Re: avoid multicast storming on catalyst fe [7:71820]
Zsombor Papp wrote in message news:[EMAIL PROTECTED] At 09:12 PM 7/3/2003 +, Rajesh Kumar wrote: How about configuring a storm control for multicast which will avoid these problems? I think she tried it (see config at the end) and it didn't work. I also think btw that storm control is an inbound feature so it's probably not what's needed here. I briefly looked at the documentation and my impression is that 'switchport block multicast' is the command that would solve exactly this problem (ie. preventing mcast packets to be sent). However she seems to have tried that, too, so I am not sure what to say. If nothing else helps, then configuring the 3550 as a router might be an option. But I am really curious why blocking didn't do the trick. who knows what bugs may lie hidden in the IOS? ;- if all else fails, why not block the source address via an access-list? or throw some rtate-limiting into the mix? guess I should break outr my docs atnd ponder a while as well. Thanks, Zsombor -rajesh TP wrote: Dear Group, I need help about multiscast. This is a simple topology... I've to test some video streamer devices so I must generate multicast traffic. All video devices are connected to a catalyst 3550xl. We can reach the office LAN through the same catalyst, in particular from/by fastethernet0/1. I must avoid that multicast traffic genereted locally floods the LAN creating excessive traffic. Can I achieve this? This is the configuration runnig...it doesn't work. I mean when I generate multicast traffic it crosses fe0/1 and reachs the rest of the LAN degrading network performance. Any help will be appreciated. Thank you. Teresa interface FastEthernet0/1 switchport protected switchport block multicast no ip address storm-control multicast level 20.00 System image file is flash:c3550-i9q3l2-mz.121-11.EA1/c3550-i9q3l2-mz.121-11.EA 1.bin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71880t=71820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PGP Key [7:71873]
-Original Message- From: CiscoNewbie [mailto:[EMAIL PROTECTED] Sent: 04 July 2003 03:49 To: [EMAIL PROTECTED] Subject: PGP Key [7:71873] Hello again. I was curious if someone on this list could explain to me what is a PGP key? Sometimes I see emails with some sort of PGP key at the buttom and have no clue what its purpose is. What is its intended use for? How can I get one? Is it free? How to use it? Thanks kindly! __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71881t=71873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Secure event messages [7:71883]
Hi, Running Cisco secure 2.6(4) on NT 4.0 SP6a came into work this morning and no go on logging into our cisco routers. got the following eventlogs on cisco secure server The description for Event ID ( 7024 ) in Source ( Service Control Manager ) could not be found. It contains the following insertion string(s): CSTacacs, 1066. The description for Event ID ( 7000 ) in Source ( Service Control Manager ) could not be found. It contains the following insertion string(s): CSTacacs, %%1450. Then my tacas services are stopped followed by information that my server is running low on virtual memory and needs to be restarted. Have restarted and all ok now. Anyone has any ideas what could cause this? thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71883t=71883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quoting in Replies [7:71366]
Oh dear, first I'm threatened with an attorney and now The Howard has threatened me with Deanna's mom. It is indeed time to cease and desist. I'll be good now. Worf the Contrite Howard C. Berkowitz wrote: Need I have Lxwana talk to both of you? At 11:57 PM + 7/2/03, Tom Lisa wrote: Puny Marvin, It is appropriate that you ended you last sentence with I'm afraid. You should be afraid, very afraid!!! I have the new and improved, ultra special, galaxy class disrupter. I say pshaw to your lowly Q-36. This will be my last statement on this as I must return to annihilating useless redundant posts on the associate list! HAHAHAHAHA No regards, Worf the Merciless Moderator John Neiberger wrote: Worf the Moderator dares challenge Marvin the Moderator?? My Illudium Q-36 Explosive Space Modulator can easily disrupt your puny Klingon Disrupter Ray! Your threat forces me to take drastic action and I'm going to have to blow up your entire planet, I'm afraid. Kind regards, Marvin Tom Lisa 7/2/03 12:56:58 AM Stop this thread immediately or I will be forced to annihilate all of you with my Anti-Proton Sub-Space Internet Disrupter Ray! Worf Wilmes, Rusty wrote: According article 4 section 10 subsect ym, of the Charter Of Interspatially Recognized Internet Keyword Search Lookup People, use of illudium, in either a peaceful or dastardly fasion, is punishable by Death Ray. Ming The Merciless -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2003 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Quoting in Replies [7:71366] Cosmic ray machines are a violation of the GroupStudy TOS. Please discontinue the use of such devices. Failure to comply will result in retaliation with an Illudium Q-36 Explosive Space Modulator. Your compliance is appreciated, Marvin David Cooper 7/1/03 4:30:09 PM On Tuesday 01 July 2003 15:29, Jamie Johnson wrote: Cool! My cosmic ray machine must be working. Better put on your tinfoil hats. From: Recent escapee from the ex-dot.commer insane asylum John Neiberger wrote: - jvd 7/1/03 12:32:02 PM Hi my Quote button disappeared! No serious, there used to be a quote button next to my Post button but now it's gone. I refreshed the page as well and still nothing. Maybe the cosmic rays hit my PC's memory, corrupted it and deleted my Quote button :-) No serious, is anybody else also having this problem? That's rather odd. What browser are you using? Could that be considered a Denial of Service attack? [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71882t=71366 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: avoid multicast storming on catalyst fe [7:71820]
Thank you at all for your support. Just few comments (sorry for delay but when you are working I'm sleeping ;)). - I can not configure the 3550 as router. I can not change IP and subnet for many reasons. - I can not configure VLAN, I've no chance to configure here inter vlan routing - I've bought 3550 because of IGMP snooping...but It seems that it does not work Maybe access-list or something based on mac control can help us to avoid that our tests based on multicast traffic floods on all the LAN. I can configure the multicast address (so I can know the multicast layer 2 mac). Wich is the configuration (if any) I've to set on fastethernet 0/1 in order to avoid that the specific multicast mac go out from this port? Anybody knows why switchport block multicast doesn't take any effect? Thank you again and have a nice week end. Teresa - Original Message - From: Priscilla Oppenheimer To: [EMAIL PROTECTED] Sent: Friday, July 04, 2003 5:35 AM Subject: RE: avoid multicast storming on catalyst fe [7:71820] Couldn't you use a VLAN? Maybe that's too much work since you're just testing though But VLANs divide broadcast/multicast domains... Priscilla TP wrote: Dear Group, I need help about multiscast. This is a simple topology... I've to test some video streamer devices so I must generate multicast traffic. All video devices are connected to a catalyst 3550xl. We can reach the office LAN through the same catalyst, in particular from/by fastethernet0/1. I must avoid that multicast traffic genereted locally floods the LAN creating excessive traffic. Can I achieve this? This is the configuration runnig...it doesn't work. I mean when I generate multicast traffic it crosses fe0/1 and reachs the rest of the LAN degrading network performance. Any help will be appreciated. Thank you. Teresa interface FastEthernet0/1 switchport protected switchport block multicast no ip address storm-control multicast level 20.00 System image file is flash:c3550-i9q3l2-mz.121-11.EA1/c3550-i9q3l2-mz.121-11.EA 1.bin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71884t=71820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Information Systems Security Professional Cert [7:71885]
Hi all, I just received an email from Cisco regarding this cert that I have apparently qualified for. Does anyone have any information around this? From what I can see from the exam tracking system, my CSS1 exams qualified me for this. Regards Andrew Larkins BCom, CCNP, CCDP, CSS1 Bytes Technology Networks A Division of Bytes Technology Group : Registration No: 1911/003874/06 A Member of the Altron Group P O Box 748, Rivonia, 2128 3 Eglin Rd, The Crescent, Sunninghill, South Africa Tel : +27 11 800 9336 Fax : +27 11 800 9496 Mobile : +27 83 656 7214 Email: [EMAIL PROTECTED] [EMAIL PROTECTED] DISCLAIMER: This e-mail and its attachments may contain information that is confidential and that may be subject to legal privilege and copyright. If you are not the intended recipient you may not peruse, use, disclose, distribute, copy or retain this message. If you have received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and return and thereafter destroy the original message. Please note that e-mails are subject to viruses, data corruption, delay, interception and unauthorised amendment, and that the sender does not accept liability for any damages that may be incurred as a result of communication by e-mail. No employee or intermediary is authorised to conclude a binding agreement on behalf of the sender by e-mail without express written confirmation by a duly authorised representative of the sender. By transmitting this e-mail message over the Internet the sender does not intend to allow the contents hereof to become part of the public domain, and the confidential nature of the contents shall not be altered or diminished from by such transmission. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71885t=71885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP newbie [7:71868]
