Re: PKI [7:74482]

2003-09-11 Thread Thomas N 
Thanks Annlee!


annlee  wrote in message
news:[EMAIL PROTECTED]
 This page (mind the wrap)

http://www.ealaddin.com/partners/findpartner2.asp?SolutionCategory=11Partne
rshipCategory=PartnerName=CompanyProduct=PartnerSearch.x=39PartnerSearch
.y=7
 lists a number of PKI Infrastructure partners to an etoken company. It
 might be place to start.

 Annlee

 Thomas N wrote:

  I am not sure if this question is off the topic or not but hopping
people
  can give me some suggestion.  I am working on DMVPN and it seems PKI can
 not
  be missed out of the design for security purpose.  I am wondering what
are
  good PKI vendors out there?  Is there any hardware appliance PKI vendor?
  Thanks!
  **Please support GroupStudy by purchasing from the GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75222t=74482
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: How to define right cisco hardware and software (IOS) [7:75223]

2003-09-11 Thread Mark 
Dynamic Configuration Tool:
http://www.cisco.com/appcontent/apollo/configureHomeGuest.html

Mark
CCIE RS, Security
Lab Technician
GigaVelocity.com

- Original Message -
From: Hinwoto 
To: 
Sent: Wednesday, September 10, 2003 9:03 PM
Subject: How to define right cisco hardware and software (IOS) [7:75220]


 dear all,

 guys,..
 Could anyone give advise about how to define the right
 - cisco hardware (module, chassis, memory, NPE etc)
 - cisco software (IOS type etc)

 thanks and looking forward to your advise guys.
 hin
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75223t=75223
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Basic IP CEF question (again) [7:75161]

2003-09-11 Thread Curious 
Hi Zsombor, what do you mean?? Why the router has the broadcast IP in 
receive mode?
I would like to know more about this ;)



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75224t=75161
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

help [7:75225]

2003-09-11 Thread Paul Borghese 
help




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75225t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

ciscoview-urgent [7:75227]

2003-09-11 Thread milind tare 
Dear All,


  In my network MPLS VPN is there and the  cisco
devices having 7513,6509 and GSR. but in topology i am
not getting 6509 which is having OSM-4ge-wan card and
i can't detect the module in topology services. 
i have installed related pathches like CLiparaser,
catios6000, switchaddlets etc...but still getting
problem ? is coming in topology services.

please guide me urgently

Thanks  Regards,
milind

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75227t=75227
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: home lab equipment [7:75115]

2003-09-11 Thread [EMAIL PROTECTED] 
I stopped buying long ago except isdn pbx, 

basics on routers at home, 

and started renting a few low budget ATM/VOICE etc. labs online.

Martijn 


-Oorspronkelijk bericht-
Van: Dave Williams [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 22:31
Aan: [EMAIL PROTECTED]
Onderwerp: home lab equipment [7:75115]


Group,

 

I'm planning on purchasing my final addition to my RS home lab sometime
this month. I'm having a hard time deciding if I should add another 3550
(I have one already) or if I should pick up a Lightstream 1010 with two
4500s that have an OC3 MM interface. ATM for the 3600s is way too
expensive for me. Any suggestions would be appreciated.

 

(Sorry if this message is a dub) 

 

-dave
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75226t=75115
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cisc SAFE Exam [7:75200]

2003-09-11 Thread [EMAIL PROTECTED] 
Saw some on the group a few weeks ago.

Martijn 

-Oorspronkelijk bericht-
Van: Fred Wittenberg [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 10 september 2003 20:15
Aan: [EMAIL PROTECTED]
Onderwerp: Cisc SAFE Exam [7:75200]


Hello all,

I'm planning on taking the SAFE exam to wrap up my CCSP soon...can anyone
that
has passed/taken this offer what they used as study guides??

TIA,

FW
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75228t=75200
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

New Cisco Catalyst QoS book [7:75229]

2003-09-11 Thread Muhtari Adanan 
Hi,

I was wondering whether it's worth reading the new Cisco Catalyst QoS IOS
book whilst revising for the CCIE theory or even perhaps the practical exams.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75229t=75229
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Upgrading ROMMON on 2948G [7:75179]

2003-09-11 Thread [EMAIL PROTECTED] 
CCO customer? login

http://ftp.cisco.com/cisco/lan/catalyst/4000/cat4000-releasenote.8-1-2.pdf 


2
Release Notes for Catalyst 4500 Series Software Release 8.x
OL-4502-02
ROMMON Requirements
If the Boot ROM (ROMMON) loaded onto your switch is version 4.5(1) or
earlier, you need to upgrade
the ROMMON to at least version 5.4(1) in order to run software release 8.1
or later.
Upgrading the ROMMON
Follow these guidelines to upgrade the ROMMON on your switch:
3
Release Notes for Catalyst 4500 Series Software Release 8.x
OL-4502-02
System Requirements
Caution To avoid actions that might make your system unbootable, read this
entire section before starting the
upgrade.
You can do this procedure entirely over a Telnet connection, but if
something fails, you will need to have
access to the console serial port. If done improperly, the system can become
unbootable. You will then
have to return it to Cisco for repair.
This section describes an upgrade to ROMMON version 6.4(1). The same
procedure applies to other
ROMMON versions, but you will have to substitute appropriate version numbers
in the upgrade image
names.
Step 1 Download the promupgrade program from Cisco.com and place it on a
TFTP server in a directory that
is accessible from the switch to be upgraded.
The promupgrade programs are available at the same location on Cisco.com
where you download
Catalyst 4500 series system images.
To upgrade to ROMMON version 6.1(4), download the
cat4000-promupgrade.6-1-4.bin file.
Step 2 In privileged mode on your switch, use the show version command to
verify the ROMMON version
loaded on the switch.
The ROMMON version number is listed as the System Bootstrap Version. For
example, in the following
output, the system is running ROMMON version 6.1(2):
Console (enable) show version
WS-C4003 Software, Version NmpSW:5.5(8)
Copyright (c) 1995-2001 by Cisco Systems, Inc.
NMP S/W compiled on May 24 2001, 21:12:09
GSP S/W compiled on May 24 2001, 18:39:50
System Bootstrap Version:6.1(2)
Hardware Version:1.0 Model:WS-C4003 Serial #:x
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: BGP Table and SNMP [7:75016]

2003-09-11 Thread [EMAIL PROTECTED] 
Did you read trough the 

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1829/products_feat
ure_guide09186a0080087c60.html
12.0
BGP Received Routes MIB

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1839/products_feat
ure_guide09186a0080110bbc.html
12.2T
BGP 4 MIB Support for per-Peer Received Routes

Martijn

-Oorspronkelijk bericht-
Van: Alejandro Acosta [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 3:50
Aan: [EMAIL PROTECTED]
Onderwerp: BGP Table and SNMP [7:75016]


Hi all,
  I wonder if any of you have succesfully retrieved the BGP table from a
Cisco router using SNMP?. I read a lot of documents and tried a lot of
MIBs/OID without any success. I used the MIB navigation tool at the Cisco
TAC but I did not find something really useful. I only could read the
peerings, uptime of the BGP session and few more thing. By the moment I
think it should be done using snmpwalk, am I right?
  FYI, I do have the full routing table in one of my routers (IOS 12.2.6)

Any help will be appreciated.

Thank

Alejandro Acosta
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75232t=75016
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: route add [7:75024]

2003-09-11 Thread [EMAIL PROTECTED] 
Easy did a zillion times for the sysadmins.

IE settings hack. trough a .reg file in the login script. (per user or group
dep on your directory/kix) 

so do NOT use proxy for this and this anbd this webserver

Martijn 


-Oorspronkelijk bericht-
Van: Steiven Poh [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 6:52
Aan: [EMAIL PROTECTED]
Onderwerp: route add [7:75024]


Dear All,

I have a very stupit quesrtion here. How am i by pass the proxy and route
direct to the router. Pls comment !!

Below is my diagram.

