RE: home lab equipment [7:75115]
I stopped buying long ago except isdn pbx, basics on routers at home, and started renting a few low budget ATM/VOICE etc. labs online. Martijn -Oorspronkelijk bericht- Van: Dave Williams [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 9 september 2003 22:31 Aan: [EMAIL PROTECTED] Onderwerp: home lab equipment [7:75115] Group, I'm planning on purchasing my final addition to my RS home lab sometime this month. I'm having a hard time deciding if I should add another 3550 (I have one already) or if I should pick up a Lightstream 1010 with two 4500s that have an OC3 MM interface. ATM for the 3600s is way too expensive for me. Any suggestions would be appreciated. (Sorry if this message is a dub) -dave **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75226t=75115 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Cisc SAFE Exam [7:75200]
Saw some on the group a few weeks ago. Martijn -Oorspronkelijk bericht- Van: Fred Wittenberg [mailto:[EMAIL PROTECTED] Verzonden: woensdag 10 september 2003 20:15 Aan: [EMAIL PROTECTED] Onderwerp: Cisc SAFE Exam [7:75200] Hello all, I'm planning on taking the SAFE exam to wrap up my CCSP soon...can anyone that has passed/taken this offer what they used as study guides?? TIA, FW **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75228t=75200 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Upgrading ROMMON on 2948G [7:75179]
CCO customer? login http://ftp.cisco.com/cisco/lan/catalyst/4000/cat4000-releasenote.8-1-2.pdf 2 Release Notes for Catalyst 4500 Series Software Release 8.x OL-4502-02 ROMMON Requirements If the Boot ROM (ROMMON) loaded onto your switch is version 4.5(1) or earlier, you need to upgrade the ROMMON to at least version 5.4(1) in order to run software release 8.1 or later. Upgrading the ROMMON Follow these guidelines to upgrade the ROMMON on your switch: 3 Release Notes for Catalyst 4500 Series Software Release 8.x OL-4502-02 System Requirements Caution To avoid actions that might make your system unbootable, read this entire section before starting the upgrade. You can do this procedure entirely over a Telnet connection, but if something fails, you will need to have access to the console serial port. If done improperly, the system can become unbootable. You will then have to return it to Cisco for repair. This section describes an upgrade to ROMMON version 6.4(1). The same procedure applies to other ROMMON versions, but you will have to substitute appropriate version numbers in the upgrade image names. Step 1 Download the promupgrade program from Cisco.com and place it on a TFTP server in a directory that is accessible from the switch to be upgraded. The promupgrade programs are available at the same location on Cisco.com where you download Catalyst 4500 series system images. To upgrade to ROMMON version 6.1(4), download the cat4000-promupgrade.6-1-4.bin file. Step 2 In privileged mode on your switch, use the show version command to verify the ROMMON version loaded on the switch. The ROMMON version number is listed as the System Bootstrap Version. For example, in the following output, the system is running ROMMON version 6.1(2): Console (enable) show version WS-C4003 Software, Version NmpSW:5.5(8) Copyright (c) 1995-2001 by Cisco Systems, Inc. NMP S/W compiled on May 24 2001, 21:12:09 GSP S/W compiled on May 24 2001, 18:39:50 System Bootstrap Version:6.1(2) Hardware Version:1.0 Model:WS-C4003 Serial #:x **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP Table and SNMP [7:75016]
Did you read trough the http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1829/products_feat ure_guide09186a0080087c60.html 12.0 BGP Received Routes MIB http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1839/products_feat ure_guide09186a0080110bbc.html 12.2T BGP 4 MIB Support for per-Peer Received Routes Martijn -Oorspronkelijk bericht- Van: Alejandro Acosta [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 9 september 2003 3:50 Aan: [EMAIL PROTECTED] Onderwerp: BGP Table and SNMP [7:75016] Hi all, I wonder if any of you have succesfully retrieved the BGP table from a Cisco router using SNMP?. I read a lot of documents and tried a lot of MIBs/OID without any success. I used the MIB navigation tool at the Cisco TAC but I did not find something really useful. I only could read the peerings, uptime of the BGP session and few more thing. By the moment I think it should be done using snmpwalk, am I right? FYI, I do have the full routing table in one of my routers (IOS 12.2.6) Any help will be appreciated. Thank Alejandro Acosta **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75232t=75016 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: route add [7:75024]
Easy did a zillion times for the sysadmins. IE settings hack. trough a .reg file in the login script. (per user or group dep on your directory/kix) so do NOT use proxy for this and this anbd this webserver Martijn -Oorspronkelijk bericht- Van: Steiven Poh [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 9 september 2003 6:52 Aan: [EMAIL PROTECTED] Onderwerp: route add [7:75024] Dear All, I have a very stupit quesrtion here. How am i by pass the proxy and route direct to the router. Pls comment !! Below is my diagram. 169.168.4.2/16 (my pc) - router (192.168.161.254/16)--Leased Line 64k--router (192.167.161.254/16)Proxy (192.167.3.34/16)---Internet router (192.167.3.35/16) My pc route print : Active Routes: Network Address Netmask Gateway AddressInterface Metric 0.0.0.00.0.0.0 192.167.161.254 192.168.4.2 1 0.0.0.00.0.0.0 192.168.161.254 192.168.4.2 1 127.0.0.0 255.0.0.0127.0.0.1127.0.0.1 1 192.168.0.0 255.255.0.0 192.168.4.2 192.168.4.2 1 192.168.4.2 255.255.255.255127.0.0.1127.0.0.1 1 192.168.255.255 255.255.255.255 192.168.4.2 192.168.4.2 1 224.0.0.0 224.0.0.0 192.168.4.2 192.168.4.2 1 255.255.255.255 255.255.255.255 192.168.4.2 0.0.0.0 1 This e-mail has been sent via JARING webmail at http://www.jaring.my **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75234t=75024 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: router CPU utilization on access lists? [7:75002]
So maybe permit and route to null0 in some cases? Then no unreachables are generated because there is a route? Martijn -Oorspronkelijk bericht- Van: Marty Adkins [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 9 september 2003 20:29 Aan: [EMAIL PROTECTED] Onderwerp: Re: router CPU utilization on access lists? [7:75002] Priscilla Oppenheimer wrote: Yes, that's true indeed that access lists don't cause process switching anymore, so wouldn't show up in IP Input. Two exceptions that I failed to mention are logging and the side effect of a deny. By default, a deny causes the generation of an ICMP admin. prohibited unreachable sent to the source of the blcoked packet. Since packets cannot be created in interrupt mode, process context is required. But these are rate limited to two/second by default as self protection. Plus normal traffic shouldn't result in very many denies. But you can inhibit this entirely by configuring no ip unreachables on an interface. If the matching ACE has the log keyword, then process context is required to create the log message and perform normal logging. This too is rate-limited. Thanks for everyone's advice. It sounds like Marty has the right approach. Although access lists aren't process switched, they are generally fast switched unless the router supports some other feature (like silicon switching) or some fancy configuration like CEF or NetFlow? So, the thing to look for is a high utilization caused by interrupts (the number after the slash). I can't safely turn them off and test, so I think I will try to simulate the network and traffic in a lab to test my theory that they are an issue. It's a 2621 router with lots of entries in the access lists that are applied. I think it's time to offload a lot of the policy represented by the lists to a PIX firewall. You can tune the lists by letting it run for a while and then noting the match counts (show access-list). Within each grouping of permit entries, you can reorder the statements to reduce the number of entries that must be compared to reach a match. If the ACL processing is as efficient as possible but is really impacting CPU utilization, then you could enable the turbo ACL feature (access-list compiled). Unfortunately, that's still only available on higher-end platforms, from 3700s on up. Here's a good URL on troubleshooting high CPU util, by the way: http://www.cisco.com/warp/public/63/highcpu.html Thanks Priscilla - Marty **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75233t=75002 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Ethernet bogs down help has anyone seen this problem [7:75238]
I have a customer that has a small office with a Cisco 56K Frame router. They are running Nat. Now when I plug in the frame side the ethernet side gets constant request for translation then it gets to the point where you can no longer even ping the ethernet side. If I remove the RG45 cable from the frame side. No problem the request stop and I can ping my ethernet side of the router fine with 10ml sec responses all day. The users office is down because he can not get out to the web. I've checked for viruses and everything seems fine. Does anyone have any ideas? This one is driving me crazy. The ISP says that my router is bad, but I doubt it. It started all of a sudden after working fine for 2 years. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75238t=75238 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Network Benchmarking/Performance Analysis [7:74808]
Maybe also sniffer (distributed), nice reports, ready for excel or the beamer (CEO-ready.. ;-)) Martijn -Oorspronkelijk bericht- Van: Lupi, Guy [mailto:[EMAIL PROTECTED] Verzonden: donderdag 4 september 2003 19:17 Aan: [EMAIL PROTECTED] Onderwerp: Network Benchmarking/Performance Analysis [7:74808] I would like recommendations on distributed network benchmarking and performance analysis systems. I would like to place sensors/collectors at various points on the network to collect data on and give detailed reports on items like, but not limited to: Packet loss Latency Jitter Throughput If someone could recommend some companies I would appreciate it. Guy H. Lupi **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75248t=74808 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: NAT and SAP [7:74982]