If you must do one quickly, start with Remote Access. With your CCNA, you can do the Remote Access exam without much difficulty (the old version). Use Cisco Press...Cisco Remote Access Exam Certification Guide. It should take you about 1 month to get it doneyou can even prepare for the old Switching exam should you like. I would like to get the Switching because its a strong issue in the company I work for. You think it's possible to study for it until the dead-line? The new exams seem to be much broader in terms of course content, and Cisco Press is the way to go. The plan will continue to evolve; it is fun studying to become CCNP (I think) and with your attitude, you will enjoy it. Yep. The main purpose is to get the CCIE. I was suggested to get the CCNP before 'cause it's the best way to get really prepared to the Big Test. Isamar Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71886t=71868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ntp not sync with server [7:71887]
Hi, I've got a prob with ntp. The ntp is configured but the command ntp clock-period . didn't appear when doing show running command. I've tried reload, disable/enable the ntp but never work. I saw the offset value is very high compare with the normal one. What is the cause to make it high like this? Please help. pbi_vgw_003#sh run | be ntp ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_003#sh ntp as address ref clock st when poll reach delay offsetdisp ~203.113.94.20203.113.94.1 257640 1.12699.9 16000. ~203.113.94.19203.113.94.1 242640 1.0833.67 16000. * master (synced), # master (unsynced), + selected, - candidate, ~configured The another device is on the same subnet never get a problem pbi_vgw_001#sh run | be ntp ntp clock-period 17179504 ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_001#sh ntp as address ref clockst when poll reach delay offsetdisp *~203.113.94.20203.113.94.1 2 281 1024 377 1.11.28 0.3 +~203.113.94.19203.113.94.1 2 259 1024 377 1.16.81 0.4 * master (synced), # master (unsynced), + selected, - candidate, ~configured Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71887t=71887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PGP Key [7:71873]
Hello again. I was curious if someone on this list could explain to me what is a PGP key? Sometimes I see emails with some sort of PGP key at the buttom and have no clue what its purpose is. What is its intended use for? How can I get one? Is it free? How to use it? Thanks kindly! Pretty Good Privacy (PGP) is a popular program used to encrypt and decrypt e-mail over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender's identity and know that the message was not changed en route. Available both as freeware and in a low-cost commercial version, PGP is the most widely used privacy-ensuring program by individuals and is also used by many corporations. Developed by Philip R. Zimmermann in 1991, PGP has become a de facto standard for e-mail security. PGP can also be used to encrypt files being stored so that they are unreadable by other users or intruders. How It Works PGP uses a variation of the public key system. In this system, each user has a publicly known encryption key and a private key known only to that user. You encrypt a message you send to someone else using their public key. When they receive it, they decrypt it using their private key. Since encrypting an entire message can be time-consuming, PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the receiver who first uses the receiver's private key to decrypt the short key and then uses that key to decrypt the message. PGP comes in two public key versions - Rivest-Shamir-Adleman (RSA) and Diffie-Hellman. The RSA version, for which PGP must pay a license fee to RSA, uses the IDEA algorithm to generate a short key for the entire message and RSA to encrypt the short key. The Diffie-Hellman version uses the CAST algorithm for the short key to encrypt the message and the Diffie-Hellman algorithm to encrypt the short key. For sending digital signatures, PGP uses an efficient algorithm that generates a hash (or mathematical summary) from the user's name and other signature information. This hash code is then encrypted with the sender's private key. The receiver uses the sender's public key to decrypt the hash code. If it matches the hash code sent as the digital signature for the message, then the receiver is sure that the message has arrived securely from the stated sender. PGP's RSA version uses the MD5 algorithm to generate the hash code. PGP's Diffie-Hellman version uses the SHA-1 algorithm to generate the hash code. To use PGP, you download or purchase it and install it on your computer system. Typically, it contains a user interface that works with your customary e-mail program. You also need to register the public key that your PGP program gives you with a PGP public-key server so that people you exchange messages with will be able to find your public key. Network Associates maintains an LDAP/HTTP public key server that has 300,000 registered public keys. This server has mirror sites around the world. Where Can You Use PGP? Originally, the U.S. government restricted the exportation of PGP technology. Today, however, PGP encrypted e-mail can be exchanged with users outside the U.S if you have the correct versions of PGP at both ends. Unlike most other encryption products, the international version is just as secure as the domestic version. The freely available PGP cannot legally be used for commercial purposes - for that, one must obtain the commercial version from Network Associates (formerly PGP, Inc.). There are several versions of PGP in use. Add-ons can be purchased that allow backwards compatibility for newer RSA versions with older versions. However, the Diffie-Hellman and RSA versions of PGP do not work with each other since they use different algorithms. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71889t=71873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ntp not sync with server [7:71887]
Hi, Are you sure pbi_vgw_003 can reach your ntp servers? Are you sure? As you can see from the show ntp pbi_vgw_001 is sync.ed to the ntp server. Also keep in mind that the sync. can take a while. I once configured NTP on an Alcatel Omniswitch-Router and the sync. took 5 min. Regards, Jans Pichit Ruangroj wrote: Hi, I've got a prob with ntp. The ntp is configured but the command ntp clock-period . didn't appear when doing show running command. I've tried reload, disable/enable the ntp but never work. I saw the offset value is very high compare with the normal one. What is the cause to make it high like this? Please help. pbi_vgw_003#sh run | be ntp ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_003#sh ntp as address ref clock st when poll reach delay offsetdisp ~203.113.94.20203.113.94.1 257640 1.12699.9 16000. ~203.113.94.19203.113.94.1 242640 1.0833.67 16000. * master (synced), # master (unsynced), + selected, - candidate, ~configured The another device is on the same subnet never get a problem pbi_vgw_001#sh run | be ntp ntp clock-period 17179504 ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_001#sh ntp as address ref clockst when poll reach delay offsetdisp *~203.113.94.20203.113.94.1 2 281 1024 377 1.11.28 0.3 +~203.113.94.19203.113.94.1 2 259 1024 377 1.16.81 0.4 * master (synced), # master (unsynced), + selected, - candidate, ~configured Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71888t=71887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problem [7:71890]
Hi all I have a cisco 3600 and I am facing an unknown problem maybe it is stupuid but realy i don't know I have a pretty much common configuration 2 valid IP addresses on both interfaces. one of them are my network the other interface is linked to another router interface when I trie to ping the outside from the router's consol I have a response but when I try to ping from a machine in my network and don't have any reply. I used static route as in ip route 0.0.0.0 255.255.255.255 xxx.xxx.xxx.xxx where is xxx.xxx.xxx.xxx is the other router interface I disabled ip routing no ip routing Can Anyone please help me if a missed anything THANX a lot Elias _ Trouvez l'bme soeur sur MSN Rencontres ! http://g.msn.fr/FR1000/9551 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71890t=71890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem [7:71890]
Hi What you did when you typed no ip routing was to effectively change your router into an IP host. You must enable ip routing with ip routing and then add your static route. Test again and come back for help if it doensn't work. One advantage of disabling IP routing and effectively turning your router into a host is because you can then use all the nice debug functionalities like debug ip packet, as though your router was a host. Regards, Jans Projet AIM wrote: Hi all I have a cisco 3600 and I am facing an unknown problem maybe it is stupuid but realy i don't know I have a pretty much common configuration 2 valid IP addresses on both interfaces. one of them are my network the other interface is linked to another router interface when I trie to ping the outside from the router's consol I have a response but when I try to ping from a machine in my network and don't have any reply. I used static route as in ip route 0.0.0.0 255.255.255.255 xxx.xxx.xxx.xxx where is xxx.xxx.xxx.xxx is the other router interface I disabled ip routing no ip routing Can Anyone please help me if a missed anything THANX a lot Elias _ Trouvez l'bme soeur sur MSN Rencontres ! http://g.msn.fr/FR1000/9551 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71891t=71890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ntp not sync with server [7:71887]
