snmp [7:61084]

[kaushalender]

Hi group and routers gru

Kindly help me on that.I have 2610 router on ethernet of that router i 
have three ip's.One primary 2 Secondary.Now I have to moniter traffic of 
three ip seprately from snmp.Mrtg is only making traffic graph of 
ethernet.I am not able to see how much bandwidth is taken by which 
ip.Plz help me

Thanx in advance
Kaushalender




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61084&t=61084
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: disappearing default rip update [7:60937]

[Vicuna, Mark]

Looks like there were alot of rip handling issues regarding 0.0.0.0/0
starting from 12.0(3)T.

CSCdm26586 was the bug.

As a FYI.. this is the debug on my end..

Jan 13 19:31:35: RIP: Update contains 2 routes
Jan 13 19:31:35: RIP: Update queued
Jan 13 19:31:35: RIP: Update sent via Serial1.1
Jan 13 19:31:45: RIP: received v2 update from x.y.128.45 on Serial1.1
Jan 13 19:31:45:  0.0.0.0/0 via 0.0.0.0 in 1 hops
Jan 13 19:31:45: RIP: Update contains 1 routes
Jan 13 19:32:03: RIP: sending v2 update to 224.0.0.9 via Serial1.1 (x.y.128.4
6)
Jan 13 19:32:03: RIP: build update entries
Jan 13 19:32:03: RIP-ERROR: route 0.0.0.0/0 not in routing table.
Jan 13 19:32:03:x.y.0.142/32 via 0.0.0.0, metric 1, tag 0
Jan 13 19:32:03:x.y.139.0/24 via 0.0.0.0, metric 1, tag 0

the default was not being added, although it was received.  receiving
updates from 0.0.0.0/0, is the result from the float stat used at the time.



-Original Message-
From: Francisco Sedano/Inf-Pronet [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 10:42 AM
To: [EMAIL PROTECTED]
Subject: Re: disappearing default rip update [7:60937]


Are you still receiving it? (debug ip rip...)? And are you sure you aren't 
receiving any other default route via other -better admin distance- 
routing protocol? What do you see in a debug ip routing?






"Vicuna, Mark" 
Enviado por: [EMAIL PROTECTED]
13/01/2003 09:13
Por favor, responda a "Vicuna, Mark"
 
Para:   [EMAIL PROTECTED]
cc: 
Asunto: disappearing default rip update [7:60937]

Hi All,

Has anyone experience something similar to - the rip default not being 
shown
in the route table and the rip database that is being sent by the upstream
router?
(Upstream router being a tier 2 provider).

I have other routers hanging off the provider edge router that are 
receiving
the default route.

Been working on this for a few hours now with the lvl3 guys but we are 
both
stumped.

Both of us agreed to log a call with cisco.  But just wondering if anyone
else has seen this happen before?

It's a weird one.. most likely code specific.  No bugs showing for my
customer's affected router.. ios version being used by the provider is ios
specific to their vpn network.


Cheers,
Mark.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61085&t=60937
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Maintenance Mode Set [7:61086]

[Vicuna, Mark]

Hi All,

Can someone briefly explain or provide links to what MTC mode is, under the
sh voice port command for fxs, fxo and e&m ports.  I couldn't find a ref on
it on cco, gs archives or elsewhere.


tnx,
Mark.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61086&t=61086
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Newell Ryan D SrA 18 CS/SCBT]

I think your right. I know some IOS versions use the 'atm pvc' command.
So I agreewhat IOS version he is running is a key component to know
to resolve this problem. 

-Original Message-
From: The Long and Winding Road
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 4:30 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]


pvc x/y "should" work, which leads me to wonder about your IOS version. What
are you running? what is the image name?

I do not see an "atm pvc" command in the 12.1 command reference.

also you mention something about connecting two 3640's back to back via an
OC3 card? I'm not sure you can do that. someone smarter than I will provide
a definitive answer, I'm sure.



""Ken Chipps""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am using a sample configuration from cisco that looks like this
>
> First command config t
> Second command ip routing
> Third command interface atm 1/0
> Fourth command no shutdown
> Fifth command ip address 10.0.2.1 255.255.255.0
> Sixth command pvc 1 32
> Seventh command protocol ip 10.0.2.2 broadcast
>
> The sixth command is where it fails. It does not recognize the pvc.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Newell Ryan D SrA 18 CS/SCBT
> Sent: Tuesday, January 14, 2003 11:32 PM
> To: [EMAIL PROTECTED]
> Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
>
> What commands are you typing in? To create a PVC the syntax is
> int atm 1
> atm pvc 6 0 106 aal5snap
> I think you are missing the 'atm' before pvc.
>
> There are several ways to hook the 3640s back to back. If they are
> within
> fastethernet distance limitations you could use the fastethernet
> interfaces.
>
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 1:40 PM
> To: [EMAIL PROTECTED]
> Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
>
>
> I am attempting to setup a PVC between two Cisco 3640 Routers connected
> back
> to back. The interface is an OC3 card. Whenever I issue the PVC command
> on
> the ATM interface it says a PVC is not supported. If I use the ? to see
> for
> supported commands for the interface, no PVC command is listed. Is there
> some software upgrade I need for this? Or is there some other way to
> conenct
> two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61087&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Security Certification after CCNP [7:61088]

[Charles McKnight]

Does anyone have ideas as to what security certification to try to purse
I completed the CCNP track Checkpoint or Cisco new security track? Also any
recommend study guides and pratice exams that could be used?

Thanks...


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61088&t=61088
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Low Latency Queue on ATM Subinterface [7:61018]

[YASSER ALY]

I tried what u said and gave me same result !!!.

Anybody here has an idea whether this is normal or not and if normal how
can we enable log to make sure hits and matched against the ACL

 

>From: [EMAIL PROTECTED] > >Trying to use the log keywork, I got
the following message: > >class-map TV : access-list with 'log' not
supported >class-map Policy : access-list with 'log' not supported > > >
> > > >"YASSER ALY" @groupstudy.com em 2003-01-14 15:47:54 > >Favor
responder a "YASSER ALY" > >Enviado Por: [EMAIL PROTECTED] > > >Para:
[EMAIL PROTECTED] >cc: > >Assunto: Re: Low Latency Queue on ATM
Subinterface [7:61018] > > >Add the keyword "log" at the end of your
access list and check whether >there are really hits matching the ACL or
not. Maybe everything is right >and u are just sending another traffic
not matching with the ACL. > > > > >From: "alaerte Vidali" > >The
following LLQ is configured but no packets >are going to the priority
>queue; all packets go to the default class: > > >class-map match-all
Priority-Queue > match access-group name TV >! > >policy-map Policy >
class Priority-Queue > priority 200 > class >class-default >
random-detect > fair-queue >! >interface ATM6/0/0.213 >point-to-point >
bandwidth 1 > ip address 192.168.255.177 >255.255.255.252 > ip pim
version 1 > ip pim sparse-dense-mode > ip ospf >cost 8 > atm pvc 100 1
201 aal5snap > service-policy output Policy >! >ip >access-list extended
TV > permit udp host 1.1.1.1 host 239.192.10.22 eq >6 > > >router#sh
policy-map int atm 6/0/0.213 output > > ATM6/0/0.213 > > > service-policy
output: Policy > > queue stats for all priority >classes: > queue size 0,
queue limit 50 > packets output 0, packet drops >0 > tail/random drops 0,
no buffer drops 0, other drops 0 > > class-map: >Priority-Queue
(match-all) > 0 packets, 0 bytes > 5 minute offered rate 0 >bps, drop
rate 0 bps > match: access-group name TV > 0 packets, 0 bytes > >5 minute
rate 0 bps > Priority: kbps 200, burst bytes 5000, b/w exceed >drops: 0 >
>class-map: class-default (match-any) > 474896 packets, >516105147 bytes
> 5 minute offered rate 1623000 bps, drop rate 0 bps > >match: any >
474896 packets, 516105147 bytes > 5 minute rate 1623000 bps > > queue
size 0, queue limit 5838 > packets output 477559, packet drops 4 > >
tail/random drops 0, no buffer drops 0, other drops 4 > random-detect: >
> Exp-weight-constant: 9 (1/512) > Mean queue depth: 0 > Class Random
>Tail Minimum Maximum Mark Output > drop drop threshold threshold
>probability packets > 0 0 0 1459 2919 1/10 429315 > 1 0 0 1641 2919 1/10
>0 > 2 0 0 1823 2919 1/10 0 > 3 0 0 2006 2919 1/10 0 > 4 0 0 2188 2919
>1/10 0 > 5 0 0 2370 2919 1/10 48467 > 6 0 0 2553 2919 1/10 0 > 7 0 0
2735 >2919 1/10 0 > fair-queue: per-flow queue limit 1459 > > >Any clue?
>misconduct and Nondisclosure violations to [EMAIL PROTECTED] >
>
> >The new MSN 8 is here: Try it free* for 2 months > > > > >Message
Posted at: >http://www.groupstudy.com/form/read.php?f=7&i=61042&t=61018
>-- >FAQ, list archives,
and subscription info: >http://www.groupstudy.com/list/cisco.html >Report
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



MSN 8 with e-mail virus protection service: 2 months FREE*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61089&t=61018
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security Certification after CCNP [7:61088]

[Peter Walker]

Charles

I am not sure if I can really make any recommendations as to which is 
better for you. I personally have a low opinion of the Checkpoint certs as 
they seemed to be purely about memorizing menus rather than understanding 
the technology and how to use it on the Checkpoint products. On the other 
hand experience with a firewall product such as Checkpoint or PIX certainly 
isnt going to hurt your resume. You may want to also consider looking at 
the CISSP cert (very high level, management oriented) if you have 
verifiable security work experience, or if you are looking for something 
more technical you cant go far wrong by working on some of the GIAC certs 
(you can probably find info somewhere off of www.sans.org). In fact, even 
if you dont go for the cert, I would recommend studying the GIAC Security 
Essentials curriculum to anyone trying to get into the security field.

Regards

Peter Walker
CISSP, CSS1, CCSE, CC[NID]P, etc

--On 15 January 2003 09:05 + Charles McKnight 
 wrote:

> Does anyone have ideas as to what security certification to try to purse
> I completed the CCNP track Checkpoint or Cisco new security track? Also
> any recommend study guides and pratice exams that could be used?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61090&t=61088
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security Certification after CCNP [7:61088]

[David Ristau]

my plan is to get my CCNP, then start with some security certs particularly
the SSCP and then the CISSP.   my understanding is that the GIAC and CISSP
require knowledge have come alot closer in recent months.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61091&t=61088
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Classroom Training in DC area [7:61092]

[David Ristau]

Possibly looking for some classroom training in the DC Metro / MD area. 
I've found a place that might work, was interested if any locals may have
used these facilities and want to offer feedback on their experience.

Orange Technologies
Gaithersburg, MD 20879

TIA


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61092&t=61092
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX access-list problem [7:61043]

[Sam Sneed]

That all looks good. I'm wondering if it is a  bad NIC on the PIX at this
point.
""Evans, TJ (BearingPoint)""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Is your outside link up, and plugged into an enabled switch port that is
on
> the correct vlan/segment and set to correct speed/duplex?
>
> Can other devices on same switch communicate with anyone else?
>
>
> Thanks!
> TJ
> [EMAIL PROTECTED]
>
>
>
> -Original Message-
> From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 14, 2003 3:43 PM
> To: [EMAIL PROTECTED]
> Subject: Re: PIX access-list problem [7:61043]
>
> This type of NAT is required for incoming connections. I can't get access
> going out so I haven't even looked at that yet. Even worse is from
> 83.23.44.60 (outside interface of PIX) I can't ping 83.23.44.50 which is
> outside of the PIX. If you look at my access-list , this should not be a
> problem. I am stumped on this.
> ""Waters, Kristina""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Sam,
> >
> > Do you have any sort of statement that's translating the addresses in
your
> > DMZ? For example,
> >
> > static (DMZ,outside) 141.152.135.23 141.152.135.23 netmask
255.255.255.255
> >
> > If you aren't nat'ing I believe you still have to translate the address.
> >
> > HTH,
> > Kris.
> >
> > -Original Message-
> > From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, January 14, 2003 2:08 PM
> > To: [EMAIL PROTECTED]
> > Subject: PIX access-list problem [7:61043]
> >
> >
> > I cannot seem to get the following config to work and am clueless why.
My
> > incoming access lists for DMZ and outside are wide open. The goal is not
> to
> > NAT DMZ ever since its public addressing. I can't even ping hosts on the
> > outside network from PIX. Why am I having these problems?
> >
> > nameif ethernet0 outside security0
> > nameif ethernet1 inside security100
> > nameif ethernet2 dmz security50
> >
> > access-list internal permit ip 172.19.90.0 255.255.255.0 any
> >
> > access-list test permit ip any any
> > access-list test permit icmp any any
> >
> > access-list int-dmz permit ip 172.19.90.0 255.255.255.0 83.23.43.0
> > 255.255.255.0
> >
> > ip address outside 83.23.44.60 255.255.255.192
> > ip address inside 172.19.90.1 255.255.255.0
> > ip address dmz 83.23.43.250 255.255.255.0
> >
> > global (outside) 1 83.23.44.58
> > nat (inside) 0 access-list int-dmz
> > nat (inside) 1 172.19.90.0 255.255.255.0 0 0
> > nat (dmz) 0 0.0.0.0 0.0.0.0 0 0
> > access-group test in interface outside
> > access-group test in interface dmz
> > route outside 0.0.0.0 0.0.0.0 83.23.44.1 1
> > **
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error please notify
> > the sender by email, delete and destroy this message and its
> > attachments.
> > **
>

**
> The information in this email is confidential and may be legally
> privileged.  Access to this email by anyone other than the
> intended addressee is unauthorized.  If you are not the intended
> recipient of this message, any review, disclosure, copying,
> distribution, retention, or any action taken or omitted to be taken
> in reliance on it is prohibited and may be unlawful.  If you are not
> the intended recipient, please reply to or forward a copy of this
> message to the sender and delete the message, any attachments,
> and any copies thereof from your system.
>

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61093&t=61043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP load balancing questions [7:61095]

[Robert Fowler]

Hello groupstudy,
 
I've been banging my head against the wall and figured I would defer this
question to those of you more learned and experienced. Here is the the
scenario:
 
2 routers running BGP
Router 1 has a connection to ISP 1 and router 2 has a connection to ISP 2 
Each receives full routes.
Each provider has given us a class C address
Only the class C from provider 1 is actively used, because provider 2 will
probably be dropped eventually(ssshhh don't tell ARIN)
 
 
The class C is advertised to both ISPs, however ISP 1 aggregates this
address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 
This was checked using various looking glasses.
 
What that means is that traffic to my Class C will arrive primarily via ISP
2 because it will see the /24 I advertise though it. That is bad, for
various reasons. Mainly because we are charged by usage from ISP2, but also
because we are going to upgrade ISP1 to a fractional t3 and use ISP 2
primarily as a backup eventually. Also the traffic coming in is 90% via ISP
2 and 10% via ISP 1. 
 
If I remember from my studying so long ago, even prepending my AS number to
ISP 2 will not work, becuase it doesn't even make it to that criteria, but
rather see the /24 and chooses that route.

I searched some newsgroups, but amazingly enough nobody seemed to have this
issue. I saw someone who had a larger block than /24 and some suggestions
there but that would not work in this case.
 

Options not available:
Using the Class C from Carrier 2 to load balance using IP space and traffic
types
Getting a class C independant of a provider from ARIN. (That costs money :))
 
 
Robert




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61095&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Written Study Material [7:61026]

[Brad]

Bob,

If you are looking for an overview, it's a good book. If you are trying to
dive into details, you would also want the book by Caslow and Halabi.  I
recommend those two books highly.  The book by Solie is really good too.

thanks,
-Brad Ellis
CCIE#5796 (R&S / Security)
Network Learning Inc
[EMAIL PROTECTED]
www.optsys.net (Cisco hardware)

""Bob Henry""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> All,
>
> What is a good Book to use as a basis for studying for
> the CCIE written exam 350-001. I see this one on
> Amazon.
>
> 1) NLI's Study Guide for The CCIE R&S Written Exam
>
> Please Advise,
> Bob
>
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61069&t=61026
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP load balancing questions [7:61095]

[Alex Muhin]

ISP1 should advertise 1.1.1.x/16 AND 1.1.1.x/24 ?

alex


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61096&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX access-list problem [7:61043]

[Sam Sneed]

Found problem. I had the 2 PIX's configured for failover. The problem was
that the failover cable was loose on one end so they both flip flopped each
taking control as master. Thanks for the help.

""Waters, Kristina""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sam,
>
> Do you have any sort of statement that's translating the addresses in your
> DMZ? For example,
>
> static (DMZ,outside) 141.152.135.23 141.152.135.23 netmask 255.255.255.255
>
> If you aren't nat'ing I believe you still have to translate the address.
>
> HTH,
> Kris.
>
> -Original Message-
> From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 14, 2003 2:08 PM
> To: [EMAIL PROTECTED]
> Subject: PIX access-list problem [7:61043]
>
>
> I cannot seem to get the following config to work and am clueless why. My
> incoming access lists for DMZ and outside are wide open. The goal is not
to
> NAT DMZ ever since its public addressing. I can't even ping hosts on the
> outside network from PIX. Why am I having these problems?
>
> nameif ethernet0 outside security0
> nameif ethernet1 inside security100
> nameif ethernet2 dmz security50
>
> access-list internal permit ip 172.19.90.0 255.255.255.0 any
>
> access-list test permit ip any any
> access-list test permit icmp any any
>
> access-list int-dmz permit ip 172.19.90.0 255.255.255.0 83.23.43.0
> 255.255.255.0
>
> ip address outside 83.23.44.60 255.255.255.192
> ip address inside 172.19.90.1 255.255.255.0
> ip address dmz 83.23.43.250 255.255.255.0
>
> global (outside) 1 83.23.44.58
> nat (inside) 0 access-list int-dmz
> nat (inside) 1 172.19.90.0 255.255.255.0 0 0
> nat (dmz) 0 0.0.0.0 0.0.0.0 0 0
> access-group test in interface outside
> access-group test in interface dmz
> route outside 0.0.0.0 0.0.0.0 83.23.44.1 1
> **
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the sender by email, delete and destroy this message and its
> attachments.
> **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61097&t=61043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP load balancing questions [7:61095]

[Lupi, Guy]

If Provider 1 is large enough, they should be able to assign you a class C
that they do not aggregate when they make their announcements to other
providers.  I would suggest asking them for one of these, if they want to
keep your business they will get it to you one way or the other.
Another option would be to ask Provider 2 for a class C out of address space
that they DO announce as an aggregate, and announce this class C to Provider
1.  In this situation your announcement to Provider 1 would always be more
specific and most of your traffic would come through them.

