Cisco exam 9E0-111 or 642-521 [7:71048]
Dear All, I am planing to go for Cisco firewall exam, as of now two exams are available there 9E0-111 and 642-521 I am bit confused which one should I opt. other doubt I have is if I opt for exam 9E0-111, as per the site it will expire on 30 September but would it be valid for me to complete the security certification or I would have to go for the 642-521 again if I want to get the CISCO Firewal expert certificate after 30 September. Also I have the CSPFA 2.0 book how difficult it is to pass any of these exam by reading this book. I would also want to know which exam is good and more practical/realistic. Would you suggest any test exam for this (I am a CCNP certified) how difficult would it be to pass this for an average exprienced person. Thanks in advance for all your inputs. Ragrds Kailash __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71048&t=71048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: When to run BGP (was RE: number of CCIE [7:70151]
I was multi-homed. Sprint and Qwest. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Howard C. Berkowitz Sent: Friday, June 20, 2003 4:41 PM To: [EMAIL PROTECTED] Subject: When to run BGP (was RE: number of CCIE [7:70151] At 4:24 PM + 6/20/03, Mark E. Hayes wrote: >NOT being a wise-a$$ here... When is it appropriate to run BGP? I set it >up at the last job I had because I felt it was the best way to get >redundancy for web services. I had two T-1's, ASN, and had to guarantee >100% uptime for one of our clients. Plus the enterprise was becoming >more web dependent with services we were offering. > >Thanks, > >Mark > First, be sure you aren't equating "running BGP" with "taking a full routing table." There are many situations where running BGP doesn't take a big router, because the particular application only needs a few routes. Second, the simple answer is "multihoming". Most frequently, this means that you are multihoming to different providers. There can be, however, very valid reasons to use BGP when you are connected to multiple POPs of the same provider, and want to control load distribution over the set of POPs. There are a few special cases where you might run BGP when you only have a single provider connection, such as announcing routes to a 2547 VPN, and neither static nor IGP routing is appropriate between the CE and PE. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71049&t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proxy [7:70959]
Tom, I refer to Microsoft Proxy server. i.e can I direct traffic to a microsoft proxy just like I would a DHCP server by using the ip helper address command. Regards, Gbenga To God be the Glory.Gbenga. - Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71050&t=70959 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redistribute bgp to rip (please help!!!) [7:70970]
Thanks Zsombor, I think the problem was bgp reditribute-internal did not work properly for me. Then i used network command to include those routes i want to redistribute, then it worked for me. So i jumped into an assumption that only igp originated route is redistributed. anyway, after fiddling around, redistribute internal works for me and there is no more problem. Thanks for your help Paul Zsombor Papp wrote: > At 11:32 AM 6/20/2003 +, paul dong so wrote: > >>More information to this. >> >>r4 - eigrp - r10 - bgp- >> >>now i have tried replace eigrp with rip v2, the same problem. I want to >>redistribute bgp to egrip on r10. those routes learned via redistribute >>connected on bgp, marked with origin code ? , can not be redistribute to >>eigrp, >> > > Specifically which ones? It appears to me that 4 routes get redistributed > into EIGRP and all of them had incomplete origin. Here is a mix of your own > 'show ip bgp' and 'show ip eigrp topo' outputs: > > *> 192.168.3.0 200.200.200.50 0 2 ? > P 192.168.3.0/24, 1 successors, FD is 45970176, tag is 50 >via Redistributed (45970176/0) > > *> 192.168.5.0 200.200.200.5 0 2 ? > P 192.168.5.0/24, 1 successors, FD is 45970176, tag is 50 >via Redistributed (45970176/0) > > *> 192.168.38.0 200.200.200.50 0 2 ? > P 192.168.38.0/24, 1 successors, FD is 45970176, tag is 50 >via Redistributed (45970176/0) > > *> 192.168.55.0 200.200.200.50 0 2 ? > P 192.168.55.0/24, 1 successors, FD is 45970176, tag is 50 >via Redistributed (45970176/0) > > I assume you are aware that redistributing BGP into EIGRP is not a > particularly good idea, so I take this is some kind of exercise. If so, > perhaps you could try to simplify the scenario a bit, like have only 1 BGP > peer on R10, don't redistribute connected routes into EIGRP, etc, and see > if you have only 2 BGP routes, one incomplete and one IGP origin, then > those make it into EIGRP (I don't see any reason why they wouldn't). When > you are there, then you can start adding back the complexity to see what > caused the breakage. > > Thanks, > > Zsombor > > >> only those routes