Hello. What's the ios version (some defaults do not show in the config on some versions)? Also, if you do a show time is it accurate? Also, if you do a debug ntp packet does you router and time server exchange packets? The ntp clock period not showing may not be important. Mitch - Original Message - From: Pichit Ruangroj To: Sent: Friday, July 04, 2003 6:18 AM Subject: ntp not sync with server [7:71887] Hi, I've got a prob with ntp. The ntp is configured but the command ntp clock-period . didn't appear when doing show running command. I've tried reload, disable/enable the ntp but never work. I saw the offset value is very high compare with the normal one. What is the cause to make it high like this? Please help. pbi_vgw_003#sh run | be ntp ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_003#sh ntp as address ref clock st when poll reach delay offsetdisp ~203.113.94.20203.113.94.1 257640 1.12699.9 16000. ~203.113.94.19203.113.94.1 242640 1.0833.67 16000. * master (synced), # master (unsynced), + selected, - candidate, ~configured The another device is on the same subnet never get a problem pbi_vgw_001#sh run | be ntp ntp clock-period 17179504 ntp update-calendar ntp server 203.113.94.20 ntp server 203.113.94.19 pbi_vgw_001#sh ntp as address ref clockst when poll reach delay offsetdisp *~203.113.94.20203.113.94.1 2 281 1024 377 1.11.28 0.3 +~203.113.94.19203.113.94.1 2 259 1024 377 1.16.81 0.4 * master (synced), # master (unsynced), + selected, - candidate, ~configured Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71892t=71887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem [7:71890]
Hi again I am pretty much thanksfull for your explanantion I have tried what you have suggested and still it doesn't work The thing is I am convainced that I am missing something but can't find out what Thanx again and any help is appreciated Elias From: Jans van Deventer Reply-To: Jans van Deventer To: [EMAIL PROTECTED] Subject: Re: Problem [7:71890] Date: Fri, 4 Jul 2003 14:25:41 GMT Hi What you did when you typed no ip routing was to effectively change your router into an IP host. You must enable ip routing with ip routing and then add your static route. Test again and come back for help if it doensn't work. One advantage of disabling IP routing and effectively turning your router into a host is because you can then use all the nice debug functionalities like debug ip packet, as though your router was a host. Regards, Jans Projet AIM wrote: Hi all I have a cisco 3600 and I am facing an unknown problem maybe it is stupuid but realy i don't know I have a pretty much common configuration 2 valid IP addresses on both interfaces. one of them are my network the other interface is linked to another router interface when I trie to ping the outside from the router's consol I have a response but when I try to ping from a machine in my network and don't have any reply. I used static route as in ip route 0.0.0.0 255.255.255.255 xxx.xxx.xxx.xxx where is xxx.xxx.xxx.xxx is the other router interface I disabled ip routing no ip routing Can Anyone please help me if a missed anything THANX a lot Elias _ Trouvez l'bme soeur sur MSN Rencontres ! http://g.msn.fr/FR1000/9551 _ Dicouvrez les nouvelles imotictnes animies de http://g.msn.fr/FR1001/866 MSN Messenger nouvelle formule Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71893t=71890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem [7:71890]
Probably the outside world doesn't know about your network that's behind the 3600. The ping reply needs to come back somehow. Thanks, Zsombor At 04:32 PM 7/4/2003 +, Projet AIM wrote: Hi again I am pretty much thanksfull for your explanantion I have tried what you have suggested and still it doesn't work The thing is I am convainced that I am missing something but can't find out what Thanx again and any help is appreciated Elias From: Jans van Deventer Reply-To: Jans van Deventer To: [EMAIL PROTECTED] Subject: Re: Problem [7:71890] Date: Fri, 4 Jul 2003 14:25:41 GMT Hi What you did when you typed no ip routing was to effectively change your router into an IP host. You must enable ip routing with ip routing and then add your static route. Test again and come back for help if it doensn't work. One advantage of disabling IP routing and effectively turning your router into a host is because you can then use all the nice debug functionalities like debug ip packet, as though your router was a host. Regards, Jans Projet AIM wrote: Hi all I have a cisco 3600 and I am facing an unknown problem maybe it is stupuid but realy i don't know I have a pretty much common configuration 2 valid IP addresses on both interfaces. one of them are my network the other interface is linked to another router interface when I trie to ping the outside from the router's consol I have a response but when I try to ping from a machine in my network and don't have any reply. I used static route as in ip route 0.0.0.0 255.255.255.255 xxx.xxx.xxx.xxx where is xxx.xxx.xxx.xxx is the other router interface I disabled ip routing no ip routing Can Anyone please help me if a missed anything THANX a lot Elias _ Trouvez l'bme soeur sur MSN Rencontres ! http://g.msn.fr/FR1000/9551 _ Dicouvrez les nouvelles imotictnes animies de http://g.msn.fr/FR1001/866 MSN Messenger nouvelle formule Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71897t=71890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP Recert - Interesting [7:71857]
the CCDP if I have just completed the CCNP recert exam? or do i have to do the CCDP recert exam to recert CCDP? When I look at the CCDP page on CCO http://www.cisco.com/en/US/learning/le3/le2/le37/le5/learning_certification_type_home.html I see changes. First, CCDP requires CCNA and CCDA plus only 3 exams: BSCI, Switching/BCMSN Beta, and CID (no Remote Access exam). The recert exam, 640-529, states: CCDP certifications are valid for three years. (Recertifying at the Professional level automatically renews the related CCDA certification.) When you follow the link for this exam, you may note that it takes material from 3 CCNP exams (Routing, switching, and Remote Access) and the CID. The CCNP recert, on the other hand, draws from all 4 CCNP exams. I would email Cisco certification and get an official answer. They could go either way, given what's in the CCNP recertification exam. Annlee Mwalie W wrote in message news:[EMAIL PROTECTED] Hi, I think you will have to do the CCDP recert exam :) What does the CCDP certification requirement state? Tricky here; I think if you do the CID exam, it will just be an isolated test - but confirm at the Cisco site. Good Luck. Mwalie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71896t=71857 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem [7:71890]
Probably the outside world doesn't know about your network that's behind the 3600. The ping reply needs to come back somehow. And/or the host behind the 3600 doesn't know that the 3600 is the gateway. Thanks, Zsombor At 04:32 PM 7/4/2003 +, Projet AIM wrote: Hi again I am pretty much thanksfull for your explanantion I have tried what you have suggested and still it doesn't work The thing is I am convainced that I am missing something but can't find out what Thanx again and any help is appreciated Elias From: Jans van Deventer Reply-To: Jans van Deventer To: [EMAIL PROTECTED] Subject: Re: Problem [7:71890] Date: Fri, 4 Jul 2003 14:25:41 GMT Hi What you did when you typed no ip routing was to effectively change your router into an IP host. You must enable ip routing with ip routing and then add your static route. Test again and come back for help if it doensn't work. One advantage of disabling IP routing and effectively turning your router into a host is because you can then use all the nice debug functionalities like debug ip packet, as though your router was a host. Regards, Jans Projet AIM wrote: Hi all I have a cisco 3600 and I am facing an unknown problem maybe it is stupuid but realy i don't know I have a pretty much common configuration 2 valid IP addresses on both interfaces. one of them are my network the other interface is linked to another router interface when I trie to ping the outside from the router's consol I have a response but when I try to ping from a machine in my network and don't have any reply. I used static route as in ip route 0.0.0.0 255.255.255.255 xxx.xxx.xxx.xxx where is xxx.xxx.xxx.xxx is the other router interface I disabled ip routing no ip routing Can Anyone please help me if a missed anything THANX a lot Elias _ Trouvez l'bme soeur sur MSN Rencontres ! http://g.msn.fr/FR1000/9551 _ Dicouvrez les nouvelles imotictnes animies de http://g.msn.fr/FR1001/866 MSN Messenger nouvelle formule Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71899t=71890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multimedia/Voice over VSAT [7:71706]
Hi All, Well, we all know that due to technology advancements, today the IPLCs (or read leased line circuits) are a lot cheaper so there is not real need to transport voice or video on Satellite links, but then the satellite links do have much more uptime guaranties, so enterprises do consider satellite for backup options. Now I have seen many implementations of voice on satellite media, and if you can do away with the basic apprehensions about time delay, voice quality is just fine on satellite too. I mean you can manually inject a satellite kind of delay (550+ msecs) on any end-to-end fiber implementations and the voice quality will be more or less same. So if we are really running voice on satellite medium, we should do all possible things to ensure that the voice has its own share of bandwidth so that it does not suffer due to the non-availability of bandwidth. HTH Vikram -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 02, 2003 10:54 PM To: [EMAIL PROTECTED] Subject: RE: Multimedia/Voice over VSAT [7:71706] Jans van Deventer wrote: On routers, the few nanoseconds saved by outputting voice first are irrelvant compared to the hundreds of milliseconds to reach the satellite. Yes maybe, but won't you run into trouble with jitter? A small variation in delay (jitter) when the delay is huge anyway might not matter? And then also I think that if you don't have some kind of prioritization/fragmentation to take care of big data packets you can also have a problem with smaller sized voice packets. I'm thinking here in the line of FRF.12 (fragmentation for voice on frame-relay networks). I don't know what's a similar technique for satellite networks... Back to my bus station analogy. You're now talking about letting the San Francisco bus go ahead of the train to Philadelphia to save a few minutes, when it takes days to get to San Francisco anyway. It's a good question really. Is it worth it to do link fragementation and special queuing to improve voice and video on a satellite link? I think he said the relevant direction is a 1 Mbps link. Anyone want to comment on this? Please. PPP has fragmentation and interleaving, so he could use that on the satellite link. PS. Nice to see fellow SAfricans on the forum. I thought you were from Brazil?! Now I am curious! :-) I'm posting from sunny Brazil, that's right! I met a Brazlian girl in SA and made the big decision to move to Brazil, learn a new language, and the rest is history. Sounds exotic! One great thing about this list is the ability to communicate with people all over the world. It's great to have you here. Regards, Priscilla Kind regards, Jans Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71895t=71706 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Support Exam Study Suggestions [7:71898]
