Re: how to telnet to other FROM PIX? [7:56435]

[Casey Fahey]

Hi Kenny,

AFAIK, you cannot telnet from the PIX.  If you enter 'telnet' in config
mode, it will limit/allow hosts that can telnet to the PIX.

If you find a way to telnet from the PIX, please let me know!

Casey

""Kenny Smith""  wrote in message
news:200210290656.GAA22501@;groupstudy.com...
> Hi.. May I know how to telnet to other hosts FROM the PIX firewall, when I
> type the following, it gives me no available command
>
> singpix01# telnet 10.100.100.49
> Type help or '?' for a list of available commands.
>
> Besides, can I manage the PIX with the web interface by point my web
browser
> to the following.  http://PIX_IP_ADDRESS.  But it doesn't work
>
> I thought below is the necessary confi, and 10.100.100.199 is my
workstation
> IP
>
> http server enable
> http 10.100.100.199 255.255.255.255 inside
>
>
> _
> Surf the Web without missing calls! Get MSN Broadband.
> http://resourcecenter.msn.com/access/plans/freeactivation.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56439&t=56435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Duplicating Address on HSRP [7:56431]

[Casey Fahey]

Hard to say without looking at your configs, but I would guess that you
might have some inconsistant HSRP configs on VLAN 25.

I suggest that you 'sh vlan 25' on your switches to make sure that you are
aware of all VLAN 25 ports and then post the interface configs (especially
HSRP configs) for all router interfaces on VLAN 25.

It seems to me that your problem is most likely network layer, so you will
likely find the problem on a router or MSM/MFSC.

HTH,

Casey

""Han Chuan Alex Ang""  wrote in message
news:200210290422.EAA04769@;groupstudy.com...
> hi, I have been having this problems recently, Wonder if anyone could
>
> help me out on this one
>
> I am running a Collapsed Core Model with two Catalyst 6000 running on
>
> HSRP for redundancy , all link connect to the Access switches are
>
> Catalyst 3500 series with redundancy link and PVST Plus implemented
>
> (The two Catalyst 6000 are defined as primary and secondary Root for
>
> all vlan except for VLAN 25.
>
> However, one direct link from the Core Bridge's port is connected
>
> without redundancy link)VLAN25 to 7206 Router interface(Root Bridge).
>
> Recently , the Router interface seem to be faulty and the whole
>
> network was town (affecting other Vlan) my understanding is that it
>
> should not affect other VLAN.
>
> Error message as follow was given
>
> Oct 12 13:15:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1
>   on Vlan25, sourced by .0c07.ac19
> Oct 13 16:25:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1
>   on Vlan25, sourced by .0c07.ac19
> Oct 15 22:31:02: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1
>   on Vlan25, sourced by .0c07.ac19
> Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1
>   on Vlan25, sourced by .0c07.ac19
>
>
> A reload on the Gigabit module was needed in order to solve the
>
> problems. I am not quite sure what could have cause this problems ,
>
> anyone care to enlighten me , thank
>
>
> My guess is that the faulty interface cause a recalculation for STP as the
> Root is gone and that cause the link to be lost between the two catalyst
and
> thus resulting in a loop




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56438&t=56431
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Ports and RFC's link [7:56436]

[Kyle Anderson]

Hi all,

The below link the the BEST link for ports and RFC's.  You can look up RFC's
by port numbers.  VERY USEFULL!

Sincerely,

Kyle


http://packetderm.cotse.com/cgi-bin/port.cgi


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56436&t=56436
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Ports and RFC's link [7:56437]

[Kyle Anderson]

Hi all,

The below link the the BEST link for ports and RFC's.  You can look up RFC's
by port numbers.  VERY USEFULL!

Sincerely,

Kyle


http://packetderm.cotse.com/cgi-bin/port.cgi


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56437&t=56437
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

how to telnet to other FROM PIX? [7:56435]

[Kenny Smith]

Hi.. May I know how to telnet to other hosts FROM the PIX firewall, when I 
type the following, it gives me no available command

singpix01# telnet 10.100.100.49
Type help or '?' for a list of available commands.

Besides, can I manage the PIX with the web interface by point my web browser 
to the following.  http://PIX_IP_ADDRESS.  But it doesn't work

I thought below is the necessary confi, and 10.100.100.199 is my workstation 
IP

http server enable
http 10.100.100.199 255.255.255.255 inside


_
Surf the Web without missing calls! Get MSN Broadband.  
http://resourcecenter.msn.com/access/plans/freeactivation.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56435&t=56435
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF point-to-multipoint 32 mask [7:56136]

[The Long and Winding Road]

mm...

OK, we'll chalk this one off as a failure to communicate.

the original post called for

"similar to ccbootcamp lab 5 , but how to summary those serial to other
protocol ?
area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either "

which I took to mean summarizing area 0 routes to other area 0 routers and
ultimately into an external protocol. which of course cannot be done.

obviously, you are talking about summarizing area 0 routes into a non-zero
area, which of course, does work just fine.


--

www.chuckslongroad.info




""Jenny McLeod""  wrote in message
news:200210290538.FAA14601@;groupstudy.com...
> The Long and Winding Road wrote:
> >
> > ""Jenny McLeod""  wrote in message
> > news:200210280429.EAA24675@;groupstudy.com...
> > > The Long and Winding Road wrote:
> > > [snipped]
> > > > > area 0 range 172.16.1.0 255.255.255.0 area not working on
> > ABR
> > > > either
> > > > >
> > > >
> > > > CL:  well, area 0 range is an illegal command. you may be
> > able
> > > > to enter it,
> > > > but it does nothing. the area range command is design to
> > > > summarize non
> > > > backbone routes into the backbone. if you think aout it,
> > there
> > > > is probably
> > > > not a real good reaso for backbone routes to be summarized
> > > >
> > > >
> > > JMcL: Since when??
> > > I use the area 0 range blah blah command (without the "area"
> > at the end,
> > if
> > > that was supposed to be part of the command above), and it
> > certainly
> > doesn't
> > > do nothing.  As far as I've seen, it works in exactly the
> > same way as area
> > > anything else range blah blah.
> >
> >
> > All right, Miss Smarty Pants. I don't know what IOS versions
> > you use / have
> > been using, but I have been through this song and dance with
> > OSPF area 0
> > summarization, or lack thereof for a while now. I have yet to
> > see it work.
> >
> > Seriously, Jen, you know I respect your wisdom and value your
> > advice. I am
> > absolutely certain that I have never successfuly summarized
> > area 0 routes
> > over a couple of years of lab rat living. The following is from
> > my current
> > study pod, and the IOS version is 12.1.5T10.
> >
> > First, router 1 configurations. There are a number of
> > loopbacks,containing
> > the route addresses in question.
> >
> JMcL: Are any of the relevant routes being redistributed from RIP, or are
> the relevant bits pure OSPF?
>
> > router ospf 123
> >  log-adjacency-changes
> >  area 0 range 100.100.0.0 255.255.240.0
> >  redistribute rip subnets route-map rip2ospf
> >  network 99.99.99.1 0.0.0.0 area 51
> >  network 100.100.0.1 0.0.0.0 area 0
> >  network 100.100.1.1 0.0.0.0 area 0
> >  network 100.100.2.1 0.0.0.0 area 0
> >  network 100.100.3.1 0.0.0.0 area 0
> >  network 100.100.4.1 0.0.0.0 area 0
> >  network 100.100.5.1 0.0.0.0 area 0
> >  network 100.100.6.1 0.0.0.0 area 0
> >  network 100.100.7.1 0.0.0.0 area 0
> >  network 160.160.255.0 0.0.0.255 area 0
> >
> > note the summary in the R1 routing table:
> >
> > Gateway of last resort is not set
> >
> >  100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks
> > O   100.100.0.0/20 is a summary, 00:11:57, Null0
> >
> > now observe router 2's table:
> >
> >  100.0.0.0/24 is subnetted, 8 subnets
> JMcL: Interesting line above.  You sure that's what it said?
> > O   100.100.0.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.1.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.2.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.3.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.4.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.5.0 [110/26] via 160.160.255.1, 00:12:53,
> > TokenRing0
> > O   100.100.6.0 [110/26] via 160.160.255.1, 00:12:54,
> > TokenRing0
> > O   100.100.7.0 [110/26] via 160.160.255.1, 00:12:54,
> > TokenRing0
> >  99.0.0.0/32 is subnetted, 1 subnets
> >
> > This has remained constant through several reconfigurations and
> > several ospf
> > process resets.
> >
> JMcL: I'm not quite clear on your setup.  Pick me up if I go wrong here.
> R1 and R2 are connected by 160.160.255.0/24, yes?
> 160.160.255.0/24 is in area 0, yes?
> So R2 is also in area 0, yes?
> So why are you expecting that the backbone routes will have been
> summarised?  You haven't left the backbone yet - you haven't crossed an
area
> boundary (referring to the quote below).
> What happens if you connect R1 and R2 by a non-backbone link?
>
> > It also remain true even if on R1 I use a more generic network
> > 100.100.0.0
> > 0.0.255.255 area 0 command.
> >
> > So
> >
> > I stand by my statement that even though you may be able to
> > enter the
> > commands, the fact is that you cannot summarize area 0 routes
> > on a cisco
> > router, at least not that I've been able to figure out.. My
> > position is
> > further supported by the Cisco documentation, w