169.168.4.2/16 (my pc) - router (192.168.161.254/16)--Leased
Line 64k--router (192.167.161.254/16)Proxy
(192.167.3.34/16)---Internet router (192.167.3.35/16)


My pc route print :

Active Routes:

  Network Address Netmask  Gateway AddressInterface  Metric
  0.0.0.00.0.0.0  192.167.161.254  192.168.4.2
  1
  0.0.0.00.0.0.0  192.168.161.254  192.168.4.2
  1
  127.0.0.0  255.0.0.0127.0.0.1127.0.0.1  
1
  192.168.0.0  255.255.0.0  192.168.4.2  192.168.4.2  
1
  192.168.4.2  255.255.255.255127.0.0.1127.0.0.1  
1
  192.168.255.255   255.255.255.255  192.168.4.2  192.168.4.2 
 1
  224.0.0.0  224.0.0.0  192.168.4.2  192.168.4.2  
1
  255.255.255.255   255.255.255.255  192.168.4.2  0.0.0.0 
 1



This e-mail has been sent via JARING webmail at http://www.jaring.my
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75234t=75024
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: router CPU utilization on access lists? [7:75002]

2003-09-11 Thread [EMAIL PROTECTED] 
So maybe permit and route to null0 in some cases? Then no unreachables are
generated because there is a route?

Martijn 


-Oorspronkelijk bericht-
Van: Marty Adkins [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 20:29
Aan: [EMAIL PROTECTED]
Onderwerp: Re: router CPU utilization on access lists? [7:75002]


Priscilla Oppenheimer wrote:

 Yes, that's true indeed that access lists don't cause process switching
 anymore, so wouldn't show up in IP Input.
 
Two exceptions that I failed to mention are logging and the side effect
of a deny.  By default, a deny causes the generation of an ICMP admin.
prohibited unreachable sent to the source of the blcoked packet.  Since
packets cannot be created in interrupt mode, process context is required.
But these are rate limited to two/second by default as self protection.
Plus normal traffic shouldn't result in very many denies.  But you can
inhibit this entirely by configuring no ip unreachables on an interface.

If the matching ACE has the log keyword, then process context is required
to create the log message and perform normal logging.  This too is
rate-limited.

 Thanks for everyone's advice. It sounds like Marty has the right approach.
 Although access lists aren't process switched, they are generally fast
 switched unless the router supports some other feature (like silicon
 switching) or some fancy configuration like CEF or NetFlow?
 
 So, the thing to look for is a high utilization caused by interrupts (the
 number after the slash).
 
 I can't safely turn them off and test, so I think I will try to simulate
the
 network and traffic in a lab to test my theory that they are an issue.
 
 It's a 2621 router with lots of entries in the access lists that are
 applied. I think it's time to offload a lot of the policy represented by
the
 lists to a PIX firewall.
 
You can tune the lists by letting it run for a while and then noting the
match counts (show access-list).  Within each grouping of permit entries,
you
can reorder the statements to reduce the number of entries that must be
compared to reach a match.

If the ACL processing is as efficient as possible but is really impacting
CPU
utilization, then you could enable the turbo ACL feature (access-list
compiled).
Unfortunately, that's still only available on higher-end platforms, from
3700s
on up.

 Here's a good URL on troubleshooting high CPU util, by the way:
 
 http://www.cisco.com/warp/public/63/highcpu.html
 
 Thanks
 
 Priscilla
 
- Marty
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75233t=75002
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Difference between Cisco VPN and PIX Firewall [7:75235]

2003-09-11 Thread Mr piyush shah 
Hello all
Can I know what is the Cisco PIX and that of a Cisco
VPN 3000 in terms of performance?
As I am planning to implement VPN with either VPN
Concentrator or PIX,however I was told that if you
implement only VPN Concentrator instead of PIX ,then
you may get VPN connectivity but you will not be able
to implement the filtering functionalities which are
required .In case of PIX I may get both VPN as well as
as filtering of unwanted traffic thereby changes of
hacking sessions are less.
Is this true.
I am confised .Kindly help me.
Also which one should consider to be the best scenario
for implementation ?
I am giving the 3 scenario below.If there is any
scenario better than this pls get me know ewith the
pros and cons of that one.Also equest you to know me
the pros and cons of this scenarios also.
aThnaks in advance.

Scenario I Scenario II   Scenario

  
 InternetInternet Internet
   |||
  
  
  
  VPN Concentrator Firewall Firewall--VPN 
   ||  |  Concntrtr   
   ||  |   |  
 LAN   VPNLAN _|
   Concentrator





Yahoo! India Matrimony: Find your partner online.
Go to http://yahoo.shaadi.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75235t=75235
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

question? [7:75237]

2003-09-11 Thread Accsystest 
got your email address from the web: do you answer cisco related questions
by any chance: know any one who is willing to?
 



-
Yahoo! Search
- Looking for more? Try the new Yahoo! Search




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75237t=75237
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Ethernet bogs down help has anyone seen this problem [7:75238]

2003-09-11 Thread [EMAIL PROTECTED] 
I have a customer that has a small office with a Cisco 56K Frame router.
They
are running Nat. Now when I plug in the frame side the ethernet side gets 
constant request for translation then it gets to the point where you can no 
longer even ping the ethernet side. If I remove the RG45 cable from the
frame side.
No problem the request stop and I can ping my ethernet side of the router 
fine with 10ml sec responses all day. The users office is down because he
can not
get out to the web. I've checked for viruses and everything seems fine. Does 
anyone have any ideas? This one is driving me crazy. The ISP says that my 
router is bad, but I doubt it. It started all of a sudden after working fine
for 2
years.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75238t=75238
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: help [7:75225]

2003-09-11 Thread annlee 
problem?

Paul Borghese wrote:
 help
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75240t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Solutions for the Solie Labs - ?? [7:75239]

2003-09-11 Thread Cisco Nuts 
Hello,Does any one if there is a way to get the solutions for the Solie
Labs from CCIE PS Vol. I?Thank you.



Use custom emotions -- try MSN Messenger 6.0!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75239t=75239
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Difference between Cisco VPN and PIX Firewall [7:75235]

2003-09-11 Thread annlee 
Stnadard answer: it depends.

Followed immediately by the standard question: what problem are you 
trying to solve?

The VPN Concentrator does not firewall or filter; it is a specialized 
tunnel termination device. You may (emphasis on may) need to use it 
when you are terminating more than about 20 tunnels. That depends on 
how active the tunnels are and what else your firewall is doing -- how 
much other work must it do filtering how much other traffic?

The Concentrator does offer AES and DH Group 7 (the latter is useful 
if the other end of the tunnel is a client which can support ECC, but 
not many can).

You need a firewall between you and the Internet. Have a look at the 
SMR SAFE Blueprint, here:
http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/ns128/networking_solutions_white_paper09186a008009c8a0.shtml
 


If you do decide to use a Concentrator, people may differ, but I 
recommend terminating your tunnels outside the firewall. If you don't, 
the firewall must either work at the traffic to inspect it properly 
(which in fact makes it work even harder tore-encrypt, etc. to send it 
to the Concentrator) or you poke a big hole in the firewall by 
accepting traffic that looks like it ought to be a part of the 
tunnel.  If your LAN receives public traffic (is there a public-facing 
server, any kind of mini-DMZ?), then you will want a switch to send 
tunnel traffic tothe Concentrator and all other traffic to the 
firewall. Looks sort of like this:

Concentrator
  / \
Internet---switch/\firewall---LAN

HTH

Annlee

Mr piyush shah wrote:
 Hello all
 Can I know what is the Cisco PIX and that of a Cisco
 VPN 3000 in terms of performance?
 As I am planning to implement VPN with either VPN
 Concentrator or PIX,however I was told that if you
 implement only VPN Concentrator instead of PIX ,then
 you may get VPN connectivity but you will not be able
 to implement the filtering functionalities which are
 required .In case of PIX I may get both VPN as well as
 as filtering of unwanted traffic thereby changes of
 hacking sessions are less.
 Is this true.
 I am confised .Kindly help me.
 Also which one should consider to be the best scenario
 for implementation ?
 I am giving the 3 scenario below.If there is any
 scenario better than this pls get me know ewith the
 pros and cons of that one.Also equest you to know me
 the pros and cons of this scenarios also.
 aThnaks in advance.
 
 Scenario I Scenario II   Scenario
 
   
  InternetInternet Internet
|||
   
   
   
   VPN Concentrator Firewall Firewall--VPN 
||  |  Concntrtr   
||  |   |  
  LAN   VPNLAN _|
Concentrator
 
 
 
 
 
 Yahoo! India Matrimony: Find your partner online.
 Go to http://yahoo.shaadi.com
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75241t=75235
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Solutions for the Solie Labs - ?? [7:75239]

2003-09-11 Thread Biff Terrific 
If you mean the labs in the back of the book, you can download the solutions
at www.ciscopress.com. Look up the book then under More Information, click
on downloads.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75242t=75239
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Difference between Cisco VPN and PIX Firewall [7:75235]

2003-09-11 Thread Reimer, Fred 
Scenario III is probably the most recommended.  It is incorrect to say that
the VPN Concentrator does not have filtering capabilities.  It generally
only allows traffic in its public interface necessary for VPN connections,
so it is not any more inherently insecure as a PIX.  It does not have all of
the capabilities of the PIX however, so if you need a true firewall I'd go
with a firewall (not necessarily a PIX, I personally think they suck, go
with a Check Point).

