Re: Cannot see Rip routes with route-tagging - Why? [7:63900]

[Nigel Taylor]

Cisconuts,
 (Hint)My first question is where exactly is it that you
identified what traffic is matched in the route-map  :-)

Some other questions:

How is R6, R5, R4, and R2 all connected?  serial, eth0, frame-relay, etc...

This way folks on the list could be of more assistance once they understand
what you're trying to do.

Nigel




- Original Message -
From: "Cisco Nuts" 
To: 
Sent: Wednesday, February 26, 2003 2:37 PM
Subject: Cannot see Rip routes with route-tagging - Why? [7:63900]


> Hello,I have R6, R5 and R4 running rip ver 2, network 178.1.10.0
subnetsR5,
> R4 and R2 running eigrp 2 network 181.16.2.0 subnets.R5 and R4 had mutual
> redistribution setup using route tagging.R6 correctly sees the eigrp
> redistributed routes but R2 is NOT seeing any rip redistributed routes.
> Any help is appreciated. Config. on R5 (ditto config on R4)R5#rbr
> router eigrp 2
>  redistribute rip metric 1 1 1 1 1 route-map r2e
>  network 181.16.2.8 0.0.0.3
>  no auto-summary
>  no eigrp log-neighbor-changes
> !
> router rip
>  version 2
>  redistribute eigrp 2 metric 2 route-map e2r
>  network 172.31.0.0
>  network 178.1.0.0
>  no auto-summary
> route-map e2r deny 10
>  match tag 77
> !
> route-map e2r permit 20
>  set tag 88
> !
> route-map r2e deny 10
>  match tag 88
> !
> route-map r2e permit 20
>  set tag 77 Routing table on R2 ( Does not show any Rip routes)R2#r
> 181.16.0.0/30 is subnetted, 4 subnets
> C   181.16.2.4 is directly connected, Serial1
> C   181.16.2.0 is directly connected, Ethernet0
> D   181.16.2.12 [90/679936] via 181.16.2.6, 00:40:47, Serial1
> C   181.16.2.8 is directly connected, Serial0.234
> Config:R2#rbr
> router eigrp 2
>  network 181.16.2.0 0.0.0.3
>  network 181.16.2.4 0.0.0.3
>  network 181.16.2.8 0.0.0.3
>  no auto-summary
>  no eigrp log-neighbor-changes R2 and R5 running FR with ip split-horizon
> enabled on.
>
> 
>
> Add photos to your e-mail with MSN 8. Get 2 months FREE*.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64051&t=63900
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Saudi Arabia [7:64035]

[Symon Thurlow]

Keep an eye on jobserve.com

They come up there occasionally

Symon

-Original Message-
From: The guy in Sunny Southwest Florida [mailto:[EMAIL PROTECTED] 
Sent: 28 February 2003 00:38
To: [EMAIL PROTECTED]
Subject: Saudi Arabia [7:64035]


I heard that there are a lot of good Job opportunities is Saudi Arabia
for a CCIE ...  has any one heard of good job opportunities for CCIE
candidates?
=

 This email has been content filtered and
 subject to spam filtering. If you consider
 this email is unsolicited please forward
 the email to [EMAIL PROTECTED] and
 request that the sender's domain be
 blocked from sending any further emails.

=




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64050&t=64035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Certification question [7:63982]

[Andrew Larkins]

You will need to recertify entirely from CCNA again.
My CCNP is up for recert next year May - recert of go for CCIE??
Otherwise I lose my CCNP, CCDP, CSS1

-Original Message-
From: Stuart Pittwood [mailto:[EMAIL PROTECTED]
Sent: 27 February 2003 16:11
To: [EMAIL PROTECTED]
Subject: Certification question [7:63982]


Hi all,



My CCNA cert is due to expire in Feb 04, if I start the CCNP track now &
don't complete it before the CCNA cert expires, do I need to recert the
CCNA before I can continue the CCNP, would I have to redo any CCNP exams
completed?



Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64049&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Mutual Redistribution - OSPF routes in Eigrp [7:63923]

[dean penebacker]

k to redistribute into OSPF the command is

router (config-router)#redistribute protocol [process-id] [metric
metric-value] [metric-type type-value] [route-map map-tag] [subnets] [tag
tag-value]

example
router (config-router)#redistribute ospf 200 metric 64 2000 255 1 1500

and the command to redistribute into EIGRP

router (config-router)#redistribute protocol [process-id] [match {internal |
external 1 | external 2}] [metric metric-value] [route-map map-tag]

example
router (config-router)#redistribute eigrp 200 subnets

i don't think that there is a default originate command needed in this
scenario.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64048&t=63923
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DR ospf router [7:63983]

[dean penebacker]

when you configured ospf on the non DR router did you configure the DR
routers network. for example

router ospf 200
network ?

question mark would be the network of the DR router. You can check this by
going to the non DR router and doing

show ip route

to see if those routers have a path to the DR router. hope this helps. I am
studying BSCI right now so if it helps let me know.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64047&t=63983
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

show frame-relay traffic [7:64046]

[John Tafasi]

I have noticed that the show frame-relay traffic on my routers does not show
that routers have sent and received inverse arp requests. Does  any body
know why is that?

Thanks
John Tafasi


r5#show frame-relay map
Serial0 (up): ip 10.10.10.2 dlci 501(0x1F5,0x7C50), dynamic,
  broadcast,, status defined, active
Serial0 (up): ip 10.10.10.4 dlci 504(0x1F8,0x7C80), dynamic,
  broadcast,, status defined, active


r5#show frame-relay traffic
Frame Relay statistics:
ARP requests sent 0, ARP replies sent 0
ARP request recvd 0, ARP replies recvd 0
r5#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64046&t=64046
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Van Jacopson TCP/IP header compression (RFC 1144) [7:64045]

[John Tafasi]

Hi group,

Does the Van Jacopson TCP/IP header compression algorithm compresses both ip
and tcp headers or only the tcp header?

Thanks in advance

John Tafasi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64045&t=64045
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Looking for Used Cisco Equip's [7:64044]

[Steiven Poh-\(Jaring MailBox\)]

Dear Groups,

I'm looking below used cisco item, please look in to it and let me know asap.
My location is Malaysia. Thanks

*
*
Catalyst 4000 Chassis (6-Slot),Suprvsr II,(2)AC PS, Fans
Catalyst 4000 10/100 Auto Module,  48-Ports (RJ-45)
WAN Switch
Catalyst 6000 8 Port Gig Ethernet Module
Catalyst supervisor engine 1A + MSFC (for dist & backbone)
Catalyst 6509 Chassis
AC Power Supply (3rd)
Catalyst 6000 Supervisor Engine 1, 2 GE (for campus switch)
Software for MFSC
Catalyst 6000 1300W Power Supply
Catalyst 6000 1300W Second Power Supply
Catalyst 6000 48 Port 10/100 RJ-45 Module (Backbone switch)
1000BASE-LX "Long Wavelength" GBIC (MM Only)
Catalyst 4000 Chassis (6-Slot),Suprvsr II,(2)AC PS, Fans
Catalyst 6000 48 Port 10/100 RJ-45 Module
1000BASE-SX "Short Wavelength" GBIC (MM Only)
1000BASE-LX "Long Haul" GBIC (SM/MM)
Catalyst 6509 Chassis
Catalyst 6000 8 Port Gig Ethernet Module
Catalyst 6000 Agent License
Catalyst 4000 10/100 Auto Module,  48-Ports (RJ-45)
1000BASE-SX "Short Wavelength" GBIC (Multimode only)
Catalyst 6000 1300W Power Supply
Catalyst 6000 1300W Second Power Supply
Catalyst 4000 Gigabit Ethernet Module, 6-Ports (GBIC)
Catalyst 4000 Gigabit Ethernet Module, 6-Ports (GBIC)
Catalyst 6000 Supervisor PCMCIA Flash Memory Card, 24MB Option
AC Power Supply (3rd)
1000BASE-SX "Short Wavelength" GBIC (MM Only)
Catalyst 6000 Supervisor PCMCIA Flash Memory Card, 24MB Option
PROGRAM MGT & Installation
Medium WAN router
8-p OC3/STM-1 Module: 16k cons, 230k/230k
8-P T3 Module; 15k 32k cons, 100k/100k cell buff
4 port OC3 multimode ATM line card
Cisco12012 GSR 60Gbps;1GRP,1CSC,3SFC,1DC
GSR12000 single port Gigabit Ethernet line card
Universal Frame Relay Card (8 Ports)]
Catalyst 8540 Campus Switch Router (CSR) Chassis
Universal Frame Relay Card (8 Ports
One IGX-UXM with one BC-UAI-6-T3
BPX8620, 15-slot: Includes BCC-4V, BCC-3-BC,  ASM-BC
Cisco 7513 13-Slot, 2 CyBus, 1 RSP2, 1 AC Supply
Redundant BCC 20GBps w/128M DRAM & 4MB DRAM
Catalyst 8540 16-port 10/100 Fiber Card
IGX 8420 16-slot Chassis, Rack Mount
Catalyst 8540 CSR Switch Process
2 Port E3 Serial Port Adapter with E3 DSUs
Small WAN router
ATM Interface, SONET/SDH Multimode, 155 Mbps
2-Port Fast Ethernet Interface Processor (100FX)
RSP1/RSP2 IOS Enterprise/Encryption 56 Feature Set
Catalyst 8540 CSR Switch Processor - Installed
12-port F. Etherchannel 100BaseFX
Catalyst 4000 FE Switching Module, 24- 100FX (MTRJ)
Catalyst 8540 16-Port 10/100-RJ45 (16K)
2-Port Fast Ethernet Interface Processor (100TX)
Cisco 12012 GSR Redundant AC Supplies (4 AC Supplies)
Cisco 6348 building distribution switch (48-port copper)
Virtual Trunking license per node
Redundant IGX Network Processor Module 64 MB, Model B
Universal Frame Relay Module - Unchannelized
Catalyst 8540 16-port 10/100 RJ-45 Card
AC Power Option 3- Redundant Supplies/Redundant AC Line inputg
Versatile Interface Processor-2, model 40
5002/5000/5500 Supervisor Engine II FX - MMF
Catalyst 5002/5000/5505/5500 Supervisor II (100BaseFX, MMF)
ACL daugter card
Catalyst 8540 CSR Route Processor - Installed
Cisco 6408 campus distribution switch (8-port fiber)
Catalyst 6509 Chassis
Cisco 12012 Redundant GSR Scheduler/Fabric
Cisco 12000 Series GSR Base System Software
Universal Frame Relay Module - Unchannelized
Catalyst 6509 Chassis
256MB GRP and L.C. Program/Route Memory (2x128MB)
Cisco 7513 Dual AC Power Supply Option
1-Port ATM Enhanced OC3c/STM1 Multimode Port Adapter
8-Port Serial, V.35 Port Adapter
7200VXR NPE-300 w/ 32MB base mem + 128 MB extra mem
24 Port UTP 10/100 Switching Module
C8540 Chassis
Cisco7206VXR, 6-slotChassis, 1AC Supply w/IP Software
Cisco 3600 4-slot Modular Router-AC with IP Software
Catalyst 8540 2 Port GE (16K) - installed
Integrated Services Adapter for IPSec or MPPE encryption
24 Port 10/100TX Backbone Switching (FEC, 802.1Q/ISL, RJ-45)
8-p OC3/STM-1 Multi Mode Fiber Back Card (up to 2km span
Multi User configuration sessions per node
:[Upgrade of NPM-32 to NPM -64 when ordered with Package]
ForeSight License for each UFM
Catalyst 8540 CSR Redundant Power Supply -AC installed
256MB Memory for NPE-300 in 7200 Series
C8540 Power Supply - AC
C8540 Redundant Power Supply - AC
5500 AC Power Supply
5500 Chassis
128MB GRP and L.C.Program/Route Memory (1x128MB)
Cisco7200 Input/Output Controller with Fast Ethernet Port
1-Port Fast Ethernet 100BaseFx Port Adapter
Cisco7200 Dual AC Power Supply Option, 280W
Cisco 7200 Series IOS ENTERPRISE
1-Port Fast Ethernet 100BaseTx Port Adapter
DES/3DES VPN Encryption NM for 3620/3640
2 Ethernet 2 WAN Card Slot Network Module
Universal T3/E3 Back Card, SMB Connectors
Configuration Save and Restore License per node
STRATM-Cabinet
UFM-U Back Card 12V35 Ports
UFM Back Card, 8 T1 Ports w/DB15 Connectors
Multi-User Configuration Sessions]
32 to-64 MB DRAM Factory Upgrade for the Cisco 3620
Line Card Buffer Memory,32MB/32MB (Tx/Rx)
:[UFM-U Back Card, 12V35 Ports
UFM Back

Re: Cat4006 - Prompt [7:63984]

[John Neiberger]

""John Neiberger""  suffering from sleep
deprivation and possible insanity scribbled:
> You need to be in privileged (enable) mode to make changes.  In your
> example you're not in privileged mode.
>
> John
>
> >>> "Eagles Fan"  2/27/03 1:51:15 PM >>>
> I have tried that, unfortunately it doesn't take
>
> cat4006> (enable) set prompt
> Usage: set prompt
> cat4006> (enable)
>

Obviously, you are in 'enable' mode.  I have *no* idea what I was looking at
when I made that post. Please forgive me.  I'm going to refrain from posting
for the remainder of the day in order to limit the damage I might cause.
;-)

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64043&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Can you claim Cisco Tests as a tax exemption? [7:64042]

[Mossburg, Geoff (MAN-Corporate)]

Does anyone know if it's legal to claim the price of a Cisco test and/or
Cisco class as an exemption on your Federal taxes? From what I'm reading in
the IRS's Publication 529, "Miscellaneous Deductions", it sure seems like
it!
Geoff Mossburg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64042&t=64042
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MBGP/MPLS VPN question [7:64036]

[Henry D.]