~-Original Message-
~From: Robert Fowler [mailto:[EMAIL PROTECTED]]
~Sent: Wednesday, January 15, 2003 9:32 AM
~To: [EMAIL PROTECTED]
~Subject: BGP load balancing questions [7:61095]
~
~
~Hello groupstudy,
~ 
~I've been banging my head against the wall and figured I would 
~defer this
~question to those of you more learned and experienced. Here is the the
~scenario:
~ 
~2 routers running BGP
~Router 1 has a connection to ISP 1 and router 2 has a 
~connection to ISP 2 
~Each receives full routes.
~Each provider has given us a class C address
~Only the class C from provider 1 is actively used, because 
~provider 2 will
~probably be dropped eventually(ssshhh don't tell ARIN)
~ 
~ 
~The class C is advertised to both ISPs, however ISP 1 aggregates this
~address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 
~This was checked using various looking glasses.
~ 
~What that means is that traffic to my Class C will arrive 
~primarily via ISP
~2 because it will see the /24 I advertise though it. That is bad, for
~various reasons. Mainly because we are charged by usage from 
~ISP2, but also
~because we are going to upgrade ISP1 to a fractional t3 and use ISP 2
~primarily as a backup eventually. Also the traffic coming in 
~is 90% via ISP
~2 and 10% via ISP 1. 
~ 
~If I remember from my studying so long ago, even prepending my 
~AS number to
~ISP 2 will not work, becuase it doesn't even make it to that 
~criteria, but
~rather see the /24 and chooses that route.
~
~I searched some newsgroups, but amazingly enough nobody seemed 
~to have this
~issue. I saw someone who had a larger block than /24 and some 
~suggestions
~there but that would not work in this case.
~ 
~
~Options not available:
~Using the Class C from Carrier 2 to load balance using IP 
~space and traffic
~types
~Getting a class C independant of a provider from ARIN. (That 
~costs money :))
~ 
~ 
~Robert
~
~
~
~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61099&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: route-map deny_lo1 - now working?? [7:61055]

[Keyur Shah]

mask is not matching in acl to interface. You can also do this,

route-map deny_lo1 deny 10
 match interface lo1
route-map deny_lo1 permit 20

or else 
access-list 99 permit host 1.1.1.1

-Keyur Shah-
CCIE# 4799 (Security;R/S)
CISSP,SCNA,CCSA,MCSE,MCNE
"Say Hello to Your Future!"
http://www.hellocomputers.com
Toll-Free: 1.877.79.HELLO


-Original Message-
From: Cisco Nuts [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 14, 2003 12:55 PM
To: [EMAIL PROTECTED]
Subject: route-map deny_lo1 - now working?? [7:61055]


Hello,
I have a loopback interface 1 that I am trying to deny under redistribute 
connected under ospf but am having no luck? What am I doing wrong? Please 
advise. Thank you.

Config:

TS#
interface Loopback1
ip address 1.1.1.1 255.255.255.255

router ospf 100
redistribute connected subnets route-map deny_lo1

route-map deny_lo1 deny 10
match ip address 99
!
route-map deny_lo1 permit 20
match ip address 98

access-list 98 permit any
access-list 99 permit 1.1.1.0

On the neighboring router:

RTE#r
1.0.0.0/32 is subnetted, 1 subnets
O E21.1.1.1 [110/20] via 110.99.100.1, 00:05:02, Serial0.100

It does not matter if I change the access-list to permit 1.0.0.0 or host 
1.1.1.1 !!!

I just cannot seem to figure out why I cannot deny this route from being 
entered into the routing table!!








_
Help STOP SPAM: Try the new MSN 8 and get 2 months FREE* 
http://join.msn.com/?page=features/junkmail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61101&t=61055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: snmp [7:61084]

[Joseph Brunner]

what you need to do is learn to use the "whodo" utility
in mrtg\contrib directory..

Of course you will need to learn ip accounting if you don't already.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61100&t=61084
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Logging [7:61039]

[Keyur Shah]

Azhar,

It is upto you on what you want to log. if you select level 7 then it is 0
through 7. if you pick level 3 then it is 0 through 3.

-Keyur Shah-
CCIE# 4799 (Security;R/S)
CISSP,CCSA,SCNA,MCSE,MCNE
"Say Hello to Your Future!"

Toll-Free: 1.877.79.HELLO


-Original Message-
From: Azhar Teza [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 14, 2003 10:37 AM
To: [EMAIL PROTECTED]
Subject: PIX Logging [7:61039]


I have a PIX 525 with 6.1(1) version.  I have setup a kiwi syslog server for
logging.  What is the best choice out of
0-emergencies-System unusable messages
1-alerts-Take immediate action
2-critical-Critical condition
3-errors-Error message
4-warnings-Warning message
5-notifications-Normal but significant condition
6-informational-Information message
7-debugging-Debug messages and log FTP commands and WWW URLs
 
Thanks,
Teza

___
Join Excite! - http://www.excite.com
The most personalized portal on the Web!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61102&t=61039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[John Neiberger]

>Hello groupstudy,
> 
>I've been banging my head against the wall and figured I would defer
this
>question to those of you more learned and experienced. Here is the
the
>scenario:
> 
>2 routers running BGP
>Router 1 has a connection to ISP 1 and router 2 has a connection to
ISP 2 
>Each receives full routes.
>Each provider has given us a class C address
>Only the class C from provider 1 is actively used, because provider 2
will
>probably be dropped eventually(ssshhh don't tell ARIN)
> 
> 
>The class C is advertised to both ISPs, however ISP 1 aggregates this
>address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 
>This was checked using various looking glasses.
> 
>What that means is that traffic to my Class C will arrive primarily
via ISP
>2 because it will see the /24 I advertise though it. That is bad, for
>various reasons. Mainly because we are charged by usage from ISP2, but
also
>because we are going to upgrade ISP1 to a fractional t3 and use ISP 2
>primarily as a backup eventually. Also the traffic coming in is 90%
via ISP
>2 and 10% via ISP 1. 
> 
>If I remember from my studying so long ago, even prepending my AS
number to
>ISP 2 will not work, becuase it doesn't even make it to that criteria,
but
>rather see the /24 and chooses that route.
>
>I searched some newsgroups, but amazingly enough nobody seemed to have
this
>issue. I saw someone who had a larger block than /24 and some
suggestions
>there but that would not work in this case.
> 
>
>Options not available:
>Using the Class C from Carrier 2 to load balance using IP space and
traffic
>types
>Getting a class C independant of a provider from ARIN. (That costs
money :))
> 
> 
>Robert

This is actually a very common issue that people don't think about
until it happens to them.  :-)  The first thing I'd do would be to
contact ISP 1 and see if they can provide any options.  They should have
the ability to advertise your more-specific route along with their
aggregate.

The next thing I'd do ishmmm...umm... not sure.  If ISP 1 refuses
to advertise your /24 I'm not sure I see a great solution to your
problem.  Perhaps the real-world BGP gurus might have a suggestion.

It's too late for you but I have one other suggestion.  This is the
sort of policy that needs to be researched before you even order a
circuit with a provider.  They usually state their aggregation policy in
their BGP documentation and you should take a look at that before
deciding on an ISP.  As you can see, their aggregation can cause issues
and you need to know up front how flexible they can be.

Regards,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61103&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: route-map deny_lo1 - now working-----FINALLY!! [7:61104]

[Cisco Nuts]

Thank you very much for your help, John...as always!!

I did a #access-list 99 permit 1.1.1.1 0.0.0.0

and just did a  route-map deny_lo1 permit 20 without any match
statements.

It worked..

Thanks once again

 

BTW: Have you got your CCIE # yet??

 

 

>From: "John Neiberger" >Reply-To: "John Neiberger" >To:
[EMAIL PROTECTED] >Subject: Re: route-map deny_lo1 - now working??
[7:61055] >Date: Tue, 14 Jan 2003 21:29:13 GMT > > >Hello, > >I have a
loopback interface 1 that I am trying to deny under >redistribute >
>connected under ospf but am having no luck? What am I doing wrong?
>Please > >advise. Thank you. > > > >Config: > > > >TS# > >interface
Loopback1 > >ip address 1.1.1.1 255.255.255.255 > > > >router ospf 100 >
>redistribute connected subnets route-map deny_lo1 > > > >route-map
deny_lo1 deny 10 > >match ip address 99 > >! > >route-map deny_lo1 permit
20 > >match ip address 98 > > > >access-list 98 permit any > >access-list
99 permit 1.1.1.0 > > > >On the neighboring router: > > > >RTE#r >
>1.0.0.0/32 is subnetted, 1 subnets > >O E2 1.1.1.1 [110/20] via
110.99.100.1, 00:05:02, Serial0.100 > > > >It does not matter if I change
the access-list to permit 1.0.0.0 or >host > >1.1.1.1 !!! > > > >I just
cannot seem to figure out why I cannot deny this route from >being >
>entered into the routing table!! > > > >Have you tried using a wildcard
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Help STOP SPAM: Try the new MSN 8 and get 2 months FREE*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61104&t=61104
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Daniel Cotts]

Here's a config from 11.3. Commands have changed quite a bit.
Note that clocking must be provided on one end. 
If the cards are single-mode fiber he might have to attenuate the signal.

interface ATM6/0
 description Location 
 no ip address
 no ip route-cache optimum
 atm clock INTERNAL
!
interface ATM6/0.1 multipoint (could be point-to-point)
 description pvc to Data Center via XYZ fiber
 ip address aaa.bbb.7.250 255.255.255.252 secondary
 ip address 10.1.19.2 255.255.255.0
 atm pvc 1 0 35 aal5snap
 map-group TGN
 appletalk cable-range 10119-10119 10119.2
 appletalk zone ATM
! 

!
map-list TGN
 ip 10.1.19.1 atm-vc 1 broadcast
 ip aaa.bbb.7.249 atm-vc 1 broadcast
 appletalk 10119.1 atm-vc 1 broadcast

> -Original Message-
> From: Newell Ryan D SrA 18 CS/SCBT [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 2:58 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> 
> I think your right. I know some IOS versions use the 'atm 
> pvc' command.
> So I agreewhat IOS version he is running is a key 
> component to know
> to resolve this problem. 
> 
> -Original Message-
> From: The Long and Winding Road
> [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 4:30 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> 
> pvc x/y "should" work, which leads me to wonder about your 
> IOS version. What
> are you running? what is the image name?
> 
> I do not see an "atm pvc" command in the 12.1 command reference.
> 
> also you mention something about connecting two 3640's back 
> to back via an
> OC3 card? I'm not sure you can do that. someone smarter than 
> I will provide
> a definitive answer, I'm sure.
> 
> 
> 
> ""Ken Chipps""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I am using a sample configuration from cisco that looks like this
> >
> > First command config t
> > Second command ip routing
> > Third command interface atm 1/0
> > Fourth command no shutdown
> > Fifth command ip address 10.0.2.1 255.255.255.0
> > Sixth command pvc 1 32
> > Seventh command protocol ip 10.0.2.2 broadcast
> >
> > The sixth command is where it fails. It does not recognize the pvc.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
> On Behalf Of
> > Newell Ryan D SrA 18 CS/SCBT
> > Sent: Tuesday, January 14, 2003 11:32 PM
> > To: [EMAIL PROTECTED]
> > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> > What commands are you typing in? To create a PVC the syntax is
> > int atm 1
> > atm pvc 6 0 106 aal5snap
> > I think you are missing the 'atm' before pvc.
> >
> > There are several ways to hook the 3640s back to back. If they are
> > within
> > fastethernet distance limitations you could use the fastethernet
> > interfaces.
> >
> > -Original Message-
> > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 1:40 PM
> > To: [EMAIL PROTECTED]
> > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > I am attempting to setup a PVC between two Cisco 3640 
> Routers connected
> > back
> > to back. The interface is an OC3 card. Whenever I issue the 
> PVC command
> > on
> > the ATM interface it says a PVC is not supported. If I use 
> the ? to see
> > for
> > supported commands for the interface, no PVC command is 
> listed. Is there
> > some software upgrade I need for this? Or is there some other way to
> > conenct
> > two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61105&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[Greg Owens]

can buy and hardware loadbalancer from f5.
> 
> From: "Robert  Fowler" 
> Date: 2003/01/15 Wed AM 09:31:49 EST
> To: [EMAIL PROTECTED]
> Subject: BGP load balancing questions [7:61095]
> 
> Hello groupstudy,
>  
> I've been banging my head against the wall and figured I would defer this
> question to those of you more learned and experienced. Here is the the
> scenario:
>  
> 2 routers running BGP
> Router 1 has a connection to ISP 1 and router 2 has a connection to ISP 2 
> Each receives full routes.
> Each provider has given us a class C address
> Only the class C from provider 1 is actively used, because provider 2 will
> probably be dropped eventually(ssshhh don't tell ARIN)
>  
>  
> The class C is advertised to both ISPs, however ISP 1 aggregates this
> address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 
> This was checked using various looking glasses.
>  
> What that means is that traffic to my Class C will arrive primarily via ISP
> 2 because it will see the /24 I advertise though it. That is bad, for
> various reasons. Mainly because we are charged by usage from ISP2, but also
> because we are going to upgrade ISP1 to a fractional t3 and use ISP 2
> primarily as a backup eventually. Also the traffic coming in is 90% via ISP
> 2 and 10% via ISP 1. 
>  
> If I remember from my studying so long ago, even prepending my AS number to
> ISP 2 will not work, becuase it doesn't even make it to that criteria, but
> rather see the /24 and chooses that route.
> 
> I searched some newsgroups, but amazingly enough nobody seemed to have this
> issue. I saw someone who had a larger block than /24 and some suggestions
> there but that would not work in this case.
>  
> 
> Options not available:
> Using the Class C from Carrier 2 to load balance using IP space and traffic
> types
> Getting a class C independant of a provider from ARIN. (That costs money
:))
>  
>  
> Robert
Greg Owens
202-398-2552




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61106&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[Clay Auch]

Robert,

I believe that you are kind of stuck with having ISP1 who filters everything
of a /22 and below and ISP 2 filters at the /24. The first criteria is
reachability (over all other algorithm criteria ... which are all just tie
breakers as far as BGP is concerned). The reachability to your network
behind both links is naturally always going to want to traverse ISP 2's link
due to the uneven prefix filtering. What we would suggest to customers who
had a similar problem is ask ISP 1 to get you a block (justified through
ARIN of course) of a /22 (or whatever they will pass through) so that you
can load balance traffic over both pipes using that one block. Then, in your
justification to ARIN, make sure you detail the fact that you are handing
back a /24 from ISP 2 due to the technical pitfall you have encountered and
due to the nature of your traffic and business plan. Emphasize that you want
to "load share" (not load balance)traffic over both links. Don't mention
anything about ISP 2 going away ... need to know basis ... they don't need
to know.
Now ... if you get that /22 (or whatever size block) from ISP 1, you can
announce the block in halves to both ISPs (eg. /23 to ISP 1 and /23 to ISP
2). Make sure that you know which traffic is most important and have that
traverse your most reliable pipe ... then have the rest of the traffic
traverse the to be backup pipe (aka ISP 2).

Hope any of this helps at all ...

Please feel free to e-mail me if you have any other questions.

Clay

- Original Message -
From: "Robert Fowler" 
To: 
Sent: Wednesday, January 15, 2003 9:31 AM
Subject: BGP load balancing questions [7:61095]


> Hello groupstudy,
>
> I've been banging my head against the wall and figured I would defer this
> question to those of you more learned and experienced. Here is the the
> scenario:
>
> 2 routers running BGP
> Router 1 has a connection to ISP 1 and router 2 has a connection to ISP 2
> Each receives full routes.
> Each provider has given us a class C address
> Only the class C from provider 1 is actively used, because provider 2 will
> probably be dropped eventually(ssshhh don't tell ARIN)
>
>
> The class C is advertised to both ISPs, however ISP 1 aggregates this
> address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16
> This was checked using various looking glasses.
>
> What that means is that traffic to my Class C will arrive primarily via
ISP
> 2 because it will see the /24 I advertise though it. That is bad, for
> various reasons. Mainly because we are charged by usage from ISP2, but
also
> because we are going to upgrade ISP1 to a fractional t3 and use ISP 2
> primarily as a backup eventually. Also the traffic coming in is 90% via
ISP
> 2 and 10% via ISP 1.
>
> If I remember from my studying so long ago, even prepending my AS number
to
> ISP 2 will not work, becuase it doesn't even make it to that criteria, but
> rather see the /24 and chooses that route.
>
> I searched some newsgroups, but amazingly enough nobody seemed to have
this
> issue. I saw someone who had a larger block than /24 and some suggestions
> there but that would not work in this case.
>
>
> Options not available:
> Using the Class C from Carrier 2 to load balance using IP space and
traffic
> types
> Getting a class C independant of a provider from ARIN. (That costs money
:))
>
>
> Robert




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61107&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Switching EXAM (Hex Conversion Chart) [7:61108]

[Bond, Jeffrey T]

On the Switching exam, are we provided a HEX conversion chart for reference?

thanks in advance

-Original Message-
From: Aaron Ajello [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 10, 2003 8:01 AM
To: [EMAIL PROTECTED]
Subject: RE: Switching Exam on Monday 13/1/03 [7:60785]


Spend a lot of time on MLS.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61108&t=61108
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX access-list problem [7:61043]

[Evans, TJ (BearingPoint)]

Nice...

FYI - Another painful thing like this can happen if you have an interface
disabled on one but not the other, or even worse - different #'s of ports
(i.e. - one with 6 ports and one with 4 ... doh!)


Thanks!
TJ
-Original Message-
From: Sam Sneed [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 10:20 AM
To: [EMAIL PROTECTED]
Subject: Re: PIX access-list problem [7:61043]

Found problem. I had the 2 PIX's configured for failover. The problem was
that the failover cable was loose on one end so they both flip flopped each
taking control as master. Thanks for the help.