I have three exam guides to study from for the Support Exam: Cisco Press CIT Book Cisco Press CCNP Support Exam Guide Sybex CCNP Support Exam Guide For anyone who've read these guides, which one do you feel would give me the best foundation for the Support Exam( I would like to use only one book)? Also, what kind of lab exercises would be suggested for preparation for test? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71898t=71898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Query on MGX8850 [7:71702]
Hi Diva, I feel I need some more information on this.. 1. Are all 4 nodes part of the same network, i.e., are the India and UK end nodes back connected? 2. Are they having just 1 IPLC each? 3. If they are having more than 1 IPLC, are you running PNNI or some other routing protocol on them, or have you done some static mapping? 4. Do you mean to say that you have 2 routers running HSRP and they are attached to different FRSMs on FR? And then on in case of one IPLC going down you want the traffic to route through the other IPLC? On the last point, as per me it would be better to connect your MGX nodes to each other locally at both the locations and then by running PNNI end-to-end you can route your traffic in case of IPLC failures, and more so if both the nodes are sitting close by. For your traffic routing you can rely upon on some IP routing features. HTH Vikram -Original Message- From: Divakaran Ullampuzhamana [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 02, 2003 11:10 AM To: [EMAIL PROTECTED] Subject: RE: Query on MGX8850 [7:71702] Hi, Let me expalain my network now. I have two MGX8850s in India on to which one IPLC each are getting connected to the PXm1-e1 card.The other end of the IPLC s are connected similarly to two MGX8850s in UK. We have a FRSM card on each of the MGXs .We have 4 cisco 3745 routers connected using a pair of DTE and DCE cables. The serial interface is configured for framerelay.I have not created any subinterfaces on the serial interface for framelrelay. The routers are configured with HSRP. I would like the HSRP to track the changes in the status of the IPLC and switch over the HSRP active router. Right now, when the IPLc goes down, the FRSM card still shows up and the router serial interfaces shows line protocol up.Thus HSRP , which is tracking the serial interface still assumes that the link is up and hence will not change the state. My objective is :--- The serial interface connected to the FRSM on the MGX should be able to know when the IPLC connected to PXM1-e1 goes down.And the HSRp which is tracking the serial interface should change the state . Thanks and Regards Diva- +91-80-98451 41676 Vikram JeetSingh To: [EMAIL PROTECTED] Subject: RE: Query on MGX8850 [7:71702] Sent by: [EMAIL PROTECTED] .com 01/07/2003 18:45 Please respond to Vikram JeetSingh HI Diva, I think your query is more towards the FR interfaces than the MGX nodes. As per me, as soon the IPLC or the trunk link on the MGX goes down, it will also make the FR connection down, and same will be reflected on the PVC status in router also. So that should serve your purpose, but then what is your interface configuration, are you using sub-interface or the PVC is configured on to the main interface itself. Let us know about your core objective and some more information, and then may be things take some new turn. HTH Vikram -Original Message- From: Divakaran Ullampuzhamana [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2003 1:27 PM To: [EMAIL PROTECTED] Subject: Query on MGX8850 [7:71702] Hi, We have two MGX 8850s to which one IPLC each are connected. The MGX8850 also has a FRSM-HS2 card using which a router is connected to each of the MGX8850s. How do we let the router's serial interface know that the IPLC is down? As of now , even if the IPLC is down, the serial interface show line protocol up. IS there any way by which we can let the Router's serial interface know that the IPLC connected to the MGX8850 is down? Thanks and Regards Diva- +91-98451 41676 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71894t=71702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Privilege Level Commands [7:71657]
I don't have any links but I've setup several cases where different users have different privileges. Using either local authentication or a tacacs server or device such as Cisco ACS. Let me know if you still need more info. I can send some config examples. Thanks, Ian www.ccie4u.com Rack Rentals and Lab Scenarios starting at $20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, June 30, 2003 5:11 PM To: [EMAIL PROTECTED] Subject: Priviledge Level Commands [7:71657] Hello! I cant seem to find a good source/document/sample configuration that talks about setting priviledge level commands. I would like some suggestions as to what type of priviledges to assign certain users (i.e view only, troubleshooting, superuser, etc.) and what commands are associated with those priviledges. Thanks. Mario Puras SoluNet Technical Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71910t=71657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Training [7:71809]
Hi, Any one ever been to one of these 5 day training places for various CCNP exams ? Are they any good, or am I just better of reading the book again and working on the labs with my own gear (yes I have quite a few routers here, but never the time) I am on my quest for CCNP then on to CCIE, however between work and being a dad, I just never get the time any more Thanks for your feedback ** This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71909t=71809 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quoting in Replies [7:71366]
Need I have Lxwana talk to both of you? At 11:57 PM + 7/2/03, Tom Lisa wrote: Puny Marvin, It is appropriate that you ended you last sentence with I'm afraid. You should be afraid, very afraid!!! I have the new and improved, ultra special, galaxy class disrupter. I say pshaw to your lowly Q-36. This will be my last statement on this as I must return to annihilating useless redundant posts on the associate list! HAHAHAHAHA No regards, Worf the Merciless Moderator John Neiberger wrote: Worf the Moderator dares challenge Marvin the Moderator?? My Illudium Q-36 Explosive Space Modulator can easily disrupt your puny Klingon Disrupter Ray! Your threat forces me to take drastic action and I'm going to have to blow up your entire planet, I'm afraid. Kind regards, Marvin Tom Lisa 7/2/03 12:56:58 AM Stop this thread immediately or I will be forced to annihilate all of you with my Anti-Proton Sub-Space Internet Disrupter Ray! Worf Wilmes, Rusty wrote: According article 4 section 10 subsect ym, of the Charter Of Interspatially Recognized Internet Keyword Search Lookup People, use of illudium, in either a peaceful or dastardly fasion, is punishable by Death Ray. Ming The Merciless -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2003 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Quoting in Replies [7:71366] Cosmic ray machines are a violation of the GroupStudy TOS. Please discontinue the use of such devices. Failure to comply will result in retaliation with an Illudium Q-36 Explosive Space Modulator. Your compliance is appreciated, Marvin David Cooper 7/1/03 4:30:09 PM On Tuesday 01 July 2003 15:29, Jamie Johnson wrote: Cool! My cosmic ray machine must be working. Better put on your tinfoil hats. From: Recent escapee from the ex-dot.commer insane asylum John Neiberger wrote: - jvd 7/1/03 12:32:02 PM Hi my Quote button disappeared! No serious, there used to be a quote button next to my Post button but now it's gone. I refreshed the page as well and still nothing. Maybe the cosmic rays hit my PC's memory, corrupted it and deleted my Quote button :-) No serious, is anybody else also having this problem? That's rather odd. What browser are you using? Could that be considered a Denial of Service attack? [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71904t=71366 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: router simulation on ccnp recertification [7:71765]
