Routing Exam:640-901 [7:58867]
Hi all , I am writing my routing exam this Friday , I have studied hard , any body have some good ideas where to really concentrate ? Thanks for the help Cheers !!! Theperiman NOTICE - This message contains privileged and confidential information intended only for the use of the addressee named above. Any review, retransmission, dissemination, copying, disclosure or other use of, or taking of any action in reliance upon, this information by person or entities other than the intended recipient is prohibited. If you have received this message in error, please notify the sender by return email and delete this message. This message should not be copied or used for any purpose other than intended, nor should it be disclosed to any other person. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of Investec Group, its subsidiaries or associates. The Investec Group is not liable for the security of information sent by e-mail at your request, nor for the proper and complete transmission of the information contained in the communication nor for any delay in its receipt. Please note that the recipient must scan this e-mail and any attached files for viruses and the like. The Investec Group accepts no liability of whatever nature for any loss, liability, damage or expense resulting directly or indirectly from the access of any files which are attached to this message. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58867t=58867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dumb question [7:58783]
You are absolutely right. It didn't occur to me. It seemed to me that one would have to go out of their way to create a loop in a hub environment. Then after reading your response, I realized I encountered something like this just a few months ago. 2 dual homed Citrix servers using 2 logical subnets but sharing the same physical network. The end user had enabled forwarding between the nics on one of the servers. Guess what the problem was? Jay -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, December 09, 2002 12:10 PM To: [EMAIL PROTECTED] Subject: RE: Dumb question [7:58783] Jay Dunn wrote: A hub or repeater operates at layer 1 and makes no intelligent decision about what to forward. A packet enters a port and is forwarded out all other active ports on the hub. The concept of a loop only exists at higher layers. A loop could exist at the physical layer too. A newbie could connect the hubs in such a way that there was a loop. And it could indeed cause problems due to the fact that a hub doesn't make any intelligent decisions about what it forwards, as you say, and doesn't participate in higher-layer loop-avoidance solutions such as STP, Dijkstra, split horizon, etc. There would be nothing to stop the looping bits. The very idea makes me cringe. :-) It's kind of funny that nobody thinks about this. A network of hubs must be designed in a hierarchical fashion. I guess that is just second-nature to people who grew up with hubs. When hubs entered the market they allowed us to move away from the ubiquitous bus topology and into a star (hub-and-spoke) topology. They allowed us to start using the structured cabling that ATT and other vendors were starting to install, rather than the Christmas-tree-lights topology so popular with coax cable and so prone to problems. As networks grew, it became necessary to connect multiple hubs. The term that was often used was cascating hubs. Hubs cascaed from other hubs, within the rules related to Ethernet propagation delay and collision detection. Priscilla Jay Dunn IPI*GrammTech, Ltd. www.ipi-gt.com Nunquam Facilis Est -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Han Chuan Alex Ang Sent: Monday, December 09, 2002 3:44 AM To: [EMAIL PROTECTED] Subject: Dumb question [7:58783] I am wondering if Hub could be subjected to loop problems , if not, what will happen if there is a loop within a Hub enviroment Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58868t=58783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MLS Hello Multicast Messages [7:58869]
All, The MLS-RP sends hello's to the CMGP mcast address every 15 secs. All downstream switches in the network recv these hello messages. I have 2 6500s with a dot1q trunk and an MSFC in both. MLS enabled by default. Sniffing the trunk and i would expect to see an MLS hello packet every 15 secs addressed to 01-00-0c-dd-dd-dd (CGMP address), but I dont see it. Please help. Ken Farrington Global Networks, Barclays Capital, 5 The North Colonnade, Canary Wharf, London, E14 4BB * Tel : 020 7773 3550 * Mob : 07768-866655 * [EMAIL PROTECTED] For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58869t=58869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to change the default Telnet port of a router [7:58647]
Hi Simon, There is a way, but its a hack. I dont recommend you do this, but just shows that you dont always need to attack the problem directly.. anyway here is a simple diagram s0 s1 10.0.0.110.0.0.2 -- | 172.16.55.1 (eth0) on RTA apply the following config : ip nat inside source static tcp 172.16.55.1 23 172.16.55.1 2002 extendable ! interface Ethernet0 description Dummy interface for lab testing ip address 172.16.55.1 255.255.255.0 no keepalive ! interface Serial0 ip address 10.0.0.1 255.255.255.0 ip nat outside clockrate 38400 ! So basically your mapping the local telnet port 23, to port 2002. If you try and telnet normally to ip 172.16.55.1 you wont initiate a connection as NAT will reply back with a port of 2002. Hence the only way to obtain telnet is to telnet to 172.16.55.1 2002 raj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58870t=58647 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN 640-505 [7:58871]
Would the CCNP remote Access exam certification guide for 640-505 by Brian Morgan and Craig Dennis be enough to pass the 640-605 exam? The book is kind of short compared to the BCRAN book. Thanks in advance! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58871t=58871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
how did you classify your tcp packets? I think WRED treats unclassified packets as lower priority packets (precedence=0). i saw random-drops in precedence 0 packets. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58873t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VOIP - Voice Mailboxes [7:58872]
We have the Unity/Exchange module installed and functioning but is there a way of creating a voice mailbox WITHOUT having to create an Exchange mailbox. We have several instances where we have employees who don't have a PC much less a domain and email account but have a phone. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58872t=58872 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Visio Stencil for Cisco [7:58509]
Try www.altimatech.com. they have everything and will do custom stencils for you. I downloaded thier standard package and it has over 300 Cisco stencils tu do wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I found a set of them. http://www.cisco.com/warp/public/503/2.html cheer, Tu Do Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58874t=58509 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE cert. opinion [7:58805]
for other tests, but I didnt think the lab was covered. If so, look out SJ, here I come! Karl Thrasher wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I recently took the CCIE written. I didn't pass, but I really wasn't expecting to. I missed it by 6 points. A while back when the beta was running, I was just getting ready to begin studying for the written when I found out the beta was on. I found out about the beta on a Wed. and the beta run ended on that Friday. So to evaluate myself, I paid the 50 bucks and took the test with no study. I missed it by about 6 points then as well. I thought, considering my level, at the time, it was not too bad and definately attainable. I had to put my study off for a while after the beta attempt because of a project I had to get up to speed on and then recently started studying. I studied for a few weeks then took it to re-evaluated where I stand now. I saw on the board some people complaining about questions being too product specific. I saw little to no types of those questions. My test was mainly theory and heavy configuration and troubleshooting questions. Yes, some of the test is a test of your memory but what test isn't? Is there a test that exists that to some degree does not test your memory? And, yes, some of the information tested is sort of trivial in aspect, but the ultimate goal is not to pass the exam but to pass the lab. While studying the technologies for the written, studying that trivial information, you pick up alot of things you didn't know, or things you once knew but forgot. I think the better you do on the written the better you'll do on the lab. Not to say that a good score on the written will guarantee a passing lab attempt at all. But I think the more you study for your written, you will be all that much more prepared to study for your lab. I think I'm in pretty good shape. I have no pressure to pass as far as money goes when taking the tests, because my GI Bill will pay for all written and lab attempts, pass or fail. Plus I teach Cisco stuff during the day on 5 racks that Cisco donated to the college. So even when I'm not studying, I am. Plus the network I work on at my regular job has about 30,000+ Cisco devices. So I think all these pluses will equal a CCIE RS cert one of these days. If not I will be dissapointed in myself. But I'm pretty confident right now. I noticed someone else mention that a down-side of the exam is that someone could take the written as many times as they wanted until eventually passing. I could do that, but I don't want to waste my money. I'm not going to attempt it again until I think I've picked up about 20 points. Although my GI Bill will pay for my tests and lab, I have finite funds and I want to save my money for the labs. But I don't think that just because that you can take the test as often as you like will cause the market to be flooded with CCIE's. Most people are persueing the CCIE cert because of money: they want more. People have fininte funds. It's not too bad to take the test several times but when you give the lab several pops that adds up. I'll bet there are alot of folks out there that have given up because of the money it would take them or because they have already spent too much money on their failed attempts. There are probably many, many more people that don't have the funds to take the test and lab as many times as they want, than people that have the money to take them over and over again until they pass. So, I don't think that it's an issue. Just a comparison note between the beta and the current exam, the current exam seemed much harder. Anyway, that's all I have to say this go 'round. Besides it's time to hit the books. ;). Thanks, Karl. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58875t=58805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Error report from my Router [7:58882]
Hi, I have a Cisco Router(2511) that is my NAS. When one of my network users want to login on my NAS, I can see Login timed out error message that is sent to my TACACS Server. It's about only two week that I can see that error message. What is this Error message? Is there anyone who can help me about this subject? Regards, H.Sedighi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58882t=58882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Error report from my Router [7:58882]
First I would verify the TACACS+ host and key are valid - then debug TACACS and see what you get there. -Original Message- From: Hamed Sedighi [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 15:55 To: [EMAIL PROTECTED] Subject: Error report from my Router [7:58882] Hi, I have a Cisco Router(2511) that is my NAS. When one of my network users want to login on my NAS, I can see Login timed out error message that is sent to my TACACS Server. It's about only two week that I can see that error message. What is this Error message? Is there anyone who can help me about this subject? Regards, H.Sedighi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58884t=58882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Exam:640-901 [7:58867]