""Waters, Kristina""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sam,
>
> Do you have any sort of statement that's translating the addresses in your
> DMZ? For example,
>
> static (DMZ,outside) 141.152.135.23 141.152.135.23 netmask 255.255.255.255
>
> If you aren't nat'ing I believe you still have to translate the address.
>
> HTH,
> Kris.
>
> -Original Message-
> From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 14, 2003 2:08 PM
> To: [EMAIL PROTECTED]
> Subject: PIX access-list problem [7:61043]
>
>
> I cannot seem to get the following config to work and am clueless why. My
> incoming access lists for DMZ and outside are wide open. The goal is not
to
> NAT DMZ ever since its public addressing. I can't even ping hosts on the
> outside network from PIX. Why am I having these problems?
>
> nameif ethernet0 outside security0
> nameif ethernet1 inside security100
> nameif ethernet2 dmz security50
>
> access-list internal permit ip 172.19.90.0 255.255.255.0 any
>
> access-list test permit ip any any
> access-list test permit icmp any any
>
> access-list int-dmz permit ip 172.19.90.0 255.255.255.0 83.23.43.0
> 255.255.255.0
>
> ip address outside 83.23.44.60 255.255.255.192
> ip address inside 172.19.90.1 255.255.255.0
> ip address dmz 83.23.43.250 255.255.255.0
>
> global (outside) 1 83.23.44.58
> nat (inside) 0 access-list int-dmz
> nat (inside) 1 172.19.90.0 255.255.255.0 0 0
> nat (dmz) 0 0.0.0.0 0.0.0.0 0 0
> access-group test in interface outside
> access-group test in interface dmz
> route outside 0.0.0.0 0.0.0.0 83.23.44.1 1
> **
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the sender by email, delete and destroy this message and its
> attachments.
> **
**
The information in this email is confidential and may be legally 
privileged.  Access to this email by anyone other than the 
intended addressee is unauthorized.  If you are not the intended 
recipient of this message, any review, disclosure, copying, 
distribution, retention, or any action taken or omitted to be taken 
in reliance on it is prohibited and may be unlawful.  If you are not 
the intended recipient, please reply to or forward a copy of this 
message to the sender and delete the message, any attachments, 
and any copies thereof from your system.
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61110&t=61043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[Clay Auch]

Alex,

Not at all true ... Sprint (unless this has changed) will filter at the /22
and will make no exceptions. Other providers such as UUNET/WCOM filter at
the /24 ... so traffic will prefer UUNET if in the scenario ISP 1 = Sprint
and ISP 2 = UUNET. I have first hand experience with this ...

clay

- Original Message -
From: "Alex Muhin" 
To: 
Sent: Wednesday, January 15, 2003 10:07 AM
Subject: RE: BGP load balancing questions [7:61095]


> ISP1 should advertise 1.1.1.x/16 AND 1.1.1.x/24 ?
>
> alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX access-list problem [7:61043]

[Sam Sneed]

Yeah I noticed I also had the inside interfaces on each PIX on different
VLAN's. Thats was another kick in the balls when I noticed it this morning.
This wasn't the original problem since it happened when I moved the PIX's to
another switch but did aggravate me for enough time.

""Evans, TJ (BearingPoint)""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Nice...
>
> FYI - Another painful thing like this can happen if you have an interface
> disabled on one but not the other, or even worse - different #'s of ports
> (i.e. - one with 6 ports and one with 4 ... doh!)
>
>
> Thanks!
> TJ
> -Original Message-
> From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 10:20 AM
> To: [EMAIL PROTECTED]
> Subject: Re: PIX access-list problem [7:61043]
>
> Found problem. I had the 2 PIX's configured for failover. The problem was
> that the failover cable was loose on one end so they both flip flopped
each
> taking control as master. Thanks for the help.
>
> ""Waters, Kristina""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Sam,
> >
> > Do you have any sort of statement that's translating the addresses in
your
> > DMZ? For example,
> >
> > static (DMZ,outside) 141.152.135.23 141.152.135.23 netmask
255.255.255.255
> >
> > If you aren't nat'ing I believe you still have to translate the address.
> >
> > HTH,
> > Kris.
> >
> > -Original Message-
> > From: Sam Sneed [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, January 14, 2003 2:08 PM
> > To: [EMAIL PROTECTED]
> > Subject: PIX access-list problem [7:61043]
> >
> >
> > I cannot seem to get the following config to work and am clueless why.
My
> > incoming access lists for DMZ and outside are wide open. The goal is not
> to
> > NAT DMZ ever since its public addressing. I can't even ping hosts on the
> > outside network from PIX. Why am I having these problems?
> >
> > nameif ethernet0 outside security0
> > nameif ethernet1 inside security100
> > nameif ethernet2 dmz security50
> >
> > access-list internal permit ip 172.19.90.0 255.255.255.0 any
> >
> > access-list test permit ip any any
> > access-list test permit icmp any any
> >
> > access-list int-dmz permit ip 172.19.90.0 255.255.255.0 83.23.43.0
> > 255.255.255.0
> >
> > ip address outside 83.23.44.60 255.255.255.192
> > ip address inside 172.19.90.1 255.255.255.0
> > ip address dmz 83.23.43.250 255.255.255.0
> >
> > global (outside) 1 83.23.44.58
> > nat (inside) 0 access-list int-dmz
> > nat (inside) 1 172.19.90.0 255.255.255.0 0 0
> > nat (dmz) 0 0.0.0.0 0.0.0.0 0 0
> > access-group test in interface outside
> > access-group test in interface dmz
> > route outside 0.0.0.0 0.0.0.0 83.23.44.1 1
> > **
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error please notify
> > the sender by email, delete and destroy this message and its
> > attachments.
> > **
>

**
> The information in this email is confidential and may be legally
> privileged.  Access to this email by anyone other than the
> intended addressee is unauthorized.  If you are not the intended
> recipient of this message, any review, disclosure, copying,
> distribution, retention, or any action taken or omitted to be taken
> in reliance on it is prohibited and may be unlawful.  If you are not
> the intended recipient, please reply to or forward a copy of this
> message to the sender and delete the message, any attachments,
> and any copies thereof from your system.
>

**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61112&t=61043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

re: PIX logging [7:61113]

[HORVATH TAMAS]

Hello!
I used to setup the 'logging trap degugging' and evaluate the environment
for some days. After I managed to solve all the problems which arised during
this period, I used to use 'logging trap errors'.. For additional security I
use 'logging buffered informational' or 'logging buffered debugging'.

It's up to you (and your environment, etc.) which level you choose.

Best regards, 

Tamas Horvath 
network engineer 
Tel.: +36 22/515-452, 
Fax: +36 22/327-532 
E-Mail: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61113&t=61113
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSIDS - 9E0-100 [7:60920]

[Godswill Oletu]

I completed the CSS1 last year and will be going for the SAFE before the
expiration in September. I will want to take the SAFE exam as close as
possible to the expiration.

My advice is, since you have come so close, please go ahead and complete
your S! then the SAFE exam. Agreed your current job does not require those
skills. However, that give you more confidence for new openings in that
field, moreso of what use will it be to you after going this far and for
failure to move ahead, Cisco render your CSS1 null and void. It then means,
in time to come, if you pick up the interest in the Cisco Security track,
you will have to start from beginning all over again.

my 2 cents.

Regards.
Godswill




- Original Message - 
From: "Hanna, Keith" 
To: 
Sent: Tuesday, January 14, 2003 6:26 AM
Subject: RE: CSIDS - 9E0-100 [7:60920]


> Thinking about it at the minute.
> I completed CSS1 the same week Cisco announced the CCSP, so I only need to
> take the SAFE exam, but I'm not sure yet if I'll bother.
> My current position doesn't deal as much with security as I'd like
> (corporate team to do that), and if I changed positions/company, I suppose
> it would depend on what I was doing in the new one.
>
> I am tempted to 'just do it', but I tend not to be very motivated when
> there's no reward
>
> KEith
>
> -Original Message-
> From: Kim Graham [mailto:[EMAIL PROTECTED]]
> Sent: 14 January 2003 10:38
> To: [EMAIL PROTECTED]
> Subject: RE: CSIDS - 9E0-100 [7:60920]
>
>
> Maybe I should have asked if anyone is studying for the CCSP?  What exams
> have you accomplished and what is your next step?  I may be amungst the
> group of first participants in this set of exams (v3) and others are
waiting
> to get information concerning the exams before attempting.  *grins*
>
> Kim / Zukee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61115&t=60920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP load balancing questions [7:61095]

[John Neiberger]

>ISP1 should advertise 1.1.1.x/16 AND 1.1.1.x/24 ?
>
>alex
>

Yes, that's correct.  If they don't advertise the more-specific prefix
along with their aggregate you'll have problems in a multihomed
situation such as that described earlier.

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61116&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[John Neiberger]

Oh, that's right.  I always forget about that solution.  :-)  Radware
and FatPipe have nice solutions to this, as well.  We almost bought a
box from FatPipe at one point but we decided we had better ways of
accomplishing our goals without their hardware.

On a side note, they also have one of the most outrageous vendor gift
items I've ever seen:  boxer shorts that say "FatPipe Inside".  Good
grief  If I worked for them I'd never mention that item to a client,
especially in mixed company!

John

>>> "Greg Owens"  1/15/03 9:06:28 AM >>>
can buy and hardware loadbalancer from f5.
> 
> From: "Robert  Fowler" 
> Date: 2003/01/15 Wed AM 09:31:49 EST
> To: [EMAIL PROTECTED] 
> Subject: BGP load balancing questions [7:61095]
> 
> Hello groupstudy,
>  
> I've been banging my head against the wall and figured I would defer
this
> question to those of you more learned and experienced. Here is the
the
> scenario:
>  
> 2 routers running BGP
> Router 1 has a connection to ISP 1 and router 2 has a connection to
ISP 2 
> Each receives full routes.
> Each provider has given us a class C address
> Only the class C from provider 1 is actively used, because provider 2
will
> probably be dropped eventually(ssshhh don't tell ARIN)
>  
>  
> The class C is advertised to both ISPs, however ISP 1 aggregates
this
> address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 
> This was checked using various looking glasses.
>  
> What that means is that traffic to my Class C will arrive primarily
via ISP
> 2 because it will see the /24 I advertise though it. That is bad,
for
> various reasons. Mainly because we are charged by usage from ISP2,
but also
> because we are going to upgrade ISP1 to a fractional t3 and use ISP
2
> primarily as a backup eventually. Also the traffic coming in is 90%
via ISP
> 2 and 10% via ISP 1. 
>  
> If I remember from my studying so long ago, even prepending my AS
number to
> ISP 2 will not work, becuase it doesn't even make it to that
criteria, but
> rather see the /24 and chooses that route.
> 
> I searched some newsgroups, but amazingly enough nobody seemed to
have this
> issue. I saw someone who had a larger block than /24 and some
suggestions
> there but that would not work in this case.
>  
> 
> Options not available:
> Using the Class C from Carrier 2 to load balance using IP space and
traffic
> types
> Getting a class C independant of a provider from ARIN. (That costs
money
:))
>  
>  
> Robert
Greg Owens
202-398-2552




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61117&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 640-442 MCNS [7:60517]

[Greg Macaulay]

Hi Shawn --

The 1/17/03 deadline for the MCNS -- does that apply to the other three
security exams also??  Do you have a CCO page where this info is avaiable??

Thanks in advance.

Greg Macaulay
Oldest Human Being preparing for the CCIE Lab
Lifetime AARP member
Retired Attorney/Law Professor

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Kaminski, Shawn G
> Sent: Tuesday, January 07, 2003 5:58 PM
> To: [EMAIL PROTECTED]
> Subject: RE: 640-442 MCNS [7:60517]
>
>
> You probably already know this, but the last day you can register for this
> exam is 1/17/03 and the last day you can take it is 2/28/03.
> After that, the
> MCNS 640-442 exam is replaced with the new MCNS 640-100. Just wanted to
> mention it in so you don't study 640-442 materials and get surprised with
> the 640-100 exam!
>
> Shawn K.
>
> > -Original Message-
> > From:   Joseph R. Taylor [SMTP:[EMAIL PROTECTED]]
> > Sent:   Tuesday, January 07, 2003 12:43 PM
> > To: [EMAIL PROTECTED]
> > Subject:640-442 MCNS [7:60517]
> >
> > Can anyone recommend quality practice tests for the 640-442 MCNS
> > certification?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61118&t=60517
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[John Neiberger]

I'm currently advertising a /24 to Sprint and Global Crossing and
neither provider aggregates or filters it.  Unless, that is, they've
been sneaking around changing things behind my back.

>>> "Clay Auch"  1/15/03 9:49:30 AM >>>
Alex,

Not at all true ... Sprint (unless this has changed) will filter at the
/22
and will make no exceptions. Other providers such as UUNET/WCOM filter
at
the /24 ... so traffic will prefer UUNET if in the scenario ISP 1 =
Sprint
and ISP 2 = UUNET. I have first hand experience with this ...

clay

- Original Message -
From: "Alex Muhin" 
To: 
Sent: Wednesday, January 15, 2003 10:07 AM
Subject: RE: BGP load balancing questions [7:61095]


> ISP1 should advertise 1.1.1.x/16 AND 1.1.1.x/24 ?
>
> alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61119&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: route-map deny_lo1 - now working-----FINALLY!! [7:61120]

[John Neiberger]

Thanks, I'm glad I could help. 

And no, I unfortunately do not have my CCIE number yet, and that
particular goal has been placed on the back burner fora while.  I have
other considerations that demand my attention--or distract me, at
least--including my nine-month-old son!  :-)  He's awesome, but it's
very difficult to arrange that amount of studying time required to make
another run at the lab.  My wife didn't mind me sequestering myself when
it was just the two of us but she'd really be irritated if I did it
now!

John

>>> "Cisco Nuts"  1/15/03 8:46:39 AM >>>

Thank you very much for your help, John...as always!!
I did a #access-list 99 permit 1.1.1.1 0.0.0.0
and just did a  route-map deny_lo1 permit 20 without any match
statements.
It worked..
Thanks once again
 
BTW: Have you got your CCIE # yet??




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61120&t=61120
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 640-442 MCNS [7:60517]

[Kaminski, Shawn G]

Check out the following link for information on this (watch for wrap):

http://www.cisco.com/en/US/learning/le3/le11/learning_retired_certifcation_e
xam09186a00800a382f.html

Shawn K

-Original Message-
From: Greg Macaulay [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 12:46 PM
To: Kaminski, Shawn G; [EMAIL PROTECTED]
Subject: RE: 640-442 MCNS [7:60517]

Hi Shawn --

The 1/17/03 deadline for the MCNS -- does that apply to the other three
security exams also??  Do you have a CCO page where this info is avaiable??

Thanks in advance.

Greg Macaulay
Oldest Human Being preparing for the CCIE Lab
Lifetime AARP member
Retired Attorney/Law Professor

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Kaminski, Shawn G
> Sent: Tuesday, January 07, 2003 5:58 PM
> To: [EMAIL PROTECTED]
> Subject: RE: 640-442 MCNS [7:60517]
>
>
> You probably already know this, but the last day you can register for this
> exam is 1/17/03 and the last day you can take it is 2/28/03.
> After that, the
> MCNS 640-442 exam is replaced with the new MCNS 640-100. Just wanted to
> mention it in so you don't study 640-442 materials and get surprised with
> the 640-100 exam!
>
> Shawn K.
>
> > -Original Message-
> > From:   Joseph R. Taylor [SMTP:[EMAIL PROTECTED]]
> > Sent:   Tuesday, January 07, 2003 12:43 PM
> > To: [EMAIL PROTECTED]
> > Subject:640-442 MCNS [7:60517]
> >
> > Can anyone recommend quality practice tests for the 640-442 MCNS
> > certification?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61121&t=60517
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switching EXAM (Hex Conversion Chart) [7:61108]

[Kaminski, Shawn G]

You must be wondering about doing conversions between Layer 3 and Layer 2
multicast addresses. Yes, a Hex conversion chart is provided on the exam.
And for the people worried about the NDA, this does not break it because it
is mentioned in several books.

Shawn K.

-Original Message-
From: Bond, Jeffrey T [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 11:28 AM
To: [EMAIL PROTECTED]
Subject: Switching EXAM (Hex Conversion Chart) [7:61108]

On the Switching exam, are we provided a HEX conversion chart for reference?

thanks in advance

-Original Message-
From: Aaron Ajello [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 10, 2003 8:01 AM
To: [EMAIL PROTECTED]
Subject: RE: Switching Exam on Monday 13/1/03 [7:60785]


Spend a lot of time on MLS.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61122&t=61108
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

how to break out of the sequence when in "write term" or "show [7:61123]

[eric nguyen]

Hi All,

My pix configuration is about 800 lines long.  Everytime, I do a "show
running" or

"write term" and I would like to break somewhere in the configuration it is
not

possible for me to send the "Control ^C" to stop listing of the
configuration.  "Control

^C" works on both Cisco routers and switches but apparently not on Pix
firewalls.

Now I can use "pager" command to set the page break or "no pager" not to set
the

page break.  However, in either case, it is not possible to send the break
sequence

to break out of the "show running" configuration.  This is very frustrating.

Why doesn't Cisco make this damn thing work?  I am running version 6.2(2)

 



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61123&t=61123
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to break out of the sequence when in "write term" or [7:61124]

[George Hansen]

try 'q'. I'm not sure if it works with 'no pager'.

George

-Original Message-
From: eric nguyen [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 10:35 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: how to break out of the sequence when in "write term" or "show
running" in Pix firewall


Hi All,

My pix configuration is about 800 lines long.  Everytime, I do a "show
running" or

"write term" and I would like to break somewhere in the configuration it
is not

possible for me to send the "Control ^C" to stop listing of the
configuration.  "Control

^C" works on both Cisco routers and switches but apparently not on Pix
firewalls.

Now I can use "pager" command to set the page break or "no pager" not to
set the

page break.  However, in either case, it is not possible to send the
break sequence 

to break out of the "show running" configuration.  This is very
frustrating.

Why doesn't Cisco make this damn thing work?  I am running version
6.2(2)

 



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61124&t=61124
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to break out of the sequence when in "write term" or [7:61125]

[Leo Song]

Do you have "pager lines xx" in you configuration file?
Try press character q.

Leo 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
eric nguyen
Sent: Wednesday, January 15, 2003 1:35 PM
To: [EMAIL PROTECTED]
Subject: how to break out of the sequence when in "write term" or "show
[7:61123]

Hi All,

My pix configuration is about 800 lines long.  Everytime, I do a "show
running" or

"write term" and I would like to break somewhere in the configuration it
is
not

possible for me to send the "Control ^C" to stop listing of the
configuration.  "Control

^C" works on both Cisco routers and switches but apparently not on Pix
firewalls.

