Re: STP problem [7:70797]
At 01:33 AM 6/18/2003 +, The Road Goes Ever On wrote: Not knowing firsthand, I've checked the Cisco documentation. For the 1200 series of AP's, at least, I can find no reference to spanning tree. Not saying it isn't there. Just saying I see no reference. FWIW, the Aironet 1400 wireless bridge does support spanning tree. The other Aironet devices probably don't. In fact one of the Aironet 350 documents mentions that a loop may form if incorrect topology is used. A wireless bridge is a device for point to point wireless communication with another wireless bridge. It is more like a serial link than what most folks think of when they hear the term bridge. one of those newfangled terms that is in the purist sense misused, but neverless is used differently than in the world of switches. The Aironet 1400 is called (maybe incorrectly?) a wireless bridge and it does support point to multipoint setups. I have never used it but from the documentation it does look similar to a conventional bridge. I also noticed that in the Cisco terminology, access points and bridges are clearly distinguished. In other discussions this distinction is not always apparent. So, one way for wireless, with it's single ethernet port, to create a loop would be for it to bridge to anther AP, which in turn is plugged into the same switch. Loops would form and the ensuing broadcast storm could wreak havoc. Shouldn't the switch (assuming it supports STP) break the loop by blocking one of the two ports? Thanks, Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70840t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Security [7:70841]
Dear All, i hv following setup;- 2 6506 core switches having redundancy. 10 Nos. 3508 Distribution Switches. and 3500 series access's switches. in whole plant i hv 140 switches. want to go for network security. e.g. protect from virus attact , hacking so can anyone sugest me cisco product. please give me the URL also so i can study. Thanks Regards, milind Tare __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70841t=70841 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: copying flash FROM PIX? [7:70731]
If you have access for the new software, then just download the present Finesse OS as well. I do not believe a command exist to bring the code to a tftp server. I have recently upgrade to 6.3(1). You will have to download the newer PDM 3.1 as well. The present PDM you are running will not run on the new 6.3(1). Cheers, Jamie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wright, Jeremy Sent: June 16, 2003 9:26 AM To: [EMAIL PROTECTED] Subject: RE: copying flash FROM PIX? [7:70731] try write net ? -Original Message- From: Brad Dodds [mailto:[EMAIL PROTECTED] Sent: Monday, June 16, 2003 10:41 AM To: [EMAIL PROTECTED] Subject: copying flash FROM PIX? [7:70731] Going to upgrade to ver 6.3 but I wanted to save the old image to tftp server first copy flash tftp doesn't work CiscoPIX515E# sh ver Cisco PIX Firewall Version 6.2(2) Cisco PIX Device Manager Version 2.1(1) CiscoPIX515E# copy flash ? Usage: copy capture: tftp:/// [pcap] copy http[s]://[:@][:]/ flash[:[image | pdm]] copy tftp[:[[//location][/pathname]]] flash[:[image | pdm]] CONFIDENTIALITY NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by email reply or by telephone and immediately delete this message and any attachments. In the U.S. call us toll free at (800) 637-5843. Spanish, French, Quebecois French, Portuguese, Polish, German, Dutch, Turkish, Russian, Japanese and Chinese: http://www.admworld.com/confidentiality.htm. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70844t=70731 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP problem [7:70797]
Priscilla has a Hub that makes dinner..wonder when I can the cisco people To make switches that will do that. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 6:53 PM To: [EMAIL PROTECTED] Subject: Re: STP problem [7:70797] My hub is calling me to dinner so I have to make this quick. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70842t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cisco 2511 Terminal Server for my first time! [7:53791]
I would highly recommend you use the ip host command for your telnet connections. Bring down the possibility of fat fingering the keyboard. You should configure the loopback ip address for the reverse telnet E.g. --- conf term interface loopback 0 ip address 192.168.1.1 255.255.255.255 exit ip host test 2001 192.168.1.1 line 1 16 no exec transport input all exit Then type test to go to the device that is off the octal cable position 1. Cheers, Jamie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan V Hays Sent: June 17, 2003 12:11 PM To: [EMAIL PROTECTED] Subject: Re: cisco 2511 Terminal Server for my first time! [7:53791] ??? wrote: Hi, I am setting up 2511 terminal server for my first time, but don't work... this is my 2511 configuration : line con 0 line 1 16 session-timeout 20 exec-timeout 0 0 line aux 0 line vty 0 4 password login In above, i found i missed one command in line con 0 prompt. -- line con 0 transport input all So, i tried to type the command, but couldn't. The result is -- Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line con 0 Router(config-line)#transport input all ^ % Invalid input detected at '^' marker. Router(config-line)# -- I don't know why the command can't be input. There is the command In cisco documentation. (http://www.cisco.com/warp/public/793/access_dial/comm_server.html) Anyone can help me? sooil.. [TABLE NOT SHOWN][TABLE NOT SHOWN][IMAGE] You are putting the command in the wrong line. Put it here: line 1 16 no exec transport input all Also, you do not state what command you are using to test with. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70843t=53791 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Split horizon affecting OSPF [7:70834]
Hi Jim Split horizon does not affect OSPF, but does affect the other protocols you mentioned. Regards John Gibbs CCIE #11572 CNE ACA Senior Network Designer www.betfair.com -Original Message- From: Jim Wang [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 2:43 AM To: [EMAIL PROTECTED] Subject: Split horizon affecting OSPF [7:70834] Does split horizon affect distance-vector routing protocols (RIP, IRGP, EIGRP) only? Or OSPF/IS-IS are also affected? Thanks. -Jim In order to protect our email recipients, Betfair use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70845t=70834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Errors on Ethernet Interfaces [7:70733]
Looks like it could be a duplexing issue , check your duplex settings on each side and make sure they are the same. -Original Message- From: Poulin, Darnell [mailto:[EMAIL PROTECTED] Sent: 16 June 2003 05:49 PM To: [EMAIL PROTECTED] Subject: Errors on Ethernet Interfaces [7:70733] Hey folks. What do you people think about all of the Interface Resets, and Output Errors on this interface, could it be a physical problem? 5 minute output rate 6000 bits/sec, 5 packets/sec 147723073 packets input, 527428115 bytes, 0 no buffer Received 8574309 broadcasts, 0 runts, 0 giants, 0 throttles 89 input errors, 89 CRC, 72 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 180465700 packets output, 4160119128 bytes, 0 underruns 3266629 output errors, 1060615 collisions, 3168706 interface resets 0 babbles, 3266619 late collision, 442865 deferred 10 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Thanks in advance. NOTICE - This message contains privileged and confidential information intended only for the use of the addressee named above. Any review, retransmission, dissemination, copying, disclosure or other use of, or taking of any action in reliance upon, this information by person or entities other than the intended recipient is prohibited. If you have received this message in error, please notify the sender by return email and delete this message. This message should not be copied or used for any purpose other than intended, nor should it be disclosed to any other person. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of Investec Group, its subsidiaries or associates. The Investec Group is not liable for the security of information sent by e-mail at your request, nor for the proper and complete transmission of the information contained in the communication nor for any delay in its receipt. Please note that the recipient must scan this e-mail and any attached files for viruses and the like. The Investec Group accepts no liability of whatever nature for any loss, liability, damage or expense resulting directly or indirectly from the access of any files which are attached to this message. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70848t=70733 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
OK... My dear friend, NRF, over here is fired up and ready to go on anyone, who responds on this thread. :) Nothing personal, but you did mentioned, or rather gave a lot of stress on maintaining crime-less life (I am not able to understand the reason for the same, did I mentioned that I was advocating criminals, or are higher number CCIEs are? not sure) then, you mentioned that knowing English is necessary or prudent for finding a job in US. Well (though I know English reasonably well, but) I will like to ask you one thing, do one has IT jobs in US only?, I am located in India, so does that means that there is a complete lack of Networking or IT jobs in India..? Coming back to the main thread, (though people do deviate from the main threads and wander around, and my response was totally focused on Peter's response), I am not a CCIE, yet, but whenever I get this number for me, be it 12000 or 2, I will not trade it for any lower number. It will be MY number, and I will not like to part with it. And, while we are discussing the importance or value of the CCIE program, why was it the case that we had to start this number trading exercise? Just my Rs. 0.02. Vikram -Original Message- From: n rf [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 11:25 PM To: [EMAIL PROTECTED] Subject: RE: number of CCIE [7:70151] Vikram JeetSingh wrote: Hi All, I was stopping myself for writing on this thread for quite some time. Quite a number of people have reverted back on this, but this one, (from Peter) is just kind of PERFECT. Priscilla also wrote on one of other threads, that for having a worthwhile career you just don't need good networking skills, but also good networking of people. And I am sure it works. I have seen quite some useful mails from NRF, but this one is a losing battle (NRF: don't mind friend, nothing personal) and what Peter has stated is perfectly right (of course as per me) So a CCIE number, does matter, but more so, since all the chances are that the lower number ones would be having more experience and better networking of people. And the higher numbered ones would be, in all chances, relatively new and also still into the stage of building their networking of people. Just my 2 cents :) I have never said that people-networking wasn't important. In fact, I have engaged in many newsgroup-post-wars where I have stated precisely that. Go reference some of my many posts on this newsgroup or on alt.certification.cisco on this very subject. However to talk about this subject is really to raise an issue that, for purposes of this discussion, is neither here nor there. The issue at hand is has the value of the CCIE declined over time, and the preponderance of the evidence seems to be that the answer is 'yes', given the fact that everybody, including myself, would like to trade their CCIE number for a lower one. Nor is the gambit that this has to do with the connection between a lower number and more experience have much, if anything, to do with it. I would ask even the lower-number and highly experienced CCIE's would they be neutral to trading their number for a higher one. I'm not asking them to think about trading their experience, just their number. If the CCIE hasn't declined, then they shouldn't care what number they are. But of course we all realize that they DO care, and care deeply. Raising other issues that have to do with employment is not really relevant in this thread. After all, if we wanted to go down that road, then why don't we raise ALL the issues that affect employment? I would say that certain other things are even more important than the people-networking in terms of finding work. For example, a criminal background. I don't care if you're the most brilliant engineer in the world, you're CCIE #1026, and you're on a first name basis with John Chambers - if you're a convicted serial-killer, you're going to have difficulty in finding work. Let's face it - no company is ever going to hire Charles Manson. We could talk about personal lifestyle choices. If you're a coke fiend, finding a job might not be easy for you. If you can't speak the language of the country in which you're trying to find a job, you will have great difficulty no matter how wonderful your other credentials you are. For example, surely you would agree that if you want to get a job as a network guy in the USA, this might be difficult if you can't speak English. But should we really be talking about those kinds of things? I don't think so, for they are not relevant to the discussion. The auspices of this discussion are necessarily narrow - basically what has happened to the value of the CCIE. This is not a general discussion about how to find a job, for which the first tenets should be don't commit crimes, don't make harmful lifestyle choices, and learn the language of the country that you're in, and then (and only then) can we talk about things like
RE: cisco 2511 Terminal Server for my first time! [7:53791]
