single area. RouterA is in different AS. Can you gurus send me some basic configuration on this. Regards Binoy K L Thanks, Binoy K L Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54737&t=54737 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay: connectionless or connection-oriented? [7:54738]
Frame-Relay is a connection-oriented protocol, but is considered unreliable, it requires higher layer protocols to make it reliable (TCP) Connection oriented does not always mean reliable. Troy Edington, CCIE #7190 ""sam sneed"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > connection-oriented Jay you cocksmoker. > > > > > B.J. Wilson wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Dear Silent Bob: > > > > Okay lunchbox, my co-workers and I are trying to figure out if Frame Relay > is > > connectionless or connection-oriented. A lot of documentation I'm reading > > says it *is*, but somewhere in the chasms of my memory banks I can't help > but > > think that it is *not*, because a) it would be redundant given TCP's > function > > and b) it would add latency to the Frame cloud, which is supposedly > optimized > > for speed (one of the improvements Frame made to X.25). Am I right, or > have > > I > > been hitting the pipe a little too hard lately? > > > > Your hetero life-mate, > > > > Jay Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54738&t=54738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FS: AGS+, good lab router [7:54721]
I'm suprised it doesn't have any serial ports. Then it would be better. Also, the AGS doesn't run modern versions of IOS. I think the latest you can put on it is version 11.0. This could make it hard to do labs that use new commands. It's very noisy and generates lots of heat and requires lots of power. But the price is good! It's quite bulky, but not too heavy, so shippnig shouldn't be too bad. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Ben Hockenhull wrote: > > Cisco AGS+ > CSC/4 > 16 meg of dram > 4 meg flash > CBUS controller, > Environmental controller > 12 ethernet interfaces > 2 token ring interfaces, > 1 FDDI interface > > Runs perfectly. > > $100.00 plus shipping > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54739&t=54721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay: connectionless or connection-orie [7:54707]
Well said. I'm glad you corrected yourself. ;-) Frame Relay is connection-oriented. An end point can't send data until a virtual circuit has been established. But it doesn't offer a reliable service. If a frame arrives damaged, the recipient knows this (because the FCS doesn't match the sender's), but the recipient simply drops the frame. An upper layer, such as TCP, would have to notice the lack of ACK and retransmit. Frame Relay does error detection, but no error correction. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Peter van der Voort wrote: > > Thinking of the subject again, I would have to come back to > what I've said > before. > > TCP is connection oriented because there's the three-way > handshake session > establishment. It's reliable because of the retransmission and > error > checking mechanismns. > > UDP is connectionless, because there's no session establishment > and it's > unreliable because of a lack of retransmission and error > checking > mechanismns. > > Frame relay is connection oriented because of the establishment > of a > circuit, but unreliable because there are no retransmission and > error > checking mechanismns. > > X25 is connection oriented and reliable. > > Peter > > > > -Original Message- > From: ""B.J. Wilson"" [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 3:14 PM > To: [EMAIL PROTECTED] > Subject: RE: Frame Relay: connectionless or connection-orie > [7:54707] > > > Well, I tend to look at things from a "global" or "Layer 1 > through 7" > perspective: does Frame Relay perform the same functions that > TCP does? In > other words, does it perform a check to make sure every single > IP packet (or > Frame Relay frame) makes it from the ingress point of the Frame > cloud to the > egress point? I don't believe it does, and therefore I > consider it > connectionless. > > Now, from a *test* perspective (g...), I suppose the > "correct" answer is > "connection-oriented" due to the reasons that Peter specified. > > BJ > > > > On Wed, 2 Oct 2002 13:03:09 GMT ccnp ccnp2002 wrote: > > > Pre-established path, that is it. It surprises > > me all this confusing > > literature I read. > > > > When I was reading for my CCNA a few months > > back, I was going through this > > thing time and again from a Cisco-Authorized > > Course, namely, Frame Relay is > > connection-oriented because of a > > pre-established path. > > > > What do I believe?? > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54740&t=54707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP [7:54262]
Hi John, I think the following link would stand sufficient initially. http://www.cisco.com/warp/public/459/18.html Regards, Vikram "John Hutchison" wrote: OK...I've been dreading this. It's time for me to start getting into the nuts and bolts of BGP. I don't wanna spend $70 bucks right now on a book and I don't want a TOME of a thousand pages. I'm looking, right now, for the briefest, but full reference for it. Anyone have any ideas? Thanks in advance. -John Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54741&t=54262 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Load on a serial link [7:54626]
Hi All, Thanks for your responses. But I think, I want to reframe my question, what if the circuit has been configured as a frame-relay PVC. Now can we calculate the load on a PVC in the same manner? Regards, Vikram "sam sneed" wrote: The most important thing to understand about serial interfaces are that they are full duplex. Traffic can go an both directions at the same time so you can have 2MB going in each direction at the same time. ""vikramjskeer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > > I am into some debate with one of my friend, what would be the actual load > of a serial interface. > > > Suppose I am having a E1 Serial interface, so is it possible to have 2 MB > input and 2 MB output at the same time or for calculating total utilazation > of an interface just add on the 5 minute input/output rate. > > > Any light on this with supporting documents or URLs would be highly > apprecialted. > > > Thanks in advance. > > > Regards, > > > Vikram > Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com > Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from > http://www.planetm.co.in > Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone > service with clear voice at rates far less than the normal ISD rates. Go to > http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54742&t=54626 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