I don't think they should have a problem. The VRF should be created just for
you so there should be no conflict. I never used this service from any of my
providers so I cannot be certain. But as far as I'm concerned they shouldn't
even care what addressing you're using between the sites. They provide the
tunnel
and shouldn't care much for your addressing scheme unless you ask them too,
and as long as your contract is properly setup I think it would be no big
deal.


""Lo Ching""  wrote in message
news:[EMAIL PROTECTED]
> Dear All,
>
> We have some ip address that use internally,eg, 30.x or 40.x but it is not
> in private address range. Can I still use this range when connect to the
> IP-VPN provider that using MPLS technology? I know that MPLS can allow
> overlapping of customer address by using VRF and RD. I wonder any
technical
> conflict issue on Normal BGP in this case.
>
> Thanks in advance.
>
> rgds,
> Lo Ching




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64041&t=64036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN client conflict [7:63951]

[Evans, TJ (BearingPoint)]

Dunno (if)/(how much) this helps - but I have heard similar complaints /
issues WRT the Nortel Contivity client and the Cisco VPN Client as well ... 


Thanks!
TJ
[EMAIL PROTECTED]
-Original Message-
From: Robert Edmonds [mailto:[EMAIL PROTECTED] 
Sent: Thursday, February 27, 2003 10:59 AM
To: [EMAIL PROTECTED]
Subject: Re: VPN client conflict [7:63951]

I'm not sure what the actual cause or fix is, but I had the same problem.  I
ended up uninstalling the AT&T client to get it to work.

""supernet""  wrote in message
news:[EMAIL PROTECTED]
> I have AT&T VPN client on my laptop. It stopped working after I
> installed Cisco VPN client. Is there any conflict between them? Is there
> a work around? Thanks. Yoshi.
**
The information in this email is confidential and may be legally 
privileged.  Access to this email by anyone other than the 
intended addressee is unauthorized.  If you are not the intended 
recipient of this message, any review, disclosure, copying, 
distribution, retention, or any action taken or omitted to be taken 
in reliance on it is prohibited and may be unlawful.  If you are not 
the intended recipient, please reply to or forward a copy of this 
message to the sender and delete the message, any attachments, 
and any copies thereof from your system.
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64040&t=63951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MBGP/MPLS VPN question [7:64036]

[Nick S.]

Theoritically a VRF operation should allow you to do it. Think of it as
having a GRE tunnel between 2 sites, and you use an "overlapping public
range" across it, you can do it.

It may still depend on the provider, so check with them

rgds

Nick


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64039&t=64036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2950 telnet access is lost after vlans [7:63789]

[Priscilla Oppenheimer]

J. Johnson wrote:
> 
> J. Johnson wrote:
> 
> 
> > It looks like the switch is not forwarding the
> > packets to the router for some reason, even though it does
> forward packets
> > for other 10.0.0.X addresses.
> 
> 
> What I wrote above is not correct.  (I was sniffing an unused
> port on the
> switch which I thought was properly set up to mirror the other
> ports.
> Somehow it was set up incorrectly.  Apologies for the error.) 
> The icmp
> echo request packets get to the linux router on the trunk via
> vlan 5, and
> back out to the switch on the trunk on vlan 7.  They then go
> from the
> switch to the 3600 router, and back out to the switch.
> 
> All this is as it should be - packets go from oreilly.net to
> the default
> router, the linux router, which then forwards them to its
> default router,
> the 3600, which routes them according to its table. 

You gotta get it to stop doing that! ;-) Seriously, why doesn't the Linux
router-on-a-stick know that the destination is local, on VLAN 7? Shouldn't
it know not to send this packet to another router? It should just ARP for
the destination and send the packet, perhaps tagged for VLAN 7.

> The 3600's
> table says
> that 10.0.0.6 is directly connected to the same port that the
> packet
> arrived on, so it returns the packet to the switch.
> 
> Now the packet stalls. 

My guess is that this packet didn't stall. The ping (echo request) made it
to its destination, the switch.

> The switch sends out an arp request

I bet that's so it can send the ping reply. 

> onto vlan 7 for

VLAN 7! ;-) Of course, it is in fact seeing that IP address coming in on
VLAN 7, so maybe it assumes that's where the address is really located and
ARPs to there. The source IP address has been remaining the same throughout
all this, though the MAC addresses have been changing. It sees the source IP
address for oreilly come in on VLAN 7. Could that be confusing it? I don't
think it should, but it might.

> the MAC of the box on oreilly.net that originally sent out the
> packet.  Of
> course, there is no reply, since oreilly.net is on vlan 5.
> 
> The only way I see to fix this is to enable proxy arp (is that
> the cisco
> terminology too?) on one of the routers.

Cisco has proxy ARP, but it's on by default. You should see if "no ip
proxy-arp" is in the config of the 3600. I'm having a hard time seeing how
Proxy ARP would help anyway. It would get even more convoluted then! :-) But
perhaps you have this figured out.

>  Is there a better way
> to handle
> this?

Redesign? Seriously, couldn't your inter-VLAN router be the 3600 instead of
the Linux box? That might not fix the problem though.

I guess we haven't yet asked you the obvious question. Can you send us the
config for your 2950? Can't guarantee anyone will have time to look at it
though. But I have a nagging suspicion at this point that it's the culprit.

Sorry I don't have a better answer!

Priscilla


> 
> James
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64038&t=63789
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NAT order of operation [7:64037]

[Masaru Umetsu]

Regading NAT order of operaion,I looked the URL below.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml


routing
$B"-(B
NAT inside to outside(local to global)


NAT outside to inside(global to local)
$B"-(B
routing

I don't understand the flow of above.
Please teach me the meaning of above easily by using example.

:-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64037&t=64037
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MBGP/MPLS VPN question [7:64036]

[Lo Ching]

Dear All,

We have some ip address that use internally,eg, 30.x or 40.x but it is not
in private address range. Can I still use this range when connect to the
IP-VPN provider that using MPLS technology? I know that MPLS can allow
overlapping of customer address by using VRF and RD. I wonder any technical
conflict issue on Normal BGP in this case.

Thanks in advance.

rgds,
Lo Ching


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64036&t=64036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cat4006 - Prompt [7:63984]

[John Brandis]

on this you are spot on, I use to have a 5505 that was in the same boat you
are in. I love my supIII
I just found a pix 515 in my bottom draw. 

Does any one know, how the pix 515, would compare to a checkpoint firewall
on a PIII 800hmz on Win2k 1G RAM with 600 users behind it just handling web
surfing, email and the like ? I am guessing the PC based checkpoint model
would win that race, but has any one here becnhmarked it ???

Thanks

Jb


-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED] 
Sent: Friday, 28 February 2003 11:25 AM
To: John Brandis
Cc: [EMAIL PROTECTED]
Subject: Re: Cat4006 - Prompt [7:63984]



   Not if you have a supII.  You obviously have only worked with 
supIII's and supIVs

   Dave

John Brandis wrote:
> Cat 4006 is IOS based from my experience
> 
> Cat4006> en
> Blah blah
> Cat4006# conf t
>  then try the hostname eaglesfan
> 
> Should work

-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill



**

visit http://www.solution6.com

UK Customers - http://www.solution6.co.uk

**

The Solution 6 Head Office and NSW Branch has moved premises.
Please make sure you have updated your records with our new details.

Level 14, 383 Kent Street, Sydney NSW 2000.

General Phone: 61 2 9278 0666

General Fax: 61 2 9278 0555

**

This email message (and attachments) may contain information that is
confidential to Solution 6. If you are not the intended recipient you cannot
use, distribute or copy the message or attachments.  In such a case, please
notify the sender by return email immediately and erase all copies of the
message and attachments.  Opinions, conclusions and other information in
this message and attachments that do not relate to the official business of
Solution 6 are neither given nor endorsed by it.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64034&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Saudi Arabia [7:64035]

[The guy in Sunny Southwest Florida]

I heard that there are a lot of good Job opportunities is Saudi Arabia for a
CCIE ...  has any one heard of good job opportunities for CCIE candidates?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64035&t=64035
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat4006 - Prompt [7:63984]

[MADMAN]

Not if you have a supII.  You obviously have only worked with 
supIII's and supIVs

   Dave

John Brandis wrote:
> Cat 4006 is IOS based from my experience
> 
> Cat4006> en
> Blah blah
> Cat4006# conf t
>  then try the hostname eaglesfan
> 
> Should work

-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64033&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: .Net Packet Capture [7:64011]

[Priscilla Oppenheimer]

Richard Burdette wrote:
> 
>> > > My
> > > system is
> > > continually (once a second) broadcasting to a destination
> port
> > > of 192.
> >
> One second, I think I've found the culprit just know from the
> website
> http://www.net.princeton.edu/software/osunms_probe/osunms_probe.8.html I
> found the following;
> 
> ***
> The probe packet is simply a UDP packet broadcasted to port
> 192. The
> packet's IP source is the (primary) IP address assigned to the
> interface
> specified on the commandline; the packet's UDP source port is
> specified with
> the -P option, or defaults to 55830.
> The UDP payload consists of one byte of x'01' followed by 115
> bytes of
> x'00'. (This is the probe packet observed to be used by version
> 1.2 of
> Apple's AirPort Admin Utility to locate potential Apple AirPort
> Basestations, and by Lucent's RG Setup to locate potential
> Lucent ORiNOCO
> Residental Gateways.

Interesting! This is good info to have. We probably have some of those on
our network too. Thanks for following through.

Priscilla

> 
> Because the program does not examine the response packet to
> determine if the
> respondent is indeed one of these devices, it is possible it
> will provoke
> responses from other devices listening on that port as well.
> 
> 
> 
> On this system I will switch between my Orinoco wireless and
> the NIC
> depending on what I'm doing on my network.  For some reason on
> this server,
> it will not allow me to disable the Wireless adapter.  As a
> workaround I
> disable the Radio that essntially kills that connection
> allowing me to then
> enable the NIC.  What must have happened is that the system did
> not realize
> what I had done and begun to look for the AP.  Sounds good
> anyway.
> 
> Sorry for the confusion.
> 
> 
> 
> 
> >
> > > Anyway, could anyone shed some light on what application or
> > > service on the
> > > server is causing this?
> >
> > I have a theory. I wonder if it is NetMonitor itself. It
> might be looking
> > for banner ads or gathering data for one of its tests?
> > Do you see this traffic even when not using NetMonitor? Try
> Ethereal. It's
> a
> > great free protocol analyzer.
> >
> > > I have always found tracking down an
> > > application
> > > causing packet output to be hard to find, does anyone have
> tips
> > > on resolving
> > > this type of scenario?
> >
> > It's truly a pain. The official list from the Internet
> Assigned Numbers
> > Authority just says this, as you probably know:
> >
> > osu-nms 192/tcpOSU Network Monitoring System
> > osu-nms 192/udpOSU Network Monitoring System
> > #  Doug Karl
> >
> > You could ask Doug?? :-)
> >
> > Are you sure it's not port 92, instead of port 192? That
> would make more
> > sense. Here's what IANA says about 92:
> >
> > npp  92/tcpNetwork Printing Protocol
> > npp  92/udpNetwork Printing Protocol
> >
> >
> > Or maybe 192 is Hex?? Probably not though. That would be 402,
> which
> doesn't
> > seem any more likely:
> >
> > genie   402/tcpGenie Protocol
> > genie   402/udpGenie Protocol
> > #  Mark Hankin
> >
> > Sorry I can't be more help.
> >
> > Priscilla
> >
> > >
> > > Thanks...
> > >
> > > Richard
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64032&t=64011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Disregard, RE: Cat 4006 Prompt [7:64031]

[John Neiberger]

John Neiberger suffering a fit of blindness and insanity wrote:

>You need to be in privileged (enable) mode to make changes.  In your
example you're not in privileged >mode.
>
>John
>
 "Eagles Fan"  2/27/03 1:51:15 PM >>>
>I have tried that, unfortunately it doesn't take
>
>cat4006> (enable) set prompt
>Usage: set prompt 
>cat4006> (enable)

Please disregard that statement.  I have no idea what I was looking at
when I wrote that.  :-)  

Sleep...I need sleep

Thanks,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64031&t=64031
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat4006 - Prompt [7:63984]

[John Neiberger]

You need to be in privileged (enable) mode to make changes.  In your
example you're not in privileged mode.