Now I can use "pager" command to set the page break or "no pager" not to
set
the

page break.  However, in either case, it is not possible to send the
break
sequence

to break out of the "show running" configuration.  This is very
frustrating.

Why doesn't Cisco make this damn thing work?  I am running version
6.2(2)

 



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61125&t=61125
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSIDS - 9E0-100 [7:60920]

[Kevin O'Gilvie]

Go Oletu!!
- Original Message -
From: "Godswill Oletu" 
To: 
Sent: Wednesday, January 15, 2003 12:27 PM
Subject: Re: CSIDS - 9E0-100 [7:60920]


> I completed the CSS1 last year and will be going for the SAFE before the
> expiration in September. I will want to take the SAFE exam as close as
> possible to the expiration.
>
> My advice is, since you have come so close, please go ahead and complete
> your S! then the SAFE exam. Agreed your current job does not require those
> skills. However, that give you more confidence for new openings in that
> field, moreso of what use will it be to you after going this far and for
> failure to move ahead, Cisco render your CSS1 null and void. It then
means,
> in time to come, if you pick up the interest in the Cisco Security track,
> you will have to start from beginning all over again.
>
> my 2 cents.
>
> Regards.
> Godswill
>
>
>
>
> - Original Message -
> From: "Hanna, Keith"
> To:
> Sent: Tuesday, January 14, 2003 6:26 AM
> Subject: RE: CSIDS - 9E0-100 [7:60920]
>
>
> > Thinking about it at the minute.
> > I completed CSS1 the same week Cisco announced the CCSP, so I only need
to
> > take the SAFE exam, but I'm not sure yet if I'll bother.
> > My current position doesn't deal as much with security as I'd like
> > (corporate team to do that), and if I changed positions/company, I
suppose
> > it would depend on what I was doing in the new one.
> >
> > I am tempted to 'just do it', but I tend not to be very motivated when
> > there's no reward
> >
> > KEith
> >
> > -Original Message-
> > From: Kim Graham [mailto:[EMAIL PROTECTED]]
> > Sent: 14 January 2003 10:38
> > To: [EMAIL PROTECTED]
> > Subject: RE: CSIDS - 9E0-100 [7:60920]
> >
> >
> > Maybe I should have asked if anyone is studying for the CCSP?  What
exams
> > have you accomplished and what is your next step?  I may be amungst the
> > group of first participants in this set of exams (v3) and others are
> waiting
> > to get information concerning the exams before attempting.  *grins*
> >
> > Kim / Zukee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61126&t=60920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to break out of the sequence when in "write term" or [7:61127]

[Scott Morris]

Hit 'q'  :)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Ferguson, Steven R.
Sent: Wednesday, January 15, 2003 1:50 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: how to break out of the sequence when in "write term" or
"show running" in Pix firewall


Try ctrl shift 6 6. That will usually do it. 
--
Sent from my BlackBerry Wireless Handheld


-Original Message-
From: eric nguyen 
To: [EMAIL PROTECTED] ;
[EMAIL PROTECTED] 
Sent: Wed Jan 15 13:35:17 2003
Subject: how to break out of the sequence when in "write term" or "show
running" in Pix firewall

Hi All,

My pix configuration is about 800 lines long.  Everytime, I do a "show
running" or

"write term" and I would like to break somewhere in the configuration it
is not

possible for me to send the "Control ^C" to stop listing of the
configuration.  "Control

^C" works on both Cisco routers and switches but apparently not on Pix
firewalls.

Now I can use "pager" command to set the page break or "no pager" not to
set the

page break.  However, in either case, it is not possible to send the
break sequence 

to break out of the "show running" configuration.  This is very
frustrating.

Why doesn't Cisco make this damn thing work?  I am running version
6.2(2)

 



-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61127&t=61127
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 640-442 MCNS [7:60517]

[Daniel Cotts]

Happy Birthday old timer.

> -Original Message-
> From: Greg Macaulay [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 11:54 AM
> To: [EMAIL PROTECTED]
> Subject: RE: 640-442 MCNS [7:60517]
> 
> 
> Hi Shawn --
> 
> The 1/17/03 deadline for the MCNS -- does that apply to the 
> other three
> security exams also??  Do you have a CCO page where this info 
> is avaiable??
> 
> Thanks in advance.
> 
> Greg Macaulay
> Oldest Human Being preparing for the CCIE Lab
> Lifetime AARP member
> Retired Attorney/Law Professor




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61128&t=60517
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VERY URGENT!! IOS loading [7:11688]

[Jens Neelsen]

--- Jens Neelsen  wrote:
> Date: Wed, 15 Jan 2003 11:24:10 -0800 (PST)
> From: Jens Neelsen 
> Subject: Re: VERY URGENT!! IOS loading [1:11688]
> To: apc_inf apc_inf 
> 
> Hello,
> 
> please do a "show flash" command and look for the size of the
> IOS image and the checksum. I suggest to reinstall the IOS
> again
> into the flash. Check for errors on thr transfer. The IOS
> verifes the checksum after download. 
> 
> Due to the corrupted IOS you need to the "tftpdnld" command
> from
> the ROM monitor for the IOS installation.
> 
> With kind regards
> Jens Neelsen
> 
> --- apc_inf apc_inf  wrote:
> > Hi!
> > I4ve a terrible and very urgent problem.
> > I4ve got two Cisco 2610 and i4ve got to configure these
> > routers for
> > configuring VPN tunnels. Then i4ve copied an IOS software
> > (c2600-ik2o3s-mz.121-5.YB5.bin) and i obtened the next
> message
> > after i
> > iniciated the router:
> > 
> > router(config)#boot system flash
> c2600-ik2o3s-mz.121-5.YB5.bin
> > router(config)#exit
> > router#
> > 01:43:04: %SYS-5-CONFIG_I: Configured from console by
> > consolereload
> > 
> > System configuration has been modified. Save? [yes/no]: y
> > Building configuration...
> > 
> > Proceed with reload? [confirm]
> > 
> > 01:43:24: %SYS-5-RELOAD: Reload requested
> > System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> > Copyright (c) 1999 by cisco Systems, Inc.
> > TAC:Home:SW:IOS:Specials for info
> > C2600 platform with 65536 Kbytes of main memory
> > 
> > loadprog: error - on read during ELF program load
> > requested 11891600 (0xb57390) bytes, got 8443750 (0x80d766)
> > open: failed to find and/or load the bootloader:
> > "flash:c2600-ik2o3s-mz.121-5.YB
> > 5.bin"
> > loadprog: error - on file open
> > boot: cannot load "c2600-ik2o3s-mz.121-5.YB5.bin"
> > 
> > System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> > Copyright (c) 1999 by cisco Systems, Inc.
> > TAC:Home:SW:IOS:Specials for info
> > C2600 platform with 65536 Kbytes of main memory
> > 
> > loadprog: error - on read during ELF program load
> > requested 11891600 (0xb57390) bytes, got 8443750 (0x80d766)
> > boot: cannot load "flash:"
> > 
> > System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> > Copyright (c) 1999 by cisco Systems, Inc.
> > TAC:Home:SW:IOS:Specials for info
> > C2600 platform with 65536 Kbytes of main memory
> > 
> > loadprog: error - on read during ELF program load
> > requested 11891600 (0xb57390) bytes, got 8443750 (0x80d766)
> > boot: cannot load "flash:"
> > 
> > 
> > 
> > What is happening?? What must i do for resolving the
> problem?
> > 
> > I4ve viewed exist two flash filesystem formats, is it
> possible
> > that this is
> > the problem???
> > 
> > Please, it4s very urgent solve this question for me.
> > Could you help me?
> > (response to [EMAIL PROTECTED]).
> > 
> > 
> > Thank you.
> POSTING!
> > To change your subscription, read the directions on:
> > http://www.groupstudy.com/list/Associates.html
> 
> 
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> 


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61129&t=11688
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IS IS / Issue with the Transport Network [7:61130]

[MK]

Hi,

 

maybe someone can help me. If I set up a Router back to back connection
with is is and doing a redistribution on one side I don't see the
network which is defined between both Routers - my so called transport
network. Even if I do a redistribute static I do not see the routes.

 

Any idea ???

 

regards




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61130&t=61130
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to break out of the sequence when in "write term" or [7:61131]

[eric nguyen]

Apparently, I am a "f___ing moron".  "q" works.  
Thanks everyone.
 Scott Morris  wrote:Hit 'q' :)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Ferguson, Steven R.
Sent: Wednesday, January 15, 2003 1:50 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: how to break out of the sequence when in "write term" or
"show running" in Pix firewall


Try ctrl shift 6 6. That will usually do it. 
--
Sent from my BlackBerry Wireless Handheld


-Original Message-
From: eric nguyen 
To: [EMAIL PROTECTED] ;
[EMAIL PROTECTED] 
Sent: Wed Jan 15 13:35:17 2003
Subject: how to break out of the sequence when in "write term" or "show
running" in Pix firewall

Hi All,

My pix configuration is about 800 lines long. Everytime, I do a "show
running" or

"write term" and I would like to break somewhere in the configuration it
is not

possible for me to send the "Control ^C" to stop listing of the
configuration. "Control

^C" works on both Cisco routers and switches but apparently not on Pix
firewalls.

Now I can use "pager" command to set the page break or "no pager" not to
set the

page break. However, in either case, it is not possible to send the
break sequence 

to break out of the "show running" configuration. This is very
frustrating.

Why doesn't Cisco make this damn thing work? I am running version
6.2(2)





-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now


-
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61131&t=61131
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IS IS / Issue with the Transport Network when doing [7:61132]

[MK]

have used the subnets keyword and configured the default metric. 

The IS-IS route in the ip routing table have been redistributed into
ospf domain, but the interface which running isis cannot be
redistributed into ospf domain. For example, the ip address of the
interface is 10.1.1.0/24, and under the interface, I have configured "ip
router isis", when doing mutual redistribution between ospf and isis,
the subnet 10.1.1.0/24 will not appear in ospf domain. 

And when I do mutual redistribution between eigrp and isis, the same
issue will happen.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61132&t=61132
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[Captain Lance]

I am very interested in how Radware and FatPipe solve this issue, can anyone
explain?

Lance

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Oh, that's right.  I always forget about that solution.  :-)  Radware
> and FatPipe have nice solutions to this, as well.  We almost bought a
> box from FatPipe at one point but we decided we had better ways of
> accomplishing our goals without their hardware.
>
> On a side note, they also have one of the most outrageous vendor gift
> items I've ever seen:  boxer shorts that say "FatPipe Inside".  Good
> grief  If I worked for them I'd never mention that item to a client,
> especially in mixed company!
>
> John
>
> >>> "Greg Owens"  1/15/03 9:06:28 AM >>>
> can buy and hardware loadbalancer from f5.
> >
> > From: "Robert  Fowler"
> > Date: 2003/01/15 Wed AM 09:31:49 EST
> > To: [EMAIL PROTECTED]
> > Subject: BGP load balancing questions [7:61095]
> >
> > Hello groupstudy,
> >
> > I've been banging my head against the wall and figured I would defer
> this
> > question to those of you more learned and experienced. Here is the
> the
> > scenario:
> >
> > 2 routers running BGP
> > Router 1 has a connection to ISP 1 and router 2 has a connection to
> ISP 2
> > Each receives full routes.
> > Each provider has given us a class C address
> > Only the class C from provider 1 is actively used, because provider 2
> will
> > probably be dropped eventually(ssshhh don't tell ARIN)
> >
> >
> > The class C is advertised to both ISPs, however ISP 1 aggregates
> this
> > address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16
> > This was checked using various looking glasses.
> >
> > What that means is that traffic to my Class C will arrive primarily
> via ISP
> > 2 because it will see the /24 I advertise though it. That is bad,
> for
> > various reasons. Mainly because we are charged by usage from ISP2,
> but also
> > because we are going to upgrade ISP1 to a fractional t3 and use ISP
> 2
> > primarily as a backup eventually. Also the traffic coming in is 90%
> via ISP
> > 2 and 10% via ISP 1.
> >
> > If I remember from my studying so long ago, even prepending my AS
> number to
> > ISP 2 will not work, becuase it doesn't even make it to that
> criteria, but
> > rather see the /24 and chooses that route.
> >
> > I searched some newsgroups, but amazingly enough nobody seemed to
> have this
> > issue. I saw someone who had a larger block than /24 and some
> suggestions
> > there but that would not work in this case.
> >
> >
> > Options not available:
> > Using the Class C from Carrier 2 to load balance using IP space and
> traffic
> > types
> > Getting a class C independant of a provider from ARIN. (That costs
> money
> :))
> >
> >
> > Robert
> Greg Owens
> 202-398-2552




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61135&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 3640 Router ATM PVC Problem [7:61077]

[Amar]

lation_guide_chapter09186a00800e4789.html#xtocid39

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_refe
rence_chapter09186a00800ca7db.html#xtocid5

check the  above links, they have the info u need.
rgds

""Daniel Cotts""  a icrit dans le message de news:
[EMAIL PROTECTED]
> Here's a config from 11.3. Commands have changed quite a bit.
> Note that clocking must be provided on one end.
> If the cards are single-mode fiber he might have to attenuate the signal.
>
> interface ATM6/0
>  description Location
>  no ip address
>  no ip route-cache optimum
>  atm clock INTERNAL
> !
> interface ATM6/0.1 multipoint (could be point-to-point)
>  description pvc to Data Center via XYZ fiber
>  ip address aaa.bbb.7.250 255.255.255.252 secondary
>  ip address 10.1.19.2 255.255.255.0
>  atm pvc 1 0 35 aal5snap
>  map-group TGN
>  appletalk cable-range 10119-10119 10119.2
>  appletalk zone ATM
> !
>
> !
> map-list TGN
>  ip 10.1.19.1 atm-vc 1 broadcast
>  ip aaa.bbb.7.249 atm-vc 1 broadcast
>  appletalk 10119.1 atm-vc 1 broadcast
>
> > -Original Message-
> > From: Newell Ryan D SrA 18 CS/SCBT [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 2:58 AM
> > To: [EMAIL PROTECTED]
> > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > I think your right. I know some IOS versions use the 'atm
> > pvc' command.
> > So I agreewhat IOS version he is running is a key
> > component to know
> > to resolve this problem.
> >
> > -Original Message-
> > From: The Long and Winding Road
> > [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 4:30 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > pvc x/y "should" work, which leads me to wonder about your
> > IOS version. What
> > are you running? what is the image name?
> >
> > I do not see an "atm pvc" command in the 12.1 command reference.
> >
> > also you mention something about connecting two 3640's back
> > to back via an
> > OC3 card? I'm not sure you can do that. someone smarter than
> > I will provide
> > a definitive answer, I'm sure.
> >
> >
> >
> > ""Ken Chipps""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I am using a sample configuration from cisco that looks like this
> > >
> > > First command config t
> > > Second command ip routing
> > > Third command interface atm 1/0
> > > Fourth command no shutdown
> > > Fifth command ip address 10.0.2.1 255.255.255.0
> > > Sixth command pvc 1 32
> > > Seventh command protocol ip 10.0.2.2 broadcast
> > >
> > > The sixth command is where it fails. It does not recognize the pvc.
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > On Behalf Of
> > > Newell Ryan D SrA 18 CS/SCBT
> > > Sent: Tuesday, January 14, 2003 11:32 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > > What commands are you typing in? To create a PVC the syntax is
> > > int atm 1
> > > atm pvc 6 0 106 aal5snap
> > > I think you are missing the 'atm' before pvc.
> > >
> > > There are several ways to hook the 3640s back to back. If they are
> > > within
> > > fastethernet distance limitations you could use the fastethernet
> > > interfaces.
> > >
> > > -Original Message-
> > > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 1:40 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > I am attempting to setup a PVC between two Cisco 3640
> > Routers connected
> > > back
> > > to back. The interface is an OC3 card. Whenever I issue the
> > PVC command
> > > on
> > > the ATM interface it says a PVC is not supported. If I use
> > the ? to see
> > > for
> > > supported commands for the interface, no PVC command is
> > listed. Is there
> > > some software upgrade I need for this? Or is there some other way to
> > > conenct
> > > two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61134&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP load balancing questions [7:61095]

[Captain Lance]

Is this "your" address space or is it sprint/global crossings address space?


""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm currently advertising a /24 to Sprint and Global Crossing and
> neither provider aggregates or filters it.  Unless, that is, they've
> been sneaking around changing things behind my back.
>
> >>> "Clay Auch"  1/15/03 9:49:30 AM >>>
> Alex,
>
> Not at all true ... Sprint (unless this has changed) will filter at the
> /22
> and will make no exceptions. Other providers such as UUNET/WCOM filter
> at
> the /24 ... so traffic will prefer UUNET if in the scenario ISP 1 =
> Sprint
> and ISP 2 = UUNET. I have first hand experience with this ...
>
> clay
>
> - Original Message -
> From: "Alex Muhin"
> To:
> Sent: Wednesday, January 15, 2003 10:07 AM
> Subject: RE: BGP load balancing questions [7:61095]
>
>
> > ISP1 should advertise 1.1.1.x/16 AND 1.1.1.x/24 ?
> >
> > alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61133&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP origin attribute type "e" - EGP? [7:61075]

[Amar]

when the update is learned from an E-BGP neighbor.
rgds

""Wei Zhu""  a icrit dans le message de news:
[EMAIL PROTECTED]
> In what condition is the EGP origin type generated?
>
> Thanks
> Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61136&t=61075
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP issues [7:61068]

[Amar]

CHAP
the user field that the challanger sends to the calling router is used to
find the shared password between the two routers, which is proccesed by the
md5 hash generator as well as the challange id and the random number, after
witch it is sent to the challanger with the original id challange as well as
the local router name(local, radius, tacacs+), the challanger uses the id
field to loockup the original chalange packet to find the random id, and
uses the remote router name to find the shared password, after witch he runs
the laters into the md5 hash generator, and compares the hash with the
received hash, if it is the same another packet is built with code 03 and
the id to welcome the caller.
PEERING
you will need to add the dialer-map x.x.x.x broadcast
but u don't have to add the remote number, as the other side will be
calling(who will call who must be defined, depending on the traffic needs,
basically)

u can refere to rfc 1334 for more chap details,as well as this document that
has simple async config stuff
http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_exampl
e09186a008009455c.shtml

rgds

""Karagozian Sarkis""  a icrit dans le message
de news: [EMAIL PROTECTED]
> Edward,
>
> Since you are using PPP Authentication Chap, it requires that both sides
> send (same) user name xx and Password .. to each other (Handsahing
> using chap) after dialup, to authenticate each other both ways, then start
> data transfer.
>
> So, on Router B, u need to add:
>
> username HQ-3640-TUNNEL1 password 0 decore (to authenticate w/side A using
> same password)
>
> dialer map ip 10.10.56.1 name HQ-3640-TUNNEL1 broadcast 9,Modem A #
>
> This is what I remember, When Iwas facing similar problem.
>
> Hope I am right.
> Sarkis
> CCNA/CCNP/MCNS/MCP/CNE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61138&t=61068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP issues [7:61068]

[Amar]

oh yes another point,
ppp authentication chap CALLIN
when the key word is used the router will generate a challange only for
callin ppp sessions, and not for outgoing, so you might wana flip that
around since the 3640 will be calling the 1706, or you might wana keep it,
in which case you might wana make the 1706 dial the 3640.
it's optimal use depends on the data flow I THINK.
but you might wana remove it all together.

rgds

""Karagozian Sarkis""  a icrit dans le message
de news: [EMAIL PROTECTED]
> Edward,
>
> Since you are using PPP Authentication Chap, it requires that both sides
> send (same) user name xx and Password .. to each other (Handsahing
> using chap) after dialup, to authenticate each other both ways, then start
> data transfer.
>
> So, on Router B, u need to add:
>
> username HQ-3640-TUNNEL1 password 0 decore (to authenticate w/side A using
> same password)
>
> dialer map ip 10.10.56.1 name HQ-3640-TUNNEL1 broadcast 9,Modem A #
>
> This is what I remember, When Iwas facing similar problem.
>
> Hope I am right.
> Sarkis
> CCNA/CCNP/MCNS/MCP/CNE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61139&t=61068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Written Study Material [7:61026]

[Clay Auch]

Brad,

I have read the Halabi book (Internet Routing Arch), what is the book with
Halabi and Caslow together?