I agree that it doesn't sound like an MTU problem. There are often problems with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to that conclusion. But e-mail messages are often very short and would easily fit into most MTUs even after overhead. To test whether it's an MTU problem, try some oversized pings. The MTU issue occurs when a full-sized packet arrives at an interface that needs to squeeze it into an MTU along with the overhead. The interface could fragment, but maybe the application or transport layer set the Don't Fragment bit. Quite a few applications do that as part of their MTU discovery process. The problem is made worse if there's an access list that is blocking the ICMP "Fragmentation required but DF bit set" message. Here's a Cisco article on MTU: http://www.cisco.com/warp/public/105/56.html This isn't a criticism of the original poster, who was already doubting the people who told him it was an MTU problem, but it does give me a chance to get on my soapbox about troubleshooting methods. A lot of people troubleshoot using the technique we learned in grade school to match items from Column A with items from Column B. ;-) Column A has network types and Column B has most common problem for network type. It's important to know about common problems, but it's just as important to gather data, research symptoms, and use logic and reasoning. Cisco's troubleshooting method really does work: 1. Define the problem. 2. Gather facts. 3. Consider possibilities. 4. Create an action plan. 5. Implement the action plan. 6. Observe the results. 7. Do problem symptoms stop? If no, go back to 4 or possibly to 2. If yes, problem resolved, document the results. OK, off my soapbox now! :-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com [EMAIL PROTECTED] wrote: > > I found email to be a touchy thing... Especially when dealing > with M$ > 0utlook. Are you sure it's the MTU size that's the problem > with email. > > I know in our situation, I had to add the mail server name & IP > to the host > file of the remote pc. Some times we experience some latency, > but for the > most part it's only been about half a minute. > > Cheers, > mkj > > -Original Message- > From: JohnZ [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 01, 2002 8:55 PM > To: [EMAIL PROTECTED] > Subject: Confused about MTU size [7:54689] > > > Can some one explain clearly how does MTU size affect windows > applications > where these applications won't work over a network link. I have > a certain > home user that can establish a vpn tunnel through a DSL to > corporate network > and all applications will work except for email. The only > difference is a > cisco router in between the homeuser and corporate network. > Without this > cisco router (with homeuser directly attached to DSL modem) > there are no > problems. Some one mentioned MTU could be the problem, but if > the frames are > larger then MTU don't they get fragmented and re-assembled at > the other end. > How could MTU size fail single application while everything > else works fine. > Thanks for any help. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54743&t=54689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Returned mail--"FRAMEBORDER" [7:54744]
The following mail can't be sent to [EMAIL PROTECTED]: From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: FRAMEBORDER The attachment is the original mail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54744&t=54744 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bootp Relay [7:54725]
[EMAIL PROTECTED] wrote: > > Hi all, > > I need to configure bootp relay on a 6509 running multiple > vlans. I've been > looking over cisco's site and I feel this should be easy, but > I'm having > trouble figuring out what i'm supposed to do. I found this on > the 12.1 > configuration guide. Can anyone verify that this is what i'm > supposed to be > doing? > > ip forward-protocol udp Add the parameter "67" or you'll forward many types of UDP broadcasts, not just BootP (DHCP) broadcasts which go to UDP port 67. > ! > interface ethernet 1 This should be the interface where the UDP DHCP broadcasts are coming into, in other words, usually the LAN where the clients reside. > ip helper-address 110.44.23.7 The parameter should be the address of the DHCP server or the network where the server resides. If you use network, the router will forward the packet as a broadcast. If you use the actual address, the router will forward the packet as a unicast packet. > interface ethernet 2 This could be another LAN where clients reside? > ip helper-address 191.24.1.19 > > ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54745&t=54725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Filtering NT domain listings at the router [7:54668]
Take a look at WINS documentation.. -Original Message- From: Roberts, Larry [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 5:38 PM To: [EMAIL PROTECTED] Subject: Filtering NT domain listings at the router [7:54668] Hey all, Just curious if anyone has any links on filtering the domains on their network at the router. We are having a large amount of NT domains that are showing up internally, and I would like to start blocking these advertisements at the remote routers. Is this possible ? I can't figure out how, but I suspect that if it can be done, someone on this list has done it. Thanks Larry Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54746&t=54668 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay: connectionless or connection-oriented? [7:54747]
At 4:49 PM + 10/2/02, Troy Edington wrote: >Frame-Relay is a connection-oriented protocol, but is considered unreliable, >it requires higher layer protocols to make it reliable (TCP) > >Connection oriented does not always mean reliable. > >Troy Edington, CCIE #7190 And there are connectionless reliable protocols, although some are rare. Remote Procedure Call (RPC) 802.2 LLC Class 3 X.25 Fast Select (you can argue here) Appletalk Transaction Protocol These are some that come to mind. > > > B.J. Wilson wrote in message >> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> > Dear Silent Bob: >> > >> > Okay lunchbox, my co-workers and I are trying to figure out if Frame >Relay >> is >> > connectionless or connection-oriented. A lot of documentation I'm >reading >> > says it *is*, but somewhere in the chasms of my memory banks I can't >help >> but >> > think that it is *not*, because a) it would be redundant given TCP's >> function >> > and b) it would add latency to the Frame cloud, which is supposedly >> optimized >> > for speed (one of the improvements Frame made to X.25). Am I right, or >> have >> > I >> > been hitting the pipe a little too hard lately? >> > >> > Your hetero life-mate, >> > > > > Jay Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54747&t=54747 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Study Group in Indianapolis [7:54748]
Greetings, I would like to put together a study/networking group in Indianapolis. Any takers? Regards, Scott Baron Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54748&t=54748 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP [7:54262]