Re: OSPF point-to-multipoint 32 mask [7:56136]

[Jenny McLeod]

The Long and Winding Road wrote:
> 
> ""Jenny McLeod""  wrote in message
> news:200210280429.EAA24675@;groupstudy.com...
> > The Long and Winding Road wrote:
> > [snipped]
> > > > area 0 range 172.16.1.0 255.255.255.0 area not working on
> ABR
> > > either
> > > >
> > >
> > > CL:  well, area 0 range is an illegal command. you may be
> able
> > > to enter it,
> > > but it does nothing. the area range command is design to
> > > summarize non
> > > backbone routes into the backbone. if you think aout it,
> there
> > > is probably
> > > not a real good reaso for backbone routes to be summarized
> > >
> > >
> > JMcL: Since when??
> > I use the area 0 range blah blah command (without the "area"
> at the end,
> if
> > that was supposed to be part of the command above), and it
> certainly
> doesn't
> > do nothing.  As far as I've seen, it works in exactly the
> same way as area
> > anything else range blah blah.
> 
> 
> All right, Miss Smarty Pants. I don't know what IOS versions
> you use / have
> been using, but I have been through this song and dance with
> OSPF area 0
> summarization, or lack thereof for a while now. I have yet to
> see it work.
> 
> Seriously, Jen, you know I respect your wisdom and value your
> advice. I am
> absolutely certain that I have never successfuly summarized
> area 0 routes
> over a couple of years of lab rat living. The following is from
> my current
> study pod, and the IOS version is 12.1.5T10.
> 
> First, router 1 configurations. There are a number of
> loopbacks,containing
> the route addresses in question.
> 
JMcL: Are any of the relevant routes being redistributed from RIP, or are
the relevant bits pure OSPF?

> router ospf 123
>  log-adjacency-changes
>  area 0 range 100.100.0.0 255.255.240.0
>  redistribute rip subnets route-map rip2ospf
>  network 99.99.99.1 0.0.0.0 area 51
>  network 100.100.0.1 0.0.0.0 area 0
>  network 100.100.1.1 0.0.0.0 area 0
>  network 100.100.2.1 0.0.0.0 area 0
>  network 100.100.3.1 0.0.0.0 area 0
>  network 100.100.4.1 0.0.0.0 area 0
>  network 100.100.5.1 0.0.0.0 area 0
>  network 100.100.6.1 0.0.0.0 area 0
>  network 100.100.7.1 0.0.0.0 area 0
>  network 160.160.255.0 0.0.0.255 area 0
> 
> note the summary in the R1 routing table:
> 
> Gateway of last resort is not set
> 
>  100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks
> O   100.100.0.0/20 is a summary, 00:11:57, Null0
> 
> now observe router 2's table:
> 
>  100.0.0.0/24 is subnetted, 8 subnets
JMcL: Interesting line above.  You sure that's what it said?
> O   100.100.0.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.1.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.2.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.3.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.4.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.5.0 [110/26] via 160.160.255.1, 00:12:53,
> TokenRing0
> O   100.100.6.0 [110/26] via 160.160.255.1, 00:12:54,
> TokenRing0
> O   100.100.7.0 [110/26] via 160.160.255.1, 00:12:54,
> TokenRing0
>  99.0.0.0/32 is subnetted, 1 subnets
> 
> This has remained constant through several reconfigurations and
> several ospf
> process resets.
> 
JMcL: I'm not quite clear on your setup.  Pick me up if I go wrong here.
R1 and R2 are connected by 160.160.255.0/24, yes?
160.160.255.0/24 is in area 0, yes?
So R2 is also in area 0, yes?
So why are you expecting that the backbone routes will have been
summarised?  You haven't left the backbone yet - you haven't crossed an area
boundary (referring to the quote below).
What happens if you connect R1 and R2 by a non-backbone link?

> It also remain true even if on R1 I use a more generic network
> 100.100.0.0
> 0.0.255.255 area 0 command.
> 
> So
> 
> I stand by my statement that even though you may be able to
> enter the
> commands, the fact is that you cannot summarize area 0 routes
> on a cisco
> router, at least not that I've been able to figure out.. My
> position is
> further supported by the Cisco documentation, which states "The
> area range
> command is used only with area border routers (ABRs). It is
> used to
> consolidate or summarize routes for an area. The result is that
> a single
> summary route is advertised to other areas by the ABR. Routing
> information
> is condensed at area boundaries."
> 
Sorry - how does this say that you can't summarise in either direction?  I
don't see how it backs up your position.
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r
> /iprprt2/1rdospf.htm#xtocid4
> watch the wrap
> 
> Of course, I am ready to learn something new, if you've got a
> trick I have
> yet to learn.
> 
> 
> 
> > Why not summarise backbone routes for the same reasons as
> summarising
> > non-backbone routes - reduce routing tables, database sizes,
> route change
> > propagations etc?
> 
> In regards to the wisdom of summarizing backbone routes in an
> 

Re: Cisco QOS course for the 3550?? [7:56423]

[Clayton Price]

Please let us know if you find anything.  I have two of them I'm about to
have to do some crazy QoS stuff with.