John

>>> "Eagles Fan"  2/27/03 1:51:15 PM >>>
I have tried that, unfortunately it doesn't take

cat4006> (enable) set prompt
Usage: set prompt 
cat4006> (enable)






>From: "ericbrouwers" 
>Reply-To: "ericbrouwers" 
>To: [EMAIL PROTECTED] 
>Subject: Re: Cat4006 - Prompt [7:63984]
>Date: Thu, 27 Feb 2003 18:02:39 GMT
>
>Hostnames and prompts can be changed by just entering the command with
no
>string; hit enter after command:
>
>Switch(enable) set system name
>or
>Switch(enable) set prompt
>
>Eric
>
>- Original Message -
>From: "Eagles Fan"
>To:
>Sent: Thursday, February 27, 2003 3:32 PM
>Subject: Cat4006 - Prompt [7:63984]
>
>
> > is it possible to clear the prompt after manually setting it?
> >
> > _
> > Protect your PC - get McAfee.com VirusScan Online
> > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 
_
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64030&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: some question about frame-relay configuration! [7:63973]

[Mustafa Furat]

I think its not about FR config but the physical layer.
You need to check the cables. You are not using any modems???
I hope this helps 


-Original Message-
From: tigers zheng [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 3:12 PM
To: [EMAIL PROTECTED]
Subject: some question about frame-relay configuration! [7:63973]


I have a question about frame-relay!Please tell me why it happened?
the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
r1:2511,r2:2620,r3:2621

the configuration:
r1:
interface s0
ip address 10.10.10.1 255.255.255.0
encapsulation frame-relay
frame-relay lmi-type ansi
frame-relay intf-type dte
frame-relay interface-dlci 100
!
r3:
interface s0/0
ip address 10.10.10.2 255.255.255.0
encapsulation frame-relay
frame-relay lmi-type ansi
frame-relay intf-type dte
frame-relay interface-dlci 101
!
r2:
frame-relay switching
int s0/0
no ip address
encapsulation frame-relay
clockrate 64000
frame-relay route 100 interface s0/1 101
frame-relay lmi-type ansi
frame-relay intf-type dce
!
int s0/1
no ip address
encapsulation frame-relay
clockrate 128000
frame-relay route 101 interface s0/0 100
frame-relay lmi-type ansi
frame-relay intf-type dce
!
But the serial of all of the router is shutdown,line protocol is also
down!
I want to know what happen!
Thanks very much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64003&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cat4006 - Prompt [7:63984]

[Daniel Cotts]

Do a "show system" If the System name is the same as the prompt you will
have to clear that too.

> -Original Message-
> From: Eagles Fan [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 27, 2003 2:51 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Cat4006 - Prompt [7:63984]
> 
> 
> I have tried that, unfortunately it doesn't take
> 
> cat4006> (enable) set prompt
> Usage: set prompt 
> cat4006> (enable)
> 
> 
> 
> 
> 
> 
> >From: "ericbrouwers" 
> >Reply-To: "ericbrouwers" 
> >To: [EMAIL PROTECTED]
> >Subject: Re: Cat4006 - Prompt [7:63984]
> >Date: Thu, 27 Feb 2003 18:02:39 GMT
> >
> >Hostnames and prompts can be changed by just entering the 
> command with no
> >string; hit enter after command:
> >
> >Switch(enable) set system name
> >or
> >Switch(enable) set prompt
> >
> >Eric
> >
> >- Original Message -
> >From: "Eagles Fan"
> >To:
> >Sent: Thursday, February 27, 2003 3:32 PM
> >Subject: Cat4006 - Prompt [7:63984]
> >
> >
> > > is it possible to clear the prompt after manually setting it?
> > >
> > > _
> > > Protect your PC - get McAfee.com VirusScan Online
> > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> _
> MSN 8 with e-mail virus protection service: 2 months FREE*  
> http://join.msn.com/?page=features/virus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64029&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: some question about frame-relay configuration! [7:63973]

[Monu Sekhon]

Hi ,
DTE end commands on the end routers r1 and r3 has no effect whhether u give
or not so not at all problem . yes they dont appear in running-config thats
true as by default is dte device(routers)
another thing as others suspect it could be wrong cable problem(probably DTE
and DCE end) . try running hdlc and check
Daniel Cotts wrote:
> 
> DTE/DCE has meaning at Layer 2 Frame Relay where DCE refers to
> the Frame
> Switch.
> DTE/DCE also has meaning at Layer 1 where we determine which
> end provides
> clocking to the line.
> They are two seperate configuration points. At layer one the
> DCE end could
> be the switch or the router. 
> If you are using a back-to-back serial cable, issue a show
> controllers s 0
> (or whatever your serial interface is named) (put a space
> between the word
> serial and the number). The output should tell you whether you
> have the DCE
> or DTE end of the cable. Configure a clock rate on the DCE
> end.
> 
> > -Original Message-
> > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, February 27, 2003 11:56 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: some question about frame-relay configuration!
> [7:63973]
> > 
> > 
> > The Long and Winding Road wrote:
> > > 
> > > the frame-relay intf-type command is used on a frame relay
> > > switch, as part
> > > of the switch to switch config. it should not be used on a
> > > customer edge
> > > device.
> > 
> > He set R1 and R3 to intf-type dte. That should work, 
> > shouldn't it? I tried
> > it on my "customer edge" routers and it takes the command but 
> > doesn't put it
> > in the config since it's the default. They are connected with 
> > serial xo
> > cables to a router in the middle that has "frame-relay
> switching" and
> > "intf-type dce" configured.
> > 
> > In other words, the same config as this fellow's, although my 
> > routers don't
> > leave the default config line in.
> > 
> > I would say check the cables. Are you sure you really have 
> > the dte end at
> > the dte router and the dce end at the dce router for both
> cables?
> > 
> > On some routers "show controler" will tell you.
> > 
> > Priscilla
> > 
> > 
> > > 
> > > if you were to enter the "frame-relay switching" commands
> on R1
> > > and R3, the
> > > interfaces would come up and the routers would engage in
> > > frame-relay switch
> > > signaling.
> > > 
> > > You probably want to remove the frame-relay intf-type
> commands
> > > from R1 and
> > > R3, making them customer edge devices, at which point they
> will
> > > communicate
> > > with R2
> > > 
> > > 
> > > ""tigers zheng""  wrote in message
> > > news:[EMAIL PROTECTED]
> > > > I have a question about frame-relay!Please tell me why it
> > > happened?
> > > > the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
> > > > r1:2511,r2:2620,r3:2621
> > > >
> > > > the configuration:
> > > > r1:
> > > > interface s0
> > > > ip address 10.10.10.1 255.255.255.0
> > > > encapsulation frame-relay
> > > > frame-relay lmi-type ansi
> > > > frame-relay intf-type dte
> > > > frame-relay interface-dlci 100
> > > > !
> > > > r3:
> > > > interface s0/0
> > > > ip address 10.10.10.2 255.255.255.0
> > > > encapsulation frame-relay
> > > > frame-relay lmi-type ansi
> > > > frame-relay intf-type dte
> > > > frame-relay interface-dlci 101
> > > > !
> > > > r2:
> > > > frame-relay switching
> > > > int s0/0
> > > > no ip address
> > > > encapsulation frame-relay
> > > > clockrate 64000
> > > > frame-relay route 100 interface s0/1 101
> > > > frame-relay lmi-type ansi
> > > > frame-relay intf-type dce
> > > > !
> > > > int s0/1
> > > > no ip address
> > > > encapsulation frame-relay
> > > > clockrate 128000
> > > > frame-relay route 101 interface s0/0 100
> > > > frame-relay lmi-type ansi
> > > > frame-relay intf-type dce
> > > > !
> > > > But the serial of all of the router is shutdown,line
> protocol
> > > is also
> > > down!
> > > > I want to know what happen!
> > > > Thanks very much!
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64028&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame-Relay issue [7:63446]

[Monu Sekhon]

Hi Deepak
Let me tell u that ur interface might be adminstratively down when u cut
pasted the config, Just make it up and then cut paste :-) and I have now
came to conclusion after research work
as It takes some time to shut the interface and bring back up so times get
timed out in that case sometimes.
Just try shut and no shut see it takes some  time to make interface up.

similarly I had ppp connection so when i cut paste my config there then also
the interface does not negotiate ip address due to this reason only, as shut
and no shut takes time, sometimes commands timeout in that case.as shutting
till the interupt goes ,again the no shut interupt goes neither gets
succesfully completed, easily observed in console debug.

If Interface is already shut down and then u do then its fine no problems as
link is properly down already just giving the no shut interupt to IOS makes
it up.

Deepak N wrote:
> 
> Hi Monu
> 
> I tried the configuration given by you. But i didnt find any
> problem in bringing up the interface when i cut and paste the
> configuration.
> Here is the config when i cut n paste the config from a text
> file
> 
> yourname(config)#interface Serial1/1
> yourname(config-if)#shut
> yourname(config-if)#encapsulation frame-relay
> yourname(config-if)#frame-relay lmi-type cisco
> yourname(config-if)#no shut
> yourname(config-if)#exit
> yourname(config)#interface Serial1/1.1 point-to-point
> yourname(config-subif)#no shutdown
> yourname(config-subif)#ip address 20.20.20.11 255.255.255.0
> yourname(config-subif)#frame-relay interface-dlci 108
> yourname(config-fr-dlci)#exit
> yourname(config-subif)#
> yourname(config-subif)#
> *Mar  1 00:48:19.271: %LINK-3-UPDOWN: Interface Serial1/1,
> changed state to up
> yourname(config-subif)#
> yourname(config-subif)#
> yourname(config-subif)#
> yourname(config-subif)#^Z
> yourname#
> yourname#
> *Mar  1 00:48:28.811: %SYS-5-CONFIG_I: Configured from console
> by console
> yourname#
> yourname#sh ip int brief
> *Mar  1 00:48:30.271: %LINEPROTO-5-UPDOWN: Line protocol on
> Interface Serial1/1,
>  changed state to up
> Interface  IP-Address  OK? Method
> StatusProt
> ocol
> FastEthernet0/0172.20.110.8YES manual
> upup
> 
> FastEthernet0/1unassigned  YES unset 
> updown
> 
> ATM0/0 unassigned  YES unset 
> upup
> 
> ATM0/1 unassigned  YES unset 
> upup
> 
> Serial1/0  unassigned  YES unset 
> down  down
> 
> Serial1/0.1unassigned  YES manual
> deleted   down
> 
> Serial1/1  unassigned  YES unset 
> upup
> 
> Serial1/1.120.20.20.11 YES manual
> upup
> 
> Serial1/2  unassigned  YES unset 
> down  down
> 
> FastEthernet1/0unassigned  YES unset 
> updown
> 
> FastEthernet1/1unassigned  YES unset 
> updown
> 
> yourname#
> 
> Please let me know ur comments
> 
> 
> Regards
> Deepak
> 
> 
> Priscilla Oppenheimer wrote:
> > 
> > There's obviously no good answer to why there are no problems
> > bringing the link up/up when you type in the commands one by
> > one but there are problems when you copy and paste them. Here
> > are some suggestions, though:
> > 
> > 1) You work for Cisco. Report it as a bug.
> > 2) The copy and paste is corrupting a character, forgetting to
> > do carriage return or something of that nature. Do all the
> > commands end up the in the running config?
> > 3) There's some sort of timing issue.
> > 
> > To fix the problem:
> > 
> > Don't do copy and paste that fast. :-)
> > 
> > Priscilla
> > 
> > Monu Sekhon wrote:
> > > 
> > > Hi Mark,
> > > Thanx for reply.but I mentioned that when we do shut & no
> shut
> > > again link comes up.no dlci, no lmi problem:
> > > I am testing in lab setup two rouetrs connnected to
> > frame-relay
> > > cloud
> > > Please do help anybody in this regard, why the link doesnot
> > > come at one instant
> > > why it requiers again shut and no shut, when i copy paste
> the
> > > config and when i give command by command then without gving
> > > shut and noshut the link comes up.
> > > 
> > > Mark W. Odette II wrote:
> > > > 
> > > > >>in show ip interface it shows as protocol down ,
> physical
> > > > link up.
> > > > >>sh frame-relay pvs shows as inactive.no lmi are
> exchanged.
> > > > 
> > > > Usually "Protocol Down, Link Up" indicates that you have
> > > > mismatched
> > > > encapsulation, LMI-Type, or even incorrect IP Addressing
> > > (wrong
> > > > Subnet
> > > > or incorrect Subnet Mask) between your end and the other
> end
> > > of
> > > > the FR
> > > > Network.
> > > > 
> > > > If no LMI is exchanged, then the LMI-Type is incorrect
> > 

RE: PIX VPN and IPSEC [7:64017]

[Greg Owens Jr]

The command isakmp
key ** address 0.0.0.0 is for Vpn client 1.1 not 3.x.  If you protect
all traffic the user will not be able to browse the internet.  If you
configure, Sliptunnel users can vpn into your network and browse the
internet using there ISP not your VPN

Greg Owens
202-398-2552
fax 202-399-7690
 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 3:39 PM
To: [EMAIL PROTECTED]
Subject: PIX VPN and IPSEC [7:64017]

I have a question regarding the configuration of manual IPSEC. I have to
create an access list to define the traffice to protect.