Here's a couple more good links. If you do a search on Cisco's website, there is a ton of BGP stuff out there. Watch for wrap: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt2/1cdbgp.htm Shawn K. > -Original Message- > From: vikramjskeer [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 1:16 PM > To: [EMAIL PROTECTED] > Subject: Re: BGP [7:54262] > > Hi John, > > > I think the following link would stand sufficient initially. > > > http://www.cisco.com/warp/public/459/18.html > > > Regards, > > > Vikram > > "John Hutchison" wrote: > > > > OK...I've been dreading this. It's time for me to start getting into > the nuts and bolts of BGP. I don't wanna spend $70 bucks right now on a > book > and I don't want a TOME of a thousand pages. I'm looking, right now, for > the > briefest, but full reference for it. Anyone have any ideas? Thanks in > advance. > > -John > Get Your Private, Free E-mail from Indiatimes at > http://email.indiatimes.com > Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from > http://www.planetm.co.in > Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone > service with clear voice at rates far less than the normal ISD rates. Go > to > http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54750&t=54262 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1 Beta Exams [7:50561]
Do you have Beta exam blue print , Can you send me one link ... Thanks Rahul ""Kim Graham"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Thanks for the heads up. I was signing up this evening to take the > existing CSPFA over the weekend. So I gave myself an extra week in hopes to > save $200 CDN. > > The MCNS looked to good to turn down at that price. So I will see if > squeaking by can be acheived. I have 20 days to go over the blue print, > pull out what I use daily and read up on things that I may have seen but > don't realize they exist. > > Thus my path is laid out ;). > > Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54751&t=50561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Config-register???? [7:54632]
Shawn, There one other "gotcha" where the "break enabled" bit 8 of the config-register can bite you. You are correct that having break enabled and having a console device connected could be dangerous because someone could inadvertently send a break sequence and drop the router into Rommon. Be aware that NOT having a console device connected could be even more dangerous. In a significant number of instances where bit 8 was left "off" in a router, (0x2002) I have seen the router drop into Rommon when a console device was connected to the console interface! It turns out that a "break sequence" can be very closely approximated by the "noise" generated in plugging or unplugging the console cable! There was even one report of an extended console cable in a large "NOC" that was plugged into a console and laying on the floor that was ultimately linked to a Core router intermittently dropping into Rommon. All I can report for certain is that once this cable was removed from the console connection on the router, the problem disappeared. There are a very limited set of circumstances where having the "break enabled" is a viable configuration on a Cisco router used for production. :-( I actually had one person tell me that he left the break enabled so that he could regain control in the eventuality that his routers went berserk. I tried to point out that if he was close enough to be connected to the console in that scenario, he could probably manage to flip the power switch instead. :-P I'm not certain the message got through,,, :-D Bruce Shawn Heisey wrote: Mark, Actually, the 'break disabled' is the default setting. It means that after rommon passes control to the IOS, you can't issue a break to get back to rommon. You can always issue the break before control is passed to IOS, regardless of this setting. If you turn this setting off, you can send a break at any time to get to rommon -- even after the router is up and running. This can be a Very Bad Thing (tm), especially if you leave something connected to the console port all the time. Thanks, Shawn "Mark W. Odette II" wrote: Set your terminal app's baud rate to 19200 and see if that doesn't fix ya. Also, according to the nifty Config-Register calculator (from Boson's website), the Break Key is disabled. So, you'll need to let the router boot normally, and then, via the console, go into config mode and change the config register to your desired setting. HTH's Mark -Original Message- From: Frank Lodato [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 10:10 AM To: [EMAIL PROTECTED]Subject: Config-register [7:54632] I broke in to a Cisco 2600 router today, but I didn't have access to my handy sheet that tells me exactly what config-register setting to type in. Instead of 0x2142 I put 0x2124. Now when I hard bott the router it gives me'JJJ^^' . Now, I've never seen this before so I'm very confused as to what to do next. I can't really type anything either so it wont take commands that I know. What did I do? How can I fix it? Help! -- Bruce Enders Email: [EMAIL PROTECTED] Chesapeake NetCraftsmeno:(410)-757-3050, c:(443)-994-0678 1290 Bay Dale Drive, Suite 312 WWW: http://www.netcraftsmen.net Arnold, MD 21012-2325 Cisco CCSI# 96047 Efax 443-331-0651 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54749&t=54632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2950 cat sample config [7:54719]
About as basic as it gets!! C2950A#sh conf Using 1604 out of 32768 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname C2950A ! enable password cisco ! ip subnet-zero no ip finger ! ! interface Loopback0 no ip address no ip route-cache ! interface FastEthernet0/1 description 1721A switchport access vlan 64 ! interface FastEthernet0/2 description PIX 501 switchport access vlan 64 ! interface FastEthernet0/3 description 2948G-L3 switchport access vlan 64 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface GigabitEthernet0/1 switchport mode trunk ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache shutdown ! interface Vlan64 ip address 172.28.64.26 255.255.255.0 no ip route-cache ! ip default-gateway 172.28.64.1 ip http server ! line con 0 transport input none line vty 0 4 password cisco login line vty 5 15 login ! end C2950A# "Edwin.R.Gonzalez" wrote: > > Hey, > > Does anyone have a sample config of a Cat 2950, just a basic config, thanks? > > -- > Edwin R. Gonzalez (CCNP, Network+, A+) > Network Engineer II > CSXT > (904) 366-5999 > > Life can only be understood backwards, > but it must be lived forwards. > > -- Soren Kierkegaard -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "You don't make the poor richer by making the rich poorer." --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54752&t=54719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATM Question? [7:54753]
This may be a stupid question, but I thought I'd ask anyway. Is there any possible way with any router platform or IOS to turn a router with multipleATM interfaces into an ATM switch. Once again, this is a wild question, stemming from the fact that it can be done with frame-relay. Since this is probably very unlikely, what are the groups opinions on the various CCIE R&S rack rentals online, and which ones seem to provide the highest ROI. TIA!!! Jason Viera DO OR DO NOT THERE IS NO TRY Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54753&t=54753 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN tunnel with IPSec over GRE [7:54634]