Different approach: Howmany clients? Static Nat on the router the other way around? Give the server a route pointer to the nat router for the client. You even can choose to give the client a global ip to connect to the server with, like a mail server for example. Martijn -Oorspronkelijk bericht- Van: alaerte Vidali [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 18:50 Aan: [EMAIL PROTECTED] Onderwerp: NAT and SAP [7:74982] When a SAP client tries to connect to a SAP server through a router with NAT enabled there is a problem: the SAP server sends an IP embedded on the payload of the packet, and the NAT router do not translate it. Any suggestion? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75247t=74982 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OSPF demand-circuit does not work [7:74954]
It will say multicast. Martijn -Oorspronkelijk bericht- Van: Devrim Yener KUCUK [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 16:38 Aan: [EMAIL PROTECTED] Onderwerp: Re: OSPF demand-circuit does not work [7:74954] what do you see when you do sh dialer on the calling router, as a dial reason? or debug dialer, debug isdn q931 will be telling you regards De - Original Message - From: Lesly Verdier To: Sent: Monday, September 08, 2003 2:25 PM Subject: OSPF demand-circuit does not work [7:74954] Hello All, I've configured ip ospf demand-circuit on an ISDN connection and this statement is supposed to supress the calls initiated by the Hello Packets. Still my router keeps on dialing. Does anybody know what the reason might be? Thanks, Lesly Verdier **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75250t=74954 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: NAT and SAP [7:74982]
Different approach: Howmany clients? Static Nat on the router the other way around? Give the server a route pointer to the nat router for the client. You even can choose to give the client a global ip to connect to the server with, like a mail server for example. Martijn -Oorspronkelijk bericht- Van: alaerte Vidali [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 18:50 Aan: [EMAIL PROTECTED] Onderwerp: NAT and SAP [7:74982] When a SAP client tries to connect to a SAP server through a router with NAT enabled there is a problem: the SAP server sends an IP embedded on the payload of the packet, and the NAT router do not translate it. Any suggestion? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75276t=74982 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: EM VoIP Problem [7:74717]
Sounds like problems initiating on the remote site or the reception of the session onthis site. Start debugging on remote site, pls show us the output. Show call/pots/dial- Any number expansion/wildcard issues? debug call rsvp-sync events Martijn -Oorspronkelijk bericht- Van: lost in space [mailto:[EMAIL PROTECTED] Verzonden: woensdag 3 september 2003 18:03 Aan: [EMAIL PROTECTED] Onderwerp: EM VoIP Problem [7:74717] Dear Experts, I am having this problem with EM VoIP. We are using an EM PABX operating with 4 wire and using immediate signalling. The network are connected via 2 Mbps Leased Line. I can make voice calls from my site to remote site, however when i asked someone from the remote site to call the other way around he get busy tones all the time eventough the extension were actually not bust at that time. The strange thing is that the remote site can make voice call to my site only to 2 extension (300 and 400), but when they dial another extension ex: 363, or 369 they get busy tones all the time. the dial-peer configuration on the remote router are like this dial-peer voice 1 pots destination-pattern +... port 1/0/0 dial-peer voice 1 pots destination-pattern +... port 1/0/1 dial-peer voice 3 voip destination-pattern +3.. session target ipv4:172.23.1.34(ip address of router's serial interface at my site). dial-peer voice 4 voip destination-pattern +4.. session target ipv4:172.23.1.34 (ip address of router's serial interface at my site). Is it the wiring arrangement problem? i already set up the wiring arrangement based on a reference i got from CCO. Is it a timeouts parameter problem? or Is it the EM PABX problem? Like always, the PABX technician feel that he has done everything correctly. I am also confident that i have done the configuration correctly. Anyone has similar experience? Any idea would be greaty appreciated. Thanks in advance. RD **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75160t=74717 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
delivery error (Thank you! , attachment name [7:75032]
Your mail seems to contain an attachment type which we don't allow for security reasons. If you need to deliver the file, please remove your attachment and email the person you're trying to reach to arrange for alternative delivery method. You might also run some anti-virus software on your machine to make sure this attachment was not generated by a virus/worm. thanks Original message header follows: -- From [EMAIL PROTECTED] Tue Sep 9 17:11:30 2003 Return-Path: Received: from INBRO228 (251.besecure.net.au [203.19.157.251] (may be forged)) by pop1.sydney.corp.yahoo.com (8.11.6p2/8.11.6/pop-au) with ESMTP id h897BSR04225 for ; Tue, 9 Sep 2003 17:11:28 +1000 (EST) Message-Id: From: To: Subject: Thank you! Date: Tue, 9 Sep 2003 17:21:22 +1000 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=_NextPart_000_485530D4 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75032t=75032 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: CCNP exam changes...... [7:75044]
I've been working toward my CCNP for sometime. But Cisco have changed the exams twice recently. As my CCNA is only valid until Dec 6th this year, does this mean I'll have to do it all over again ?? Thx Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75044t=75044 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Aux port and modem connectivity [7:74909]
line aux 0 exec-timeout 0 0 modem InOut What about modem out? Martijn -Oorspronkelijk bericht- Van: Robert Perez [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 5 september 2003 17:49 Aan: [EMAIL PROTECTED] Onderwerp: Aux port and modem connectivity [7:74909] Guys, If I have a modem connected to the AUx port can can I harden the cisco so that it can make calls but will never be able to receive any calls? Here is kind of my config.. Thx,. interface Async65 bandwidth 28 ip address 192.168.116.64 255.255.255.0 encapsulation ppp dialer in-band dialer idle-timeout 300 dialer wait-for-carrier-time 15 dialer map ip 172.20.241.1 dialer hold-queue 25 dialer-group 1 async default routing async mode interactive pulse-time 3 no cdp enable ppp authentication chap access-list 101 deny udp any any access-list 101 permit ip any any dialer-list 1 protocol ip list 101 line aux 0 exec-timeout 0 0 modem InOut modem autoconfigure discovery transport input all stopbits 1 speed 115200 flowcontrol hardware *** | Bob Perez | | Intercept Payment Solutions | | [EMAIL PROTECTED] | | 100 West Commons BLVD | | New Castle, DE 19720 | | Phone: 302.326.0700 | | Cell: 302.420.6883 | | www.intercept.net | | | --- | | || || | :|: :|: | | :|||: :|||: | | ..:|||:...:|||:.. | | ___ | | C i s c o S y s t e m s | | CCNA CCNP MCSE NET+ | | | *** Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75059t=74909 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
failure notice [7:75084]
Hi. This is the qmail-send program at mx4.jmail.co.jp. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. : Sorry, no mailbox here by that name. (#5.1.1) --- Below this line is a copy of the message. Return-Path: Received: (qmail 25300 invoked from network); 9 Sep 2003 16:00:38 - Received: from 12-249-103-63.client.attbi.com (HELO RENAMEME) (12.249.103.63) by mx4.jmail.co.jp with SMTP; 9 Sep 2003 16:00:38 - From: To: Subject: Thank you! Date: Tue, 9 Sep 2003 11:02:50 --0500 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=_NextPart_000_48F43304 X-Spam-Rating: mx4.jmail.co.jp 1.6.2 0/1000/N This is a multipart message in MIME format --_NextPart_000_48F43304 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Please see the attached file for details. --_NextPart_000_48F43304-- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75084t=75084 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX PDM [7:74758]
Basic config PDM OK Exotic CLI HIGH security? No pdm no ssh no telnet no snmp large shop maybe from a private management segment snmp small shop inside intf PDM management/monitoring + extra access-list Always include radius/tacacs+ in the process for auth Always work from policies. Martijn -Oorspronkelijk bericht- Van: Gary Leong [mailto:[EMAIL PROTECTED] Verzonden: donderdag 4 september 2003 4:09 Aan: [EMAIL PROTECTED] Onderwerp: PIX PDM [7:74758] Our security group is recommending not to use PDM to configure our Pix firewalls. They did not give any reason for their recommendation. Does anyone know why PDM should not be used? __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74941t=74758 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: EtherChannel On Cat6500 [7:74944]
Nope. Pagp per card, as far as i know. rethink the port layout. Why not layer 3 resilience, different chassis? Martijn -Oorspronkelijk bericht- Van: Devraj, Prem [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 10:19 Aan: [EMAIL PROTECTED] Onderwerp: EtherChannel On Cat6500 [7:74944] Hi All, Can I configure Ether channel on Ports on 2 different Modules? Eg: 3/1 and 4/1 can be configured as Ether channel? I want to have resilience on my MAN links using 2 different modules. Or if someone has any better ideas for resilience, I would appreciate. Thanks prem *** Dresdner Kleinwort Wasserstein is the marketing name used globally to represent the investment banking activities of Dresdner Bank Group. In Japan, Dresdner Kleinwort Wasserstein is represented by Dresdner Kleinwort Wasserstein (Japan) Limited, Tokyo Branch or Dresdner Bank AG, Tokyo Branch.. If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. *** **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74947t=74944 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: EtherChannel On Cat6500 [7:74944]