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Mr piyush shah [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 7:08 AM
To: [EMAIL PROTECTED]
Subject: Re: Difference between Cisco VPN and PIX Firewall [7:75235]

Hello all
Can I know what is the Cisco PIX and that of a Cisco
VPN 3000 in terms of performance?
As I am planning to implement VPN with either VPN
Concentrator or PIX,however I was told that if you
implement only VPN Concentrator instead of PIX ,then
you may get VPN connectivity but you will not be able
to implement the filtering functionalities which are
required .In case of PIX I may get both VPN as well as
as filtering of unwanted traffic thereby changes of
hacking sessions are less.
Is this true.
I am confised .Kindly help me.
Also which one should consider to be the best scenario
for implementation ?
I am giving the 3 scenario below.If there is any
scenario better than this pls get me know ewith the
pros and cons of that one.Also equest you to know me
the pros and cons of this scenarios also.
aThnaks in advance.

Scenario I Scenario II   Scenario

  
 InternetInternet Internet
   |||
  
  
  
  VPN Concentrator Firewall Firewall--VPN 
   ||  |  Concntrtr   
   ||  |   |  
 LAN   VPNLAN _|
   Concentrator





Yahoo! India Matrimony: Find your partner online.
Go to http://yahoo.shaadi.com
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75244t=75235
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ciscoview-urgent [7:75227]

2003-09-11 Thread Reimer, Fred 
If you happen to be running PIM Sparse-Dense mode with auto-RP and
duplicate loopback IP addresses then you need a special patch for
CiscoWorks in order for it to properly discover the 6509's...  This probably
effects anything that has duplicate loopback IP addresses.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: milind tare [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 4:54 AM
To: [EMAIL PROTECTED]
Subject: ciscoview-urgent [7:75227]

Dear All,


  In my network MPLS VPN is there and the  cisco
devices having 7513,6509 and GSR. but in topology i am
not getting 6509 which is having OSM-4ge-wan card and
i can't detect the module in topology services. 
i have installed related pathches like CLiparaser,
catios6000, switchaddlets etc...but still getting
problem ? is coming in topology services.

please guide me urgently

Thanks  Regards,
milind

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75243t=75227
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: DLSW+ filter [7:75192]

2003-09-11 Thread alaerte Vidali 
This is from Solie's book:

The name in Netbios lists is compared with the source name field for Netbios
commands 00 and 01 an is comparted with the destination name field for
Netbios commands 08, 0A and 0E (datagram, name-query, name recognized).


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75245t=75192
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: question? [7:75237]

2003-09-11 Thread Chibwe, Oliver J, NEO 
Yes I do and how can I contribute to your good cause?:)

Thank you

Ollie
ATT Common Backbone
866-397-7309 Opt 1


-Original Message-
From: Accsystest [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 11, 2003 6:33 AM
To: [EMAIL PROTECTED]
Subject: question? [7:75237]


got your email address from the web: do you answer cisco related questions
by any chance: know any one who is willing to?
 



-
Yahoo! Search
- Looking for more? Try the new Yahoo! Search
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75246t=75237
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Network Benchmarking/Performance Analysis [7:74808]

2003-09-11 Thread [EMAIL PROTECTED] 
Maybe also sniffer (distributed), nice reports, ready for excel or the
beamer (CEO-ready.. ;-))

Martijn 


-Oorspronkelijk bericht-
Van: Lupi, Guy [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 4 september 2003 19:17
Aan: [EMAIL PROTECTED]
Onderwerp: Network Benchmarking/Performance Analysis [7:74808]


I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75248t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: help [7:75225]

2003-09-11 Thread Paul Borghese 
Oops!  I am moving the mailing list users to a new server and was testing
the new server.  I inadvertently sent one of the test messages to the active
list.  At 3:00 AM when stuff is not working, yelling help does not seem
like a bad idea :-).

By the way, the move should be done by this afternoon.  Unless I get tied up
with something else, you will receive a welcome message (those that read via
e-mail) describing the new server.

Take care,

Paul 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
annlee
Sent: Thursday, September 11, 2003 8:07 AM
To: [EMAIL PROTECTED]
Subject: Re: help [7:75225]

problem?

Paul Borghese wrote:
 help
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75249t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NAT and SAP [7:74982]

2003-09-11 Thread [EMAIL PROTECTED] 
Different approach:
Howmany clients? Static Nat on the router the other way around?

Give the server a route pointer to the nat router for the client. 

You even can choose to give the client a global ip to connect to the server
with, like a mail server for example.

Martijn 


-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 18:50
Aan: [EMAIL PROTECTED]
Onderwerp: NAT and SAP [7:74982]


When a SAP client tries to connect to a SAP server through a router with NAT
enabled there is a problem: the SAP server sends an IP embedded on the
payload of the packet, and the NAT router do not translate it.

Any suggestion?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75247t=74982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

642-811 [7:75252]

2003-09-11 Thread Cappuccio Victor 
Hello people..

I have at home Cisco Press Certification Library for 640-50* Exams. I did
not present the Exam on the dates because political problems in my country.
Now Cisco has change the exam content and this book in my opinion seems not
to fit very well.

I am willing to change all this PDF with the 642-811 PDF.

If you like the idea write me a [EMAIL PROTECTED]

Regards
Victor.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75252t=75252
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OSPF demand-circuit does not work [7:74954]

2003-09-11 Thread [EMAIL PROTECTED] 
It will say multicast.

Martijn 

-Oorspronkelijk bericht-
Van: Devrim Yener KUCUK [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 16:38
Aan: [EMAIL PROTECTED]
Onderwerp: Re: OSPF demand-circuit does not work [7:74954]


what do you see when you do sh dialer on the calling router, as a dial
reason?
or debug dialer, debug isdn q931 will be telling you

regards

De
- Original Message -
From: Lesly Verdier 
To: 
Sent: Monday, September 08, 2003 2:25 PM
Subject: OSPF demand-circuit does not work [7:74954]


 Hello All,

 I've configured ip ospf demand-circuit on an ISDN connection and this
 statement is supposed to supress the calls initiated by the Hello Packets.
 Still my router keeps on dialing.

 Does anybody know what the reason might be?

 Thanks,

 Lesly Verdier
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75250t=74954
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ISDN Switch - Teleos [7:39556]

2003-09-11 Thread Mark Onans 
Does anybody have a link to the NMC software that i have heard mentioned or
have it available thru ftp ??

Cheers Mark


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75251t=39556
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Basic IP CEF question (again) [7:75161]

2003-09-11 Thread Zsombor Papp 
Broadcast means everybody receives it.

 Curious wrote:
 
 Hi Zsombor, what do you mean?? Why the router has the broadcast
 IP in
 receive mode?
 I would like to know more about this ;)
 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75253t=75161
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Ethernet bogs down help has anyone seen this probl [7:75238]

2003-09-11 Thread Priscilla Oppenheimer 
[EMAIL PROTECTED] wrote:
 
 I have a customer that has a small office with a Cisco 56K
 Frame router. They
 are running Nat. Now when I plug in the frame side the ethernet
 side gets
 constant request for translation then it gets to the point
 where you can no
 longer even ping the ethernet side. If I remove the RG45 cable
 from the frame side.
 No problem the request stop and I can ping my ethernet side of
 the router
 fine with 10ml sec responses all day. The users office is down
 because he can not
 get out to the web. I've checked for viruses and everything
 seems fine. Does
 anyone have any ideas? This one is driving me crazy. The ISP
 says that my
 router is bad, but I doubt it. It started all of a sudden after
 working fine for 2
 years.

Please send us your config and the output of various show commands like show
interface, show processes cpu, etc. The show tech-support command displays
the results of many commands so is probably the best one to use. If you
think it's a NAT problem, some show commands for NAT include:

show ip nat statistics
show ip nat translations

You say the problem just started all of a sudden? The Internet has been
pretty shaky lately. You may be getting pinged constantly, for example. Are
you stopping those before you translate them? Do you have a firewall? Is the
router acting as a firewall? How is it configured? Please send us more data
to help you. Thanks.