Also ensure that Stopbits are one in the Line 1 16 issue command, stopbits 1 and verify the same with show line 1 or which ever u r connecting. HTH, Murali -Original Message- From: jhodge [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 10:47 AM To: [EMAIL PROTECTED] Subject: RE: cisco 2511 Terminal Server for my first time! [7:53791] I would highly recommend you use the ip host command for your telnet connections. Bring down the possibility of fat fingering the keyboard. You should configure the loopback ip address for the reverse telnet E.g. --- conf term interface loopback 0 ip address 192.168.1.1 255.255.255.255 exit ip host test 2001 192.168.1.1 line 1 16 no exec transport input all exit Then type test to go to the device that is off the octal cable position 1. Cheers, Jamie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan V Hays Sent: June 17, 2003 12:11 PM To: [EMAIL PROTECTED] Subject: Re: cisco 2511 Terminal Server for my first time! [7:53791] ??? wrote: Hi, I am setting up 2511 terminal server for my first time, but don't work... this is my 2511 configuration : line con 0 line 1 16 session-timeout 20 exec-timeout 0 0 line aux 0 line vty 0 4 password login In above, i found i missed one command in line con 0 prompt. -- line con 0 transport input all So, i tried to type the command, but couldn't. The result is -- Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line con 0 Router(config-line)#transport input all ^ % Invalid input detected at '^' marker. Router(config-line)# -- I don't know why the command can't be input. There is the command In cisco documentation. (http://www.cisco.com/warp/public/793/access_dial/comm_server.html) Anyone can help me? sooil.. [TABLE NOT SHOWN][TABLE NOT SHOWN][IMAGE] You are putting the command in the wrong line. Put it here: line 1 16 no exec transport input all Also, you do not state what command you are using to test with. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70849t=53791 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
nrf said: Let's face it - no company is ever going to hire Charles Manson. Didn't Routergod.com ;-) n rf wrote in message news:[EMAIL PROTECTED] Vikram JeetSingh wrote: Hi All, I was stopping myself for writing on this thread for quite some time. Quite a number of people have reverted back on this, but this one, (from Peter) is just kind of PERFECT. Priscilla also wrote on one of other threads, that for having a worthwhile career you just don't need good networking skills, but also good networking of people. And I am sure it works. I have seen quite some useful mails from NRF, but this one is a losing battle (NRF: don't mind friend, nothing personal) and what Peter has stated is perfectly right (of course as per me) So a CCIE number, does matter, but more so, since all the chances are that the lower number ones would be having more experience and better networking of people. And the higher numbered ones would be, in all chances, relatively new and also still into the stage of building their networking of people. Just my 2 cents :) I have never said that people-networking wasn't important. In fact, I have engaged in many newsgroup-post-wars where I have stated precisely that. Go reference some of my many posts on this newsgroup or on alt.certification.cisco on this very subject. However to talk about this subject is really to raise an issue that, for purposes of this discussion, is neither here nor there. The issue at hand is has the value of the CCIE declined over time, and the preponderance of the evidence seems to be that the answer is 'yes', given the fact that everybody, including myself, would like to trade their CCIE number for a lower one. Nor is the gambit that this has to do with the connection between a lower number and more experience have much, if anything, to do with it. I would ask even the lower-number and highly experienced CCIE's would they be neutral to trading their number for a higher one. I'm not asking them to think about trading their experience, just their number. If the CCIE hasn't declined, then they shouldn't care what number they are. But of course we all realize that they DO care, and care deeply. Raising other issues that have to do with employment is not really relevant in this thread. After all, if we wanted to go down that road, then why don't we raise ALL the issues that affect employment? I would say that certain other things are even more important than the people-networking in terms of finding work. For example, a criminal background. I don't care if you're the most brilliant engineer in the world, you're CCIE #1026, and you're on a first name basis with John Chambers - if you're a convicted serial-killer, you're going to have difficulty in finding work. Let's face it - no company is ever going to hire Charles Manson. We could talk about personal lifestyle choices. If you're a coke fiend, finding a job might not be easy for you. If you can't speak the language of the country in which you're trying to find a job, you will have great difficulty no matter how wonderful your other credentials you are. For example, surely you would agree that if you want to get a job as a network guy in the USA, this might be difficult if you can't speak English. But should we really be talking about those kinds of things? I don't think so, for they are not relevant to the discussion. The auspices of this discussion are necessarily narrow - basically what has happened to the value of the CCIE. This is not a general discussion about how to find a job, for which the first tenets should be don't commit crimes, don't make harmful lifestyle choices, and learn the language of the country that you're in, and then (and only then) can we talk about things like who-you-know and what your CCIE number is. Surely you would agree that such a complete discussion that talked about all these issues would be unnecessarily bloated and top-heavy. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70853t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QoS - Enabling Traffic Shaping [7:70861]
Somehow I have forgotten how to do math... Can anyone explain to me or point to a doc on figuring out the percentage for the below lab. Enable traffic shaping on int serial 0/0 as follows: Shape Telnet and ICMP traffic to 15%25 of bandwidth Shape FTP traffic to 50%25 of bw Shape all remianing traffic to 35%25 of bw. Remember the total link bw is 64 kbps on this interface. The burst size should 1/8 of the bit rate cfg'd, no excess burst should be allowed. The answer from the lab help are, below can anyone tell me how the number 9600, 32000 and 22400 were arrived at? I can figure out the 1/8th part 1200, 4000 and 2800, but somehow can't remember how to get the original percentage.. traffic-shape group 101 9600 1200 1200 traffic-shape group 102 32000 4000 4000 traffic-shape group 103 22400 2800 2800 Thanks. - Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70861t=70861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technology, Certification, Skill Sets, and Looking [7:70860]
Wow, Chuck, way to suck the life out of the economy and our futures...oh, wait, that was due to the bubble popping lo all those years ago. For an assessment of networking futures, let's turn to Lovecraft...(thanks to www.Cthulhu.org) It seemed to be a sort of monster, or symbol representing a monster, of a form which only a diseased fancy could conceive. If I say that my somewhat extravagant imagination yielded simultaneous pictures of an octopus, a dragon, and a human caricature, I shall not be unfaithful to the spirit of the thing. A pulpy, tentacled head surmounted a grotesque and scaly body with rudimentary wings; but it was the general outline of the whole which made it most shockingly frightful. We know the pulpy head has been popped... Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] The Road Goes Ever On wrote: Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Someone also just sent me a URL to this newspaper article that points out the importance of learning business practices, not just particular technologies. It's a good read: http://www.startribune.com/stories/789/3936460.html An interesting artivcle, and one with some nuggets of good advice, particularly for those new to the business cycle. For those who have been seeing articles like this over the past twenty years or so, this article reinforces good advice, much along the lines that NRF has offered in other threads that appear regularly on Groupstudy. Good advice is timeless, and the advice in this article, which reiterates similar outlooks as have appeared in the business press over the past couple of decades remains true. Way back when I was learning things and formulating my own technology philosophy, I was blown away by three things I read - Peter Keens book Competing in Time, Paul Strassman's book The Business Value of Computers, and an obscure article written by an economist working for the Chicago Federal Reserve Bank. Each of these sources in its own way says similar things from a higher level. The Fed study was a short and simple one, but of all the business sources I have read, still seems the most relevant. The gist of the study was that investment in infrastructure yielded high returns in productivity. The author was reporting on government investment in physical infrastructure such as roads, water treatement, and the like, but a clever studentworking towards his master degree while going to night school ran with that theme and wrote a master's thesis which earned him departmental honors. Was that you? :-) Sounds interesting. Thanks for commenting on the article. I thought it made some good points. Priscilla Anyone in the technology field, whether it be IT Management, Consulting, or even something as seemingly mundane as sales, should ALWAYS be aware of the business value of technology. Over the past 15 years or so it has been technology which has driven productivity. The dark side is that technology changes, and has a way of becoming more appliance like, meaning that what as skilled labor yesterday is out of the box tomorrow. Thin about it. All you folks who are AVVID experts and therefore in high demand. How long before AVVID is nothing more than another PBX, and routers self configure for QoS? Think the telco employee who drives the truck and installs your DSL is making 100K? not likely. So yes - keep your skills up to date, so you don't end up like the guy in the article. My own opinion is that one must always consider the value to business for any skill set one pursues. JMHO NRF - your comments are always welcome on topics such as these. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70860t=70860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN problem [7:70856]
Hi group, I recently got a ILS-1000 ISDN simulator for my lab, I config two router according to the CCIE LAB configuration and i just can not make the BRI dial. Did anyone have any experience for the this simulator. Here is the output and the config, pleas help. R2503# interface BRI0 ip address 100.100.100.200 255.255.255.0 encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.100 name r2521 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 no fair-queue ppp multilink ! no ip classless ip route 100.0.0.0 255.255.255.0 BRI0 ip route 196.1.1.0 255.255.255.0 BRI0 no ip http server no ip pim bidir-enable ! dialer-list 1 protocol ip permit ! r2521# interface BRI0 ip address 100.100.100.100 255.255.255.0 ip directed-broadcast encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.200 name r2503 broadcast 8358662 dialer load-threshold 1 outbound dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866101 isdn spid2 0835866301 no fair-queue ppp multilink ! router rip network 100.0.0.0 ! ip nat translation timeout never ip nat translation tcp-timeout never ip nat translation udp-timeout never ip nat translation finrst-timeout never ip nat translation syn-timeout never ip nat translation dns-timeout never ip nat translation icmp-timeout never ip classless ! dialer-list 1 protocol ip permit r2503#sh isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 119, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI = 121, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 119, ces = 1, state = 5(init) spid1 configured, no LDN, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 2, tid = 1 TEI 121, ces = 2, state = 5(init) spid2 configured, no LDN, spid2 sent, spid2 valid Endpoint ID Info: epsf = 0, usid = 4, tid = 1 Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 52 Total Allocated ISDN CCBs = 0 r2503#sh int bri0 BRI0 is up, line protocol is up (spoofing) Hardware is BRI Internet address is 100.100.100.200/24 MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Last input 00:00:29, output 00:00:29, output hang never Last clearing of show interface counters 01:01:09 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 302 packets input, 1536 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 326 packets output, 1696 bytes, 0 underruns 0 output errors, 0 collisions, 8 interface resets 0 output buffer failures, 0 output buffers swapped out 19 carrier transitions Thank you very much.. Philip Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70856t=70856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NetFlow Technology [7:70725]
Do you want it for your wan/accounting or lan/security? Try fprobe, a free ntop clone. http://fprobe.sourceforge.net/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70859t=70725 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