Sorry, more of a 2950 kind a guy. Question is, do you want to do that? Martijn -Oorspronkelijk bericht- Van: Georgescu, Aurelian [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 14:37 Aan: Jansen, M; [EMAIL PROTECTED] Onderwerp: RE: EtherChannel On Cat6500 [7:74944] On the 6500 you can do EtherChannel between any (four max.?) ports within the chassis all having the same speed. Aurelian Georgescu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, September 08, 2003 6:26 AM To: [EMAIL PROTECTED] Subject: RE: EtherChannel On Cat6500 [7:74944] Nope. Pagp per card, as far as i know. rethink the port layout. Why not layer 3 resilience, different chassis? Martijn -Oorspronkelijk bericht- Van: Devraj, Prem [mailto:[EMAIL PROTECTED] Verzonden: maandag 8 september 2003 10:19 Aan: [EMAIL PROTECTED] Onderwerp: EtherChannel On Cat6500 [7:74944] Hi All, Can I configure Ether channel on Ports on 2 different Modules? Eg: 3/1 and 4/1 can be configured as Ether channel? I want to have resilience on my MAN links using 2 different modules. Or if someone has any better ideas for resilience, I would appreciate. Thanks prem *** Dresdner Kleinwort Wasserstein is the marketing name used globally to represent the investment banking activities of Dresdner Bank Group. In Japan, Dresdner Kleinwort Wasserstein is represented by Dresdner Kleinwort Wasserstein (Japan) Limited, Tokyo Branch or Dresdner Bank AG, Tokyo Branch.. If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. *** **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74959t=74944 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco ICS 7750 experiences [7:75005]
Keep it simple: ONE SITE - ONE Partition, ONE GW, ONE Call Search Space, Etc.. Test with a group of 4 -5 phones with a single POTS line and make sure all of your services (voicemail, transfer, 7 - digit calls, long distance,) works and use the same template for all your IP phones using the Auto-Register feature. Email me off the list and I'll fix you up with some simple single-site guidelines. Rob H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75005t=75005 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: IP expert's RS workbook [7:74849]
Nope. Martijn -Oorspronkelijk bericht- Van: Raj Singh [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 5 september 2003 4:19 Aan: [EMAIL PROTECTED] Onderwerp: IP expert's RS workbook [7:74849] Anyone willing to share there IP experts RS workbook or pitch in to get it together? Raj **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74869t=74849 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: SNMP on a Dialer interface [7:74722]
Maybe dumb, but what about the fixed layer 3 int? Martijn -Oorspronkelijk bericht- Van: Hanna, Keith [mailto:[EMAIL PROTECTED] Verzonden: woensdag 3 september 2003 18:53 Aan: [EMAIL PROTECTED] Onderwerp: SNMP on a Dialer interface [7:74722] Hi, I'm running MRTG to provide bandwidth usage info on various routers/switches etc, and it working well except it doesn't provide information on 'dialer' interfaces. We have one router with numerous dialer ints for ISDN and another providing modem dialup - is there anyway to monitor these connections for bandwidth? Virtual-Access ports are created and monitored, but it's not obvious which virtual int ties up with which dialer (and as virtual's come go, they will change) Any suggestions? Thanks Keith **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74882t=74722 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
the 642 exams and CCNA re-cert [7:74892]
From what I have read, any exam with a 642 prefix renews your CCNA.Can anyone validate that? Regards, Ajay Chenampara Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74892t=74892 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
506 Flash Damaged [7:74895]
Hi, I have a 506 with damaged flash. Is there any way I can boot from TFTP, or any other solution ??? I have looked at Cisco site and my books but cannot find a solution. Otherwise I guess its fit for the bin, unless I can get someone to replace the Flash chip. Kind regards Paul. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74895t=74895 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 640-604 Passing Score? [7:74698]
My certificate says the passing score was 776 and I sneaked in with 815. How Cisco come up with the numbers is a subject all of its own. Cheers, Steve Wilson CCNP CCDA Network Engineer -Original Message- From: Caxton The [mailto:[EMAIL PROTECTED] Sent: 03 September 2003 03:18 To: [EMAIL PROTECTED] Subject: 640-604 Passing Score? [7:74698] Does anybody know the passing score for the 640-604 switching exam? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74768t=74698 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Cisco ATM module [7:74707]
Hi, Were interested in buying some used Cisco equipment. Specifically we are interested in ATM modules for the Cisco 4500/4700 router. Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules. Please let us know if you have anything available. Thanks [EMAIL PROTECTED] Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat 60 Minuten. http://internet.sunrise.ch/de/wireline/wir_plus.asp **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74772t=74707 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Cisco ATM module [7:74707]
Hi, Were interested in buying some used Cisco equipment. Specifically we are interested in ATM modules for the Cisco 4500/4700 router. Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules. Please let us know if you have anything available. Thanks [EMAIL PROTECTED] Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat 60 Minuten. http://internet.sunrise.ch/de/wireline/wir_plus.asp **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74773t=74707 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
OT: Cable Lengths [7:74776]
I have a question regarding the max length for a 100BaseT cable. Granted I haven't done a wealth of research on this so feel free to point me to google if the answer is mind numbingly simple, which it probably is I have always understood the 100M limitation on 10BaseT ethernet cable to be attributable to the time it would take a collision signal - assuming you are running at half duplex - to be returned in time to prevent the next packet from being sent. In other words any longer than 100M and the sending station would not get the message in time that there had been a collision and thus continue sending packets instead of backing off. I have heard attenuation mentioned, but not as the real reason for the distance limit. My question is given that many stations are running 100 full duplex these days - thus removing the collision concerns - does this effectively change the maximum distance for cable runs? Or is attenuation truly a factor in anything over 100M? In general I am referring to standard Cat5 cabling Just curious... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74776t=74776 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: NM-1CT1 or WIC-1DSU-T1 [7:74741]
Along similar lines - can you directly interconnect two WIC-1DSU-T1 interfaces via serial cable? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of neal rauhauser Sent: Wednesday, September 03, 2003 6:55 PM To: [EMAIL PROTECTED] Subject: Re: NM-1CT1 or WIC-1DSU-T1 [7:74741] The WIC-1DSU-T1 is a service module - it always appear as serial0/0 or whatever, and if you do anything with timeslots you are just adjusting the number used for this one serial interface. The NM-1CT1 is a channelized T1 interface. You must configure one or more channels in a channel group, then they get assigned to a virtual serial interface. In the bad old days before frame relay people used to get 56k leased lines for remote offices and aggregate them all by having a channelized T1 delivered with each DS0 being a separate circuit to a remote. One additional use for the channelized interfaces that I am aware of is attachment to digital modem modules like the NM-xxDM. There may be others, but that is the one that comes to mind first. If you don't know why you might want an NM-1CT1, you need a WIC-1DSU-T1 :-) neil K wrote: Can somebody explain when I can use WIC-1DSU-T1 over NM-1CT1 or what exactly are the difference except that WIC-1DSU-T1 has a built-in DSU/CSU where as NM-1CT1 is a T1 Module. Thanks in advance. neil **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html -- mailto:[EMAIL PROTECTED] phone:402-301-9555 After all that I've been through, you're the only one who matters, you never left me in the dark here on my own - Widespread Panic **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74756t=74741 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Wicked screensaver [7:74792]
Please see the attached file for details. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74792t=74792 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 3640 Router [7:74783]
The 3640 can in theory but cannot really support a DS3 circuit at full speed..hence the 3745s will quickly take over the market for 3640s.. -Original Message- From: Cappuccio Victor [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 8:46 AM To: [EMAIL PROTECTED] Subject: 3640 Router [7:74783] Hello people I what to know if a Cisco 3640 Router can support a E3 connection ?? Regards Victor. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74790t=74783 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Calls made by DNS [7:74785]
The simplest method is to buy a plug in timer switch from radio shack and connect the router through this to the power socket on the wall. Otherwise you could use a time-based access control list to assist in defining the interesting traffic that causes the ISDN calls to be made. Check out the Cisco.com web page for the commands and the IOS revision needed. Cheers, Steve Wilson CCNP CCDA Network Engineer -Original Message- From: Wayne Brewster [mailto:[EMAIL PROTECTED] Sent: 04 September 2003 14:56 To: [EMAIL PROTECTED] Subject: Calls made by DNS [7:74785] Hello group, I have an 802 ISDN router connected to the internet. The firewall is a PIX506. I want to stop DNS queries from the Win200 Servers from bring up the channels after work hours or any other technique that will eliminate DNS calls but still maintain the proper functionality of the network. I am trying to reduce the cost of the ISDN monthly billing. Please give me your input. Wayne **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74798t=74785 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 640-604 Passing Score? [7:74698]
My certificate says the passing score was 776 and I sneaked in with 815. How Cisco come up with the numbers is a subject all of its own. Cheers, Steve Wilson CCNP CCDA Network Engineer -Original Message- From: Caxton The [mailto:[EMAIL PROTECTED] Sent: 03 September 2003 03:18 To: [EMAIL PROTECTED] Subject: 640-604 Passing Score? [7:74698] Does anybody know the passing score for the 640-604 switching exam? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74706t=74698 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Cisco ATM module [7:74707]