Clayton

""Cisco Nuts""  wrote in message
news:200210282249.WAA22546@;groupstudy.com...
> Hello,
>
> Does anyone know if any specific courses/books for the Cat 3550 switch in
> preparation for the CCIE Lab?
> How about the Cisco course for QOS for the CCIP? Does this help for the
CCIE
> Lab prep. Is this book enough in terms of the Lab?
> Any advise is appreciated.
>
> Thank you.
> Sincerely.
>
>
>
>
>
>
>
> _
> Choose an Internet access plan right for you -- try MSN!
> http://resourcecenter.msn.com/access/plans/default.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56432&t=56423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Duplicating Address on HSRP [7:56431]

[Han Chuan Alex Ang]

hi, I have been having this problems recently, Wonder if anyone could 

help me out on this one 

I am running a Collapsed Core Model with two Catalyst 6000 running on 

HSRP for redundancy , all link connect to the Access switches are 

Catalyst 3500 series with redundancy link and PVST Plus implemented

(The two Catalyst 6000 are defined as primary and secondary Root for 

all vlan except for VLAN 25. 

However, one direct link from the Core Bridge's port is connected 

without redundancy link)VLAN25 to 7206 Router interface(Root Bridge). 

Recently , the Router interface seem to be faulty and the whole 

network was town (affecting other Vlan) my understanding is that it 

should not affect other VLAN.

Error message as follow was given 

Oct 12 13:15:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 
  on Vlan25, sourced by .0c07.ac19 
Oct 13 16:25:41: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 
  on Vlan25, sourced by .0c07.ac19 
Oct 15 22:31:02: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 
  on Vlan25, sourced by .0c07.ac19 
Oct 15 22:41:01: %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 
  on Vlan25, sourced by .0c07.ac19 
 

A reload on the Gigabit module was needed in order to solve the 

problems. I am not quite sure what could have cause this problems , 

anyone care to enlighten me , thank


My guess is that the faulty interface cause a recalculation for STP as the
Root is gone and that cause the link to be lost between the two catalyst and
thus resulting in a loop



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56431&t=56431
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF point-to-multipoint 32 mask [7:56136]

[The Long and Winding Road]

""Jenny McLeod""  wrote in message
news:200210280429.EAA24675@;groupstudy.com...
> The Long and Winding Road wrote:
> [snipped]
> > > area 0 range 172.16.1.0 255.255.255.0 area not working on ABR
> > either
> > >
> >
> > CL:  well, area 0 range is an illegal command. you may be able
> > to enter it,
> > but it does nothing. the area range command is design to
> > summarize non
> > backbone routes into the backbone. if you think aout it, there
> > is probably
> > not a real good reaso for backbone routes to be summarized
> >
> >
> JMcL: Since when??
> I use the area 0 range blah blah command (without the "area" at the end,
if
> that was supposed to be part of the command above), and it certainly
doesn't
> do nothing.  As far as I've seen, it works in exactly the same way as area
> anything else range blah blah.


All right, Miss Smarty Pants. I don't know what IOS versions you use / have
been using, but I have been through this song and dance with OSPF area 0
summarization, or lack thereof for a while now. I have yet to see it work.

Seriously, Jen, you know I respect your wisdom and value your advice. I am
absolutely certain that I have never successfuly summarized area 0 routes
over a couple of years of lab rat living. The following is from my current
study pod, and the IOS version is 12.1.5T10.

First, router 1 configurations. There are a number of loopbacks,containing
the route addresses in question.

router ospf 123
 log-adjacency-changes
 area 0 range 100.100.0.0 255.255.240.0
 redistribute rip subnets route-map rip2ospf
 network 99.99.99.1 0.0.0.0 area 51
 network 100.100.0.1 0.0.0.0 area 0
 network 100.100.1.1 0.0.0.0 area 0
 network 100.100.2.1 0.0.0.0 area 0
 network 100.100.3.1 0.0.0.0 area 0
 network 100.100.4.1 0.0.0.0 area 0
 network 100.100.5.1 0.0.0.0 area 0
 network 100.100.6.1 0.0.0.0 area 0
 network 100.100.7.1 0.0.0.0 area 0
 network 160.160.255.0 0.0.0.255 area 0

note the summary in the R1 routing table:

Gateway of last resort is not set

 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks
O   100.100.0.0/20 is a summary, 00:11:57, Null0

now observe router 2's table:

 100.0.0.0/24 is subnetted, 8 subnets
O   100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0
O   100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0
O   100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0
 99.0.0.0/32 is subnetted, 1 subnets

This has remained constant through several reconfigurations and several ospf
process resets.

It also remain true even if on R1 I use a more generic network 100.100.0.0
0.0.255.255 area 0 command.

So

I stand by my statement that even though you may be able to enter the
commands, the fact is that you cannot summarize area 0 routes on a cisco
router, at least not that I've been able to figure out.. My position is
further supported by the Cisco documentation, which states "The area range
command is used only with area border routers (ABRs). It is used to
consolidate or summarize routes for an area. The result is that a single
summary route is advertised to other areas by the ABR. Routing information
is condensed at area boundaries."

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r
/iprprt2/1rdospf.htm#xtocid4
watch the wrap

Of course, I am ready to learn something new, if you've got a trick I have
yet to learn.



> Why not summarise backbone routes for the same reasons as summarising
> non-backbone routes - reduce routing tables, database sizes, route change
> propagations etc?

In regards to the wisdom of summarizing backbone routes in an OSPF network,
while I was pondering your response, I went through a few ideas, and I see
where it "might" be advantageous.. I still believe that generally speaking,
one would want all backbone routes to be visible throughout the backbone  to
allow for uninterrupted routing should one or more backbone routers fail.
This assuming a redundant backbone design.

I can't located specifics in the RFC, but I "suspect" that Mr. Moy is of
similar mind.


with all respects

Chuck
--



>
> JMcL




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56430&t=56136
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Written - the final push is finished [7:56428]

[Jim Tickle]

I passed (though by the slightest margin).  This was a real bear, and while
MPLS, IS-IS and Multicasting played a major part (like everybody says), the
test I had also covered quite a bit of EIGRP, OSPF and other topics from the
CCNP track.  I was most surprised to find IGRP, RIP, Token Ring and FDDI
still on the exam.

 

Anyway  Im done. Having finished, what I found most useful: Both Doyle
books, Brunos book, and boson#3.

