Re: how to telnet to other FROM PIX? [7:56435]
Hi Kenny, AFAIK, you cannot telnet from the PIX. If you enter 'telnet' in config mode, it will limit/allow hosts that can telnet to the PIX. If you find a way to telnet from the PIX, please let me know! Casey ""Kenny Smith"" wrote in message news:200210290656.GAA22501@;groupstudy.com... > Hi.. May I know how to telnet to other hosts FROM the PIX firewall, when I > type the following, it gives me no available command > > singpix01# telnet 10.100.100.49 > Type help or '?' for a list of available commands. > > Besides, can I manage the PIX with the web interface by point my web browser > to the following. http://PIX_IP_ADDRESS. But it doesn't work > > I thought below is the necessary confi, and 10.100.100.199 is my workstation > IP > > http server enable > http 10.100.100.199 255.255.255.255 inside > > > _ > Surf the Web without missing calls! Get MSN Broadband. > http://resourcecenter.msn.com/access/plans/freeactivation.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56439&t=56435 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Duplicating Address on HSRP [7:56431]
Hard to say without looking at your configs, but I would guess that you might have some inconsistant HSRP configs on VLAN 25. I suggest that you 'sh vlan 25' on your switches to make sure that you are aware of all VLAN 25 ports and then post the interface configs (especially HSRP configs) for all router interfaces on VLAN 25. It seems to me that your problem is most likely network layer, so you will likely find the problem on a router or MSM/MFSC. HTH, Casey ""Han Chuan Alex Ang"" wrote in message news:200210290422.EAA04769@;groupstudy.com... > hi, I have been having this problems recently, Wonder if anyone could > > help me out on this one > > I am running a Collapsed Core Model with two Catalyst 6000 running on > > HSRP for redundancy , all link connect to the Access switches are > > Catalyst 3500 series with redundancy link and PVST Plus implemented > > (The two Catalyst 6000 are defined as primary and secondary Root for > > all vlan except for VLAN 25. > > However, one direct link from the Core Bridge's port is connected > > without redundancy link)VLAN25 to 7206 Router interface(Root Bridge). > > Recently , the Router interface seem to be faulty and the whole > > network was town (affecting other Vlan) my understanding is that it > > should not affect other VLAN. > > Error message as follow was given > > Oct 12 13:15:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 > on Vlan25, sourced by .0c07.ac19 > Oct 13 16:25:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 > on Vlan25, sourced by .0c07.ac19 > Oct 15 22:31:02: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 > on Vlan25, sourced by .0c07.ac19 > Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 > on Vlan25, sourced by .0c07.ac19 > > > A reload on the Gigabit module was needed in order to solve the > > problems. I am not quite sure what could have cause this problems , > > anyone care to enlighten me , thank > > > My guess is that the faulty interface cause a recalculation for STP as the > Root is gone and that cause the link to be lost between the two catalyst and > thus resulting in a loop Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56438&t=56431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ports and RFC's link [7:56436]
Hi all, The below link the the BEST link for ports and RFC's. You can look up RFC's by port numbers. VERY USEFULL! Sincerely, Kyle http://packetderm.cotse.com/cgi-bin/port.cgi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56436&t=56436 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ports and RFC's link [7:56437]
Hi all, The below link the the BEST link for ports and RFC's. You can look up RFC's by port numbers. VERY USEFULL! Sincerely, Kyle http://packetderm.cotse.com/cgi-bin/port.cgi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56437&t=56437 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
how to telnet to other FROM PIX? [7:56435]
Hi.. May I know how to telnet to other hosts FROM the PIX firewall, when I type the following, it gives me no available command singpix01# telnet 10.100.100.49 Type help or '?' for a list of available commands. Besides, can I manage the PIX with the web interface by point my web browser to the following. http://PIX_IP_ADDRESS. But it doesn't work I thought below is the necessary confi, and 10.100.100.199 is my workstation IP http server enable http 10.100.100.199 255.255.255.255 inside _ Surf the Web without missing calls! Get MSN Broadband. http://resourcecenter.msn.com/access/plans/freeactivation.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56435&t=56435 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF point-to-multipoint 32 mask [7:56136]
mm... OK, we'll chalk this one off as a failure to communicate. the original post called for "similar to ccbootcamp lab 5 , but how to summary those serial to other protocol ? area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either " which I took to mean summarizing area 0 routes to other area 0 routers and ultimately into an external protocol. which of course cannot be done. obviously, you are talking about summarizing area 0 routes into a non-zero area, which of course, does work just fine. -- www.chuckslongroad.info ""Jenny McLeod"" wrote in message news:200210290538.FAA14601@;groupstudy.com... > The Long and Winding Road wrote: > > > > ""Jenny McLeod"" wrote in message > > news:200210280429.EAA24675@;groupstudy.com... > > > The Long and Winding Road wrote: > > > [snipped] > > > > > area 0 range 172.16.1.0 255.255.255.0 area not working on > > ABR > > > > either > > > > > > > > > > > > > CL: well, area 0 range is an illegal command. you may be > > able > > > > to enter it, > > > > but it does nothing. the area range command is design to > > > > summarize non > > > > backbone routes into the backbone. if you think aout it, > > there > > > > is probably > > > > not a real good reaso for backbone routes to be summarized > > > > > > > > > > > JMcL: Since when?? > > > I use the area 0 range blah blah command (without the "area" > > at the end, > > if > > > that was supposed to be part of the command above), and it > > certainly > > doesn't > > > do nothing. As far as I've seen, it works in exactly the > > same way as area > > > anything else range blah blah. > > > > > > All right, Miss Smarty Pants. I don't know what IOS versions > > you use / have > > been using, but I have been through this song and dance with > > OSPF area 0 > > summarization, or lack thereof for a while now. I have yet to > > see it work. > > > > Seriously, Jen, you know I respect your wisdom and value your > > advice. I am > > absolutely certain that I have never successfuly summarized > > area 0 routes > > over a couple of years of lab rat living. The following is from > > my current > > study pod, and the IOS version is 12.1.5T10. > > > > First, router 1 configurations. There are a number of > > loopbacks,containing > > the route addresses in question. > > > JMcL: Are any of the relevant routes being redistributed from RIP, or are > the relevant bits pure OSPF? > > > router ospf 123 > > log-adjacency-changes > > area 0 range 100.100.0.0 255.255.240.0 > > redistribute rip subnets route-map rip2ospf > > network 99.99.99.1 0.0.0.0 area 51 > > network 100.100.0.1 0.0.0.0 area 0 > > network 100.100.1.1 0.0.0.0 