I had similar experiences with the router simulator for my CCNP/CCDP recertifications. I don't think it is ready for prime time. However after taking the exam a few times I got used to its quirks. Quirks, however shouldn't be part of an exam. Kevin Wigle - Original Message - From: Reza To: Sent: Wednesday, July 02, 2003 12:34 PM Subject: Re: router simulation on ccnp recertification [7:71765] DJ, I had the same problem last Sunday when I took the CCNP recert. I got 715 out of 732 The simulation writing was so small that I could not even see it plus all the scroll down and up finally I gave up after 5 minutes and just clicked next because I was so frustrated. The question itself was so long by the time I got to the last line I forgot what the question was about and the bad part it that I new exactly how to do the configs but I was already running out of time 120 question with 120 minutes that is only 1 minute per question. when I got the second simulation I had the same issue and I just clicked next because I had spent so much time on the first one. So, do not feel bad I am in the same situation my NP expires in August I will take it aging in two weeks Keep in touch. Thanks Reza Dimitrije wrote in message news:[EMAIL PROTECTED] Not in a good mood because I got a 703 on this test today (732 passing). Hopefully, a little more review will get me over the hump. However, I did have a frustrating experience with one of the new router simulation questions - I wonder if anyone had a similar experience. I'll keep it general as to not disclose specific question contents. The problem was to configure serial 0/0 on the router thru the console port: Routerenable password: cisco Router#config t Router(config)#interface serial 0/0 ^ % Invalid input detected at '^' marker. Router(config)# I tried literally about two-dozen permutations abbreviations of the above command and the simulator would never let me into interface config mode. I even used help and tab and ?. I verified that I was in privileged mode and config mode. I even checked if I was connected to the correct router. I either did something blatantly wrong (which I guess is possible), or the simulator went wack-o on me (less likely, but I believe still possible). After 5 minutes, I gave up and moved on. The unfortunate part was I knew exactly how to configure the interface, but I was not able to enter interface config mode to complete the task. Thanks for letting me blow off some steam! dj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71907t=71765 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Quoting in Replies [7:71366]
Your use of Merciless has caused me much lost income due to trademark infringement. Please cease and desist or I will be forced to bypass my Death Ray and go straight to my attorney. Thank you for your cooperation, Ming the Merciless -Original Message- From: Tom Lisa To: [EMAIL PROTECTED] Sent: 7/2/2003 4:57 PM Subject: Re: Quoting in Replies [7:71366] Puny Marvin, It is appropriate that you ended you last sentence with I'm afraid. You should be afraid, very afraid!!! I have the new and improved, ultra special, galaxy class disrupter. I say pshaw to your lowly Q-36. This will be my last statement on this as I must return to annihilating useless redundant posts on the associate list! HAHAHAHAHA No regards, Worf the Merciless Moderator John Neiberger wrote: Worf the Moderator dares challenge Marvin the Moderator?? My Illudium Q-36 Explosive Space Modulator can easily disrupt your puny Klingon Disrupter Ray! Your threat forces me to take drastic action and I'm going to have to blow up your entire planet, I'm afraid. Kind regards, Marvin Tom Lisa 7/2/03 12:56:58 AM Stop this thread immediately or I will be forced to annihilate all of you with my Anti-Proton Sub-Space Internet Disrupter Ray! Worf Wilmes, Rusty wrote: According article 4 section 10 subsect ym, of the Charter Of Interspatially Recognized Internet Keyword Search Lookup People, use of illudium, in either a peaceful or dastardly fasion, is punishable by Death Ray. Ming The Merciless -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2003 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Quoting in Replies [7:71366] Cosmic ray machines are a violation of the GroupStudy TOS. Please discontinue the use of such devices. Failure to comply will result in retaliation with an Illudium Q-36 Explosive Space Modulator. Your compliance is appreciated, Marvin David Cooper 7/1/03 4:30:09 PM On Tuesday 01 July 2003 15:29, Jamie Johnson wrote: Cool! My cosmic ray machine must be working. Better put on your tinfoil hats. From: Recent escapee from the ex-dot.commer insane asylum John Neiberger wrote: - jvd 7/1/03 12:32:02 PM Hi my Quote button disappeared! No serious, there used to be a quote button next to my Post button but now it's gone. I refreshed the page as well and still nothing. Maybe the cosmic rays hit my PC's memory, corrupted it and deleted my Quote button :-) No serious, is anybody else also having this problem? That's rather odd. What browser are you using? Could that be considered a Denial of Service attack? [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71906t=71366 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT: Friday Funnies [7:71825]
If you keep saying things like that, my brain is going to explode. ;-) DeVoe, Charles (PKI) 07/03/03 09:50AM Better Question -- Why do we drive on parkways and park on driveways? -Original Message- From: Ken Diliberto [mailto:[EMAIL PROTECTED] Sent: Thursday, July 03, 2003 10:56 AM To: [EMAIL PROTECTED] Subject: Re: OT: Friday Funnies [7:71825] NO no no. You've got it all wrong (said in the voice of Hermione Granger from Harry Potter). [snip] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71901t=71825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: wireless [7:71781]
Hi, I used Cisco's Parter E-Learning Connection. http://www.cisco.com/warp/public/10/wwtraining/pec/peclogin.html You need a valid CCO login account. Most of the training is free with a couple of hands-on LABS (350 Series). I had to fork out about $395-00 for the Advanced Wireless On-line VOD course. This course covers most of the requirements. Thats's all I used to pass. Check out the exam blueprint on CCO for exactly what you need to know for the exam. Colin Tetluk (CCIE#5767) -Original Message- From: Vijay Anand [mailto:[EMAIL PROTECTED] Sent: 02 July 2003 06:24 To: [EMAIL PROTECTED] Subject: wireless [7:71781] hello all i want to know ,,how is Cisco wireless exam 9E0-581 WLANFE, what abt the study material or books is any one who already took this exam pls tell me the details abt this.. thanx a lot in advance VijayAnand SMS using the Yahoo! Messenger;Download latest version. ** Everything in this e-mail and attachments relating to the official business of MultiChoice Africa is proprietary to the company. Any view or opinion expressed in this message may be the view of the individual and should not automatically be ascribed to the company. If you are not the intended recipient, you may not peruse, use, disseminate, distribute or copy this message. If you have received this message in error, please notify the sender immediately by email, facsimile or telephone and destroy the original message. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71900t=71781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
fast switching v.s. cef switching [7:71815]
Can anyone tell me what's the difference between fast switching and cef switching? thanks first! Ellie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71905t=71815 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Training [7:71811]
Hi, Any one ever been to one of these 5 day training places for various CCNP exams ? Are they any good, or am I just better of reading the book again and working on the labs with my own gear (yes I have quite a few routers here, but never the time) I am on my quest for CCNP then on to CCIE, however between work and being a dad, I just never get the time any more Thanks for your feedback ** This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71911t=71811 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Routers and RSA secureid [7:71715]
Robert, You'll need both CiscoSecure ACS and RSA Secure ID (ServerAgent). I am working with it on a similar project and it works perfectly. Please feel free to email me with any questions. Regards, -Scott Robert Perez wrote in message news:[EMAIL PROTECTED] Anyone know if I Can I use RSA SecureID FOBS to authenticate access to a Router versus using tacacs+ to do the authentication?? So basically the user tries to Telnet to a router to do config changes. I want their ID to be auth'd against an RSA server. | ---+ | Bob Perez | Telecom Administrator | InterCept, Inc. | [EMAIL PROTECTED] | | **Cisco CCNP, CCDP, CSPFA** | -+ | Phone 302.326.0700 x4242 | | Cell 302.420.6883 | ---+- | Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71908t=71715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VLAN Tagging on Cat 3550 Another question [7:71703]
- Original Message - From: simon watson To: ; Henrique Issamu Terada Sent: Wednesday, July 02, 2003 11:08 PM Subject: VLAN Tagging on Cat 3550 Another question [7:71703] Hi Some how I was thinking VLAN tagging was something more than just Trunking in Cisco talk,as you can guess I'm pretty rusty when it comes to switching.I have another question.Look at the example below. REMOTE SITE PC's-CISCO 3550--CISCO 2600~~(256K LEASE LINE) (VLAN3) (802.1q TRUNK) MAIN SITE ~~CISCO 3600ALCATEL SWITCHPIX...INTERNET ROUTER/INTERNET. (256K LINK) (802.1qTRUNK) (VLAN3) A client wants to allow a group of PC's on a remote site, access to the internet via the main site's ISP.But wants these group of Pc's on their own VLAN so they have no connection to the rest of the network (except for the internet router which the whole network uses to access the internet) they have been advised by a third party to do it as above.They have a Cisco 3550EMI switch at the remote site a Alcatel Omnicore L3 switch at the Main site.The WAN link is a 256k lease line.They want to configure the PC's on the remote site with the same VLAN as a dedicated PIX on the Main site (also on the same subnet). The Cat 3550 is not using it's L3 capabilities and is trunked to the remote site's router Can this be done ? I'm sure thinking of the basic laws of routing it won't be possible to have devices being on the same subnet but across different WAN links, as routing loops can occur.Also would it be best to enable the layer 3 capabilities of the switches, or to let the routers do the work. I'm looking forward to your answers Thanks in advance Simon. - Original Message - From: Henrique Issamu Terada To: simon watson Cc: Sent: Tuesday, July 01, 2003 2:09 PM Subject: RES: VLAN Tagging on Cat 3550 [7:71703] Vlan tagging is commonly called by Cisco as trunks. Have you ever configured trunks as ISL ou 802.1q ? Actually the name vlan tagging makes more sense on non Cisco equipment, where only exists 802.1q . ISL doesn't do tag as 802.1q , but reencapsulates the packet with a new header . My 0,02 _ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 [EMAIL PROTECTED] www.cpm.com.br -- --- Esta mensagem pode conter informagco confidencial e/ou privilegiada. Se vocj nco for o destinatario ou a pessoa autorizada a receber esta mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas ou tomar qualquer agco baseada nessas informagues. Se vocj recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Mensagem original- De: simon watson [SMTP:[EMAIL PROTECTED] Enviada em: terga-feira, 1 de julho de 2003 05:02 Para: [EMAIL PROTECTED] Assunto: VLAN Tagging on Cat 3550 [7:71703] Hi Guys A client wants a Cat 3550 configured for VLAN tagging, I have not done one of these before so how do I configure the switch, also there is a Cisco 2600 router also connected to the switch.Do I need to configure the router to accomodate VLAN tagging (and any router that packets of the VLAN goes through ?) Thanks Simon. Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 30/06/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 30/06/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71902t=71703 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Tacacs help required [7:71818]