Hi, Were interested in buying some used Cisco equipment. Specifically we are interested in ATM modules for the Cisco 4500/4700 router. Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules. Please let us know if you have anything available. Thanks [EMAIL PROTECTED] Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat 60 Minuten. http://internet.sunrise.ch/de/wireline/wir_plus.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74707t=74707 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: SOS:Load Balance with CSS 11500 [7:74538]
Larisa, As all the requests are coming from the Webserver each brand new connection may not really be brand new. Usually the cookie expires when the client browser is closed. and a new cookie is sent when the new request is made. This new cookie, however is generated from the expired one. This may cause your request to get stuck to the old service. try using arrowpoint-cookie expire-services in the content rule. Also ttry reducing the cookie Expiration time. HTH, plz let me know if you got other solutions as well. Regards, Ajay Chenampara Larisa cc: Sent by: Subject: SOS:Load Balance with CSS 11500 [7:74538] [EMAIL PROTECTED] .com 08/29/2003 09:05 PM Please respond to Larisa Hi, I am sorry for such long E-mail, but I have to figure out this for work and don't know anyone to ask. While searching Internet found this forum. I am a CCNA and have been working with routers and switches for over 4 years, but recently at work was introduced to Cisco load Balancing switch 11500. This is a situation where I don't really have time to learn ..just need to do it. I hope, someone in this list can help me to figure this out. Here is the scenario: Client sends a request to the web server ( public url) , web server has two other servers ( with the application running) that he sends the requests to. The task is to make the CSS balance load these two app. server , but when the request comes to one server make it stay there until the session is over. The Cisco consultant was hired previously to help with the configuration. He configured web service and the apps service. Two application servers that need to be load balanced are parts of the apps service. He used arrow-point advanced load method.. here is how it specified in the content rule for the apps service. Ex: Owner Boston Content APPS VIP address x.x.x.xfor the apps servers belongs to web server's subnet. Protocol TCP Port 80 URL /* Advanced-balance arrowpoint-cookies Active The initial request comes from client to the web server and web server passes the request to CSS ( that how this Internet application works). CSS needs to load balance request between two application servers to process the request. The persistent part works o'k. When the request comes from the web server to CSS it returns the Arrowpoint cookie to one of the application servers and stays there until the session is over. No problem,, should be that way... The problem is that the next brand new request comes to the same server, and then next new request again to the same server... Then randomly, next time it can go to the other server and all the new connections again to that server... So it's not really load balancing between two servers What needs to be added?I wasn't present when this consultant was doing final testing and I was told that it worked. Now, it doesn't. Show configs are the same with what he put in... What can I check ? Why it's not doing balancing ... At first I thought that it should come from different clients, but it really doesn't matter as all requests come to web server first and them should go to different app servers from the same web server. So during this testing , I was initiating requests from the web server itself. I really need help... I need to present a solution after labor day weekend... Thank you in advance if anyone can help. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74711t=74538 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 2620XM vs. 1721 Routers [7:74727]
Hi John, You will definitely lose certain IOS functionality with the 1721. Newer code has more features and needs more memory. The 2620XM that you speak of has support for 128MB ram and 48MB flash while the 1721 is much much lower. Also note that as you start getting into 12.2 and 12.3 advanced features your memory requirements go to 96MB and even 128MB for DRAM. Depends on your needs for the various features. Your best bet is to decide what features you need (routing protocols and then other features). Then go to cisco.com/go/fn and find a router that supports those features. While there are many features you may not get with the 1721 - you also may not need them so why spend the extra money on the 2620XM for a simple serial connection. Just my .02 Ian -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Neiberger Sent: Wednesday, September 03, 2003 3:14 PM To: [EMAIL PROTECTED] Subject: Re: 2620XM vs. 1721 Routers [7:74727] John Neiberger 9/3/03 1:09:32 PM I'm not very familiar with the 1721 routers and while I'm researching them I wanted to get some opinions. Isn't the 1721 really just a baby 2600 with a slighly smaller processor and no network module slot? Are there any other significant differences between them? We've been using 2600, and later the 2620XM, but we've recently got rid of the need for a network module, leaving us with a current need of one WIC. It seems like a waste of money to buy a 2620XM if we're only going to pop a WIC-2T into it. :-) I'm sure there's a performance hit, but it's not like I'm trying to drive a DS-3 with this thing. I'll need a T-1 connection, a low-speed serial connection, and fast ethernet. Nothing too fancy. Any thoughts? Thanks, John Once again, I'm replying to my own message. After further review, according to the Cisco Software Advisor the 1721 is fairly handicapped compared to the 2600XM platform. I don't know that I'm willing to lose that much potential functionality. Heck, according to Software Advisor the 1721 doesn't support ISL or 802.1Q vlans! In my book that makes it a non-starter. John **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74749t=74727 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Autoreply to Re: That movie [7:74628]
This is an automated response to your mail CD Freaks Forum Helpdesk - [EMAIL PROTECTED] http://club.cdfreaks.com Dear visitor, Thank you for contacting us. Due to the amount of questions we cannot answer all your questions personally. This automated response however contains important information that should help you answering your questions. Please read it carefully! We receive many questions about registration issues. See below for possible problems and solutions. 1) Before you post you will need to activate your account. Your account can only be activated by clicking on a link that you will receive by e-mail If you didn't enter a valid e-mail address during the registration process, then please try again using a valid e-mail address and a different nickname. You can change your nickname if needed by sending a private message (PM) to a CD Freaks administrator/moderator, they'll be happy to assist you. If you haven't received the email you can have it resend it to you. If still doesn't work then check your spam filters or hotmail bulkmail inbox 2) Make sure you accept cookies from our site (*.cdfreaks.com). If you are accepting them, are registered and still are unable to post, then please delete your cookies (if you don't know how to do this, please use a search engine to learn more). 3) If you have lost your password you can use this form: http://club.cdfreaks.com/member.php?s=action=lostpw By using this forum your password will be reset to a new one, and mailed to you. We can not retrieve your password, as they are stored encrypted. 4) If you have a question regarding software hardware you have used the wrong e-mail address CD Freaks provides no technical support by e-mail. Instead use our search: http://club.cdfreaks.com/search.php With this tool you should find answer to your question. If not, then register and post your question in the appropiate forum and other members will help you. 5) Questions regarding our shop should be send using the form on the following internet address: http://shop.cdfreaks.com/mailform.php 6) If you still have problems then please contact our second line support at [EMAIL PROTECTED] Please include your entire question and any previous communications, but make sure you have read this entire e-mail before contacting us. Be sure to read the rules before you post and contact any of our administrators/moderators by PM (private message) in case of any problems when you are registered! Thanks for your intrest in our site and we hope you will have a pleasant stay! Kind regards, Jan-Willem de Bruin CD Freaks.com Management ---This is an automated response to your mail--- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74628t=74628 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
NM-8AM synch. support [7:74648]
Hi, Does NM-8AM or WIC-1AM modules support sync. Connection? Thanks regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74648t=74648 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco ICS 7750 experiences [7:74578]
Hi, Hugo I am prepare the same project, would you pls give me a suggestion? thnaks! Stone - Original Message - From: To: ; Cc: Sent: Friday, August 29, 2003 12:01 PM Subject: Re: Cisco ICS 7750 experiences I just deployed one for a single site manufacturing new construction. 150 IP phones 7940s / 7960s, IPCC, Unity Unified, etc. It took me about two days to get all of the builds completed because of the patches you have to add, but I got it configured pretty quick and, once it was up and I was making calls across my PSTN, the only issues I had were a little echo. Other than that, it is a good system. VERY SCALABLE, yet compact. I like it. Rob Hugo Senior Network Engineer STL Technology Partners ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74578t=74578 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
failure notice [7:74614]