area 0 > > network 100.100.2.1 0.0.0.0 area 0 > > network 100.100.3.1 0.0.0.0 area 0 > > network 100.100.4.1 0.0.0.0 area 0 > > network 100.100.5.1 0.0.0.0 area 0 > > network 100.100.6.1 0.0.0.0 area 0 > > network 100.100.7.1 0.0.0.0 area 0 > > network 160.160.255.0 0.0.0.255 area 0 > > > > note the summary in the R1 routing table: > > > > Gateway of last resort is not set > > > > 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks > > O 100.100.0.0/20 is a summary, 00:11:57, Null0 > > > > now observe router 2's table: > > > > 100.0.0.0/24 is subnetted, 8 subnets > JMcL: Interesting line above. You sure that's what it said? > > O 100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, > > TokenRing0 > > O 100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, > > TokenRing0 > > O 100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, > > TokenRing0 > > 99.0.0.0/32 is subnetted, 1 subnets > > > > This has remained constant through several reconfigurations and > > several ospf > > process resets. > > > JMcL: I'm not quite clear on your setup. Pick me up if I go wrong here. > R1 and R2 are connected by 160.160.255.0/24, yes? > 160.160.255.0/24 is in area 0, yes? > So R2 is also in area 0, yes? > So why are you expecting that the backbone routes will have been > summarised? You haven't left the backbone yet - you haven't crossed an area > boundary (referring to the quote below). > What happens if you connect R1 and R2 by a non-backbone link? > > > It also remain true even if on R1 I use a more generic network > > 100.100.0.0 > > 0.0.255.255 area 0 command. > > > > So > > > > I stand by my statement that even though you may be able to > > enter the > > commands, the fact is that you cannot summarize area 0 routes > > on a cisco > > router, at least not that I've been able to figure out.. My > > position is > > further supported by the Cisco documentation, w
Re: OSPF point-to-multipoint 32 mask [7:56136]
The Long and Winding Road wrote: > > ""Jenny McLeod"" wrote in message > news:200210280429.EAA24675@;groupstudy.com... > > The Long and Winding Road wrote: > > [snipped] > > > > area 0 range 172.16.1.0 255.255.255.0 area not working on > ABR > > > either > > > > > > > > > > CL: well, area 0 range is an illegal command. you may be > able > > > to enter it, > > > but it does nothing. the area range command is design to > > > summarize non > > > backbone routes into the backbone. if you think aout it, > there > > > is probably > > > not a real good reaso for backbone routes to be summarized > > > > > > > > JMcL: Since when?? > > I use the area 0 range blah blah command (without the "area" > at the end, > if > > that was supposed to be part of the command above), and it > certainly > doesn't > > do nothing. As far as I've seen, it works in exactly the > same way as area > > anything else range blah blah. > > > All right, Miss Smarty Pants. I don't know what IOS versions > you use / have > been using, but I have been through this song and dance with > OSPF area 0 > summarization, or lack thereof for a while now. I have yet to > see it work. > > Seriously, Jen, you know I respect your wisdom and value your > advice. I am > absolutely certain that I have never successfuly summarized > area 0 routes > over a couple of years of lab rat living. The following is from > my current > study pod, and the IOS version is 12.1.5T10. > > First, router 1 configurations. There are a number of > loopbacks,containing > the route addresses in question. > JMcL: Are any of the relevant routes being redistributed from RIP, or are the relevant bits pure OSPF? > router ospf 123 > log-adjacency-changes > area 0 range 100.100.0.0 255.255.240.0 > redistribute rip subnets route-map rip2ospf > network 99.99.99.1 0.0.0.0 area 51 > network 100.100.0.1 0.0.0.0 area 0 > network 100.100.1.1 0.0.0.0 area 0 > network 100.100.2.1 0.0.0.0 area 0 > network 100.100.3.1 0.0.0.0 area 0 > network 100.100.4.1 0.0.0.0 area 0 > network 100.100.5.1 0.0.0.0 area 0 > network 100.100.6.1 0.0.0.0 area 0 > network 100.100.7.1 0.0.0.0 area 0 > network 160.160.255.0 0.0.0.255 area 0 > > note the summary in the R1 routing table: > > Gateway of last resort is not set > > 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks > O 100.100.0.0/20 is a summary, 00:11:57, Null0 > > now observe router 2's table: > > 100.0.0.0/24 is subnetted, 8 subnets JMcL: Interesting line above. You sure that's what it said? > O 100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, > TokenRing0 > O 100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, > TokenRing0 > O 100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, > TokenRing0 > 99.0.0.0/32 is subnetted, 1 subnets > > This has remained constant through several reconfigurations and > several ospf > process resets. > JMcL: I'm not quite clear on your setup. Pick me up if I go wrong here. R1 and R2 are connected by 160.160.255.0/24, yes? 160.160.255.0/24 is in area 0, yes? So R2 is also in area 0, yes? So why are you expecting that the backbone routes will have been summarised? You haven't left the backbone yet - you haven't crossed an area boundary (referring to the quote below). What happens if you connect R1 and R2 by a non-backbone link? > It also remain true even if on R1 I use a more generic network > 100.100.0.0 > 0.0.255.255 area 0 command. > > So > > I stand by my statement that even though you may be able to > enter the > commands, the fact is that you cannot summarize area 0 routes > on a cisco > router, at least not that I've been able to figure out.. My > position is > further supported by the Cisco documentation, which states "The > area range > command is used only with area border routers (ABRs). It is > used to > consolidate or summarize routes for an area. The result is that > a single > summary route is advertised to other areas by the ABR. Routing > information > is condensed at area boundaries." > Sorry - how does this say that you can't summarise in either direction? I don't see how it backs up your position. > http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r > /iprprt2/1rdospf.htm#xtocid4 > watch the wrap > > Of course, I am ready to learn something new, if you've got a > trick I have > yet to learn. > > > > > Why not summarise backbone routes for the same reasons as > summarising > > non-backbone routes - reduce routing tables, database sizes, > route change > > propagations etc? > > In regards to the wisdom of summarizing backbone routes in an >
Re: Cisco QOS course for the 3550?? [7:56423]
Please let us know if you find anything. I have two of them I'm about to have to do some crazy QoS stuff with. Clayton ""Cisco Nuts"" wrote in message news:200210282249.WAA22546@;groupstudy.com... > Hello, > > Does anyone know if any specific courses/books for the Cat 3550 switch in > preparation for the CCIE Lab? > How about the Cisco course for QOS for the CCIP? Does this help for the CCIE > Lab prep. Is this book enough in terms of the Lab? > Any advise is appreciated. > > Thank you. > Sincerely. > > > > > > > > _ > Choose an Internet access plan right for you -- try MSN! > http://resourcecenter.msn.com/access/plans/default.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56432&t=56423 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Duplicating Address on HSRP [7:56431]