I want to connect to my office network from home. I have a DHCP assigned
address from my ISP so I can't specify a peer address. So I will use isakmp
key ** address 0.0.0.0 for now.

Now as far as the traffic goes. Should I specify protect all traffic or
what? What happens when I have multiple remote users? I would like the PIX
to be the end point so I can travel over my entire network (email, shares,
printers, etc). I'm a little confused on this..

Thanks in advance...

[GroupStudy removed an attachment of type text/x-vcard which had a name of
Greg Owens Jr ([EMAIL PROTECTED]).vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64026&t=64017
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat4006 - Prompt [7:63984]

[MADMAN]

FWIW The system name clears but not the prompt.  I'm running 7.2.2:

C4006A (enable) set system name
System name cleared.
C4006A (enable) set prompt
Usage: set prompt 
C4006A (enable)

   Dave

ericbrouwers wrote:
> Hostnames and prompts can be changed by just entering the command with no
> string; hit enter after command:
> 
> Switch(enable) set system name
>or
> Switch(enable) set prompt 
> 
> Eric
> 
> - Original Message -
> From: "Eagles Fan" 
> To: 
> Sent: Thursday, February 27, 2003 3:32 PM
> Subject: Cat4006 - Prompt [7:63984]
> 
> 
> 
>>is it possible to clear the prompt after manually setting it?
>>
>>_
>>Protect your PC - get McAfee.com VirusScan Online
>>http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"You don't make the poor richer by making the rich poorer." --Winston
Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64025&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

1FE2W issues [7:64024]

[Larry Letterman]

Product Number  Description
  NM-1FE2W  1 10/100 Ethernet 2 WAN Card Slot Network Module

  NM-2FE2W  2 10/100 Ethernet 2 WAN Card Slot Network Module

  NM-1FE1R2W  1 10/100 Ethernet 1 4/16 Token Ring 2 WAN Card Slot NM

  NM-2W  2 WAN Card Slot Network Module (no LAN)


The minimum level of IOS is IOS 12.0(7)XK or 12.1(1)T


Larry Letterman
Network Engineer
Cisco Systems




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64024&t=64024
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: .Net Packet Capture [7:64011]

[Richard Burdette]

Comments in line.

""Priscilla Oppenheimer""  wrote in message
news:[EMAIL PROTECTED]
> Richard Burdette wrote:
> >
> > Hello,
> >
> > I'm studying for the Support exam using the CiscoPress books
> > and Trouble
> > Shooting Campus Networks from Priscilla.  I must say that the
> > Trouble
> > Shooting book is excellent on its own, but especially so as
> > compared to the
> > CiscoPress offerings.
>
> Thanks. :-)
>
> >
> > Anyway I've been playing around with NetMonitor
>
> Are you referring to the NetMonitor application from ModemWizard?

I'm speaking of the 'ole Network Monitor utility from Microsoft.  The other
utility I was working with that also recorded these packets is a beta
application that runs on top of WinCap.

Well, now that I've restarted the system these broadcasts appear to have
stopped.

>
> > and also some
> > newer Unix
> > ported packet capture utilities on various platforms and came
> > across
> > something on a .Net Enterprise server that has me puzzled.
>
> So you are running NetMonitor on the .Net server?
>
> > My
> > system is
> > continually (once a second) broadcasting to a destination port
> > of 192.
>
> UDP? Probably since TCP doesn't usually broadcast. That is strange.
>
> >  A
> > lookup of ports reveals this is for OSU network monitoring
> > (Oregon State U).
>
> Uh, Ohio State. Don't blame us Oregonians. :-)

Sorry, I think it does have something to do with Oregon State

One second, I think I've found the culprit just know from the website
http://www.net.princeton.edu/software/osunms_probe/osunms_probe.8.html I
found the following;

***
The probe packet is simply a UDP packet broadcasted to port 192. The
packet's IP source is the (primary) IP address assigned to the interface
specified on the commandline; the packet's UDP source port is specified with
the -P option, or defaults to 55830.
The UDP payload consists of one byte of x'01' followed by 115 bytes of
x'00'. (This is the probe packet observed to be used by version 1.2 of
Apple's AirPort Admin Utility to locate potential Apple AirPort
Basestations, and by Lucent's RG Setup to locate potential Lucent ORiNOCO
Residental Gateways.

Because the program does not examine the response packet to determine if the
respondent is indeed one of these devices, it is possible it will provoke
responses from other devices listening on that port as well.



On this system I will switch between my Orinoco wireless and the NIC
depending on what I'm doing on my network.  For some reason on this server,
it will not allow me to disable the Wireless adapter.  As a workaround I
disable the Radio that essntially kills that connection allowing me to then
enable the NIC.  What must have happened is that the system did not realize
what I had done and begun to look for the AP.  Sounds good anyway.

Sorry for the confusion.




>
> > Anyway, could anyone shed some light on what application or
> > service on the
> > server is causing this?
>
> I have a theory. I wonder if it is NetMonitor itself. It might be looking
> for banner ads or gathering data for one of its tests?
> Do you see this traffic even when not using NetMonitor? Try Ethereal. It's
a
> great free protocol analyzer.
>
> > I have always found tracking down an
> > application
> > causing packet output to be hard to find, does anyone have tips
> > on resolving
> > this type of scenario?
>
> It's truly a pain. The official list from the Internet Assigned Numbers
> Authority just says this, as you probably know:
>
> osu-nms 192/tcpOSU Network Monitoring System
> osu-nms 192/udpOSU Network Monitoring System
> #  Doug Karl
>
> You could ask Doug?? :-)
>
> Are you sure it's not port 92, instead of port 192? That would make more
> sense. Here's what IANA says about 92:
>
> npp  92/tcpNetwork Printing Protocol
> npp  92/udpNetwork Printing Protocol
>
>
> Or maybe 192 is Hex?? Probably not though. That would be 402, which
doesn't
> seem any more likely:
>
> genie   402/tcpGenie Protocol
> genie   402/udpGenie Protocol
> #  Mark Hankin
>
> Sorry I can't be more help.
>
> Priscilla
>
> >
> > Thanks...
> >
> > Richard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64023&t=64011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cat4006 - Prompt [7:63984]

[John Brandis]

Cat 4006 is IOS based from my experience

Cat4006> en
Blah blah
Cat4006# conf t
 then try the hostname eaglesfan

Should work


-Original Message-
From: Eagles Fan [mailto:[EMAIL PROTECTED] 
Sent: Friday, 28 February 2003 7:51 AM
To: [EMAIL PROTECTED]
Subject: Re: Cat4006 - Prompt [7:63984]


I have tried that, unfortunately it doesn't take

cat4006> (enable) set prompt
Usage: set prompt 
cat4006> (enable)






>From: "ericbrouwers"
>Reply-To: "ericbrouwers" 
>To: [EMAIL PROTECTED]
>Subject: Re: Cat4006 - Prompt [7:63984]
>Date: Thu, 27 Feb 2003 18:02:39 GMT
>
>Hostnames and prompts can be changed by just entering the command with 
>no string; hit enter after command:
>
>Switch(enable) set system name
>or
>Switch(enable) set prompt
>
>Eric
>
>- Original Message -
>From: "Eagles Fan"
>To:
>Sent: Thursday, February 27, 2003 3:32 PM
>Subject: Cat4006 - Prompt [7:63984]
>
>
> > is it possible to clear the prompt after manually setting it?
> >
> > _
> > Protect your PC - get McAfee.com VirusScan Online 
> > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
_
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus
**

visit http://www.solution6.com

UK Customers - http://www.solution6.co.uk

**

The Solution 6 Head Office and NSW Branch has moved premises.
Please make sure you have updated your records with our new details.

Level 14, 383 Kent Street, Sydney NSW 2000.

General Phone: 61 2 9278 0666

General Fax: 61 2 9278 0555

**

This email message (and attachments) may contain information that is
confidential to Solution 6. If you are not the intended recipient you cannot
use, distribute or copy the message or attachments.  In such a case, please
notify the sender by return email immediately and erase all copies of the
message and attachments.  Opinions, conclusions and other information in
this message and attachments that do not relate to the official business of
Solution 6 are neither given nor endorsed by it.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64022&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: some question about frame-relay configuration! [7:63973]

[Larry Letterman]

did you enter the no shut command ?

Larry Letterman
Network Engineer
Cisco Systems


  - Original Message -
  From: tigers zheng
  To: [EMAIL PROTECTED]
  Sent: Thursday, February 27, 2003 5:11 AM
  Subject: some question about frame-relay configuration! [7:63973]


  I have a question about frame-relay!Please tell me why it happened?
  the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
  r1:2511,r2:2620,r3:2621

  the configuration:
  r1:
  interface s0
  ip address 10.10.10.1 255.255.255.0
  encapsulation frame-relay
  frame-relay lmi-type ansi
  frame-relay intf-type dte
  frame-relay interface-dlci 100
  !
  r3:
  interface s0/0
  ip address 10.10.10.2 255.255.255.0
  encapsulation frame-relay
  frame-relay lmi-type ansi
  frame-relay intf-type dte
  frame-relay interface-dlci 101
  !
  r2:
  frame-relay switching
  int s0/0
  no ip address
  encapsulation frame-relay
  clockrate 64000
  frame-relay route 100 interface s0/1 101
  frame-relay lmi-type ansi
  frame-relay intf-type dce
  !
  int s0/1
  no ip address
  encapsulation frame-relay
  clockrate 128000
  frame-relay route 101 interface s0/0 100
  frame-relay lmi-type ansi
  frame-relay intf-type dce
  !
  But the serial of all of the router is shutdown,line protocol is also down!
  I want to know what happen!
  Thanks very much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64009&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2950 telnet access is lost after vlans [7:63789]

[J. Johnson]

J. Johnson wrote:


> It looks like the switch is not forwarding the
> packets to the router for some reason, even though it does forward packets
> for other 10.0.0.X addresses.


What I wrote above is not correct.  (I was sniffing an unused port on the 
switch which I thought was properly set up to mirror the other ports.  
Somehow it was set up incorrectly.  Apologies for the error.)  The icmp 
echo request packets get to the linux router on the trunk via vlan 5, and 
back out to the switch on the trunk on vlan 7.  They then go from the 
switch to the 3600 router, and back out to the switch.

All this is as it should be - packets go from oreilly.net to the default 
router, the linux router, which then forwards them to its default router, 
the 3600, which routes them according to its table.  The 3600's table says 
that 10.0.0.6 is directly connected to the same port that the packet 
arrived on, so it returns the packet to the switch.

Now the packet stalls.  The switch sends out an arp request onto vlan 7 for 
the MAC of the box on oreilly.net that originally sent out the packet.  Of 
course, there is no reply, since oreilly.net is on vlan 5.

The only way I see to fix this is to enable proxy arp (is that the cisco 
terminology too?) on one of the routers.  Is there a better way to handle 
this?

James




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64021&t=63789
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: .Net Packet Capture [7:64011]

[Priscilla Oppenheimer]

Richard Burdette wrote:
> 
> Hello,
> 
> I'm studying for the Support exam using the CiscoPress books
> and Trouble
> Shooting Campus Networks from Priscilla.  I must say that the
> Trouble
> Shooting book is excellent on its own, but especially so as
> compared to the
> CiscoPress offerings.

Thanks. :-)

> 
> Anyway I've been playing around with NetMonitor 

Are you referring to the NetMonitor application from ModemWizard?

> and also some
> newer Unix
> ported packet capture utilities on various platforms and came
> across
> something on a .Net Enterprise server that has me puzzled. 

So you are running NetMonitor on the .Net server?

> My
> system is
> continually (once a second) broadcasting to a destination port
> of 192.

UDP? Probably since TCP doesn't usually broadcast. That is strange.

>  A
> lookup of ports reveals this is for OSU network monitoring
> (Oregon State U).

Uh, Ohio State. Don't blame us Oregonians. :-)

> Anyway, could anyone shed some light on what application or
> service on the
> server is causing this?  

I have a theory. I wonder if it is NetMonitor itself. It might be looking
for banner ads or gathering data for one of its tests?
Do you see this traffic even when not using NetMonitor? Try Ethereal. It's a
great free protocol analyzer.

> I have always found tracking down an
> application
> causing packet output to be hard to find, does anyone have tips
> on resolving
> this type of scenario?

It's truly a pain. The official list from the Internet Assigned Numbers
Authority just says this, as you probably know:

osu-nms 192/tcpOSU Network Monitoring System   
osu-nms 192/udpOSU Network Monitoring System   
#  Doug Karl 

You could ask Doug?? :-)

Are you sure it's not port 92, instead of port 192? That would make more
sense. Here's what IANA says about 92:

npp  92/tcpNetwork Printing Protocol
npp  92/udpNetwork Printing Protocol


Or maybe 192 is Hex?? Probably not though. That would be 402, which doesn't
seem any more likely:

genie   402/tcpGenie Protocol
genie   402/udpGenie Protocol
#  Mark Hankin 

Sorry I can't be more help.