1720 router with 128K primary link and ISDN Backup. Problem When primary link falls ISDN backup has authentications problems due to tacacs on both sides (Remote and HQ). Here is my Remote side config and debug aaa new-model aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ enable aaa authentication ppp default local none aaa authorization exec default local group tacacs+ aaa authorization network default local none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ Log Buffer (4096 bytes): CONFREQ [ACKsent] id 8 len 26 00:23:49: BR0:1 LCP:MagicNumber 0x0958D9C8 (0x05060958D9C8) 00:23:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:23:49: BR0:1 LCP: I CONFACK [ACKsent] id 8 len 26 00:23:49: BR0:1 LCP:MagicNumber 0x0958D9C8 (0x05060958D9C8) 00:23:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:23:49: BR0:1 LCP: State is Open 00:23:49: BR0:1 PPP: Phase is AUTHENTICATING, by the peer Jul 2 18:48:06: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 011654760 0 00:24:00: BR0:1 AUTH: Timeout 1 00:24:10: BR0:1 AUTH: Timeout 2 00:24:20: BR0:1 AUTH: Timeout 3 00:24:30: BR0:1 AUTH: Timeout 4 00:24:48: BR0:1 AUTH: Timeout 5 00:24:58: BR0:1 AUTH: Timeout 6 00:25:08: BR0:1 AUTH: Timeout 7 00:25:18: BR0:1 AUTH: Timeout 8 00:25:28: BR0:1 AUTH: Timeout 9 00:25:38: BR0:1 AUTH: Timeout 10 00:25:48: BR0:1 LCP: I TERMREQ [Open] id 15 len 4 00:25:48: BR0:1 LCP: O TERMACK [Open] id 15 len 4 00:25:48: BR0:1 PPP: Phase is TERMINATING Jul 2 18:49:59: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 0116547 600 , call lasted 119 seconds Jul 2 18:49:59: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down Jul 2 18:49:59: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0 00:25:48: BR0:1 LCP: State is Closed 00:25:48: BR0:1 PPP: Phase is DOWN Jul 2 18:50:00: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up Jul 2 18:50:00: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0 00:25:49: BR0:1 PPP: Treating connection as a callout 00:25:49: BR0:1 PPP: Phase is ESTABLISHING, Active Open 00:25:49: BR0:1 PPP: Authorization required 00:25:49: BR0:1 PPP: No remote authentication for call-out 00:25:49: BR0:1 LCP: O CONFREQ [Closed] id 9 len 30 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:MRRU 1524 (0x110405F4) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: I CONFREQ [REQsent] id 2 len 14 00:25:49: BR0:1 LCP:AuthProto PAP (0x0304C023) 00:25:49: BR0:1 LCP:MagicNumber 0x3375A3CD (0x05063375A3CD) 00:25:49: BR0:1 LCP: O CONFACK [REQsent] id 2 len 14 00:25:49: BR0:1 LCP:AuthProto PAP (0x0304C023) 00:25:49: BR0:1 LCP:MagicNumber 0x3375A3CD (0x05063375A3CD) 00:25:49: BR0:1 LCP: I CONFREJ [ACKsent] id 9 len 8 00:25:49: BR0:1 LCP:MRRU 1524 (0x110405F4) 00:25:49: BR0:1 LCP: O CONFREQ [ACKsent] id 10 len 26 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: I CONFACK [ACKsent] id 10 len 26 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: State is Open 00:25:49: BR0:1 PPP: Phase is AUTHENTICATING, by the peer Jul 2 18:50:06: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 0112345678 0 00:25:59: BR0:1 AUTH: Timeout 1 00:26:09: BR0:1 AUTH: Timeout 2 00:26:19: BR0:1 AUTH: Timeout 3 00:26:29: BR0:1 AUTH: Timeout 4 00:26:39: BR0:1 AUTH: Timeout 5 Jul 2 18:50:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, change d state to up 00:26:49: BR0:1 AUTH: Timeout 6 00:26:59: BR0:1 AUTH: Timeout 7 Jul 2 18:51:13: %SYS-5-CONFIG_I: Configured from console by vty1 (172.16.54.69) 00:27:10: BR0:1 AUTH: Timeout 8 Jul 2 18:51:29: %LINK-5-CHANGED: Interface Dialer0, changed state to standby mo de 00:27:18: Di0 LCP: Not allowed on a Dialer Profile 00:27:20: BR0:1 AUTH: Timeout 9 00:27:30: BR0:1 AUTH: Timeout 10 00:27:39: BR0:1 LCP: I TERMREQ [Open] id 3 len 4 00:27:39: BR0:1 LCP: O TERMACK [Open] id 3 len 4 00:27:39: BR0:1 PPP: Phase is TERMINATING Jul 2 18:51:51: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 0112345678 , call lasted 110 seconds Jul 2 18:51:51: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down Jul 2 18:51:51: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0 00:27:40: BR0:1 LCP: State is Closed 00:27:40: BR0:1 PPP: Phase is DOWN isdn switch-type basic-net3 ! ! ! interface BRI0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 no fair-queue ppp authentication
RE: 640-606 study guide [7:71705]
You can get the Cisco Press Study Guide for the Support Exam on line at ciscopress.com or at a book outlet(ex. Barnes Nobles, Borders). There's different Support Exam study guides from different publishers, cisco press and sybex are two of the common ones. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71913t=71705 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how about ccie salary in US? [7:71143]
Carroll Kong wrote: However, in terms of sensible fairness, I do not see how having years of production experience is going to mean crap if you utilize it improperly or got little out of it. (think of the guy who calls TAC every other day, and now thinks that the config registers for password recovery are the same for all routers). Your entire argument is predicated on the notion that production experience isn't worth very much. Sheesh, you just left yourself wide open to a HUGE attack, so huge that I'm surprised you can't see it. Namely - if experience is so darn worthless, then why does every single company in the world want it? Name me a single company that doesn't care about experience. Can't do it, can you? What you're telling me is that all the companies in the world are placing a premium on something that is essentially worthless. So basically you're saying that every company in the world is wrong and you're right, is that true? If so, hey, please, by all means, start your own company and because you apparently your hiring practices will be better than everybody else's, you'll be a billionaire soon. Why not test the individuals harder, instead of putting up this number of years barrier? Might as well ask ourselves why we can't just simply win the lottery. We both know Cisco is not going to do anything that actually requires substantial effort on their part, so why waste belaboring the subject. You're comparing the perfect solution that will never happen to something practical and attainable. Well, perhaps it was a bad analogy then (the pilot bit). I am okay with forcing people to do meaningful experience of sorts. I also think a good lab scenario based off of someone's real world experience (eh, just insert disaster scenarios into the lab, not that hard. :) ) and clocking time against that is a good idea. Having them sitting around doing nothing, seems to be just wasting people's time and money. However, given that everyone is not going to have an even experience in any workplace, it seems to be a very uneven barrier. Furthermore, as I mentioned, in some cases, so little comes out of it at times that to even compare people by the number of years would be ridiculous. And yet that is precisely what companies do, and I have to imagine that they have good reasons for doing so. You wanna get hired as the lead engineer at a tier-1 backbone provider? You have to have X years of experience to even get into the interview room. Could those X years of experience have been spent in a NOC playing solitaire? Yeah, I guess. But hey, those are the rules. We all know that if you don't have any experience, you will not be considered for that job even if you could handle it. Unfair? Maybe. But guess what - life is unfair. My proposal is no more unfair than life itself. Well, if anything, make the exam harder. Not going to happen if it means that Cisco will actually have to put effort into it. The years of experience seems too hazy to me for quite a few reasons. 1) experience is not equal 2) experience can turn into misinformation I just do not like this easy way out to build a quick filter that seems like it is not going to build stronger CCIES necessarily. And again, this is precisely the easy way that companies filter out candidates. Again, if you really think the whole world is dumb for doing this, then by all means start your own company and blow them all away. The only thing you did was delay them, and delay potentially qualified individuals. Are you even sure they will have even a SHRED more experience after doing carressing for so long? Is that shred going to really help them when they study for the exam by going to bootcamps, reviewing braindumps, etc? A shred is better than nothing. And I am confident that many of them will have more than a shred. Well, I can give you a list of people who will disappoint you. :) However, I never said a router carresser might not be very bright. A good number of them are like that; they too are held back (but this time by their employers). However, let us test them on their merits, not on how long they were carressing. Why not? That's precisely what employers do. Yeah but to employ such a method to filter people, and to potentially get very little results. Hey, if the results are good enough for all the employers in the world, they should be good enough for the CCIE program. What I am saying is not everyone's experience is a very good one. You get those who see one Cisco router crash once due to a bad DIMM, and he thinks Cisco sucks for routers. Experience can be flawed, or it could be overwhelmed by raw knowledge. From my experience, reinstalling the OS and picking the automatic DHCP will fix my network settings. Um... you can just change the IP address in the control panel. During the