Peri, I am taking my 901 on Thursday of this week as well! I have the Cisco Press Book by Paquet, and it suppossed to cover all of the test material. I also downloaded the IS-IS supplement from Cisco. I know NOTHING about IS-IS, so I'm going to learn the basics and pray that there are only about 4-5 questions on it. I've worked in networking with Cisco products since 2000, so I feel comforatable with day-to-day operations, and I'm fairly comfident with my commands. What I have been concentrating on is more of the book stuff like metric stuff, bgp path attributes, and the specific routing commands that are applied to interfaces. I have a lab with 4 2500's, but to be honest, I feel like the books are more important for this specific exam. Anyone who has taken the test, I would like to hear your opinion on book specifics vs. router configs on the BSCI exam, please. Kalo Taxithi - jason Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58885t=58867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VOIP - Voice Mailboxes [7:58872]
Voice mail in Unity is stored in priv.edb (and in priv.stm in ex2k)which is exchanges database. one method to access an exchange database is via MAPI which is how cisco IP phones access their unity voicemail. You need to create the mailbox which will allow the user to get their voice mail without pc. If you configure it correctly, all they will have to do is press the messages button on their phone , enter their id, and password and they can access exchange. But the subscriber must have a mailbox. good resources www.answermonkey.net http://forums.cisco.com/eforum/servlet/NetProf?page=netprofCommCmd=MB%3Fcmd%3Ddisplay_messages%26mode%3Dnew%26location%3D.ee835d2 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58878t=58872 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Resricicting Certain Users -Pix 515 UR [7:58861]
Kevin, Hi! I would say the best way to do something like this would probably be using Websense (or similar software) in conjunction with your Pix. I've setup Websense before, and it's pretty easy. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Kevin O'Gilvie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I would like to create a group lets say x,x,x,x-x.x.x.x and restrict them to only certain websites, I am guessing I will have to use ip addresses of those sites, but still allow them to access the local network.. Whats the best way to go about this. I have been using groups in my configs thus far.. BTW- I love you guys in this group, it has to be the best news group around right now, lets keep the standards high and weed out the slackers that are trying to water down the CCIE's. We are doing more work for less money and the main reason why is because we are settling, we work damn hard and invest time and money to achieve these goals, and should be awarded as such. I dont see doctors building practice labs in there homes to cure patients, nor lawyers building practice court rooms.. Sorry for the ranting but every year it seems you have to have more and more letters after your name to earn a decent living in this technology arena, when we are the ones that are enabling these million and billion dollar companies to do business seemlessly anytime and anywhere.. -Kevin _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58865t=58861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MLS Hello Multicast Messages [7:58869]
[EMAIL PROTECTED] wrote: All, The MLS-RP sends hello's to the CMGP mcast address every 15 secs. All downstream switches in the network recv these hello messages. I have 2 6500s with a dot1q trunk and an MSFC in both. MLS enabled by default. Are you sure that MLS is enabled by default? I fired up several new 6509s over the weekend and none had MLS enabled. every 15 secs addressed to 01-00-0c-dd-dd-dd (CGMP address), but I dont see it. Please help. Ken Farrington Global Networks, Barclays Capital, 5 The North Colonnade, Canary Wharf, London, E14 4BB * Tel : 020 7773 3550 * Mob : 07768-866655 * [EMAIL PROTECTED] For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58886t=58869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Is there a redirect traffic command in IOS ? [7:58887]
HI, Can I set up a redirect traffice command in my Cisco 2600 ? I want to redirect web traffic (port 80) and FTP traffic (port 23) to a different server instead the default gateway. Is it possible ? Is there URL link I can read ? Thanks in advance __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58887t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Is there a redirect traffic command in IOS ? [7:58887]
you can configure policy based routing to achieve that. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Please help: 2600 console lost [7:58889]
I've been working a few hours with a 2610 when suddenly, boom!!, I lost my console connection, now it doesn't respond to Ctrl-Break nor anything, I've rebooted it several times but it doesn't shows any single character on HyperTerminal. Unfortunately, the equipment is running (almost) default configuration, so now I can't get in through Aux or Vty. My Aux port respond but can't do much through it since no 'enable password' has been provided by default, so can't get to privileged mode. Once the box is booted, it looks good, its eth and serial interfaces comes up, so it doesn't looks like a flash or IOS corruption problem. Do you guys have any clue why I'm suffering this? Any workaround to at least have privileged access through Aux?? Maybe nvram got corrupted? there's any way to 'hard' reset nvram through internal jumpers?? Thanks very much in advance, RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58889t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Loopback and OSPF [7:58890]
Can you use Loopback interfaces to pass OSPF traffic? Here is my example: Router A Interface loopback0 ip address 10.10.10.10 255.255.255.0 Interface Vlan 2 ip address 2.2.2.2 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Router B Interface loopback 0 ip address 10.10.10.11 255.255.255.0 Interface Vlan 3 ip address 3.3.3.3 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Will the loopback interfaces pass along the OSPF traffic so that both router will know about vlans 2 and 3? I know that OSPF will use loopbacks as the router ID, but have not found anything conclusive about OSPF distribution. Thanks in advance!! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58890t=58890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: no service password-recovery [7:58835]
Hi, It's a 3550's command only. it's disable the password-recovery procedure. You can find more information on CCO : http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1218ea1/3550cr/cli2.htm#xtocid1 Best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58891t=58835 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Is there a redirect traffic command in IOS ? [7:58887]
Go to www.cisco.com and read about Policy-Based Routing (PBR). This may be what you're looking for, but I'm not sure from your description. You might need something a little different depending on what you're really trying to accomplish. If you simply want to force http and ftp traffic to take a different path--to a transparent proxy server, for example--then PBR may be for you. HTH, John [EMAIL PROTECTED] 12/10/02 8:51:20 AM HI, Can I set up a redirect traffice command in my Cisco 2600 ? I want to redirect web traffic (port 80) and FTP traffic (port 23) to a different server instead the default gateway. Is it possible ? Is there URL link I can read ? Thanks in advance __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58892t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Is there a redirect traffic command in IOS ? [7:58887]
Use route maps - that should work -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 17:51 To: [EMAIL PROTECTED] Subject: Is there a redirect traffic command in IOS ? [7:58887] HI, Can I set up a redirect traffice command in my Cisco 2600 ? I want to redirect web traffic (port 80) and FTP traffic (port 23) to a different server instead the default gateway. Is it possible ? Is there URL link I can read ? Thanks in advance __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58893t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MTU problem handling [7:58894]
Hi Folks, Can anyone tell me, or point me to a link that does, what happens on a Catalyst Switch when an MTU problem occurs ? I know that when a router is involved, if a packet is larger than the MTU of the interface it needs to traverse, the router would examine the 'Don't Fragment' (DF) bit within the packet. If the DF bit is set to 1 then the packet will be dropped and an ICMP packet will be sent back to sending device informing it of the fact. If, however, the DF bit is set to 0 then the packet will be fragmented to conform to the MTU of the interface, and will then be forwarded for re-assembly by the recieving device. What I would like to know is, what happens if this problem occurs within a Switch ? thanks, Mark Haynes This message contains information that may be privileged or confidential and is the property of the Cap Gemini Ernst Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message . Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58894t=58894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN 640-505 [7:58871]
I can't comment on this book because I haven't read it. However, I've found that using the Cisco Press books along with the exam blueprint and CCO is normally the best bet for success. Also, 505 materials will normally be sufficient to pass the 605 exam. Shawn K. -Original Message- From: Dion [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 6:34 AM To: [EMAIL PROTECTED] Subject: BCRAN 640-505 [7:58871] Would the CCNP remote Access exam certification guide for 640-505 by Brian Morgan and Craig Dennis be enough to pass the 640-605 exam? The book is kind of short compared to the BCRAN book. Thanks in advance! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58896t=58871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Resricicting Certain Users -Pix 515 UR [7:58861]
You could also use a TACACS+ server here and have authentication configured for those users for any HTTP request - all others should be allowed to access the web without authentication. This way you can track them etc and setup specific access on the TACACS+ server. Never used Websense some I have no idea - sounds good from what I have read though. Andrew -Original Message- From: Brad [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 17:43 To: [EMAIL PROTECTED] Subject: Re: Resricicting Certain Users -Pix 515 UR [7:58861] Kevin, Hi! I would say the best way to do something like this would probably be using Websense (or similar software) in conjunction with your Pix. I've setup Websense before, and it's pretty easy. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Kevin O'Gilvie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I would like to create a group lets say x,x,x,x-x.x.x.x and restrict them to only certain websites, I am guessing I will have to use ip addresses of those sites, but still allow them to access the local network.. Whats the best way to go about this. I have been using groups in my configs thus far.. BTW- I love you guys in this group, it has to be the best news group around right now, lets keep the standards high and weed out the slackers that are trying to water down the CCIE's. We are doing more work for less money and the main reason why is because we are settling, we work damn hard and invest time and money to achieve these goals, and should be awarded as such. I dont see doctors building practice labs in there homes to cure patients, nor lawyers building practice court rooms.. Sorry for the ranting but every year it seems you have to have more and more letters after your name to earn a decent living in this technology arena, when we are the ones that are enabling these million and billion dollar companies to do business seemlessly anytime and anywhere.. -Kevin _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58895t=58861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MLS Hello Multicast Messages [7:58869]