Priscilla


 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75256t=75238
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

L2TP v3 Question [7:75255]

2003-09-11 Thread Hayes, Christopher 
Trying to do a lab that connects two ethernet lans together via L2TP v3.

Cisco has diddly for config examples. Does anyone have any that work?

Here is what I have so far. (shown below)

Topology:

pc1--lan1---fa0/0-router1-fa5/0--tunnel-fa5/0-router2-fa0/0---lan2--
pc2

Configs:

*
router1
*
ip cef

int lo0
 ip addr 192.168.254.2 255.255.255.0

l2tp-class l2tp-defaults
 retransmit initial retries 30
 cookie size 8

pseudowire-class ether-pw
 encapsulation l2tpv3
 protocol none
 ip local interface Loopback0

interface FastEthernet 0/0
 xconnect 192.168.1.2 123 encapsulation l2tpv3 manual pw-class ether-pw
l2tp id 222 111  l2tp cookie local 4 54321  l2tp cookie remote 4 12345  l2tp
hello l2tp-defaults

*
router2
*
ip cef

int lo0
 ip addr 192.168.254.3 255.255.255.0

l2tp-class l2tp-defaults
 retransmit initial retries 30
 cookie size 8

pseudowire-class ether-pw
 encapsulation l2tpv3
 protocol none
 ip local interface Loopback0

interface Ethernet 2/0
 xconnect 192.168.1.1 123 encapsulation l2tpv3 manual pw-class ether-pw
l2tp id 111 222  l2tp cookie local 4 12345  l2tp cookie remote 4 54321  l2tp
hello l2tp-defaults


Thanks,

Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75255t=75255
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Network Benchmarking/Performance Analysis [7:74808]

2003-09-11 Thread Reimer, Fred 
VitalNet from Lucent Technologies can use Cisco SAA, so in a way it's
distributed polling.  Any (recent) IOS device would become a
sensor/collector.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 9:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Network Benchmarking/Performance Analysis [7:74808]

Maybe also sniffer (distributed), nice reports, ready for excel or the
beamer (CEO-ready.. ;-))

Martijn 


-Oorspronkelijk bericht-
Van: Lupi, Guy [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 4 september 2003 19:17
Aan: [EMAIL PROTECTED]
Onderwerp: Network Benchmarking/Performance Analysis [7:74808]


I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75254t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

question on acl [7:75258]

2003-09-11 Thread Yong Wee 
Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

thks,
yongwee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75258t=75258
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

question on acl [7:75257]

2003-09-11 Thread Yong Wee 
Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

rgds,
yongwee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75257t=75257
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

BSCI 640-901 [7:75259]

2003-09-11 Thread Kenan Ahmed Siddiqi 
Hello people,
I am sitting the exam on next Monday (22nd September). Has anyone taken the
exam recently? I just want to know what the passing score is. Thank you.

Cheers,

Kenan


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75259t=75259
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: question on acl [7:75258]

2003-09-11 Thread Salvatore De Luca 
Here is an example of a named ACL to Block Specific even HOST sources to
destination port 23 to the address you specified. You can use:

  ip access-list extended BLOCK_TELNET_EVEN 
deny tcp 192.168.2.0 0.0.0.254 host 192.168.1.254 eq telnet
permit ip any any 

  
 Just practice and play with the BITS in the MASK.. You can achieve this
type of scenario in 1 statment..

-Sal

Yong Wee wrote:
 
 Hi,
How do you write an ext acl to block telnet access from even
 addresses in
 subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server
 192.168.1.254?
 
 thks,
 yongwee
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75260t=75258
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

What am I missing? HELP [7:75265]

2003-09-11 Thread Hyman, Craig 
All-

I have a CBOS IOS on a CISCO Router ( 600 series).  I am trying to make this
router a filter router. When I implement the rules below, nothing comes
across. I have checked the documentation, but still can't find the solution.
Does anybody have any ideas?

Your help is well appreciated..




set filter 0 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol tcp

set filter 1 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol udp

set filter 2 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol
icmp

set filter 3 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol tcp

set filter 4 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol icmp

set filter 5 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol udp

set filter 6 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0 
0.0.0.0
protocol tcp srcport 1024-65535 destport 23

set filter 7 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 20

set filter 8 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0
0.0.0.0 protocol icmp

set filter 9 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 23

set filter 10 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 20

set filter 11 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol icmp




SRS Level 2
SRS Implementation Team 
Cell phone# 720-840-4887
SUN PH# 303-272-2661
Virtual Office# 303-604-0037
[EMAIL PROTECTED]
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75265t=75265
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Ethernet bogs down help has anyone seen this problem [7:75263]

2003-09-11 Thread Daniel Cotts 
I'll bet the trouble started when the Nachi worm started spreading. It uses
pings to find hosts to infect. See the following to see what happens to NAT
when pinged from the outside.
http://www.cisco.com/warp/public/556/4.html

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Thursday, September 11, 2003 7:01 AM
 To: [EMAIL PROTECTED]
 Subject: Ethernet bogs down help has anyone seen this problem 
 [7:75238]
 
 
 I have a customer that has a small office with a Cisco 56K 
 Frame router.
 They
 are running Nat. Now when I plug in the frame side the 
 ethernet side gets 
 constant request for translation then it gets to the point 
 where you can no 
 longer even ping the ethernet side. If I remove the RG45 
 cable from the
 frame side.
 No problem the request stop and I can ping my ethernet side 
 of the router 
 fine with 10ml sec responses all day. The users office is 
 down because he
 can not
 get out to the web. I've checked for viruses and everything 
 seems fine. Does 
 anyone have any ideas? This one is driving me crazy. The ISP 
 says that my 
 router is bad, but I doubt it. It started all of a sudden 
 after working fine
 for 2
 years.
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info: 
 http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75263t=75263
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: question on acl [7:75257]

2003-09-11 Thread Bob by The Bay 
Yongwee,
!
!  Deny even numbers but permit everything else
!
access-list 101 deny tcp 192.168.2.0 0.0.0.254 host 192.168.1.254 eq telnet
access-list 101 permit any any
! implicit deny all here
!
!
or perhaps more efficiently
!
!
!  Permit odd numbers only
!
access-list 101 permit tcp 192.168.2.1 0.0.0.254 host 192.168.1.254 eq
telnet
! implicit deny all here
!
These answers are based on the fact that an even number in binary will have
a least significant digit of 0 in the octet while an odd number will have a
1.  Thus the 0.0.0.254 mask isolates the least significant digit for a match
against either a 1 or a zero.

FWIW,
Bob

Yong Wee  wrote in message
news:[EMAIL PROTECTED]
 Hi,
How do you write an ext acl to block telnet access from even addresses
in
 subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

 rgds,
 yongwee
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75262t=75257
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ciscoview-urgent [7:75227]

2003-09-11 Thread Reimer, Fred 
Communications problem.  I don't understand what you are asking.  Try using
more words.  Be verbose.  I may be able to understand then...

As far as I can tell:
You are not having any problems discovering the 6509.  It is in the
topology.  In your original messages, you said you were NOT getting the 6509
in the topology.  See my confusion?

Beyond that, I don't know what your problem is, so I can't suggest a
solution.

Just an off-the-wall guess, you probably need to load up the latest device
information file (Incremental Device thingy) in CiscoWorks to recognize a
particular module that may have been released recently...

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: milind tare [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 12:45 PM
To: Reimer, Fred
Cc: [EMAIL PROTECTED]
Subject: RE: ciscoview-urgent [7:75227]


hi reimer,


   Thanks for ur reply but not getting wht u want to
say. coz i told u i install , CATIOS6000 , Entity ,
Switchaddlet, CLIparser still i can't see i mean it is
coming intopology but with ? . so pls suggest me 

Thanks  Regards,
Milind Tare

--- Reimer, Fred  wrote:
 If you happen to be running PIM Sparse-Dense mode
 with auto-RP and
 duplicate loopback IP addresses then you need a
 special patch for
 CiscoWorks in order for it to properly discover the
 6509's...  This probably
 effects anything that has duplicate loopback IP
 addresses.
 
 Fred Reimer - CCNA
 
 
 Eclipsys Corporation, 200 Ashford Center North,
 Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager:
 888-260-2050
 
 
 NOTICE; This email contains confidential or
 proprietary information which
 may be legally privileged. It is intended only for
 the named recipient(s).
 If an addressing or transmission error has
 misdirected the email, please
 notify the author by replying to this message. If
 you are not the named
 recipient, you are not authorized to use, disclose,
 distribute, copy, print
 or rely on this email, and should immediately delete
 it from your computer.
 