hi, I have been having this problems recently, Wonder if anyone could help me out on this one I am running a Collapsed Core Model with two Catalyst 6000 running on HSRP for redundancy , all link connect to the Access switches are Catalyst 3500 series with redundancy link and PVST Plus implemented (The two Catalyst 6000 are defined as primary and secondary Root for all vlan except for VLAN 25. However, one direct link from the Core Bridge's port is connected without redundancy link)VLAN25 to 7206 Router interface(Root Bridge). Recently , the Router interface seem to be faulty and the whole network was town (affecting other Vlan) my understanding is that it should not affect other VLAN. Error message as follow was given Oct 12 13:15:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by .0c07.ac19 Oct 13 16:25:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by .0c07.ac19 Oct 15 22:31:02: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by .0c07.ac19 Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by .0c07.ac19 A reload on the Gigabit module was needed in order to solve the problems. I am not quite sure what could have cause this problems , anyone care to enlighten me , thank My guess is that the faulty interface cause a recalculation for STP as the Root is gone and that cause the link to be lost between the two catalyst and thus resulting in a loop Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56431&t=56431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF point-to-multipoint 32 mask [7:56136]
""Jenny McLeod"" wrote in message news:200210280429.EAA24675@;groupstudy.com... > The Long and Winding Road wrote: > [snipped] > > > area 0 range 172.16.1.0 255.255.255.0 area not working on ABR > > either > > > > > > > CL: well, area 0 range is an illegal command. you may be able > > to enter it, > > but it does nothing. the area range command is design to > > summarize non > > backbone routes into the backbone. if you think aout it, there > > is probably > > not a real good reaso for backbone routes to be summarized > > > > > JMcL: Since when?? > I use the area 0 range blah blah command (without the "area" at the end, if > that was supposed to be part of the command above), and it certainly doesn't > do nothing. As far as I've seen, it works in exactly the same way as area > anything else range blah blah. All right, Miss Smarty Pants. I don't know what IOS versions you use / have been using, but I have been through this song and dance with OSPF area 0 summarization, or lack thereof for a while now. I have yet to see it work. Seriously, Jen, you know I respect your wisdom and value your advice. I am absolutely certain that I have never successfuly summarized area 0 routes over a couple of years of lab rat living. The following is from my current study pod, and the IOS version is 12.1.5T10. First, router 1 configurations. There are a number of loopbacks,containing the route addresses in question. router ospf 123 log-adjacency-changes area 0 range 100.100.0.0 255.255.240.0 redistribute rip subnets route-map rip2ospf network 99.99.99.1 0.0.0.0 area 51 network 100.100.0.1 0.0.0.0 area 0 network 100.100.1.1 0.0.0.0 area 0 network 100.100.2.1 0.0.0.0 area 0 network 100.100.3.1 0.0.0.0 area 0 network 100.100.4.1 0.0.0.0 area 0 network 100.100.5.1 0.0.0.0 area 0 network 100.100.6.1 0.0.0.0 area 0 network 100.100.7.1 0.0.0.0 area 0 network 160.160.255.0 0.0.0.255 area 0 note the summary in the R1 routing table: Gateway of last resort is not set 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks O 100.100.0.0/20 is a summary, 00:11:57, Null0 now observe router 2's table: 100.0.0.0/24 is subnetted, 8 subnets O 100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 O 100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 99.0.0.0/32 is subnetted, 1 subnets This has remained constant through several reconfigurations and several ospf process resets. It also remain true even if on R1 I use a more generic network 100.100.0.0 0.0.255.255 area 0 command. So I stand by my statement that even though you may be able to enter the commands, the fact is that you cannot summarize area 0 routes on a cisco router, at least not that I've been able to figure out.. My position is further supported by the Cisco documentation, which states "The area range command is used only with area border routers (ABRs). It is used to consolidate or summarize routes for an area. The result is that a single summary route is advertised to other areas by the ABR. Routing information is condensed at area boundaries." http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r /iprprt2/1rdospf.htm#xtocid4 watch the wrap Of course, I am ready to learn something new, if you've got a trick I have yet to learn. > Why not summarise backbone routes for the same reasons as summarising > non-backbone routes - reduce routing tables, database sizes, route change > propagations etc? In regards to the wisdom of summarizing backbone routes in an OSPF network, while I was pondering your response, I went through a few ideas, and I see where it "might" be advantageous.. I still believe that generally speaking, one would want all backbone routes to be visible throughout the backbone to allow for uninterrupted routing should one or more backbone routers fail. This assuming a redundant backbone design. I can't located specifics in the RFC, but I "suspect" that Mr. Moy is of similar mind. with all respects Chuck -- > > JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56430&t=56136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written - the final push is finished [7:56428]
I passed (though by the slightest margin). This was a real bear, and while MPLS, IS-IS and Multicasting played a major part (like everybody says), the test I had also covered quite a bit of EIGRP, OSPF and other topics from the CCNP track. I was most surprised to find IGRP, RIP, Token Ring and FDDI still on the exam. Anyway Im done. Having finished, what I found most useful: Both Doyle books, Brunos book, and boson#3. Thanks all for your help. The Tick Jim Tickle wrote:Thank you everyone who has sent advice, links and encouragement. Today I'm spending the day reading the various CCO links people have sent; reviewing the highlighted sections of the books I read; going through bosons#1 and #3; and just trying to pack it all in. I hope to have positive news for the group late tomorrow. Thank you again for all the support. Tick Shahid Muhammad Shafi wrote:Go thorugh 6500 documentation also. Especially PVLANs, VACLs, RACLs etc. Also if u have time breeze through these urls: Bridging & Switching http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/spantree.htm#10890 http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/routing.htm#xtocid223388 http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/vlans.htm#xtocid551119 http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/acc_list.htm http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/span.htm http://www.cisco.com/warp/public/793/lan_switching/2.html http://www.cisco.com/warp/public/cc/pd/ibsw/ibdlsw/prodlit/dls12_rg.htm http://www.cisco.com/warp/public/793/lan_switching/6.html http://www.cisco.com/warp/public/473/77.html http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/c65sp_wp.htm http://standards.ieee.org/getieee802/802.1.html http://www.cisco.com/warp/public/473/#LANSecurity http://www.cisco.com/warp/public/473/79.html http://cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/channel.htm