marked with origin code i are passed to eigrp, >>why? I don't see any reason incomplete routes can not be redistribute to >>other protocols. >> >>configuration is like this: >> >>R10: >>router eigrp 1 >> redistribute connected >> redistribute bgp 1 route-map bgp2eigrp >> network 200.200.200.8 0.0.0.3 >> default-metric 56 1000 255 1 1500 >> no auto-summary >> no eigrp log-neighbor-changes >>! >>router bgp 1 >> no synchronization >> bgp redistribute-internal >> bgp router-id 192.168.10.10 >> bgp log-neighbor-changes >> redistribute connected route-map connect2bgp >> neighbor 192.168.0.2 remote-as 1 >> neighbor 192.168.0.2 route-reflector-client >> neighbor 192.168.0.2 send-community >> neighbor 192.168.16.2 remote-as 1 >> neighbor 192.168.16.2 route-reflector-client >> neighbor 200.200.200.5 remote-as 2 >> neighbor 200.200.200.5 password test >> neighbor 200.200.200.5 remove-private-AS >> no auto-summary >> >>route-map bgp2eigrp, permit, sequence 10 >> Match clauses: >> Set clauses: >> tag 50 >> Policy routing matches: 0 packets, 0 bytes >> >>r10#sh ip bgp >>BGP table version is 38, local router ID is 192.168.10.10 >>Status codes: s suppressed, d damped, h history, * valid, > best, i - >>internal >>Origin codes: i - IGP, e - EGP, ? - incomplete >> >>Network Next HopMetric LocPrf Weight Path >>*> 192.168.0.0 0.0.0.0 0 32768 ? >>* i 192.168.0.2 0100 0 i >>*>i192.168.1.0 200.200.200.11100 0 ? >>*> 192.168.3.0 200.200.200.50 0 2 ? >>*> 192.168.5.0 200.200.200.5 0 2 ? >>*>i192.168.6.0 192.168.16.2 0100 0 i >>*>i192.168.7.0 192.168.0.2 0100 0 ? >>*> 192.168.10.0 0.0.0.0 0 32768 ? >>*>i192.168.11.0 200.200.200.11100 0 ? >>*> 192.168.16.0 0.0.0.0 0 32768 ? >>* i 192.168.16.2 0100 0 i >>*>i192.168.22.0 200.200.200.11100 0 ? >>*>i192.168.33.0 200.200.200.11100 0 ? >>*> 192.168.38.0 200.200.200.50 0 2 ? >>*> 192.168.55.0 200.200.200.50 0 2 ? >>*>i192.168.70.0 192.168.0.2 0100 0 ? >>*>i200.200.27.0 192.168.0.2 0100 0 ? >>*>i200.200.27.2/32 192.168.0.2 0100 0 ? >>Network Next HopMetric LocPrf Weight Path >>*>i200.200.200.0192.168.16.2 0100 0 ? >>*> 200.200.200.4/30 0.0.0.0
OT/Look at the requirements of this position!!!! [7:71052]
"VPN and Cisco skills should be very strong and be accompanied by a CCNA (CCNP's will be considered, however, CCIE's or nearly qualified CCIE's will not be)." What is wrong with this statement? Is CCIE easier than CCNP? http://www.hotjobs.com/cgi-bin/job-show?TEMPLATE=/htdocs/job-show.html&J__PIN DEX=JRSVJ7DF3&P__SOURCE=HJC&P__SOURCE_SPECIFIC=HJC&BOLD_KEYWORDS=cisco&BOLD_O PENTAG=%3Cspan+class%3D%22bold-opentag%22%3E&BOLD_CLOSETAG=%3C%2Fspan%3E Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71052&t=71052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wic2T not working [7:71053]
I have installed a wic2t on a 1720 router. The s0 interface on the wic2t works fine. The s1 interface does not work(shows serial int up, line protocol down). It seems to be a problem on the router as I have replaced the wic2t card with a new card and I have the same problem. The line is fine. I have tested this by installing a completely different router (interface up, line protocol up). Any ideas to what is causing this? Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71053&t=71053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question about remote telnet and NAT [7:71054]
Hi all, I have a ADSL connection at home with an E-tech Router/Swith/Modem. What i want was to get access via telnet to my 2511 router. I am using NAT. So what i did is i gave my 2511 an ip address like this: int eth0 ip address 10.0.0.99 255.0.0.0 no shutdown I assigned an enable password and allso assigned an vty password. The I Mapped port 23 TCP and UDP to the IP 10.0.0.99 (on my E-tech Router/Swith/Modem) If i ask to someone to test the connection to my IP something goes wrong... (Try it IP = 217.19.23.175 port = 23) Can someone help me with this? Thank You, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71054&t=71054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RADIUS v TACACS [7:70968]
Hi, With tacacs+ you can certainly use one time passwords for 2 factor authentication such as SecureID. Tacacs+ is great if you need multiple privilege levels on a router. For example you limit commands for Tier I and open them up for Tier II. I'm not sure that Radius can do that. Also the transmission from the device to the Tacacs+ server is encrypted whereas I believe it is in the clear with Radius. Just some thoughts, Ian www.ccie4u.com Rack Rentals and Lab Scenarios starting at $20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dom Sent: Friday, June 20, 2003 7:22 AM To: [EMAIL PROTECTED] Subject: OT: RADIUS v TACACS [7:70968] I've just been asked the following by an old friend - "A quick question. If one uses TACACS Do you know what choices are there for handheld One Time Password generators, like RSA, secureID, etc. I am just about to make alternative choices for a replacement of our Vasco RADIUS