 
 -Original Message-
 From: milind tare [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 4:54 AM
 To: [EMAIL PROTECTED]
 Subject: ciscoview-urgent [7:75227]
 
 Dear All,
 
 
   In my network MPLS VPN is there and the  cisco
 devices having 7513,6509 and GSR. but in topology i
 am
 not getting 6509 which is having OSM-4ge-wan card
 and
 i can't detect the module in topology services. 
 i have installed related pathches like CLiparaser,
 catios6000, switchaddlets etc...but still getting
 problem ? is coming in topology services.
 
 please guide me urgently
 
 Thanks  Regards,
 milind
 
 __
 Do you Yahoo!?
 Yahoo! SiteBuilder - Free, easy-to-use web site
 design software
 http://sitebuilder.yahoo.com
 **Please support GroupStudy by purchasing from the
 GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75269t=75227
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: L2TP v3 Question [7:75255]

2003-09-11 Thread Doan Nguyen 
I just had mine working.

Cola#show run
Building configuration...

Current configuration : 2615 bytes
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service single-slot-reload-enable
!
hostname Cola
!
redundancy
 no keepalive-enable
 mode hsa
enable secret 5 $1$4gPI$wcQKNzXJpTT3ibtsj.nLY0
!
ip subnet-zero
ip cef distributed
ip host jazz 192.168.100.53
mpls ldp logging neighbor-changes
no mpls traffic-eng auto-bw timers frequency 0
l2tp-class mc_l2tp_contr
 hello 30
 password 0 secret
 cookie size 8
!
pseudowire-class mc_l2tp_path
 encapsulation l2tpv3
 protocol l2tpv3 mc_l2tp_contr
 ip local interface Loopback3
 ip pmtu
 ip dfbit set
 ip tos reflect
!
!
!
!
interface Loopback0
 ip address 30.30.30.1 255.255.255.255
 no ip directed-broadcast
!
interface Loopback3
 ip address 192.168.100.43 255.255.255.255
 no ip directed-broadcast
!
interface Loopback4
 ip address 50.0.0.1 255.255.255.255
 no ip directed-broadcast
!
interface FastEthernet3/0/0
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/0
 ip address 200.100.100.1 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet3/1/1
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/2
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/3
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/4
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/5
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/6
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Ethernet3/1/7
 no ip address
 no ip directed-broadcast
 shutdown
!
interface FastEthernet9/0/0
 no ip address
 no ip directed-broadcast
 full-duplex
!
interface FastEthernet9/0/0.1
 encapsulation dot1Q 101
 ip address 13.0.1.1 255.255.255.252
 no ip directed-broadcast
!
interface FastEthernet9/0/1
 no ip address
 no ip directed-broadcast
 full-duplex
!
interface FastEthernet9/0/1.1
 encapsulation dot1Q 101
 no ip directed-broadcast
 no cdp enable
 xconnect 192.168.100.53 101 pw-class mc_l2tp_path
!
interface FastEthernet9/1/0
 ip address 10.1.1.1 255.255.255.0
 no ip directed-broadcast
 media-type MII
 full-duplex
!
router bgp 10
 no synchronization
 bgp log-neighbor-changes
 network 50.0.0.0
 redistribute connected
 neighbor 20.20.20.1 remote-as 10
 neighbor 20.20.20.1 update-source Loopback0
 no auto-summary
!
ip classless
ip route 10.2.2.0 255.255.255.0 10.1.1.2
ip route 20.20.20.1 255.255.255.255 13.0.1.2
ip route 192.168.100.53 255.255.255.255 10.1.1.2
!
!
!
!
alias exec ff show ip int brief
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

router2#

Building configuration...

Current configuration : 3888 bytes
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
no service single-slot-reload-enable
!
hostname blabla2
!
redundancy
 no keepalive-enable
 mode hsa
enable secret 5 $1$j7en$FoJXnn8QFW18jod4ncYzi.
!
ip subnet-zero
ip cef distributed
ip host cola 192.168.100.43
no mpls ldp logging neighbor-changes
no mpls traffic-eng auto-bw timers frequency 0
l2tp-class mc_l2tp_contr
 hello 30
 password 0 secret
 cookie size 8
!
pseudowire-class mc_l2tp_path
 encapsulation l2tpv3
 protocol l2tpv3 mc_l2tp_contr
 ip local interface Loopback3
 ip pmtu
 ip dfbit set
 ip tos reflect
!
!
!
!
interface Loopback0
 ip address 20.20.20.1 255.255.255.255
 no ip directed-broadcast
!
interface Loopback3
 ip address 192.168.100.53 255.255.255.255
 no ip directed-broadcast
!
!
interface FastEthernet5/1/0
 ip address 10.2.2.2 255.255.255.0
 no ip directed-broadcast
 no ip route-cache distributed
 full-duplex
!
interface FastEthernet8/1/0
 no ip address
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
 full-duplex
!
interface FastEthernet8/1/0.1
 encapsulation dot1Q 101
 ip address 13.0.1.2 255.255.255.252
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
!
interface FastEthernet8/1/1
 no ip address
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
 full-duplex
!
interface FastEthernet8/1/1.1
 encapsulation dot1Q 101
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
 no cdp enable
 xconnect 192.168.100.43 101 pw-class mc_l2tp_path
!

!
ip classless
ip route 10.1.1.0 255.255.255.0 10.2.2.1
ip route 192.168.100.43 255.255.255.255 10.2.2.1
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

Cisco has a messed up way of implementing the L2TPv3 tunnels like this. 
Basically you looped two FE ports together.  Pick 1 port for your layer 3
routing and the other port to cross connect your layer two tunnels.  The
vlan ID for the two FE ports must match.  The tunnels reference the loopback
of the endpoint router.  Hope this helps.

-Doan







Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75266t=75255

RE: Network Benchmarking/Performance Analysis [7:74808]

2003-09-11 Thread Loechel, Michelle 
For the SAAgents embedded in the IOS, use the IPM (Internetwork Performance
Monitor) software.  It comes as part of the CiscoWorks package.  I don't
know if you can buy it as a standalone package.  It includes a plug-in to
CiscoWorks and a client to install on the pc.  It's much easier to configure
and view statistics through the GUI.

Michelle Loechel

-Original Message-
From: Reimer, Fred [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 9:11 AM
To: [EMAIL PROTECTED]
Subject: RE: Network Benchmarking/Performance Analysis [7:74808]


VitalNet from Lucent Technologies can use Cisco SAA, so in a way it's
distributed polling.  Any (recent) IOS device would become a sensor/collector.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 9:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Network Benchmarking/Performance Analysis [7:74808]

Maybe also sniffer (distributed), nice reports, ready for excel or the
beamer (CEO-ready.. ;-))

Martijn 


-Oorspronkelijk bericht-
Van: Lupi, Guy [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 4 september 2003 19:17
Aan: [EMAIL PROTECTED]
Onderwerp: Network Benchmarking/Performance Analysis [7:74808]


I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75264t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ciscoview-urgent [7:75227]

2003-09-11 Thread milind tare 
hi reimer,


   Thanks for ur reply but not getting wht u want to
say. coz i told u i install , CATIOS6000 , Entity ,
Switchaddlet, CLIparser still i can't see i mean it is
coming intopology but with ? . so pls suggest me 

Thanks  Regards,
Milind Tare

--- Reimer, Fred  wrote:
 If you happen to be running PIM Sparse-Dense mode
 with auto-RP and
 duplicate loopback IP addresses then you need a
 special patch for
 CiscoWorks in order for it to properly discover the
 6509's...  This probably
 effects anything that has duplicate loopback IP
 addresses.
 
 Fred Reimer - CCNA
 
 
 Eclipsys Corporation, 200 Ashford Center North,
 Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager:
 888-260-2050
 
 
 NOTICE; This email contains confidential or
 proprietary information which
 may be legally privileged. It is intended only for
 the named recipient(s).
 If an addressing or transmission error has
 misdirected the email, please
 notify the author by replying to this message. If
 you are not the named
 recipient, you are not authorized to use, disclose,
 distribute, copy, print
 or rely on this email, and should immediately delete
 it from your computer.
 