Vikram JeetSingh wrote: OK... My dear friend, NRF, over here is fired up and ready to go on anyone, who responds on this thread. :) Nothing personal, but you did mentioned, or rather gave a lot of stress on maintaining crime-less life (I am not able to understand the reason for the same, did I mentioned that I was advocating criminals, or are higher number CCIEs are? not sure) then, you mentioned that knowing English is necessary or prudent for finding a job in US. Well (though I know English reasonably well, but) I will like to ask you one thing, do one has IT jobs in US only?, I am located in India, so does that means that there is a complete lack of Networking or IT jobs in India..? First of all, I didn't say that. I said that you need to speak the language of whatever country you have to be in if you want to maximize your chances of getting a job there.It should surprise absolutely no-one to discover tha the ability to actually communicate with the people around you is important. This really falls under the category of duh. But at the risk of opening up a huge and dangerous can of worms, about the notion of jobs in India, well, you tell me. I don't want to get into a nationalistic debate here, but where did the Internet (as the Arpanet) start - in Indian universities, or in American universities? I have great respect for Indian engineers and I've worked with many highly competent Indian network engineers who've immigrated here to the US, but honestly, how many Americans move to India for networking jobs? Surely you would agree that there are more Indians that come to the US to find work as network engineers than vice versa. If there truly are more IT jobs in India than in the US, then it should follow that more Americans should be moving to India to get those jobs than Indians coming to the US. This is precisely why poor Mexicans come to the US to find jobs but poor Americans don't go to Mexico to find jobs. Now don't get me wrong, I give credit where credit is due - India has made great strides in the last few decades for no doubt the IIT system is a stellar educational system, and cities like Bangalore have become world-class IT centers. But the fact is, there still tends to be more opportunity for network engineers in the US than in India. The gap is not as large as it used to be, for India is improving rapidly, but there's still a gap. The proof of that is simple - many Indians, including many of the best IIT graduates, come to the US to find work, but hardly ever vice versa. For example, I've worked with several IIT graduates who were born and raised in India and have moved to Silicon Valley. They came here because they felt there were better economic opportunities here. And even in this recession, they are still here even though they are obviously free to go back to India at anytime. Yet yow many Americans (born and raised in the US) go to, say, MIT, and then decide to move to India to advance themselves economically? While there are some, there aren't as many as there are Indians who come here. That should tell you something. Coming back to the main thread, (though people do deviate from the main threads and wander around, and my response was totally focused on Peter's response), I am not a CCIE, yet, but whenever I get this number for me, be it 12000 or 2, I will not trade it for any lower number. It will be MY number, and I will not like to part with it. And, while we are discussing the importance or value of the CCIE program, why was it the case that we had to start this number trading exercise? If you read the whole thread starting from the very beginning , you will see that basically this whole thread has to do with the decline of the CCIE. My 'killer-proof' of this is that many, and dare I say, most people, if they are being honest with themselves, will admit that they would like to have a lower CCIE number for themselves if possible. Therefore I don't really need to present any numerical evidence of this decline because most people already realize this decline in their own heart. However, you and Peter van Oene wanted to digress into a general discussion about how to get a job. While I'm happy to oblige, I would say that such a discussion is not really germane to the central topic - what has happened to the CCIE program. I agree with both you and Peter that the CCIE is really only a minor factor in terms of getting a job - a far more important factor are the people you know, and probably even more important than that is not being a criminal, not engaging in destructive personal lifestyle choices, and actually being able to speak the language of the country you hope to work in. But none of these factors has anything to do with whether the CCIE has declined or not, and that's why I want to get back to the central discussion. If you want to hold another discussion about how to get a job, again, I'm happy to
RE: Teltone ILS-1000 ISDN Simulator [7:70798]
Sorry if this is a silly question, but what do you mean by new ILS image? Is this software? A chip or ROM? What did Teltone say? Please respond. Shawn K. -Original Message- From: Alex [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 1:01 PM To: [EMAIL PROTECTED] Subject: Teltone ILS-1000 ISDN Simulator [7:70798] Hi Does anyone know where i can get new ILS image for this unit. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70857t=70798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Slightly OT: Website Authentication [7:70863]
When you navigate to a secure website and you get a popup challenge to authenticate, what type of authentication is this? It doesn't seem like it would be CHAP or PAP, but it could be a close relative. The particular site I'm interested in (an internal test site) is all HTTPS so I can't sniff the traffic. I'm interested in finding out exactly what triggers the popup challenge. We have some other monitoring software that can step through web pages and perform certain functions but it can't get past that popup. Any thoughts? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70863t=70863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Teltone ILS-1000 ISDN Simulator [7:70798]
Alex, What's the link to the page you're referring to? I did a quick look through the Teltone website and I couldn't locate it. Shawn K. -Original Message- From: aremes [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 10:36 AM To: Kaminski, Shawn G Subject: Re: Teltone ILS-1000 ISDN Simulator [7:70798] Shawn According to the Teltone web site it is a software add on, I never used this unit before. Thanks Alex - Original Message - From: Kaminski, Shawn G To: 'Alex' ; Sent: Wednesday, June 18, 2003 9:24 AM Subject: RE: Teltone ILS-1000 ISDN Simulator [7:70798] Sorry if this is a silly question, but what do you mean by new ILS image? Is this software? A chip or ROM? What did Teltone say? Please respond. Shawn K. -Original Message- From: Alex [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 1:01 PM To: [EMAIL PROTECTED] Subject: Teltone ILS-1000 ISDN Simulator [7:70798] Hi Does anyone know where i can get new ILS image for this unit. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70862t=70798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Traffic generator for Testing QoS features [7:70864]
I want to test QoS features on a router, and am looking for a good traffic generator which can generate different kinds of traffic. Any recommendations? Thanks, neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70864t=70864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RES: Email access over the Internet [7:70755]
I also use Checkpoint Securemote behind my home router doing NAT. No problem . Are you using ISAKMP or FWZ ? FWZ doesn't work behind nat . [ ]'s _ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 [EMAIL PROTECTED] www.cpm.com.br -- --- Esta mensagem pode conter informagco confidencial e/ou privilegiada. Se vocj nco for o destinatario ou a pessoa autorizada a receber esta mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas ou tomar qualquer agco baseada nessas informagues. Se vocj recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Mensagem original- De: Snow, Tim [SMTP:[EMAIL PROTECTED] Enviada em: segunda-feira, 16 de junho de 2003 18:51 Para: [EMAIL PROTECTED] Assunto: RE: Email access over the Internet [7:70755] There is an option in the Cisco VPN client called NAT Transparency which when enabled, allows me to VPN into work (like right now) from behind a NAT firewall. Just gotta find out what that option is in securemote software. Tim -Original Message- From: McCallum, Robert [mailto:[EMAIL PROTECTED] Sent: Monday, June 16, 2003 3:51 PM To: 'Ccielab' (E-mail); [EMAIL PROTECTED] Com (E-mail); Comserv (E-mail); '[EMAIL PROTECTED]' Subject: Email access over the Internet Folks, I have a problem in my work where for some strange reason I cant access my email over the internet from a hotel. The reason for me not being able to access email is because, oddly enough, the hotel uses NAT. We use checkpoint firewalls and I use securemote software. Now I believe its something to do with the secure ID token that I use and when I type this in there is some form of checksum which is checked at the server end. This of course has changed due to the Nat going on. has anybody out there experience this as well and know what the simple solution is. I'm sure there is a simple solution and its just my company politics which is causing me the problems. Any help will be much appreciated. Robert McCallum CCIE #8757 01415663448 07818002241 ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70851t=70755 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
Carroll Kong wrote: Those three have pretty much echoed my themes. Hansang, in fact, has admitted that he accelerated his ccie studies so that he would take (and pass) the 2-day exam because he didn't want to run the risk of being known as an asterisk-ccie (meaning the one-day ccie). I know someone who took both the two day and one day. He felt the one day was harder. He might have been an exception, I do not know any other two dayers who took a one day. You just met another one. Hello, pleased to meet you, you can call me the notorious nrf. He was RS first, then he just got a Security one to get the double. Of all the CCIEs I do know, none of them ever wanted to really take it again (except one other CCIE I know... he wants to see if he still got the touch!) Hey, I don't want to take either of them again if I don't have to. But if I was forced to make a choice, I'd prefer to take the singlet over the doublet. It's like being punched in the face once vs. being punched twice. While I agree to some degree about how the old style might have been harder to some degree, I feel it is more of a preference. I think depending on the kind of problem solver you are, one will appear easier than the other and vice versa. I only took the one day, and all I have to say is it is a real speed torture exam. One slip up, and it's pretty much over. You have a SLIGHT margin of the error and that is only if you are very fast, both in the mind and on the keyboard. This is not to say if you are slower you are necessarily any less qualified, just, some people do not type as fast or take longer to formulate a very solid plan anyway. Those people suffer greatly from this new format. I'm afraid I have to disagree about the speed aspect of the test. The fact of the matter is that the speed component of the test is greatly overrated, whether we're talking about the 1 or the 2-day versions. Take the 1-day version of the test. The fact is, if you're not essentially done with everything by 1 or 2 PM, you're probably DOA. I remember in both of my successful 1-day tests, I sat around for about 2-3 hours at the end with nothing to do - I checked all my work, reread the test questions over and over again, and was quite frankly bored. The same was true of my 2-day test, again, I had done everything on both days by mid-afternoon and I just sat around with nothing to do but check my work over and over again. Nor is my experience unique - I think that most CCIE's would agree that if you're not done with several hours to spare, you're probably not going to pass. I would venture that very few people that have passed the test have actually required all the of the testtime that was allotted to them. What seems to kill people is that they don't read the questions carefully or they simply don't know the material and then they consequently make mistakes, and then in their haste, they start working too fast thereby making more mistakes, etc. But again, if you know the material and you're careful about reading the questions, the test is really quite straightforward. This is also probably why I got some seriously mixed reviews from different CCIEs in terms of the difficulty of the exams (be it one day or two day). For the record, the one day exam was more suited to my style than the two day sounded like. Oh well, I will never have a direct comparison now. The same was said about the two day as well in terms of speed but with some ancillary tricks such as the physical element, etc. I suppose that is good to know, but hey, nothing 5 minutes couldn't figure out on a web page. I agree that the physical element was dumb. But the troubleshooting section was absolutely critical, see below. The troubleshooting element was definitely a sorely missed element from the two day lab, but trust me, with the one day it is a dynamic truobleshooting element built in. It is VERY easy to break your working network while you perform the exam. But not realistic. Let's face it - as a network engineer, how many times are you really building networks from scratch vs. how many times are you troubleshooting already-built networks? The fact is, building networks from scratch is really only a minor part of the overall job, most of the time you are maintaining built networks. A far more useful test would be one that was PURE troubleshooting. For example, you get the whole morning to familiarize yourself with the network, and in the afternoon, all kinds of funky problems get injected into your network. One serious problem with the present format is that you end up with guys who are really good at configuring stuff but not very good at troubleshooting existing networks. Unfortunately, because it is more speed driven and because the content, while jam packed, is probably 'less', it also means it might be more prone to some form of bootcamp brain dumpage.