server and at this time perhaps RSA leads but I would welcome any alternatives. When you say TACACS is better - why would that be true?" I'm a little rusty in this area and was wondering if anyone in this group had any views. I've just been using TACACS for years. As I said, the question comes from an old mate of mine - this is not consultancy work, I'm just trying to help out . TIA, Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org === IMPORTANT: This email is intended for the use of the individual addressee(s)named above and may contain information that is confidential privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorised (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the poodle next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites and place it in a warm oven for 40 minutes. Whisk briefly and let it stand for 2 hours before icing. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71055&t=70968 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Wic2T not working [7:71053]
Hi, Your assumption that the problem is on the router is probably right. I would suggest you check the min. version for the WIC-2T and check the version of your router software. You use the software advisor to do this: http://www.cisco.com/cgi-bin/Support/CompNav/Index.pl (you'll need a CCO login) and click Software Support for Hardware. If this checks out then your router is really with a problem. I've seen some VERY strange behaviour with regards to WAN interface problems... Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71056&t=71053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Proxy [7:70959]
Hi, >From the command lookup tool: To have the Cisco IOS software forward User Datagram Protocol (UDP) broadcasts, including BOOTP, received on an interface, use the ip helper-address interface configuration command. To disable the forwarding of broadcast packets to specific addresses, use the no form of this command. So you can't use this command for proxying. Troy was right when he suggested WCCP. There is also a less fancy way to do the redirection and that is with Policy Based Routing. Hope this helps, Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71057&t=70959 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Would it be a good idea to make the CCIE Lab adaptive? 1st, everyone will try a screener test of overall technologies. Once you have finished, they will give you a lab book that they believe are more challenging to you. How many lab books do they have, maybe a hundred? So, in that case bootcamps would have a hard time knowing everything Cisco have up their sleeves. > Personally I think the best way to solve this problem is to force people to > recertify by taking the current lab exam again. No more of this BS where > guys can just take a written exam to recertify. You want to continue > calling yourself a CCIE? Then you should have no problem in passing the lab > again. Otherwise, we'll convert your status to 'retired CCIE' or CCIE This would be pretty harsh for all CCIE's that have to retake the test again just to be recertified. How about give them a half-day of troubleshooting? Bootcamps can teach you to memorize configurations, but its pretty hard to memorize how to troubleshoot different type of breaks. Instinct is key here. Again, same idea as I previously stated on top. Take a screener test of overall technologies. After that, they'll give you a problem and tell you, "the clock aready started. You just wasted 2 minutes staring at me." - Original Message - From: "n rf" To: Sent: Friday, June 20, 2003 10:09 PM Subject: RE: number of CCIE [7:70151] > Carroll Kong wrote: > > > > > > be more prone to some form of bootcamp brain dumpage. But > > this > > > > is > > > > not really conclusive. It might just be that, the CCIE is > > > > becoming > > > > "more popular" and people have recently tapped into this > > > > market. The > > > > drop in Cisco gear pricing on the used market probably had a > > > > LOT to > > > > do with bringing down this barrier to entry. > > > > > > Well, the market for bootcamps is pretty darn good proof that > > it's > > > conclusive. Think of it logically - why would people be > > willing to > > > consistently cough up thousands of dollars for bootcamps if > > they don't > > > work? Either all these people are all stupidly throwing > > their money away, > > > or you have to concede that bootcamps are making the test > > easier. PT > > > Barnum said that while you can fool all the people some of > > the time and > > > some people all the time, you can't fool all the people all > > the time. If > > > bootcamps really had no value, it is likely that this would > > be common > > > knowledge by now. > > > > Well, it is not so much if it was "no value" or not. It is > > more so > > is it worth the time and effort for people to develop bootcamps > > as a > > market. Back in the 2 day lab, sure, but not as big, since > > there > > were so few candidates. Now that we got the 1 day lab and > > "more > > candidates" you can "sell more". I am saying it is possible > > that the > > rise of the bootcamps came from the clearly larger candidate > > pool > > since more candidates were allowed to take it. > > But that's really neither here nor there. At the end of the day, more > bootcamps = easier test. Why there are more bootcamps around today is > unimportant for purposes of this discussion. It doesn't matter why - so why > ask why. All that matters is are there more bootcamps. > > Now again, I would reiterate that I don't have a problem with bootcamps per > se. I see them as basically inevitable. But on the other hand, it does mean > that Cisco must make the exam even more difficult to compensate for the > effects of the bootcamps. > > > > > > I think learning new technology is kind of a mixed bag though. > > While > > yes, I do not see myself putting up BGP confederations and what > > not, > > you do get the ancient crowd who doesn't know what a VLAN is or > > isn't > > too interested in it since they have been deploying networks > > for 5 > > years, so they go with a monolithic flat network with daisy > > chained > > switches. Nevermind the subtle other issues that can come up > > with > > it, including ridiculously large broadcast domains which allow > > one > > rogue box to annihilate the entire network. > > > > So, where do you draw the line? In any event, I do not see the > > new > > technology issue to be a big deal. People have to get up to > > speed > > with the latest knobs of the new tech in any event, which goes > > back > > to the learning capacity. And like I said before, quite a few > > low > > numbered CCIEs have not touched a router for configuration or > > troubleshooting in years. > > Personally I think the best way to solve this problem is to force people to > recertify by taking the current lab exam again. No more of this BS where > guys can just take a written exam to recertify. You want to continue > calling yourself a CCIE? Then you should have no problem in passing the lab > again. Otherwise, we'll convert your status to 'retired CCIE' or CCIE > emeritus or something like. > > > > > > key operating word there is
RE: OT/Look at the requirements of this position!!!! [7:71052]
Most recruiters I've dealt with lately don't have a clue about qualifications. I recently found out that I wasn't considered for a postion because I supposedly didn't have a CCNA. I'm a CCNP and CCDP... I didn't even bother to explain to the recruiter how it works. I guess I should have listed CCNA in the cover letter. Jamie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71058&t=71052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Router 827 ADSL + PIX 506 configuration [7:71059]
I need help for configure a Cisco 827 ADSL with a PIX 506 I have 1 static IP + a /29 subnet Anybody who help me? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71059&t=71059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT/Look at the requirements of this position!!!! [7:71052]
My guess is they know how much you folks cost! -Original Message- From: Duy Nguyen To: [EMAIL PROTECTED] Sent: 6/21/2003 2:39 AM Subject: OT/Look at the requirements of this position [7:71052] "VPN and Cisco skills should be very strong and be accompanied by a CCNA (CCNP's will be considered, however, CCIE's or nearly qualified CCIE's will not be)." What is wrong with this statement? Is CCIE easier than CCNP? http://www.hotjobs.com/cgi-bin/job-show?TEMPLATE=/htdocs/job-show.html&J __PIN DEX=JRSVJ7DF3&P__SOURCE=HJC&P__SOURCE_SPECIFIC=HJC&BOLD_KEYWORDS=cisco&B OLD_O PENTAG=%3Cspan+class%3D%22bold-opentag%22%3E&BOLD_CLOSETAG=%3C%2Fspan%3E Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71060&t=71052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN & CCIE [7:70944]
""John Neiberger"" wrote in message news:[EMAIL PROTECTED] > We use ISDN for dial backup where DSL is not available and we need more > bandwidth than a standard modem connection would provide, which is a lot of > locations. It seems that there is a lot of ISDN out there and plenty of it > being ordered, but I might be mistaken. I'd love to get rid of it because > it has too many quirks. :-) just my two cents, but ISDN is one of the old and arguably obsolete technologies that still is quite relevant today. I prefer to sell RLAN ( ATM host and DSL spokes ) but when the customer requires relaibale backup, ISDN is always the choice. Happens a lot because although DSL is generally very reliable, when a link develops troube it still can take a long time for a telco to get around to fixing it. Sometimes over a week, in my experience. > > John > > >>> Duy Nguyen 6/20/03 2:32:04 PM >>> > I do believe, atm's and gas pumps uses ISDN. So it's still a need, when > its > in need, you gotta know it. > - Original Message - > From: "Carroll Kong" > To: > Sent: Friday, June 20, 2003 12:51 PM > Subject: Re: ISDN & CCIE [7:70944] > > > > Not sure, but I hope for a a little while longer. DSL, ISDN's new > > and improved cousin may be superior in quite a few number of ways, > > but sometimes you have NO other choice but to use ISDN to access some > > far off places. > > > > Maybe this is changing soon and they will phase it out, but ISDN > > still seems fairly important, for say PRI deployments. Cannot think > > off the top of my head why a PRI would be better than a T1... but > > some clients I know still have them. > > > > Not sure if ISDN falls off to the "old technology that should never > > be deployed nowadays" (at least BRIs, nevermind multichassis/multippp > > bonding for now). Seems like it still has applicability as not > > everywhere is that close to a CO, so I would keep up on learning > > about it. > > > > > Hi, > > > > > > I was wandering how long will be isdn part of the CCIE > > > exam. > > > > > > regards, > > > rooban > > > > > > = > > > cheers, > > > rooban > > > > > > > > > > > > > -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71061&t=70944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco exam 9E0-111 or 642-521 [7:71048]
Kailash- Your answers are best answered by contacting Cisco at the Certification and Training number (see website for number). As far as the question of which test to take, it's simple. If 9E0-111 expires Sept. 30, and you are still pursuing the Firewall Specialist cert, then you have to take whatever exam is available- it's that simple. If an exam is indicated to expire by X Date, that means it won't be offered after that date. The logical step (in my opinion) is to take the newest exam, so that you will have the most current exam on your record. This ensures that you will not be behind the curve on Cisco's certification track updates that may make a certain Cert Title obsolete/expire in a time table that you aren't satisfied with accepting. As far as test difficulty, that varies by test taker. If you are well experienced in the technology, then you'll obviously do well on the exam. If you are not so familiar with it, then you'll either pass by a slim margin, or you'll simply fail. My motto is: Don't take the exam until you really know the subject material like the back of your hand. Just my 2 cents. Hope your questions were answered satisfactorily. -Mark -Original Message- From: kailash pant [mailto:[EMAIL PROTECTED] Sent: Saturday, June 21, 2003 1:11 AM To: [EMAIL PROTECTED] Subject: Cisco exam 9E0-111 or 642-521 [7:71048] Dear All, I am planing to go for Cisco firewall exam, as of now two exams are available there 9E0-111 and 642-521 I am bit confused which one should I opt. other doubt I have is if I opt for exam 9E0-111, as per the site it will expire on 30 September but would it be valid for me to complete the security certification or I would have to go for the 642-521 again if I want to get the CISCO Firewal expert certificate after 30 September. Also I have the CSPFA 2.0 book how difficult it is to pass any of these exam by reading this book. I would also want to know which exam is good and more practical/realistic. Would you suggest any test exam for this (I am a CCNP certified) how difficult would it be to pass this for an average exprienced person. Thanks in advance for all your inputs. Ragrds Kailash __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71063&t=71048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RES: Problem w/ 802.1q trunking [7:70901]
Hi, 802.1q is supported by Cisco on FastEthernet and GigabitEthernet, and not on Ethernet. Check out: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca801.html#xtocid18 ISL is supported by Cisco on Ethernet, FastEthernet and GigabitEthernet. Hope this helps. Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71064&t=70901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about remote telnet and NAT [7:71054]
Can you paste your nat configuration? If not it should look something like this: int eth0 ip address 10.0.0.99 255.255.255.0 ip nat inside int ser0 ip address 217.19.23.175 255.255.255.0 ip nat outside ip nat inside source static 10.0.0.99 217.19.23.175 Then when you do a "show ip nat translations" you should see your static mapping. Cheers, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71065&t=71054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: connect a Modem/router/switch to a CAT 2924XL [7:70979]
Hi, I also suggest you pay close attention to the duplex and speed settings. It should autonegotiate according to 802.3 but I'm sure a lot of folks out there have a different story to sing about autonegotiation. Cheers, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71066&t=70979 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Background for new protocols (was Re: ISDN & CCIE) [7:71071]