Hi. This is the qmail-send program at casper.sri.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. : 130.107.1.30 does not like recipient. Remote host said: 550 5.1.1 ... User unknown Giving up on 130.107.1.30. --- Below this line is a copy of the message. Return-Path: Received: (qmail 26216 invoked from network); 1 Sep 2003 19:37:06 - Received: from localhost (HELO casper.SRI.COM) (127.0.0.1) by casper.sri.com with SMTP; 1 Sep 2003 19:37:06 - Received: (from ALI-PC-1 [213.84.176.225]) by casper.SRI.COM (SAVSMTP 3.1.0.29) with SMTP id M2003090112363730932 for ; Mon, 01 Sep 2003 12:36:41 -0700 From: To: Subject: Re: Approved Date: Mon, 1 Sep 2003 21:36:36 +0200 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=_NextPart_000_005E25B0 This is a multipart message in MIME format --_NextPart_000_005E25B0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit See the attached file for details --_NextPart_000_005E25B0 Content-Type: text/plain; name=DELETED0.TXT Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=DELETED0.TXT RmlsZSBhdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcgpBIGZpbGUgYXR0YWNoZWQgdG8gdGhp cyBlbWFpbCB3YXMgcmVtb3ZlZA0KYmVjYXVzZSBpdCB3YXMgaW5mZWN0ZWQgd2l0aCBhIHZp cnVzLg0KDQpSZXN1bHQ6IFZpcnVzIERldGVjdGVkDQpWaXJ1cyBOYW1lOiBXMzIuU29iaWcu RkBtbQ0KRmlsZSBBdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcg0KQXR0YWNobWVudCBTdGF0 dXM6IGRlbGV0ZWQNCg== --_NextPart_000_005E25B0-- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74614t=74614 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Catalyst 6500 Architecture [7:74460]
The SFM is a piece of junk...and not as useful as you might seem... The new Supervisor 720 has the SFM built-in...which greatly enhances its use.. -Original Message- From: neil K [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 5:31 AM To: [EMAIL PROTECTED] Subject: Catalyst 6500 Architecture [7:74460] Folks, The Catalyst 6500 uses a Shared bus Architecture and to increase the Backplane capacity you have to have Switch fabric module (SFM) with fabric Enabled modules to make it work. Is there a vendor which has a better architecture or a better solution. Thanks, neil K. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74534t=74460 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
802.3x switch traffic disruption [7:74455]
I need some expert option on the following matter: I have a Netgear Fast Ethernet Switch FS608 (which does 802.3x Flow control) connected to a DLink 5 port switch (no flow control) Twice this week, the FS608 locked itself causing ALL traffic in the company to be disrupted. The problem was solved by power cycling the switch. All the clients on the FS608 have 3Com network cards that support flow control. Here are my questions: 1) Are there some caviat in running 802.3x I am not aware of? I did extensive research before implementing this and did not find any issues with the implementation of the technology? 2) Is there an issue of running 802.3x on one switch and not on the other? 3) I could turn off the 802.3x feature on all the workstations but I can't turn it off on the FS608. This is NOT a managed switch. Any suggestion on how to troubleshoot this problem? Thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74455t=74455 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco ICS 7750 experiences [7:74481]
I just deployed one for a single site manufacturing new construction. 150 IP phones 7940s / 7960s, IPCC, Unity Unified, etc. It took me about two days to get all of the builds completed because of the patches you have to add, but I got it configured pretty quick and, once it was up and I was making calls across my PSTN, the only issues I had were a little echo. Other than that, it is a good system. VERY SCALABLE, yet compact. I like it. Rob Hugo Senior Network Engineer STL Technology Partners Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74481t=74481 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Re: Thank you! [7:74488]
Dear [EMAIL PROTECTED] The email that you sent to [EMAIL PROTECTED] did not reach the intended receipient due to existance of virus. Kindly have your computer check for virus. Best Regards, Mail Administrator Datacraft Asia Ltd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74488t=74488 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Re: Your application [7:74449]
Dear [EMAIL PROTECTED] The email that you sent to [EMAIL PROTECTED] did not reach the intended receipient due to existance of virus. Kindly have your computer check for virus. Best Regards, Mail Administrator Datacraft Asia Ltd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74449t=74449 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Flash [7:74491]
I tried some nasty things from rommon trough the console a few times, So booting to rommon and whiping the whole thing from there would help you further, then tftp upgrade/reload the image you want. Martijn -Oorspronkelijk bericht- Van: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 29 augustus 2003 12:29 Aan: [EMAIL PROTECTED] Onderwerp: Flash [7:74491] We want to set up lab with 2500s but the flash size is 8M and 4M read-only and we want to load 12.2 IOS.Does anyone have an idea on how we should go about it ? Rgds, Akpome **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74496t=74491 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Catalyst 6500 Architecture [7:74460]
The SFM is a piece of junk...and not as useful as you might seem... The new Supervisor 720 has the SFM built-in...which greatly enhances its use.. -Original Message- From: neil K [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 5:31 AM To: [EMAIL PROTECTED] Subject: Catalyst 6500 Architecture [7:74460] Folks, The Catalyst 6500 uses a Shared bus Architecture and to increase the Backplane capacity you have to have Switch fabric module (SFM) with fabric Enabled modules to make it work. Is there a vendor which has a better architecture or a better solution. Thanks, neil K. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74499t=74460 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: TCP/UDP port for CHAP [7:74480]
In your example, VPDN is built over Ethernet, and there must be some kind of dialer where you want your access-list on. That imposes e1 ATM0 can be without access-list, the untrusted traffic, is coming in encapsulated in PPP over E. So within the PPP session there will be IP (dialer, say dhcp neg IP) and that is where you want to put an incoming access-list on. Martijn -Oorspronkelijk bericht- Van: Thomas N [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 29 augustus 2003 11:31 Aan: [EMAIL PROTECTED] Onderwerp: TCP/UDP port for CHAP [7:74480] I got SOHO sites with PPPoE connection to the Internet. They use CHAP for authentication. I would like to setup an ACL to filter out traffic on the outside interface. I am wondering what TCP/UDP port CHAP protocol use? Thanks! Thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74505t=74480 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: 802.3x switch traffic disruption [7:74455]
No, I don't think I have a design issue: the network has 7 clients and 1 server so the architecture is very simple. My client was complaining of slow speed when opening files. My approach was to optimize at every layer possible. Choosing 802.3x feature was just one thing among others I did to speed up file access. 1) I moved them from a bus architecture, to a switched architecture, replacing all the coax cabling with twisted pair. 2) When I replaced the NICs I went for NIC that could do flow control and chose a brand name switch that supported the same feature. (Yes I should have chosen Cisco for the Switch, but how do you convince you client to pay more for something that appears to do the same thing?). 3) I replaced the OS on the clients (Windows Millennium) with Windows XP professional. Optimized the page file (and removed it from the system/boot partition). Disabled unnecessary services. 4) On the server side, I used SCSI hard disks and the fastest SCSI controller I could find on the market. Optimized the server to death. 5) I did not mess-up with modifying TCP Window parameters because I thought that was not necessary. The speed increase is visible, but with the network freezing up twice this week, all my work has taken a serious credibility hit. I have replaced their Switch with one of my personal Cisco switches after the second incident. My plan is to leave the switch ( a Cisco 2924XL) there for a week or two so I can monitor network activity and gather statistics . Then I don't know... The switch belongs to my CCIE rack so I will either have to sell it to them or buy them another inexpensive switch. :) - Original Message - From: annlee To: Sent: Friday, August 29, 2003 7:24 PM Subject: Re: 802.3x switch traffic disruption [7:74455] Netgear does have its problems... http://www.dslreports.com/shownews/31774?mode=flat That said, all the inexpensive devices have problems of one sort or another. I think it's a case of getting what you paid for / caveat emptor. For small networks clients, I always try to get them to buy one step higher quality than they wanted to pay for (since if they understood the ramifications, they wouldn't need me). It rarely works though ... which does tend to lead to repeat business... Annlee Priscilla Oppenheimer wrote: It sounds like the Netgear Layer 2 802.3 flow control is buggy. It sounds like you can't turn it off, though, because it's not a managed switch. Should have bought Cisco!? :-) You can turn it off on the workstations, though, and I would somewhat hesitantly recomment that. You might risk other problems by disabling it. Flow control should be negotiated with autonegotiation, but we know how well that works for duplex mode. Nontheless, if it were me, I think I would turn it off on the workstations carefully, as a test to start with. I'd be interested in other people's opinions, but I think flow control at the data-link-layer is risky and unnecessary anyway. No offence to Netgear (really!) but I'm not sure I would trust them to do it right, especially on a low-end switch. So, let's say a switch port has been flow controlled and told not to send any packets for a while. What does it do with the packets? How much buffering can it support? Does it have features to avoid head-of-the-line blocking? Will the flow control on that interface cause problems for other interfaces? TCP already does end-to-end flow control. Of course, not every application uses TCP, but a lot do. I think that's a better way to handle it. And one final comment, if you really need to be flow controlling traffic, perhaps you should just upgrade the bandwidth? Ethernet flow control sounds like a bandaid over a design problem to me What do others think? Do you use 802.3x flow control? Thanks. Priscilla [EMAIL PROTECTED] wrote: I need some expert option on the following matter: I have a Netgear Fast Ethernet Switch FS608 (which does 802.3x Flow control) connected to a DLink 5 port switch (no flow control) Twice this week, the FS608 locked itself causing ALL traffic in the company to be disrupted. The problem was solved by power cycling the switch. All the clients on the FS608 have 3Com network cards that support flow control. Here are my questions: 1) Are there some caviat in running 802.3x I am not aware of? I did extensive research before implementing this and did not find any issues with the implementation of the technology? 2) Is there an issue of running 802.3x on one switch and not on the other? 3) I could turn off the 802.3x feature on all the workstations but I can't turn it off on the FS608. This is NOT a managed switch. Any suggestion on how to troubleshoot this problem? Thank you, Pierre-Alex **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info