Also, what would you say the best resource for studying for the CCIE written
(R&S) is in your opinion?

Thanx,

clay

 Clay Auch - CCNP
 Sr. Network Engineer
 HPTi
 4121 Wilson Blvd
 Arlington, VA 22203
 703-682-5301

- Original Message -
From: "Brad" 
To: 
Sent: Wednesday, January 15, 2003 10:06 AM
Subject: Re: CCIE Written Study Material [7:61026]


> Bob,
>
> If you are looking for an overview, it's a good book. If you are trying to
> dive into details, you would also want the book by Caslow and Halabi.  I
> recommend those two books highly.  The book by Solie is really good too.
>
> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> Network Learning Inc
> [EMAIL PROTECTED]
> www.optsys.net (Cisco hardware)
>
> ""Bob Henry""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > All,
> >
> > What is a good Book to use as a basis for studying for
> > the CCIE written exam 350-001. I see this one on
> > Amazon.
> >
> > 1) NLI's Study Guide for The CCIE R&S Written Exam
> >
> > Please Advise,
> > Bob
> >
> > __
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> > http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61109&t=61026
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Prep Tests [7:61044]

[Captain Lance]

I personally would advise www.selftestsoftware.com.  I have used them in the
past and they have very good CCNP practice exams.  They even have an 24/7
online mentor to answer any questions that you have.  Good Luck

Lance


""Ed Williams""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I know when I used to follow this group on a regular basis my following
> question was one of the most annoying... but I just looked back through
the
> archives and didn't see anything recent.  My CCNP has come up for recert
and
> was looking for someone's opinion on the best prep tests for all 4 exams.
Is
> Boson still top dog for the Cisco exams?  I haven't even thought about
this
> stuff for 3 years or so...
>
> Thanks in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61137&t=61044
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Ken Chipps]

Thanks for the suggestions from everyone. I will check the software
version tonight. I assumed this was the most recent version as we
purchased these units only a few months ago, but perhaps not.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Amar
Sent: Wednesday, January 15, 2003 1:59 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]

lation_guide_chapter09186a00800e4789.html#xtocid39

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_
refe
rence_chapter09186a00800ca7db.html#xtocid5

check the  above links, they have the info u need.
rgds

""Daniel Cotts""  a icrit dans le message de news:
[EMAIL PROTECTED]
> Here's a config from 11.3. Commands have changed quite a bit.
> Note that clocking must be provided on one end.
> If the cards are single-mode fiber he might have to attenuate the
signal.
>
> interface ATM6/0
>  description Location
>  no ip address
>  no ip route-cache optimum
>  atm clock INTERNAL
> !
> interface ATM6/0.1 multipoint (could be point-to-point)
>  description pvc to Data Center via XYZ fiber
>  ip address aaa.bbb.7.250 255.255.255.252 secondary
>  ip address 10.1.19.2 255.255.255.0
>  atm pvc 1 0 35 aal5snap
>  map-group TGN
>  appletalk cable-range 10119-10119 10119.2
>  appletalk zone ATM
> !
>
> !
> map-list TGN
>  ip 10.1.19.1 atm-vc 1 broadcast
>  ip aaa.bbb.7.249 atm-vc 1 broadcast
>  appletalk 10119.1 atm-vc 1 broadcast
>
> > -Original Message-
> > From: Newell Ryan D SrA 18 CS/SCBT
[mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 2:58 AM
> > To: [EMAIL PROTECTED]
> > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > I think your right. I know some IOS versions use the 'atm
> > pvc' command.
> > So I agreewhat IOS version he is running is a key
> > component to know
> > to resolve this problem.
> >
> > -Original Message-
> > From: The Long and Winding Road
> > [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 4:30 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > pvc x/y "should" work, which leads me to wonder about your
> > IOS version. What
> > are you running? what is the image name?
> >
> > I do not see an "atm pvc" command in the 12.1 command reference.
> >
> > also you mention something about connecting two 3640's back
> > to back via an
> > OC3 card? I'm not sure you can do that. someone smarter than
> > I will provide
> > a definitive answer, I'm sure.
> >
> >
> >
> > ""Ken Chipps""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I am using a sample configuration from cisco that looks like this
> > >
> > > First command config t
> > > Second command ip routing
> > > Third command interface atm 1/0
> > > Fourth command no shutdown
> > > Fifth command ip address 10.0.2.1 255.255.255.0
> > > Sixth command pvc 1 32
> > > Seventh command protocol ip 10.0.2.2 broadcast
> > >
> > > The sixth command is where it fails. It does not recognize the
pvc.
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > On Behalf Of
> > > Newell Ryan D SrA 18 CS/SCBT
> > > Sent: Tuesday, January 14, 2003 11:32 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > > What commands are you typing in? To create a PVC the syntax is
> > > int atm 1
> > > atm pvc 6 0 106 aal5snap
> > > I think you are missing the 'atm' before pvc.
> > >
> > > There are several ways to hook the 3640s back to back. If they are
> > > within
> > > fastethernet distance limitations you could use the fastethernet
> > > interfaces.
> > >
> > > -Original Message-
> > > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 1:40 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > I am attempting to setup a PVC between two Cisco 3640
> > Routers connected
> > > back
> > > to back. The interface is an OC3 card. Whenever I issue the
> > PVC command
> > > on
> > > the ATM interface it says a PVC is not supported. If I use
> > the ? to see
> > > for
> > > supported commands for the interface, no PVC command is
> > listed. Is there
> > > some software upgrade I need for this? Or is there some other way
to
> > > conenct
> > > two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61140&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP load balancing questions [7:61095]

[Robert Fowler]

Well I have a solution, thanks to the many responses here. I sent a trouble
ticket in to ISP1 and they called me back, and said I needed to join a
specific community. I did that and they updated their end also. Then I
checked the looking glass, and there was also a route through ISP 1's AS
number(which wasn't there previously). And sure enough incoming traffic
started leveling out between the two ISPs. Thanks for all the responses!

Robert

-Original Message-
From: Captain Lance [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 2:59 PM
To: [EMAIL PROTECTED]
Subject: Re: BGP load balancing questions [7:61095]


I am very interested in how Radware and FatPipe solve this issue, can anyone
explain?

Lance

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Oh, that's right.  I always forget about that solution.  :-)  Radware 
> and FatPipe have nice solutions to this, as well.  We almost bought a 
> box from FatPipe at one point but we decided we had better ways of 
> accomplishing our goals without their hardware.
>
> On a side note, they also have one of the most outrageous vendor gift 
> items I've ever seen:  boxer shorts that say "FatPipe Inside".  Good 
> grief  If I worked for them I'd never mention that item to a 
> client, especially in mixed company!
>
> John
>
> >>> "Greg Owens"  1/15/03 9:06:28 AM >>>
> can buy and hardware loadbalancer from f5.
> >
> > From: "Robert  Fowler"
> > Date: 2003/01/15 Wed AM 09:31:49 EST
> > To: [EMAIL PROTECTED]
> > Subject: BGP load balancing questions [7:61095]
> >
> > Hello groupstudy,
> >
> > I've been banging my head against the wall and figured I would defer
> this
> > question to those of you more learned and experienced. Here is the
> the
> > scenario:
> >
> > 2 routers running BGP
> > Router 1 has a connection to ISP 1 and router 2 has a connection to
> ISP 2
> > Each receives full routes.
> > Each provider has given us a class C address
> > Only the class C from provider 1 is actively used, because provider 
> > 2
> will
> > probably be dropped eventually(ssshhh don't tell ARIN)
> >
> >
> > The class C is advertised to both ISPs, however ISP 1 aggregates
> this
> > address space so instead of being 1.1.1.x /24 it's 1.1.x.x /16 This 
> > was checked using various looking glasses.
> >
> > What that means is that traffic to my Class C will arrive primarily
> via ISP
> > 2 because it will see the /24 I advertise though it. That is bad,
> for
> > various reasons. Mainly because we are charged by usage from ISP2,
> but also
> > because we are going to upgrade ISP1 to a fractional t3 and use ISP
> 2
> > primarily as a backup eventually. Also the traffic coming in is 90%
> via ISP
> > 2 and 10% via ISP 1.
> >
> > If I remember from my studying so long ago, even prepending my AS
> number to
> > ISP 2 will not work, becuase it doesn't even make it to that
> criteria, but
> > rather see the /24 and chooses that route.
> >
> > I searched some newsgroups, but amazingly enough nobody seemed to
> have this
> > issue. I saw someone who had a larger block than /24 and some
> suggestions
> > there but that would not work in this case.
> >
> >
> > Options not available:
> > Using the Class C from Carrier 2 to load balance using IP space and
> traffic
> > types
> > Getting a class C independant of a provider from ARIN. (That costs
> money
> :))
> >
> >
> > Robert
> Greg Owens
> 202-398-2552




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61141&t=61095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Newell Ryan D SrA 18 CS/SCBT]

You said that you got the sample configuration from cisco. Do you have the
link?
I would like to look at something. My router supports both 'pvc' and 'atm
pvc'.
But 'pvc' has no vcd and only can operate with qsaal and ilmi. The 'atm pvc'
does 
have a vcd and can support ilmi, qsaal, and all the atm adaptation layer
protocols.
Something else to look at!

-Original Message-
From: Ken Chipps [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 5:59 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]


Thanks for the suggestions from everyone. I will check the software
version tonight. I assumed this was the most recent version as we
purchased these units only a few months ago, but perhaps not.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Amar
Sent: Wednesday, January 15, 2003 1:59 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]

lation_guide_chapter09186a00800e4789.html#xtocid39

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_
refe
rence_chapter09186a00800ca7db.html#xtocid5

check the  above links, they have the info u need.
rgds

""Daniel Cotts""  a icrit dans le message de news:
[EMAIL PROTECTED]
> Here's a config from 11.3. Commands have changed quite a bit.
> Note that clocking must be provided on one end.
> If the cards are single-mode fiber he might have to attenuate the
signal.
>
> interface ATM6/0
>  description Location
>  no ip address
>  no ip route-cache optimum
>  atm clock INTERNAL
> !
> interface ATM6/0.1 multipoint (could be point-to-point)
>  description pvc to Data Center via XYZ fiber
>  ip address aaa.bbb.7.250 255.255.255.252 secondary
>  ip address 10.1.19.2 255.255.255.0
>  atm pvc 1 0 35 aal5snap
>  map-group TGN
>  appletalk cable-range 10119-10119 10119.2
>  appletalk zone ATM
> !
>
> !
> map-list TGN
>  ip 10.1.19.1 atm-vc 1 broadcast
>  ip aaa.bbb.7.249 atm-vc 1 broadcast
>  appletalk 10119.1 atm-vc 1 broadcast
>
> > -Original Message-
> > From: Newell Ryan D SrA 18 CS/SCBT
[mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 2:58 AM
> > To: [EMAIL PROTECTED]
> > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > I think your right. I know some IOS versions use the 'atm
> > pvc' command.
> > So I agreewhat IOS version he is running is a key
> > component to know
> > to resolve this problem.
> >
> > -Original Message-
> > From: The Long and Winding Road
> > [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 4:30 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > pvc x/y "should" work, which leads me to wonder about your
> > IOS version. What
> > are you running? what is the image name?
> >
> > I do not see an "atm pvc" command in the 12.1 command reference.
> >
> > also you mention something about connecting two 3640's back
> > to back via an
> > OC3 card? I'm not sure you can do that. someone smarter than
> > I will provide
> > a definitive answer, I'm sure.
> >
> >
> >
> > ""Ken Chipps""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I am using a sample configuration from cisco that looks like this
> > >
> > > First command config t
> > > Second command ip routing
> > > Third command interface atm 1/0
> > > Fourth command no shutdown
> > > Fifth command ip address 10.0.2.1 255.255.255.0
> > > Sixth command pvc 1 32
> > > Seventh command protocol ip 10.0.2.2 broadcast
> > >
> > > The sixth command is where it fails. It does not recognize the
pvc.
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > On Behalf Of
> > > Newell Ryan D SrA 18 CS/SCBT
> > > Sent: Tuesday, January 14, 2003 11:32 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > > What commands are you typing in? To create a PVC the syntax is
> > > int atm 1
> > > atm pvc 6 0 106 aal5snap
> > > I think you are missing the 'atm' before pvc.
> > >
> > > There are several ways to hook the 3640s back to back. If they are
> > > within
> > > fastethernet distance limitations you could use the fastethernet
> > > interfaces.
> > >
> > > -Original Message-
> > > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 1:40 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > I am attempting to setup a PVC between two Cisco 3640
> > Routers connected
> > > back
> > > to back. The interface is an OC3 card. Whenever I issue the
> > PVC command
> > > on
> > > the ATM interface it says a PVC is not supported. If I use
> > the ? to see
> > > for
> > > supported commands for the interface, no PVC command is
> > listed. Is there
> > > some software upgrade I need for this? Or is there some other way
to
> > > conenct
> > > two 3640s back to back?




Message Posted a

PIX 3DES license [7:61143]

[Symon Thurlow]

Anyone have one to sell? 

PIX-VPN-3DES=

Symon




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61143&t=61143
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Jens Neelsen]

Hi,

what is the IOS feature set used in these two routers?
You need a PLUS feature set to support ATM.

With kind regards
Jens Neelsen

--- Newell Ryan D SrA 18 CS/SCBT 
wrote:
> You said that you got the sample configuration from cisco. Do
> you have the
> link?
> I would like to look at something. My router supports both
> 'pvc' and 'atm
> pvc'.
> But 'pvc' has no vcd and only can operate with qsaal and ilmi.
> The 'atm pvc'
> does 
> have a vcd and can support ilmi, qsaal, and all the atm
> adaptation layer
> protocols.
> Something else to look at!
> 
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 16, 2003 5:59 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> 
> Thanks for the suggestions from everyone. I will check the
> software
> version tonight. I assumed this was the most recent version as
> we
> purchased these units only a few months ago, but perhaps not.
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of
> Amar
> Sent: Wednesday, January 15, 2003 1:59 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> lation_guide_chapter09186a00800e4789.html#xtocid39
> 
>
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_
> refe
> rence_chapter09186a00800ca7db.html#xtocid5
> 
> check the  above links, they have the info u need.
> rgds
> 
> ""Daniel Cotts""  a icrit dans le message de news:
> [EMAIL PROTECTED]
> > Here's a config from 11.3. Commands have changed quite a
> bit.
> > Note that clocking must be provided on one end.
> > If the cards are single-mode fiber he might have to
> attenuate the
> signal.
> >
> > interface ATM6/0
> >  description Location
> >  no ip address
> >  no ip route-cache optimum
> >  atm clock INTERNAL
> > !
> > interface ATM6/0.1 multipoint (could be point-to-point)
> >  description pvc to Data Center via XYZ fiber
> >  ip address aaa.bbb.7.250 255.255.255.252 secondary
> >  ip address 10.1.19.2 255.255.255.0
> >  atm pvc 1 0 35 aal5snap
> >  map-group TGN
> >  appletalk cable-range 10119-10119 10119.2
> >  appletalk zone ATM
> > !
> >
> > !
> > map-list TGN
> >  ip 10.1.19.1 atm-vc 1 broadcast
> >  ip aaa.bbb.7.249 atm-vc 1 broadcast
> >  appletalk 10119.1 atm-vc 1 broadcast
> >
> > > -Original Message-
> > > From: Newell Ryan D SrA 18 CS/SCBT
> [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 2:58 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > I think your right. I know some IOS versions use the 'atm
> > > pvc' command.
> > > So I agreewhat IOS version he is running is a key
> > > component to know
> > > to resolve this problem.
> > >
> > > -Original Message-
> > > From: The Long and Winding Road
> > > [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 4:30 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > pvc x/y "should" work, which leads me to wonder about your
> > > IOS version. What
> > > are you running? what is the image name?
> > >
> > > I do not see an "atm pvc" command in the 12.1 command
> reference.
> > >
> > > also you mention something about connecting two 3640's
> back
> > > to back via an
> > > OC3 card? I'm not sure you can do that. someone smarter
> than
> > > I will provide
> > > a definitive answer, I'm sure.
> > >
> > >
> > >
> > > ""Ken Chipps""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > I am using a sample configuration from cisco that looks
> like this
> > > >
> > > > First command config t
> > > > Second command ip routing
> > > > Third command interface atm 1/0
> > > > Fourth command no shutdown
> > > > Fifth command ip address 10.0.2.1 255.255.255.0
> > > > Sixth command pvc 1 32
> > > > Seventh command protocol ip 10.0.2.2 broadcast
> > > >
> > > > The sixth command is where it fails. It does not
> recognize the
> pvc.
> > > >
> > > > -Original Message-
> > > > From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> > > On Behalf Of
> > > > Newell Ryan D SrA 18 CS/SCBT
> > > > Sent: Tuesday, January 14, 2003 11:32 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> > > >
> > > > What commands are you typing in? To create a PVC the
> syntax is
> > > > int atm 1
> > > > atm pvc 6 0 106 aal5snap
> > > > I think you are missing the 'atm' before pvc.
> > > >
> > > > There are several ways to hook the 3640s back to back.
> If they are
> > > > within
> > > > fastethernet distance limitations you could use the
> fastethernet
> > > > interfaces.
> > > >
> > > > -Original Message-
> > > > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > > > Sent: Wednesday, January 15, 2003 1:40 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> > > >
> > > >

Re: CSIDS - 9E0-100 [7:60920]

[Kim Graham]

Agreed.  No use in letting it go stail.  It was hard work to obtain and not
as much hopefully to keep.