Thanks all for your help.
The Tick
 
 Jim Tickle  wrote:Thank you everyone who has sent advice, links and
encouragement.
Today I'm spending the day reading the various CCO links people have sent;
reviewing the highlighted sections of the books I read; going through
bosons#1 and #3; and just trying to pack it all in.
I hope to have positive news for the group late tomorrow. Thank you again
for all the support.
Tick
Shahid Muhammad Shafi wrote:Go thorugh 6500 documentation also. Especially
PVLANs, VACLs, RACLs etc.
Also if u have time breeze through these urls:
Bridging & Switching 

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/spantree.htm#10890

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/routing.htm#xtocid223388

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/vlans.htm#xtocid551119

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/acc_list.htm

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/span.htm
http://www.cisco.com/warp/public/793/lan_switching/2.html
http://www.cisco.com/warp/public/cc/pd/ibsw/ibdlsw/prodlit/dls12_rg.htm 
http://www.cisco.com/warp/public/793/lan_switching/6.html
http://www.cisco.com/warp/public/473/77.html
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/c65sp_wp.htm
http://standards.ieee.org/getieee802/802.1.html
http://www.cisco.com/warp/public/473/#LANSecurity
http://www.cisco.com/warp/public/473/79.html

http://cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/channel.htm

http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm#xtocid1869438

http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_r/brprt1/br1dtb.htm#xtocid132742

http://cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm

Cisco Device Operation
http://www.cisco.com/warp/public/432/features.html
http://www.cisco.com/warp/public/63/vip_crash.html
http://www.cisco.com/warp/public/66/23.html
http://www.cisco.com/warp/public/63/pcmciamatrix.html
http://www.cisco.com/warp/public/130/upgrade_index.shtml
http://www.cisco.com/warp/public/473/34.shtml
http://www.cisco.com/warp/public/473/46.html
http://www.cisco.com/warp/public/474/11.html
http://www.cisco.com/warp/public/473/81.shtml
http://www.cisco.com/warp/public/473/14.shtml

Desktop Protocols
http://www.cisco.com/warp/public/473/33.html#ping
http://www.cisco.com/warp/public/473/33.html#service

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_c/wcdfrely.htm

IP

http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/1195_pp.htm
http://www.cisco.com/networkers/nw00/pres/2212_6-28.pdf
http://www.cisco.com/warp/public/105/5.html
http://www.cisco.com/warp/public/63/ping_traceroute.html
http://www.cisco.com/warp/public/759/ipj_2-3/ipj_2-3_oneb.html
http://www.cisco.com/warp/public/105/56.html
http://www.cisco.com/warp/public/105/acl_wp.html

IP Routing

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s15/eigrpstb.htm

Multicast
http://www.cisco.com/warp/public/105/48.html

LAN

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/instnote.htm#xtocid1019419

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/6000hw/mod_inst/02prep.htm#xtocid21176
http://www.cisco.com/warp/public/473/46.html
http://www.cisco.com/warp/public/102/wlan/connectivity.html#third

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/fddi.htm#xtocid2505711
http://www.cisco.com/warp/public/102/wlan/ap-faq.html#Q13
http://www.cisco.com/warp/public/784/packet/techspeak.html

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt6/xcfvl.htm#77315
http://standards.ieee.org/getieee802/802.2.html
http://standards.ieee.org/getieee802/802.3.html
http://standards.ieee.org/getieee802/802.5.html
http://standards.ieee.org/getieee802/802.11.html
http://www.cisco.com/warp/public/697/troubleshooting_tr_interfaces.shtml
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/tokenrng.htm
http://www.cisco.com/warp/public/473/46.html
http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/tr1904.htm#34634
http://cisco.com/warp/public/cc/so/neso/lnso/lnmnso/feth_tc.htm

Multiservice

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvfax_r/vrf_a.htm#xtocid1720898

QoS

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c/index.htm

http:/

Re: Config Cat 5K GBIC interfaces [7:56410]

[Router Man]

Try setting to switch to autonegotiate

""Patrick Donlon""  wrote in message
news:200210281321.NAA04008@;groupstudy.com...
> Doe anyone have experience connecting a Cat 5K g-bit interface to a
Fluke's
> g-bit interface? Can't seem to get any layer 3 comms, here's the the show
> interface below. NOTE the interface is NOT connected, when it is though
the
> status is "Connected" and all the relevant LEDs light up and the cable
tests
> are passed on the fluke OK
>
> Cheers
>
> Pat
>
>
> (enable) sh port 5/1
> Port  Name   Status Vlan   Level  Duplex Speed Type
> - -- -- -- -- -- - ---
--
> ---
>  5/1  FLUKE Optiview notconnect 1  normal   full  1000
> 1000BaseSX
>
> Port   Trap  IfIndex
> -    ---
>  5/1   disabled  456
>
> Port Broadcast-Limit Broadcast-Drop
>  --- --
>  5/1   -  0
>
> Port   Send FlowControlReceive FlowControl   RxPause TxPause
Unsupported
>adminoper   adminoper opcodes
> -        --- --- -
--
>  5/1   desired  offoff  off  0   0   0
>
>
> Port  Align-Err  FCS-ErrXmit-Err   Rcv-ErrUnderSize
> - -- -- -- -- -
>  5/1   0  0  0  0 0
>
> Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts
Giants
> - -- -- -- -- - - 
--
> ---
>  5/1   0  0  0  0 0 0
> 0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56429&t=56410
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Quietest Cisco Switch (manageable) [7:56424]

[Symon Thurlow]

Hi all,

I think we covered this a little while ago, but don't recall the outcome.

I have been using a cheap netgear 8 port 10/100 switch at home for ages (no
fan=quiet) and it goes ok. Recently, I have swapped out the netgear for the
CAT5K from my lab. I am using it for CIT study and also because I was having
intermittent problems with my file server (I work from home a lot).

I found lots of runts and bad fcs on the port that the file server was
plugged into, so splashed out on ebay for a decent NIC (#6.99 for a
3C905B-TX!!) and replaced the realtek sh**ter with the 3COM card.

No more runts or bad FCS.

Anyway, my point is that I would like to keep a managed switch for my LAN,
but obviously the CAT5K is a bit noisy (and OTT), I have a 2912 but that
sounds like a small jet aircraft.

Anyone know of a quiet and small switch, or a way to quieten the fans in the
2900 series switches. Has anyone successfully ran a 2900 with some of the
fans unplugged?

Cheers,

Symon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56424&t=56424
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: PIX 515 MIB for OID [7:56427]

[Sean C]

Hello to allSorry for the OT but does anyone know what is the OID string to
get the CPU Utilization MIB data out of a PIX 515.  It's different than a
router and I can't find anything on CCO.

Thanks,
Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56427&t=56427
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: summary-address and OSPF NSSA [7:56407]

[Erick B.]

You are correct. The only side-effects would be that
if another area needs to get to that network that
isn't advertised by the NSSA ABR they won't be able
unless static route is used, etc. 

More detail... by default on NSSA External (type 7)
routes the P-bit is set which permits the Type7 to
Type5 at NSSA ABR. The not-advertise option turns off
the P-bit. 

Erick

--- bergenpeak  wrote:
> I'm using an NSSA in some sites and want to prevent
> type 7 LSAs
> in these sites from being converted into type 5 LSAs
> and being
> injected into area 0.
> 
> It appears this is possible using the
> summary-address command.
> Specifically, I'm considering doing the following in
> the ABR:
> 
>   summary-address 0.0.0.0 0.0.0.0 not-advertise
> 
> It's my understanding the ABR, configured with the
> above, will
> block any type7->5 routes from being advertised into
> area 0.
> 
> Is this correct?
> 
> Besides the filtering behavior, any
> side-effect/ramifications to
> consider when doing the above?
> 
> Thanks


__
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
http://webhosting.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56426&t=56407
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF: setting tags on external routes [7:56408]

[Erick B.]

Hi,

Route-maps and ACLs are the only way to set the tag
for all routes, except when redistributing BGP into
OSPF which isn't recommended. With that, the default
tag would be comprised of the BGP AS_PATH but it can
be over-riden with a route-map. 