Re: 802.3x switch traffic disruption [7:74455]
Thank you Annlee, this is enlightening. My users mainly use word/excel documents along with a small access database. I know that sounds awful but what performance gain I will loose by using a cheap switch that does not do flow control? If I where able to convince my client and we used a Cisco switch, how could I verify that the 3COM cards are compatible with the Cisco gears? Would you use a sniffer and analyze the traffic or is there a simpler way? Thanks, Pierre-Alex - Original Message - From: Annlee To: Cc: Sent: Friday, August 29, 2003 10:09 PM Subject: Re: 802.3x switch traffic disruption [7:74455] A Google search on 802.3x yields a lot of discussion of flow control issues people seem to have -- linux as well as windows clients. One item I found at the IEEE's web page was this: http://grouper.ieee.org/groups/802/3/efm/public/email/msg02446.html /quote In working with Ethernet for over 20 years, the one functionality that is most severely vendor dependant is 802.3x Flow Control. Perhaps it is partly the politics of the 802.3WG. Perhaps the politics of IETF pushing their flow and rate adaptation to the exclusion of other layer or types is partly to blame. In some cases it marketing decisions on the part of vendors that cause them to improperly implement 802.3x in their interfaces and systems. For those vendors that are purely Ethernet and expect themselves to do things right, 802.3x Flow Control works to a level and quality that is at first surprising to their customers. If you want more information about my experiences with vendors and their implementations of 802.3x, continue to read. ...and it goes on, at some length. FWIW Annlee [EMAIL PROTECTED] wrote: No, I don't think I have a design issue: the network has 7 clients and 1 server so the architecture is very simple. My client was complaining of slow speed when opening files. My approach was to optimize at every layer possible. Choosing 802.3x feature was just one thing among others I did to speed up file access. 1) I moved them from a bus architecture, to a switched architecture, replacing all the coax cabling with twisted pair. 2) When I replaced the NICs I went for NIC that could do flow control and chose a brand name switch that supported the same feature. (Yes I should have chosen Cisco for the Switch, but how do you convince you client to pay more for something that appears to do the same thing?). 3) I replaced the OS on the clients (Windows Millennium) with Windows XP professional. Optimized the page file (and removed it from the system/boot partition). Disabled unnecessary services. 4) On the server side, I used SCSI hard disks and the fastest SCSI controller I could find on the market. Optimized the server to death. 5) I did not mess-up with modifying TCP Window parameters because I thought that was not necessary. The speed increase is visible, but with the network freezing up twice this week, all my work has taken a serious credibility hit. I have replaced their Switch with one of my personal Cisco switches after the second incident. My plan is to leave the switch ( a Cisco 2924XL) there for a week or two so I can monitor network activity and gather statistics . Then I don't know... The switch belongs to my CCIE rack so I will either have to sell it to them or buy them another inexpensive switch. :) - Original Message - From: annlee To: Sent: Friday, August 29, 2003 7:24 PM Subject: Re: 802.3x switch traffic disruption [7:74455] Netgear does have its problems... http://www.dslreports.com/shownews/31774?mode=flat That said, all the inexpensive devices have problems of one sort or another. I think it's a case of getting what you paid for / caveat emptor. For small networks clients, I always try to get them to buy one step higher quality than they wanted to pay for (since if they understood the ramifications, they wouldn't need me). It rarely works though ... which does tend to lead to repeat business... Annlee Priscilla Oppenheimer wrote: It sounds like the Netgear Layer 2 802.3 flow control is buggy. It sounds like you can't turn it off, though, because it's not a managed switch. Should have bought Cisco!? :-) You can turn it off on the workstations, though, and I would somewhat hesitantly recomment that. You might risk other problems by disabling it. Flow control should be negotiated with autonegotiation, but we know how well that works for duplex mode. Nontheless, if it were me, I think I would turn it off on the workstations carefully, as a test to start with. I'd be interested in other people's opinions, but I think flow control at the data-link-layer is risky and unnecessary anyway. No offence to Netgear (really!) but I'm not sure I would trust them to do it right, especially on a low-end switch. So, let's say
Your details [7:74297]
Please see the attached file for details. [GroupStudy removed an attachment of type application/octet-stream which had a name of wicked_scr.scr] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74297t=74297 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
ATM and Rate-limiting [7:74438]
Is it popssible to use rate-limit command on an ATM interface? Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74438t=74438 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BCRAN 2.0 questions [7:13450]
Hi Thienan Nguyen, Did you take the 642-821 exam...or did you take the 640-605 exam?I am currently preparing for the BCRAN and contemplating taking the new exam which is about to be released soon. Thanks for the help Pooven -Original Message- From: thienan nguyen [mailto:[EMAIL PROTECTED] Sent: 26 August 2003 02:01 AM To: [EMAIL PROTECTED] Subject: BCRAN 2.0 questions [1:13450] I have a couple questions on a real BCRAN exam, I got 740 ( passing score is 790 ) on a new BCRAN test. I going to take it again soon, I just need help to clear up some questions before I do it again.. What happen if there is no signal / LED for DTR on a modem ? What is service common for AH and ESP ? What is status Delete on Frame Relay Mean ? What is Dial Fast Idle command spec. in DDR ? LCP repond for neighbor of which function ? What happen if AAA is enable but authentication not set ? What is termination at local loop BRI call ? what is caht scrip function ? how you do a Load sharing in NAT ( 2 actions ) Please help if you know the answer for those questions. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74390t=13450 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: LLC1 and LLC2 (What is the difference?) [7:74341]
Brilliant - thx -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: 25 August 2003 18:59 To: [EMAIL PROTECTED] Subject: RE: LLC1 and LLC2 (What is the difference?) [7:74341] [EMAIL PROTECTED] wrote: Can anyone enlighten me on this? From Troubleshooting Campus Networks LLC supports three modes of service. Connectionless mode, also known as datagram service and LLC Type 1, is a simple service that does not use sequence numbers or acknowledgments and does not require a connection to be established before data can be exchanged. LLC Type 2 is a connection-oriented service that guarantees delivery of data using sequence numbers and acknowledgments. The third mode of service, LLC Type 3, is acknowledged, but connectionless. LLC Type 3 lets network layers exchange data that is acknowledged at the LLC layer without establishing a connection first. LLC Type 3 is not common and is not covered in this book. LLC Type 1 Frame Format The following example shows protocol analyzer output for an LLC Type 1 header. Because LLC Type 1 is connectionless, there is little analysis required. LLC: - LLC Header - LLC: LLC: DSAP Address = E0, DSAP IG Bit = 00 (Individual Address) LLC: SSAP Address = E0, SSAP CR Bit = 00 (Command) LLC: Unnumbered frame: UI The Individual/Group (IG) bit in the DSAP is 0 in this example, which means that the frame is destined to an individual SAP. A frame addressed to a group SAP is destined to more than one process in the receiving system. If you see the IG bit set to Group, you should find out which station is setting the bit and why. The use of a group SAP is a possible misconfiguration or bug that could lead to communication problems in recipient devices. The Command/Response (CR) bit in the SSAP is 0 in the example, which means that the frame is a command. An LLC command designation simply means that the frame was not in response to a previous frame; that is, it was originated spontaneously by the sending station. When a station responds, it sets the CR bit to 1 to designate a response. The Control field for the frame in the example specifies an Unnumbered Information frame (UI frame). This means that there is essentially no processing at the LLC layer. LLC moves the incoming data into the specified SAP without any special attention. LLC Type 2 Frame Format NetBEUI and Systems Network Architecture (SNA) use LLC Type 2. NetBEUI is an implementation of the NetBIOS session layer running directly over a data-link layer, without a network or transport layer. SNA is a complex architecture and set of protocols developed by IBM in the early 1970s. SNA originally ran on serial links and then later Token Ring and Ethernet LANs. Because SNA and NetBEUI are becoming less common, the use of LLC Type 2 is diminishing. However, it is still important to learn LLC Type 2 because it shares many characteristics with the quintessential High-Level Data Link Control (HDLC) family of WAN protocols. HDLC influenced the development of LLC Type 2, IBM's Synchronous Data Link Control (SDLC), and the X.25 link access