Kim / Zukee


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61145&t=60920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUESTION REGARGING ROUTER 2509 [7:61147]

[[EMAIL PROTECTED]]

Hi all,

Does anyone of you know what's problem with my 2509 router. I can't get into 
the global configuration mode. I could get into the priviledged mode and
it's
stuck after I entered the command "config t". Please help. Really appreciate
it!


Hai Nguyen D
Colgate Palmolive
Network Administrator
Phone (201) 216 -3652
Email: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61147&t=61147
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco VPN Question [7:61148]

[Herlocker, Tim]

Just wondering... Does anybody know how reliable the Cisco VPN client is
with "split-tunneling" when paired with a Cisco 3005 concentrator. Is it
able to perform as advertised is almost every situation or does it have
problems with private networks and/or different service providers or cable
modems/hubs/routers?

- Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61148&t=61148
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Ken Chipps]

Here it is assuming it makes to through the list
 
Link starts here
http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_
guide09186a00800e9781.html link stops here
 
This is the example I based the lab on
 
-Original Message-
From: Newell Ryan D SrA 18 CS/SCBT [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 3:22 PM
To: 'Ken Chipps'; '[EMAIL PROTECTED]'
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
 
You said that you got the sample configuration from cisco. Do you have
the link? 
I would like to look at something. My router supports both 'pvc' and
'atm pvc'. 
But 'pvc' has no vcd and only can operate with qsaal and ilmi. The 'atm
pvc' does 
have a vcd and can support ilmi, qsaal, and all the atm adaptation layer
protocols. 
Something else to look at! 
-Original Message- 
From: Ken Chipps [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, January 16, 2003 5:59 AM 
To: [EMAIL PROTECTED] 
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077] 
 
Thanks for the suggestions from everyone. I will check the software 
version tonight. I assumed this was the most recent version as we 
purchased these units only a few months ago, but perhaps not. 
-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of 
Amar 
Sent: Wednesday, January 15, 2003 1:59 PM 
To: [EMAIL PROTECTED] 
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077] 
lation_guide_chapter09186a00800e4789.html#xtocid39 
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_

refe 
rence_chapter09186a00800ca7db.html#xtocid5 
check the  above links, they have the info u need. 
rgds 
""Daniel Cotts""  a icrit dans le message de news: 
[EMAIL PROTECTED] 
> Here's a config from 11.3. Commands have changed quite a bit. 
> Note that clocking must be provided on one end. 
> If the cards are single-mode fiber he might have to attenuate the 
signal. 
> 
> interface ATM6/0 
>  description Location 
>  no ip address 
>  no ip route-cache optimum 
>  atm clock INTERNAL 
> ! 
> interface ATM6/0.1 multipoint (could be point-to-point) 
>  description pvc to Data Center via XYZ fiber 
>  ip address aaa.bbb.7.250 255.255.255.252 secondary 
>  ip address 10.1.19.2 255.255.255.0 
>  atm pvc 1 0 35 aal5snap 
>  map-group TGN 
>  appletalk cable-range 10119-10119 10119.2 
>  appletalk zone ATM 
> ! 
> 
> ! 
> map-list TGN 
>  ip 10.1.19.1 atm-vc 1 broadcast 
>  ip aaa.bbb.7.249 atm-vc 1 broadcast 
>  appletalk 10119.1 atm-vc 1 broadcast 
> 
> > -Original Message- 
> > From: Newell Ryan D SrA 18 CS/SCBT 
[mailto:[EMAIL PROTECTED]] 
> > Sent: Wednesday, January 15, 2003 2:58 AM 
> > To: [EMAIL PROTECTED] 
> > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077] 
> > 
> > 
> > I think your right. I know some IOS versions use the 'atm 
> > pvc' command. 
> > So I agreewhat IOS version he is running is a key 
> > component to know 
> > to resolve this problem. 
> > 
> > -Original Message- 
> > From: The Long and Winding Road 
> > [mailto:[EMAIL PROTECTED]] 
> > Sent: Wednesday, January 15, 2003 4:30 PM 
> > To: [EMAIL PROTECTED] 
> > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077] 
> > 
> > 
> > pvc x/y "should" work, which leads me to wonder about your 
> > IOS version. What 
> > are you running? what is the image name? 
> > 
> > I do not see an "atm pvc" command in the 12.1 command reference. 
> > 
> > also you mention something about connecting two 3640's back 
> > to back via an 
> > OC3 card? I'm not sure you can do that. someone smarter than 
> > I will provide 
> > a definitive answer, I'm sure. 
> > 
> > 
> > 
> > ""Ken Chipps""  wrote in message 
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... 
> > > I am using a sample configuration from cisco that looks like this 
> > > 
> > > First command config t 
> > > Second command ip routing 
> > > Third command interface atm 1/0 
> > > Fourth command no shutdown 
> > > Fifth command ip address 10.0.2.1 255.255.255.0 
> > > Sixth command pvc 1 32 
> > > Seventh command protocol ip 10.0.2.2 broadcast 
> > > 
> > > The sixth command is where it fails. It does not recognize the 
pvc. 
> > > 
> > > -Original Message- 
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
> > On Behalf Of 
> > > Newell Ryan D SrA 18 CS/SCBT 
> > > Sent: Tuesday, January 14, 2003 11:32 PM 
> > > To: [EMAIL PROTECTED] 
> > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077] 
> > > 
> > > What commands are you typing in? To create a PVC the syntax is 
> > > int atm 1 
> > > atm pvc 6 0 106 aal5snap 
> > > I think you are missing the 'atm' before pvc. 
> > > 
> > > There are several ways to hook the 3640s back to back. If they are

> > > within 
> > > fastethernet distance limitations you could use the fastethernet 
> > > interfaces. 
> > > 
> > > -Original Message- 
> > > From: Ken Chipps [mailto:[EMAIL PROTECTED]] 
> > > Sent: Wednesday, January 15, 2003 1:40 PM 
> > > To: [EMAIL PROTE

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Ken Chipps]

How do I check the feature set on the router? Will it display along with
the IOS version? And yes I will go look for the answer on cisco.com
right now, but in case anyone knows off the top of their head.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jens Neelsen
Sent: Wednesday, January 15, 2003 3:39 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]

Hi,

what is the IOS feature set used in these two routers?
You need a PLUS feature set to support ATM.

With kind regards
Jens Neelsen

--- Newell Ryan D SrA 18 CS/SCBT 
wrote:
> You said that you got the sample configuration from cisco. Do
> you have the
> link?
> I would like to look at something. My router supports both
> 'pvc' and 'atm
> pvc'.
> But 'pvc' has no vcd and only can operate with qsaal and ilmi.
> The 'atm pvc'
> does 
> have a vcd and can support ilmi, qsaal, and all the atm
> adaptation layer
> protocols.
> Something else to look at!
> 
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 16, 2003 5:59 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> 
> Thanks for the suggestions from everyone. I will check the
> software
> version tonight. I assumed this was the most recent version as
> we
> purchased these units only a few months ago, but perhaps not.
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of
> Amar
> Sent: Wednesday, January 15, 2003 1:59 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> 
> lation_guide_chapter09186a00800e4789.html#xtocid39
> 
>
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_
> refe
> rence_chapter09186a00800ca7db.html#xtocid5
> 
> check the  above links, they have the info u need.
> rgds
> 
> ""Daniel Cotts""  a icrit dans le message de news:
> [EMAIL PROTECTED]
> > Here's a config from 11.3. Commands have changed quite a
> bit.
> > Note that clocking must be provided on one end.
> > If the cards are single-mode fiber he might have to
> attenuate the
> signal.
> >
> > interface ATM6/0
> >  description Location
> >  no ip address
> >  no ip route-cache optimum
> >  atm clock INTERNAL
> > !
> > interface ATM6/0.1 multipoint (could be point-to-point)
> >  description pvc to Data Center via XYZ fiber
> >  ip address aaa.bbb.7.250 255.255.255.252 secondary
> >  ip address 10.1.19.2 255.255.255.0
> >  atm pvc 1 0 35 aal5snap
> >  map-group TGN
> >  appletalk cable-range 10119-10119 10119.2
> >  appletalk zone ATM
> > !
> >
> > !
> > map-list TGN
> >  ip 10.1.19.1 atm-vc 1 broadcast
> >  ip aaa.bbb.7.249 atm-vc 1 broadcast
> >  appletalk 10119.1 atm-vc 1 broadcast
> >
> > > -Original Message-
> > > From: Newell Ryan D SrA 18 CS/SCBT
> [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 2:58 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > I think your right. I know some IOS versions use the 'atm
> > > pvc' command.
> > > So I agreewhat IOS version he is running is a key
> > > component to know
> > > to resolve this problem.
> > >
> > > -Original Message-
> > > From: The Long and Winding Road
> > > [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, January 15, 2003 4:30 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]
> > >
> > >
> > > pvc x/y "should" work, which leads me to wonder about your
> > > IOS version. What
> > > are you running? what is the image name?
> > >
> > > I do not see an "atm pvc" command in the 12.1 command
> reference.
> > >
> > > also you mention something about connecting two 3640's
> back
> > > to back via an
> > > OC3 card? I'm not sure you can do that. someone smarter
> than
> > > I will provide
> > > a definitive answer, I'm sure.
> > >
> > >
> > >
> > > ""Ken Chipps""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > I am using a sample configuration from cisco that looks
> like this
> > > >
> > > > First command config t
> > > > Second command ip routing
> > > > Third command interface atm 1/0
> > > > Fourth command no shutdown
> > > > Fifth command ip address 10.0.2.1 255.255.255.0
> > > > Sixth command pvc 1 32
> > > > Seventh command protocol ip 10.0.2.2 broadcast
> > > >
> > > > The sixth command is where it fails. It does not
> recognize the
> pvc.
> > > >
> > > > -Original Message-
> > > > From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> > > On Behalf Of
> > > > Newell Ryan D SrA 18 CS/SCBT
> > > > Sent: Tuesday, January 14, 2003 11:32 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> > > >
> > > > What commands are you typing in? To create a PVC the
> syntax is
> > > > int atm 1
> > > > atm pvc 6 0 106 aal5snap
> > > > I think you are missing the 'atm' before pvc.
> > > >
> > > > 

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Angel Leiva]

Ken,

I have two 3660 routers connected back to back via an OC3 link in a lab
environment. They are using IOS 12.0(7)T, IP Enterprise Version. 

You seem to be missing the VCD ( Virtual Channel Descriptor) between the pvc
and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
incorrect in your configuration:

Take a look at the ATM interface configs on my working routers:

Router A:

!
interface ATM1/0
 ip address 10.10.10.2 255.255.255.0
 no ip directed-broadcast
 ip ospf network point-to-point
 atm clock INTERNAL
 atm ilmi-keepalive
 pvc Dallas 1/100   I am using a sample configuration from cisco that
looks like this
>
> First command config t
> Second command ip routing
> Third command interface atm 1/0
> Fourth command no shutdown
> Fifth command ip address 10.0.2.1 255.255.255.0
> Sixth command pvc 1 32
> Seventh command protocol ip 10.0.2.2 broadcast
>
> The sixth command is where it fails. It does not recognize the pvc.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Newell Ryan D SrA 18 CS/SCBT
> Sent: Tuesday, January 14, 2003 11:32 PM
> To: [EMAIL PROTECTED]
> Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
>
> What commands are you typing in? To create a PVC the syntax is
> int atm 1
> atm pvc 6 0 106 aal5snap
> I think you are missing the 'atm' before pvc.
>
> There are several ways to hook the 3640s back to back. If they are
> within
> fastethernet distance limitations you could use the fastethernet
> interfaces.
>
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 1:40 PM
> To: [EMAIL PROTECTED]
> Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
>
>
> I am attempting to setup a PVC between two Cisco 3640 Routers connected
> back
> to back. The interface is an OC3 card. Whenever I issue the PVC command
> on
> the ATM interface it says a PVC is not supported. If I use the ? to see
> for
> supported commands for the interface, no PVC command is listed. Is there
> some software upgrade I need for this? Or is there some other way to
> conenct
> two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61151&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Which Certification? [7:61152]

[Aaron Laws]

I'll have my CCNP completed next week upon successful completion of the
Support exam.  I was planning on working the CCDA/DP track next before
eventually working towards CCIE.

I am about to separate from the Military and have been browsing through job
postings and noticing significantly more jobs looking for a combination of
CCNP and MCSE than I see for just CCNP or CCDP (or both).

I am still planning on doing CCDA/DP, but my question is this:  for the job
market we have today which is the more valuable set of certs to have,
CCNP/MCSE or CCNP/CCDP? (emphasize "today's job market" since I am still
planning on doing DA/DP down the road),

How beneficial is the MCSE towards CCIE?  I have to believe that a thorough
understanding of the front end stuff like AD, Exchange, DNS, etc is
extremely useful for complex networking/infrastructure issues.  What I hope
to hear from you is whether that knowledge and experience is "required" or
just "helpful."  Help me out, throw some opinions out here.  I appreciate
your guidance and help.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61152&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Newell Ryan D SrA 18 CS/SCBT]

It is amazing that the thread has gone for so long. I think some one has the
answer. Angel's router does have a vcd. While 
the example from Cisco does not. How do you configure AAL protocol for this
syntax?

'show version'

-Original Message-
From: Angel Leiva [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:25 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]


Ken,

I have two 3660 routers connected back to back via an OC3 link in a lab
environment. They are using IOS 12.0(7)T, IP Enterprise Version. 

You seem to be missing the VCD ( Virtual Channel Descriptor) between the pvc
and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
incorrect in your configuration:

Take a look at the ATM interface configs on my working routers:

Router A:

!
interface ATM1/0
 ip address 10.10.10.2 255.255.255.0
 no ip directed-broadcast
 ip ospf network point-to-point
 atm clock INTERNAL
 atm ilmi-keepalive
 pvc Dallas 1/100   I am using a sample configuration from cisco that
looks like this
>
> First command config t
> Second command ip routing
> Third command interface atm 1/0
> Fourth command no shutdown
> Fifth command ip address 10.0.2.1 255.255.255.0
> Sixth command pvc 1 32
> Seventh command protocol ip 10.0.2.2 broadcast
>
> The sixth command is where it fails. It does not recognize the pvc.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Newell Ryan D SrA 18 CS/SCBT
> Sent: Tuesday, January 14, 2003 11:32 PM
> To: [EMAIL PROTECTED]
> Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
>
> What commands are you typing in? To create a PVC the syntax is
> int atm 1
> atm pvc 6 0 106 aal5snap
> I think you are missing the 'atm' before pvc.
>
> There are several ways to hook the 3640s back to back. If they are
> within
> fastethernet distance limitations you could use the fastethernet
> interfaces.
>
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 1:40 PM
> To: [EMAIL PROTECTED]
> Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
>
>
> I am attempting to setup a PVC between two Cisco 3640 Routers connected
> back
> to back. The interface is an OC3 card. Whenever I issue the PVC command
> on
> the ATM interface it says a PVC is not supported. If I use the ? to see
> for
> supported commands for the interface, no PVC command is listed. Is there
> some software upgrade I need for this? Or is there some other way to
> conenct
> two 3640s back to back?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61153&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX user level VPN [7:61154]

[Sam Sneed]

Does anyone one know if PIX 501 supports user level VPN client for remote
access?

Thanks!!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61154&t=61154
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Need CCIE [7:61155]

[Manjunath A P]

5 years + LAN/WAN experience. Need to have CCIE#

MUST HAVE KNOWLEDGE OF FOLLOWING ITEMS: Computer Networking, Fiber Optics
LANS/WANS, DS3s ATM, Frame Relay over ATM, ISDN, T-1, T-3, CSU/DSUs and
TDM MUXes, ROUTERS 7200 Platform 7500 Platform, HUBS SWITCHES, 5500s
6500s, VLANS TRUNKING, WIRING STANDARDS PROTOCOLS OSPF, BGP, EIGRP, HSRP
and other related technologies (Multicast, IP Video and IP Telephony).

Thank you.

Raj Urs

[EMAIL PROTECTED]

(412) 257-1884 Ext: 14

(412) 257-1887-FAX

www.datumamerica.com

www.datumbiz.info



Protect your PC - Click here for McAfee.com VirusScan Online




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61155&t=61155
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: QUESTION REGARGING ROUTER 2509 [7:61147]

[Mossburg, Geoff (MAN-Corporate)]

Please post more info, like what you have tried and what "stuck" actually
means. (Does it come un"stuck" after a time, or do you have to reboot the
router?) What code are you using? I don't know if posting a sanitized config
would help, but it wouldn't hurt. Based on the amount of info, my only guess
is that the IOS somehow went bad.
GM

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 4:59 PM
To: [EMAIL PROTECTED]
Subject: QUESTION REGARGING ROUTER 2509 [7:61147]


Hi all,

Does anyone of you know what's problem with my 2509 router. I can't get into

the global configuration mode. I could get into the priviledged mode and
it's
stuck after I entered the command "config t". Please help. Really appreciate
it!


Hai Nguyen D
Colgate Palmolive
Network Administrator
Phone (201) 216 -3652
Email: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61156&t=61147
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which Certification? [7:61152]

[Symon Thurlow]

I think MCSE/CCNP will open more doors, although you will probably find
that in most of the jobs, you will be used 90% for MCSE type stuff, and
10% for CCNP type stuff (generalising here I know, but based on my
experience).

The NP/DP would be better if you would rather just be doing Cisco stuff,
but that market is a bit flooded at the mo.