Your idea is good though, maybe ask your Cisco SE to
put in a feature request... 

--- bergenpeak  wrote:
> I've got a number of different subnets on an OSPF
> ASBR that I would
> like to OSPF tag and advertise according to
> function.  
> 
> Assume these networks are directly connected to the
> ASBR and that
> a "redistribute connected subnets" is being used to
> make these
> subnets type 5 (type 7s in an NSSA).
> 
> Besides route-maps and ACLs, is there another way to
> associate
> different OSPF tag values to each subnet?
> 
> For instance, is there a way to say that all subnets
> on an interface
> (sub-interface) should be assigned OSPF tag value 42
> and subnets on
> another interface are assigned OSPF tag value of 11?
>  I'm looking for
> this to be an OSPF command at the interface level
> (again, so I can avoid
> route-maps and ACLs).
> 
> Or, is it possible in the router OSPF section to do
> something like:
> 
>   redist connected network XYZ subnet metric-type 1
> tag 42
>   redist connected network ABC subnet metric-type 1
> tag 11
> 
> 
> Thanks



__
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
http://webhosting.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56425&t=56408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco QOS course for the 3550?? [7:56423]

[Cisco Nuts]

Hello,

Does anyone know if any specific courses/books for the Cat 3550 switch in 
preparation for the CCIE Lab?
How about the Cisco course for QOS for the CCIP? Does this help for the CCIE 
Lab prep. Is this book enough in terms of the Lab?
Any advise is appreciated.

Thank you.
Sincerely.







_
Choose an Internet access plan right for you -- try MSN! 
http://resourcecenter.msn.com/access/plans/default.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56423&t=56423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco ExecNet [7:56421]

[Jon Campbell]

I'd have to agree.  There are too many large organizations using IP
telephony.  I come from the healthcare world.  We are implimenting over 3000
ip phones.  Baylor is implementing over 13000 and we are not alone.  The PBX
is becoming a dinosaur.  To succeed you must plan, plan, plan.  I would
suggest even bringing in outside consultants that have done this on a wide
scale if the experience level is not there.


- Original Message -
From: "George E Lampro Super Genius" 
To: ; "'Nathan Chessin'" 
Cc: "'Albert Lu'" ; ;
; "'Joe'" ;

Sent: Monday, October 28, 2002 12:43 AM
Subject: RE: Cisco ExecNet


> IP phones are cheaper and easier to move so you MAC(Move, ADD, Changes)
cost
> less.
> Look at all of the features on the IP phones.  Plan your implementations
and
> avoid the ugly LAN.
>
> Garth from Waynes World would say "we fear change"
>
> Dont be a Garth,  enjoy the cool new technology.
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Friday, October 11, 2002 5:10 AM
> To: Nathan Chessin
> Cc: 'Albert Lu'; [EMAIL PROTECTED]; [EMAIL PROTECTED]; 'Joe';
> [EMAIL PROTECTED]
> Subject: RE: Cisco ExecNet
>
>
> you said:
> >>> 1) Since when is VoIP a "bandwidth-hungry app"
>
> and I would respond "When it is deployed".  Sure, one VoIP call using G729
> might only take 25kbps, but try handling 50-60 of them 24x7 and you'll
> start to find your site-to-site T1's being used for VoIP, and not for
> "data".
>
> ...and when you deploy IP Phones, the LAN REALLY gets ugly... far uglier
> than you'd think (but again, assuming you're deploying more than a dozen
> phones ).
>
> danT
>
> 
> Dan Thorson - Seagate Technology, LLC
> desk +1 (952) 402-8293fax +1 (952) 402-1007
> SeaTel  8-402-8293
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56421&t=56421
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Priscilla Oppenheimer]

Gaz wrote:
> > 
> > I can't do the following though. Windows 98 gives an error
> message and won't
> > add the route:
> > 
> > route add 100.100.100.2 mask 255.255.255.240 gateway
> > 
> > I can do this though:
> > 
> > route add 100.100.100.2 mask 255.255.255.254 gateway
> 
> Not sure what you were trying with the first one. Have I
> misunderstood?
> I don't know any device that would accept a route without using
> the
> network address. (100.100.100.2 is the network address for a 
> 255.255.255.254 mask, but not for 255.255.255.224).
> 
> But now you've got me worried, because I know your pedigree
> :-).
> Humo(u)r me. What d'ya mean.

I just wasn't thinking! I was rushing. Of course, Windows gave me an error
for that. Too bad it wasn't an error that meant anything. I think it said
error 87 or something. ;-)

> 
> 
> All this has given me an idea though.
> I would like to have used the same IP address on my laptop when
> I'm at
> home and at work.
> I had to change my local subnet at home, because when I VPN in
> to work,
> I have 192.168.80.0/24 at both ends. I should, if what we're
> thinking is
> right, be able to put a more specific route on for the odd
> addresses I
> need to get to at work, primarily remote desktop to my work PC,
> our
> local router and a couple of terminal servers.
> That way I can leave my IP address the same for both locations 
> (probably).

I think that would work. Let us know. Thanks. 

Priscilla

> 
> Gaz
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56422&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Gaz]

In article , [EMAIL PROTECTED] 
says...
> Gaz wrote:
> > 
> > I would have thought Windows 98 would accept something like:
> > 
> > route add 100.100.100.240 mask 255.255.255.240 [default gateway]
> 
> It depends on the host's own address. And I've forgotten what we said that
> was by now. ;-)
> 
> > 
> > I don't think there's any restriction to host routes.
> 
> A host route is one that specifies a specific address, i.e. the mask is
> 255.255.255.255. I doubt there are restrictions to that either, although,
> obviously, you have to point to a local default gateway and not just any
old
> address.
> 

Thanks :-)

> But there are restrictions to other routes, depending on the bit pattern.
> I'm using different addresses than in our example and don't really feel
like
> twidling bits, but I was able to do something like this:
> 
> My address is 100.100.100.17 255.255.255.224
> 
> I can:
> 
> route add 100.100.100.16 mask 255.255.255.240 gateway
> 
> That causes the packets for 100.100.100.16/28 to go through the gateway
> router.
> 
> I can't do the following though. Windows 98 gives an error message and
won't
> add the route:
> 
> route add 100.100.100.2 mask 255.255.255.240 gateway
> 
> I can do this though:
> 
> route add 100.100.100.2 mask 255.255.255.254 gateway

Not sure what you were trying with the first one. Have I misunderstood? 
I don't know any device that would accept a route without using the 
network address. (100.100.100.2 is the network address for a 
255.255.255.254 mask, but not for 255.255.255.224).

But now you've got me worried, because I know your pedigree :-). 
Humo(u)r me. What d'ya mean.


All this has given me an idea though.
I would like to have used the same IP address on my laptop when I'm at 
home and at work.
I had to change my local subnet at home, because when I VPN in to work, 
I have 192.168.80.0/24 at both ends. I should, if what we're thinking is 
right, be able to put a more specific route on for the odd addresses I 
need to get to at work, primarily remote desktop to my work PC, our 
local router and a couple of terminal servers.
That way I can leave my IP address the same for both locations 
(probably).