RE: Technology, Certification, Skill Sets, and Looking [7:70868]
OMG that is the funniest thing I have heard. I myself am training to one day become a cruise director. The hard part is watching all the Love Boat reruns and I am falling in love with Julie. Timothy B. Fernandez Network Technician Technical Operations New York 2 Thomson Financial -Original Message- From: Riley [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 9:16 AM To: [EMAIL PROTECTED] Subject: Re: Technology, Certification, Skill Sets, and Looking [7:70860] Wow, Chuck, way to suck the life out of the economy and our futures...oh, wait, that was due to the bubble popping lo all those years ago. For an assessment of networking futures, let's turn to Lovecraft...(thanks to www.Cthulhu.org) It seemed to be a sort of monster, or symbol representing a monster, of a form which only a diseased fancy could conceive. If I say that my somewhat extravagant imagination yielded simultaneous pictures of an octopus, a dragon, and a human caricature, I shall not be unfaithful to the spirit of the thing. A pulpy, tentacled head surmounted a grotesque and scaly body with rudimentary wings; but it was the general outline of the whole which made it most shockingly frightful. We know the pulpy head has been popped... Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] The Road Goes Ever On wrote: Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Someone also just sent me a URL to this newspaper article that points out the importance of learning business practices, not just particular technologies. It's a good read: http://www.startribune.com/stories/789/3936460.html An interesting artivcle, and one with some nuggets of good advice, particularly for those new to the business cycle. For those who have been seeing articles like this over the past twenty years or so, this article reinforces good advice, much along the lines that NRF has offered in other threads that appear regularly on Groupstudy. Good advice is timeless, and the advice in this article, which reiterates similar outlooks as have appeared in the business press over the past couple of decades remains true. Way back when I was learning things and formulating my own technology philosophy, I was blown away by three things I read - Peter Keens book Competing in Time, Paul Strassman's book The Business Value of Computers, and an obscure article written by an economist working for the Chicago Federal Reserve Bank. Each of these sources in its own way says similar things from a higher level. The Fed study was a short and simple one, but of all the business sources I have read, still seems the most relevant. The gist of the study was that investment in infrastructure yielded high returns in productivity. The author was reporting on government investment in physical infrastructure such as roads, water treatement, and the like, but a clever studentworking towards his master degree while going to night school ran with that theme and wrote a master's thesis which earned him departmental honors. Was that you? :-) Sounds interesting. Thanks for commenting on the article. I thought it made some good points. Priscilla Anyone in the technology field, whether it be IT Management, Consulting, or even something as seemingly mundane as sales, should ALWAYS be aware of the business value of technology. Over the past 15 years or so it has been technology which has driven productivity. The dark side is that technology changes, and has a way of becoming more appliance like, meaning that what as skilled labor yesterday is out of the box tomorrow. Thin about it. All you folks who are AVVID experts and therefore in high demand. How long before AVVID is nothing more than another PBX, and routers self configure for QoS? Think the telco employee who drives the truck and installs your DSL is making 100K? not likely. So yes - keep your skills up to date, so you don't end up like the guy in the article. My own opinion is that one must always consider the value to business for any skill set one pursues. JMHO NRF - your comments are always welcome on topics such as these. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70868t=70868
Authentication on Radius server [7:70855]
I4v configure two routers to auth with aaa in radius server. One connect to radius througt eth and another througt serial. The frist log fine. The second don4t work. He auth in radius but don4t enter in router. when i create a local username with same name and password that radius server user has, he works and create a log enrty in log file. See my radius log. Wed Jun 18 09:36:30 2003: Auth: Login OK: [fred] (from nas 172.1.1.1/S0) Wed Jun 18 09:36:40 2003: Auth: Login OK: [fred] (from nas 172.1.1.1/S0) Wed Jun 18 09:36:50 2003: Auth: Login OK: [fred] (from nas 172.1.1.1/S0) when i create same username as in radius server Wed Jun 18 10:16:09 2003: Auth: Login OK: [fred] (from nas 172.1.1.1/S1) My router is configured as: login telnet user usernamelocal service-type exec password 0 localpassword radius-server dead-time 2 radius-server host ip_rad_server1 radius-server host ip_rad_server2 radius-server key passwordkey radius-server retransmit 3 aaa-enable aaa authentication ppp default radius local aaa authentication login default radius local tanks. Frederico Madeira Coordenador de Suporte N. Landim Comircio Ltda PABX: 81. 3497.3029 e-mail: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70855t=70855 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Email access over the Internet [7:70827]
What version of FW-1/SecuRemote are you running? UDP encapsulation has been supported for over a year now, but if you're on an older version, you may need to upgrade, or at least enable it. I believe the first version to support it was 4.1 SP4, but I could be mistaken. In the first few versions, you had to change some config files to enable it. You should be able to find more than you care to know at http://www.phoneboy.com. -Eric -Original Message- From: Snow, Tim [mailto:[EMAIL PROTECTED] Sent: Monday, June 16, 2003 1:25 PM To: 'McCallum, Robert'; 'Ccielab' (E-mail); [EMAIL PROTECTED] Com (E-mail); Comserv (E-mail); '[EMAIL PROTECTED]' There is an option in the Cisco VPN client called NAT Transparency which when enabled, allows me to VPN into work (like right now) from behind a NAT firewall. Just gotta find out what that option is in securemote software. Tim -Original Message- From: McCallum, Robert [mailto:[EMAIL PROTECTED] Sent: Monday, June 16, 2003 3:51 PM To: 'Ccielab' (E-mail); [EMAIL PROTECTED] Com (E-mail); Comserv (E-mail); '[EMAIL PROTECTED]' Subject: Email access over the Internet Folks, I have a problem in my work where for some strange reason I cant access my email over the internet from a hotel. The reason for me not being able to access email is because, oddly enough, the hotel uses NAT. We use checkpoint firewalls and I use securemote software. Now I believe its something to do with the secure ID token that I use and when I type this in there is some form of checksum which is checked at the server end. This of course has changed due to the Nat going on. has anybody out there experience this as well and know what the simple solution is. I'm sure there is a simple solution and its just my company politics which is causing me the problems. Any help will be much appreciated. Robert McCallum CCIE #8757 01415663448 07818002241 ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70827t=70827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: mode enable on aaa authentication [7:70800]
Jim, In fact i use huawei router . When i put the command aaa authentication enable default radius local return me incorrect command. Frederico Madeira Coordenador de Suporte N. Landim Comircio Ltda PABX: 81. 3497.3029 e-mail: [EMAIL PROTECTED] - Original Message - From: Jim Wang To: Sent: Tuesday, June 17, 2003 11:07 PM Subject: RE: mode enable on aaa authentication [7:70800] If you have Cisco ACS server 2.x and 3.x, under any Group Properties/TACACS Settings, select Shell(exec) and put level 15 for privilege levels. First Case: Shell/exec dictates initial login level of access. The access level can be as high as 15, which means you login to the enable privileged prompt directly. enable options on ACS have no effect Second Case: Not using Shell/Exec option, but using enable options in conjunction with device enable aaa authentication command: -- aaa authentication enable default tacacs+ enable Initially, you login to level 1 (basic user level). When you enter enable command, your password (checked against ACS servers) will determine your next level of access. This password is usually is your initial login password Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70854t=70800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technology, Certification, Skill Sets, and Looking [7:70867]
At 02:16 PM 6/18/2003 +, Riley wrote: Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. Some would argue that networking is already simpler than programming a VCR... :) Seriously though, networking in the consumer market segment (think dialup, DSL, cable modems) is not terribly complicated as of today. That telco guy who drives the truck to install your DSL might not be necessary any more, as self-install kits are available. Do you however envision technology that will simplify the design, deployment and maintenance of large enterprise and service provider networks in the same manner? Sounds like science fiction to me. Thanks, Zsombor As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] The Road Goes Ever On wrote: Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Someone also just sent me a URL to this newspaper article that points out the importance of learning business practices, not just particular technologies. It's a good read: http://www.startribune.com/stories/789/3936460.html An interesting artivcle, and one with some nuggets of good advice, particularly for those new to the business cycle. For those who have been seeing articles like this over the past twenty years or so, this article reinforces good advice, much along the lines that NRF has offered in other threads that appear regularly on Groupstudy. Good advice is timeless, and the advice in this article, which reiterates similar outlooks as have appeared in the business press over the past couple of decades remains true. Way back when I was learning things and formulating my own technology philosophy, I was blown away by three things I read - Peter Keens book Competing in Time, Paul Strassman's book The Business Value of Computers, and an obscure article written by an economist working for the Chicago Federal Reserve Bank. Each of these sources in its own way says similar things from a higher level. The Fed study was a short and simple one, but of all the business sources I have read, still seems the most relevant. The gist of the study was that investment in infrastructure yielded high returns in productivity. The author was reporting on government investment in physical infrastructure such as roads, water treatement, and the like, but a clever studentworking towards his master degree while going to night school ran with that theme and wrote a master's thesis which earned him departmental honors. Was that you? :-) Sounds interesting. Thanks for commenting on the article. I thought it made some good points. Priscilla Anyone in the technology field, whether it be IT Management, Consulting, or even something as seemingly mundane as sales, should ALWAYS be aware of the business value of technology. Over the past 15 years or so it has been technology which has driven productivity. The dark side is that technology changes, and has a way of becoming more appliance like, meaning that what as skilled labor yesterday is out of the box tomorrow. Thin about it. All you folks who are AVVID experts and therefore in high demand. How long before AVVID is nothing more than another PBX, and routers self configure for QoS? Think the telco employee who drives the truck and installs your DSL is making 100K? not likely. So yes - keep your skills up to date, so you don't end up like the guy in the article. My own opinion is that one must always consider the value to business for any skill set one pursues. JMHO NRF - your comments are always welcome on topics such as these. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70867t=70867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT: Website Authentication [7:70863]
John Neiberger 6/18/03 9:33:55 AM When you navigate to a secure website and you get a popup challenge to authenticate, what type of authentication is this? It doesn't seem like it would be CHAP or PAP, but it could be a close relative. The particular site I'm interested in (an internal test site) is all HTTPS so I can't sniff the traffic. I'm interested in finding out exactly what triggers the popup challenge. We have some other monitoring software that can step through web pages and perform certain functions but it can't get past that popup. Any thoughts? Thanks, John Nevermind, I found it on my own. There is a separate RFC for HTTP Authentication, RFC 2617, the details exactly what I was looking for. Regards, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70865t=70863 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Traffic generator for Testing QoS features [7:70864]
Adtech Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70866t=70864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Traffic generator for Testing QoS features [7:70864]
Check out Nantechthey have a BGP route generator for windows and it includes a traffic generator for testing with different service types. We use it in our lab and it works pretty good for $75. Thanks, Mario Puras SoluNet Technical Support -Original Message- From: neil K [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: Traffic generator for Testing QoS features [7:70864] I want to test QoS features on a router, and am looking for a good traffic generator which can generate different kinds of traffic. Any recommendations? Thanks, neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70870t=70864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Be counted or not be counted? [7:70871]
Hi board, I passed exam 640-442MCNS on Feb. 28, 2003 when Cisco said the exam counted toward to CCIP, CCNP-S, CCSP, CQS-CSS1, CQS-CFS... Last Friday 6/13/03 I passed exam 9e0-111 and learned that exam 640-442 only counted toward to CCIP, CCNP-S, CCSP, CQS-CSS1 in my Test History. The exam can't be counted for Security Specialist Certifications, is that true? Can old and new exam not be mix? Ironically, 640-442MCNS is said counted for other Certifications CCIP, CCNP-S, CCSP, CQS-CSS1. Anybody gets the same situation and have any idea? How can you ask Cisco about it? I can't find a link! Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70871t=70871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technology, Certification, Skill Sets, and Loo [7:70860]