The strange this is, on the MSFC, if you type show mls status you get MLS global configuration status: global mls ip: enabled global mls ipx:enabled global mls ip multicast: disabled current ip flowmask for unicast: destination only current ipx flowmask for unicast: destination only And if you type show mls rp you get ip multilayer switching is globally disabled ipx multilayer switching is globally disabled ipx mls inbound acl override is globally disabled mls id is 0009.1233.cd80 mls ip address 0.0.0.0 mls ip flow mask is unknown mls ipx flow mask is unknown number of domains configured for mls 0 How strange? -Original Message- From: s vermill [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 15:49 To: [EMAIL PROTECTED] Subject: RE: MLS Hello Multicast Messages [7:58869] [EMAIL PROTECTED] wrote: All, The MLS-RP sends hello's to the CMGP mcast address every 15 secs. All downstream switches in the network recv these hello messages. I have 2 6500s with a dot1q trunk and an MSFC in both. MLS enabled by default. Are you sure that MLS is enabled by default? I fired up several new 6509s over the weekend and none had MLS enabled. every 15 secs addressed to 01-00-0c-dd-dd-dd (CGMP address), but I dont see it. Please help. Ken Farrington Global Networks, Barclays Capital, 5 The North Colonnade, Canary Wharf, London, E14 4BB * Tel : 020 7773 3550 * Mob : 07768-866655 * [EMAIL PROTECTED] -- -- For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. -- -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58897t=58869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco exam Centers (Spain, Madrid) [7:58898]
Hello friends, I would like to contact with someone who has taken cisco exams in spain, (Madrid). I want to take the exam on my own (without taking any course) and I would like to know where I can take the exam and the prices. I have a list of vue centers and prometric centers but i would appreciate any experience. Thanks! ___ Yahoo! Sorteos Consulta si tu nzmero ha sido premiado en Yahoo! Sorteos http://loteria.yahoo.es Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58898t=58898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Is there a redirect traffic command in IOS ? [7:58887]
Yeah, it's not too complicated. I do this in one of my production networks. You need a route map that matches packets somehow - i use source address. Then you just set the next hop to whatever you want for your server. If your server isn't directly connected, you need to either rewrite the dest address or source-route it from there to the final server, or some combination of both. At the server, you usually need to do some advanced configuration if you don't rewrite the dest address, in order to get it to accept connections that aren't destined for it. For more info, do a google search on setting up squid to be a transparent proxy. It's basically the same thing. Let me know if you want more details. -sd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58899t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: no service password-recovery [7:58835]
On Tue, 10 Dec 2002, olivier Boistel wrote: it's disable the password-recovery procedure. You can find more information on CCO : http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1218ea1/3550cr/cli2.htm#xtocid1 It works on other devices apparently. I did a quick search and actually found a way around the command. It looks like Cisco needs to take note and possibly fix this bug. I would like to discuss why its a good command to have with Cisco if anyone from cisco is paying attention. Thanks, Andrew --- http://www.andrewsworld.net/ ICQ: 2895251 Cisco Certified Network Associate Learn from the mistakes of others. You won't live long enough to make all of them yourself. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58900t=58835 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco exam Centers (Spain, Madrid) [7:58898]
here you'll find a few: - Professional training (I've done every single exam here) - Global Knowledge - Instituto Cibernos and a few more... Prices for CCNA and CCNP exams around 144 + IVA each one, you might ask them to get rid of the IVA so you can save a few s. Good luck!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58901t=58898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MTU problem handling [7:58894]
Haynes, Mark wrote: Hi Folks, Can anyone tell me, or point me to a link that does, what happens on a Catalyst Switch when an MTU problem occurs ? I know that when a router is involved, if a packet is larger than the MTU of the interface it needs to traverse, the router would examine the 'Don't Fragment' (DF) bit within the packet. If the DF bit is set to 1 then the packet will be dropped and an ICMP packet will be sent back to sending device informing it of the fact. If, however, the DF bit is set to 0 then the packet will be fragmented to conform to the MTU of the interface, and will then be forwarded for re-assembly by the recieving device. What I would like to know is, what happens if this problem occurs within a Switch ? A layer 2 switch doesn't look past the layer 2 header so wouldn't know about the DF bit in the IP header. If a frame were too large to send out an interface, the switch would simply drop it. It wouldn't send an ICMP message. A frame arriving that was too large to forward would be an odd occurance, since switches usually connect like networks, but it could happen. Gigabit Ethernet sometimes uses jumbo frames, for example, although I think there is some controversy about whether it should. Another example is the infamous Ethernet/Token Ring bridges of lore, which had numerous problems including this very one. Now, there were vendors who had bridges that did fragmentation, but they were sort of considered hacks. The concept of a bridge looking at Layer 3 info gave many purists the heebie-geebies (technical term). If you have Radia Perlman's book, Interconnections, I believe she has a few choice words to say on this topic. If you're trying to troubleshoot an actual problem, let us know some more details. If it's just theory, than the info I provided should help. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com thanks, Mark Haynes This message contains information that may be privileged or confidential and is the property of the Cap Gemini Ernst Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message . Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58903t=58894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Auto-Negotiation or Manual Configuration [7:58904]
From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58904t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN 640-505 [7:58871]
Concerning BCRAN, I don't see anything in the current exam topics that specify the configuration of a Cisco 700 series router. The Cisco books I have (605 series) devote an entire Chapter on this topic. Was it relevant to the 605 exam and not the 606? I'm reading the chapter anyway as I have not had experience with this device, just wondering if I need to commit things to memory. Rich Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58905t=58871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN 640-505 [7:58871]
Just understand the basics of the 700 series, what it can connect to the internal settings - LAN, System, etc..There was alittle on it when I took it last May. Good luck. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58906t=58871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP using HSRP virtual ip address? [7:58907]
__ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58907t=58907 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can I configure BGP neighbor using HSRP VIP ip address of [7:58908]
r1 | | - | | | | r2 r3 In the above configuration, r2 and r3 are configured with HSRP. I need to configure iBGP between r1, r2 and R3. Can I configure neighbor from r1 to r2 and r3 using the HSRP virtual ip address? or I need to use r2, r3 real ip address or using peer-group? Thanks. Kim. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58908t=58908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Auto-Negotiation or Manual Configuration [7:58904]
I've discovered that if you have NICs that are relatively new (less than three years) and you have updated drivers then autonegotiation works very well. In the past it's been a rancid, evil mechanism that almost guaranteed link failure at some point. The stability of this mechanism has improved greatly over the last few years and for various reasons it may actually be better than hard-setting the speed and duplex. If you have recent NICs with the latest drivers and you have relatively new switches then give it a shot. Make sure you set BOTH sides to auto. Never configure auto on one side only. If the mechanism is to work as intended both sides must be configured for autonegotiation. People who know far more about NIC technology than I have stated that hard-setting the speed and duplex on newer switches and NICs is the absolute worst thing to do if you desire link stability. This advice does not apply if you have older NICs and switches. Do a Google Group search on this topic and you'll find some quite heated but informative debates. HTH, John [EMAIL PROTECTED] 12/10/02 11:10:01 AM From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58909t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can I configure BGP neighbor using HSRP VIP ip add [7:58908]
I ran into this problem before and figured out I had to peer with the real addresses. That worked out fine. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58910t=58908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hello (long response) [7:5788]
Bill, I agree with you in that it was very foolish to just start throwing pink slips around without first finding out how these individuals may be able to help the company. I'm sure many of them would be happy to take a pay cut and would still be able to contribute valuable input. I don't believe it is a weakness not having the so-called killer instinct. People with that trait usually end up killing their own careers by making stupid, ego-based, inaccurate decisions. Shawn K. -Original Message- From: Creighton Bill-BCREIGH1 [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 12:31 PM To: [EMAIL PROTECTED] Subject: RE: Hello (long response) [7:5788] Nrf, I always look forward to hearing your view. Your points are valid, and I very much agree to your acknowledgement of the merging worlds of network and systems engineering. As far as personnel management, though, my first rule is to make decisions in the best interest of the company while ensuring the staff is challenged and fulfilled. If Adrian's staff was not challenged due to the diminished role of Routing and Switching, I don't believe his first course of action should have been to throw them away. If they were contractors to whom the company was not obligated to train outside the scope of the original project, then concessions could have been made to renegotiate the rate in return for realigned objectives. If they weren't contractors, this is an example of a dangerous trend in all business environments. There are ways around throwing an employee on the street. I don't care WHAT kind of budget you have to work with. Sometimes cuts can't be avoided regardless of the belt tightening that a department may do, but this case does not seem to be one where an executive decision was made to eliminate X amount of headcount. This list has provided countless posts of industry aces taking massive pay cuts to put food on the table. It may be my weakness to not have the killer instinct that Adrian has displayed, but I'd rather offer any position I could as a Unix or security admin at a lowered rate, than to take away someone's entire livelihood. Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data / MPS 1301 E. Algonquin Road Schaumburg, IL 60196 [EMAIL PROTECTED] -Original Message- From: nrf [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 12:23 AM To: [EMAIL PROTECTED] Subject: Re: Hello (long response) [3:5788] I stated this before on the other thread, but I'll state it again. While I think that the way Adrian handled the situation was beyond the pale (and I think everybody here on this newsgroup knows that I ain't no wallflower), I have to say that I actually do agree somewhat with the gist of what he was saying. Let's face it - R/S skills are simply not as demanded as they were in the past, and if R/S people want to maintain their high salaries (or even keep their job), they better develop different skills. IT has always been an industry of flux, where skills that used to command high pay one day no longer do so the next day. Anybody who expects to keep a job but who can't/won't update their skills to whatever happens to be demanded by the marketplace at the time is playing a dangerous game indeed. But again, that's not so say that I condone Adrian's methods. Jesus Velazquez wrote in message news:[EMAIL PROTECTED]... Bill, I agree. These CCIE's are obviously certified as internetworking experts (R/S) not security or unix admins...therefore I find it unfair for Adrian to fire them based on what he wished they should be skilled in. My question to Adrian is did he ever provide them the opportunity to become well rounded in unix / security as well. If not, then shame on him and that displays poor leadership potential on his part. Perhaps he felt his job could have been at risk if he is making more than any of the ccie's he canned. I sure hope Adrian can perform the responsibilities of the 4 ccie's. Now that he dumped these ccie's I can imagine how big his christmas bonus will be. The more I read about layoffs the sicker I get. This field is becoming more cut throat then ever. As the cliche goes, what goes around, comes around but with more velocity unbelievable- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Creighton Bill-BCREIGH1 Sent: Monday, December 09, 2002 5:03 PM To: [EMAIL PROTECTED] Subject: RE: Hello (long response) [3:5788] Agreed. Help you need maybe with grammar to be speaking about no skills others have. People in glass houses shouldn't throw stones - especially if, what you say is true, you are in a managerial role. I find it hard to believe that you would have such little respect for others and still be able to successfully lead others. I have a recommendation for your personal and professional growth. If you wish to progress to managerial or executive level positions, you
Re: Loopback and OSPF [7:58890]
Never mind..I found my answer. Thanks! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Christopher Dumais 12/10/02 11:00:45 AM Can you use Loopback interfaces to pass OSPF traffic? Here is my example: Router A Interface loopback0 ip address 10.10.10.10 255.255.255.0 Interface Vlan 2 ip address 2.2.2.2 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Router B Interface loopback 0 ip address 10.10.10.11 255.255.255.0 Interface Vlan 3 ip address 3.3.3.3 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Will the loopback interfaces pass along the OSPF traffic so that both router will know about vlans 2 and 3? I know that OSPF will use loopbacks as the router ID, but have not found anything conclusive about OSPF distribution. Thanks in advance!! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58912t=58890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to change the default Telnet port of a router [7:58647]
Hi Raj, It's work now!!! :) Thanks for your advise. Actually I'm working on the way like you described but I'm digging into the hole in applying additional access list on the vty... that's why it fail. Now everything is good. Thanks Simon Raj Santiago Hi Simon, There is a way, but its a hack. I dont recommend you do this, but just shows that you dont always need to attack the problem directly.. anyway here is a simple diagram s0 s1 10.0.0.110.0.0.2 -- | 172.16.55.1 (eth0) on RTA apply the following config : ip nat inside source static tcp 172.16.55.1 23 172.16.55.1 2002 extendable ! interface Ethernet0 description Dummy interface for lab testing ip address 172.16.55.1 255.255.255.0 no keepalive ! interface Serial0 ip address 10.0.0.1 255.255.255.0 ip nat outside clockrate 38400 ! So basically your mapping the local telnet port 23, to port 2002. If you try and telnet normally to ip 172.16.55.1 you wont initiate a connection as NAT will reply back with a port of 2002. Hence the only way to obtain telnet is to telnet to 172.16.55.1 2002 raj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58913t=58647 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Exam:640-901 [7:58867]
I used both, and found actually doing the labs to be a really good way to cement the theory into my memory. Some people can learn from just reading, but as a good friend mentioned to me the other day, as I was trying to Show him something : Doing is Learning. Symon -Original Message- From: Tangled Up in Blue [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 15:01 To: [EMAIL PROTECTED] Subject: RE: Routing Exam:640-901 [7:58867] Peri, I am taking my 901 on Thursday of this week as well! I have the Cisco Press Book by Paquet, and it suppossed to cover all of the test material. I also downloaded the IS-IS supplement from Cisco. I know NOTHING about IS-IS, so I'm going to learn the basics and pray that there are only about 4-5 questions on it. I've worked in networking with Cisco products since 2000, so I feel comforatable with day-to-day operations, and I'm fairly comfident with my commands. What I have been concentrating on is more of the book stuff like metric stuff, bgp path attributes, and the specific routing commands that are applied to interfaces. I have a lab with 4 2500's, but to be honest, I feel like the books are more important for this specific exam. Anyone who has taken the test, I would like to hear your opinion on book specifics vs. router configs on the BSCI exam, please. Kalo Taxithi - jason = This email has been content filtered and subject to spam filtering. If you consider this email is unsolicited please forward the email to [EMAIL PROTECTED] and request that the sender's domain be blocked from sending any further emails. = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58915t=58867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN 640-505 [7:58871]
Also, the 1600 series and the positioning of these routers (and other routers) in the market. Shawn K. -Original Message- From: John McCartney [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 2:00 PM To: [EMAIL PROTECTED] Subject: RE: BCRAN 640-505 [7:58871] Just understand the basics of the 700 series, what it can connect to the internal settings - LAN, System, etc..There was alittle on it when I took it last May. Good luck. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58914t=58871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT low cost DS3 router [7:58916]
Fellas, this request just came in from a buddy of mine, if figured while I search I was wondering if any of you have seen or used one before. Take off your Cisco hat for second and think about this: What device would you use to terminate a DS3 to ethernet that is ultra low cost. I need to find a low cost, carrier type CPE that will take a DS3 and hand off eithernet. Low cost, low feature is the guiding word. Let me know Thanks... /JS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58916t=58916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: bandwidth [7:58788]
Selcuk, What are you tring to achieve by doing this? Switch operates at layer 2. Unless, you are wanting to change the speed and duplex from auto to a static, which is done by speed 10 and duplex half under the interface. If you are wanting to change metrics, then that will have an impact on your Span-Tree topology. Ted Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58919t=58788 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Auto-Negotiation or Manual Configuration [7:58904]
[EMAIL PROTECTED] wrote: From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Of course, they say that. They invented it. :-) They couldn't know that it wouldn't really work in the real world. Unlike IETF, I don't think IEEE has strict rules about there needing to be implementations that interoperate before a standard is declared finished. Actually, some of the problems come about because some vendors started implementing auto-negotation before the standard came out and did things a little differently. That always happens. There are some cases, by the way, where manual configuration won't work either! I've run into that. In general, the problems are starting to go away, however. The vendors are mostly doing things in an ineroperable manner now and auto-negotiation may be safe to use again, at least from my limited experience. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58920t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Loopback and OSPF [7:58890]
Could you share with the rest of us? :-) -Original Message- From: Christopher Dumais [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 2:42 PM To: [EMAIL PROTECTED] Subject: Re: Loopback and OSPF [7:58890] Never mind..I found my answer. Thanks! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Christopher Dumais 12/10/02 11:00:45 AM Can you use Loopback interfaces to pass OSPF traffic? Here is my example: Router A Interface loopback0 ip address 10.10.10.10 255.255.255.0 Interface Vlan 2 ip address 2.2.2.2 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Router B Interface loopback 0 ip address 10.10.10.11 255.255.255.0 Interface Vlan 3 ip address 3.3.3.3 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Will the loopback interfaces pass along the OSPF traffic so that both router will know about vlans 2 and 3? I know that OSPF will use loopbacks as the router ID, but have not found anything conclusive about OSPF distribution. Thanks in advance!! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58922t=58890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Auto-Negotiation or Manual Configuration [7:58904]
Yes indeed there are cases where setting it manually will not work, and auto-neg needs to be in place. I've run into this with ixtreme servers connected to 2900 switches. Tis yet another reason to test before implementation. Bri On Tue, 10 Dec 2002, Priscilla Oppenheimer wrote: [EMAIL PROTECTED] wrote: From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Of course, they say that. They invented it. :-) They couldn't know that it wouldn't really work in the real world. Unlike IETF, I don't think IEEE has strict rules about there needing to be implementations that interoperate before a standard is declared finished. Actually, some of the problems come about because some vendors started implementing auto-negotation before the standard came out and did things a little differently. That always happens. There are some cases, by the way, where manual configuration won't work either! I've run into that. In general, the problems are starting to go away, however. The vendors are mostly doing things in an ineroperable manner now and auto-negotiation may be safe to use again, at least from my limited experience. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58921t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Resricicting Certain Users -Pix 515 UR [7:58861]
Sounds good.. But websense is very expensive.. Wont lists do the job as well: e.g object-group network REST-LAN-USR network-object 10.1.x.x 255.255.255.0 object-group network Rest-SRV network-object host 64.232.56.99 network-object host 209.123.45.67 access-list RESTRICTED permit tcp object-group REST-LAN-USR object-group Rest-SRV eq www And just put those users in that subnet? Thanks Brad From: Brad Reply-To: Brad To: [EMAIL PROTECTED] Subject: Re: Resricicting Certain Users -Pix 515 UR [7:58861] Date: Tue, 10 Dec 2002 15:42:54 GMT Kevin, Hi! I would say the best way to do something like this would probably be using Websense (or similar software) in conjunction with your Pix. I've setup Websense before, and it's pretty easy. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) Kevin O'Gilvie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I would like to create a group lets say x,x,x,x-x.x.x.x and restrict them to only certain websites, I am guessing I will have to use ip addresses of those sites, but still allow them to access the local network.. Whats the best way to go about this. I have been using groups in my configs thus far.. BTW- I love you guys in this group, it has to be the best news group around right now, lets keep the standards high and weed out the slackers that are trying to water down the CCIE's. We are doing more work for less money and the main reason why is because we are settling, we work damn hard and invest time and money to achieve these goals, and should be awarded as such. I dont see doctors building practice labs in there homes to cure patients, nor lawyers building practice court rooms.. Sorry for the ranting but every year it seems you have to have more and more letters after your name to earn a decent living in this technology arena, when we are the ones that are enabling these million and billion dollar companies to do business seemlessly anytime and anywhere.. -Kevin _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58918t=58861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