 
 -Original Message-
 From: milind tare [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 4:54 AM
 To: [EMAIL PROTECTED]
 Subject: ciscoview-urgent [7:75227]
 
 Dear All,
 
 
   In my network MPLS VPN is there and the  cisco
 devices having 7513,6509 and GSR. but in topology i
 am
 not getting 6509 which is having OSM-4ge-wan card
 and
 i can't detect the module in topology services. 
 i have installed related pathches like CLiparaser,
 catios6000, switchaddlets etc...but still getting
 problem ? is coming in topology services.
 
 please guide me urgently
 
 Thanks  Regards,
 milind
 
 __
 Do you Yahoo!?
 Yahoo! SiteBuilder - Free, easy-to-use web site
 design software
 http://sitebuilder.yahoo.com
 **Please support GroupStudy by purchasing from the
 GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75267t=75227
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: question on acl [7:75257]

2003-09-11 Thread Andrew Larkins 
As multiple single entries - you can not summarize these...

A better way is to have all the specific users that must be denied to be in
a summarizable subnet

-Original Message-
From: Yong Wee [mailto:[EMAIL PROTECTED] 
Sent: 11 September 2003 17:30
To: [EMAIL PROTECTED]
Subject: question on acl [7:75257]


Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

rgds,
yongwee
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75268t=75257
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: {Spam?} question on acl [7:75258]

2003-09-11 Thread Robert Perez 
You would have to do each host individually as:

access-list 110 deny tcp host 192.168.2.2 host 192.168.1.254 eq 23

You cannot choose only even addresses with any kind of command. Atleast not
that I am aware of.

-Original Message-
From: Yong Wee [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 11:34 AM
To: [EMAIL PROTECTED]
Subject: {Spam?} question on acl [7:75258]


Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

thks,
yongwee
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75270t=75258
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ciscoview-urgent [7:75227]

2003-09-11 Thread milind tare 
hi reimer,

  Thanks for ur reply, and extremely sorry for mis
communication. i will explain u my porblem.

  I install ciscoworks. I have GSR,7513,6509,3512 in
my network. but in topology view i can see
7513,3512,and GSR.

   I install CATIOS6000,Switchaddlets,Entity,
CLIparser. 

   about 6509 the box is coming in Topology but ? is
coming on that box.

Thanks  Regards,
Milind Tare
--- Reimer, Fred  wrote:
 Communications problem.  I don't understand what you
 are asking.  Try using
 more words.  Be verbose.  I may be able to
 understand then...
 
 As far as I can tell:
 You are not having any problems discovering the
 6509.  It is in the
 topology.  In your original messages, you said you
 were NOT getting the 6509
 in the topology.  See my confusion?
 
 Beyond that, I don't know what your problem is, so I
 can't suggest a
 solution.
 
 Just an off-the-wall guess, you probably need to
 load up the latest device
 information file (Incremental Device thingy) in
 CiscoWorks to recognize a
 particular module that may have been released
 recently...
 
 Fred Reimer - CCNA
 
 
 Eclipsys Corporation, 200 Ashford Center North,
 Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager:
 888-260-2050
 
 
 NOTICE; This email contains confidential or
 proprietary information which
 may be legally privileged. It is intended only for
 the named recipient(s).
 If an addressing or transmission error has
 misdirected the email, please
 notify the author by replying to this message. If
 you are not the named
 recipient, you are not authorized to use, disclose,
 distribute, copy, print
 or rely on this email, and should immediately delete
 it from your computer.
 
 
 -Original Message-
 From: milind tare [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 12:45 PM
 To: Reimer, Fred
 Cc: [EMAIL PROTECTED]
 Subject: RE: ciscoview-urgent [7:75227]
 
 
 hi reimer,
 
 
Thanks for ur reply but not getting wht u want to
 say. coz i told u i install , CATIOS6000 , Entity ,
 Switchaddlet, CLIparser still i can't see i mean it
 is
 coming intopology but with ? . so pls suggest me 
 
 Thanks  Regards,
 Milind Tare
 
 --- Reimer, Fred  wrote:
  If you happen to be running PIM Sparse-Dense mode
  with auto-RP and
  duplicate loopback IP addresses then you need a
  special patch for
  CiscoWorks in order for it to properly discover
 the
  6509's...  This probably
  effects anything that has duplicate loopback IP
  addresses.
  
  Fred Reimer - CCNA
  
  
  Eclipsys Corporation, 200 Ashford Center North,
  Atlanta, GA 30338
  Phone: 404-847-5177  Cell: 770-490-3071  Pager:
  888-260-2050
  
  
  NOTICE; This email contains confidential or
  proprietary information which
  may be legally privileged. It is intended only for
  the named recipient(s).
  If an addressing or transmission error has
  misdirected the email, please
  notify the author by replying to this message. If
  you are not the named
  recipient, you are not authorized to use,
 disclose,
  distribute, copy, print
  or rely on this email, and should immediately
 delete
  it from your computer.
  
  
  -Original Message-
  From: milind tare [mailto:[EMAIL PROTECTED] 
  Sent: Thursday, September 11, 2003 4:54 AM
  To: [EMAIL PROTECTED]
  Subject: ciscoview-urgent [7:75227]
  
  Dear All,
  
  
In my network MPLS VPN is there and the 
 cisco
  devices having 7513,6509 and GSR. but in topology
 i
  am
  not getting 6509 which is having OSM-4ge-wan card
  and
  i can't detect the module in topology services. 
  i have installed related pathches like CLiparaser,
  catios6000, switchaddlets etc...but still getting
  problem ? is coming in topology services.
  
  please guide me urgently
  
  Thanks  Regards,
  milind
  
  __
  Do you Yahoo!?
  Yahoo! SiteBuilder - Free, easy-to-use web site
  design software
  http://sitebuilder.yahoo.com
  **Please support GroupStudy by purchasing from the
  GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html
 
 
 __
 Do you Yahoo!?
 Yahoo! SiteBuilder - Free, easy-to-use web site
 design software
 http://sitebuilder.yahoo.com


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75271t=75227
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Solutions for the Solie Labs - ?? [7:75239]

2003-09-11 Thread Brad Ellis 
Ive got them here (along with my review of the book)


http://www.optsys.net/cciepractreview.htm


thanks,
-Brad Ellis
CCIE#5796 (RS / Security)
Network Learning Inc
[EMAIL PROTECTED]
www.ccbootcamp.com (cisco training)
Cisco Nuts  wrote in message
news:[EMAIL PROTECTED]
 Hello,Does any one if there is a way to get the solutions for the Solie
 Labs from CCIE PS Vol. I?Thank you.

 

 Use custom emotions -- try MSN Messenger 6.0!
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75261t=75239
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NAT and SAP [7:74982]

2003-09-11 Thread Reimer, Fred 
SAP, SAP, what the heck is SAP?  At first I thought it was SIP, but that
doesn't sound right.  Maybe it's referring to the COMPANY SAP?  If so, what
specific application are you talking about?

I must say SAP's website is a nightmare.  Looks like all marketing speak to
me.  Bunch of mumbo jumbo and everything is hard to find.  So much for
customer relationships!

But those are just my opinions, which do not necessarily reflect those of my
employer ;-)

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 9:52 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT and SAP [7:74982]

Different approach:
Howmany clients? Static Nat on the router the other way around?

Give the server a route pointer to the nat router for the client. 

You even can choose to give the client a global ip to connect to the server
with, like a mail server for example.

Martijn 


-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 18:50
Aan: [EMAIL PROTECTED]
Onderwerp: NAT and SAP [7:74982]


When a SAP client tries to connect to a SAP server through a router with NAT
enabled there is a problem: the SAP server sends an IP embedded on the
payload of the packet, and the NAT router do not translate it.

Any suggestion?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75272t=74982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Mailing list conversion we are moving .... [7:75275]

2003-09-11 Thread Paul Borghese 
If you are subscribed to this list via e-mail, we will be transitioning to a
new server with new software.  Within the next few hours you will receive a
welcome message from the new server.Please save this e-mail as it
contains your password and subscription instructions.

If you never receive the welcome message, and you are receiving this list
via e-mail, please send me an e-mail.  If you are not receiving messages
from the new server once the transition is complete, again please report it.
In both cases, before you report it, please make sure it is not a problem on
your end (i.e. your anti-spam filters etc.).

The upgrade should take care of a number of problems including the time
required to distribute mail and various digest options.

Also, do not forget about our online meeting -- 8:00 PM at
Chat.GroupStudy.com!