I am MCSE and CCNP, but I don't really think that it is a gigantic
benefit to know how AD works and EX2K etc. I think if you know how an
SMTP mail system works, or an x.500 directory, then it really doesn't
matter if it is AD or eDirectory or what ever.

I think for a predominantly Microsoft job, the CCNP is a nice cherry on
the top. I think for a predominantly Cisco job, then MCSE is not as big
a cherry, if you know what I mean.

Symon

-Original Message-
From: Aaron Laws [mailto:[EMAIL PROTECTED]] 
Sent: 15 January 2003 22:52
To: [EMAIL PROTECTED]
Subject: Which Certification? [7:61152]


I'll have my CCNP completed next week upon successful completion of the
Support exam.  I was planning on working the CCDA/DP track next before
eventually working towards CCIE.

I am about to separate from the Military and have been browsing through
job postings and noticing significantly more jobs looking for a
combination of CCNP and MCSE than I see for just CCNP or CCDP (or both).

I am still planning on doing CCDA/DP, but my question is this:  for the
job market we have today which is the more valuable set of certs to
have, CCNP/MCSE or CCNP/CCDP? (emphasize "today's job market" since I am
still planning on doing DA/DP down the road),

How beneficial is the MCSE towards CCIE?  I have to believe that a
thorough understanding of the front end stuff like AD, Exchange, DNS,
etc is extremely useful for complex networking/infrastructure issues.
What I hope to hear from you is whether that knowledge and experience is
"required" or just "helpful."  Help me out, throw some opinions out
here.  I appreciate your guidance and help.
=

 This email has been content filtered and
 subject to spam filtering. If you consider
 this email is unsolicited please forward
 the email to [EMAIL PROTECTED] and
 request that the sender's domain be
 blocked from sending any further emails.

=




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61157&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which Certification? [7:61152]

[Nathan Nakao]

In my experience, more and more, employers want everything from an
employee.  Now there are exceptions.  Most big companies want
specialized people that possibly have other skills.  But small companies
can't afford to spend double on 2 people, so they look for someone with
a jack-of-all-trades type of skills.  That being said, I feel anyone
that has more certifications is better off in the long run than someone
with specialized skills.  I, for one, feel that the cisco certification
process is a much more intense and gratifying experience than that of
MCSE but hey, I'm not an employer.  I would think that to an employer, 2
separate field certs are better than one.  Just my 2 cents.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, January 15, 2003 2:52 PM
To: [EMAIL PROTECTED]
Subject: Which Certification? [7:61152]


I'll have my CCNP completed next week upon successful completion of the
Support exam.  I was planning on working the CCDA/DP track next before
eventually working towards CCIE.

I am about to separate from the Military and have been browsing through
job postings and noticing significantly more jobs looking for a
combination of CCNP and MCSE than I see for just CCNP or CCDP (or both).

I am still planning on doing CCDA/DP, but my question is this:  for the
job market we have today which is the more valuable set of certs to
have, CCNP/MCSE or CCNP/CCDP? (emphasize "today's job market" since I am
still planning on doing DA/DP down the road),

How beneficial is the MCSE towards CCIE?  I have to believe that a
thorough understanding of the front end stuff like AD, Exchange, DNS,
etc is extremely useful for complex networking/infrastructure issues.
What I hope to hear from you is whether that knowledge and experience is
"required" or just "helpful."  Help me out, throw some opinions out
here.  I appreciate your guidance and help.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61158&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN issue [7:61159]

[Bruno Fernandes]

Hi,
 
If I have 2 routers on the same NT wich parameter defines what router
will answer the call ?
 
Thanks in advance,
BF




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61159&t=61159
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP origin attribute type "e" - EGP? [7:61075]

[Wei Zhu]

Can anyone replay the "e" type attrib in the lab?

Thanks

- Original Message - 
From: "Amar" 
To: 
Sent: Wednesday, January 15, 2003 2:59 PM
Subject: Re: BGP origin attribute type "e" - EGP? [7:61075]


> when the update is learned from an E-BGP neighbor.
> rgds
> 
> ""Wei Zhu""  a icrit dans le message de news:
> [EMAIL PROTECTED]
> > In what condition is the EGP origin type generated?
> >
> > Thanks
> > Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61160&t=61075
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN issue [7:61159]

[Jens Neelsen]

Hi,

it is the number called. You have to configure:
# int bri 0/0
# isdn answer1 

Jens

--- Bruno Fernandes  wrote:
> Hi,
>  
> If I have 2 routers on the same NT wich parameter defines what
> router
> will answer the call ?
>  
> Thanks in advance,
> BF
[EMAIL PROTECTED]


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61161&t=61159
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN issue [7:61159]

[Bruno Fernandes]

OK,

Assuming that I don't force the configuration with

# isdn answer1



What variable will determine the Router that it is chosen


Regards
BF

""Jens Neelsen""  wrote in message
news:...
> Hi,
> 
> it is the number called. You have to configure:
> # int bri 0/0
> # isdn answer1
> 
> Jens
> 
> --- Bruno Fernandes  wrote:
> > Hi,
> >  
> > If I have 2 routers on the same NT wich parameter defines what 
> > router will answer the call ?
> >  
> > Thanks in advance,
> > BF
> [EMAIL PROTECTED]
> 
> 
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now. 
> http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61162&t=61159
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Which Certification? [7:61152]

[The Long and Winding Road]

""Symon Thurlow""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I think MCSE/CCNP will open more doors, although you will probably find
> that in most of the jobs, you will be used 90% for MCSE type stuff, and
> 10% for CCNP type stuff (generalising here I know, but based on my
> experience).


probably because Cisco networks are stable, requiring little intervention
once installed, while Microsoft servers require continuous tweaking, if only
for the MAC work and file permissions work, which never ends. :->



>
> The NP/DP would be better if you would rather just be doing Cisco stuff,
> but that market is a bit flooded at the mo.
>
> I am MCSE and CCNP, but I don't really think that it is a gigantic
> benefit to know how AD works and EX2K etc. I think if you know how an
> SMTP mail system works, or an x.500 directory, then it really doesn't
> matter if it is AD or eDirectory or what ever.
>
> I think for a predominantly Microsoft job, the CCNP is a nice cherry on
> the top. I think for a predominantly Cisco job, then MCSE is not as big
> a cherry, if you know what I mean.
>
> Symon
>
> -Original Message-
> From: Aaron Laws [mailto:[EMAIL PROTECTED]]
> Sent: 15 January 2003 22:52
> To: [EMAIL PROTECTED]
> Subject: Which Certification? [7:61152]
>
>
> I'll have my CCNP completed next week upon successful completion of the
> Support exam.  I was planning on working the CCDA/DP track next before
> eventually working towards CCIE.
>
> I am about to separate from the Military and have been browsing through
> job postings and noticing significantly more jobs looking for a
> combination of CCNP and MCSE than I see for just CCNP or CCDP (or both).
>
> I am still planning on doing CCDA/DP, but my question is this:  for the
> job market we have today which is the more valuable set of certs to
> have, CCNP/MCSE or CCNP/CCDP? (emphasize "today's job market" since I am
> still planning on doing DA/DP down the road),
>
> How beneficial is the MCSE towards CCIE?  I have to believe that a
> thorough understanding of the front end stuff like AD, Exchange, DNS,
> etc is extremely useful for complex networking/infrastructure issues.
> What I hope to hear from you is whether that knowledge and experience is
> "required" or just "helpful."  Help me out, throw some opinions out
> here.  I appreciate your guidance and help.
> =
>
>  This email has been content filtered and
>  subject to spam filtering. If you consider
>  this email is unsolicited please forward
>  the email to [EMAIL PROTECTED] and
>  request that the sender's domain be
>  blocked from sending any further emails.
>
> =




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61164&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Angel Leiva]

All,



Somehow my e-mail posting this morning got chopped off along its way. Here
it is again:



Hth,



Angel



Ken,



I have two 3660 routers connected back to back via an OC3 link in a lab
environment. They are using IOS 12.0(7)T, IP Enterprise Version.



You seem to be missing the VCD ( Virtual Channel Descriptor) between the pvc
and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
incorrect in your configuration:



Take a look at the ATM interface configs on my working routers:



Router A:



!

interface ATM1/0

 ip address 10.10.10.2 255.255.255.0

 no ip directed-broadcast

 ip ospf network point-to-point

 atm clock INTERNAL

 atm ilmi-keepalive

 pvc Dallas 1/100  
> First command config t
> Second command ip routing
> Third command interface atm 1/0
> Fourth command no shutdown
> Fifth command ip address 10.0.2.1 255.255.255.0
> Sixth command pvc 1 32
> Seventh command protocol ip 10.0.2.2 broadcast
>
> The sixth command is where it fails. It does not recognize the pvc.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Newell Ryan D SrA 18 CS/SCBT
> Sent: Tuesday, January 14, 2003 11:32 PM
> To: [EMAIL PROTECTED]
> Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
>
> What commands are you typing in? To create a PVC the syntax is
> int atm 1
> atm pvc 6 0 106 aal5snap
> I think you are missing the 'atm' before pvc.
>
> There are several ways to hook the 3640s back to back. If they are
> within
> fastethernet distance limitations you could use the fastethernet
> interfaces.
>
> -Original Message-
> From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 1:40 PM
> To: [EMAIL PROTECTED]
> Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
>
>
> I am attempting to setup a PVC between two Cisco 3640 Routers connected
> back
> to back. The interface is an OC3 card. Whenever I issue the PVC command
> on
> the ATM interface it says a PVC is not supported. If I use the ? to see
> for
> supported commands for the interface, no PVC command is listed. Is there
> some software upgrade I need for this? Or is there some other way to
> conenct
> two 3640s back to back?
&i=61151&t=61077
--
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61163&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 3640 Router ATM PVC Problem [7:61077]

[The Long and Winding Road]

""Angel Leiva""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> All,
>
>
>
> Somehow my e-mail posting this morning got chopped off along its way. Here
> it is again:
>
>


you might want to try again. if your text contains a left pointing bracket,
the news servers seems to chop out anything that follolws. I've done a
number of experiments.

anything folllowing the arrow below will be chopped. in my sent message
there are three lines which say "test" after the leftward pointing arrow on
the next line

 
> Hth,
>
>
>
> Angel
>
>
>
> Ken,
>
>
>
> I have two 3660 routers connected back to back via an OC3 link in a lab
> environment. They are using IOS 12.0(7)T, IP Enterprise Version.
>
>
>
> You seem to be missing the VCD ( Virtual Channel Descriptor) between the
pvc
> and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
> incorrect in your configuration:
>
>
>
> Take a look at the ATM interface configs on my working routers:
>
>
>
> Router A:
>
>
>
> !
>
> interface ATM1/0
>
>  ip address 10.10.10.2 255.255.255.0
>
>  no ip directed-broadcast
>
>  ip ospf network point-to-point
>
>  atm clock INTERNAL
>
>  atm ilmi-keepalive
>
>  pvc Dallas 1/100
> > First command config t
> > Second command ip routing
> > Third command interface atm 1/0
> > Fourth command no shutdown
> > Fifth command ip address 10.0.2.1 255.255.255.0
> > Sixth command pvc 1 32
> > Seventh command protocol ip 10.0.2.2 broadcast
> >
> > The sixth command is where it fails. It does not recognize the pvc.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> > Newell Ryan D SrA 18 CS/SCBT
> > Sent: Tuesday, January 14, 2003 11:32 PM
> > To: [EMAIL PROTECTED]
> > Subject: FW: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> > What commands are you typing in? To create a PVC the syntax is
> > int atm 1
> > atm pvc 6 0 106 aal5snap
> > I think you are missing the 'atm' before pvc.
> >
> > There are several ways to hook the 3640s back to back. If they are
> > within
> > fastethernet distance limitations you could use the fastethernet
> > interfaces.
> >
> > -Original Message-
> > From: Ken Chipps [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 1:40 PM
> > To: [EMAIL PROTECTED]
> > Subject: Cisco 3640 Router ATM PVC Problem [7:61077]
> >
> >
> > I am attempting to setup a PVC between two Cisco 3640 Routers connected
> > back
> > to back. The interface is an OC3 card. Whenever I issue the PVC command
> > on
> > the ATM interface it says a PVC is not supported. If I use the ? to see
> > for
> > supported commands for the interface, no PVC command is listed. Is there
> > some software upgrade I need for this? Or is there some other way to
> > conenct
> > two 3640s back to back?
> &i=61151&t=61077
> --
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61165&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: route-map deny_lo1 - now working?? [7:61055]

[wanabe ccie]

keyur, correct me if im wrong, but isn't it the filters will only filter out
the route for being advertised into the local router's routing table (the
router that did the redistribute and the filtering) but still the other
adjacent routers will still see the route because of the LSAs being
propagated?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61166&t=61055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Which Certification? [7:61152]

[Priscilla Oppenheimer]

The Long and Winding Road wrote:
> 
> ""Symon Thurlow""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I think MCSE/CCNP will open more doors, although you will
> probably find
> > that in most of the jobs, you will be used 90% for MCSE type
> stuff, and
> > 10% for CCNP type stuff (generalising here I know, but based
> on my
> > experience).
> 
> 
> probably because Cisco networks are stable, requiring little
> intervention
> once installed, while Microsoft servers require continuous
> tweaking, if only
> for the MAC work and file permissions work, which never ends.
> :->
> 
> 

And the original poster should indeed consider that. Although an MCSE/CCNP
combination would look very strong on a resume and mean you were qualified
for more jobs, what kind of jobs would they be?

Do you want to be a server admin (borring) or a network engineer? :) You
should decide and then focus there.

Of course, it's hard to say in this awful job market, though... MCSE could
get your foot in one of the few doors that are open right now. But things
will get better this year. There are some signs of recovery. :0

Priscilla

> 
> >
> > The NP/DP would be better if you would rather just be doing
> Cisco stuff,
> > but that market is a bit flooded at the mo.
> >
> > I am MCSE and CCNP, but I don't really think that it is a
> gigantic
> > benefit to know how AD works and EX2K etc. I think if you
> know how an
> > SMTP mail system works, or an x.500 directory, then it really
> doesn't
> > matter if it is AD or eDirectory or what ever.
> >
> > I think for a predominantly Microsoft job, the CCNP is a nice
> cherry on
> > the top. I think for a predominantly Cisco job, then MCSE is
> not as big
> > a cherry, if you know what I mean.
> >
> > Symon
> >
> > -Original Message-
> > From: Aaron Laws [mailto:[EMAIL PROTECTED]]
> > Sent: 15 January 2003 22:52
> > To: [EMAIL PROTECTED]
> > Subject: Which Certification? [7:61152]
> >
> >
> > I'll have my CCNP completed next week upon successful
> completion of the
> > Support exam.  I was planning on working the CCDA/DP track
> next before
> > eventually working towards CCIE.
> >
> > I am about to separate from the Military and have been
> browsing through
> > job postings and noticing significantly more jobs looking for
> a
> > combination of CCNP and MCSE than I see for just CCNP or CCDP
> (or both).
> >
> > I am still planning on doing CCDA/DP, but my question is
> this:  for the
> > job market we have today which is the more valuable set of
> certs to
> > have, CCNP/MCSE or CCNP/CCDP? (emphasize "today's job market"
> since I am
> > still planning on doing DA/DP down the road),
> >
> > How beneficial is the MCSE towards CCIE?  I have to believe
> that a
> > thorough understanding of the front end stuff like AD,
> Exchange, DNS,
> > etc is extremely useful for complex networking/infrastructure
> issues.
> > What I hope to hear from you is whether that knowledge and
> experience is
> > "required" or just "helpful."  Help me out, throw some
> opinions out
> > here.  I appreciate your guidance and help.
> > =
> >
> >  This email has been content filtered and
> >  subject to spam filtering. If you consider
> >  this email is unsolicited please forward
> >  the email to [EMAIL PROTECTED] and
> >  request that the sender's domain be
> >  blocked from sending any further emails.
> >
> > =
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61167&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: route-map deny_lo1 - now working?? [7:61055]

[wanabe ccie]

keyur i already got your point. hehe! i really need a lot practice :)


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61168&t=61055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

EIGRP network 0.0.0.0 to redistribute static route [7:61169]

[Wei Zhu]

---EIGRP 100--(S0)---R1---(S1)--BGP AS 200---

R1
S0 192.168.1.1 255.255.255.240
S1 172.22.2.1 255.255.255.0
S0 side run EIGRP, S1 side run BGP

(1)
router eigrp 200
network 192.168.1.0

router bgp
nei  remote-as XXX

R1 will send 192.168.1.0 route info through S0, but won't send the
172.22.2.0 network info.

(2)
ip route 0.0.0.0 0.0.0.0 S1

router eigrp 200
network 192.168.1.0
redistrib static

Everything works fine

(3) 
If using network 0.0.0.0 to redistribute static info as:
ip route 0.0.0.0 0.0.0.0 S1

router eigrp 200
network 192.168.1.0
network 0.0.0.0

In addition of distribute the 0.0.0.0, R1 will also distribute 172.22.0.0
(summury) network info through S0
It will also put 172.22.0.0/16 null0 route entry into its routing table.

Can anyone explain why this happens?

Thanks
Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61169&t=61169
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Which Certification? [7:61152]

[Hai Nguyen]

I would totally agree with you on this since MCSE would give us more
experience and understanding on LAN while CCNP gives us more experience on
WAN. This is such a good combination of cert that I would go for instead of
just focusing on Cisco Only. My philosophy is "THE MORE YOU KNOW, THE BETTER
YOU ARE".

It's true that nowaday, IT jobs require a blend of skills not just
specializing in one concentration like before.

HAI,


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61170&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Bridging and STP issue [7:61031]

[Amar]

here is a document that talks just about that:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guid
e09186a008008019c.html

""John Humphrey""  a icrit dans le message de news:
[EMAIL PROTECTED]
> Does anyone know which version of IEEE STP bridge-groups use? Switches use
> the PVST+ (one spanning tree per vlan). However, I can't determine if
router
> bridge-groups use PVST+ or the IEEE standard CST (one spanning tree
instance
> for all vlans). Here's my delimna: I've got a 4006 (Sup II) with a Layer 3
> (WS-X4232-L3) module. I want to implement bridging on the subinterfaces on
> the routing engine. The subinterfaces are running dot1q encap. for
> inter-vlan routing (similar to how the 2600 series implements inter-vlan
> routing). Anyway, I want to bridge IPX between two vlans while routing IP
> (CRB will do this just fine, I don't need a BVI with IRB). My only concern
> is having the bridges STP calculation interfere with my other Catalyst STP
> instances. Any thoughts?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61171&t=61031
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switching EXAM (Hex Conversion Chart) [7:61108]

[Nuurul Basar Mohd Baki]

Since I have taken the new exam twice, neither off the exam have any
callculations at all.
Thus I don't see any HEX conversion chart, but may be some people have
callculations in the exam.