We have Ms. Proxy Server 2.0 Thomas. ""sam sneed"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What kind of Proxy server is it? Hopefully UNIX so you can do a tcpdump to > see what is actually getting to it. I'd suggest hooking up some packet > sniffers in differernt places to see what is getting where and you'll be > able to narrow down the problem. > > > > ""Thomas N."" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Thank you All for the confirmation! I used extended ping with DF bit set > as > > Richarde mentioned and found out that the packet size that can fit into > the > > tunnel without fragmentation is much less than 1500 bytes. I also went > over > > couple white papers from Cisco website. They mentions about using "ip tcp > > adjust-mss ", "ip mtu " as well as "tunnel path-mtu-discovery" > > command. I tried to apply these commands on the routers at the 2 > endpoints > > of the tunnel but it still didn't work. I see myself running into the > > confusion and have couple questions regarding: > > > > - What's the difference between "ip tcp adjust-mss " and "ip mtu > > " commands? > > - Which one should I use? or both? > > - Which and where I should apply these commands? on the tunnel interfaces, > > Ethernet segment, or on the Internet interface? > > > > Below is my topology. Client machine needs to pass through the tunnel, > then > > hit the Proxy Server for Internet access. Again, thank you All for the > > HELP!!! > > > > > > Client ---> Fa0/0-RouterA-Fa0/1---> IPSec over GRE > > tunnel --->Fa0/1-RouterB-Fa0/0---> Proxy Server---> Internet > > > > > > > > Thomas > > > > > > > > ""Richard Deal"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > It's probably an MTU problem. > > > > > > I have an IPSec connection being tunneled via GRE, which in turn, is > > > tunneled by another IPSec connection. Don't ask why I'm doing this :-) > But > > > we had to set the MTU down to 1320 to prevent fragmentation, and thus > > > performance, issues. > > > > > > In your case, you might want to try using the extended ping with the "no > > > fragment" option to determine which MTU size will work in your > situation. > > > > > > Cheers! > > > > > > Richarde > > > ""Thomas N."" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Hi All, > > > > > > > > I am setting up a site-to-site VPN between 2 LANs using Cisco IOS VPN > > > (Cisco > > > > 2600 routers). I could get the tunnel up and running between the two > > LANs > > > > with IPSec over GRE so that I can run EIGRP. Data transfer between 2 > > LANs > > > > across the tunnel looks OK, and all dynamic routes learned with EIGRP. > > > > However, a problem come up when I put a Proxy Server on the first LAN > > and > > > > force Internet traffic from workstations from the second LAN to go out > > > with > > > > this Proxy server. Workstations from the second LAN could browse > > Internet > > > > across the tunnel to reach the Proxy server then hit the Internet; > > > however, > > > > the performance is very poor (seem like browsing over a 56k modem). I > > am > > > > thinking this may be because of fragmentation on the 2 routers. Is > > there > > > > any work around for this issue? If MTU size needs to be adjusted, > what > > > > would be the ideal MTU size for IPSec over GRE tunnel in "tunnel" > mode? > > > > Again, thank you All for the help! > > > > > > > > Thomas N. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54754&t=54634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need help on BGP [7:54737]
I'm not exactly sure what your scenario is, so I will give you a new one and walk you through it. Scenario: You have 4 routers: R1, R2, R3, R4. R1 is in AS100, R2 and R3 are in AS200, and R4 is in AS300. R1's interface S0 is connected to R2's interface S0. R2's interface S1 is connected to R3's interface S1. R3's interface S0 is connected to R4's interface S0. The devices are configured with the following addressing: R1 interface S0 - 10.10.10.1 255.255.255.0 R2 interface S0 - 10.10.10.2 255.255.255.0 R2 interface S1 - 10.10.20.1 255.255.255.0 R3 interface S1 - 10.10.20.2 255.255.255.0 R3 interface S0 - 10.10.30.1 255.255.255.0 R4 interface S0 - 10.10.30.2 255.255.255.0 1. Configure IBGP for R2 and R3. Make sure the IGP routing table and the BGP routing table do not need to be in synch for the BGP routes to appear in the routers routing table. 2. Configure EBGP for R2 and R1. 3. Configure EBGP for R3 and R4. Answer for question 1: R2#conf t R2(config)#router bgp 200 R2(config-router)#no synch R2(config-router)#neighbor 10.10.20.2 remote-as 200 R2(config-router)#exit R2(config)#exit R2# R3#conf t R3(config)#router bgp 200 R3(config-router)#no synch R3(config-router)#neighbor 10.10.20.1 remote-as 200 R3(config-router)#exit R3(config)#exit R3# Explination for question 1: The router bgp 200 command creates BGP AS200 on the device. The no synch command turns off synchronization between the IGP routing table and the BGP routing table. The neighbor 10.10.20.2 remote-as 200 command configures R2 as an IBGP neighbor of R3 since the remote AS number is the same as it's AS number. The neighbor 10.10.20.1 remote-as 200 command configures R3 as an IBGP neighbor of R2 since the remote AS number is the same as it's AS number. Answer to question 2: R1#conf t R1(config)#router bgp 100 R1(config-router)#neighbor 10.10.10.2 remote-as 200 R1(config-router)#exit R1(config)#exit R1# R2#conf t R2(config)#router bgp 200 R2(config-router)#neighbor 10.10.10.1 remote-as 100 R2(config-router)#exit R2(config)#exit R2# Explination to answer 2: In these configurations EBGP is configured because the remote AS # is different than the devices AS #. Answer to question 3: R3#conf t R3(config)#router bgp 200 R3(config-router)#neighbor 10.10.30.2 remote-as 300 R3(config-router)#exit R3(config)#exit R3# R4#conf t R4(config)#router bgp 300 R4(config-router)#neighbor 10.10.30.1 remote-as 200 R4(config-router)#exit R4(config)#exit R4# Explination to answer 3: Same as explination to answer 2. The final configs would look like this: R1#conf t R1(config)#router bgp 100 R1(config-router)#neighbor 10.10.10.2 remote-as 200 R1(config-router)#exit R1(config)#exit R1# R2#conf t R2(config)#router bgp 200 R2(config-router)#no synch R2(config-router)#neighbor 10.10.20.2 remote-as 200 R2(config-router)#neighbor 10.10.10.1 remote-as 100 R2(config-router)#exit R2(config)#exit R2# R3#conf t R3(config)#router bgp 200 R3(config-router)#no synch R3(config-router)#neighbor 10.10.20.1 remote-as 200 R3(config-router)#neighbor 10.10.30.2 remote-as 300 R3(config-router)#exit R3(config)#exit R3# R4#conf t R4(config)#router bgp 300 R4(config-router)#neighbor 10.10.30.1 remote-as 200 R4(config-router)#exit R4(config)#exit R4# I hope this answers what you were looking for. Carl Timm, CCIE #7149 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54755&t=54737 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Security Specialist 1: To self-study or not to [7:54756]
I am interested in pursuing the CSS1 designation. Can anyone tell me if this cert is a bear without the necessary training. There is a slight chance I may be able to get my employer to spring for the classes but I need to find out more before I start 'pulling teeth'. I have self-studied up to the CCNP level but I'm not sure I'll be able to get to all gear I need for this cert. Any input is appreciated. Thanks Eric CCNP __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54756&t=54756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wireless Netowrk [7:54757]