Priscilla

> 
> Thanks...
> 
> Richard
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64020&t=64011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CiscoSecure Question [7:63941]

[Mossburg, Geoff (MAN-Corporate)]

LOL If I use all the information you guys have given me, I'll end up
reducing the size of our CiscoSecure Network Configuration list from 410
entries to maybe 1 or 2 Thanks everyone, very, very much!!
Geoff Mossburg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64019&t=63941
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat4006 - Prompt [7:63984]

[Eagles Fan]

I have tried that, unfortunately it doesn't take

cat4006> (enable) set prompt
Usage: set prompt 
cat4006> (enable)






>From: "ericbrouwers" 
>Reply-To: "ericbrouwers" 
>To: [EMAIL PROTECTED]
>Subject: Re: Cat4006 - Prompt [7:63984]
>Date: Thu, 27 Feb 2003 18:02:39 GMT
>
>Hostnames and prompts can be changed by just entering the command with no
>string; hit enter after command:
>
>Switch(enable) set system name
>or
>Switch(enable) set prompt
>
>Eric
>
>- Original Message -
>From: "Eagles Fan"
>To:
>Sent: Thursday, February 27, 2003 3:32 PM
>Subject: Cat4006 - Prompt [7:63984]
>
>
> > is it possible to clear the prompt after manually setting it?
> >
> > _
> > Protect your PC - get McAfee.com VirusScan Online
> > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
_
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64018&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Certification question [7:63982]

[Larry Letterman]

I believe if you acquire the ccnp before the ccna expires,
the ccna is re-enabled. If it expires before you get the new
cert, you'll lose it...

However I maybe incorrect..

Larry Letterman
Network Engineer
Cisco Systems


  - Original Message -
  From: Stuart Pittwood
  To: [EMAIL PROTECTED]
  Sent: Thursday, February 27, 2003 6:10 AM
  Subject: Certification question [7:63982]


  Hi all,



  My CCNA cert is due to expire in Feb 04, if I start the CCNP track now &
  don't complete it before the CCNA cert expires, do I need to recert the
  CCNA before I can continue the CCNP, would I have to redo any CCNP exams
  completed?



  Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64004&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX VPN/IPSEC [7:64016]

[[EMAIL PROTECTED]]

I have a question regarding the configuration of manual IPSEC. I have to
create an access list to define the traffice to protect.

I want to connect to my office network from home. I have a DHCP assigned
address from my ISP so I can't specify a peer address. So I will use isakmp
key ** address 0.0.0.0 for now.

Now as far as the traffic goes. Should I specify protect all traffic or
what? What happens when I have multiple remote users? I would like the PIX
to be the end point so I can travel over my entire network (email, shares,
printers, etc). I'm a little confused on this..

Thanks in advance...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64016&t=64016
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX VPN and IPSEC [7:64017]

[[EMAIL PROTECTED]]

I have a question regarding the configuration of manual IPSEC. I have to
create an access list to define the traffice to protect.

I want to connect to my office network from home. I have a DHCP assigned
address from my ISP so I can't specify a peer address. So I will use isakmp
key ** address 0.0.0.0 for now.

Now as far as the traffic goes. Should I specify protect all traffic or
what? What happens when I have multiple remote users? I would like the PIX
to be the end point so I can travel over my entire network (email, shares,
printers, etc). I'm a little confused on this..

Thanks in advance...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64017&t=64017
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: some question about frame-relay configuration! [7:63973]

[Daniel Cotts]

DTE/DCE has meaning at Layer 2 Frame Relay where DCE refers to the Frame
Switch.
DTE/DCE also has meaning at Layer 1 where we determine which end provides
clocking to the line.
They are two seperate configuration points. At layer one the DCE end could
be the switch or the router. 
If you are using a back-to-back serial cable, issue a show controllers s 0
(or whatever your serial interface is named) (put a space between the word
serial and the number). The output should tell you whether you have the DCE
or DTE end of the cable. Configure a clock rate on the DCE end.  

> -Original Message-
> From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 27, 2003 11:56 AM
> To: [EMAIL PROTECTED]
> Subject: Re: some question about frame-relay configuration! [7:63973]
> 
> 
> The Long and Winding Road wrote:
> > 
> > the frame-relay intf-type command is used on a frame relay
> > switch, as part
> > of the switch to switch config. it should not be used on a
> > customer edge
> > device.
> 
> He set R1 and R3 to intf-type dte. That should work, 
> shouldn't it? I tried
> it on my "customer edge" routers and it takes the command but 
> doesn't put it
> in the config since it's the default. They are connected with 
> serial xo
> cables to a router in the middle that has "frame-relay switching" and
> "intf-type dce" configured.
> 
> In other words, the same config as this fellow's, although my 
> routers don't
> leave the default config line in.
> 
> I would say check the cables. Are you sure you really have 
> the dte end at
> the dte router and the dce end at the dce router for both cables?
> 
> On some routers "show controler" will tell you.
> 
> Priscilla
> 
> 
> > 
> > if you were to enter the "frame-relay switching" commands on R1
> > and R3, the
> > interfaces would come up and the routers would engage in
> > frame-relay switch
> > signaling.
> > 
> > You probably want to remove the frame-relay intf-type commands
> > from R1 and
> > R3, making them customer edge devices, at which point they will
> > communicate
> > with R2
> > 
> > 
> > ""tigers zheng""  wrote in message
> > news:[EMAIL PROTECTED]
> > > I have a question about frame-relay!Please tell me why it
> > happened?
> > > the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
> > > r1:2511,r2:2620,r3:2621
> > >
> > > the configuration:
> > > r1:
> > > interface s0
> > > ip address 10.10.10.1 255.255.255.0
> > > encapsulation frame-relay
> > > frame-relay lmi-type ansi
> > > frame-relay intf-type dte
> > > frame-relay interface-dlci 100
> > > !
> > > r3:
> > > interface s0/0
> > > ip address 10.10.10.2 255.255.255.0
> > > encapsulation frame-relay
> > > frame-relay lmi-type ansi
> > > frame-relay intf-type dte
> > > frame-relay interface-dlci 101
> > > !
> > > r2:
> > > frame-relay switching
> > > int s0/0
> > > no ip address
> > > encapsulation frame-relay
> > > clockrate 64000
> > > frame-relay route 100 interface s0/1 101
> > > frame-relay lmi-type ansi
> > > frame-relay intf-type dce
> > > !
> > > int s0/1
> > > no ip address
> > > encapsulation frame-relay
> > > clockrate 128000
> > > frame-relay route 101 interface s0/0 100
> > > frame-relay lmi-type ansi
> > > frame-relay intf-type dce
> > > !
> > > But the serial of all of the router is shutdown,line protocol
> > is also
> > down!
> > > I want to know what happen!
> > > Thanks very much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64015&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Linksys IPSec w/XP [7:64014]

[Andrew Dorsett]

Ok sorry for the non-cisco post but here goes.  I have one of those small
Linksys BEFVP41 boxes.  I'm trying to setup a VPN (IPSec Tunnel Mode)
connection from WinXP to the Linksys.  I followed Linksys' directions
entirely and it fails to work.  The Linksys shows the connection as being
connected but when you try to ping someone on the other side it returns
response timed out.  I also found some slick directions on the net for
doing it manually.  Neither works.  Now I can connect to the box with SSH
Sentinel client but I don't want to pay for it if I can use XP's built in
functions.  Does anyone have any pointers that could be on what I'm
missing?

Thanks,
Andrew
---

http://www.andrewsworld.net/
ICQ: 2895251
Cisco Certified Network Associate

"Learn from the mistakes of others. You won't live long enough to make all
of them yourself."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64014&t=64014
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Lab setup [7:63809]

[Geoff Kuchera]

Here is the gist of how I have mine setup..

I have a 2621 that I use for a firewall it works great.
  FastE0/0 -> Cable Modem -> internet
  FastE0/1 isl-trunk-> Switch


interface FastEthernet0/0
 description Cable Modem Access Point
 ip address dhcp client-id FastEthernet0/0   ; Hi guys
>
> Just bought a lab and iv been reading some posts here and there are
> alot of great guys and ladies aswell. Passed my CCNA but im struggling
> with the best way to set up my lab for CCNP as I get a DHCP issued IP
> address from my ISP. If this is a fundamental question I apologise as
> all my CCNA stuff was self study and sims now I want to mess with the
> products.
>
> 2 x 2501 and a 2503 can I can I configure the serial port for dhcp.or
> do I need to configure he ethernet port for dhcp. Im sure ive seen this
> done. Any help with setting up the lab scenarios etc would be great
> Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64013&t=63809
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Networking problem [7:64012]

[Adeboye Onifade]

Dear All,
I have installed: on the LAN server running, windows 2000, but the work 
stations
use  win98 operating systems, but the work stations appears to be 
much more
faster than the server, We use 10/100 mbps Switches with Hubs, 
please, does
anyone know how to make the server more efficient in speed? Putting 
in mind
that the IDU (indoor Unit) from the VSAT is connected to the Server. 
The
server is a Pentium 3, 128MB changed to 256, it's also on full duplex on the
switch/ hubs etc could anyone advise on how to make the server more
efficient!

Please email me offlist! on [EMAIL PROTECTED]
 Kind Regards,
Adeboye



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64012&t=64012
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

.Net Packet Capture [7:64011]

[Richard Burdette]

Hello,

I'm studying for the Support exam using the CiscoPress books and Trouble
Shooting Campus Networks from Priscilla.  I must say that the Trouble
Shooting book is excellent on its own, but especially so as compared to the
CiscoPress offerings.

Anyway I've been playing around with NetMonitor and also some newer Unix
ported packet capture utilities on various platforms and came across
something on a .Net Enterprise server that has me puzzled.  My system is
continually (once a second) broadcasting to a destination port of 192.  A
lookup of ports reveals this is for OSU network monitoring (Oregon State U).
Anyway, could anyone shed some light on what application or service on the
server is causing this?  I have always found tracking down an application
causing packet output to be hard to find, does anyone have tips on resolving
this type of scenario?

Thanks...

Richard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64011&t=64011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 2950 telnet access is lost after vlans [7:63789]

[J. Johnson]

Priscilla Oppenheimer wrote:


> The picture got a bit munged. I think I understand it, though. The
> router-on-a stick is the Linux box and it's supposed to be on the right
> side of the drawing? What do you mean by ix86? It's not a 486 machine is
> it? Ugh.
> :-)

Sorry for the wraparound problem - yes, you understand the configuration 
correctly.  The router-on-a-stick is an Intel 686 running Linux.  The four 
local networks are oreilly, colophon, zoo, and safari.  safari is connected 
into a 3600 with a loopback address of 10.0.0.5, which in turn goes out to 
the rest of the network.  The 3600's interface has an address on 
safari.net.

The rest of your questions are answered below, inline.  I don't think it's 
the fault of the linux box, though.  Note that pings make it to the wire 
between oreilly.net and the switch, but not onto the trunk wire.  That was 
a good suggestion to recheck the MAC address of the ping packets.  The MAC 
destination addresses on the oreilly.net packets are the MAC of the linux 
router, as expected.  It looks like the switch is not forwarding the 
packets to the router for some reason, even though it does forward packets 
for other 10.0.0.X addresses.

Something I don't understand in IOS is the role of secondary IP addresses on 
a switch.  In looking into this problem, I've set several, but they don't 
appear to have any effect, and I can't even do a "show ip interface 
secondary" kind of command to find out what the secondary addresses are 
now.  I wouldn't think that a secondary IP address should have an effect on 
whether the switch forwards packets to the router, though.

> 
>> 
>> |--|  |--|
>> | oreilly.net  |--|vlan5 |
>> |--|  |  |
>>   |  |
>> |--|  |  |
>> | colophon.net |--|vlan6s|
>> |--|  |   2 w|  802.1Q| one
>> interface
>>   |   9 i||
>> "router-on-a-stick"
>> |--|  |   5 t|  vlan5-8   | ix86
>> running linux
>> | zoo.net  |--|vlan8  0 c|
>> |--|  | h|
>>   |  |
>> |--|  |  |
>> | safari.net   |--|vlan7 |
>> |--|  |--|
>>|
>>  -
>>   3600 router
>> loopback address
>>10.0.0.5
>>  -
>>  | | |
>>   big
>> network
>>  cloud
>> 

> 
> What is the MAC destination address in these pings from the oreilly.net
> box? 

The sniffer on the vlan 5 wire shows the destination MAC is the MAC of the 
linux router interface, as it should be.

> What is the box on oreilly.net using for its default gateway? It
> sounds like it should be using the Linux router-on-a-stick. Maybe it's
> not?

Yes, it is properly set up.  The default gateway for the oreilly.net box is 
the linux router.  The default gateway for the linux router is the 
safari.net interface address of the 3600.  Other packets route properly.

> I hate to say it, but to debug the problem we would have to see the config
> of the Linus router-on-a-stick too. You say it's doing 802.1Q? I didn't
> know it could do that. :-)

Recent kernels have 802.1Q built in.  As noted below, ethernet drivers may 
need to be patched to handle large packets.

> Are you sure it's a stable and standard
> implementation?

The kernel proper is probably pretty solid.  The ethernet card driver had to 
be patched, though, so that it could handle large vlan packets.  The 
unpatched driver would drop packets larger than the MTU size, before the 
kernel's 802.1Q code could strip off the vlan tag.  With the patch, the 
router appears to be handling trunked packets properly.