At 5:35 PM + 6/21/03, The Road Goes Ever On wrote: >""John Neiberger"" wrote in message >news:[EMAIL PROTECTED] >> We use ISDN for dial backup where DSL is not available and we need more >> bandwidth than a standard modem connection would provide, which is a lot >of >> locations. It seems that there is a lot of ISDN out there and plenty of >it >> being ordered, but I might be mistaken. I'd love to get rid of it because >> it has too many quirks. :-) > > >just my two cents, but ISDN is one of the old and arguably obsolete >technologies that still is quite relevant today. I prefer to sell RLAN ( ATM >host and DSL spokes ) but when the customer requires relaibale backup, ISDN >is always the choice. Happens a lot because although DSL is generally very >reliable, when a link develops troube it still can take a long time for a >telco to get around to fixing it. Sometimes over a week, in my experience. > Another two cents, but I strongly recommend studying X.25 and ISDN simply for the background they give for other protocols. I don't think, for example, you really understand FR until you understand why and how that it was stripped down from X.25, and was also designed as a low-speed access protocol to ATM. Understanding Q.931 leads to better understanding of Q.931, and, especially if you also look at Q.932, helps you understand motivations for IP telephony protocols. I was developing some AVVID courseware and found it extremely useful to present the ISDN reference model that the students _thought_ they knew, and then started filling in the blanks that are usually skipped in pure data instruction -- such as an NT2 being the prototype for a PBX. Also usually skipped are anything going beyond (toward the carrier) the NT1. It turns out that the ISDN conceptual architecture has quite a number of interworking abstractions of what goes on in the "cloud", which again can help in understanding what IP telephony has to do. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71071&t=71071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT/Look at the requirements of this position!!!! [7:71052]
I'm not there yet, I just have a CCNP. I don't want to have the CCIE and be turned down because I know too much. - Original Message - From: "Wilmes, Rusty" To: Sent: Saturday, June 21, 2003 10:01 AM Subject: RE: OT/Look at the requirements of this position [7:71052] > My guess is they know how much you folks cost! > > -Original Message- > From: Duy Nguyen > To: [EMAIL PROTECTED] > Sent: 6/21/2003 2:39 AM > Subject: OT/Look at the requirements of this position [7:71052] > > "VPN and Cisco skills should be very strong and be accompanied by a CCNA > (CCNP's will be considered, however, CCIE's or nearly qualified CCIE's > will > not be)." What is wrong with this statement? Is CCIE easier than CCNP? > > http://www.hotjobs.com/cgi-bin/job-show?TEMPLATE=/htdocs/job-show.html&J > __PIN > DEX=JRSVJ7DF3&P__SOURCE=HJC&P__SOURCE_SPECIFIC=HJC&BOLD_KEYWORDS=cisco&B > OLD_O > PENTAG=%3Cspan+class%3D%22bold-opentag%22%3E&BOLD_CLOSETAG=%3C%2Fspan%3E Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71069&t=71052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: redistribute bgp to rip [7:70928]
Paul, Put "no synchronization" under your BGP router command and do your tests again. Come back if you still have problems because maybe I'm not understanding so well what you are trying to do. Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71070&t=70928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP on 1720 ? [7:70960]
Hi Zsombor, The last time I checked BGP was a routing protocol, that means there is an algorithm running that's calculating the best path to a destination. A bunch of information is advertised to you and your router needs to decide which routes to put in the routing table based on the information in the BGP tables. Have a look at: http://www.cisco.com/en/US/partner/tech/tk365/tk80/technologies_tech_n ote09186a0080094a83.shtml So of course you need a processor to do this. Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71068&t=70960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about remote telnet and NAT [7:71054]
My NAT is beiing arranged by my E-tech Modem/Router/Switch these are my NAT/Virtual server mapping: ID Public Port Private Port Port Type Host IP Address 1 23 23TCP 10.0.0.99 2 21 21TCP 10.0.0.3 3 21 21UDP 10.0.0.3 433893389 TCP 10.0.0.3 533893389 UDP 10.0.0.3 SO i dont really understand what you are saying with the ip nat inside commands. All i want is to telnet to my Access server on remote ...i want to use my ip address that i got from my ISP. The Ethernet port (with transceiver) 2511 is connected to my Cat2925XL Tah switch is conncted with a crosslink to the E-tech modem/router/switch And that is where i put my NAT on...and where i apply the port mappings. So you have a better point of view now? Thank You, Iwan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71072&t=71054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
bgp network & sending subnet and more specifics [7:71073]