In a campus network the customer would like to have a wireless LAN since all the users in the other building are Telecommuters. Wireless has its own security, but they would still like to have PIX between this wirless network and the main network. PIX is the device which is mainly used to isolate the private network from the public network, but in this scenerio the PIX would be used between two Private Networks. Here is the details: Users on Wirelss subnet 172.16.10.0 would connect to the Cisco 2900 switch. The PIX's outside interface will be part of this subnet. The PIX Internal address would then connect to another Cisco switch where customer main network resides, Servers, Applications etc. This subnet is 192.168.10.0. Conduits will be opened for Wirless users to access this network. This should work fine. I just wanted to have an advise from the forum users to make sure that it will work. Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54757&t=54757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wireless Netowrk [7:54757]
It'll work however: 1)You're not offering much security unless the conduits are for protocol/applications of a completely benign nature, which I'm confident the probably are not. 2)By doing this the data traveling between wireless clients and these opened(conduit) services are at risk of being captured. 3)You've got the administration complexity of maintaining conduits for approved applications. This may not be an issue in this environment but it would be for most. Placing the pix there and using conduits alone is not doing to offer much security like most folks hope for from them. The described situation isn't providing authentication, decent encryption, nor preventing any random wireless node from accessing those services. But then again maybe the wireless security you mentioned is addressing those sufficiently for the situation. Darrell ""Azhar Teza"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > In a campus network the customer would like to have a wireless LAN since all > the users in the other building are Telecommuters. Wireless has its own > security, but they would still like to have PIX between this wirless network > and the main network. PIX is the device which is mainly used to isolate the > private network from the public network, but in this scenerio the PIX would > be used between two Private Networks. Here is the details: Users on Wirelss > subnet 172.16.10.0 would connect to the Cisco 2900 switch. The PIX's outside > interface will be part of this subnet. The PIX Internal address would then > connect to another Cisco switch where customer main network resides, > Servers, Applications etc. This subnet is 192.168.10.0. Conduits will be > opened for Wirless users to access this network. This should work fine. I > just wanted to have an advise from the forum users to make sure that it will > work. > > > Changed your e-mail? Keep your contacts! Use this free e-mail change of > address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54758&t=54757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
Thanks Priscilla, I definitely don't mind even if it was criticisim especially coming from some one of your caliber. Thank you for the pointers and I will do some more deligant troubleshooting. And yes Mike it is outlook that refuses to work properly. There is no problem browsing, home user is able to copy files of all sizes with out any problems. We can ping the email server from the user's workstation heck I am even pc-anwhered into his machine. But as soon we start outlook it just hangs. I will further investigate the router's config although it's using a template that's working elsewhere under different service provider without a hitch. ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I agree that it doesn't sound like an MTU problem. There are often problems > with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to > that conclusion. But e-mail messages are often very short and would easily > fit into most MTUs even after overhead. To test whether it's an MTU problem, > try some oversized pings. > > The MTU issue occurs when a full-sized packet arrives at an interface that > needs to squeeze it into an MTU along with the overhead. The interface could > fragment, but maybe the application or transport layer set the Don't > Fragment bit. Quite a few applications do that as part of their MTU > discovery process. The problem is made worse if there's an access list that > is blocking the ICMP "Fragmentation required but DF bit set" message. > > Here's a Cisco article on MTU: > > http://www.cisco.com/warp/public/105/56.html > > This isn't a criticism of the original poster, who was already doubting the > people who told him it was an MTU problem, but it does give me a chance to > get on my soapbox about troubleshooting methods. A lot of people > troubleshoot using the technique we learned in grade school to match items > from Column A with items from Column B. ;-) Column A has network types and > Column B has most common problem for network type. It's important to know > about common problems, but it's just as important to gather data, research > symptoms, and use logic and reasoning. > > Cisco's troubleshooting method really does work: > > 1. Define the problem. > 2. Gather facts. > 3. Consider possibilities. > 4. Create an action plan. > 5. Implement the action plan. > 6. Observe the results. > 7. Do problem symptoms stop? > > If no, go back to 4 or possibly to 2. > If yes, problem resolved, document the results. > > OK, off my soapbox now! :-) > > ___ > > Priscilla Oppenheimer > www.troubleshootingnetworks.com > www.priscilla.com > > [EMAIL PROTECTED] wrote: > > > > I found email to be a touchy thing... Especially when dealing > > with M$ > > 0utlook. Are you sure it's the MTU size that's the problem > > with email. > > > > I know in our situation, I had to add the mail server name & IP > > to the host > > file of the remote pc. Some times we experience some latency, > > but for the > > most part it's only been about half a minute. > > > > Cheers, > > mkj > > > > -Original Message- > > From: JohnZ [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, October 01, 2002 8:55 PM > > To: [EMAIL PROTECTED] > > Subject: Confused about MTU size [7:54689] > > > > > > Can some one explain clearly how does MTU size affect windows > > applications > > where these applications won't work over a network link. I have > > a certain > > home user that can establish a vpn tunnel through a DSL to > > corporate network > > and all applications will work except for email. The only > > difference is a > > cisco router in between the homeuser and corporate network. > > Without this > > cisco router (with homeuser directly attached to DSL modem) > > there are no > > problems. Some one mentioned MTU could be the problem, but if > > the frames are > > larger then MTU don't they get fragmented and re-assembled at > > the other end. > > How could MTU size fail single application while everything > > else works fine. > > Thanks for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54759&t=54689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