procedure (LAP) protocols. The Link Access Procedure on the D Channel (LAPD) protocol, also known as ITU-T Q.921, is still very common on ISDN circuits. So a quick explanation of LLC Type 2 is warranted because it will help you troubleshoot WANs as well as legacy Ethernet networks that still use LLC Type 2. NOTE Cisco's HDLC is a customized version of HDLC and is not similar to LLC Type 2. Cisco's HDLC is connectionless and is similar to LLC Type 1. Because LLC Type 2 is connection-oriented, a connection setup must precede the transmission of data. A connection tear-down process occurs at the end of an LLC session. During a session, each frame is numbered and acknowledged. The session setup follows this sequence: 1. Station A - Station B LLC C DSAP=F0 SSAP=F0 SABME P 2. Station B - Station A LLC R DSAP=F0 SSAP=F0 UA F 3. Station A - Station B LLC C DSAP=F0 SSAP=F0 RR NR=0 P 4. Station B - Station A LLC R DSAP=F0 SSAP=F0 RR NR=0 F In Frame 1, Station A tells Station B to Set Asynchronous Balanced Mode Extended (SABME), which means that either side can initiate a conversation and send data without permission from the other side. In the olden days of mainframes and terminals, a lowly device like a terminal could not send data until it was polled. With the advent of mini and microcomputers, communication became more democratic. Station authority was more balanced and either station could send asynchronously with respect to the other. The original Asynchronous Balanced Mode allowed the transmission of 8 frames without an acknowledgment. To improve performance, the 8 frames were later extended to 128 frames. The extension to 128 frames is called Asynchronous Balanced Mode Extended. When Station A in the example makes the SABME request, it also sets the poll bit (that's the letter P at the end of the line in Frame 1). The poll bit has nothing to do
RE: 1000BaseT GBIC [7:74392]
Nope. Martijn -Oorspronkelijk bericht- Van: Nima Javidi [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 26 augustus 2003 10:54 Aan: [EMAIL PROTECTED] Onderwerp: 1000BaseT GBIC [7:74392] Is 1000BaseT GBIC Autosense? Is it Support 10/100/1000? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74393t=74392 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Load Balancing; help explain [7:74376]
What kind of process do you want to balance, ie what layer? Fail-over or load-balance defined on source/destination/traffic or true server cpu load? Sometimes you want do watch a quorum process (or critical application) and monitor that from a serverfarm instead of doing a layer 2 (nic) or layer 3 (routers or w2k NLB). Define your critical service (availability), go from there to capacity(load). This is the real stuff. Martijn -Oorspronkelijk bericht- Van: Aspiring Cisco Gurl [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 26 augustus 2003 5:01 Aan: [EMAIL PROTECTED] Onderwerp: Load Balancing; help explain [7:74376] I was asked a question about load balancing on routers and servers. Ive looked it up on the websites but can someone give me their 2 cents about it? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74395t=74376 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX VPN Client Configuration - At my wit's end! [7:74363]
Have you watched your access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any very closely? It is meant to be mirrored at the client connection time so must be access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 A packet sent from the client is checked against this list. So must be more specific in my experience. Martijn -Oorspronkelijk bericht- Van: Derek Gaff [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 26 augustus 2003 9:57 Aan: [EMAIL PROTECTED] Onderwerp: Re: PIX VPN Client Configuration - At my wit's end! [7:74363] James Your missing the command vpdn enable outside from your config. regards derek - Original Message - From: James Willard To: Sent: Tuesday, August 26, 2003 12:17 AM Subject: PIX VPN Client Configuration - At my wit's end! [7:74363] Hi all, Thanks in advance for reading this message. I am completely boggled on an issue here that I have literally been trying to troubleshoot for some 12 hours now. I'm trying to configure a PIX 515E for Cisco VPN Client connectivity. Here are the relevant parts of my config: :PIX Version 6.3(1) interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 dmz security50 access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any ip local pool vpnusers 192.168.2.100-192.168.2.254 nat (inside) 0 access-list nonat nat (inside) 10 0.0.0.0 0.0.0.0 0 0 sysopt connection permit-ipsec crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set vpn esp-3des esp-md5-hmac crypto ipsec security-association lifetime seconds 300 crypto dynamic-map dynmap 30 set transform-set vpn crypto map crypto-map-swa 20 ipsec-isakmp dynamic dynmap crypto map crypto-map-swa interface outside isakmp enable outside isakmp identity address isakmp nat-traversal 20 isakmp policy 1 authentication pre-share isakmp policy 1 encryption 3des isakmp policy 1 hash sha isakmp policy 1 group 2 isakmp policy 1 lifetime 300 vpngroup VPNUser address-pool vpnusers vpngroup VPNUser dns-server 192.168.1.23 192.168.1.22 vpngroup VPNUser wins-server 192.168.1.21 192.168.1.21 vpngroup VPNUser split-tunnel VPNUser_splitTunnelAcl vpngroup VPNUser idle-time 1800 vpngroup VPNUser password Let's say the outside interface is 100.100.100.28. These are the networks: 100.100.100.28 255.255.255.240(outside) 192.168.1.0255.255.255.0 (inside) 192.168.2.0255.255.255.0 (vpn IP pool) 10.0.1.0 255.255.255.0 (dmz) I can connect with the client just fine, but neither end can ping the other. Say the client machine gets the IP 192.168.2.100 from the pool, it cannot ping anything in 192.168.1.x. Conversely, nothing in 192.168.1.x can ping 192.168.2.100. The VPN Client side shows packets being encrypted but none decrypted. The IPSec SA on the PIX shows packets being encrypted and none decrypted. Also worth noting is that the VPN client status shows Transparent Tunneling: Inactive on the status page while connecting, even though isakmp nat-traversal is enabled. An ethereal capture shows the client sending ESP packets to the PIX but none are coming back. Please, if anyone has any ideas I would love to hear them. This has been driving me crazy! Thanks, James Willard [EMAIL PROTECTED] **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74397t=74363 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Metric of OSPF Summary Routes [7:74361]
Please show us the topology database, that should tell us all. Martijn -Oorspronkelijk bericht- Van: alaerte Vidali [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 26 augustus 2003 0:10 Aan: [EMAIL PROTECTED] Onderwerp: Metric of OSPF Summary Routes [7:74361] Is there a way to define the metric of a OSPF summary route? This is strange, but two routers with the same IOS (and similar commands) are using different approaches: one router is using the highest metric of more specific routes, while the other router is using the lower metric. This one is using the higher metric: LS age: 1405 Options: (No TOS-capability, DC, Upward) LS Type: Summary Links(Network) Link State ID: 100.7.0.0 (summary Network Number) Advertising Router: rta LS Seq Number: 80016DE5 Checksum: 0x6A95 Length: 28 Network Mask: /16 TOS: 0 Metric: 1603 This one is using the lower metric: Routing Bit Set on this LSA LS age: 946 Options: (No TOS-capability, DC, Upward) LS Type: Summary Links(Network) Link State ID: 100.7.0.0 (summary Network Number) Advertising Router: rtb LS Seq Number: 80008D8C Checksum: 0x3E53 Length: 28 Network Mask: /16 TOS: 0 Metric: 0 The only difference is the platform: one is 7507 and the other 4700. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74398t=74361 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Re: Re: My details [7:74400]
Dear [EMAIL PROTECTED] The email that you sent to [EMAIL PROTECTED] did not reach the intended receipient due to existance of virus. Kindly have your computer check for virus. Best Regards, Mail Administrator Datacraft Asia Ltd Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74400t=74400 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Re: Thank you! [7:74408]
Email Delivery Failure Your message failed to pass Hitachi Data Systems anti-virus scanning system. If you believe this message was received in error please consult your HItachi Data Systems contact or the intended email recipient for further assistance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74408t=74408 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ooking for CCIE practice test. What boson test is the best [7:74326]
Do not be afraid to buy two. Authors have a different point of view. DO NOT forget the written blueprint. Dennis is also very good. Martijn -Oorspronkelijk bericht- Van: johnman johnman [mailto:[EMAIL PROTECTED] Verzonden: zaterdag 23 augustus 2003 5:02 Aan: [EMAIL PROTECTED] Onderwerp: ooking for CCIE practice test. What boson test is the best ? [7:74274] Looking for CCIE routing switching practice exam test. What boson test is the best ? _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74326t=74326 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
LLC1 and LLC2 (What is the difference?) [7:74341]
Can anyone enlighten me on this? Many thx indeed For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74341t=74341 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP Connectivity Problem [7:74100]
What about mobile IP or VPN to border router and get an internal IP for the tftp server's point of view... Just in a typing mood. Martijn -Oorspronkelijk bericht- Van: Eddie [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 15:06 Aan: [EMAIL PROTECTED] Onderwerp: Re: BGP Connectivity Problem [7:74100] Matthew Webster wrote: Hi all, I have done a sample bgp configuration at r1r2.com. My network setup is as follows: TFTP_Server-(e0)r1(s0)--(s0)r2 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24. The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's e0 interface), I can't ping from r2, or from r1's s0 interface. [..] I suppose your TFTP server doesn't have a route entry pointing to the network 192.168.100.0 EC **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74153t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX xlate question [7:74012]