> Does it have subinterfaces like a "real" router would have
> and an address on all the subnets?

Yes.  Each subinterface is designated eth0.N where N is the vlan number.  
Each eth0.N has a unique address in the local network address space of the 
vlan'd local network.  If you speak Linux (or for you lurkers who do) note 
that eth0.N is not the same as the notation for an aliased network, which 
would be eth0:N.

> Is the Linux box running a firewall that could be blocking traffic?

No.  Neither iptables nor ipchains is running on this box.

> Does the Linux box have some troubleshooting tools you could use to see
> what traffic it's handling??

The sniffer tcpdump is all I'm using.  Are there other tools besides a 
sniffer that would be good to have?

>> but another sniffer sees nothing on the
>> 802.1Q trunk
>> wire and, of course, the ping is not successful.  On the other
>> hand, when a
>> box on oreilly.net pings 10.0.0.5, it does so successfully.
>> Wierd.
> 
> Is that its own subnet, though? That you might expect to work.

10.0.0.0/24 is unique in this network to the routers and switches, and is 
used for administration.  The local networks don't know about 10

Sniffer Is Working [7:64008]

[PacketEXPERTS]

Sniffer PRO 4.5 does work with XP.
Not sure why it did not work from the start.
NetXray 3.0 still remains a no show, well really it is
working, but not finding the NIC.

Thanks guys

___
Sent by ePrompter, the premier email notification
software.
Free download at http://www.ePrompter.com.

__
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64008&t=64008
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACS Database [7:64007]

[Robert Perez]

Hi All,

With Cisco Secure ACS and the PIX Firewall if I use the PIX to auth VPN
client connections with the shared password and then use the TACACS+ Server
to ask for credentials will that info be passed to and from the client in
clear text format over the internet? PAP??  I have not configured the ACS to
use rRadius or anything just plain TACACS.  Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64007&t=64007
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ACS Database Repl Problem [7:63988]

[Carroll Kong]

Try the counter intuitive.  There is another list there somewhere, I 
do not have ACS 3.0 up on here right now but we DID see this before 
and spent many hours on it, just like you.  :(

My colleagues ran into this, and it was just because the prompts 
seemed counter intuitive on "who is a replication" partner or not.  
Try inverting them.  I would do a personal backup first though before 
you try it.

Unfortunately this was a few months ago, and I did not work on it 
directly to tell you the precise prompt.  However, try inverting them 
or looking for another subtle list of allowable servers.  Or there 
was another odd list to denote who is allowed to replicate or not.  
It was very counter intuitive to my colleagues.  I think we resolved 
this before TAC could, but if you could get them on the phone, ask 
them specifically which area you should be looking at.

Let me see if I can get it loaded up, but there is one more odd list 
or something counter intuitive (it was definitely a list of 'adding' 
'removing' different servers).

> I'm running two CiscoSecure ACS 3.0 servers on W2K and trying to replicate
> the database from one to the other.
> They can both see eachother and are setup as replication partners.  
> One is set to send all components and one to receive all components.  They
> both have the other server listed under "Accept replication from".
> 
> Both are set for Manual replication, but when I click on "Replicate Now",
> the screen refreshes immediately and the following message is logged in
> "Reports and Activity" under "Database Replicaton":
> 02/27/2003 10:27:12 INFO Outbound replication cycle completed 
> 02/27/2003 10:27:12 ERROR ACS '' has denied replication request 
> 02/27/2003 10:27:08 INFO Outbound replication cycle starting... 
> The other server logs the following info:
> 02/27/2003 10:28:50 ERROR Inbound database replication from ACS '' denied 
> 
> (Server names removed to protect the guilty.)
> 
> It doesn't matter which server I try to kick off replication from.  The
> other one always seems to deny it.  I did a search on cisco.com for this,
> but got nothing.
> If anyone can give me some guidance here or something to check, I'd
> appreciate it.
> 
> thanks,
> Aaron
-Carroll Kong




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64006&t=63988
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNP Recertification Exam [7:63932]

[Georgescu, Aurelian]

There is no single book that covers all.

The official Cisco response is that you have to know all the material from
all four exams that make out the CCNP certification:

http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam
s/640-604.html
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam
s/640-605.html
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam
s/640-503.html
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam
s/640-025.html

Aurelian 

-Original Message-
From: Masaru Umetsu [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 9:32 PM
To: [EMAIL PROTECTED]
Subject: CCNP Recertification Exam [7:63932]

I have to take a exam of CCNP Recertification in this year.
If you know the book to study for CCNP Recertification,
please give me an advice.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64005&t=63932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat4006 - Prompt [7:63984]

[ericbrouwers]

Hostnames and prompts can be changed by just entering the command with no
string; hit enter after command:

Switch(enable) set system name
   or
Switch(enable) set prompt 

Eric

- Original Message -
From: "Eagles Fan" 
To: 
Sent: Thursday, February 27, 2003 3:32 PM
Subject: Cat4006 - Prompt [7:63984]


> is it possible to clear the prompt after manually setting it?
>
> _
> Protect your PC - get McAfee.com VirusScan Online
> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64002&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: some question about frame-relay configuration! [7:63973]

[Priscilla Oppenheimer]

The Long and Winding Road wrote:
> 
> the frame-relay intf-type command is used on a frame relay
> switch, as part
> of the switch to switch config. it should not be used on a
> customer edge
> device.

He set R1 and R3 to intf-type dte. That should work, shouldn't it? I tried
it on my "customer edge" routers and it takes the command but doesn't put it
in the config since it's the default. They are connected with serial xo
cables to a router in the middle that has "frame-relay switching" and
"intf-type dce" configured.

In other words, the same config as this fellow's, although my routers don't
leave the default config line in.

I would say check the cables. Are you sure you really have the dte end at
the dte router and the dce end at the dce router for both cables?

On some routers "show controler" will tell you.

Priscilla


> 
> if you were to enter the "frame-relay switching" commands on R1
> and R3, the
> interfaces would come up and the routers would engage in
> frame-relay switch
> signaling.
> 
> You probably want to remove the frame-relay intf-type commands
> from R1 and
> R3, making them customer edge devices, at which point they will
> communicate
> with R2
> 
> 
> ""tigers zheng""  wrote in message
> news:[EMAIL PROTECTED]
> > I have a question about frame-relay!Please tell me why it
> happened?
> > the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
> > r1:2511,r2:2620,r3:2621
> >
> > the configuration:
> > r1:
> > interface s0
> > ip address 10.10.10.1 255.255.255.0
> > encapsulation frame-relay
> > frame-relay lmi-type ansi
> > frame-relay intf-type dte
> > frame-relay interface-dlci 100
> > !
> > r3:
> > interface s0/0
> > ip address 10.10.10.2 255.255.255.0
> > encapsulation frame-relay
> > frame-relay lmi-type ansi
> > frame-relay intf-type dte
> > frame-relay interface-dlci 101
> > !
> > r2:
> > frame-relay switching
> > int s0/0
> > no ip address
> > encapsulation frame-relay
> > clockrate 64000
> > frame-relay route 100 interface s0/1 101
> > frame-relay lmi-type ansi
> > frame-relay intf-type dce
> > !
> > int s0/1
> > no ip address
> > encapsulation frame-relay
> > clockrate 128000
> > frame-relay route 101 interface s0/0 100
> > frame-relay lmi-type ansi
> > frame-relay intf-type dce
> > !
> > But the serial of all of the router is shutdown,line protocol
> is also
> down!
> > I want to know what happen!
> > Thanks very much!
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64001&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Certification question [7:63982]

[Priscilla Oppenheimer]

642-871 ARCH is in beta. It replaces CID. I assume others are on the way too.

Priscilla

JSalminen wrote:
> 
> This is true, but they mention 'any exam bearing the prefix
> 642'. As I see
> it there are no exams number that begin with 642-XXX. Maybe
> 640-XXX.
> Perhaps, Cisco is going to release a new wave of exams shortly
> with that
> prefix.
> 
> 
> 
> ""Priscilla Oppenheimer""  wrote in
> message
> news:[EMAIL PROTECTED]
> > Stuart Pittwood wrote:
> > >
> > > Hi all,
> > >
> > >
> > >
> > > My CCNA cert is due to expire in Feb 04, if I start the CCNP
> > > track now &
> > > don't complete it before the CCNA cert expires, do I need to
> > > recert the
> > > CCNA before I can continue the CCNP, would I have to redo
> any
> > > CCNP exams
> > > completed?
> >
> > Good news. Cisco just changed the policy. Here's what they
> say on the CCNA
> > page: CCNA certifications are valid for three years. To
> recertify, pass
> the
> > current certification exam or any new exam at the
> Professional or Cisco
> > Qualified Specialist level, bearing the prefix 642.
> >
> > See this URL:
> >
> >
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccna.ht
> ml
> >
> > Priscilla
> > >
> > >
> > >
> > > Stu
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64000&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Certification question [7:63982]

[JSalminen]

This is true, but they mention 'any exam bearing the prefix 642'. As I see
it there are no exams number that begin with 642-XXX. Maybe 640-XXX.
Perhaps, Cisco is going to release a new wave of exams shortly with that
prefix.



""Priscilla Oppenheimer""  wrote in message
news:[EMAIL PROTECTED]
> Stuart Pittwood wrote:
> >
> > Hi all,
> >
> >
> >
> > My CCNA cert is due to expire in Feb 04, if I start the CCNP
> > track now &
> > don't complete it before the CCNA cert expires, do I need to
> > recert the
> > CCNA before I can continue the CCNP, would I have to redo any
> > CCNP exams
> > completed?
>
> Good news. Cisco just changed the policy. Here's what they say on the CCNA
> page: CCNA certifications are valid for three years. To recertify, pass
the
> current certification exam or any new exam at the Professional or Cisco
> Qualified Specialist level, bearing the prefix 642.
>
> See this URL:
>
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccna.ht
ml
>
> Priscilla
> >
> >
> >
> > Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63999&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Certification question [7:63982]

[Priscilla Oppenheimer]

Stuart Pittwood wrote:
> 
> Hi all,
> 
> 
> 
> My CCNA cert is due to expire in Feb 04, if I start the CCNP
> track now &
> don't complete it before the CCNA cert expires, do I need to
> recert the
> CCNA before I can continue the CCNP, would I have to redo any
> CCNP exams
> completed?

Good news. Cisco just changed the policy. Here's what they say on the CCNA
page: CCNA certifications are valid for three years. To recertify, pass the
current certification exam or any new exam at the Professional or Cisco
Qualified Specialist level, bearing the prefix 642.

See this URL:

http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccna.html

Priscilla
> 
> 
> 
> Stu
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63998&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DR ospf router Thank you it was resolved [7:63985]

[Priscilla Oppenheimer]

hanan wrote:
> 
> Thank you it was resolved

How was it resolved? It sounds like an interesting problem that we could all
learn from.

Thanks,

Priscilla


> 
> We have a DR router in ospf area (single area) and it's the
> only router in
> this subnet no other routers in his subnet, send packet to the
> others
> routers in the other subnet but it doesn't receive any packet
> from any one
> All the subnet in the same ospf area , broadcast type
> Any idea from where is the problem must be
> Could you please help?
> 
> hanan
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63997&t=63985
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CiscoSecure Question [7:63941]

[Paul Borghese]

You only need one entry in Cisco Secure if you use wildcards are are willing
to accept the fact that all devices will be using the same shared secret key.

So for example, to configure all routers on the 172.16.x.x network you
simply click on Network Configuration and select "Add AAA Client".  Give
your clients a name (i.e. 172-16-routers) and a shared secret password.  For
the IP address use 172.16.*.*.

Any client using an ip address from the range 172.16.0.0/16 will be accpeted
assuming the shared secret password is known.

Take care,

Paul Borghese


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63996&t=63941
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Conent Switching on LD416's [7:63846]

[Troy Leliard]

I'll answer my own question then ... just got word back from Cisco TAC, and
there is no way the 416's can do any intelligent health checks, other than
the http and dns probe. Dunno what to do with the 6 LD's that i have spare
now!  Already have the nes CSS chasis for our web farm ... mmm perhaps its
time to do some LD416 tossing! :)


Troy Leliard wrote:
> 
> Hi there all, 
> 
> I've got a couple of Local Director's, and am trying to find a
> way of doing intelligent "layer7) health checks of real
> servers.  eg for ftp, the LD will probe port 21 on eht real
> server...if this port is not in a listening stated the LD will
> remove the real server from the binding to the VIP (Virtual
> IP)?   There are built in mechanisms to do this probe for HTTP
> and DNS, but as yet have not found a way to do it for
> non-standard services / ports ?
> 
> I know you can do this on the CSS's, but not sure about the
> 4216's.  I have an open TAC case about this so we'll have a
> race and see who gets back first :)
> CHeers
> Troy
> 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63995&t=63846
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Certification question [7:63982]

You would have to recert (i.e. redo) the CCNA if it expired prior to 
finishing your CCNP.  You would not lose any CCNP exams that 
you passed already though.


www.ccie4u.com
Rack Rentals and Lab Scenarios



On 27 Feb 2003 at 14:10, Stuart Pittwood wrote:

> Hi all,
> 
> 
> 
> My CCNA cert is due to expire in Feb 04, if I start the CCNP track now &
> don't complete it before the CCNA cert expires, do I need to recert the
> CCNA before I can continue the CCNP, would I have to redo any CCNP exams
> completed?
> 
> 
> 
> Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63994&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Certification question [7:63982]

[Daniel Cotts]

About two days ago several of us posted to this list an e-mail from Cisco
that stated that passing one or more CCNP exams automatically recertified
CCNA. Check the archives for the exact wording.