I may be way out of line, but there aren't any access lists which may be prohibiting the IMAP ports used by exchange, are there. I ran into a config mess with DMZ's and access lists for a beta product test once. And that was what we saw - all worked (http, proxy, etc.) but Exchange was gone. Turned out to be some Checkpoint and access-list tweaking. -Original Message- From: JohnZ [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 5:43 PM To: [EMAIL PROTECTED] Subject: Re: Confused about MTU size [7:54689] Thanks Priscilla, I definitely don't mind even if it was criticisim especially coming from some one of your caliber. Thank you for the pointers and I will do some more deligant troubleshooting. And yes Mike it is outlook that refuses to work properly. There is no problem browsing, home user is able to copy files of all sizes with out any problems. We can ping the email server from the user's workstation heck I am even pc-anwhered into his machine. But as soon we start outlook it just hangs. I will further investigate the router's config although it's using a template that's working elsewhere under different service provider without a hitch. ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I agree that it doesn't sound like an MTU problem. There are often problems > with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to > that conclusion. But e-mail messages are often very short and would easily > fit into most MTUs even after overhead. To test whether it's an MTU problem, > try some oversized pings. > > The MTU issue occurs when a full-sized packet arrives at an interface that > needs to squeeze it into an MTU along with the overhead. The interface could > fragment, but maybe the application or transport layer set the Don't > Fragment bit. Quite a few applications do that as part of their MTU > discovery process. The problem is made worse if there's an access list that > is blocking the ICMP "Fragmentation required but DF bit set" message. > > Here's a Cisco article on MTU: > > http://www.cisco.com/warp/public/105/56.html > > This isn't a criticism of the original poster, who was already doubting the > people who told him it was an MTU problem, but it does give me a chance to > get on my soapbox about troubleshooting methods. A lot of people > troubleshoot using the technique we learned in grade school to match items > from Column A with items from Column B. ;-) Column A has network types and > Column B has most common problem for network type. It's important to know > about common problems, but it's just as important to gather data, research > symptoms, and use logic and reasoning. > > Cisco's troubleshooting method really does work: > > 1. Define the problem. > 2. Gather facts. > 3. Consider possibilities. > 4. Create an action plan. > 5. Implement the action plan. > 6. Observe the results. > 7. Do problem symptoms stop? > > If no, go back to 4 or possibly to 2. > If yes, problem resolved, document the results. > > OK, off my soapbox now! :-) > > ___ > > Priscilla Oppenheimer > www.troubleshootingnetworks.com > www.priscilla.com > > [EMAIL PROTECTED] wrote: > > > > I found email to be a touchy thing... Especially when dealing > > with M$ > > 0utlook. Are you sure it's the MTU size that's the problem > > with email. > > > > I know in our situation, I had to add the mail server name & IP > > to the host > > file of the remote pc. Some times we experience some latency, > > but for the > > most part it's only been about half a minute. > > > > Cheers, > > mkj > > > > -Original Message- > > From: JohnZ [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, October 01, 2002 8:55 PM > > To: [EMAIL PROTECTED] > > Subject: Confused about MTU size [7:54689] > > > > > > Can some one explain clearly how does MTU size affect windows > > applications > > where these applications won't work over a network link. I have > > a certain > > home user that can establish a vpn tunnel through a DSL to > > corporate network > > and all applications will work except for email. The only > > difference is a > > cisco router in between the homeuser and corporate network. > > Without this > > cisco router (with homeuser directly attached to DSL modem) > > there are no > > problems. Some one mentioned MTU could be the problem, but if > > the frames are > > larger then MTU don't they get fragmented and re-assembled at > > the other end. > > How could MTU size fail single application while everything > > else works fine. > > Thanks for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54760&t=54689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Security Specialist 1: To self-study or not [7:54756]
I completed this by self-study, and a moderate lab (3 routers at the time, a couple of PCs and the PIX 501). This sufficed for all but the IDS exam. For that, I built a FrankenIDS machine and created a Cisco Security Policy Manager to experiment/practice with. This allowed me to get a feel for that technology, although I would not recommend trying that exam without some sort of lab work. HTH Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54761&t=54756 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IDS Sensor action [7:54762]
Hi !!! If a sensor detects unauthorized activity, are the following possible action ? (action1) --> Shutdown Interface (action2) --> Perform a traceroute to the source of the attack I am taking the Vconsole tests and some of their answers follow this actions, but this doesn't make much sense to me, to what i have read about it. Thanks in advance BF Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54762&t=54762 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2950 cat sample config [7:54719]
I appreciate the help guys. ""Edwin.R.Gonzalez"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hey, > > > Does anyone have a sample config of a Cat 2950, just a basic config, thanks? > > -- > Edwin R. Gonzalez (CCNP, Network+, A+) > Network Engineer II > CSXT > (904) 366-5999 > > Life can only be understood backwards, > but it must be lived forwards. > > -- Soren Kierkegaard Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54763&t=54719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need to make an access port very slow on a 2950 [7:54764]
Hi All, Without going into it to much, I really would like to set some type of policy where by a user's PC on port 5 of my 2950 switch, has access to the rest of the LAN at 9.6kb/s..Can this be done on the switch, or do I need to do this on my 4006 ? John Sydney Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54764&t=54764 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSS1 Beta Exams [7:50561]