If networking really becomes that simple for the consumer, it's because of all the work we have done (and continue to do) to hide the complexity. Networking isn't going to magically become simple. For it to become simple for users will take a huge amount of work by the network engineers. That will be well-paid work. The point of the article was that the technologies to make it work will continually change. You better know more than just one technology. The person who sent me the article sent it to me to point out the silliness of insisting that Visual Basic is the number one skill that univeristy computer science students should learn (something that we hear where I work part-time, believe it or not! ;-) I've noticed that students who have the soft skills of business planning, talking to users, etc. are considered inferior to the guys (it is mostly guys unfortunately) who have the stamina to code heads-down for 36 hours straight. (A student boasted to me that he did that. I bet his code sucked!? :-) The point of the aricle was that being able to code in a specific language won't help you if you can't understand why the code is important to a business' success. One other quick (hopefully quick!) point: I find it funny that you compare networking to being as easy as programming a VCR. Huge numbers of people can't program their VCR! There will still be a lot of work required to help non-computer people use their computers and networks. Perhaps as the younger generation takes over, that won't be the case... But that same generation, who grew up with computers, is probably going to come out with some really cool new technology that won't be easy to use in its first few iterations. So there's going to be lots of work in tech support, helping users, etc. (though that work isn't too fun for a lot of people, I realize). I didn't see the article as being negative at all, partly since the bad news about the job market might be changing, but mostly because it had some good ideas about rather easy things you can do to ensure success (such as figuring out what the business does and why it needs your skills, etc.) Well, I'm rambling now for sure, so I'll stop now. Annlee said this all much better in her response a couple days ago! :-) Priscilla Riley wrote: Wow, Chuck, way to suck the life out of the economy and our futures...oh, wait, that was due to the bubble popping lo all those years ago. For an assessment of networking futures, let's turn to Lovecraft...(thanks to www.Cthulhu.org) It seemed to be a sort of monster, or symbol representing a monster, of a form which only a diseased fancy could conceive. If I say that my somewhat extravagant imagination yielded simultaneous pictures of an octopus, a dragon, and a human caricature, I shall not be unfaithful to the spirit of the thing. A pulpy, tentacled head surmounted a grotesque and scaly body with rudimentary wings; but it was the general outline of the whole which made it most shockingly frightful. We know the pulpy head has been popped... Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] The Road Goes Ever On wrote: Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Someone also just sent me a URL to this newspaper article that points out the importance of learning business practices, not just particular technologies. It's a good read: http://www.startribune.com/stories/789/3936460.html An interesting artivcle, and one with some nuggets of good advice, particularly for those new to the business cycle. For those who have been seeing articles like this over the past twenty years or so, this article reinforces good advice, much along the lines that NRF has offered in other threads that appear regularly on Groupstudy. Good advice is timeless, and the advice in this article, which reiterates similar outlooks as have appeared in the business press over the past couple of decades remains true. Way back when I was learning things and formulating my own technology philosophy, I was blown away by three things I read - Peter Keens book Competing in Time, Paul Strassman's book The Business Value of Computers, and an obscure article written by an economist working for the Chicago
Re: encap for ethernet interface ? [7:70802]
ericbrouwers wrote: Brian, This is a copy from IOS Interface Configuration Guide, Specifying an Ethernet Encapsulation Method: Currently, there are three common Ethernet encapsulation There are four encapsulations if you count novell-ether. methods: - The standard Advanced Research Projects Agency (ARPA) Isn't that awful that they make it sound like Ethernet is a standard that came from ARPA, which it certainly did not. Ethernet Version 2.0 (and 1.0, for that matter) came from DEC, Intel, and Xerox. In this case, I would not have even spelled out ARPA since it's not relevant, but I'm sure the editor would have insisted on spelling it out. Ethernet Version 2.0 encapsulation, which uses a 16-bit protocol type code (the default encapsulation method). Ethernet Version 2.0 is the default for IP (and maybe older versions of DECnet?) Nothing else. - Service access point (SAP) IEEE 802.3 encapsulation, in which the type code becomes the frame length for the IEEE 802.2 LLC encapsulation (destination and source Service Access Points, and a control byte). The length field is the length of the entire packet. That sentence certainly needs editing since they make it sound like it's the length of the LLC header that follows. - The SNAP method, as specified in RFC 1042, Standard for the Transmission of IP Datagrams Over IEEE 802 Networks, which allows Ethernet protocols to run on IEEE 802.2 media. There's no such thing as 802.2 media. 802.2 is a protocol. The encapsulation method that you use depends upon the routing protocol that you are using, the type of Ethernet media connected to the router or access server, and the routing or bridging application that you configure. The encapsulation method depends on the protocol being carried by the Ethernet frame. It certainly doesn't depend on the media. A router has three fundamental jobs: forwarding, routing, and management. For forwarding, the encapsulation depends on the type of protocol being forwarded. With regards to management, CDP, STP (if it's bridging), etc. use their defined encapsulations (defined by industry standards and by IOS code, and not changeable). For routing protocols, it depends on the routing protocol, I guess, though that's missing the main point that it depends on the protocol being carried mostly. RTMP uses snap. That's because it's an AppleTalk routing protocol. OSPF, RIP, IGRP, EIGRP use Ethernet II. That's because they are IP. IS-IS, is a weird one. It uses 802.3 and 802.2 (so awfully named by Cisco as sap.) To establish Ethernet encapsulation of IP packets, use one of the following commands in interface configuration mode: The document says that you can change the encapsulation for IP packets? You can't do that on my routers! There's no need to do it anyway. There is essentially no modern operating system that doesn't use Ethernet II for IP. I'd be interested to see if anyone else is able to change the Ethernet encapsulation for IP packets on their routers. Thanks, Priscilla Command Purpose Router(config-if)# encapsulation arpa Selects ARPA Ethernet encapsulation. Router(config-if)# encapsulation sap Selects SAP Ethernet encapsulation Router(config-if)# encapsulation snap Selects SNAP Ethernet encapsulation. For an example of selecting Ethernet encapsulation for IP, see the Ethernet Encapsulation Enablement Example section. ... ... Ethernet Encapsulation Enablement Example: These commands enable standard Ethernet Version 2.0 encapsulation on the Ethernet interface processor in slot 4 on port 2 of a Cisco 7500 series router: interface ethernet 4/2 encapsulation arpa Eric - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, June 18, 2003 2:08 AM Subject: RE: encap for ethernet interface ? [7:70802] brian dell wrote: say if cdp is enabled for an interface, then since cdp uses sap encapsulation (as Priscilla mentioned), then i don't think one configures encapsulation for that interface as sap ? the question is that why is this statement (encap sap)in the configuration not needed if an interface has cdp enabled ? (i guess encap arpa is by default understood for an ethernet interface ? is that correct ? ) No. There's no default for an interface. There's only defaults for particular protocols. CDP uses snap (not sap). IP uses ARPA. Spanning Tree uses sap. Novell users novell-ether. With the exception of Novell, VLAN tagging, and ARP, you can't change the encapsulation that will be used for Ethernet frames for the various protocols. Try it on a real router. It's nothing like changing encapsulation on a WAN, which causes all traffic across the WAN link to use that encapsulation. Here are some hints: Albany#config t Enter configuration
Re: mode enable on aaa authentication [7:70800]
I'm not familiar with Huiwa router. I use a similar command, aaa authentication enable default tacacs+ local, on our routers and it works. What type of AAA authentication server are you using? -Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70874t=70800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS - Enabling Traffic Shaping [7:70877]
Jonathan, First let's make sure we're on the same page with definitions. For traffic-shaping (both GTS and FRTS), the terms are as follows: AR = Access Rate (physical clock or rate-limit at local loop) CIR = Average per second Bc = Bits per interval committed Be = Bits per interval excess Tc = Interval in ms The following formula should be used to calculate Bc: Bc = CIR * Tc/1000 The following formula should be used to calculate Be: Be = (AR - CIR) * Tc/1000 In this example, our access-rate is 64000bps. We are trying to average 15% of our access rate for telnet traffic. Average per second is CIR. CIR = 64000 bps X .15 = 9600 bps Let's assume for this example that our Tc is 1/8 second, or 125 ms. Our committed burst size would then be as follows: Bc = CIR * Tc/1000 Bc = 9600 * 125/1000 Bc = 9600 * .125 Bc = 1200 Now let's double check our calculation. We have 125 ms per interval. There are 1000 ms per second. 1 interval | 1000 ms - = 8 intervals per second 125 ms | 1 second If we are sending 1200 bits per interval 8 times per second: 1200 bits | 8 intervals = 1200 * 8 = 9600bps 1 interval | 1 second As a side note, if you want no excess burst, you want the Be value to be zero, not the same as the Bc value. The syntax should then read as follows: traffic-shape group 101 9600 1200 0 HTH Brian McGahan, CCIE #8593 Director of Design and Implementation [EMAIL PROTECTED] CyscoExpert Corporation Internetwork Consulting Training Toll Free: 866.CyscoXP Fax: 847.674.2625 -Original Message- From: Jonathan V Hays [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:39 AM To: 'John Smith'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: QoS - Enabling Traffic Shaping John, I assume the '25' after each percentage sign in your original post below is a typo (e.g., 15%25 of bandwidth). Given that assumption, you want to assign traffic to three categories, with 15%, 50%, and 35% of the 64 kbps bandwidth. 64000 x .15 = 9600 bps 64000 x .50 = 32000 bps 64000 x .35 = 22400 bps burst size should 1/8 of the bit rate cfg'd, no excess burst 1/8 = .125 9600 x .125 = 1200 bps 32000 x .125 = 4000 bps 22400 x .125 = 2800 bps However, I question the burst size given in your solution. The definition from the Doc CD states that the burst-size is the Sustained number of bits that can be sent per INTERVAL. On Frame Relay interfaces, this is the Committed Burst size contracted with your service provider. See http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ fqos_r/qrfcmd11.htm#1019905 If the interval is 1/8 second (and it may not be) I would think the correct answer would divide each of 1200, 4000, and 2800 by 8, to get bits per interval. HTH, Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Smith Sent: Wednesday, June 18, 2003 10:21 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: QoS - Enabling Traffic Shaping Somehow I have forgotten how to do math... Can anyone explain to me or point to a doc on figuring out the percentage for the below lab. Enable traffic shaping on int serial 0/0 as follows: Shape Telnet and ICMP traffic to 15%25 of bandwidth Shape FTP traffic to 50%25 of bw Shape all remianing traffic to 35%25 of bw. Remember the total link bw is 64 kbps on this interface. The burst size should 1/8 of the bit rate cfg'd, no excess burst should be allowed. The answer from the lab help are, below can anyone tell me how the number 9600, 32000 and 22400 were arrived at? I can figure out the 1/8th part 1200, 4000 and 2800, but somehow can't remember how to get the original percentage.. traffic-shape group 101 9600 1200 1200 traffic-shape group 102 32000 4000 4000 traffic-shape group 103 22400 2800 2800 Thanks. - Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! __ _ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70877t=70877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Be counted or not be counted? [7:70871]