http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm#xtocid1869438 http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_r/brprt1/br1dtb.htm#xtocid132742 http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm Cisco Device Operation http://www.cisco.com/warp/public/432/features.html http://www.cisco.com/warp/public/63/vip_crash.html http://www.cisco.com/warp/public/66/23.html http://www.cisco.com/warp/public/63/pcmciamatrix.html http://www.cisco.com/warp/public/130/upgrade_index.shtml http://www.cisco.com/warp/public/473/34.shtml http://www.cisco.com/warp/public/473/46.html http://www.cisco.com/warp/public/474/11.html http://www.cisco.com/warp/public/473/81.shtml http://www.cisco.com/warp/public/473/14.shtml Desktop Protocols http://www.cisco.com/warp/public/473/33.html#ping http://www.cisco.com/warp/public/473/33.html#service http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_c/wcdfrely.htm IP http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/1195_pp.htm http://www.cisco.com/networkers/nw00/pres/2212_6-28.pdf http://www.cisco.com/warp/public/105/5.html http://www.cisco.com/warp/public/63/ping_traceroute.html http://www.cisco.com/warp/public/759/ipj_2-3/ipj_2-3_oneb.html http://www.cisco.com/warp/public/105/56.html http://www.cisco.com/warp/public/105/acl_wp.html IP Routing http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s15/eigrpstb.htm Multicast http://www.cisco.com/warp/public/105/48.html LAN http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/instnote.htm#xtocid1019419 http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/6000hw/mod_inst/02prep.htm#xtocid21176 http://www.cisco.com/warp/public/473/46.html http://www.cisco.com/warp/public/102/wlan/connectivity.html#third http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/fddi.htm#xtocid2505711 http://www.cisco.com/warp/public/102/wlan/ap-faq.html#Q13 http://www.cisco.com/warp/public/784/packet/techspeak.html http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt6/xcfvl.htm#77315 http://standards.ieee.org/getieee802/802.2.html http://standards.ieee.org/getieee802/802.3.html http://standards.ieee.org/getieee802/802.5.html http://standards.ieee.org/getieee802/802.11.html http://www.cisco.com/warp/public/697/troubleshooting_tr_interfaces.shtml http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/tokenrng.htm http://www.cisco.com/warp/public/473/46.html http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/tr1904.htm#34634 http://cisco.com/warp/public/cc/so/neso/lnso/lnmnso/feth_tc.htm Multiservice http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvfax_r/vrf_a.htm#xtocid1720898 QoS http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c/index.htm http:/
Re: Config Cat 5K GBIC interfaces [7:56410]
Try setting to switch to autonegotiate ""Patrick Donlon"" wrote in message news:200210281321.NAA04008@;groupstudy.com... > Doe anyone have experience connecting a Cat 5K g-bit interface to a Fluke's > g-bit interface? Can't seem to get any layer 3 comms, here's the the show > interface below. NOTE the interface is NOT connected, when it is though the > status is "Connected" and all the relevant LEDs light up and the cable tests > are passed on the fluke OK > > Cheers > > Pat > > > (enable) sh port 5/1 > Port Name Status Vlan Level Duplex Speed Type > - -- -- -- -- -- - --- -- > --- > 5/1 FLUKE Optiview notconnect 1 normal full 1000 > 1000BaseSX > > Port Trap IfIndex > - --- > 5/1 disabled 456 > > Port Broadcast-Limit Broadcast-Drop > --- -- > 5/1 - 0 > > Port Send FlowControlReceive FlowControl RxPause TxPause Unsupported >adminoper adminoper opcodes > - --- --- - -- > 5/1 desired offoff off 0 0 0 > > > Port Align-Err FCS-ErrXmit-Err Rcv-ErrUnderSize > - -- -- -- -- - > 5/1 0 0 0 0 0 > > Port Single-Col Multi-Coll Late-Coll Excess-Col Carri-Sen Runts Giants > - -- -- -- -- - - -- > --- > 5/1 0 0 0 0 0 0 > 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56429&t=56410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Quietest Cisco Switch (manageable) [7:56424]
Hi all, I think we covered this a little while ago, but don't recall the outcome. I have been using a cheap netgear 8 port 10/100 switch at home for ages (no fan=quiet) and it goes ok. Recently, I have swapped out the netgear for the CAT5K from my lab. I am using it for CIT study and also because I was having intermittent problems with my file server (I work from home a lot). I found lots of runts and bad fcs on the port that the file server was plugged into, so splashed out on ebay for a decent NIC (#6.99 for a 3C905B-TX!!) and replaced the realtek sh**ter with the 3COM card. No more runts or bad FCS. Anyway, my point is that I would like to keep a managed switch for my LAN, but obviously the CAT5K is a bit noisy (and OTT), I have a 2912 but that sounds like a small jet aircraft. Anyone know of a quiet and small switch, or a way to quieten the fans in the 2900 series switches. Has anyone successfully ran a 2900 with some of the fans unplugged? Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56424&t=56424 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: PIX 515 MIB for OID [7:56427]
Hello to allSorry for the OT but does anyone know what is the OID string to get the CPU Utilization MIB data out of a PIX 515. It's different than a router and I can't find anything on CCO. Thanks, Sean Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56427&t=56427 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: summary-address and OSPF NSSA [7:56407]
You are correct. The only side-effects would be that if another area needs to get to that network that isn't advertised by the NSSA ABR they won't be able unless static route is used, etc. More detail... by default on NSSA External (type 7) routes the P-bit is set which permits the Type7 to Type5 at NSSA ABR. The not-advertise option turns off the P-bit. Erick --- bergenpeak wrote: > I'm using an NSSA in some sites and want to prevent > type 7 LSAs > in these sites from being converted into type 5 LSAs > and being > injected into area 0. > > It appears this is possible using the > summary-address command. > Specifically, I'm considering doing the following in > the ABR: > > summary-address 0.0.0.0 0.0.0.0 not-advertise > > It's my understanding the ABR, configured with the > above, will > block any type7->5 routes from being advertised into > area 0. > > Is this correct? > > Besides the filtering behavior, any > side-effect/ramifications to > consider when doing the above? > > Thanks __ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56426&t=56407 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF: setting tags on external routes [7:56408]
Hi, Route-maps and ACLs are the only way to set the tag for all routes, except when redistributing BGP into OSPF which isn't recommended. With that, the default tag would be comprised of the BGP AS_PATH but it can be over-riden with a route-map. Your idea is good though, maybe ask your Cisco SE to put in a feature request... --- bergenpeak wrote: > I've got a number of different subnets on an OSPF > ASBR that I would > like to OSPF tag and advertise according to > function. > > Assume these networks are directly connected to the > ASBR and that > a "redistribute connected subnets" is being used to > make these > subnets type 5 (type 7s in an NSSA). > > Besides route-maps and ACLs, is there another way to > associate > different OSPF tag values to each subnet? > > For instance, is there a way to say that all subnets > on an interface > (sub-interface) should be assigned OSPF tag value 42 > and subnets on > another interface are assigned OSPF tag value of 11? > I'm looking for > this to be an OSPF command at the interface level > (again, so I can avoid > route-maps and ACLs). > > Or, is it possible in the router OSPF section to do > something like: > > redist connected network XYZ subnet metric-type 1 > tag 42 > redist connected network ABC subnet metric-type 1 > tag 11 > > > Thanks __ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56425&t=56408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco QOS course for the 3550?? [7:56423]