640-851 test taken [7:58923]
I took the 6490-851 yesterday. 112 questions, 120 minutes, not alot of time to do the simulation. I hope this question doesn't brake nondisclosure agreement. In the simulation how far do you go? Do you need to put in commands like no shutdown copy run start? How many points are the Sims worth? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58923t=58923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
640-851 test taken [7:58925]
I took the 6490-851 yesterday. 112 questions, 120 minutes, not a lot of time to do the simulations. I hope this question doesn't brake nondisclosure agreement. In the simulation how far do you go? Do you need to put in commands like no shutdown copy run start? How many points are the Sims worth? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58925t=58925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Exam:640-901 [7:58867]
Agreed. When you actually do something, it tends to stay in memory. On most of my exams, I would read the text and then try to incorporate the topic into my lab. It really helped to understand the topic. However, as the original poster mentioned, there are some topics on this exam that you can't actually do and must memorize them. So, as with all exams, books, Cisco blueprint, CCO, and hands-on are a good bet for success! Shawn K. -Original Message- From: Symon Thurlow [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 2:46 PM To: [EMAIL PROTECTED] Subject: RE: Routing Exam:640-901 [7:58867] I used both, and found actually doing the labs to be a really good way to cement the theory into my memory. Some people can learn from just reading, but as a good friend mentioned to me the other day, as I was trying to Show him something : Doing is Learning. Symon -Original Message- From: Tangled Up in Blue [mailto:[EMAIL PROTECTED]] Sent: 10 December 2002 15:01 To: [EMAIL PROTECTED] Subject: RE: Routing Exam:640-901 [7:58867] Peri, I am taking my 901 on Thursday of this week as well! I have the Cisco Press Book by Paquet, and it suppossed to cover all of the test material. I also downloaded the IS-IS supplement from Cisco. I know NOTHING about IS-IS, so I'm going to learn the basics and pray that there are only about 4-5 questions on it. I've worked in networking with Cisco products since 2000, so I feel comforatable with day-to-day operations, and I'm fairly comfident with my commands. What I have been concentrating on is more of the book stuff like metric stuff, bgp path attributes, and the specific routing commands that are applied to interfaces. I have a lab with 4 2500's, but to be honest, I feel like the books are more important for this specific exam. Anyone who has taken the test, I would like to hear your opinion on book specifics vs. router configs on the BSCI exam, please. Kalo Taxithi - jason = This email has been content filtered and subject to spam filtering. If you consider this email is unsolicited please forward the email to [EMAIL PROTECTED] and request that the sender's domain be blocked from sending any further emails. = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58926t=58867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Alittle off topic [7:58917]
Hi everybody. Anyone have an opinion on a good beginning book on Unix? Thanks, Tim. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58917t=58917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
LONG RE: Auto-Negotiation or Manual Configuration [7:58904]
I previously mentioned that with newer hardware autonegotiation might be the way to go. Here are some snippets from a discussion of this very issue by people more NIC-savvy than me. It should be noted that NWAY refers to the autonegotiation mechanism. Along with other information, this discussion caused me to look at autonegotiation of speed and duplex settings in a new light. but most people agree that auto-negotiation (while being a good idea) is not the way to configure a reliable network. Oh no, they do not. Most people that really know this stuff actually agree that nway is usually the way to go, and if problems arise masking them is not the best solution. FOr instance, one of the well-known guys strongly supporting NWAY as the only real way to configure is Donald Becker, the guy writing almost all linux nic drivers. What are (if any) the advantages or issues in choosing half or full duplex on the server card connected to a 100mps switch and the workstation cards connected at 100 mps as well. In my opinion you're better off setting both ends of the link to auto and let the NIC/switch negotiate. This is the only *correct* way to guarantee that a link will work. For a long time its been an unwritten networking law to always disable auto-whatever and force the settings, and while this may have been true for old networking gear (and is still definitely true for frame types!), its simply not the case anymore. Unless your gear is more than six years old, it should be able to negotiate the correct speed and duplex on its own. If you connect a server and switch port together with each set to auto and they *don't* negotiate a full duplex link, then you most likely have a wiring issue and forcing either or both ends to FD is only asking for trouble as it will mask the underlying problem. Ive connected over 80 compaq servers into these switches, ranging from single FD connections to 4 Dual port cards in a backup server. All these were set to 100mb full duplex. The only time we had a problem was when a server engineer left the server setting to autonegotiate. In that case you were plain lucky that it works in the combination 450T/your compaq cards, and it may fail without notice with the next update or different NIC you use. Let me explain: When two 100BaseTX devices get connected, they default to autonegotiation. First of all they try to detect if the other device does auto (NWAY) or not. By default, it would detect that, and now both devices will try to agree on the highest common speed. SO far, so good. What happens when you manually set one or both of the two devices is beyond any standard, and is completely up to the vendor. Basically, there are two possibilities, and both are equally used throughout the different vendors: a. The manually configured device still has nway enabled, but offers only the speed and duplex setting it's configured for. Some devices also offer the configured *and* lower settings. In that case, negotiation with a device that's still set for full autonegotiation could work. b. The device disables nway completely, and hardcoded simply tries to establish the LINK with it's configured setting. In that case, if the remote device is set to full autonegotiation, it *will* without a doubt fall back to half duplex, as it assumes a HUB is connected, which does not do NWAY. In case you set the fist device to FD in that case, you'll have a mismatch. THat's the worst case scenario, i.e. setting only one side manually to FD while leaving the other side set at auto. Now, if you have one side that uses a. from above, and the other device uses b., you're in trouble, *even* when both devices are set manually to FD. One of them possibly *regardless that you set it to FD*, fall back to HD as it doesn't detect a NWAY capable device on the other end. That's why I said the only guarantted working manual configuration is HD. Sure enough, FD *could* work depending on the devices in use, but it can stop working with the next driver, firmware or hardware revision. Simply put, the only guaranteed and standarized way to make full duplex work is autonegotiation. It may not adhere to best practice or be the recommended way of doing things, but with the 450T switches it works. Then they're broken and are not certified 100BaseTX devices. Ive always been under the impression that autonegotiation was to be watched carefully and not trusted in all ethernet network environments. No. Again, autonegotitaion is *the only* way to connect 100BaseTX devices according to the IEEE standard. Anything else means leaving the standard and can and does lead to unpredictable results. So what works well with one setup, doesn't mean it will be the same elsewhere with different equipment. This in itself is enough for us to not rely on the technology. We have to keep the speed of the Networks at top performance, as people's lives may depend on it (I'm not being dramatic, we have
Re: Routing Exam:640-901 [7:58867]
Tell me, and I may forget; Show me, and I may remember; Involve me, and I'll understand. ;-) - Original Message - From: Kaminski, Shawn G To: Sent: Tuesday, December 10, 2002 3:38 PM Subject: RE: Routing Exam:640-901 [7:58867] Agreed. When you actually do something, it tends to stay in memory. On most of my exams, I would read the text and then try to incorporate the topic into my lab. It really helped to understand the topic. However, as the original poster mentioned, there are some topics on this exam that you can't actually do and must memorize them. So, as with all exams, books, Cisco blueprint, CCO, and hands-on are a good bet for success! Shawn K. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58928t=58867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Alittle off topic [7:58917]
beginning user or admin? If you're even a moderate user, there is some admin in that. Really, I like these books best.. O'Reilly's Essential System administration, a new edition was recently released. Unix System Administration handbook by Nemeth, Snyder, Seabass, hein. Bri On Tue, 10 Dec 2002, Fernandez, Tim wrote: Hi everybody. Anyone have an opinion on a good beginning book on Unix? Thanks, Tim. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58929t=58917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Auto-Negotiation or Manual Configuration [7:58904]
At Cisco we run auto/auto on our desktop network and have few problems..AS previously stated it is NIC and switch dependant. -L Priscilla Oppenheimer wrote: [EMAIL PROTECTED] wrote: From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Of course, they say that. They invented it. :-) They couldn't know that it wouldn't really work in the real world. Unlike IETF, I don't think IEEE has strict rules about there needing to be implementations that interoperate before a standard is declared finished. Actually, some of the problems come about because some vendors started implementing auto-negotation before the standard came out and did things a little differently. That always happens. There are some cases, by the way, where manual configuration won't work either! I've run into that. In general, the problems are starting to go away, however. The vendors are mostly doing things in an ineroperable manner now and auto-negotiation may be safe to use again, at least from my limited experience. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58930t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Auto-Negotiation or Manual Configuration [7:58904]