Here's the latest from Cisco: Security Exam Updates Today, updated certification exams for SECUR, CSPFA, CSVPN, and CSI will be available and a new CSIDS exam will be available on October 7, 2003. These exam updates represent Cisco's continuing efforts to ensure that certification exams effectively validate the most current industry knowledge. Candidates working towards their CCSP, Cisco Firewall Specialist, Cisco VPN Specialist, or Cisco IDS Specialist certifications can still combine these updated exams with security exams already passed in order to earn a security certification. To learn more about the recommended training associated with these updated exams visit the appropriate URLs below. CCSP www.cisco.com/en/US/learning/le3/le2/le37/le54/learning_certification_type_h ome.html Cisco Firewall Specialist www.cisco.com/en/US/learning/le3/le2/le41/le56/learning_certification_type_h ome.html Cisco VPN Specialist www.cisco.com/en/US/learning/le3/le2/le41/le57/learning_certification_type_h ome.html Cisco IDS Specialist www.cisco.com/en/US/learning/le3/le2/le41/le58/learning_certification_type_h ome.html Two New Security Design Courses Cisco is proud to announce the newest additions to the Security training catalogue: Designing Perimeter Security (DPS) 1.0 and Designing VPN Security (DVS) 1.0. Through the use of in-depth case studies that reinforce secure design principles, these courses teach students how to design secure network perimeters and secure connectivity. While these courses are not part of any Cisco Security certification, they do provide students with additional learning opportunities focused specifically on security design. The DPS and DVS courses, as well as all other Cisco Security training, are offered through the global network of authorized Cisco Learning Partners. To search for instructor-led training and e-learning options, use the Learning Locator visit www.cisco.com/go/class_locator. For details on Cisco Security and other Cisco Certifications, visit www.cisco.com/go/training. -Original Message- From: tu do [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 12:01 PM To: [EMAIL PROTECTED] Subject: Be counted or not be counted? [7:70871] Hi board, I passed exam 640-442MCNS on Feb. 28, 2003 when Cisco said the exam counted toward to CCIP, CCNP-S, CCSP, CQS-CSS1, CQS-CFS... Last Friday 6/13/03 I passed exam 9e0-111 and learned that exam 640-442 only counted toward to CCIP, CCNP-S, CCSP, CQS-CSS1 in my Test History. The exam can't be counted for Security Specialist Certifications, is that true? Can old and new exam not be mix? Ironically, 640-442MCNS is said counted for other Certifications CCIP, CCNP-S, CCSP, CQS-CSS1. Anybody gets the same situation and have any idea? How can you ask Cisco about it? I can't find a link! Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70875t=70871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Traffic generator for Testing QoS features [7:70864]
Try NetIQ chariot. --luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 12:41 PM To: [EMAIL PROTECTED] Subject: RE: Traffic generator for Testing QoS features [7:70864] Check out Nantechthey have a BGP route generator for windows and it includes a traffic generator for testing with different service types. We use it in our lab and it works pretty good for $75. Thanks, Mario Puras SoluNet Technical Support -Original Message- From: neil K [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: Traffic generator for Testing QoS features [7:70864] I want to test QoS features on a router, and am looking for a good traffic generator which can generate different kinds of traffic. Any recommendations? Thanks, neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70876t=70864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP [7:70881]
hi guys, r1r3---ISP1--- LAN 10.6.0.0| |Internet r2r4---ISP2--- r1, r2, r3 and r4 are running BGP, there is only one path to the Internet and vice versa. Suppose the path is from isp2, r4, r2 how do i change this to isp1, r3,r1 instead. the following are the advertising route captured on both r3 and r4 r4 B 10.6.0.0/16 [20/200] via r2 r3 B 10.6.0.0/16 [200/200] via r1 thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70881t=70881 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS - Enabling Traffic Shaping [7:70869]
John, I assume the '25' after each percentage sign in your original post below is a typo (e.g., 15%25 of bandwidth). Given that assumption, you want to assign traffic to three categories, with 15%, 50%, and 35% of the 64 kbps bandwidth. 64000 x .15 = 9600 bps 64000 x .50 = 32000 bps 64000 x .35 = 22400 bps burst size should 1/8 of the bit rate cfg'd, no excess burst 1/8 = .125 9600 x .125 = 1200 bps 32000 x .125 = 4000 bps 22400 x .125 = 2800 bps However, I question the burst size given in your solution. The definition from the Doc CD states that the burst-size is the Sustained number of bits that can be sent per INTERVAL. On Frame Relay interfaces, this is the Committed Burst size contracted with your service provider. See http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ fqos_r/qrfcmd11.htm#1019905 If the interval is 1/8 second (and it may not be) I would think the correct answer would divide each of 1200, 4000, and 2800 by 8, to get bits per interval. HTH, Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Smith Sent: Wednesday, June 18, 2003 10:21 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: QoS - Enabling Traffic Shaping Somehow I have forgotten how to do math... Can anyone explain to me or point to a doc on figuring out the percentage for the below lab. Enable traffic shaping on int serial 0/0 as follows: Shape Telnet and ICMP traffic to 15%25 of bandwidth Shape FTP traffic to 50%25 of bw Shape all remianing traffic to 35%25 of bw. Remember the total link bw is 64 kbps on this interface. The burst size should 1/8 of the bit rate cfg'd, no excess burst should be allowed. The answer from the lab help are, below can anyone tell me how the number 9600, 32000 and 22400 were arrived at? I can figure out the 1/8th part 1200, 4000 and 2800, but somehow can't remember how to get the original percentage.. traffic-shape group 101 9600 1200 1200 traffic-shape group 102 32000 4000 4000 traffic-shape group 103 22400 2800 2800 Thanks. - Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! __ _ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70869t=70869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Traffic generator for Testing QoS features [7:70864]
If your company has the money, check out SmartBits. Even Cisco use it to test their products. I have no association with either SmartBits or Cisco but have used the product to test the Cos/QoS features of Cisco routers. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of neil K Sent: 18 June 2003 16:05 To: [EMAIL PROTECTED] Subject: Traffic generator for Testing QoS features [7:70864] I want to test QoS features on a router, and am looking for a good traffic generator which can generate different kinds of traffic. Any recommendations? Thanks, neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70878t=70864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat switch avg. life cycle [7:70879]
Greetings, As the company that I work for is considering replacing cat6006 with 2 smaller switches set up for dedundancy, I am looking into the average life cycle of Catalyst products. What is the avg life cycle of the Cat switches? Thanks, Marc _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70879t=70879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: mode enable on aaa authentication [7:70800]
I4m using radiusd-cistron-1.6.6-2. Frederico Madeira Coordenador de Suporte N. Landim Comircio Ltda PABX: 81. 3497.3029 e-mail: [EMAIL PROTECTED] - Original Message - From: Jim Wang To: Sent: Wednesday, June 18, 2003 3:00 PM Subject: Re: mode enable on aaa authentication [7:70800] I'm not familiar with Huiwa router. I use a similar command, aaa authentication enable default tacacs+ local, on our routers and it works. What type of AAA authentication server are you using? -Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70882t=70800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Liming netbios connections [7:70883]
Hi all I have a problem on the network where some machines a establishing a lot of netbios connections on the network and almost consuming all the bandwidth. How do I configure the ingress interface to set the limit on the number of connections that each machine can have? Your urgent response will be highly appreciated. This might be related to the virus. __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70883t=70883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat switch avg. life cycle [7:70879]
That depends. What conditions will they be running in? We have had 1900 series switches go bad after 4-5 years because they were sharing a room with the custodians (and a sink). There were water stains on it. It's my understanding that the new 2950's and 3550's have a lifetime warranty. Otherwise, figure they'll last years. Ken Mary Myers 06/18/03 12:10PM Greetings, As the company that I work for is considering replacing cat6006 with 2 smaller switches set up for dedundancy, I am looking into the average life cycle of Catalyst products. What is the avg life cycle of the Cat switches? Thanks, Marc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70885t=70879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: encap for ethernet interface ? [7:70802]
take for example a configuration from a cisco router where is the encapsulation conf ? and for all the confs i have seen for ethernet interfaces there is no encapsulation command. i guess when there is no encap conf for an ethernet interface, the ios assumes it is arpa ? is that correct ? interface eth0 ip address 192.168.1.1 255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70886t=70802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Liming netbios connections [7:70883]
Are you sure you don't have a virus? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Marakalas Sent: Wednesday, June 18, 2003 3:18 PM To: [EMAIL PROTECTED] Subject: Liming netbios connections [7:70883] Hi all I have a problem on the network where some machines a establishing a lot of netbios connections on the network and almost consuming all the bandwidth. How do I configure the ingress interface to set the limit on the number of connections that each machine can have? Your urgent response will be highly appreciated. This might be related to the virus. __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70889t=70883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Be counted or not be counted? [7:70871]
Daniel, Thanks you very much for the message. I received that email from Cisco one week ago and read thru all of the links. And I thought But it came out completely different: My passing records of exam 640-442 MNCS and 9E0-111 CSPFA are in my Test History now. But only 9E0-111 CSPFA is counted for Cisco Firewall Specialist Cert and 640-442 MNCS is not. Therefore, in my Certification Progress I am not a Cisco Firewall Specialist yet (as I thought yes)! Do I have to take the new Exam 640-100 or 642-501 in order to be a Cisco Firewall Specialist beside the fact that I passed 640-442 already? Sincerely, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70890t=70871 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technology, Certification, Skill Sets, and Looking [7:70887]
Riley wrote in message news:[EMAIL PROTECTED] Wow, Chuck, way to suck the life out of the economy and our futures...oh, wait, that was due to the bubble popping lo all those years ago. For an assessment of networking futures, let's turn to Lovecraft...(thanks to www.Cthulhu.org) It seemed to be a sort of monster, or symbol representing a monster, of a form which only a diseased fancy could conceive. If I say that my somewhat extravagant imagination yielded simultaneous pictures of an octopus, a dragon, and a human caricature, I shall not be unfaithful to the spirit of the thing. A pulpy, tentacled head surmounted a grotesque and scaly body with rudimentary wings; but it was the general outline of the whole which made it most shockingly frightful. We know the pulpy head has been popped... Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Charles, I for one, have missed your presence on this group. I trust Paul has singed you up for a long term engagement. :- Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] The Road Goes Ever On wrote: Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Someone also just sent me a URL to this newspaper article that points out the importance of learning business practices, not just particular technologies. It's a good read: http://www.startribune.com/stories/789/3936460.html An interesting artivcle, and one with some nuggets of good advice, particularly for those new to the business cycle. For those who have been seeing articles like this over the past twenty years or so, this article reinforces good advice, much along the lines that NRF has offered in other threads that appear regularly on Groupstudy. Good advice is timeless, and the advice in this article, which reiterates similar outlooks as have appeared in the business press over the past couple of decades remains true. Way back when I was learning things and formulating my own technology philosophy, I was blown away by three things I read - Peter Keens book Competing in Time, Paul Strassman's book The Business Value of Computers, and an obscure article written by an economist working for the Chicago Federal Reserve Bank. Each of these sources in its own way says similar things from a higher level. The Fed study was a short and simple one, but of all the business sources I have read, still seems the most relevant. The gist of the study was that investment in infrastructure yielded high returns in productivity. The author was reporting on government investment in physical infrastructure such as roads, water treatement, and the like, but a clever studentworking towards his master degree while going to night school ran with that theme and wrote a master's thesis which earned him departmental honors. Was that you? :-) Sounds interesting. Thanks for commenting on the article. I thought it made some good points. Priscilla Anyone in the technology field, whether it be IT Management, Consulting, or even something as seemingly mundane as sales, should ALWAYS be aware of the business value of technology. Over the past 15 years or so it has been technology which has driven productivity. The dark side is that technology changes, and has a way of becoming more appliance like, meaning that what as skilled labor yesterday is out of the box tomorrow. Thin about it. All you folks who are AVVID experts and therefore in high demand. How long before AVVID is nothing more than another PBX, and routers self configure for QoS? Think the telco employee who drives the truck and installs your DSL is making 100K? not likely. So yes - keep your skills up to date, so you don't end up like the guy in the article. My own opinion is that one must always consider the value to business for any skill set one pursues. JMHO NRF - your comments are always welcome on topics such as these. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70887t=70887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technology, Certification, Skill Sets, and Loo [7:70860]