Hello, Does anyone know if any specific courses/books for the Cat 3550 switch in preparation for the CCIE Lab? How about the Cisco course for QOS for the CCIP? Does this help for the CCIE Lab prep. Is this book enough in terms of the Lab? Any advise is appreciated. Thank you. Sincerely. _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56423&t=56423 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco ExecNet [7:56421]
I'd have to agree. There are too many large organizations using IP telephony. I come from the healthcare world. We are implimenting over 3000 ip phones. Baylor is implementing over 13000 and we are not alone. The PBX is becoming a dinosaur. To succeed you must plan, plan, plan. I would suggest even bringing in outside consultants that have done this on a wide scale if the experience level is not there. - Original Message - From: "George E Lampro Super Genius" To: ; "'Nathan Chessin'" Cc: "'Albert Lu'" ; ; ; "'Joe'" ; Sent: Monday, October 28, 2002 12:43 AM Subject: RE: Cisco ExecNet > IP phones are cheaper and easier to move so you MAC(Move, ADD, Changes) cost > less. > Look at all of the features on the IP phones. Plan your implementations and > avoid the ugly LAN. > > Garth from Waynes World would say "we fear change" > > Dont be a Garth, enjoy the cool new technology. > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of > [EMAIL PROTECTED] > Sent: Friday, October 11, 2002 5:10 AM > To: Nathan Chessin > Cc: 'Albert Lu'; [EMAIL PROTECTED]; [EMAIL PROTECTED]; 'Joe'; > [EMAIL PROTECTED] > Subject: RE: Cisco ExecNet > > > you said: > >>> 1) Since when is VoIP a "bandwidth-hungry app" > > and I would respond "When it is deployed". Sure, one VoIP call using G729 > might only take 25kbps, but try handling 50-60 of them 24x7 and you'll > start to find your site-to-site T1's being used for VoIP, and not for > "data". > > ...and when you deploy IP Phones, the LAN REALLY gets ugly... far uglier > than you'd think (but again, assuming you're deploying more than a dozen > phones ). > > danT > > > Dan Thorson - Seagate Technology, LLC > desk +1 (952) 402-8293fax +1 (952) 402-1007 > SeaTel 8-402-8293 > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56421&t=56421 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
Gaz wrote: > > > > I can't do the following though. Windows 98 gives an error > message and won't > > add the route: > > > > route add 100.100.100.2 mask 255.255.255.240 gateway > > > > I can do this though: > > > > route add 100.100.100.2 mask 255.255.255.254 gateway > > Not sure what you were trying with the first one. Have I > misunderstood? > I don't know any device that would accept a route without using > the > network address. (100.100.100.2 is the network address for a > 255.255.255.254 mask, but not for 255.255.255.224). > > But now you've got me worried, because I know your pedigree > :-). > Humo(u)r me. What d'ya mean. I just wasn't thinking! I was rushing. Of course, Windows gave me an error for that. Too bad it wasn't an error that meant anything. I think it said error 87 or something. ;-) > > > All this has given me an idea though. > I would like to have used the same IP address on my laptop when > I'm at > home and at work. > I had to change my local subnet at home, because when I VPN in > to work, > I have 192.168.80.0/24 at both ends. I should, if what we're > thinking is > right, be able to put a more specific route on for the odd > addresses I > need to get to at work, primarily remote desktop to my work PC, > our > local router and a couple of terminal servers. > That way I can leave my IP address the same for both locations > (probably). I think that would work. Let us know. Thanks. Priscilla > > Gaz > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56422&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
In article , [EMAIL PROTECTED] says... > Gaz wrote: > > > > I would have thought Windows 98 would accept something like: > > > > route add 100.100.100.240 mask 255.255.255.240 [default gateway] > > It depends on the host's own address. And I've forgotten what we said that > was by now. ;-) > > > > > I don't think there's any restriction to host routes. > > A host route is one that specifies a specific address, i.e. the mask is > 255.255.255.255. I doubt there are restrictions to that either, although, > obviously, you have to point to a local default gateway and not just any old > address. > Thanks :-) > But there are restrictions to other routes, depending on the bit pattern. > I'm using different addresses than in our example and don't really feel like > twidling bits, but I was able to do something like this: > > My address is 100.100.100.17 255.255.255.224 > > I can: > > route add 100.100.100.16 mask 255.255.255.240 gateway > > That causes the packets for 100.100.100.16/28 to go through the gateway > router. > > I can't do the following though. Windows 98 gives an error message and won't > add the route: > > route add 100.100.100.2 mask 255.255.255.240 gateway > > I can do this though: > > route add 100.100.100.2 mask 255.255.255.254 gateway Not sure what you were trying with the first one. Have I misunderstood? I don't know any device that would accept a route without using the network address. (100.100.100.2 is the network address for a 255.255.255.254 mask, but not for 255.255.255.224). But now you've got me worried, because I know your pedigree :-). Humo(u)r me. What d'ya mean. All this has given me an idea though. I would like to have used the same IP address on my laptop when I'm at home and at work. I had to change my local subnet at home, because when I VPN in to work, I have 192.168.80.0/24 at both ends. I should, if what we're thinking is right, be able to put a more specific route on for the odd addresses I need to get to at work, primarily remote desktop to my work PC, our local router and a couple of terminal servers. That way I can leave my IP address the same for both locations (probably). Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56420&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Route Diversity? [7:56419]
Hi, there. In such scenario, say, we and our customer have connection through our ISP clouds and such connection is terminated at our and our customers' DMZ interfaces, to establish the INSIDE - INSIDE connectivity. In the meanwhile, we also create OUTSIDE - OUTSIDE VPN tunnel over Internet and this tunnel is terminate at our and our customers' OUTSIDE interfaces, again to establish the INSIDE - INSIDE connectivity. Now, our PIX has two routes to reach our customer's internal network, through the VPN tunnel or through the DMZ, ISP clouds. While, which route should the PIX take? Is it possible to leverage diversity or backup purpose, like a Router? Thanks in advance. Leo Best Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56419&t=56419 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