Just got finished with a weird problem and the fix was auto negotiation on a 7200/w PA-2FE-TX. Problem was customer was seeing many CRC errors incrmenting on FE. Unfortunately another group within our organization monitors this customers network and one thing they monitor are input and output errors. For some reason which I need to figure out the CRCs were counting up but the input errors remained 0 therefore never alerting out monitoring group. I can come up with examples of many differant scenerios, as Priscilla mentions, unfortunately it's somewhat of a crapshoot!! Dave Priscilla Oppenheimer wrote: [EMAIL PROTECTED] wrote: From my experience in networking I made my mind that manual configuration of speed and mode is the better choice. Cisco recommends fixed configuration too. For my surprise, 802.3 specification states: It is strongly recommended that Auto-Negotiation be used ... Manual configuration is not recommended That sounds weird for me. Any thoughts? Of course, they say that. They invented it. :-) They couldn't know that it wouldn't really work in the real world. Unlike IETF, I don't think IEEE has strict rules about there needing to be implementations that interoperate before a standard is declared finished. Actually, some of the problems come about because some vendors started implementing auto-negotation before the standard came out and did things a little differently. That always happens. There are some cases, by the way, where manual configuration won't work either! I've run into that. In general, the problems are starting to go away, however. The vendors are mostly doing things in an ineroperable manner now and auto-negotiation may be safe to use again, at least from my limited experience. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58931t=58904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
AIM-COMPR4 Product Experience? [7:58932]
Does anyone have real world experience with the AIM-COMPR4 product? Cisco claims 4:1 compression. Anyone else seeing this? Thanks! Aaron Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58932t=58932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 640-851 test taken [7:58925]
My guess is that you for sure have to do the no shutdown command but probably not the copy run start command. After all, you're doing a simulation that is supposed to represent what you would actually do in a certain situation. If you don't bring up an interface and that interface is needed for the configuration to work, then your configuration won't work. On the other hand, your configuration will still work without the copy run start as long as the router doesn't need to be rebooted. Not sure how the simulations are graded. Shawn K. -Original Message- From: meidinger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 3:37 PM To: [EMAIL PROTECTED] Subject: 640-851 test taken [7:58925] I took the 6490-851 yesterday. 112 questions, 120 minutes, not a lot of time to do the simulations. I hope this question doesn't brake nondisclosure agreement. In the simulation how far do you go? Do you need to put in commands like no shutdown copy run start? How many points are the Sims worth? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58933t=58925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Checkpoint and Cisco Catalyst Integration [7:58934]
I am planning on doing a dual Checkpoint to dual Cat install. The Nokia FW will be running two instances of VRRP each with dual home to the Cats. 1) Has anyone else done this? 2) What issues/problems/concerns should I keep an eye out for? 3) Does anyone have a sample config for the Cats? 4) Do you have a sample config for the Nokias? Thanks! Chris Watson, CCNP Recent Survivor of The Written Exam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58934t=58934 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT low cost DS3 router [7:58916]
At 07:47 PM 12/10/2002 +, jeff sicuranza wrote: Fellas, this request just came in from a buddy of mine, if figured while I search I was wondering if any of you have seen or used one before. Take off your Cisco hat for second and think about this: What device would you use to terminate a DS3 to ethernet that is ultra low cost. I need to find a low cost, carrier type CPE that will take a DS3 and hand off eithernet. Low cost, low feature is the guiding word. Last I checked, most carriers buy Cisco here. Let me know Thanks... /JS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58936t=58916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NPE-200 [7:58935]
I cant find what I'm looking for on CCO, even logged in, and its annoying me...I'm not keen on Cisco's new site layout. Our upstream that was have a DS3 with, has their router, a 7202 w/NPE-200, located in our equipment room. We have been noticing a large slowdown in the evenings sometimes. After doing some tweaking of our 7206vxr we have managed to improve performance on our router (thanks to others from here), but we are not seeing any improvment overall. Our upstream has done some baselining and have told us while we have not maxed out our BW, which is true, our own graphs and baselines show we max our incoming at about 20Mbits/sec and out about 15Mbits/sec. (we can burst to the full capacity of the DS3 if we need to and get charged accordingly). But what they have come up with is the cells seem to be maxing out. We hit 80k cells/sec according to them at peak. What Ive been looking for is info on what the NPE-200 can do w/regards to throughput on a 7202? NPE-200 is EOL and I cannot find any specs on the NPE-200 and what it can do performance wise...anyone know? Thanks, Keith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58935t=58935 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hello (long response) [7:5788]
Not to mention that someday he will have to face at least one of us professionally. Watch yer back Adrian, this community is still small at the higher levels and your decision will bite you in the ass sooner or later. -Doc- Kaminski, Shawn G wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Bill, I agree with you in that it was very foolish to just start throwing pink slips around without first finding out how these individuals may be able to help the company. I'm sure many of them would be happy to take a pay cut and would still be able to contribute valuable input. I don't believe it is a weakness not having the so-called killer instinct. People with that trait usually end up killing their own careers by making stupid, ego-based, inaccurate decisions. Shawn K. SNIP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58937t=5788 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can I configure BGP neighbor using HSRP VIP ip address of [7:58938]
At 07:15 PM 12/10/2002 +, Kim Seng wrote: r1 | | - | | | | r2 r3 In the above configuration, r2 and r3 are configured with HSRP. I need to configure iBGP between r1, r2 and R3. Can I configure neighbor from r1 to r2 and r3 using the HSRP virtual ip address? or I need to use r2, r3 real ip address or using peer-group? BGP runs on TCP and you won't find stateful TCP failover as part of the HSRP spec. Hence, this won't work, nor do you really want it to. For policy reasons, peer with both upstreams and you'll have more control. Thanks. Kim. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58938t=58938 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Loopback and OSPF [7:58890]
At 04:00 PM 12/10/2002 +, Christopher Dumais wrote: Can you use Loopback interfaces to pass OSPF traffic? Here is my example: The below routers will never form an OSPF adjacency. loopback addresses are virtual as you likley know, and inherently stub networks (ie they cannot be used for transit as the medium they represent holds only one device) Pete Router A Interface loopback0 ip address 10.10.10.10 255.255.255.0 Interface Vlan 2 ip address 2.2.2.2 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Router B Interface loopback 0 ip address 10.10.10.11 255.255.255.0 Interface Vlan 3 ip address 3.3.3.3 255.255.255.0 Router ospf 1 network 0.0.0.0 255.255.255.255 area 0 Will the loopback interfaces pass along the OSPF traffic so that both router will know about vlans 2 and 3? I know that OSPF will use loopbacks as the router ID, but have not found anything conclusive about OSPF distribution. Thanks in advance!! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58939t=58890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NPE-200 [7:58935]
I like http://www.cisco.com/en/US/products/hw/modules/ps2033/products_configuration_guide_chapter09186a00801056f4.html when talk about npe bandwidth comes up. Its a vxr specific link, but theres a lot of npe info below, btw 7202 was eol as of jan 2002. Bri On Tue, 10 Dec 2002, Keith Woodworth wrote: I cant find what I'm looking for on CCO, even logged in, and its annoying me...I'm not keen on Cisco's new site layout. Our upstream that was have a DS3 with, has their router, a 7202 w/NPE-200, located in our equipment room. We have been noticing a large slowdown in the evenings sometimes. After doing some tweaking of our 7206vxr we have managed to improve performance on our router (thanks to others from here), but we are not seeing any improvment overall. Our upstream has done some baselining and have told us while we have not maxed out our BW, which is true, our own graphs and baselines show we max our incoming at about 20Mbits/sec and out about 15Mbits/sec. (we can burst to the full capacity of the DS3 if we need to and get charged accordingly). But what they have come up with is the cells seem to be maxing out. We hit 80k cells/sec according to them at peak. What Ive been looking for is info on what the NPE-200 can do w/regards to throughput on a 7202? NPE-200 is EOL and I cannot find any specs on the NPE-200 and what it can do performance wise...anyone know? Thanks, Keith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58940t=58935 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hello (long response) [7:58824]
I brought these issues to my boss attention last wednesday and on thursay he ordered me to 'clean' house. The first thing I did was to send pink slips to all 4 CCIEs in the group and told them that they are fired because they don't know anything other than RS. They were making $130k/year and sucking almost all of So essentially, you started on 11/25 and after 8 days of work you were making 500k/year headcount reductions? Is wine coming out of the tap there yet or did you wake up? I don't disagree with your points and have never been one to judge an individuals quality on the basis of a vendor exam, but I think there are more credible ways to make this point. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58941t=58824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN or BSCI or both? [7:58942]
Hi there, I have given 2 of my CCNP papers. Now I am confused whether to appear for the remaining papers or wait for a while and then give them. Also, if I should give the paper(s), should I appear for BCRAN or BSCI first? And what should be the time frame in which I should finish giving both the exams? All suggestions are most welcome. Thanks in advance! :) Cheers, Kenan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58942t=58942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NPE-200 [7:58935]
Towards the bottom of http://www.cisco.com/univercd/cc/td/doc/product/software/ios111/cc111/paatm3.htm it states an npe-200 with the adapters on that page can do up to 800 SARs. Bri On Tue, 10 Dec 2002, Brian wrote: I like http://www.cisco.com/en/US/products/hw/modules/ps2033/products_configuration_guide_chapter09186a00801056f4.html when talk about npe bandwidth comes up. Its a vxr specific link, but theres a lot of npe info below, btw 7202 was eol as of jan 2002. Bri On Tue, 10 Dec 2002, Keith Woodworth wrote: I cant find what I'm looking for on CCO, even logged in, and its annoying me...I'm not keen on Cisco's new site layout. Our upstream that was have a DS3 with, has their router, a 7202 w/NPE-200, located in our equipment room. We have been noticing a large slowdown in the evenings sometimes. After doing some tweaking of our 7206vxr we have managed to improve performance on our router (thanks to others from here), but we are not seeing any improvment overall. Our upstream has done some baselining and have told us while we have not maxed out our BW, which is true, our own graphs and baselines show we max our incoming at about 20Mbits/sec and out about 15Mbits/sec. (we can burst to the full capacity of the DS3 if we need to and get charged accordingly). But what they have come up with is the cells seem to be maxing out. We hit 80k cells/sec according to them at peak. What Ive been looking for is info on what the NPE-200 can do w/regards to throughput on a 7202? NPE-200 is EOL and I cannot find any specs on the NPE-200 and what it can do performance wise...anyone know? Thanks, Keith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58943t=58935 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checkpoint and Cisco Catalyst Integration [7:58934]