> -Original Message-
> From: Stuart Pittwood [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 27, 2003 8:11 AM
> To: [EMAIL PROTECTED]
> Subject: Certification question [7:63982]
> 
> 
> Hi all,
> 
> 
> 
> My CCNA cert is due to expire in Feb 04, if I start the CCNP 
> track now &
> don't complete it before the CCNA cert expires, do I need to 
> recert the
> CCNA before I can continue the CCNP, would I have to redo any 
> CCNP exams
> completed?
> 
> 
> 
> Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63993&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN client conflict [7:63951]

[Martin J.]

no fix available.
Cisco allows no other client installed.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63992&t=63951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cat4006 - Prompt [7:63984]

[Martin J.]

create new prompt with no string:

set promt "nothing"


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63991&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDP question [7:63963]

[Martin Jauner]

A year ago, i was also surprised to do the CCDA after taken the CID Exam.
But in fact the topics are different. CCDA is more about how to create a
project documentation and so on.
After reading the Cisco DCN book, exam was no problem.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63990&t=63963
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN client conflict [7:63951]

[Robert Edmonds]

I'm not sure what the actual cause or fix is, but I had the same problem.  I
ended up uninstalling the AT&T client to get it to work.

""supernet""  wrote in message
news:[EMAIL PROTECTED]
> I have AT&T VPN client on my laptop. It stopped working after I
> installed Cisco VPN client. Is there any conflict between them? Is there
> a work around? Thanks. Yoshi.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63989&t=63951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACS Database Repl Problem [7:63988]

[Aaron Ajello]

I'm running two CiscoSecure ACS 3.0 servers on W2K and trying to replicate
the database from one to the other.
They can both see eachother and are setup as replication partners.  
One is set to send all components and one to receive all components.  They
both have the other server listed under "Accept replication from".

Both are set for Manual replication, but when I click on "Replicate Now",
the screen refreshes immediately and the following message is logged in
"Reports and Activity" under "Database Replicaton":
02/27/2003 10:27:12 INFO Outbound replication cycle completed 
02/27/2003 10:27:12 ERROR ACS '' has denied replication request 
02/27/2003 10:27:08 INFO Outbound replication cycle starting... 
The other server logs the following info:
02/27/2003 10:28:50 ERROR Inbound database replication from ACS '' denied 

(Server names removed to protect the guilty.)

It doesn't matter which server I try to kick off replication from.  The
other one always seems to deny it.  I did a search on cisco.com for this,
but got nothing.
If anyone can give me some guidance here or something to check, I'd
appreciate it.

thanks,
Aaron


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63988&t=63988
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 4000 M router [7:63952]

[""]

The 4000M router has it'w own modules and does not use the same 
ones as 2600/3600 routers.  You can get modules for it on ebay at 
good prices.   Interfaces include 2 port and 6 port ethernet, 1 port 
FE, 6 port high speed serial and 2 port high speed serial such as 
you have.

Hope that helps.

www.ccie4u.com
Rack Rentals and Lab Scenarios

On 27 Feb 2003 at 8:17, Metla Venu Gopal wrote:

> Hi All
> 
> I bought this 4000M router with two serial interfaces which have 50 pin
> connectors ( somebody lemme know wat we call this interface type as ). Now
> wat i want to know is does 3600 modules go into this router. How sure is
> this. Can somebody let me know which modules go with these . Its very
urgent
> thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63977&t=63952
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: some question about frame-relay configuration! [7:63973]

[The Long and Winding Road]

the frame-relay intf-type command is used on a frame relay switch, as part
of the switch to switch config. it should not be used on a customer edge
device.

if you were to enter the "frame-relay switching" commands on R1 and R3, the
interfaces would come up and the routers would engage in frame-relay switch
signaling.

You probably want to remove the frame-relay intf-type commands from R1 and
R3, making them customer edge devices, at which point they will communicate
with R2


""tigers zheng""  wrote in message
news:[EMAIL PROTECTED]
> I have a question about frame-relay!Please tell me why it happened?
> the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
> r1:2511,r2:2620,r3:2621
>
> the configuration:
> r1:
> interface s0
> ip address 10.10.10.1 255.255.255.0
> encapsulation frame-relay
> frame-relay lmi-type ansi
> frame-relay intf-type dte
> frame-relay interface-dlci 100
> !
> r3:
> interface s0/0
> ip address 10.10.10.2 255.255.255.0
> encapsulation frame-relay
> frame-relay lmi-type ansi
> frame-relay intf-type dte
> frame-relay interface-dlci 101
> !
> r2:
> frame-relay switching
> int s0/0
> no ip address
> encapsulation frame-relay
> clockrate 64000
> frame-relay route 100 interface s0/1 101
> frame-relay lmi-type ansi
> frame-relay intf-type dce
> !
> int s0/1
> no ip address
> encapsulation frame-relay
> clockrate 128000
> frame-relay route 101 interface s0/0 100
> frame-relay lmi-type ansi
> frame-relay intf-type dce
> !
> But the serial of all of the router is shutdown,line protocol is also
down!
> I want to know what happen!
> Thanks very much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63987&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TCP window size - Additive Increase - Slow Sta [7:63904]

[alaerte Vidali]

>Regarding ddditive increase and multiplicative decrease, I've never >heard
of any operating system doing that. After a quick Google, I >get the
impression those may be research projects? Can you tell us >more about them?

I was not successful trying to understand it.

I saw that there is a mechanism for congetion control using
additive-increase, multiplicative-decrease algorithm - RAP, by Reza Rejaie,
Mark Handely and Deborah Estrin. The source code is available at
http://netweb.usc.edu/reza/RAP/NewRAP/
 
I tryed other links:
http://students.cec.wustl.edu/~cs423/Lectures/tcp2.ppt
http://www.stanford.edu/class/cs244a/handouts/H7_CongestionControl.ppt
fidji.imag.fr/~duda/cours/PS/3-eme-annee/QoS-01/CC.pdf 
www.cs.berkeley.edu/~istoica/cs268/notes/lecture4.pdf 

And there is also 'Fast Retransmit and Fast Recovery' algorithms.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63986&t=63904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DR ospf router Thank you it was resolved [7:63985]

[hanan]

Thank you it was resolved

We have a DR router in ospf area (single area) and it's the only router in
this subnet no other routers in his subnet, send packet to the others
routers in the other subnet but it doesn't receive any packet from any one
All the subnet in the same ospf area , broadcast type
Any idea from where is the problem must be
Could you please help?

hanan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63985&t=63985
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cat4006 - Prompt [7:63984]

[Eagles Fan]

is it possible to clear the prompt after manually setting it?

_
Protect your PC - get McAfee.com VirusScan Online  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63984&t=63984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DR ospf router [7:63983]

[hanan]

Hello

We have a DR router in ospf area (single area) and it's the only router in
this subnet no other routers in his subnet, send packet to the others
routers in the other subnet but it doesn't receive any packet from any one
All the subnet in the same ospf area , broadcast type
Any idea from where is the problem must be
Could you please help?

hanan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63983&t=63983
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Certification question [7:63982]

[Stuart Pittwood]

Hi all,



My CCNA cert is due to expire in Feb 04, if I start the CCNP track now &
don't complete it before the CCNA cert expires, do I need to recert the
CCNA before I can continue the CCNP, would I have to redo any CCNP exams
completed?



Stu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63982&t=63982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ??? IS-IS ??? [7:63938]

[Ladrach, Daniel E.]

Read the BSCI. This will give you an ovrview of the protocol.

Daniel Ladrach
CCNP, CCNA
WorldCom



-Original Message-
From: Michael Cinquanti [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 10:59 PM
To: [EMAIL PROTECTED]
Subject: ??? IS-IS ??? [7:63938]


Peter van Oene has authored a two-part Study Guide that's been quite 
well received at CertificationZone.

>  Hello All,
>
> I'm wondering was IS-IS is.  No pun intended.  I'm assuming it's a
>  routing protocol?  I've gone through Cisco, CCNA acad. and have my CCNA
>  and I've even started going over Semester 5 for the CCNP, but IS-IS is
>  no where to be found...  Is this a new protocol?  Or does someone know
>  where I can find a good over view?
>
>  Thanks for brain food,
>  Steve
-- 
Mike Cinquanti
President
Genium Publishing Corporation




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63979&t=63938
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDP question [7:63963]

[Beaver, Mark T.]

CCDP Prerequisites   
Valid CCNA and CCDA certifications.  

From:
http://www.cisco.com/en/US/learning/le3/le2/le37/le5/learning_certification_
type_home.html

Sorry, you need the CCDA.
Mark

-Original Message-
From: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 4:13 AM
To: [EMAIL PROTECTED]
Subject: CCDP question [7:63963]


I have a CCNA and CCNP yesterday I took the CID 640-025, will this do for
the old requierments for CCDP, or will I also have to take the CCDA ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63975&t=63963
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Stateful Failover [7:63959]

You need a failover license key.  When you do a show version one 
of the items returned refers to the failover license and it will be 
disabled or enabled.   It is included and enabled on higher end PIX 
systems such as 515 and 525.  You have to have a failover port as 
well which is not possible on some of the lowest end models.


www.ccie4u.com
Rack Rentals and Lab Scenarios


On 27 Feb 2003 at 9:30, Skarphedinsson Arni V. wrote:

> Hi I am reading the Cisco PIX Firewalls book by Richard A. Deal. 
> and it states that to use the Stateful Failover feature I require a special
> license from cisco for the PIX.
> 
> I can4t find any information about this license on the cisco website, can
> anyone give me some more information about this ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63976&t=63959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDP question [7:63963]

[Michael F.]

For the old requirements you will also need the CCDA. I had to 1 Year ago.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63974&t=63963
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

some question about frame-relay configuration! [7:63973]

[tigers zheng]

I have a question about frame-relay!Please tell me why it happened?
the topolofy :r1(s0)---(s0/0)r2(s0/1)---(s0/0)r3
r1:2511,r2:2620,r3:2621

the configuration:
r1:
interface s0
ip address 10.10.10.1 255.255.255.0
encapsulation frame-relay
frame-relay lmi-type ansi
frame-relay intf-type dte
frame-relay interface-dlci 100
!
r3:
interface s0/0
ip address 10.10.10.2 255.255.255.0
encapsulation frame-relay
frame-relay lmi-type ansi
frame-relay intf-type dte
frame-relay interface-dlci 101
!
r2:
frame-relay switching
int s0/0
no ip address
encapsulation frame-relay
clockrate 64000
frame-relay route 100 interface s0/1 101
frame-relay lmi-type ansi
frame-relay intf-type dce
!
int s0/1
no ip address
encapsulation frame-relay
clockrate 128000
frame-relay route 101 interface s0/0 100
frame-relay lmi-type ansi
frame-relay intf-type dce
!
But the serial of all of the router is shutdown,line protocol is also down!
I want to know what happen!
Thanks very much! 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63973&t=63973
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: rsvp question [7:63965]

[Vicuna, Mark]

Hi Paul,

you set it on both physical and on sub-interface, for both p2p and
multipoint setups.

hth,
Mark.

-Original Message-
From: Casey, Paul (6822) [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 9:48 PM
To: [EMAIL PROTECTED]
Subject: rsvp question [7:63965]


Hello, 
 
If I configure rsvp reservations across a frame-relay network, and I am
using point-point / multipoint sub-interfaces, when I configure the
reservation, on the sub-interfaces, do I need to configure the reservation
on the physical interfaces as well. Or is it ok to do it just on the
sub-interface...??
 
Kind regards.
Paul.
 
 




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63972&t=63965
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Stateful Failover [7:63959]

[Skarphedinsson Arni V.]

Yes I know about the UR, and failover license, but the book gives the
impresion "at least to me" that you require a seprate license from that.

but having looked for it on cisco, I dont think that is the case, so I think
I would just need one UR and one Failover license and with that can do both
normal failover or stateful failover


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63970&t=63959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Stateful Failover [7:63959]

[Marko Milivojevic]

If I'm not much mistaken, failover feature is available only in
unrestricted software license (UR), which is, of course, the most expensive
one.


Marko.