Gaz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56420&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Route Diversity? [7:56419]

[Leo Song]

Hi, there.

In such scenario, say, we and our customer have connection through our
ISP clouds and such connection is terminated at our and our customers'
DMZ interfaces, to establish the INSIDE - INSIDE connectivity.

In the meanwhile, we also create OUTSIDE - OUTSIDE VPN tunnel over
Internet and this tunnel is terminate at our and our customers' OUTSIDE
interfaces, again to establish the INSIDE - INSIDE connectivity.

Now, our PIX has two routes to reach our customer's internal network,
through the VPN tunnel or through the DMZ, ISP clouds.

While, which route should the PIX take? Is it possible to leverage
diversity or backup purpose, like a Router? 

Thanks in advance.

Leo
Best Regards.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56419&t=56419
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Priscilla Oppenheimer]

Gaz wrote:
> 
> I would have thought Windows 98 would accept something like:
> 
> route add 100.100.100.240 mask 255.255.255.240 [default gateway]

It depends on the host's own address. And I've forgotten what we said that
was by now. ;-)

> 
> I don't think there's any restriction to host routes.

A host route is one that specifies a specific address, i.e. the mask is
255.255.255.255. I doubt there are restrictions to that either, although,
obviously, you have to point to a local default gateway and not just any old
address.

But there are restrictions to other routes, depending on the bit pattern.
I'm using different addresses than in our example and don't really feel like
twidling bits, but I was able to do something like this:

My address is 100.100.100.17 255.255.255.224

I can:

route add 100.100.100.16 mask 255.255.255.240 gateway

That causes the packets for 100.100.100.16/28 to go through the gateway
router.

I can't do the following though. Windows 98 gives an error message and won't
add the route:

route add 100.100.100.2 mask 255.255.255.240 gateway

I can do this though:

route add 100.100.100.2 mask 255.255.255.254 gateway

> 
> I wonder though if you don't bother with the individual route
> on the
> PC's (which you obviously wouldn't want to do on a larger
> scale), would
> the router proxy arp for addresses which should be on it's
> ethernet, if
> you applied a route via the serial for example.

I think that would work, if I understand what you're saying. For example, if
you had a host-specific route on the router that pointed to the serial
interface, I think the router would proxy ARP for requests to find that
host. If you also had a host loally with that same address, the requester
would get 2 replies, though, and that would be ugly.

Feel free to try it though (but after dinner!) ;-) 

___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com


> 
> I'll try it later, but I'm having my dinner :-))
> 
> Gaz
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56418&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Gaz]

In article , [EMAIL PROTECTED] 
says...
> > 
> > Can I chip in with a question for everyone now?
> > 
> > If you apply more specific routes to all devices for an address
> > which
> > should appear on your local subnet, will it then try the routed
> > path to
> > the device.
> > 
> > eg Machine addressed 100.100.100.100 255.255.255.0
> > route add 100.100.100.10 mask 255.255.255.255 [default gateway]
> 
> This is a host-specific route. Operating systems should understand this and
> behave correctly. Host-specific routes have been around for a long time,
> like probably since the birth of IP. They solve various problems.
> 
> So I tred it on a Windows 98 PC. I added the route and then pinged the
> device specified in the addition.
> 
> The PC ARPed for the default gateway and then sent the ping to the default
> gateway, even though the device is really local. The default gateway sent
> the packet back out the same Ethernet and the local machine replied
directly
> to my PC. I would have expected a redirct from the router too, but I didn't
> see one.
> 
> Now, is this behavior specific to the host-specific route? I wonder if I do
> something like:
> 
> route add 100.100.100.2 255.255.255.0 default gateway
> 
> Hmm
> 
> Oh, Windows 98 won't let me do that! ;-) It will only let me add a
> host-specific route. Makes sense I guess. And then it does behave correctly
> when I add a host-speciif route (e.g., it does what the route tells it to
do.)
> 
> ___
> 
> Priscilla Oppenheimer
> www.troubleshootingnetworks.com
> www.priscilla.com
> 
> > 
> > Not that you'd want to do it, but just wondering.
> > 
> > 
> > Cheers,
> > 
> > Gaz
> > 

I would have thought Windows 98 would accept something like:

route add 100.100.100.240 mask 255.255.255.240 [default gateway]

I don't think there's any restriction to host routes.

I wonder though if you don't bother with the individual route on the 
PC's (which you obviously wouldn't want to do on a larger scale), would 
the router proxy arp for addresses which should be on it's ethernet, if 
you applied a route via the serial for example.

I'll try it later, but I'm having my dinner :-))

Gaz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56417&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Gaz]

H The new DNS idea to negate the need for alias is neat. Not as 
neat as not buggering up the IP addressing in the first place :-)

I hadn't considered using overlapping NAT because of the DNS problems, 
but I suppose alias would have done it and now it's even easier, but I 
will still avoid it at all costs. 

With the internet (DNS), I think it's too much of a bodge not to cause 
problems in the long run.


Gaz


In article , 
[EMAIL PROTECTED] says...
> To all,
> 
> In 6.2 of the FOS you CAN do this :-).
> 
> You just have a situation of overlapping networks. here is the info on how
> to accomplish this:
>
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration
> _guide_chapter09186a00800eb71e.html#xtocid26
> (watch the wrap).
> 
> Cheers!
> 
> Richard
> 
> 
> ""Brett spunt""  wrote in message
> news:200210270014.AAA27223@;groupstudy.com...
> > True, but that network is not a private ip, so if inside host is trying
to
> > hit a "live" web server at 192.5.2.x, there are SCREWED, ya
> > know.
> >
> > -Original Message-
> > From: gogarty [mailto:ciaron@;gogarty.net]
> > Sent: Saturday, October 26, 2002 4:47 PM
> > To: Brett spunt; [EMAIL PROTECTED]
> > Subject: Re: Pix & non-Rfc networks. [7:56347]
> >
> >
> > No need to doubt.  If you have the network 192.5.2.0/24 inside the pix,
> why
> > would a client want to connect to the same network outside the pix?  As
> far
> > as the client is concerned it is ON the 192.5.2.0/24 network!!
> >
> > - Original Message -
> > From: "Brett spunt"
> > To:
> > Sent: Saturday, October 26, 2002 7:36 PM
> > Subject: RE: Pix & non-Rfc networks. [7:56347]
> >
> >
> > > Yes,
> > >
> > > You will never even make it to the pix if your destined for the
> > 192.5.2.0/24
> > > network.
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of
> > > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56416&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Priscilla Oppenheimer]

Gaz wrote:
> 
> In article , 
> [EMAIL PROTECTED] says...
> > Hello,
> > 
> > I was just reading this document,from the following link
> > http://www.cisco.com/warp/customer/110/8.html I have attached
> the Pdf file
> > of the same for your convinence :-).
> > 
> > 
> > now coming to my doubt. 
> > 
> > If i have a network say like 192.5.2.0/24 inside the pix
> (connecting to
> > internet) Does it mean that all the sites with 192.5.2.0/24
> would not be
> > accessible to the inside network ?? 

Yes. You can't use someone else's network address in your inside network and
still get to that someone else's network! :-) When your devices try to reach
192.5.2.x, they will do a logical AND with the subnet mask and see that the
result is the same as when they do a logical AND with the subnet mask and
their own address. Hence the destination is local. So they send an ARP
broadcast. They get a response from a local device or no response if the
address doesn't exist locally.