Chris Watson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am planning on doing a dual Checkpoint to dual Cat install. The Nokia FW will be running two instances of VRRP each with dual home to the Cats. 2) What issues/problems/concerns should I keep an eye out for? You might want to re-consider your infrastructure. There are many attacks that will allow easy subversion of your firewalls. See these papers for some Catalyst configuration advice that prevents some of these attacks: http://www.sans.org/newlook/resources/IDFAQ/vlan.htm http://www.securite.org/presentations/secip/ http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switches.pd f It's nice to note that even if you do set trunk off on all ports (or switchport mode access under switch IOS), any would-be attacker can just send a doubly encapsulated frame with tagged Ethernet (although you can prevent this from travelling between switches by using different native vlans on the trunks on each switch pair). Now you still need to worry about the vrrp based attacks, vtp attacks, forced switch flooding, arp spoofing, etc etc. You're better off securing your hosts than using firewalls. If a sinlge host gets owned, you blow up your whole trust domain, and allow for about a billion different types of covert channels. You can and should configure ways around these covert channels if you want a more secure network. However, the real problem is that the firewall should be considered a separate model of trust (terminology taken from RFC 2196), and should not rely on the same underlying models of trust (two switches that create the same network, and have access to those networks) for its security. Consider using four switches, and have the inside vrrp on one pair, and the outside vrrp on the other pair. It is my suggestion that you read the following sources of information before architecting or designing network security infrastructures: http://www.auscert.org.au/Information/Auscert_info/Papers/Security_Domains.h tml http://www.ietf.org/rfc/rfc1135.txt http://www.ietf.org/rfc/rfc2196.txt http://www.ietf.org/internet-drafts/draft-dattathrani-tcp-ip-security-00.txt http://www.watersprings.org/pub/id/draft-ietf-ipsec-secconf-00.txt (apply the same concepts for configuring IPsec devices to any secure host, network device, firewall, etc) http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-030.html -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58944t=58934 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Written Exam [7:58947]
Hi, Anybody: Who want to discuss the questions of CCIE Written Exam with me? = Hang Danny Chau __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58947t=58947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
501 reloading [7:58946]
Hi, Was wondering if anyone else out there has experienced PIX501 reloads by barely doing more than looking xeyed at it! The 501 I originally had in the lab was easily reloaded, then yesterday it seemed to give up the ghost so I RMAed it. I got the new one and connected it to my PC on my desk. I grabed the PIX and tilted it some to see if I had a link light and wammo, it reloaded. Later I slid the PIX about 6 inches across my desk to give me more elbow room and another reload. I can too easily make this box crash. It doesn't loose power and there are no tracebacks or anything it just restarts. To make a short story long has anyone seen this behaviour on their PIX501. If not can you try and reproduce it? The engineer at Cisco who RMAed my original PIX has not heard of this ocurring so maybe I'm just lucky:( Thanks Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58946t=58946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT low cost DS3 router [7:58916]
Peter van Oene wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 07:47 PM 12/10/2002 +, jeff sicuranza wrote: What device would you use to terminate a DS3 to ethernet that is ultra low cost. I need to find a low cost, carrier type CPE that will take a DS3 and hand off eithernet. Low cost, low feature is the guiding word. Cheapest DS3 (non-ATM), that I know of is a Cisco 2650XM router (built-in 10/100 Ethernet) with a NM-1T3/E3. The above should cost around $8200 from most vendors, plus the cost of maint on the 2650 (~$300 for 8x5xNBD, ~$600 for 24x7x4). That sounds to be fairly priced, especially considering DS3's cost about that per month. Another alternative would be from Seranoa (I believe it is more expensive than the above solution), whom I saw demo a product at NANOG 26 which offers DS3 interfaces on one side, and VLAN-capable 10/100 Ethernet on the other side. http://www.seranoa.com/products/products.html If it were up to me, I'd go with the Cisco solution regardless of the price point from other vendors. I mean, you could price out a Nortel Passport 5430 with 10/100 Ethernet and DS3, but I'm positive you are looking at almost 10x the cost, if not more. -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58948t=58916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT low cost DS3 router [7:58916]
I have never used one, but there are Linux solutions as well, its really about what you are comfortable with. I'd be willing to bet you could score a used non vxr 7200 for a decent price via the [EMAIL PROTECTED] mailing list or some other avenue. Bri - Original Message - From: dre To: Sent: Tuesday, December 10, 2002 3:52 PM Subject: Re: OT low cost DS3 router [7:58916] Peter van Oene wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 07:47 PM 12/10/2002 +, jeff sicuranza wrote: What device would you use to terminate a DS3 to ethernet that is ultra low cost. I need to find a low cost, carrier type CPE that will take a DS3 and hand off eithernet. Low cost, low feature is the guiding word. Cheapest DS3 (non-ATM), that I know of is a Cisco 2650XM router (built-in 10/100 Ethernet) with a NM-1T3/E3. The above should cost around $8200 from most vendors, plus the cost of maint on the 2650 (~$300 for 8x5xNBD, ~$600 for 24x7x4). That sounds to be fairly priced, especially considering DS3's cost about that per month. Another alternative would be from Seranoa (I believe it is more expensive than the above solution), whom I saw demo a product at NANOG 26 which offers DS3 interfaces on one side, and VLAN-capable 10/100 Ethernet on the other side. http://www.seranoa.com/products/products.html If it were up to me, I'd go with the Cisco solution regardless of the price point from other vendors. I mean, you could price out a Nortel Passport 5430 with 10/100 Ethernet and DS3, but I'm positive you are looking at almost 10x the cost, if not more. -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58949t=58916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 501 reloading [7:58946]
Dave, Do not say yours gave up the ghost please do not say that LOL. Because mine does the exact same thing I just put it in my rack and leave it alone, anytime I have to recable my lab I turn it off because the slightest move of a cable and it reboots, and I hate doing it because my dsl line sometimes is hard to sync back up such an inconveyance. Now you got me worried about how long is it going to be before mine goes out. -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 6:42 PM To: [EMAIL PROTECTED] Subject: 501 reloading [7:58946] Hi, Was wondering if anyone else out there has experienced PIX501 reloads by barely doing more than looking xeyed at it! The 501 I originally had in the lab was easily reloaded, then yesterday it seemed to give up the ghost so I RMAed it. I got the new one and connected it to my PC on my desk. I grabed the PIX and tilted it some to see if I had a link light and wammo, it reloaded. Later I slid the PIX about 6 inches across my desk to give me more elbow room and another reload. I can too easily make this box crash. It doesn't loose power and there are no tracebacks or anything it just restarts. To make a short story long has anyone seen this behaviour on their PIX501. If not can you try and reproduce it? The engineer at Cisco who RMAed my original PIX has not heard of this ocurring so maybe I'm just lucky:( Thanks Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58950t=58946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
I guess my first question would be how, after a few HOURS, there is no IP address assigned and vty config? have you tried connecting from different computers? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58951t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
local dialtone issues - redundancy case study [7:58952]
This is a proposed solution for local dialtone, to replace pool of copper trunks : Main site will be equiped w/ main PBX / Voice Mail / ACD system. Coming into main site will be 3 leased T1's from each branch office. For local dialtone @ the Main office, ISDN PRI is utilized. Custom call routing is enabled. At each branch, there are currently 4 copper lines used as a pool for local dialtone. The proposed solution is replace each branches 4 copper lines w/ PRI for caller id issues in the corporation. Question to you guys: How could you enable redundancy in this scenario? Since PRI is a digital signal what happens if there is power problems at the CO? It's not like good old analog lines I would assume. Usually where I'm located, if your T1 is down, so is your PRI, it's just the nature of the beast. Anyone have suggestions? Comments? There will be 1 analog line for 911. Thanks Adam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58952t=58952 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 501 reloading [7:58946]
I have 2 501's that I have deployed with no problems as such... (fingers crossed ) Could the power connection in the back be loose on the inside? It might be a manufacturing problem? Thanks Larry -Original Message- From: Elijah Savage III [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 7:07 PM To: [EMAIL PROTECTED] Subject: RE: 501 reloading [7:58946] Dave, Do not say yours gave up the ghost please do not say that LOL. Because mine does the exact same thing I just put it in my rack and leave it alone, anytime I have to recable my lab I turn it off because the slightest move of a cable and it reboots, and I hate doing it because my dsl line sometimes is hard to sync back up such an inconveyance. Now you got me worried about how long is it going to be before mine goes out. -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 6:42 PM To: [EMAIL PROTECTED] Subject: 501 reloading [7:58946] Hi, Was wondering if anyone else out there has experienced PIX501 reloads by barely doing more than looking xeyed at it! The 501 I originally had in the lab was easily reloaded, then yesterday it seemed to give up the ghost so I RMAed it. I got the new one and connected it to my PC on my desk. I grabed the PIX and tilted it some to see if I had a link light and wammo, it reloaded. Later I slid the PIX about 6 inches across my desk to give me more elbow room and another reload. I can too easily make this box crash. It doesn't loose power and there are no tracebacks or anything it just restarts. To make a short story long has anyone seen this behaviour on their PIX501. If not can you try and reproduce it? The engineer at Cisco who RMAed my original PIX has not heard of this ocurring so maybe I'm just lucky:( Thanks Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58953t=58946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Written Exam [7:58947]
send an email here. [EMAIL PROTECTED] they will tell you what the questions are. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58954t=58947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help: 2600 console lost [7:58889]