To beat further, ensuring the horse is truly dead-- Look at your telephone. Think about all the features (which really are features, unlike some software features we all know and love). When the power goes out, you can pick up the phone and still get dial tone. The total lag time on a typical PSTN call from one coast of North America to the other is ~70ms, last I saw it measured; in that time it passed through dozens of switches on a dedicated circuit which was dynamically created for that call, and was torn down immediately after it ended. The simpler the technology is to use for the average consumer, the more complex the system behind that facade. Virtually everyone can make a phone call, including toddlers who know to call 911. What makes that system work is a lot of design and implementation with careful and thorough testing -- in other words, a lot of network engineering. The grunt work of networking will evolve, as it has for every other technology, but those who understand what happens and why that happens will still have work -- if nothing else, from cleaning up other peoples' messes. Annlee Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] If networking really becomes that simple for the consumer, it's because of all the work we have done (and continue to do) to hide the complexity. Networking isn't going to magically become simple. For it to become simple for users will take a huge amount of work by the network engineers. That will be well-paid work. The point of the article was that the technologies to make it work will continually change. You better know more than just one technology. The person who sent me the article sent it to me to point out the silliness of insisting that Visual Basic is the number one skill that univeristy computer science students should learn (something that we hear where I work part-time, believe it or not! ;-) I've noticed that students who have the soft skills of business planning, talking to users, etc. are considered inferior to the guys (it is mostly guys unfortunately) who have the stamina to code heads-down for 36 hours straight. (A student boasted to me that he did that. I bet his code sucked!? :-) The point of the aricle was that being able to code in a specific language won't help you if you can't understand why the code is important to a business' success. One other quick (hopefully quick!) point: I find it funny that you compare networking to being as easy as programming a VCR. Huge numbers of people can't program their VCR! There will still be a lot of work required to help non-computer people use their computers and networks. Perhaps as the younger generation takes over, that won't be the case... But that same generation, who grew up with computers, is probably going to come out with some really cool new technology that won't be easy to use in its first few iterations. So there's going to be lots of work in tech support, helping users, etc. (though that work isn't too fun for a lot of people, I realize). I didn't see the article as being negative at all, partly since the bad news about the job market might be changing, but mostly because it had some good ideas about rather easy things you can do to ensure success (such as figuring out what the business does and why it needs your skills, etc.) Well, I'm rambling now for sure, so I'll stop now. Annlee said this all much better in her response a couple days ago! :-) Priscilla Riley wrote: Wow, Chuck, way to suck the life out of the economy and our futures...oh, wait, that was due to the bubble popping lo all those years ago. For an assessment of networking futures, let's turn to Lovecraft...(thanks to www.Cthulhu.org) It seemed to be a sort of monster, or symbol representing a monster, of a form which only a diseased fancy could conceive. If I say that my somewhat extravagant imagination yielded simultaneous pictures of an octopus, a dragon, and a human caricature, I shall not be unfaithful to the spirit of the thing. A pulpy, tentacled head surmounted a grotesque and scaly body with rudimentary wings; but it was the general outline of the whole which made it most shockingly frightful. We know the pulpy head has been popped... Sadly, though, I believe that you are right on the money...networking and its advanced features are becoming more point-button simple. I figure that we got about 10 years at the most before the bottom truly drops out and networking becomes as simple and mindless as programming your VCR or TiVo...you don't need assistance anymore. As far as for myself, I am currently working on developing my people skills as I do want to attain senior greeter status...the handing out balloons and talking is really tripping me up...does anyone want to form a study group with me to study that? Charles Priscilla Oppenheimer wrote in message
HELP ON THE 3550 SWITCH [7:70892]
I have this problem with this CS-C3550-24PWR-SMI Here is what happened: I tried to upgrade this switch to EMI image: c3550-i5q3l2-mz.121-11.EA1.bin. After loading the new EMI image I then issue the command: boot system flash:c3550-i5q3l2-mz.121-11.EA1.bin. When reboot after upgrading, it keep recycling the booting process as shown below: Loading flash:c3550-i5q3l2-mz.121-11.EA1.bin...### # ### # ### # ### # ### # # File flash:c3550-i5q3l2-mz.121-11.EA1.bin uncompressed and installed, entry po int: 0x3000 executing... Error: hardware not supported by firmware. Try loading newer software instead. System Resetting... Evidently, the switch allowed me to upgrade with this EMI image but not compatible. I have upgraded several of the regular 3550s in the pass without any problem, I think this particular switch with the PWR suffix has something to do with this problem. Any one know how to reverse this mistake or setting this switch to boot with the original IOS which still install in the flash. Any input to resolve this problem is very much appreciated. Thank you all in advance. Xy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70892t=70892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: encap for ethernet interface ? [7:70802]
brian dell wrote: take for example a configuration from a cisco router where is the encapsulation conf ? and for all the confs i have seen for ethernet interfaces there is no encapsulation command. i guess when there is no encap conf for an ethernet interface, the ios assumes it is arpa ? is that correct ? I don't have the capability to configure the encapsulation on my Ethernet interfaces either. Someone else sent an IOS config guide that says you can do it (FOR IP PACKETS), but I wasn't able to. Anyone else able to? The IOS defaults to an encapsulation depending on the packet type. It defaults to ARPA for IP. It defaults to novell-ether for Novell. It defaults to SNAP for AppleTalk, CDP, VTP, others. It defaults to sap for STP. You have me worried with this the ios assumes it is arpa statement. That's just for IP. There is no default encapsulation type for Ethernet in general. It depends on the packet type. Get the free Ethereal protocol analyzer and check it out. I think you would enjoy it. Here's a lab exercise you could do: http://www.troubleshootingnetworks.com/ethernet.html Priscilla interface eth0 ip address 192.168.1.1 255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70895t=70802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP problem [7:70797]
Networks. Not only is it a switch, patterned after an Ethernet switch, but it also supposedly solves the problem of rogue wireless access points. See these recent articles from 802.11 Planet and the San Jose Mercury News: http://www.80211-planet.com/news/print.php/1572381 http://www.siliconvalley.com/mld/siliconvalley/news/local/6106092.htm Priscilla The Road Goes Ever On wrote: Riley wrote in message news:[EMAIL PROTECTED] What an interesting scenario! If I understood your message correctly, the network picture is something like this: Wired Network -Cat-Wireless Network |User| Your problem is that the user is bridging the wired and wireless (and so is the Cat), which means there are two functioning links (bridges) between the wireless and wired. Your real problem is even if you track this user down and beat them severaly with an AP antenna until his MCSE falls on the floor,this problem is going to repeat itself with the next user who has a similar wired/wireless card. So...it's a long day and I can't think of the specific commands or syntax or what I had for lunch, but configure the cat port that the wireless AP is connected to to make it the root bridge such that it will always beat the out of any wanna be bridges, thus ensuring that the rogues block. Sorry, can't be more specific than this, but my brain is frazzled so right now, I think STP is something you put in your car...but maybe it will help with your problem... HTH anyway, Charles nice to see you here again, Charles. Where you been keeping yourself? :- I like your layout. Like the other guy said, though, I'm not sure a Windoze machine would bridge between these tow interfaces. Of course, I ould be wrong. It could also be that the integrated ethernet / wirelss card is broken for wahtever reason. Nothing would surprise me I put in a Linksys wireless network here at home, and put my wife and the kids on the wireless. My wife's laptop has a PCMCIA nic and a built in ethernet port. wonder if I could get her off the internet long enough to let me try a test or two. she's really loving being able to sit on the back deck and cruise. :- don't be such a stranger, guy. Christopher Dumais wrote in message news:[EMAIL PROTECTED] Hi all, We are having an STP problem where we think a user with an integrated wireless and LAN NIC is creating a bridge loop and bringing down the entire network. The problem occurs then goes away after 20 or so minutes unless we can narrow down which closet it is coming from and reboot the switch. All of our management tools die during the outage. Does anyone have any ideas on how we might prevent this from happening or track down the offender? We have 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are appreciated. Thanks! Chris Dumais, CCNP, CNA Sr. Network Administrator NSS Customer and Desktop Services Team Maine Medical Center (207)871-6940 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70894t=70797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mobile IP Test Scenario [7:70891]
In the idol speculation category at this time. Just mulling ways to familiarize myself with Mobile IP the idea is to use my computer to simulate a roving user who still needs to get to the internet. here is what I came up with for a test bed: Internet | outside_LAN ( public IP side ) | firewall | | firewall IP = 192.168.1.1/24 | inside_Lan ( 192.168.1.x/24 ) | | router ip = 192.168.1.2/24 | router_1\ | \ \ frame_relay_cloud--- ---Router_4 / \ | | / \ router_4 ip = 192.168.4.1`/24 |/ \ | Router_2 router_3 VLAN_4 = 192.168.4.x/24 | | | Router IP = 192.168.2.1/24 router_3 ip = 192.168.3.1/24 | | VLAN_2 = 192.168.2.x/24VLAN_3 = 192.168.3.x/24 hope the ASCII art survives the groupstudy message mangler :- In any case, this being done via the magic of a switch, I can easily move my computer from vlan to vlan just by changing the connection to the appropriate port. At least, that's the theory. Router 1 is the home agent routers 2,3, and 4 are the foreign agents. The idea is to simulate a wireless network, in which a user is wandering from AP to AP, with the particular APs in different subnets, as might be the case in a hospital or a business occupying multiple floors or multiple buildings in a campus. If mobile IP works the way it is advertised, the roving user can still surf the web, no matter which part of the network he occupies. not changes required on the user station. I probably won't be able to test this prior to next week. Too many other things going on right now. Just wanted to offer this as food for thought, if anyone out there is looking for some study ideas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70891t=70891 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HELP ON THE CS-C3550-24PWR-SMI [7:70893]
Hi all, I have this problem with this CS-C3550-24PWR-SMI Here is what happened: I tried to upgrade this switch to EMI image: c3550-i5q3l2-mz.121-11.EA1.bin. After loading the new EMI image I then issue the command: boot system flash:c3550-i5q3l2-mz.121-11.EA1.bin. When reboot after upgrading, it keep recycling the booting process as shown below: Loading flash:c3550-i5q3l2-mz.121-11.EA1.bin...### # ### # ### # ### # ### # # File flash:c3550-i5q3l2-mz.121-11.EA1.bin uncompressed and installed, entry po int: 0x3000 executing... Error: hardware not supported by firmware. Try loading newer software instead. System Resetting... Evidently, the switch allowed me to upgrade with this EMI image but not compatible. I have upgraded several of the regular 3550s in the pass without any problem, I think this particular switch with the PWR suffix has something to do with this problem. Any one know how to reverse this mistake or setting this switch to boot with the original IOS which still install in the flash. Any input to resolve this problem is very much appreciated. Thank you all in advance. Xy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70893t=70893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
dhcp packets not visible in 6509 [7:70898]
Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70898t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need help on Cisco Content Engine [7:70899]