Actually, there are probably workarounds to this. It's not such a silly
requirement. In the past people did tend to make up network numbers that
actually belonged to someone else, so there is a need to get this to work. I
wouldn't be surprised to learn that there's some kludegey way of getting
this to work. It would probably only work for specific outside addresses and
only if you haven't assigned those addresses locally.

More below

> > 
> > thanks and regards,
> > Murali
> > 
> 

snip

> 
> Can I chip in with a question for everyone now?
> 
> If you apply more specific routes to all devices for an address
> which
> should appear on your local subnet, will it then try the routed
> path to
> the device.
> 
> eg Machine addressed 100.100.100.100 255.255.255.0
> route add 100.100.100.10 mask 255.255.255.255 [default gateway]

This is a host-specific route. Operating systems should understand this and
behave correctly. Host-specific routes have been around for a long time,
like probably since the birth of IP. They solve various problems.

So I tred it on a Windows 98 PC. I added the route and then pinged the
device specified in the addition.

The PC ARPed for the default gateway and then sent the ping to the default
gateway, even though the device is really local. The default gateway sent
the packet back out the same Ethernet and the local machine replied directly
to my PC. I would have expected a redirct from the router too, but I didn't
see one.

Now, is this behavior specific to the host-specific route? I wonder if I do
something like:

route add 100.100.100.2 255.255.255.0 default gateway

Hmm

Oh, Windows 98 won't let me do that! ;-) It will only let me add a
host-specific route. Makes sense I guess. And then it does behave correctly
when I add a host-speciif route (e.g., it does what the route tells it to do.)

___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com

> 
> Not that you'd want to do it, but just wondering.
> 
> 
> Cheers,
> 
> Gaz
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56415&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DSL PPPoE [7:56414]

[[EMAIL PROTECTED]]

We have a remote user's pc connecting through a PIX 501, which is connected
to a SpeedStream DSL modem.  I'm having a problem with connection resets on
the user's SBC account.  I had the VPDN group authenticating via CHAP; then
about a week a ago, he lost total internet connectivity.  Tried changing the
auth type to PAP.  The account authenticated fine, but now every 15 - 20
minutes (depending on traffic).  The account looses connectivity and has to
go throught the whole process again.

I tried to reconfigure CHAP, but that just wouldn't work.  Has anyone run
into an ISP changing the authenication type like that (particularly SBC
Ameritech, within the past two weeks)?

I'm trying to fight past the first layer of help at Ameritech's call
center

Thanx,
mkj




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56414&t=56414
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to measure the amount of traffic on a router? [7:56385]

[Arnold, Jamie]

If your router has CEF enabled, be sure to read about how to get accurate
counts when using MRTG/RRD

-Original Message-
From: Elijah Savage III [mailto:esavage@;digitalrage.org] 
Sent: Sunday, October 27, 2002 4:30 PM
To: [EMAIL PROTECTED]
Subject: RE: How to measure the amount of traffic on a router? [7:56385]


Look into MRTG/SNMP

-Original Message-
From: Vitaliy Vishnevskiy [mailto:vitaliy@;shoregroup.com] 
Sent: Sunday, October 27, 2002 3:44 PM
To: [EMAIL PROTECTED]
Subject: How to measure the amount of traffic on a router? [7:56385]


Folks,
I am looking for some kind of inexpensive software package that could be
programmed to graph the traffic volume going through a router.  Thanks
 
--
Vitaliy Vishnevskiy
System Engineer, CCDP, CCNP, Cisco Security Specialist 1, MCSE ShoreGroup,
Inc 460 West 35th Street New York, NY  10001 
Phone: (212) 736-2915
Mobile: (917) 816-0753
Fax: (425) 955-1485
E-mail: [EMAIL PROTECTED]
  

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of Vitaliy Vishnevskiy ([EMAIL PROTECTED]).vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56413&t=56385
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: summary-address and OSPF NSSA [7:56407]

[Peter van Oene]

At 12:56 PM 10/28/2002 +, you wrote:
>I'm using an NSSA in some sites and want to prevent type 7 LSAs
>in these sites from being converted into type 5 LSAs and being
>injected into area 0.
>
>It appears this is possible using the summary-address command.
>Specifically, I'm considering doing the following in the ABR:
>
> summary-address 0.0.0.0 0.0.0.0 not-advertise
>
>It's my understanding the ABR, configured with the above, will
>block any type7->5 routes from being advertised into area 0.
>
>Is this correct?
>
>Besides the filtering behavior, any side-effect/ramifications to
>consider when doing the above?
>
>Thanks

This is the recommended way to make this happen. The only thing to consider 
is that you are removing reachability information from the OSPF domain and 
it you want those routes to be reachable, you'll need to deal with via some 
other method.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56412&t=56407
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

[Richard Deal]

To all,

In 6.2 of the FOS you CAN do this :-).

You just have a situation of overlapping networks. here is the info on how
to accomplish this:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration
_guide_chapter09186a00800eb71e.html#xtocid26
(watch the wrap).

Cheers!

Richard


""Brett spunt""  wrote in message
news:200210270014.AAA27223@;groupstudy.com...
> True, but that network is not a private ip, so if inside host is trying to
> hit a "live" web server at 192.5.2.x, there are SCREWED, ya
> know.
>
> -Original Message-
> From: gogarty [mailto:ciaron@;gogarty.net]
> Sent: Saturday, October 26, 2002 4:47 PM
> To: Brett spunt; [EMAIL PROTECTED]
> Subject: Re: Pix & non-Rfc networks. [7:56347]
>
>
> No need to doubt.  If you have the network 192.5.2.0/24 inside the pix,
why
> would a client want to connect to the same network outside the pix?  As
far
> as the client is concerned it is ON the 192.5.2.0/24 network!!
>
> - Original Message -
> From: "Brett spunt"
> To:
> Sent: Saturday, October 26, 2002 7:36 PM
> Subject: RE: Pix & non-Rfc networks. [7:56347]
>
>
> > Yes,
> >
> > You will never even make it to the pix if your destined for the
> 192.5.2.0/24
> > network.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Saturday, October 26, 2002 5:05 AM
> > To: [EMAIL PROTECTED]
> > Subject: Pix & non-Rfc networks. [7:56347]
> >
> >
> > Hello,
> >
> > I was just reading this document,from the following link
> > http://www.cisco.com/warp/customer/110/8.html I have attached the Pdf
file
> > of the same for your convinence :-).
> >
> >
> > now coming to my doubt.
> >
> > If i have a network say like 192.5.2.0/24 inside the pix (connecting to
> > internet) Does it mean that all the sites with 192.5.2.0/24 would not be
> > accessible to the inside network ??
> >
> > thanks and regards,
> > Murali
> >
> > [GroupStudy.com removed an attachment of type application/octet-stream
> which
> > had a name of non-rtc-net.pdf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56411&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Config Cat 5K GBIC interfaces [7:56410]

[Patrick Donlon]