The beta's are already done. Look for the new CSS1 exams sometime in October 2002. Shawn K. > -Original Message- > From: groupstudy.com [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 3:23 PM > To: [EMAIL PROTECTED] > Subject: Re: CSS1 Beta Exams [7:50561] > > Do you have Beta exam blue print , Can you send me one link ... > > Thanks > > Rahul > ""Kim Graham"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Thanks for the heads up. I was signing up this evening to take the > > existing CSPFA over the weekend. So I gave myself an extra week in hopes > to > > save $200 CDN. > > > > The MCNS looked to good to turn down at that price. So I will see if > > squeaking by can be acheived. I have 20 days to go over the blue > print, > > pull out what I use daily and read up on things that I may have seen but > > don't realize they exist. > > > > Thus my path is laid out ;). > > > > Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54765&t=50561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Security Specialist 1: To self-study or not to [7:54767]
I've heard on this list that a PIX 501 should be enough for the CSS1 cert because all you need are two interfaces to learn what is needed. I believe this is correct, but double-check the archives to make sure. Shawn K. > -Original Message- > From: Eric Mwambaji [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 4:35 PM > To: [EMAIL PROTECTED] > Subject: Cisco Security Specialist 1: To self-study or not to > [7:54756] > > I am interested in pursuing the CSS1 designation. Can > anyone tell me if this cert is a bear without the > necessary training. > > There is a slight chance I may be able to get my > employer to spring for the classes but I need to find > out more before I start 'pulling teeth'. > > I have self-studied up to the CCNP level but I'm not > sure I'll be able to get to all gear I need for this > cert. Any input is appreciated. > > Thanks > Eric CCNP > > __ > Do you Yahoo!? > New DSL Internet Access from SBC & Yahoo! > http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54767&t=54767 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How to dial in & power up home lab?? [7:54768]
Dear GroupStudy, Here is my interesting dilemma. I hope someone can lend some insight... 1 - I only have dial-up (no cable modem - i.e. no constant connection to Internet). 2 - I travel for work, so I'm not home very often. 3 - I have a lab that I would like to use rather often. 4 - I do not want to spend a lot of $$ on long distance to dial up my lab. 5 - I also do not want to spend a lot of $$ on electricity if the lab is not in use. 6 - I have (will have) an APC MasterSwitch PDU that I know can be used to remotely power up/power down the lab. 7 - The lab consists of all 2500 series routers (7 of them). I do not know if I can dial in to the PDU in order to power up the lab (this I can figure out). Once the lab is powered up, is there a way to have one of the routers dial up my ISP? But then, how would I know what the IP address of the router is (since the ISP uses DHCP) in order to telnet to the lab? One of the solutions I have thought of is to dial up my PC (with wake on LAN - if that works on the modem), disconnect. Then the dial up connection would be in my startup folder so the PC would dial the ISP automatically. Then I would dial up the ISP from wherever I would be. Then I still have the problem of knowing my IP address. A friend said to use ICQ. I don't know how that works, but will try it. I think I have covered everything. Thanks in advance for any help. Jake Secrist Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54768&t=54768 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ATM Question? [7:54753]
You can do FRASI on a Router. So you could interconnect ATM interfaces to a Frame-Relay router. http://www.cisco.com/warp/customer/121/frf8modes.html More ATM Technical Tips http://www.cisco.com/warp/customer/121/ -- David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Jason Viera > Sent: Wednesday, October 02, 2002 4:14 PM > To: [EMAIL PROTECTED] > Subject: ATM Question? [7:54753] > > > This may be a stupid question, but I thought I'd ask anyway. Is there any > possible way with any router platform or IOS to turn a router with > multipleATM interfaces into an ATM switch. Once again, this is a wild > question, stemming from the fact that it can be done with > frame-relay. Since > this is probably very unlikely, what are the groups opinions on > the various > CCIE R&S rack rentals online, and which ones seem to provide the highest > ROI. TIA!!! > Jason Viera > DO OR DO NOT THERE IS NO TRY Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54769&t=54753 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to dial in & power up home lab?? [7:54768]
Jake, Have a look at one of the dynamic DNS sites, such as tzo.com. I think there are even some free ones. Of course I'm not sure if you could do this from a router. -- David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Jake Secrist > Sent: Wednesday, October 02, 2002 9:06 PM > To: [EMAIL PROTECTED] > Subject: How to dial in & power up home lab?? [7:54768] > > > Dear GroupStudy, > > Here is my interesting dilemma. I hope someone can lend some insight... > > 1 - I only have dial-up (no cable modem - i.e. no constant connection to > Internet). > 2 - I travel for work, so I'm not home very often. > 3 - I have a lab that I would like to use rather often. > 4 - I do not want to spend a lot of $$ on long distance to dial up my > lab. > 5 - I also do not want to spend a lot of $$ on electricity if the lab is > not in use. > 6 - I have (will have) an APC MasterSwitch PDU that I know can be used > to remotely power up/power down the lab. > 7 - The lab consists of all 2500 series routers (7 of them). > > I do not know if I can dial in to the PDU in order to power up the lab > (this I can figure out). Once the lab is powered up, is there a way to > have one of the routers dial up my ISP? But then, how would I know what > the IP address of the router is (since the ISP uses DHCP) in order to > telnet to the lab? > > One of the solutions I have thought of is to dial up my PC (with wake on > LAN - if that works on the modem), disconnect. Then the dial up > connection would be in my startup folder so the PC would dial the ISP > automatically. Then I would dial up the ISP from wherever I would be. > Then I still have the problem of knowing my IP address. A friend said > to use ICQ. I don't know how that works, but will try it. > > I think I have covered everything. Thanks in advance for any help. > > Jake Secrist Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54770&t=54768 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