Re: Tacacs help required [7:71818]
It seems we are getting the LCP I 00:27:39: BR0:1 LCP: I TERMREQ [Open] id 3 len 4 not very clear, in fact why is the remote sending LCP O TERM could you collect? (from remote) deb ppp neg deb ppp authen deb aaa author deb isdn q931 deb tacacs regards devvv - Original Message - From: Shane Stockman To: Sent: Friday, July 04, 2003 7:53 PM Subject: Tacacs help required [7:71818] 1720 router with 128K primary link and ISDN Backup. Problem When primary link falls ISDN backup has authentications problems due to tacacs on both sides (Remote and HQ). Here is my Remote side config and debug aaa new-model aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ enable aaa authentication ppp default local none aaa authorization exec default local group tacacs+ aaa authorization network default local none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ Log Buffer (4096 bytes): CONFREQ [ACKsent] id 8 len 26 00:23:49: BR0:1 LCP:MagicNumber 0x0958D9C8 (0x05060958D9C8) 00:23:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:23:49: BR0:1 LCP: I CONFACK [ACKsent] id 8 len 26 00:23:49: BR0:1 LCP:MagicNumber 0x0958D9C8 (0x05060958D9C8) 00:23:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:23:49: BR0:1 LCP: State is Open 00:23:49: BR0:1 PPP: Phase is AUTHENTICATING, by the peer Jul 2 18:48:06: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 011654760 0 00:24:00: BR0:1 AUTH: Timeout 1 00:24:10: BR0:1 AUTH: Timeout 2 00:24:20: BR0:1 AUTH: Timeout 3 00:24:30: BR0:1 AUTH: Timeout 4 00:24:48: BR0:1 AUTH: Timeout 5 00:24:58: BR0:1 AUTH: Timeout 6 00:25:08: BR0:1 AUTH: Timeout 7 00:25:18: BR0:1 AUTH: Timeout 8 00:25:28: BR0:1 AUTH: Timeout 9 00:25:38: BR0:1 AUTH: Timeout 10 00:25:48: BR0:1 LCP: I TERMREQ [Open] id 15 len 4 00:25:48: BR0:1 LCP: O TERMACK [Open] id 15 len 4 00:25:48: BR0:1 PPP: Phase is TERMINATING Jul 2 18:49:59: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 0116547 600 , call lasted 119 seconds Jul 2 18:49:59: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down Jul 2 18:49:59: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0 00:25:48: BR0:1 LCP: State is Closed 00:25:48: BR0:1 PPP: Phase is DOWN Jul 2 18:50:00: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up Jul 2 18:50:00: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0 00:25:49: BR0:1 PPP: Treating connection as a callout 00:25:49: BR0:1 PPP: Phase is ESTABLISHING, Active Open 00:25:49: BR0:1 PPP: Authorization required 00:25:49: BR0:1 PPP: No remote authentication for call-out 00:25:49: BR0:1 LCP: O CONFREQ [Closed] id 9 len 30 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:MRRU 1524 (0x110405F4) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: I CONFREQ [REQsent] id 2 len 14 00:25:49: BR0:1 LCP:AuthProto PAP (0x0304C023) 00:25:49: BR0:1 LCP:MagicNumber 0x3375A3CD (0x05063375A3CD) 00:25:49: BR0:1 LCP: O CONFACK [REQsent] id 2 len 14 00:25:49: BR0:1 LCP:AuthProto PAP (0x0304C023) 00:25:49: BR0:1 LCP:MagicNumber 0x3375A3CD (0x05063375A3CD) 00:25:49: BR0:1 LCP: I CONFREJ [ACKsent] id 9 len 8 00:25:49: BR0:1 LCP:MRRU 1524 (0x110405F4) 00:25:49: BR0:1 LCP: O CONFREQ [ACKsent] id 10 len 26 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: I CONFACK [ACKsent] id 10 len 26 00:25:49: BR0:1 LCP:MagicNumber 0x095AAF85 (0x0506095AAF85) 00:25:49: BR0:1 LCP:EndpointDisc 1 ALBERANTE (0x131001414C424552414E5445 5F424D57) 00:25:49: BR0:1 LCP: State is Open 00:25:49: BR0:1 PPP: Phase is AUTHENTICATING, by the peer Jul 2 18:50:06: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 0112345678 0 00:25:59: BR0:1 AUTH: Timeout 1 00:26:09: BR0:1 AUTH: Timeout 2 00:26:19: BR0:1 AUTH: Timeout 3 00:26:29: BR0:1 AUTH: Timeout 4 00:26:39: BR0:1 AUTH: Timeout 5 Jul 2 18:50:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, change d state to up 00:26:49: BR0:1 AUTH: Timeout 6 00:26:59: BR0:1 AUTH: Timeout 7 Jul 2 18:51:13: %SYS-5-CONFIG_I: Configured from console by vty1 (172.16.54.69) 00:27:10: BR0:1 AUTH: Timeout 8 Jul 2 18:51:29: %LINK-5-CHANGED: Interface Dialer0, changed state to standby mo de 00:27:18: Di0 LCP: Not allowed on a Dialer Profile 00:27:20: BR0:1 AUTH: Timeout 9 00:27:30: BR0:1 AUTH: Timeout 10 00:27:39: BR0:1 LCP: I TERMREQ [Open] id 3 len 4 00:27:39: BR0:1 LCP: O TERMACK [Open] id 3 len 4 00:27:39: BR0:1 PPP: Phase is TERMINATING Jul 2 18:51:51: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected
Keeping my head up [7:71800]
First of all I would like to thank you all for helping me out throughout my study in preparing for the CCCIE written exam. I study for 6 months straight for the CCIE written and today I got a scored lower than dirt-- 41 :( Passing Score is 70. I've passed CCNA and CCNP with no problem in the past. I guess I have finally meet my match To the contrary of what I have heard, the test is well written as far as grammar is concerned. I clearly understand the content of the questions. I just didn't have most of the answers and most of the answers look like right answers. I did very poorly on the scenario questions. I feel like I needed to configured all these topics in a lab environment.. Here's the list of books that I used to prepare for it. Bruno Caslo Doyle TCP/IP 1 and 2 Halabi- BGP Hamilton- switching CCO Links Boson 3 and Experience I feel like throughout my study I was mostly focusing on the theoretical part of the subjects because most of the books have nothing but million of pages of theory and like 3 little scenarios. I read whatever scenarios as well. Are the CCO links up to date on the blue print ? I got grueled on IPX and token ring which I only have a grasp for by theory. I have never work with IPX or Token ring in real life (not making excuses here :-) I hope this question is not lame. But can someone tell me how to study for the CCIE ? What should I focus on when studying. I welcome any help you can throw at me. I can't fail it a second time... Thanks RBX10 -CCIE-maybe Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71917t=71800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VLAN Tagging on Cat 3550 Another question [7:71703]
Hi Some how I was thinking VLAN tagging was something more than just Trunking in Cisco talk,as you can guess I'm pretty rusty when it comes to switching.I have another question.Look at the example below. REMOTE SITE MAIN SITE PC's-CISCO 3550CISCO 2600~~CISCO 3600ALCATEL L3 SWITCH..PIX...INTERNET ROUTER---INTERNET. (VLAN3) (802.1q TRUNK) (256K LINK)(802.1q TRUNK)(VLAN3) A client wants to allow a group of PC's on a remote site, access to the internet via the main site's ISP.But wants these group of Pc's on their own VLAN so they have no connection to the rest of the network (except for the internet router which the whole network uses to access the internet) they have been advised by a third party to do it as above.They have a Cisco 3550EMI switch at the remote site a Alcatel Omnicore L3 switch at the Main site.The WAN link is a 256k lease line.They want to configure the PC's on the remote site with the same VLAN as a dedicated PIX on the Main site (also on the same subnet). The Cat 3550 is not using it's L3 capabilities and is trunked to the remote site's router Can this be done ? I'm sure thinking of the basic laws of routing it won't be possible to have devices being on the same subnet but across different WAN links, as routing loops can occur.Also would it be best to enable the layer 3 capabilities of the switches, or to let the routers do the work. I'm looking forward to your answers Thanks in advance Simon. - Original Message - From: Henrique Issamu Terada To: simon watson Cc: Sent: Tuesday, July 01, 2003 2:09 PM Subject: RES: VLAN Tagging on Cat 3550 [7:71703] Vlan tagging is commonly called by Cisco as trunks. Have you ever configured trunks as ISL ou 802.1q ? Actually the name vlan tagging makes more sense on non Cisco equipment, where only exists 802.1q . ISL doesn't do tag as 802.1q , but reencapsulates the packet with a new header . My 0,02 _ Henrique Issamu Terada, CCIE # 7460 IT Support - Open Network CPM S.A. - Tecnologia criando valor Tel.: 55 11 4196-0710 Fax: 55 11 4196-0900 [EMAIL PROTECTED] www.cpm.com.br -- --- Esta mensagem pode conter informagco confidencial e/ou privilegiada. Se vocj nco for o destinatario ou a pessoa autorizada a receber esta mensagem, nco pode usar, copiar ou divulgar as informagues nela contidas ou tomar qualquer agco baseada nessas informagues. Se vocj recebeu esta mensagem por engano, por favor avise imediatamente o remetente, respondendo o e-mail e em seguida apague-o. Agradecemos sua cooperagco. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. -Mensagem original- De: simon watson [SMTP:[EMAIL PROTECTED] Enviada em: terga-feira, 1 de julho de 2003 05:02 Para: [EMAIL PROTECTED] Assunto: VLAN Tagging on Cat 3550 [7:71703] Hi Guys A client wants a Cat 3550 configured for VLAN tagging, I have not done one of these before so how do I configure the switch, also there is a Cisco 2600 router also connected to the switch.Do I need to configure the router to accomodate VLAN tagging (and any router that packets of the VLAN goes through ?) Thanks Simon. Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 30/06/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 30/06/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71916t=71703 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Are the system UP - without using ping [7:71920]
Any recommended free program to check if an equipment is up without using ping? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71920t=71920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab !!! [7:71919]
Hi all, Can any one help us about the lab topics? Cheers, Heiman. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71919t=71919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Support Exam Study Suggestions [7:71898]
I would say use Cisco Press CIT Book, and check out Priscilla Oppenheimer webpage study guide at http://www.troubleshootingnetworks.com/resources.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71918t=71898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Lab !!! [7:71919]