> -Original Message-
> From: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED]
> Sent: fimmtudagur, 27. febrzar 2003. 09:30
> To: [EMAIL PROTECTED]
> Subject: PIX Stateful Failover [7:63959]
>
>
> Hi I am reading the Cisco PIX Firewalls book by Richard A. Deal.
> and it states that to use the Stateful Failover feature I
> require a special
> license from cisco for the PIX.
>
> I can4t find any information about this license on the cisco
> website, can
> anyone give me some more information about this ?
> Report misconduct
> and Nondisclosure violations to [EMAIL PROTECTED]
>

Tvlvupsstur ~essi er fra Margmiplun hf., Supurlandsbraut 4, Reykjavmk.
Fyrirvara og leipbeiningar til viptakenda tvlvupssts fra Margmiplun hf. er
ap finna a vefsmpunni http://www.mi.is/fyrirvari




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63969&t=63959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Stateful Failover [7:63959]

[Kevin Banifaz]

Pix has an FO bundle that you can buy with the regular unrestricted PIX.
So you would need one FO and the other unrestricted, and you should then be 
able to setup the stateful failover





>From: "Skarphedinsson Arni V." 
>Reply-To: "Skarphedinsson Arni V." 
>To: [EMAIL PROTECTED]
>Subject: PIX Stateful Failover [7:63959]
>Date: Thu, 27 Feb 2003 09:30:18 GMT
>
>Hi I am reading the Cisco PIX Firewalls book by Richard A. Deal.
>and it states that to use the Stateful Failover feature I require a special
>license from cisco for the PIX.
>
>I can4t find any information about this license on the cisco website, can
>anyone give me some more information about this ?
_
Add photos to your messages with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63968&t=63959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: L3 Switching Huh???? [7:63728]

[Howard C. Berkowitz]

At 9:11 AM + 2/27/03, Steve Wilson wrote:
>Thanks for the definition assistance.
>The problem with trying to assist in a forum such as this is that if you try
>to simplify an answer you end up with an answer that is too simple. All I
>was trying to get across was my way of looking at the difference between a
>physically separate routing device working at layer3 between subnets and a
>chassis like a 6509 which can have individual blades perform the functions
>without the limitation of wires between the physical interfaces. The "wires"
>are still there, they are just created in software in the chassis.
>
>Cheers,
>Steve Wilson
>Network Engineer

Definite cheers in return.  As you point out, it's easy to 
oversimplify--one of the reasons I avoid the L3 switching 
terminology.  It's routing--there are just a wide range of router 
product design techniques, with different optimizations.  Some of 
these optimizations are for maximum forwarding speed, others are for 
cost, others for QoS power, etc. To me, a virtual router implies 
there are at least two distinct control-and-forwarding entities (1 
RIB and 1 FIB minimum each).

I think this started with a fairly simple CCNA/CCNP level 
question--I've lost track at this point. My strong opinion is that 
for the purpose of initial understanding, trying to deal with L3 
switching as a significantly different technique is totally confusing 
for people learning the basics.  For them, L3 switching = routing, 
and then certain speeds, feeds, and feature sets.

Choosing those speeds/feeds/feature sets is really a higher skill set 
for specific network design.

The 6500 architecture (as is, for that matter, the 7500, 1, 
12000...) involves a single active control instance and one or more 
physical forwarding instances in the same chassis, which is slightly 
different than either of my VR definitions. MLS gets even more 
confusing when one realizes that on a 5500, the control engine 
running the routing protocols can be on a completely external box, 
but the FIB is in a L3 forwarding board in the chassis with multiple 
L2 blades.

7500s and up actually can have multiple physical L3 forwarding instances.

Without even getting into the researchy area of active 
multiprocessing in the control plane, things are very blurred on how 
to consider the 6509 by your definition above.  I tend to think about 
it as a set of blades interconnected by a network, which just happens 
to be in the fabric. In other words, there isn't a huge difference 
between wires between physical interfaces and fabric, as long as the 
"wires" are fast enough. There are off-the-shelf optoelectronic 
fabric chipsets that run at OC-48 and OC-192, but aren't limited to 
10 Gbps because they aren't limited to parallel interfacing.

In other words, we get very blurred about whether the "box" is still 
more or less monolithic, or really should be considered an enclosure 
for a small Storage Area Network interconnecting the blades.  I 
rather prefer the latter.

Howard
>
>-Original Message-
>From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]
>Sent: 26 February 2003 18:27
>To: [EMAIL PROTECTED]
>Subject: RE: L3 Switching Huh [7:63728]
>
>At 3:18 PM + 2/26/03, Steve Wilson wrote:
>>Charles,
>>The 6509 switch needs some configuration in the background to create a
>>"virtual router".
>
>
>A bit of a heads-up on this term. It's conceptually useful, but be
>aware that "virtual router" was considered to be an alternate VPN
>model to RFC 2547, generally promoted by Nortel and Lucent.
>
>There have been LOTS of IETF arguments about the term. I didn't make
>myself popular at one meeting by mentioning "we sure can't define
>virtual router, but it's nice we have a virtual router redundancy
>protocol (VRRP is the standards track equivalent to HSRP)."
>
>I was severely corrected that I needed to distinguish between
>"virtual router" and "virtual router," depending on whether the
>emphasis was on "virtual" or "router." In HSRP/VRRP, the virtual
>router refers to a single conceptual router seen by hosts, but is
>actually implemented across multiple platforms.
>
>The VPN people thought of virtual routers as multiple independent
>routing (control and forwarding) logical instances on the same
>platform. VRF is not quite the same concept, as it assumes more
>shared knowledge between routing instances than does a VR VPN.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63966&t=63728
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

rsvp question [7:63965]

[Casey, Paul (6822)]

Hello, 
 
If I configure rsvp reservations across a frame-relay network, and I am
using point-point / multipoint sub-interfaces, when I configure the
reservation, on the sub-interfaces, do I need to configure the reservation
on the physical interfaces as well. Or is it ok to do it just on the
sub-interface...??
 
Kind regards.
Paul.
 
 




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63965&t=63965
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: REdistrubution - Two way [7:63827]

[Vicuna, Mark]

IF it is the service provider/telco I am thinking of then yes there are a
few issues with their rip-ibgp redistribution.  A major customer of ours
uses them for their framed-mpls connectivity.  One of the known issues are
with rip advertised routes being 'lost' in their mpls cloud and pe
(redistribution) routers not advertising defaults out.  Although, it could
be that their ios version, since it is 'tailor made' for their vpn/mpls/vrf
setup. *who knows*  they are in the process of upgrading this to 'normal'
code actually.

Although, if we are talking about the same telco, when I had talks with
their tier3 guys, it was proposed to accomodate customer networks to use
link state protos in the future through their mpls cloud.  *shrugs*

Apologies if I seem to have missed the plot in my discussion with the topic,
but I have come in half way through this thread :-)

Fact of the matter is, there is no valid reason to have rip running between
customer edge to telco pe - especially across 150+ satellite sites on a
/16.  Even though we are summarising on major boundaries, that's besides the
point  :-P



cheers,
mark.

-Original Message-
From: Metla Venu Gopal [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:36 PM
To: [EMAIL PROTECTED]
Subject: Re: REdistrubution - Two way [7:63827]


Hi there
Yes true dat.
Even I was interested to learn
i am a newly inducted member in the team
and the guy who does the design apparently proposed this
with RIp
they are using RIP becoz of some valid reason
so cant help it i guess
venu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63964&t=63827
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCDP question [7:63963]

[Skarphedinsson Arni V.]

I have a CCNA and CCNP yesterday I took the CID 640-025, will this do for
the old requierments for CCDP, or will I also have to take the CCDA ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63963&t=63963
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX question [7:63892]

[Steve Wilson]

Ed,
Try clear logging. It depends on what you are trying to clear.

Steve Wilson
Network Engineer

-Original Message-
From: Edward Sohn [mailto:[EMAIL PROTECTED] 
Sent: 26 February 2003 18:30
To: [EMAIL PROTECTED]
Subject: PIX question [7:63892]

does someone know what the equivalent of "clear counters" is on the PIX?
i don't know why, but i can't find a thing...

thanks,

ed




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63962&t=63892
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Documention CD's [7:63940]

[Aleksey Alekseev]

delete this

[HKEY_CURRENT_USER\Software\Cisco CD-ROM Products\LaunchCD]
"HuRajaf"="76167"

""Richard Botham""  wrote in message
news:[EMAIL PROTECTED]
> Just replace 'expired' with 'home' in the url
>
> HTH
>
> Rich




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63961&t=63940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Documention CD's [7:63940]

[Richard Botham]

Just replace 'expired' with 'home' in the url

HTH

Rich


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63960&t=63940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Stateful Failover [7:63959]

[Skarphedinsson Arni V.]

Hi I am reading the Cisco PIX Firewalls book by Richard A. Deal. 
and it states that to use the Stateful Failover feature I require a special
license from cisco for the PIX.

I can´t find any information about this license on the cisco website, can
anyone give me some more information about this ?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63959&t=63959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 4000 M router [7:63952]

[Metla Venu Gopal]

Hey tnx mate

I knew abt the v.35 cable and never knew this module.was kinda agahst and
stuck wehn i saw this shit
anyways thanx
and see u later



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63958&t=63952
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ??? IS-IS ??? [7:63938]

[fred barreras]

Go the www.ciscopress.com and search for book for test 640-901. You will
find a free download on the complete chapter on ISIS which is required for
the CCNP routing exam.   Hope this helps.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63956&t=63938
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: L3 Switching Huh???? [7:63728]

[Steve Wilson]

Thanks for the definition assistance. 
The problem with trying to assist in a forum such as this is that if you try
to simplify an answer you end up with an answer that is too simple. All I
was trying to get across was my way of looking at the difference between a
physically separate routing device working at layer3 between subnets and a
chassis like a 6509 which can have individual blades perform the functions
without the limitation of wires between the physical interfaces. The "wires"
are still there, they are just created in software in the chassis. 

Cheers,
Steve Wilson
Network Engineer

-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] 
Sent: 26 February 2003 18:27
To: [EMAIL PROTECTED]
Subject: RE: L3 Switching Huh [7:63728]

At 3:18 PM + 2/26/03, Steve Wilson wrote:
>Charles,
>The 6509 switch needs some configuration in the background to create a
>"virtual router".


A bit of a heads-up on this term. It's conceptually useful, but be 
aware that "virtual router" was considered to be an alternate VPN 
model to RFC 2547, generally promoted by Nortel and Lucent.

There have been LOTS of IETF arguments about the term. I didn't make 
myself popular at one meeting by mentioning "we sure can't define 
virtual router, but it's nice we have a virtual router redundancy 
protocol (VRRP is the standards track equivalent to HSRP)."

I was severely corrected that I needed to distinguish between 
"virtual router" and "virtual router," depending on whether the 
emphasis was on "virtual" or "router." In HSRP/VRRP, the virtual 
router refers to a single conceptual router seen by hosts, but is 
actually implemented across multiple platforms.

The VPN people thought of virtual routers as multiple independent 
routing (control and forwarding) logical instances on the same 
platform. VRF is not quite the same concept, as it assumes more 
shared knowledge between routing instances than does a VR VPN.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63954&t=63728
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

new MCNS [7:63955]

[Aleksey Alekseev]

Hi,
does anybody here pass exam 640-100 MCNS 3.0?
What's the passing score?
What about the labs?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63955&t=63955
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco 4000 M router [7:63952]

[M.C. van den Bovenkamp]

Metla Venu Gopal wrote:

> I bought this 4000M router with two serial interfaces which have 50 pin
> connectors ( somebody lemme know wat we call this interface type as ).

That's an NPM-2T; it will take RS232, V.35, X.21, EIA-449 & EIA-530 cables.

> Now wat i want to know is does 3600 modules go into this router.

No.

> How sure is this. 

A hundred percent. They don't even fit physically, let alone *work* if 
you'd get them in...

> Can somebody let me know which modules go with these . Its very urgent

If it's that urgent, that's what http://www.cisco.com is for; but it'll 
take (most of) these modules: 
http://www.cisco.com/univercd/cc/td/doc/pcat/index.htm#ch18.

Note that it says 'Options for Cisco 4500-M and 4700-M: NPMs', as the 
4000M is long obsolete.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63953&t=63952
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco 4000 M router [7:63952]

[Metla Venu Gopal]

Hi All

I bought this 4000M router with two serial interfaces which have 50 pin
connectors ( somebody lemme know wat we call this interface type as ). Now
wat i want to know is does 3600 modules go into this router. How sure is
this. Can somebody let me know which modules go with these . Its very urgent
thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63952&t=63952
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN client conflict [7:63951]

[supernet]

I have AT&T VPN client on my laptop. It stopped working after I
installed Cisco VPN client. Is there any conflict between them? Is there
a work around? Thanks. Yoshi.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63951&t=63951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

South Africa? [7:63950]

[Johan Bornman]

Hi,

I am looking for used routers/switches in South Africa. Please send me
details at this e-mail
address: [EMAIL PROTECTED]

Johan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63950&t=63950
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco FWM vs Netscreen 5000 [7:63949]

[Albert Lu]

Hello Group,

Can someone give me some comparisons between the Cisco 6500 Firewall Module,
compared to the Netscreen 5000. I understand the Netscreen allows for
virtual firewalls separated via VLAN or IP addresses. Looking at the 6500
Firewall Module, it looks like it can do something similar to the Netscreen
but it is just one firewall instance and you define different interfaces via
the VLANs created. Does that mean it's a single Xlate table shared between
all the interfaces?

How does the Netscreen work, does it have multiple instances of the firewall
with separate configs?

Thanks


Albert




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63949&t=63949
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]