Hi guys, Need some direction to work on this problem on mine. We sold a customer one unit of CE507 (Cisco Content Engine 507) software version 3.1.1, after 9 months the hard disk crashed and we raplace with a new HD (Firmware S96H). After replacing the hard disk we encounter a problem. We reloaded the image (ce507-cache-311.bin) and after that we just can't seems to get back in using the previous password. We proceed to perform the password recovery. I am supposed to press RETURN key at the following line : Cisco CE boot: hit RETURN to set boot flags:0009 But opps the line is not display through out the entire boot up process. I have captured the screen and attached as below : __ Initializing memory. Please wait. BIOS Version: Cisco 03.0C BIOS Build date: 06/22/01 Symbios, Inc. SDMS (TM) V4.0 PCI SCSI BIOS, PCI Rev. 2.0, 2.1 Copyright 1995, 1998 Symbios, Inc. PCI-4.11.00 HBA ID LUN VENDOR PRODUCT REV SYNC WIDE INT13 CYL/ HD/SEC --- -- --- - 0 0 0 IBM DDYS-T18350M S96H 80.0 16 BOOT 1024/ 64/32 0 7 0 Symbios SYM53C8950002 80.0 16 Symbios, Inc. PCI boot ROM successfully installed! System Now Booting ...[BOOT-ASM] [BOOT-PHASE2]: entered [BOOT-PHASE2]: build date: Wed May 30 10:03:59 PDT 2001, build number 1 [BOOT-PHASE2]: directory verified ok [BOOT-PHASE2]: examining phase3 boot-rom: 'default_bootrom' [BOOT-PHASE3]: entered [BOOT-PHASE3]: version 1, built Fri Feb 8 16:19:36 PST 2002 [BOOT-PHASE3]: directory verified ok [BOOT-PHASE3]: enter `***' for rescue image: timeout [BOOT-PHASE3]: default system image is 78 sectors [BOOT-PHASE3]: loaded 78 device sectors to 0x200! [BOOT-PHASE3]: extracting system image at 0x200 [BOOT-PHASE3]: loading kernel [BOOT-PHASE3]: system image header: v=2, b=893827, i=9219641 [BOOT-PHASE3]: alternate kernel length: 0 [BOOT-PHASE3]: rd set at 0x600, len 9219641 [BOOT-PHASE3]: moving 3072 code bytes to 0x9 [BOOT-PHASE3]: checksum of relocated ramdisk (600) is 2a5dc12f17f3ead14c1a2f [BOOT-PHASE3]: invoking kernel now [BOOT-PHASE2]: booting kernel Linux version 2.3.36.csco ([EMAIL PROTECTED]) (gcc version egcs-2.91.66 19990314/1 setup.c: E820 fixup: old map: 5 entries; new map: 7 entries e820: 0009ec00 @ (usable) e820: 1400 @ 0009ec00 (reserved) e820: 0001f800 @ 000e0800 (reserved) e820: 00e0 @ 0010 (usable) e820: 0010 @ 00f0 (reserved) e820: 0f00 @ 0100 (usable) e820: 0010 @ fff0 (reserved) Scan SMP from 7c00 for 1024 bytes. Scan SMP from 7c09fc00 for 1024 bytes. Scan SMP from 7c0f for 65536 bytes. Scan SMP from 7c09ec00 for 4096 bytes. setup.c: reserved bootmem for INITRD_START = 0x600, INITRD_SIZE = 9219641 mapped APIC to e000 (0100) On node 0 totalpages: 0001 zone(0): 4096 pages. zone(1): 61440 pages. zone(2): 0 pages. Detected 598411222 Hz processor. Console: colour *CGA 15x25 Calibrating delay loop... 596.38 BogoMIPS kdb version 1.3 by Scott Lurndal. Copyright SGI, All Rights Reserved Memory: 242496k/262144k available (1596k kernel code, 18232k reserved, 181k dat) Buffer-cache hash table entries: 16384 (order: 4, 65536 bytes) Page-cache hash table entries: 65536 (order: 6, 262144 bytes) Pentium-III serial number disabled. Checking 386/387 coupling... OK, FPU using exception 16 error reporting. Checking 'hlt' instruction... OK. POSIX conformance testing by UNIFIX Pentium-III serial number disabled. per-CPU timeslice cutoff: 50.03 usecs. CPU0: Intel Pentium III (Coppermine) stepping 06 SMP motherboard not detected. Using dummy APIC emulation. Initializing CPU#0 calibrating APIC timer ... CPU clock speed is 598.3861 MHz. host bus clock speed is 0. MHz. cpu: 0, clocks: 0, slice: 0, nr: 1. CPU0 Setting commenced=1, go go go PCI: PCI BIOS revision 2.10 entry at 0xea39c PCI: Using configuration type 1 PCI: Probing PCI hardware PCI: Cannot allocate resource region 2 of device 00:0d.0 PCI: Cannot allocate resource region 2 of device 00:0e.0 PCI: Allocation of memory region 00:0d.0/2 (-1609564160 bytes) failed PCI: Allocation of memory region 00:0e.0/2 (-1609564160 bytes) failed Limiting direct PCI/PCI transfers. Linux NET4.0 for Linux 2.3 Based upon Swansea University Computer Society NET3.039 skb_init: memory pools configured to steal max 150994944 bytes (144MB) for skbuy skb_init: pool locking done by local_irq_save/local_irq_restore, 4 CPUs NET4: Unix domain sockets 1.0/SMP for Linux NET4.0. NET4: Linux TCP/IP 1.0 for NET4.0 IP Protocols: ICMP, UDP, TCP TCP: Hash tables configured (established 16384 bind 16384) Starting kswapd v1.6 Serial driver version 4.91 (1999-11-17) withKeyboard timeout[2] Keyboard timeout[2] MANY_PORTS SHARE_IRQ SERIAL_PCI PCI_IOMEM enabled ttyS00 at 0x03f8 (irq = 4) is a 16550A ttyS01 at 0x02f8 (irq = 3) is a 16550A pty: 256 Unix98 ptys configured Linux video capture
RE: Liming netbios connections [7:70883]
You could use traffic-shape command interface serial 1 traffic-shape group 101 128000 16000 8000 You must calculate the bit-rate that is suitable for your medium. The group 101 relates to access group. In your case you can have all networks Access-list 101 permit 0.0.0.0 0.0.0.0 eq 135 You could as well just limit the hosts that are causing the problem. But overall you should diagnose if they are compromised hosts. Cheers, Jamie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marakalas Sent: June 18, 2003 1:18 PM To: [EMAIL PROTECTED] Subject: Liming netbios connections [7:70883] Hi all I have a problem on the network where some machines a establishing a lot of netbios connections on the network and almost consuming all the bandwidth. How do I configure the ingress interface to set the limit on the number of connections that each machine can have? Your urgent response will be highly appreciated. This might be related to the virus. __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70896t=70883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HELP ON THE 3550 SWITCH [7:70892]
At 11:48 PM 6/18/2003 +, Xy Hien Le wrote: Any one know how to reverse this mistake or setting this switch to boot with the original IOS which still install in the flash. Connect to console, power-cycle the switch, and send break signal right after the switch starts to boot. This should send you to rommon, where you can set the BOOT variable to the image you want to load (BOOT=). Then do a 'sync' in order to save the new BOOT variable, reload, end you should be all set. Thanks, Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70900t=70892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RES: dhcp packets not visible in 6509 [7:70898]
Did you enable spannint-tree portfast ? I'd use set port host instead , which includes STP portfast, aomong other things . . . _ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 [EMAIL PROTECTED] www.cpm.com.br -- --- Esta mensagem pode conter informagco confidencial e/ou privilegiada. Se vocj nco for o destinatario ou a pessoa autorizada a receber esta mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas ou tomar qualquer agco baseada nessas informagues. Se vocj recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Mensagem original- De: Vik Vikky [SMTP:[EMAIL PROTECTED] Enviada em: quarta-feira, 18 de junho de 2003 22:14 Para: [EMAIL PROTECTED] Assunto: dhcp packets not visible in 6509 [7:70898] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.490 / Virus Database: 289 - Release Date: 16/06/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70902t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problem w/ 802.1q trunking [7:70901]
I'm trying to trunk a 10Mb link between a Catalyst 5500 and 4500M router. The trunk contains 3 VLANs 4, 13, 20. VLANs 13 20 work fine, but I can't ping across VLAN 4. Using debug ip packet on the router while pinging, I get a message that says encapsulation failed. Here's my config on the router: interface Ethernet1 no ip address media-type 10BaseT ! interface Ethernet1.4 encapsulation dot1Q 4 ip address 153.1.4.1 255.255.255.0 ! interface Ethernet1.13 encapsulation dot1Q 13 native ip address 153.1.13.1 255.255.255.0 ! interface Ethernet1.20 encapsulation dot1Q 20 ip address 153.1.20.1 255.255.255.0 Also I cleared all the Vlans on the switch side of the trunk, except for Vlans 1,4,13,20,1001-1005 and trunking is set to on. Thanks for your help.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70901t=70901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN problem [7:70856]
In the 2503 router you have two options to make it dial put a dialer-string under the bri or assign a sting to the end of your dialer map command. You are missing that. Ronnie wrote in message news:[EMAIL PROTECTED] Hi group, I recently got a ILS-1000 ISDN simulator for my lab, I config two router according to the CCIE LAB configuration and i just can not make the BRI dial. Did anyone have any experience for the this simulator. Here is the output and the config, pleas help. R2503# interface BRI0 ip address 100.100.100.200 255.255.255.0 encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.100 name r2521 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 no fair-queue ppp multilink ! no ip classless ip route 100.0.0.0 255.255.255.0 BRI0 ip route 196.1.1.0 255.255.255.0 BRI0 no ip http server no ip pim bidir-enable ! dialer-list 1 protocol ip permit ! r2521# interface BRI0 ip address 100.100.100.100 255.255.255.0 ip directed-broadcast encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.200 name r2503 broadcast 8358662 dialer load-threshold 1 outbound dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866101 isdn spid2 0835866301 no fair-queue ppp multilink ! router rip network 100.0.0.0 ! ip nat translation timeout never ip nat translation tcp-timeout never ip nat translation udp-timeout never ip nat translation finrst-timeout never ip nat translation syn-timeout never ip nat translation dns-timeout never ip nat translation icmp-timeout never ip classless ! dialer-list 1 protocol ip permit r2503#sh isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 119, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI = 121, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 119, ces = 1, state = 5(init) spid1 configured, no LDN, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 2, tid = 1 TEI 121, ces = 2, state = 5(init) spid2 configured, no LDN, spid2 sent, spid2 valid Endpoint ID Info: epsf = 0, usid = 4, tid = 1 Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 52 Total Allocated ISDN CCBs = 0 r2503#sh int bri0 BRI0 is up, line protocol is up (spoofing) Hardware is BRI Internet address is 100.100.100.200/24 MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Last input 00:00:29, output 00:00:29, output hang never Last clearing of show interface counters 01:01:09 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 302 packets input, 1536 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 326 packets output, 1696 bytes, 0 underruns 0 output errors, 0 collisions, 8 interface resets 0 output buffer failures, 0 output buffers swapped out 19 carrier transitions Thank you very much.. Philip Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70904t=70856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
you need to enable portfast. Read about portfast. Set spantree portfast enable ( I think this is the syntax I don't have a 6509 in front of me now.) Vik Vikky wrote in message news:[EMAIL PROTECTED] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70903t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help with Cisco 3745 configuration [7:69765]
Thanks for all your help! JB thartman wrote: Just by looking at your BOM (Bill of Materials) you will not be able to connect to the Telco circuit without an External CSU/DSU. The serial interfaces require this. If you would have purchased the VWIC-MFT-T1 then you would be able to handle the both the voice and data internal to the box. Layer 1 - nothing else works without out it tlh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, May 29, 2003 11:25 AM To: [EMAIL PROTECTED] Subject: Re: Help with Cisco 3745 configuration [7:69765] J B wrote: John Neiberger wrote: J B 5/29/03 8:39:15 AM Hi, Everyone I just been awarded the responsibility of installing 4 3745 Cisco routers. The local phone company wanted $5500 dollars for the installation and my employer thinks is to much. I was looking at the Cisco website for sample configurations but I couldn't find them. I need to share the T1 channels link for voice and data. I haven't done Cisco for like 2 years. Can someone help me with some guidance to find some information in how to do that. Thanks JBary Are your routers handling the voice traffic or are you simply splitting this off at the CSU/DSU so that the router only sees data traffic? John Splitting the line with external CSU/DSU's for each site Some channels for voice and the rest for data. I have the following equipment: 3725 (3) Qty 3700 Series, 2-Slot, Dual FE, Multiservice Access Router Cisco 3725 Series IOS IP/IPX/APPLETALK 2-Port Serial WAN Interface Card V.35 Cable, DTE Male to Smart Serial, 10 Feet 3745 (1) Qty 3700 Series, 4-Slot, Dual FE, Multiservice Access Router Cisco 3745 Series IOS IP/IPX/APPLETALK 4-Port Serial Network Module V.35 Cable, DTE, Male, 10 Feet Jb I just talk to my manager and he's telling me that no CSU/DSU's were ordered because this routers are suppose to be able to do everything. So, No external CSU's splitting of the line; all is suppose to be configure within the Cisco IOS. Thanks JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70908t=69765 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Internet is very slow behind Pix 515E UR [7:70783]
sorry!! i mean the access-list acl_out Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70906t=70783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help with Cisco 3745 configuration [7:69765]
Just by looking at your BOM (Bill of Materials) you will not be able to connect to the Telco circuit without an External CSU/DSU. The serial interfaces require this. If you would have purchased the VWIC-MFT-T1 then you would be able to handle the both the voice and data internal to the box. Layer 1 - nothing else works without out it tlh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, May 29, 2003 11:25 AM To: [EMAIL PROTECTED] Subject: Re: Help with Cisco 3745 configuration [7:69765] J B wrote: John Neiberger wrote: J B 5/29/03 8:39:15 AM Hi, Everyone I just been awarded the responsibility of installing 4 3745 Cisco routers. The local phone company wanted $5500 dollars for the installation and my employer thinks is to much. I was looking at the Cisco website for sample configurations but I couldn't find them. I need to share the T1 channels link for voice and data. I haven't done Cisco for like 2 years. Can someone help me with some guidance to find some information in how to do that. Thanks JBary Are your routers handling the voice traffic or are you simply splitting this off at the CSU/DSU so that the router only sees data traffic? John Splitting the line with external CSU/DSU's for each site Some channels for voice and the rest for data. I have the following equipment: 3725 (3) Qty 3700 Series, 2-Slot, Dual FE, Multiservice Access Router Cisco 3725 Series IOS IP/IPX/APPLETALK 2-Port Serial WAN Interface Card V.35 Cable, DTE Male to Smart Serial, 10 Feet 3745 (1) Qty 3700 Series, 4-Slot, Dual FE, Multiservice Access Router Cisco 3745 Series IOS IP/IPX/APPLETALK 4-Port Serial Network Module V.35 Cable, DTE, Male, 10 Feet Jb I just talk to my manager and he's telling me that no CSU/DSU's were ordered because this routers are suppose to be able to do everything. So, No external CSU's splitting of the line; all is suppose to be configure within the Cisco IOS. Thanks JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70907t=69765 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Internet is very slow behind Pix 515E UR [7:70783]
where is the access-group acl_out?? u haven't defined it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70905t=70783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