Gaz wrote: > > I would have thought Windows 98 would accept something like: > > route add 100.100.100.240 mask 255.255.255.240 [default gateway] It depends on the host's own address. And I've forgotten what we said that was by now. ;-) > > I don't think there's any restriction to host routes. A host route is one that specifies a specific address, i.e. the mask is 255.255.255.255. I doubt there are restrictions to that either, although, obviously, you have to point to a local default gateway and not just any old address. But there are restrictions to other routes, depending on the bit pattern. I'm using different addresses than in our example and don't really feel like twidling bits, but I was able to do something like this: My address is 100.100.100.17 255.255.255.224 I can: route add 100.100.100.16 mask 255.255.255.240 gateway That causes the packets for 100.100.100.16/28 to go through the gateway router. I can't do the following though. Windows 98 gives an error message and won't add the route: route add 100.100.100.2 mask 255.255.255.240 gateway I can do this though: route add 100.100.100.2 mask 255.255.255.254 gateway > > I wonder though if you don't bother with the individual route > on the > PC's (which you obviously wouldn't want to do on a larger > scale), would > the router proxy arp for addresses which should be on it's > ethernet, if > you applied a route via the serial for example. I think that would work, if I understand what you're saying. For example, if you had a host-specific route on the router that pointed to the serial interface, I think the router would proxy ARP for requests to find that host. If you also had a host loally with that same address, the requester would get 2 replies, though, and that would be ugly. Feel free to try it though (but after dinner!) ;-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > I'll try it later, but I'm having my dinner :-)) > > Gaz > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56418&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
In article , [EMAIL PROTECTED] says... > > > > Can I chip in with a question for everyone now? > > > > If you apply more specific routes to all devices for an address > > which > > should appear on your local subnet, will it then try the routed > > path to > > the device. > > > > eg Machine addressed 100.100.100.100 255.255.255.0 > > route add 100.100.100.10 mask 255.255.255.255 [default gateway] > > This is a host-specific route. Operating systems should understand this and > behave correctly. Host-specific routes have been around for a long time, > like probably since the birth of IP. They solve various problems. > > So I tred it on a Windows 98 PC. I added the route and then pinged the > device specified in the addition. > > The PC ARPed for the default gateway and then sent the ping to the default > gateway, even though the device is really local. The default gateway sent > the packet back out the same Ethernet and the local machine replied directly > to my PC. I would have expected a redirct from the router too, but I didn't > see one. > > Now, is this behavior specific to the host-specific route? I wonder if I do > something like: > > route add 100.100.100.2 255.255.255.0 default gateway > > Hmm > > Oh, Windows 98 won't let me do that! ;-) It will only let me add a > host-specific route. Makes sense I guess. And then it does behave correctly > when I add a host-speciif route (e.g., it does what the route tells it to do.) > > ___ > > Priscilla Oppenheimer > www.troubleshootingnetworks.com > www.priscilla.com > > > > > Not that you'd want to do it, but just wondering. > > > > > > Cheers, > > > > Gaz > > I would have thought Windows 98 would accept something like: route add 100.100.100.240 mask 255.255.255.240 [default gateway] I don't think there's any restriction to host routes. I wonder though if you don't bother with the individual route on the PC's (which you obviously wouldn't want to do on a larger scale), would the router proxy arp for addresses which should be on it's ethernet, if you applied a route via the serial for example. I'll try it later, but I'm having my dinner :-)) Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56417&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
H The new DNS idea to negate the need for alias is neat. Not as neat as not buggering up the IP addressing in the first place :-) I hadn't considered using overlapping NAT because of the DNS problems, but I suppose alias would have done it and now it's even easier, but I will still avoid it at all costs. With the internet (DNS), I think it's too much of a bodge not to cause problems in the long run. Gaz In article , [EMAIL PROTECTED] says... > To all, > > In 6.2 of the FOS you CAN do this :-). > > You just have a situation of overlapping networks. here is the info on how > to accomplish this: > http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration > _guide_chapter09186a00800eb71e.html#xtocid26 > (watch the wrap). > > Cheers! > > Richard > > > ""Brett spunt"" wrote in message > news:200210270014.AAA27223@;groupstudy.com... > > True, but that network is not a private ip, so if inside host is trying to > > hit a "live" web server at 192.5.2.x, there are SCREWED, ya > > know. > > > > -Original Message- > > From: gogarty [mailto:ciaron@;gogarty.net] > > Sent: Saturday, October 26, 2002 4:47 PM > > To: Brett spunt; [EMAIL PROTECTED] > > Subject: Re: Pix & non-Rfc networks. [7:56347] > > > > > > No need to doubt. If you have the network 192.5.2.0/24 inside the pix, > why > > would a client want to connect to the same network outside the pix? As > far > > as the client is concerned it is ON the 192.5.2.0/24 network!! > > > > - Original Message - > > From: "Brett spunt" > > To: > > Sent: Saturday, October 26, 2002 7:36 PM > > Subject: RE: Pix & non-Rfc networks. [7:56347] > > > > > > > Yes, > > > > > > You will never even make it to the pix if your destined for the > > 192.5.2.0/24 > > > network. > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of > > > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56416&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
Gaz wrote: > > In article , > [EMAIL PROTECTED] says... > > Hello, > > > > I was just reading this document,from the following link > > http://www.cisco.com/warp/customer/110/8.html I have attached > the Pdf file > > of the same for your convinence :-). > > > > > > now coming to my doubt. > > > > If i have a network say like 192.5.2.0/24 inside the pix > (connecting to > > internet) Does it mean that all the sites with 192.5.2.0/24 > would not be > > accessible to the inside network ?? Yes. You can't use someone else's network address in your inside network and still get to that someone else's network! :-) When your devices try to reach 192.5.2.x, they will do a logical AND with the subnet mask and see that the result is the same as when they do a logical AND with the subnet mask and their own address. Hence the destination is local. So they send an ARP broadcast. They get a response from a local device or no response if the address doesn't exist locally. Actually, there are probably workarounds to this. It's not such a silly requirement. In the past people did tend to make up network numbers that actually