-Original Message-
From: Bond, Jeffrey T [mailto:[EMAIL PROTECTED]]
Sent: 16 January 2003 00:28
To: [EMAIL PROTECTED]
Subject: Switching EXAM (Hex Conversion Chart) [7:61108]


On the Switching exam, are we provided a HEX conversion chart for reference?

thanks in advance

-Original Message-
From: Aaron Ajello [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 10, 2003 8:01 AM
To: [EMAIL PROTECTED]
Subject: RE: Switching Exam on Monday 13/1/03 [7:60785]


Spend a lot of time on MLS.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61172&t=61108
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Which Certification? [7:61152]

[Aaron Laws]

Thanks guys (and Priscilla),
You have hit on the head everything I have been trying to decide.  What I
enjoy doing more than anything is Network Engineering stuff.  I don't even
enjoy Server/OS stuff.  But with the market like it is, and having to
consider that I will have a 19 month old and a 3 month old when I separate
from the military (scary huh), I need to look at what is going to get me in
the door right away.  I get out in June so that doesn't give me enough time
to get my MCSE (at least not if I want to learn anything), but maybe enough
time to get MCSA and show that I am working towards MCSE.

Since my long term plans have me doing what I enjoy, I know I am going to be
pressing on with the Cisco track once I get my feet planted.  But I think it
would be smarter to go with MCSE first to get my foot in the door (and
especially if I should have it later one working on CCIE).


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61173&t=61152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX user level VPN [7:61154]

[Joshua Vince]

Yes.  Same as all the other PIX models.

-Original Message-
From: Sam Sneed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 6:05 PM
To: [EMAIL PROTECTED]
Subject: PIX user level VPN [7:61154]


Does anyone one know if PIX 501 supports user level VPN client for remote
access?

Thanks!!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61174&t=61154
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RSP7000/AIP gives SNMP-3-BADOID: [7:61175]

[Nelson Herron]

I have a 7010/RSP7000 (no CI) that seems to run perfectly well except for
the ATM card.  When I plug in the MM cable from the Madge ATM switch it
starts generating "SNMP-3-BADOID: ATTEMPT TO GENERATE AN INVALID OBJECT
IDENTIFIER" messages.  It is running 12.1(8) boot image and 12.2(7) IOS with
128 MB mem.  I have two cards that exhibit the same behavior on the 7010. 
On this router the "sh cont cbus" message identifies the Hdwr as v. 1.03. 
Both of these cards work as expected in a 7000 w/ RP running 12.2.15 from
ROM.  On this platform the cards are also identified as Hdwr 1.30, which is
what I expected.  Any suggestions.  I would greatly appreciate the help.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61175&t=61175
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF LSR's [7:61176]

[Matthew Webster]

Hi all,

just a minor (I think) question. In the OSPF LSR message, why does the LS
type have 4 bytes to describe it, when there are only 5 different values? Am
I missing something?

TIA.

cheers,
Matthew.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61176&t=61176
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF LSR's [7:61176]

[The Long and Winding Road]

""Matthew Webster""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>
> just a minor (I think) question. In the OSPF LSR message, why does the LS
> type have 4 bytes to describe it, when there are only 5 different values?
Am
> I missing something?


a) room for growth

b) why not

c) because

d) to meet government specifications

sorry, I'm just being my usual smart ass self.


>
> TIA.
>
> cheers,
> Matthew.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61177&t=61176
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

The effect of NAT on an interface [7:61178]

[The Long and Winding Road]

it's happened twice now, and the policy routing was removed from the
interface, so I'm thinking the problem has to be the NAT configuration

The problem: remote configuration of a router.

Circumstances: remove poorly constructed access-lists. replace them with
better constructed access-lists that are also in conformance with a system
wide standard numbering convention. Change the route maps to reflect these
new access-lists. one access-list determines whether or not a host on the
inside can obtain a NAT translation. the other control policy routing
inbound on the WAN interface.

The process:

1) remove policy routing from the distant end WAN interface

2) delete old access-lists

3) delete old route-maps

4) paste in new access-lists

5) paste in the new route-maps

at this point I lose connection with the router.

I presume that because policy routing was disabled ( no ip policy route-map
etc ) and the router was reloaded before step 2 was taken, that the problem
is not with policy routing denying my own access.

That leaves NAT. The ip nat outside configured on the WAN link of the remote
router was in place.

Now I'm racking my brains about this, because I have 9 other sites
identically configured, and I configured them remotely, and life was good.

Well, I guess I'll be visiting a client site in the morning.
sheesh!!!




--
TANSTAAFL
"there ain't no such thing as a free lunch"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61178&t=61178
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Angel Leiva]

Thank you "The Long and winding Road", I did have left pointing arrows in my
previous e-mails.



Here it is again:

(my apologies for the wasted bw)

==

Ken,



I have two 3660 routers connected back to back via an OC3 link in a lab
environment. They are using IOS 12.0(7)T, IP Enterprise Version.



You seem to be missing the VCD ( Virtual Channel Descriptor) between the pvc
and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
incorrect in your configuration. The VCD can be a number or a word.



Take a look at the ATM interface configs on my working routers:



Router A:

!

interface ATM1/0

 ip address 10.10.10.2 255.255.255.0

 no ip directed-broadcast

 ip ospf network point-to-point

 atm clock INTERNAL

 atm ilmi-keepalive

 pvc Dallas 1/100  ~- VCD = Dallas

  protocol ip 10.10.10.1 broadcast

  vbr-nrt 256 64

  encapsulation aal5snap

!

!

router ospf 100

 network 10.10.10.0 0.0.0.255 area 0

!



Router B:

!

interface ATM1/0

 ip address 10.10.10.1 255.255.255.0

 no ip directed-broadcast

 ip ospf network point-to-point

 no atm ilmi-keepalive

 pvc Houston 1/100 ~- VCD = Houston

  protocol ip 10.10.10.2 broadcast

  vbr-nrt 256 64

  encapsulation aal5snap

!

router ospf 100

 network 10.10.10.0 0.0.0.255 area 0

!



Hth,



Angel



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of The
Long and Winding Road
Sent: Wednesday, January 15, 2003 6:42 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]



you might want to try again. if your text contains a left pointing bracket,

the news servers seems to chop out anything that follolws. I've done a

number of experiments.



anything folllowing the arrow below will be chopped. in my sent message

there are three lines which say "test" after the leftward pointing arrow on

the next line








Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61179&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

rate-limit [7:61180]

[kaushalender]

Hi router gru,

Kindly help me on this.I have a 2610 router and 122-7c is the ios.I am 
retsricting  bandwidth on my isdn ras.The restriction is applied on 
etherenet of my router by rate-limit command.But my mrtg is showing that 
  isd ras is geting more bandwidth it is geting near about 512 Kbits and 
I have restricted to 300 kbits.Below is the conf of my router

Senario
Isdn user(geting ip from ras 202.78.169.64/255.255.255.192)RAs 
Ethernet ip 202.78.173.18---RasGateway 202.78.173.21(cisco)




interface Ethernet0/0
  ip address 202.78.164.3 255.255.252.0 secondary
  ip address 202.78.173.21 255.255.255.240 secondary
  ip address 202.78.168.26 255.255.252.0
  no ip proxy-arp
   rate-limit input access-group 121 48000 52000 52000 conform-action 
transmit exceed-action drop
   rate-limit output access-group 121 248000 30 30 
conform-action transmit exceed-action drop
   ip route-cache policy
  no ip mroute-cache
  full-duplex
  service-policy input mark-inbound-http-hacks
  service-policy output mark-inbound-http-hacks

access-list 121 permit ip any 202.78.169.64 0.0.0.63




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61180&t=61180
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP network 0.0.0.0 to redistribute static route [7:61181]

[The Long and Winding Road]

well, now that I've set it up, looked at it, and given it some thought, the
answer is really quite simple.
being a simple person myself, I like it when answers are simple. think
"classful nature of eigrp"

see below


""Wei Zhu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> ---EIGRP 100--(S0)---R1---(S1)--BGP AS 200---
>
> R1
> S0 192.168.1.1 255.255.255.240
> S1 172.22.2.1 255.255.255.0
> S0 side run EIGRP, S1 side run BGP
>
> (1)
> router eigrp 200
> network 192.168.1.0
>
> router bgp
> nei  remote-as XXX
>
> R1 will send 192.168.1.0 route info through S0, but won't send the
> 172.22.2.0 network info.
>
> (2)
> ip route 0.0.0.0 0.0.0.0 S1
>
> router eigrp 200
> network 192.168.1.0
> redistrib static
>
> Everything works fine
>
> (3)
> If using network 0.0.0.0 to redistribute static info as:
> ip route 0.0.0.0 0.0.0.0 S1
>
> router eigrp 200
> network 192.168.1.0
> network 0.0.0.0
>
> In addition of distribute the 0.0.0.0, R1 will also distribute 172.22.0.0
> (summury) network info through S0

first of all, you are not seeing the whole picture because of the limited
numbers of interfaces you have in your basic setup.

second of all, let me ask you a question. what exactly is 0.0.0.0?

thirdly, having answered and understood what exactly 0.0.0.0 really
represents, let me ask you another question. what happens when you put the
entry "network 0.0.0.0" into the eigrp process? will eigrp still work if you
were to now remove the "network 192.168.1.0" statement? why not?

this is starting to feel like another homily.


> It will also put 172.22.0.0/16 null0 route entry into its routing table.

nature of the beast. I don't believe it is true of all protocols, but some
of them will automatically place a summary to null 0 when a summary is
advertised out. This is done as proof against black holes and helps prevent
routing loops

BTW, I enjoy your posts. Keep up the good work.

>
> Can anyone explain why this happens?







>
> Thanks
> Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61181&t=61181
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 3640 Router ATM PVC Problem [7:61077]

[Ken Chipps]

I will try this on Friday evening and let you know if it works.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Angel Leiva
Sent: Wednesday, January 15, 2003 11:29 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco 3640 Router ATM PVC Problem [7:61077]

Thank you "The Long and winding Road", I did have left pointing arrows
in my
previous e-mails.



Here it is again:

(my apologies for the wasted bw)


==

Ken,



I have two 3660 routers connected back to back via an OC3 link in a lab
environment. They are using IOS 12.0(7)T, IP Enterprise Version.



You seem to be missing the VCD ( Virtual Channel Descriptor) between the
pvc
and the vpi/vci command entries. Also, the vpi/vci syntax appears to be
incorrect in your configuration. The VCD can be a number or a word.



Take a look at the ATM interface configs on my working routers:



Router A:

!

interface ATM1/0

 ip address 10.10.10.2 255.255.255.0

 no ip directed-broadcast

 ip ospf network point-to-point

 atm clock INTERNAL

 atm ilmi-keepalive

 pvc Dallas 1/100  ~- VCD = Dallas

  protocol ip 10.10.10.1 broadcast

  vbr-nrt 256 64

  encapsulation aal5snap

!

!

router ospf 100

 network 10.10.10.0 0.0.0.255 area 0

!



Router B:

!

interface ATM1/0

 ip address 10.10.10.1 255.255.255.0

 no ip directed-broadcast

 ip ospf network point-to-point

 no atm ilmi-keepalive

 pvc Houston 1/100 ~- VCD = Houston

  protocol ip 10.10.10.2 broadcast

  vbr-nrt 256 64

  encapsulation aal5snap

!

router ospf 100

 network 10.10.10.0 0.0.0.255 area 0

!



Hth,



Angel



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
The
Long and Winding Road
Sent: Wednesday, January 15, 2003 6:42 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco 3640 Router ATM PVC Problem [7:61077]



you might want to try again. if your text contains a left pointing
bracket,

the news servers seems to chop out anything that follolws. I've done a

number of experiments.



anything folllowing the arrow below will be chopped. in my sent message

there are three lines which say "test" after the leftward pointing arrow
on

the next line








Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61182&t=61077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

callmanager gateway problem [7:61183]

[supernet]

I tried to configure an MGCP gateway (Cisco 2611 router, VIC-2FXO) using
TAC sample configuration. Under 2611 router, it says gateway registered
with ccm but under ccm, it says gateway status not registered. I got
busy signal when tried to use that gateway. What seems to be the
problem? Thanks. Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61183&t=61183
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP origin attribute type "e" - EGP? [7:61075]

[cebuano]

Amar,
Are you referring to an External BGP peer? I hope not as I haven't seen
that happen in any BGP labs I've done.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Amar
Sent: Wednesday, January 15, 2003 3:00 PM
To: [EMAIL PROTECTED]
Subject: Re: BGP origin attribute type "e" - EGP? [7:61075]

when the update is learned from an E-BGP neighbor.
rgds

""Wei Zhu""  a icrit dans le message de news:
[EMAIL PROTECTED]
> In what condition is the EGP origin type generated?
>
> Thanks
> Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61184&t=61075
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: EIGRP network 0.0.0.0 to redistribute static route [7:61185]

[cebuano]

Okay, this is good in that it's a simple yet effective way to explain
routing protocol BEHAVIOR.
I don't understand what Wei means in Step 2 "Everything works fine".
What does "everything" mean?
Wei,
Try these methods of generating default routes in EIGRP to get a better
understanding of this "distance-vector-but-can-also-act-as-link-state"
protocol.
1. redistribute static
2. ip summary-address eigrp
3. ip default-network

HTH.
Elmer

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
The Long and Winding Road
Sent: Thursday, January 16, 2003 12:52 AM
To: [EMAIL PROTECTED]
Subject: Re: EIGRP network 0.0.0.0 to redistribute static route
[7:61181]

well, now that I've set it up, looked at it, and given it some thought,
the
answer is really quite simple.
being a simple person myself, I like it when answers are simple. think
"classful nature of eigrp"

see below


""Wei Zhu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> ---EIGRP 100--(S0)---R1---(S1)--BGP AS 200---
>
> R1
> S0 192.168.1.1 255.255.255.240
> S1 172.22.2.1 255.255.255.0
> S0 side run EIGRP, S1 side run BGP
>
> (1)
> router eigrp 200
> network 192.168.1.0
>
> router bgp
> nei  remote-as XXX
>
> R1 will send 192.168.1.0 route info through S0, but won't send the
> 172.22.2.0 network info.
>
> (2)
> ip route 0.0.0.0 0.0.0.0 S1
>
> router eigrp 200
> network 192.168.1.0
> redistrib static
>
> Everything works fine
>
> (3)
> If using network 0.0.0.0 to redistribute static info as:
> ip route 0.0.0.0 0.0.0.0 S1
>
> router eigrp 200
> network 192.168.1.0
> network 0.0.0.0
>
> In addition of distribute the 0.0.0.0, R1 will also distribute
172.22.0.0
> (summury) network info through S0

first of all, you are not seeing the whole picture because of the
limited
numbers of interfaces you have in your basic setup.

second of all, let me ask you a question. what exactly is 0.0.0.0?

thirdly, having answered and understood what exactly 0.0.0.0 really
represents, let me ask you another question. what happens when you put
the
entry "network 0.0.0.0" into the eigrp process? will eigrp still work if
you
were to now remove the "network 192.168.1.0" statement? why not?

this is starting to feel like another homily.


> It will also put 172.22.0.0/16 null0 route entry into its routing
table.

nature of the beast. I don't believe it is true of all protocols, but
some
of them will automatically place a summary to null 0 when a summary is
advertised out. This is done as proof against black holes and helps
prevent
routing loops

BTW, I enjoy your posts. Keep up the good work.

>
> Can anyone explain why this happens?







>
> Thanks
> Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61185&t=61185
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP network 0.0.0.0 to redistribute static route [7:61186]

[The Long and Winding Road]

""The Long and Winding Road""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> well, now that I've set it up, looked at it, and given it some thought,
the
> answer is really quite simple.
> being a simple person myself, I like it when answers are simple. think
> "classful nature of eigrp"
>
> see below
>
>
> ""Wei Zhu""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > ---EIGRP 100--(S0)---R1---(S1)--BGP AS 200---
> >
> > R1
> > S0 192.168.1.1 255.255.255.240
> > S1 172.22.2.1 255.255.255.0
> > S0 side run EIGRP, S1 side run BGP
> >
> > (1)
> > router eigrp 200
> > network 192.168.1.0
> >
> > router bgp
> > nei  remote-as XXX
> >
> > R1 will send 192.168.1.0 route info through S0, but won't send the
> > 172.22.2.0 network info.
> >
> > (2)
> > ip route 0.0.0.0 0.0.0.0 S1
> >
> > router eigrp 200
> > network 192.168.1.0
> > redistrib static
> >
> > Everything works fine
> >
> > (3)
> > If using network 0.0.0.0 to redistribute static info as:
> > ip route 0.0.0.0 0.0.0.0 S1
> >
> > router eigrp 200
> > network 192.168.1.0
> > network 0.0.0.0
> >
> > In addition of distribute the 0.0.0.0, R1 will also distribute
172.22.0.0
> > (summury) network info through S0
>
> first of all, you are not seeing the whole picture because of the limited
> numbers of interfaces you have in your basic setup.
>
> second of all, let me ask you a question. what exactly is 0.0.0.0?
>
> thirdly, having answered and understood what exactly 0.0.0.0 really
> represents, let me ask you another question. what happens when you put the
> entry "network 0.0.0.0" into the eigrp process? will eigrp still work if
you
> were to now remove the "network 192.168.1.0" statement? why not?
>
> this is starting to feel like another homily.
>
>
> > It will also put 172.22.0.0/16 null0 route entry into its routing table.
>
> nature of the beast. I don't believe it is true of all protocols, but some
> of them will automatically place a summary to null 0 when a summary is
> advertised out. This is done as proof against black holes and helps
prevent
> routing loops
>
> BTW, I enjoy your posts. Keep up the good work.
>
> >
> > Can anyone explain why this happens?


oh, you know what, while composing a reply to cebuano, I realized - you
probably have automaticic summarization enabled under eigrp

enter the command "no auto-summary" and watch the staic to null 0 disappear.


>
>
>
>
>
>
>
> >
> > Thanks
> > Wei




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61186&t=61186
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]