For sure you should know a lot about redistribution. A statement I heard from a Cisco guy responsable for the test in my country: -Certainly it will be asked one topic that you never have heard about; this is to test your capacity to look the CD documentation and find an answer. Certainly you should know all you can, because there is no time to search on the CD. The IOS on the lab is about to change. 12.2. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71921t=71919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Information Systems Security Professional Cert [7:71885]
Andrew I qualified for this as well. Cisco sent me an email about it the other day and today I received the qualifying confirmation. You can find further information at the following URLs. http://www.cisco.com/en/US/learning/learning_certification_program_updates.html http://newsroom.cisco.com/dlls/prod_070103b.html Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71922t=71885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Routers and RSA secureid [7:71715]
Agreed We have it functioning in a production environment currently. Basically , point your devices to the CSACS and then point the CSACS to the Secure ID server. It is a nice feature but can take a bit of patience at first. Not everyone likes to carry a fob around with them to authenticate. So be prepared to have some users with long faces. Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71923t=71715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Priviledge Level Commands [7:71694]
Mario, The following may help you out. I found them by searching Cisco with privilege level configuration http://www.cisco.com/en/US/customer/tech/tk583/tk547/technologies_tech_note09186a008009465c.shtml Remember if you do not give them the privilege level to the configuration command then they will not see the command output in the configuration. http://www.cisco.com/en/US/customer/tech/tk583/tk642/technologies_tech_note09186a00800949d5.shtml Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71924t=71694 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: wireless [7:71781]
I had a little bit of practical experience with other manufacture's equipment, but not Cisco. I picked up an Aironet access point on ebay so I could play with the interface for a bit (and sold it again later for more than I paid for it), but that wasn't really necessary to pass the SE (but useful for the FE). Helpful? The WB On Wed, 2003-07-02 at 12:24, Catherine Wu wrote: WB, Do you take any trainings or do you already have lots of experiences in the field? thanks for your opinion. Catherine -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Weaselboy Sent: Wednesday, July 02, 2003 10:58 AM To: [EMAIL PROTECTED] Subject: Re: wireless [7:71781] I passed both the SE and FE exams first time out using the CWNA book and bosons. Between these two sources you should have everything you need. Take the SE first (its a little easier). The WB On Wed, 2003-07-02 at 09:23, Vijay Anand wrote: hello all i want to know ,,how is Cisco wireless exam 9E0-581 WLANFE, what abt the study material or books is any one who already took this exam pls tell me the details abt this.. thanx a lot in advance VijayAnand SMS using the Yahoo! Messenger;Download latest version. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71915t=71781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Training [7:71811]
if you use the bootcamp training with one thing in mind -- passing the tests -- not learning, then you will get your money's worth. people criticize this type of training but for me it was a way to take 12 days away from all other distractions, study and pass the four exams. no i am not a paper cert, and had five years hands-on job experience prior to trying to pass any tests. i also just passed the CCNP-Recert test last week. i used ccprep and it was worth every penny (http://www.ccprep.com) John Brandis wrote in message news:[EMAIL PROTECTED] Hi, Any one ever been to one of these 5 day training places for various CCNP exams ? Are they any good, or am I just better of reading the book again and working on the labs with my own gear (yes I have quite a few routers here, but never the time) I am on my quest for CCNP then on to CCIE, however between work and being a dad, I just never get the time any more Thanks for your feedback ** This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71914t=71811 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF V-Link [7:71926]
I have a failry generic three-router ospf set that I am trying to cross with a virtual link: R1 (area0, area 3) R2 (area 3) R4 (area 3, 23) (192.168.255.245/30)(192.168.255.254/30) [area 3 virt 192.168.255.254] [area 3 virt 192.168.255.245] Traffic routes properly except the area 23 stuff because there is no connection oto area 0. When I try to install the area 3 virtual-link 192.168.255.254 area 3 virtual-link 192.168.255.245 statement pair to link area 23 across area 3 I get lots of these: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 192.168.11.9, Serial1/1 The address 192.168.11.9 is on the intervening router. The link from R1 to R2 is a F.R. link set to point-to-multipoint on each end. Any ideas? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71926t=71926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ntp not sync with server [7:71887]
its config down to the 3640 and switched it over to ospf from eigrp and ntp won't synch. The clock-period line aslo fails to come up. Nelson Herron Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71925t=71887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Priviledge Level Commands [7:71694]
Thanks Kim. I had read figured out what I needed to do after a few trial and errors. I appreciate you and all who replied to my post. Happy 4th. Mario -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kim Graham Sent: Friday, July 04, 2003 6:35 PM To: [EMAIL PROTECTED] Subject: RE: Priviledge Level Commands [7:71694] Mario, The following may help you out. I found them by searching Cisco with privilege level configuration http://www.cisco.com/en/US/customer/tech/tk583/tk547/technologies_tech_n ote09186a008009465c.shtml Remember if you do not give them the privilege level to the configuration command then they will not see the command output in the configuration. http://www.cisco.com/en/US/customer/tech/tk583/tk642/technologies_tech_n ote09186a00800949d5.shtml Kim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71927t=71694 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab !!! [7:71919]
anyone who is serious about CCIE lab prep should become familiar with this site: http://www.cisco.com/warp/public/625/ccie/ start your reading here. everything yoiu need to know can be found somewhere within the links provided. H T wrote in message news:[EMAIL PROTECTED] Hi all, Can any one help us about the lab topics? Cheers, Heiman. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71930t=71919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
help!!! [7:71928]
Hi everyone, If you do not attend ccie lab exam from 2003.7.9 to 2003.7.18, would you release your lab seat to me ? Thanks a lot Rgds/Luo, --- Network Consultant Engineer, Advanced Service Level 12, Tower W1, Oriental Plaza,The Towers, No.1, East Chang An Avenue,Dong Cheng District, Beijing, China. 100738 Tel:(8610) 6526 ext 5889 Mobile: (86) 13901320144 Email:[EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71928t=71928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP newbie [7:71868]
I hope the routing exam is the hardest. I just took it yesterday and am starting the preperation for the Switching exam next. I used the Sybex book among other things. since I havn't found the Cisco Press books for anything newer than the 503 exam, I havn't seen them. I'm curious to see the new books that come out for this next series of exams. I checked their website and didn't see the new books listed yet. I think you should be fine with either series of books. The main thing is to get comfortable with the material. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71931t=71868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF V-Link [7:71926]
Nelson Herron wrote in message news:[EMAIL PROTECTED] I have a failry generic three-router ospf set that I am trying to cross with a virtual link: R1 (area0, area 3) R2 (area 3) R4 (area 3, 23) (192.168.255.245/30)(192.168.255.254/30) [area 3 virt 192.168.255.254] [area 3 virt 192.168.255.245] Traffic routes properly except the area 23 stuff because there is no connection oto area 0. When I try to install the area 3 virtual-link 192.168.255.254 area 3 virtual-link 192.168.255.245 statement pair to link area 23 across area 3 I get lots of these: %OSPF-4-ERRRCV: Received invalid packet: mismatch area ID, from backbone area must be virtual-link but not found from 192.168.11.9, Serial1/1 The address 192.168.11.9 is on the intervening router. The link from R1 to R2 is a F.R. link set to point-to-multipoint on each end. Any ideas? reading the documentation regarding virtual links comes to mind: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fiprrp_r/1rfospf.htm#1017717 watch the wrap the error you are getting is telling you something important. another help might be to look at the output from the show ip ospf command 192.168.11.9 is what exactly? more than an interface address. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71929t=71926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BSMSN 1.1 Vs 2.0 [7:71932]
My company is sending me to the BCMSN class next week. I'm grateful for that, but I had called the training company last month when registering to make sure it was the new class. Just checked the Cisco website for a look and the link showed the class I'm taking as 1.1 not the new 2.0 . From what I can gather, the main difference is AVVID. I guess it's too late now to make a change in plans. does anyone know what else I will be missing compared to the newer class? David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71932t=71932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]