belonged to someone else, so there is a need to get this to work. I wouldn't be surprised to learn that there's some kludegey way of getting this to work. It would probably only work for specific outside addresses and only if you haven't assigned those addresses locally. More below > > > > thanks and regards, > > Murali > > > snip > > Can I chip in with a question for everyone now? > > If you apply more specific routes to all devices for an address > which > should appear on your local subnet, will it then try the routed > path to > the device. > > eg Machine addressed 100.100.100.100 255.255.255.0 > route add 100.100.100.10 mask 255.255.255.255 [default gateway] This is a host-specific route. Operating systems should understand this and behave correctly. Host-specific routes have been around for a long time, like probably since the birth of IP. They solve various problems. So I tred it on a Windows 98 PC. I added the route and then pinged the device specified in the addition. The PC ARPed for the default gateway and then sent the ping to the default gateway, even though the device is really local. The default gateway sent the packet back out the same Ethernet and the local machine replied directly to my PC. I would have expected a redirct from the router too, but I didn't see one. Now, is this behavior specific to the host-specific route? I wonder if I do something like: route add 100.100.100.2 255.255.255.0 default gateway Hmm Oh, Windows 98 won't let me do that! ;-) It will only let me add a host-specific route. Makes sense I guess. And then it does behave correctly when I add a host-speciif route (e.g., it does what the route tells it to do.) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Not that you'd want to do it, but just wondering. > > > Cheers, > > Gaz > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56415&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DSL PPPoE [7:56414]
We have a remote user's pc connecting through a PIX 501, which is connected to a SpeedStream DSL modem. I'm having a problem with connection resets on the user's SBC account. I had the VPDN group authenticating via CHAP; then about a week a ago, he lost total internet connectivity. Tried changing the auth type to PAP. The account authenticated fine, but now every 15 - 20 minutes (depending on traffic). The account looses connectivity and has to go throught the whole process again. I tried to reconfigure CHAP, but that just wouldn't work. Has anyone run into an ISP changing the authenication type like that (particularly SBC Ameritech, within the past two weeks)? I'm trying to fight past the first layer of help at Ameritech's call center Thanx, mkj Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56414&t=56414 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to measure the amount of traffic on a router? [7:56385]
If your router has CEF enabled, be sure to read about how to get accurate counts when using MRTG/RRD -Original Message- From: Elijah Savage III [mailto:esavage@;digitalrage.org] Sent: Sunday, October 27, 2002 4:30 PM To: [EMAIL PROTECTED] Subject: RE: How to measure the amount of traffic on a router? [7:56385] Look into MRTG/SNMP -Original Message- From: Vitaliy Vishnevskiy [mailto:vitaliy@;shoregroup.com] Sent: Sunday, October 27, 2002 3:44 PM To: [EMAIL PROTECTED] Subject: How to measure the amount of traffic on a router? [7:56385] Folks, I am looking for some kind of inexpensive software package that could be programmed to graph the traffic volume going through a router. Thanks -- Vitaliy Vishnevskiy System Engineer, CCDP, CCNP, Cisco Security Specialist 1, MCSE ShoreGroup, Inc 460 West 35th Street New York, NY 10001 Phone: (212) 736-2915 Mobile: (917) 816-0753 Fax: (425) 955-1485 E-mail: [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Vitaliy Vishnevskiy ([EMAIL PROTECTED]).vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56413&t=56385 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: summary-address and OSPF NSSA [7:56407]
At 12:56 PM 10/28/2002 +, you wrote: >I'm using an NSSA in some sites and want to prevent type 7 LSAs >in these sites from being converted into type 5 LSAs and being >injected into area 0. > >It appears this is possible using the summary-address command. >Specifically, I'm considering doing the following in the ABR: > > summary-address 0.0.0.0 0.0.0.0 not-advertise > >It's my understanding the ABR, configured with the above, will >block any type7->5 routes from being advertised into area 0. > >Is this correct? > >Besides the filtering behavior, any side-effect/ramifications to >consider when doing the above? > >Thanks This is the recommended way to make this happen. The only thing to consider is that you are removing reachability information from the OSPF domain and it you want those routes to be reachable, you'll need to deal with via some other method. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56412&t=56407 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix & non-Rfc networks. [7:56347]
To all, In 6.2 of the FOS you CAN do this :-). You just have a situation of overlapping networks. here is the info on how to accomplish this: http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration _guide_chapter09186a00800eb71e.html#xtocid26 (watch the wrap). Cheers! Richard ""Brett spunt"" wrote in message news:200210270014.AAA27223@;groupstudy.com... > True, but that network is not a private ip, so if inside host is trying to > hit a "live" web server at 192.5.2.x, there are SCREWED, ya > know. > > -Original Message- > From: gogarty [mailto:ciaron@;gogarty.net] > Sent: Saturday, October 26, 2002 4:47 PM > To: Brett spunt; [EMAIL PROTECTED] > Subject: Re: Pix & non-Rfc networks. [7:56347] > > > No need to doubt. If you have the network 192.5.2.0/24 inside the pix, why > would a client want to connect to the same network outside the pix? As far > as the client is concerned it is ON the 192.5.2.0/24 network!! > > - Original Message - > From: "Brett spunt" > To: > Sent: Saturday, October 26, 2002 7:36 PM > Subject: RE: Pix & non-Rfc networks. [7:56347] > > > > Yes, > > > > You will never even make it to the pix if your destined for the > 192.5.2.0/24 > > network. > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Saturday, October 26, 2002 5:05 AM > > To: [EMAIL PROTECTED] > > Subject: Pix & non-Rfc networks. [7:56347] > > > > > > Hello, > > > > I was just reading this document,from the following link > > http://www.cisco.com/warp/customer/110/8.html I have attached the Pdf file > > of the same for your convinence :-). > > > > > > now coming to my doubt. > > > > If i have a network say like 192.5.2.0/24 inside the pix (connecting to > > internet) Does it mean that all the sites with 192.5.2.0/24 would not be > > accessible to the inside network ?? > > > > thanks and regards, > > Murali > > > > [GroupStudy.com removed an attachment of type application/octet-stream > which > > had a name of non-rtc-net.pdf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56411&t=56347 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Config Cat 5K GBIC interfaces [7:56410]