I had the same issue with outlook, its real slow when accessing Imap mail. I set the MTU, adjusted other things, etc..nothing seems to fix this issue for me. I set up Netscape 6.2x messenger/mail. Installed the mail client for Imap mail, and it works fine...sometimes it hangs for a second or two, but not anything like outlook Larry Creighton Bill-BCREIGH1 wrote: >I may be way out of line, but there aren't any access lists which may be >prohibiting the IMAP ports used by exchange, are there. I ran into a config >mess with DMZ's and access lists for a beta product test once. And that was >what we saw - all worked (http, proxy, etc.) but Exchange was gone. Turned >out to be some Checkpoint and access-list tweaking. > > >-Original Message- >From: JohnZ [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, October 02, 2002 5:43 PM >To: [EMAIL PROTECTED] >Subject: Re: Confused about MTU size [7:54689] > >Thanks Priscilla, I definitely don't mind even if it was criticisim >especially coming from some one of your caliber. Thank you for the pointers >and I will do some more deligant troubleshooting. And yes Mike it is outlook >that refuses to work properly. There is no problem browsing, home user is >able to copy files of all sizes with out any problems. We can ping the email >server from the user's workstation heck I am even pc-anwhered into his >machine. But as soon we start outlook it just hangs. I will further >investigate the router's config although it's using a template that's >working elsewhere under different service provider without a hitch. >""Priscilla Oppenheimer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >>I agree that it doesn't sound like an MTU problem. There are often >> >problems > >>with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to >>that conclusion. But e-mail messages are often very short and would easily >>fit into most MTUs even after overhead. To test whether it's an MTU >> >problem, > >>try some oversized pings. >> >>The MTU issue occurs when a full-sized packet arrives at an interface that >>needs to squeeze it into an MTU along with the overhead. The interface >> >could > >>fragment, but maybe the application or transport layer set the Don't >>Fragment bit. Quite a few applications do that as part of their MTU >>discovery process. The problem is made worse if there's an access list >> >that > >>is blocking the ICMP "Fragmentation required but DF bit set" message. >> >>Here's a Cisco article on MTU: >> >>http://www.cisco.com/warp/public/105/56.html >> >>This isn't a criticism of the original poster, who was already doubting >> >the > >>people who told him it was an MTU problem, but it does give me a chance to >>get on my soapbox about troubleshooting methods. A lot of people >>troubleshoot using the technique we learned in grade school to match items >>from Column A with items from Column B. ;-) Column A has network types and >>Column B has most common problem for network type. It's important to know >>about common problems, but it's just as important to gather data, research >>symptoms, and use logic and reasoning. >> >>Cisco's troubleshooting method really does work: >> >>1. Define the problem. >>2. Gather facts. >>3. Consider possibilities. >>4. Create an action plan. >>5. Implement the action plan. >>6. Observe the results. >>7. Do problem symptoms stop? >> >>If no, go back to 4 or possibly to 2. >>If yes, problem resolved, document the results. >> >>OK, off my soapbox now! :-) >> >>___ >> >>Priscilla Oppenheimer >>www.troubleshootingnetworks.com >>www.priscilla.com >> >>[EMAIL PROTECTED] wrote: >> >>>I found email to be a touchy thing... Especially when dealing >>>with M$ >>>0utlook. Are you sure it's the MTU size that's the problem >>>with email. >>> >>>I know in our situation, I had to add the mail server name & IP >>>to the host >>>file of the remote pc. Some times we experience some latency, >>>but for the >>>most part it's only been about half a minute. >>> >>>Cheers, >>>mkj >>> >>>-Original Message- >>>From: JohnZ [mailto:[EMAIL PROTECTED]] >>>Sent: Tuesday, October 01, 2002 8:55 PM >>>To: [EMAIL PROTECTED] >>>Subject: Confused about MTU size [7:54689] >>> >>> >>>Can some one explain clearly how does MTU size affect windows >>>applications >>>where these applications won't work over a network link. I have >>>a certain >>>home user that can establish a vpn tunnel through a DSL to >>>corporate network >>>and all applications will work except for email. The only >>>difference is a >>>cisco router in between the homeuser and corporate network. >>>Without this >>>cisco router (with homeuser directly attached to DSL modem) >>>there are no >>>problems. Some one mentioned MTU could be the problem, but if >>>the frames are >>>larger then MTU don't they get fragmented and re-assembled at >>>the other end. >>>How could MTU size fail single application while everything >>>else works fine. >>>
Vlan Port Security feature [7:54772]
hi, wonder if anyone has used the port security or port protected before, I am trying to implement the port security feature with 1-2 max mac address for security reason, is there any implication on overhead traffic that will be created with this feature, Also, with the port interface shut down when more than 2 mac address has been learned, will it turn back to on when the original mac address learn is plug back in. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54772&t=54772 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco work 2000 [7:54773]
I have been trying to set up my Cisco work 2000, under resource manager essential , inventory , check device attribute , I am able to check that all device are correctly configured. However , when I try extract the topology service network view on the layer 2 view, I find that some of my switch discover by the resource manager are missing, anyone has any advice on that , thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54773&t=54773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco work 2000 [7:54773]
Confirm that you have reverse DNS entries for all devices. Han Chuan Alex Ang wrote:I have been trying to set up my Cisco work 2000, under resource manager essential , inventory , check device attribute , I am able to check that all device are correctly configured. However , when I try extract the topology service network view on the layer 2 view, I find that some of my switch discover by the resource manager are missing, anyone has any advice on that , thanks Robert Padjen - Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54775&t=54773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need to make an access port very slow on a 2950 [7:54764]
Hey John, One thing that comes to mind is rate-limiting. Do you have L3? Maybe you could create a new vlan (to make all traffic go through the L3 device) with a new subnet and drop that port/pc into that vlan. Then setup an access-list and rate limit commands to throttle that traffic to 9600. Something like this: access-list rate-limit 110 interface rate-limit input access-group rate-limit 110 9600 0 0 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 110 9600 0 0 conform-action transmit exceed-action drop Good luck, Vance ""John Brandis"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > Without going into it to much, I really would like to set some type of > policy where by a user's PC on port 5 of my 2950 switch, has access to the > rest of the LAN at 9.6kb/s..Can this be done on the switch, or do I need to > do this on my 4006 ? > > John > Sydney Australia > > > ** > > visit http://www.solution6.com > > UK Customers - http://www.solution6.co.uk > > * > This email message (and attachments) may contain information that is > confidential to Solution 6. If you are not the intended recipient you cannot > use, distribute or copy the message or attachments. In such a case, please > notify the sender by return email immediately and erase all copies of the > message and attachments. Opinions, conclusions and other information in > this message and attachments that do not relate to the official business of > Solution 6 are neither given nor endorsed by it. > * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54777&t=54764 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