I had a similar problem on my 2610 , I bought a smartnet package and got the box replaced from Cisco . Navin Parwal R M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've been working a few hours with a 2610 when suddenly, boom!!, I lost my console connection, now it doesn't respond to Ctrl-Break nor anything, I've rebooted it several times but it doesn't shows any single character on HyperTerminal. Unfortunately, the equipment is running (almost) default configuration, so now I can't get in through Aux or Vty. My Aux port respond but can't do much through it since no 'enable password' has been provided by default, so can't get to privileged mode. Once the box is booted, it looks good, its eth and serial interfaces comes up, so it doesn't looks like a flash or IOS corruption problem. Do you guys have any clue why I'm suffering this? Any workaround to at least have privileged access through Aux?? Maybe nvram got corrupted? there's any way to 'hard' reset nvram through internal jumpers?? Thanks very much in advance, RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58955t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: local dialtone issues - redundancy case study [7:58952]
On Wed, 11 Dec 2002, Adam Frederick wrote: How could you enable redundancy in this scenario? Since PRI is a digital signal what happens if there is power problems at the CO? It's not like good old analog lines I would assume. Usually where I'm located, if your T1 is down, so is your PRI, it's just the nature of the beast. Anyone have suggestions? Comments? There will be 1 analog line for 911. Well don't forget power issues also affects T1s that are channelized. Even though your T is analog that doesn't mean it doesn't require some non-teleco powered equipment to multiplex the lines to the T1. PRI has the same issues as T1s do. For phone equipment they both require client side powered devices to operate. Granted a T1 does provide its on power for the CPE breakout box, the equipment it untimately plugs into does require power. PRIs are the same and have the exact same issues. I've seen PRI provisioning described by many providers as running a PRI over a T1 and just configure the 24th channel to provide the D channel (23B+1D). Now what kind of redundancy are you looking for? Power issues at the CO are rare in the US since they generally have quite the battery and generator setup. Now if you are getting circuits off a SLC and not directly from the CO then you risk losing power at the teleco equipment and there is nothing you can do about that without an emergency system powering the SLC. This has the same effect on analog circuits. Regardless of if you have a PRI a T1 or a standard analog phone line then if the CO or SLC loses power you are just outta luck. Most COs never lose power because its too costly in SLAs but it is really common for a SLC to lose power. You just need to negotiate your contract and try everything you can to attempt and have the circuits ran from the CO and not a SLC without backup power. At one of my employers we have an OC-3 smartring that provides all over our PRIs for incoming dialups. Granted its overkill for only a few PRIs but we have enough to justify it. And with the smartring service it is linked to two seperate COs in two different cities. I've seen it only have to failover to the other teleco once and that was when there was a massive cable cut and they managed to cut our fiber. Our customers didn't notice anything and we only noticed the light that was lit on the alarm box. Andrew --- http://www.andrewsworld.net/ ICQ: 2895251 Cisco Certified Network Associate Learn from the mistakes of others. You won't live long enough to make all of them yourself. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58956t=58952 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: migration from CheckPoint to PIX firewall [7:58957]
My company is looking to migrate from CheckPoint over to Pix Firewall in the next couple of months and I have been assigned to this project. I have questions about Pix firewalls. We are a small company, less than 50 people. a) Does pix firewall support QOS, traffic shaping or traffic prioritization? The checkpoint firewall we are using has a feature called flood-gate that can prioritize both inbound and outbound traffic. We would like to have this feature in Pix firewall as well. b) Does pix support http load balancing? Checkpoint has a feature that supports http load-balancing for inbound traffic. We need this feature to load balance our web servers. I would like to have this feature in pix as well. We don't have the budget for dedicated load-balancer such as Cisco CSS. Open freeware is out of the question, will not fly pass management. Can pix do those things above without additional hardware? Regards, Eric - Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58957t=58957 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco voip - need help please [7:58958]
Hi there, if there is anyone out there who can help me with a small project I am working on that would be great. I am trying to setup a callcentre lab at work and have a few issues/questions if anyone can help. The project is to route 5 toll-free numbers to a call center. There are 5 applications. I am thinking of defining 5 Dialed Numbers to correspond to each Toll Free Number and Define 5 Skill Groups for the call center agents. Now I need to configure IP-IVR, ICM and Call Manager to work together to complete the task. (is anyone familiar with Cisco IPCC Lab Guide, should I use that as a starting point) 1. The first question I have is that Do I Have to User IP-IVR? I guess I have to otherwise there is no queuing capability. 2. If I have to use IP-IVR, what is the minimum configuration we need to do provide the basic queuing? 3. Do I need to define a CTI Port for each Agent Phone? What are therequirements we need to do on CallManager , IVR and ICM. 4. What is the relationship among CTI Port Groups, CTI Ports , CTI Route Points? 5. What is the exact process I need to do to configure the 6 or so trunks in CallManager to route the 800's to the IP-IVR? Thanks for all your help (unfortunately, I don't frequent the newsgroups much and would appreciate it if any responses be emailed to me at the address below) Andrew - CCNA [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58958t=58958 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Work 2000 Manual user guide [7:58959]
hi, Anybody have ideas on book or site that reveal good information on how to install, configure and use Cisco Work 2000, thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58959t=58959 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
why lose connection after apply IDS on PIX [7:58960]
HI... Dear Friends, I want to implement IDS on my PIX outside interface which facing internet. So that I can get alarm for external attack. Below is my interface config and global ip audit name config nameif ethernet0 outside security0 nameif ethernet1 inside security100 ip audit name outside-info info action alarm drop ip audit name outside-attack attack action alarm drop But I apply it on my outside interface as shown below..I immediately lose connection with outside. Can't ping and connect to external network? Why? PIX(config)#ip audit interface outside outside-info PIX(config)#ip audit interface outside outside-attack Thanks a lot _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58960t=58960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
Hi, In fact, the packet classification/marking was made in CPE side. The voice paket will have IP precedence 5 while normal packet will have default value (precedence 0). The network setup is a trial to test the impact of WRED. As I read through cisco documentation about IP-to-ATM CoS, it covers WRED, WFQ or CLP to deploy Per-PVC QoS. However, if I applied WRED, WFQ to the PVC, this will make the PVC performance drops. My target is to deploy PER-ATM PVC QoS. If the ATM PVC was congested, it will let the mission-critical traffic pass through first... Hopefuly if you have any alternative solution? Or any idea how to test this feature? The equipment I got in hand is two 7206 routers. rgds, LoChing Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58961t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Alittle off topic [7:58917]
I recommend Unix System Admin 3rd Edition. This is one of the best Unix I've seen, it covers both a theorically approach and the practical. I like it much better than the O'Reilly Unix book. It's a little expensive but worth every penny. It covers almost every topic you can think of and does so across several unix flavors, those being Solaris, HP UX, Free BSD, and Red Hat. Here is an amazon link http://www.amazon.com/exec/obidos/tg/detail/-/0130206016/qid=1039576592/ sr=1-12/ref=sr_1_12/002-1575743-2448823?v=glances=books John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Fernandez, Tim Sent: Tuesday, December 10, 2002 2:49 PM To: [EMAIL PROTECTED] Subject: RE: Alittle off topic [7:58917] Hi everybody. Anyone have an opinion on a good beginning book on Unix? Thanks, Tim. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58962t=58917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
Well if you had set any write snmp community strings you could try an upload a config into the router that would allow you to get in via the vty. John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 10:58 AM To: [EMAIL PROTECTED] Subject: Please help: 2600 console lost [7:58889] I've been working a few hours with a 2610 when suddenly, boom!!, I lost my console connection, now it doesn't respond to Ctrl-Break nor anything, I've rebooted it several times but it doesn't shows any single character on HyperTerminal. Unfortunately, the equipment is running (almost) default configuration, so now I can't get in through Aux or Vty. My Aux port respond but can't do much through it since no 'enable password' has been provided by default, so can't get to privileged mode. Once the box is booted, it looks good, its eth and serial interfaces comes up, so it doesn't looks like a flash or IOS corruption problem. Do you guys have any clue why I'm suffering this? Any workaround to at least have privileged access through Aux?? Maybe nvram got corrupted? there's any way to 'hard' reset nvram through internal jumpers?? Thanks very much in advance, RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58963t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR switch QoS [7:58964]
Hi All, Anyone have experience/idea to deploy QoS on FR switch (Cisco router configured as FR switch)? I have 2 DLCI configured on serial interface and want to have ONE DLCI,eg, DLCI 200 have higher priority when the link congested. Attached the configuration summary for reference. interface Serial6/1/2:0 no ip address encapsulation frame-relay IETF no fair-queue frame-relay traffic-shaping frame-relay interface-dlci 200 switched class shape1536k frame-relay interface-dlci 21 switched class shape1536k frame-relay lmi-type ansi frame-relay intf-type dce frame-relay policing map-class frame-relay shape1536k no frame-relay adaptive-shaping frame-relay cir 1536000 frame-relay bc 1536000 frame-relay be 0 TIA rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58964t=58964 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Unity Exam 9E0-805 [7:58965]
What's some really good study material for anyone that has taken and passed this exam. To get a feel for the exam I took it and scored a 533 (727 required). Not too bad for a person that's never even looked at any study material. I'm an MCSE 2000 with Exchange 2000 which really helped. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58965t=58965 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Unity Prerequisites [7:58593]
Bruce, Your right because this past weekend I took the exam without ever looking at any study material and scored a 533. I'm an MSCE 2000 with Exchange 2000 elective. I'm assuming you've passed the exam, what's some good study material to use. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58966t=58593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN or BSCI or both? [7:58942]
Hi, I am in the same situation - except that I did BSCN and BCRAN, and I am considering the remaining two. I would suggest that you just continue without delay - keep the momentum, so to speak. Which one first? BSCI is a lot more difficult than BCRAN. I would suggest you do BSCI first, as it will really make it easy to do BCRAN...but do you mean you have already done Support? Good Luck! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58967t=58942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]