Take care,

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75275t=75275
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ciscoview-urgent [7:75227]

2003-09-11 Thread Reimer, Fred 
I still don't know what you mean by ? is coming on that box  Do you mean
for the OSM module?  That's not listed in the supported devices for Campus
Manager (which I'm assuming you mean by the topology view.

You might try asking at [EMAIL PROTECTED]  They have many more
CiscoWorks people over there.  I'll cross-post...

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: milind tare [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 1:11 PM
To: Reimer, Fred
Cc: [EMAIL PROTECTED]
Subject: RE: ciscoview-urgent [7:75227]

hi reimer,

  Thanks for ur reply, and extremely sorry for mis
communication. i will explain u my porblem.

  I install ciscoworks. I have GSR,7513,6509,3512 in
my network. but in topology view i can see
7513,3512,and GSR.

   I install CATIOS6000,Switchaddlets,Entity,
CLIparser. 

   about 6509 the box is coming in Topology but ? is
coming on that box.

Thanks  Regards,
Milind Tare
--- Reimer, Fred  wrote:
 Communications problem.  I don't understand what you
 are asking.  Try using
 more words.  Be verbose.  I may be able to
 understand then...
 
 As far as I can tell:
 You are not having any problems discovering the
 6509.  It is in the
 topology.  In your original messages, you said you
 were NOT getting the 6509
 in the topology.  See my confusion?
 
 Beyond that, I don't know what your problem is, so I
 can't suggest a
 solution.
 
 Just an off-the-wall guess, you probably need to
 load up the latest device
 information file (Incremental Device thingy) in
 CiscoWorks to recognize a
 particular module that may have been released
 recently...
 
 Fred Reimer - CCNA
 
 
 Eclipsys Corporation, 200 Ashford Center North,
 Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager:
 888-260-2050
 
 
 NOTICE; This email contains confidential or
 proprietary information which
 may be legally privileged. It is intended only for
 the named recipient(s).
 If an addressing or transmission error has
 misdirected the email, please
 notify the author by replying to this message. If
 you are not the named
 recipient, you are not authorized to use, disclose,
 distribute, copy, print
 or rely on this email, and should immediately delete
 it from your computer.
 
 
 -Original Message-
 From: milind tare [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 12:45 PM
 To: Reimer, Fred
 Cc: [EMAIL PROTECTED]
 Subject: RE: ciscoview-urgent [7:75227]
 
 
 hi reimer,
 
 
Thanks for ur reply but not getting wht u want to
 say. coz i told u i install , CATIOS6000 , Entity ,
 Switchaddlet, CLIparser still i can't see i mean it
 is
 coming intopology but with ? . so pls suggest me 
 
 Thanks  Regards,
 Milind Tare
 
 --- Reimer, Fred  wrote:
  If you happen to be running PIM Sparse-Dense mode
  with auto-RP and
  duplicate loopback IP addresses then you need a
  special patch for
  CiscoWorks in order for it to properly discover
 the
  6509's...  This probably
  effects anything that has duplicate loopback IP
  addresses.
  
  Fred Reimer - CCNA
  
  
  Eclipsys Corporation, 200 Ashford Center North,
  Atlanta, GA 30338
  Phone: 404-847-5177  Cell: 770-490-3071  Pager:
  888-260-2050
  
  
  NOTICE; This email contains confidential or
  proprietary information which
  may be legally privileged. It is intended only for
  the named recipient(s).
  If an addressing or transmission error has
  misdirected the email, please
  notify the author by replying to this message. If
  you are not the named
  recipient, you are not authorized to use,
 disclose,
  distribute, copy, print
  or rely on this email, and should immediately
 delete
  it from your computer.
  
  
  -Original Message-
  From: milind tare [mailto:[EMAIL PROTECTED] 
  Sent: Thursday, September 11, 2003 4:54 AM
  To: [EMAIL PROTECTED]
  Subject: ciscoview-urgent [7:75227]
  
  Dear All,
  
  
In my network MPLS VPN is there and the 
 cisco
  devices having 7513,6509 and GSR. but in topology
 i
  am
  not getting 6509 which is having OSM-4ge-wan card
  and
  i can't detect the module in topology services. 
  i have installed related pathches like CLiparaser,
  catios6000, switchaddlets etc...but still getting
  problem ? is coming in topology services.
  
  please guide me urgently
  
  Thanks  Regards,
  milind
  
  __
  Do you Yahoo!?
  Yahoo! SiteBuilder - Free, easy-to-use web site
  design software

RE: Ethernet bogs down help has anyone seen this problem [7:75277]

2003-09-11 Thread Andrew Larkins 
Try an access-list that denies ICMP and then use IP accounting access-
violations to see - more than likely a virus

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Thursday, September 11, 2003 7:01 AM
 To: [EMAIL PROTECTED]
 Subject: Ethernet bogs down help has anyone seen this problem
 [7:75238]
 
 
 I have a customer that has a small office with a Cisco 56K
 Frame router.
 They
 are running Nat. Now when I plug in the frame side the 
 ethernet side gets 
 constant request for translation then it gets to the point 
 where you can no 
 longer even ping the ethernet side. If I remove the RG45 
 cable from the
 frame side.
 No problem the request stop and I can ping my ethernet side 
 of the router 
 fine with 10ml sec responses all day. The users office is 
 down because he
 can not
 get out to the web. I've checked for viruses and everything 
 seems fine. Does 
 anyone have any ideas? This one is driving me crazy. The ISP 
 says that my 
 router is bad, but I doubt it. It started all of a sudden 
 after working fine
 for 2
 years.
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info: 
 http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75277t=75277
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Free Rack Time [7:75273]

2003-09-11 Thread Jay Greenberg 
I need 10-20 people to beta test a new online cisco lab time rental
system.   Anyone who would like free lab time and can answer a couple
questions after, please respond.  

-- 
Jay Greenberg 
CCIE #11021




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75273t=75273
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: question on acl [7:75257]

2003-09-11 Thread Reimer, Fred 
Er, yes you can.  Two people have already replied on how.  Use a WILDCARD
mask of 0.0.0.254.  Simple, easy, effective.  I'd hate to have to type in
128 permit statements.  Probably end up writing a Perl one-liner, but the
easier way is to use the proper WILDCARD mask.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Andrew Larkins [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 12:50 PM
To: [EMAIL PROTECTED]
Subject: RE: question on acl [7:75257]

As multiple single entries - you can not summarize these...

A better way is to have all the specific users that must be denied to be in
a summarizable subnet

-Original Message-
From: Yong Wee [mailto:[EMAIL PROTECTED] 
Sent: 11 September 2003 17:30
To: [EMAIL PROTECTED]
Subject: question on acl [7:75257]


Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

rgds,
yongwee
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75280t=75257
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NAT and SAP [7:74982]

2003-09-11 Thread [EMAIL PROTECTED] 
Different approach:
Howmany clients? Static Nat on the router the other way around?

Give the server a route pointer to the nat router for the client. 

You even can choose to give the client a global ip to connect to the server
with, like a mail server for example.

Martijn 


-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 18:50
Aan: [EMAIL PROTECTED]
Onderwerp: NAT and SAP [7:74982]


When a SAP client tries to connect to a SAP server through a router with NAT
enabled there is a problem: the SAP server sends an IP embedded on the
payload of the packet, and the NAT router do not translate it.

Any suggestion?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75276t=74982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

BSCI 640-901 [7:75259]

2003-09-11 Thread Kenan Ahmed Siddiqi 
Hello people,
I am sitting the exam on next Monday (22nd September). Has anyone taken the
exam recently? I just want to know what the passing score is. Thank you.

Cheers,

Kenan
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75279t=75259
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: help [7:75225]

2003-09-11 Thread Paul Borghese 
Oops!  I am moving the mailing list users to a new server and was testing
the new server.  I inadvertently sent one of the test messages to the active
list.  At 3:00 AM when stuff is not working, yelling help does not seem
like a bad idea :-).

By the way, the move should be done by this afternoon.  Unless I get tied up
with something else, you will receive a welcome message (those that read via
e-mail) describing the new server.

Take care,

Paul 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
annlee
Sent: Thursday, September 11, 2003 8:07 AM
To: [EMAIL PROTECTED]
Subject: Re: help [7:75225]

problem?

Paul Borghese wrote:
 help
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75274t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: {Spam?} question on acl [7:75258]

2003-09-11 Thread Salvatore De Luca 
Robert, 

  Yes.. You absolutley CAN... See previous reply...