Suppose I have a router which has a subnet x.x.x.0/24 defined on some interface. Over one iBGP session I'd like to advertise the x.x.x.0/24 subnet. Over another iBGP session, I'd like to advertise x.x.x.0/25 and x.x.x.128/25. When I config three network statements for these subnets in BGP, only the /24 seems to be sent to the one iBGP peer. If I define a static null route for each subnet (x.x.x.0/24, x.x.x.0/25, and x.x.x.128/25), all three routes are advetised. Is there a way to get the /24 and two /25s sent without the null route? In actuallity, the /24 will be learned via some IGP, so can't use the nulls and the IGP will only send the /24 and not the two /25s. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71073&t=71073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Transporting Multiple Vlans over point-to-point [7:71074]
Need to transport multiple Vlans over PoS. Any Thoughts? It is a short term need. It is necessary to move a server without changing its IP address from Vlan 300 to Vlan 200 and a server from Vlan 100 to Vlan 200. Vlan 100 (192.1.1.0) R1 --- R2 (192.2.2.0) Vlan 200 | | | | Vlan 300 (192.3.3.0) R3--- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71074&t=71074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Router 827 ADSL + PIX 506 configuration [7:71059]
Wow this is a bit wide wouldn't you say? Give some more detail and I'm sure somebody would help you... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71075&t=71059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP on 1720 ? [7:70960]
At 08:35 PM 6/21/2003 +, - jvd wrote: >Hi Zsombor, > >The last time I checked BGP was a routing protocol, that means there is an >algorithm running that's calculating the best path to a destination. A bunch >of information is advertised to you and your router needs to decide which >routes to put in the routing table based on the information in the BGP tables. > >So of course you need a processor to do this. No doubt about that. :) Holding the routes however doesn't require any processing. So I am thinking that the sheer number of routes impacts only the initial convergence time, when the BGP session comes up. This appears to be far less common than what comes after that, ie. calculating the effects of continuous routing updates. So the rate of incoming routing updates seems to be a more important parameter when trying to guesstimate the CPU utilization. Due to the nature of the best path calculation, probably the number of peers plays a role, too. I haven't seen these being mention in the discussion so far, and I was wondering if I am missing something here. I glanced through the document you referenced below, that also seems to talk about memory issues only. You haven't answered my question as to how you know that the 1720 is not fast enough but the 2691 is. Did you do any tests, or have you seen the 1720 fail in a live network due to too many BGP routes? Thanks, Zsombor >Have a look at: >http://www.cisco.com/en/US/partner/tech/tk365/tk80/technologies_tech_n >ote09186a0080094a83.shtml >So of course you need a processor to do this. > >Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71076&t=70960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple Default Routes [7:70914]
A course manual from BSCN dated July 2000 has a graphic showing static routes pointing to an interface having an AD of 0. The instructor stated that for 11.3 and 12.0 the AD would be one - the same as statics pointing to a next-hop ip address. I checked routers with 11.1, 11.3, 12.0, 12.1, and 12.2 and found the AD to be one for all. > -Original Message- > From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] > Sent: Friday, June 20, 2003 10:04 PM > To: [EMAIL PROTECTED] > Subject: RE: Multiple Default Routes [7:70914] > > > At 4:25 PM + 6/20/03, Lupi, Guy wrote: > >This may be different in some IOS version, but in every > version I have used > >static routes pointing to an interface maintain the static route > >administrative distance of one. (IP addresses removed to protect the > >innocent ;) > > Interface routes definitely did have an AD of zero in some older > releases, certainly in IOS 9 and 10, and maybe 11-something. > > Tony Li wrote the original code, and confirmed to me that the base > code would need a rewrite before you could vary the AD on interface > static routes. Apparently, this has taken place; he still worked for > Cisco when we had the exchange. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71077&t=70914 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP on 1720 ? [7:70960]