Doe anyone have experience connecting a Cat 5K g-bit interface to a Fluke's
g-bit interface? Can't seem to get any layer 3 comms, here's the the show
interface below. NOTE the interface is NOT connected, when it is though the
status is "Connected" and all the relevant LEDs light up and the cable tests
are passed on the fluke OK

Cheers

Pat


(enable) sh port 5/1
Port  Name   Status Vlan   Level  Duplex Speed Type
- -- -- -- -- -- - -
---
 5/1  FLUKE Optiview notconnect 1  normal   full  1000
1000BaseSX

Port   Trap  IfIndex
-    ---
 5/1   disabled  456

Port Broadcast-Limit Broadcast-Drop
 --- --
 5/1   -  0

Port   Send FlowControlReceive FlowControl   RxPause TxPause Unsupported
   adminoper   adminoper opcodes
-        --- --- ---
 5/1   desired  offoff  off  0   0   0


Port  Align-Err  FCS-ErrXmit-Err   Rcv-ErrUnderSize
- -- -- -- -- -
 5/1   0  0  0  0 0

Port  Single-Col Multi-Coll Late-Coll  Excess-Col Carri-Sen Runts Giants
- -- -- -- -- - - --
---
 5/1   0  0  0  0 0 0
0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56410&t=56410
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Intermittant PIX error ... [7:56404]

[Patrick Donlon]

Have you any logging turned on to see what is going wrong when you try to
connect? Sounds like the authentication is failing somewhere not a
reachability problem. Good luck

Pat


""Paul""  wrote in message
news:200210281240.MAA32077@;groupstudy.com...
> Yeah, thanks AMR ... what a great help you are !!!
> - Original Message -
> From: "AMR"
> To:
> Sent: Monday, October 28, 2002 12:02 PM
> Subject: Re: Intermittant PIX error ... [7:56404]
>
>
> > This description is vague at best.
> >
> > ""Paul""  wrote in message
> > news:200210281035.KAA21202@;groupstudy.com...
> > > Hi guys ...
> > >
> > > Intermittantly I get the following error when trying to telnet to a
Pix:
> > >
> > > Router_1#telnet 10.1.1.1
> > > Trying 10.1.1.1 ...
> > > % Connection refused by remote host
> > >
> > > I can ping the Pix fine when this happens, this usually lasts only for
> > > several
> > > minutes  (but worries me none the less) ... then all of a sudden
the
> > > telnet session works 
> > >
> > > I can't find much on the Cisco website 
> > >
> > > Does any have any ideas, or has anyone experienced this themselves ???
> > >
> > > Regards
> > >
> > > Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56409&t=56404
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF: setting tags on external routes [7:56408]

[bergenpeak]

I've got a number of different subnets on an OSPF ASBR that I would
like to OSPF tag and advertise according to function.  

Assume these networks are directly connected to the ASBR and that
a "redistribute connected subnets" is being used to make these
subnets type 5 (type 7s in an NSSA).

Besides route-maps and ACLs, is there another way to associate
different OSPF tag values to each subnet?

For instance, is there a way to say that all subnets on an interface
(sub-interface) should be assigned OSPF tag value 42 and subnets on
another interface are assigned OSPF tag value of 11?  I'm looking for
this to be an OSPF command at the interface level (again, so I can avoid
route-maps and ACLs).

Or, is it possible in the router OSPF section to do something like:

redist connected network XYZ subnet metric-type 1 tag 42
redist connected network ABC subnet metric-type 1 tag 11


Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56408&t=56408
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

summary-address and OSPF NSSA [7:56407]

[bergenpeak]

I'm using an NSSA in some sites and want to prevent type 7 LSAs
in these sites from being converted into type 5 LSAs and being
injected into area 0.

It appears this is possible using the summary-address command.
Specifically, I'm considering doing the following in the ABR:

summary-address 0.0.0.0 0.0.0.0 not-advertise

It's my understanding the ABR, configured with the above, will
block any type7->5 routes from being advertised into area 0.

Is this correct?

Besides the filtering behavior, any side-effect/ramifications to
consider when doing the above?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56407&t=56407
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Intermittant PIX error ... [7:56404]

[Paul]

Yeah, thanks AMR ... what a great help you are !!!
- Original Message -
From: "AMR" 
To: 
Sent: Monday, October 28, 2002 12:02 PM
Subject: Re: Intermittant PIX error ... [7:56404]


> This description is vague at best.
>
> ""Paul""  wrote in message
> news:200210281035.KAA21202@;groupstudy.com...
> > Hi guys ...
> >
> > Intermittantly I get the following error when trying to telnet to a Pix:
> >
> > Router_1#telnet 10.1.1.1
> > Trying 10.1.1.1 ...
> > % Connection refused by remote host
> >
> > I can ping the Pix fine when this happens, this usually lasts only for
> > several
> > minutes  (but worries me none the less) ... then all of a sudden the
> > telnet session works 
> >
> > I can't find much on the Cisco website 
> >
> > Does any have any ideas, or has anyone experienced this themselves ???
> >
> > Regards
> >
> > Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56406&t=56404
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Intermittant PIX error ... [7:56404]

[AMR]

This description is vague at best.

""Paul""  wrote in message
news:200210281035.KAA21202@;groupstudy.com...
> Hi guys ...
>
> Intermittantly I get the following error when trying to telnet to a Pix:
>
> Router_1#telnet 10.1.1.1
> Trying 10.1.1.1 ...
> % Connection refused by remote host
>
> I can ping the Pix fine when this happens, this usually lasts only for
> several
> minutes  (but worries me none the less) ... then all of a sudden the
> telnet session works 
>
> I can't find much on the Cisco website 
>
> Does any have any ideas, or has anyone experienced this themselves ???
>
> Regards
>
> Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56405&t=56404
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Intermittant PIX error ... [7:56404]

[Paul]

Hi guys ...

Intermittantly I get the following error when trying to telnet to a Pix:

Router_1#telnet 10.1.1.1
Trying 10.1.1.1 ...
% Connection refused by remote host

I can ping the Pix fine when this happens, this usually lasts only for
several
minutes  (but worries me none the less) ... then all of a sudden the
telnet session works 

I can't find much on the Cisco website 

Does any have any ideas, or has anyone experienced this themselves ???

Regards

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56404&t=56404
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Tag-switching and MPLS interface commands [7:56403]

[David Terry (ETL)]

Hello Dennis,

The commands perform the same function which is to turn MPLS on the
interface but it depends what protocol is used globally. The default is TDP.
The commands are interchangeable to ensure backward capability . To change
the default (TDP) use the global command

B6-C7500-top(config)#mpls label protocol ldp  

Hope this helps

David

-Original Message-
From: Dennis Laganiere [mailto:Dennis@;laganiere.net]
Sent: 27 October 2002 02:46
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Tag-switching and MPLS interface commands


Does anybody know the differences between the the interface commands
"tag-switching ip" and "mpls ip" (or better yet, have a good URL for it)?  On
both my 2610 and 2500's, when I enter the "mpls ip" command, the
"tag-switching ip" command appears in my configuration.

I've been through both of my MPLS books and haven't seen how they differ...

Thanks...

--- Dennis




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56403&t=56403
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

mail list [7:56401]

[Larry Letterman]

Hi team,

Is the forum email list still working?
I have not recieved any email from it in a good while.

Let me know...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56401&t=56401
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]