Robert Perez wrote:
 
 You would have to do each host individually as:
 
 access-list 110 deny tcp host 192.168.2.2 host 192.168.1.254 eq
 23
 
 You cannot choose only even addresses with any kind of command.
 Atleast not
 that I am aware of.
 
 -Original Message-
 From: Yong Wee [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 11:34 AM
 To: [EMAIL PROTECTED]
 Subject: {Spam?} question on acl [7:75258]
 
 
 Hi,
How do you write an ext acl to block telnet access from even
 addresses in
 subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server
 192.168.1.254?
 
 thks,
 yongwee
 **Please support GroupStudy by purchasing from the GroupStudy
 Store:
 http://shop.groupstudy.com FAQ, list archives, and subscription
 info:
 http://www.groupstudy.com/list/cisco.html
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75283t=75258
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: [NMSU-CW2K] RE: ciscoview-urgent [7:75227]

2003-09-11 Thread Peter P. Benac 
Fred,

The ? in the icon on the Topology map means it's an unknown device.
It knows it's CDP supported but it can not identify it's Cisco Device ID or
the sysObjectID.  There are a couple of reasons for this including the fact
they are in reality HP JetDirects, New HP Servers (they both support CDP )
or the device or OS version is not supported by the version CW2K he has.

Regards,
Pete

Peter P. Benac, CCNA
Emacolet Networking Services, Inc
Providing Systems and Network Consulting, Training, Web Hosting Services
Phone: 919-847-1740 or 866-701-2345
Web: http://www.emacolet.com
Need quick reliable Systems or Network Management advice visit
http://www.nmsusers.org

To have principles...
 First have courage.. With principles comes integrity!!!




 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred
 Sent: Thursday, September 11, 2003 13:58
 To: milind tare
 Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Subject: [NMSU-CW2K] RE: ciscoview-urgent [7:75227]
 
 
 I still don't know what you mean by ? is coming on that box 
  Do you mean for the OSM module?  That's not listed in the 
 supported devices for Campus Manager (which I'm assuming you 
 mean by the topology view.
 
 You might try asking at [EMAIL PROTECTED]  They have 
 many more CiscoWorks people over there.  I'll cross-post...
 
 Fred Reimer - CCNA
 
 
 Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
 
 
 NOTICE; This email contains confidential or proprietary 
 information which may be legally privileged. It is intended 
 only for the named recipient(s). If an addressing or 
 transmission error has misdirected the email, please notify 
 the author by replying to this message. If you are not the 
 named recipient, you are not authorized to use, disclose, 
 distribute, copy, print or rely on this email, and should 
 immediately delete it from your computer.
 
 
 -Original Message-
 From: milind tare [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, September 11, 2003 1:11 PM
 To: Reimer, Fred
 Cc: [EMAIL PROTECTED]
 Subject: RE: ciscoview-urgent [7:75227]
 
 hi reimer,
 
   Thanks for ur reply, and extremely sorry for mis 
 communication. i will explain u my porblem.
 
   I install ciscoworks. I have GSR,7513,6509,3512 in
 my network. but in topology view i can see
 7513,3512,and GSR.
 
I install CATIOS6000,Switchaddlets,Entity,
 CLIparser. 
 
about 6509 the box is coming in Topology but ? is
 coming on that box.
 
 Thanks  Regards,
 Milind Tare
 --- Reimer, Fred  wrote:
  Communications problem.  I don't understand what you
  are asking.  Try using
  more words.  Be verbose.  I may be able to
  understand then...
  
  As far as I can tell:
  You are not having any problems discovering the
  6509.  It is in the
  topology.  In your original messages, you said you
  were NOT getting the 6509
  in the topology.  See my confusion?
  
  Beyond that, I don't know what your problem is, so I
  can't suggest a
  solution.
  
  Just an off-the-wall guess, you probably need to
  load up the latest device
  information file (Incremental Device thingy) in
  CiscoWorks to recognize a
  particular module that may have been released
  recently...
  
  Fred Reimer - CCNA
  
  
  Eclipsys Corporation, 200 Ashford Center North,
  Atlanta, GA 30338
  Phone: 404-847-5177  Cell: 770-490-3071  Pager:
  888-260-2050
  
  
  NOTICE; This email contains confidential or
  proprietary information which
  may be legally privileged. It is intended only for
  the named recipient(s).
  If an addressing or transmission error has
  misdirected the email, please
  notify the author by replying to this message. If
  you are not the named
  recipient, you are not authorized to use, disclose, 
 distribute, copy, 
  print or rely on this email, and should immediately delete
  it from your computer.
  
  
  -Original Message-
  From: milind tare [mailto:[EMAIL PROTECTED]
  Sent: Thursday, September 11, 2003 12:45 PM
  To: Reimer, Fred
  Cc: [EMAIL PROTECTED]
  Subject: RE: ciscoview-urgent [7:75227]
  
  
  hi reimer,
  
  
 Thanks for ur reply but not getting wht u want to
  say. coz i told u i install , CATIOS6000 , Entity , Switchaddlet, 
  CLIparser still i can't see i mean it is
  coming intopology but with ? . so pls suggest me 
  
  Thanks  Regards,
  Milind Tare
  
  --- Reimer, Fred  wrote:
   If you happen to be running PIM Sparse-Dense mode
   with auto-RP and
   duplicate loopback IP addresses then you need a
   special patch for
   CiscoWorks in order for it to properly discover
  the
   6509's...  This probably
   effects anything that has duplicate loopback IP addresses.
   
   Fred Reimer - CCNA
   
   
   Eclipsys Corporation, 200 Ashford Center North,
   Atlanta, GA 30338
   Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
   
   
   NOTICE; This email contains confidential or
   proprietary

RE: {Spam?} question on acl [7:75258]

2003-09-11 Thread Reimer, Fred 
Well, we have two right answers (you can do it with a wildcard mask of
0.0.0.254) and two wrong answers (it's not possible).  I'll break the tie
and say you can do it ;-)

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Robert Perez [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 1:10 PM
To: [EMAIL PROTECTED]
Subject: RE: {Spam?} question on acl [7:75258]

You would have to do each host individually as:

access-list 110 deny tcp host 192.168.2.2 host 192.168.1.254 eq 23

You cannot choose only even addresses with any kind of command. Atleast not
that I am aware of.

-Original Message-
From: Yong Wee [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 11, 2003 11:34 AM
To: [EMAIL PROTECTED]
Subject: {Spam?} question on acl [7:75258]


Hi,
   How do you write an ext acl to block telnet access from even addresses in
subnet 192.168.2.0/24 (i.e, .2, .4, .6 etc) to server 192.168.1.254?

thks,
yongwee
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75282t=75258
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Ethernet bogs down help has anyone seen this problem [7:75285]

2003-09-11 Thread MADMAN 
Do a sh ip nat trans.  Are you seeing a quadrillion icmp translations 
all sourcing a same host or few hosts?

   Dave

Andrew Larkins wrote:

 Try an access-list that denies ICMP and then use IP accounting access-
 violations to see - more than likely a virus
 
 
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 11, 2003 7:01 AM
To: [EMAIL PROTECTED]
Subject: Ethernet bogs down help has anyone seen this problem
[7:75238]


I have a customer that has a small office with a Cisco 56K
Frame router.
They
are running Nat. Now when I plug in the frame side the 
ethernet side gets 
constant request for translation then it gets to the point 
where you can no 
longer even ping the ethernet side. If I remove the RG45 
cable from the
frame side.
No problem the request stop and I can ping my ethernet side 
of the router 
fine with 10ml sec responses all day. The users office is 
down because he
can not
get out to the web. I've checked for viruses and everything 
seems fine. Does 
anyone have any ideas? This one is driving me crazy. The ISP 
says that my 
router is bad, but I doubt it. It started all of a sudden 
after working fine
for 2
years.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
 
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
 

-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75285t=75285
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Free Rack Time [7:75273]

2003-09-11 Thread Chibwe, Oliver J, NEO 
Counting me in and where do we go from here?


Thank you

Ollie
ATT Common Backbone
866-397-7309 Opt 1


-Original Message-
From: Jay Greenberg [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 11, 2003 12:32 PM
To: [EMAIL PROTECTED]
Subject: Free Rack Time [7:75273]


I need 10-20 people to beta test a new online cisco lab time rental
system.   Anyone who would like free lab time and can answer a couple
questions after, please respond.  

-- 
Jay Greenberg 
CCIE #11021
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75286t=75273
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html