A team of us have been drafting IETF documents for a generalized approach to single-router BGP convergence. The terminology document is about to go to the RFC editor after some final text formatting. The methodology document has technically expired--the economy hit the team, but we should be getting back to work. I'll see about posting the drafts, probably at certificationzone.com. The bottom line is that a lot more factors go into even initial convergence than the number of routes, even simplifying to a single peer and no additional policy. Among other things, there will be variation based on the way a given implementation sends its updates (e.g., by order of prefix length, by order of IP address, randomly, etc.) and the particular prefix storage implementation of the receiving router. Another factor will be the number of prefixes packed into each update. Terminology draft: http://www.ietf.org/internet-drafts/draft-ietf-bmwg-conterm-04.txt At 1:08 AM + 6/22/03, Zsombor Papp wrote: >At 08:35 PM 6/21/2003 +, - jvd wrote: >>Hi Zsombor, >> >>The last time I checked BGP was a routing protocol, that means there is an >>algorithm running that's calculating the best path to a destination. A bunch >>of information is advertised to you and your router needs to decide which >>routes to put in the routing table based on the information in the BGP >tables. >> >>So of course you need a processor to do this. > >No doubt about that. :) Holding the routes however doesn't require any >processing. So I am thinking that the sheer number of routes impacts only >the initial convergence time, when the BGP session comes up. This appears >to be far less common than what comes after that, ie. calculating the >effects of continuous routing updates. So the rate of incoming routing >updates seems to be a more important parameter when trying to guesstimate >the CPU utilization. Due to the nature of the best path calculation, >probably the number of peers plays a role, too. I haven't seen these being >mention in the discussion so far, and I was wondering if I am missing >something here. Both the total number of peers and the rate of change at each peer affect convergence after changes. The number affects TCP performance, which is a processor hog. You also run into multiple cases of a change, such as: completely new route route withdrawn and existing less-preferred route now selected route withdrawn and new route learned from a different peer ..and so forth. When you start adding routing policies, the processor load can go up exponentially. > >I glanced through the document you referenced below, that also seems to >talk about memory issues only. > >You haven't answered my question as to how you know that the 1720 is not >fast enough but the 2691 is. Did you do any tests, or have you seen the >1720 fail in a live network due to too many BGP routes? > >Thanks, > >Zsombor > >>Have a look at: >>http://www.cisco.com/en/US/partner/tech/tk365/tk80/technologies_tech_n >>ote09186a0080094a83.shtml >>So of course you need a processor to do this. >> > >Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71078&t=70960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: bgp network & sending subnet and more specific [7:71073]
Sounds like you may want to disable synchronization to get your routes advertized... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71079&t=71073 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RES: Problem w/ 802.1q trunking [7:70901]
""- jvd"" wrote in message news:[EMAIL PROTECTED] > Hi, > > 802.1q is supported by Cisco on FastEthernet and GigabitEthernet, and not on > Ethernet. Check out: moving to a new computer, and can't locate the beginning of this thread. sorry if this was covered previously. the 2610 and 11 will support dot1q trunking on the built in 10baseT ethernet ports. I believe this startrd with one of the earlier 12.1 IOS images. I also have done dot1q trunking of NM ethernet modules, both on the 36xx and 26xx platforms, again with an appropriate IOS image. If it was router ports of which you were speaking. Can't say as to whether or not there are 10baseT switch ports that support dot1q, although I "believe" you can do it on 35xx switches where the fastethernet port is forced to a 10megabit speed. > http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca801.html#xtocid18 > > ISL is supported by Cisco on Ethernet, FastEthernet and GigabitEthernet. > > Hope this helps. > Regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71080&t=70901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: UplinkFast question [7:71045]
Grant, You are quite right - I think there is a mistake there; after all, the answer is just written by someone, and why can it not be wrong? See you soon - this is my last preparation day and I will e-mail you after to tell you how it went :) Mwalie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71081&t=71045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT: Training Companies [7:70986]
Havn't been to those companies. But I have been to one class with Global Knowledge and am getting ready to take another from them. It was fantastic. And my coworkers who took their class also had a very good experience. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71083&t=70986 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