Doe anyone have experience connecting a Cat 5K g-bit interface to a Fluke's g-bit interface? Can't seem to get any layer 3 comms, here's the the show interface below. NOTE the interface is NOT connected, when it is though the status is "Connected" and all the relevant LEDs light up and the cable tests are passed on the fluke OK Cheers Pat (enable) sh port 5/1 Port Name Status Vlan Level Duplex Speed Type - -- -- -- -- -- - - --- 5/1 FLUKE Optiview notconnect 1 normal full 1000 1000BaseSX Port Trap IfIndex - --- 5/1 disabled 456 Port Broadcast-Limit Broadcast-Drop --- -- 5/1 - 0 Port Send FlowControlReceive FlowControl RxPause TxPause Unsupported adminoper adminoper opcodes - --- --- --- 5/1 desired offoff off 0 0 0 Port Align-Err FCS-ErrXmit-Err Rcv-ErrUnderSize - -- -- -- -- - 5/1 0 0 0 0 0 Port Single-Col Multi-Coll Late-Coll Excess-Col Carri-Sen Runts Giants - -- -- -- -- - - -- --- 5/1 0 0 0 0 0 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56410&t=56410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Intermittant PIX error ... [7:56404]
Have you any logging turned on to see what is going wrong when you try to connect? Sounds like the authentication is failing somewhere not a reachability problem. Good luck Pat ""Paul"" wrote in message news:200210281240.MAA32077@;groupstudy.com... > Yeah, thanks AMR ... what a great help you are !!! > - Original Message - > From: "AMR" > To: > Sent: Monday, October 28, 2002 12:02 PM > Subject: Re: Intermittant PIX error ... [7:56404] > > > > This description is vague at best. > > > > ""Paul"" wrote in message > > news:200210281035.KAA21202@;groupstudy.com... > > > Hi guys ... > > > > > > Intermittantly I get the following error when trying to telnet to a Pix: > > > > > > Router_1#telnet 10.1.1.1 > > > Trying 10.1.1.1 ... > > > % Connection refused by remote host > > > > > > I can ping the Pix fine when this happens, this usually lasts only for > > > several > > > minutes (but worries me none the less) ... then all of a sudden the > > > telnet session works > > > > > > I can't find much on the Cisco website > > > > > > Does any have any ideas, or has anyone experienced this themselves ??? > > > > > > Regards > > > > > > Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56409&t=56404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF: setting tags on external routes [7:56408]
I've got a number of different subnets on an OSPF ASBR that I would like to OSPF tag and advertise according to function. Assume these networks are directly connected to the ASBR and that a "redistribute connected subnets" is being used to make these subnets type 5 (type 7s in an NSSA). Besides route-maps and ACLs, is there another way to associate different OSPF tag values to each subnet? For instance, is there a way to say that all subnets on an interface (sub-interface) should be assigned OSPF tag value 42 and subnets on another interface are assigned OSPF tag value of 11? I'm looking for this to be an OSPF command at the interface level (again, so I can avoid route-maps and ACLs). Or, is it possible in the router OSPF section to do something like: redist connected network XYZ subnet metric-type 1 tag 42 redist connected network ABC subnet metric-type 1 tag 11 Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56408&t=56408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
summary-address and OSPF NSSA [7:56407]
I'm using an NSSA in some sites and want to prevent type 7 LSAs in these sites from being converted into type 5 LSAs and being injected into area 0. It appears this is possible using the summary-address command. Specifically, I'm considering doing the following in the ABR: summary-address 0.0.0.0 0.0.0.0 not-advertise It's my understanding the ABR, configured with the above, will block any type7->5 routes from being advertised into area 0. Is this correct? Besides the filtering behavior, any side-effect/ramifications to consider when doing the above? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56407&t=56407 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Intermittant PIX error ... [7:56404]
Yeah, thanks AMR ... what a great help you are !!! - Original Message - From: "AMR" To: Sent: Monday, October 28, 2002 12:02 PM Subject: Re: Intermittant PIX error ... [7:56404] > This description is vague at best. > > ""Paul"" wrote in message > news:200210281035.KAA21202@;groupstudy.com... > > Hi guys ... > > > > Intermittantly I get the following error when trying to telnet to a Pix: > > > > Router_1#telnet 10.1.1.1 > > Trying 10.1.1.1 ... > > % Connection refused by remote host > > > > I can ping the Pix fine when this happens, this usually lasts only for > > several > > minutes (but worries me none the less) ... then all of a sudden the > > telnet session works > > > > I can't find much on the Cisco website > > > > Does any have any ideas, or has anyone experienced this themselves ??? > > > > Regards > > > > Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56406&t=56404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Intermittant PIX error ... [7:56404]
This description is vague at best. ""Paul"" wrote in message news:200210281035.KAA21202@;groupstudy.com... > Hi guys ... > > Intermittantly I get the following error when trying to telnet to a Pix: > > Router_1#telnet 10.1.1.1 > Trying 10.1.1.1 ... > % Connection refused by remote host > > I can ping the Pix fine when this happens, this usually lasts only for > several > minutes (but worries me none the less) ... then all of a sudden the > telnet session works > > I can't find much on the Cisco website > > Does any have any ideas, or has anyone experienced this themselves ??? > > Regards > > Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56405&t=56404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Intermittant PIX error ... [7:56404]
Hi guys ... Intermittantly I get the following error when trying to telnet to a Pix: Router_1#telnet 10.1.1.1 Trying 10.1.1.1 ... % Connection refused by remote host I can ping the Pix fine when this happens, this usually lasts only for several minutes (but worries me none the less) ... then all of a sudden the telnet session works I can't find much on the Cisco website Does any have any ideas, or has anyone experienced this themselves ??? Regards Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56404&t=56404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Tag-switching and MPLS interface commands [7:56403]
Hello Dennis, The commands perform the same function which is to turn MPLS on the interface but it depends what protocol is used globally. The default is TDP. The commands are interchangeable to ensure backward capability . To change the default (TDP) use the global command B6-C7500-top(config)#mpls label protocol ldp Hope this helps David -Original Message- From: Dennis Laganiere [mailto:Dennis@;laganiere.net] Sent: 27 October 2002 02:46 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Tag-switching and MPLS interface commands Does anybody know the differences between the the interface commands "tag-switching ip" and "mpls ip" (or better yet, have a good URL for it)? On both my 2610 and 2500's, when I enter the "mpls ip" command, the "tag-switching ip" command appears in my configuration. I've been through both of my MPLS books and haven't seen how they differ... Thanks... --- Dennis Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56403&t=56403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
mail list [7:56401]
Hi team, Is the forum email list still working? I have not recieved any email from it in a good while. Let me know... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56401&t=56401 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]