I think the config is too complex for what it (seems) needs to do. If you used PDM, you also can start over from scratch, think you rules over hard, draw a map with all the interfaces and subnets. What is the propose of these rules (nat 2 / glob 2 ) together? is there some mail/www server sitting on those /32 ip's? global (outside) 2 213.213.128.50 nat (inside) 2 157.157.144.49 255.255.255.255 0 0 nat (inside) 2 10.100.0.0 255.255.0.0 0 0 From my point of view is what you are doing in nat 0 / nat 1 glob 1 / nat 2 glob 2 doable with nat 0 / nat1 glob 1. Take a hard look at access-list 100. Martijn -Oorspronkelijk bericht- Van: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 15:52 Aan: [EMAIL PROTECTED] Onderwerp: RE: PIX xlate question [7:74012] Here are the Global and NAT statements global (outside) 1 213.213.128.100-213.213.128.200 global (outside) 2 213.213.128.50 global (dmz) 1 192.168.17.150 nat (inside) 0 access-list 100 nat (inside) 2 157.157.144.49 255.255.255.255 0 0 nat (inside) 2 10.100.0.0 255.255.0.0 0 0 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 nat (dmz) 1 0.0.0.0 0.0.0.0 0 0 **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74150t=74012 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Data Center Design [7:74126]
Also I always say you need to do some reading on your own, physical or network design. That said, check the data center safe white paper at the site, you know. I studied myself trough cases for my CISSP (physical security, data contingency, disaster recovery, hot/warm/cold backup site / data mirror east/west?) Also have a consultant over that knows electricity (dual circuit 220/110/48?, backup diesels) cooling (double/single heavy duty) construction (disasters, physical etc) What about phisical / data / network monitoring? Start with the business goals, take in account SLA's (whether internal or external), contractor/customer/even user data or physical access POLICIES POLICIES Start writing a lot, do the meetings, then the consultant asks you things you have not thought of. Off my hat! Martijn -Oorspronkelijk bericht- Van: Juan Blanco [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 23:22 Aan: [EMAIL PROTECTED] Onderwerp: Data Center Design [7:74126] Team, Where will I be able to find information about designing a Data Center Room. As always I appreciate your help and recommendation. Thanks, Juan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74152t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Cisco Wireless [7:74157]
If you want check that the association is encrypted, try checking the association table. For checking that traffic is encrypted try Airopeek, Airsnort etc. Martijn -Oorspronkelijk bericht- Van: Johan Bornman [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 19 augustus 2003 10:31 Aan: [EMAIL PROTECTED] Onderwerp: Cisco Wireless [7:74157] Is there a utility/software available to sniff wireless communication to confirm for instance that the 128bit encryption is doing what it suppose to do? This e-mail may contain confidential information and may be legally privileged and is intended only for the person to whom it is addressed. If you are not the intended recipient, you are notified that you may not use, distribute or copy this document in any manner whatsoever. Kindly also notify the sender immediately by telephone, and delete the e-mail. When addressed to clients of the company from where this e-mail originates (the sending company ) any opinion or advice contained in this e-mail is subject to the terms and conditions expressed in any applicable terms of business or client engagement letter . The sending company does not accept liability for any damage, loss or expense arising from this e-mail and/or from the accessing of any files attached to this e-mail. At present, the integrity of e-mail across the Internet cannot be guaranteed and messages sent via this medium are potentially at risk. The recipient should scan any attached files for viruses. All liability arising as a result of the use of this medium to transmit information by or to e-Innovation is excluded to the extent permitted by law. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74161t=74157 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Data Center Design [7:74126]
Try sans.org / reading room/ for papers on disaster recovery, data security. for network data center design try cisco.com SAFE whitepaper. Like I said, this is a high responsibility. Really do consider hiring a 3th party consultant, if only to set up things. Martijn Time Frame PLANNING / MS project/ stick to it/business leads/beware of contruction times etc Staff committed to the project resource management/skills per person/training Project management of design/construction external(you want to sit in a advisory board, not be Data center relocation management (extra hot site, cold?) Cutover dategradually, run things parallel for a LONG time if possible, may want to migrate apps at the latest Space planning visio Project definition 1st thing to do Server/Rack/Equipment layoutvisio Power conditioning requirements external advice/business continuity plan leads/vendors website specs UPS Requirementsspecs equipm/ Ceiling heights, floor loads, power availability, fire protection Cabling Infrastructure fire proof Electrical Systems extra seperate from buidling, prefer double Furniture none, a rolling table maybe Air conditioninglots (specs equipm) Ladder rack, cable tray and cable management installation.. and software /documentation -Oorspronkelijk bericht- Van: Juan Blanco [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 19 augustus 2003 12:55 Aan: Jansen, M Onderwerp: RE: Data Center Design [7:74126] I want to thank your for your quick response. We have a data center which need to be move to a new location on the same building, I have a meeting with the construction people this coming Thursday and this is the first time I am responsible of doing this. I already have some information from the web but what I really need is any document or web site in which I could find 101 document where I could quickly learn that typical type of questions that I will be asking the construction crew...Questions like the following: Time Frame PLANNING / MS project/ stick to it Staff committed to the project resource management/skills Project management of design/construction external(you want to sit in a advisory board, not be Data center relocation management Cutover dategradually, run things parallel for a LONG time if possible Space planning visio Project definition 1st thing to do Server/Rack/Equipment layoutvisio Power conditioning requirements external advice/business continuity plan leads/vendors website specs UPS Requirementsspecs equipm/ Ceiling heights, floor loads, power availability, fire protection Cabling Infrastructure fire proof Electrical Systems extra seperate from buidling, prefer double Furniture none, a rolling table maybe Air conditioninglots (specs equipm) Ladder rack, cable tray and cable management installation.. and software /documentation As you can see I already have some questions but probably they are sufficient, I need to see a document that guide me and explain how do I go by planning this datacenter move.I really appreciate your help and recommendations. In your e-mail you mentioned the following: data center safe white paper at the site (where is the link for this web site) Thanks, Juan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, August 19, 2003 1:58 AM To: [EMAIL PROTECTED] Subject: RE: Data Center Design [7:74126] Also I always say you need to do some reading on your own, physical or network design. That said, check the data center safe white paper at the site, you know. I studied myself trough cases for my CISSP (physical security, data contingency, disaster recovery, hot/warm/cold backup site / data mirror east/west?) Also have a consultant over that knows electricity (dual circuit 220/110/48?, backup diesels) cooling (double/single heavy duty) construction (disasters, physical etc) What about phisical / data / network monitoring? Start with the business goals, take in account SLA's (whether internal or external), contractor/customer/even user data or physical access POLICIES POLICIES Start writing a lot, do the meetings, then the consultant asks you things you have not thought of. Off my hat! Martijn -Oorspronkelijk bericht
RE: PIX and Router Setup Question [7:74141]
Tell me if I am wrong: (off my hat) Nat on pix only would cause me to use the 1700 as router/ routed subnet between pix1700. Because I am using a private range, I need to address a packet from a private IP address and to internet / from internet to a private ip address. Wich would not work. Because 1700 would not do nat.(Joel). When it does NAT, the segment between 1700 and pix would be private (10.165.251.240/28 for example not the most used 192.168.x.x) Tell the pix to do NAT with the NAT norandomseq keyword. So tcp sockets would not be randomized. On the 1700 filter until layer 4, make a nice and hefty access-list that denies it all exept initiated inside. Really do use dmz for mail filtering and web front-end! If you do punch holes in the pix to inside, please buy linksys or netgear... ;-) Make a plan for ids/syslog and time sync, use it and update it! Make a plan for intrusions/reactions, use it and update it! See SAFE website. http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/ns128/networking_solutio ns_package.html Martijn -Oorspronkelijk bericht- Van: Joel Satterley [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 19 augustus 2003 11:25 Aan: [EMAIL PROTECTED] Onderwerp: RE: PIX and Router Setup Question [7:74141] You'd be better off just using NAT on the PIX, it's what it was made for. Then just secure the 1721 as a perimeter router. NAT'ing twice could cause problems. -Original Message- From: Michael Barnhart [mailto:[EMAIL PROTECTED] Sent: 19 August 2003 04:06 To: [EMAIL PROTECTED] Subject: PIX and Router Setup Question [7:74141] Network is as such: Internet - 1721 - 515 PIX - Network We do not have many live IP addresses, so we want to use one on the 1721 Outside. Between the 1721 and the PIX we want to use a private network, say 192.168.1.x /24. On the inside PIX we will use the IP of the internal network (also a private address). The problem comes in how to setup the PIX to work properly. The 1721 is using NAT, and I would assume I need NAT on the PIX as well. At this point things get confusing! We are hosting a website on the internal network, as well as an email server. I want to see them from the Internet. Question is, do I need to double NAT, or is there some way to have the PIX just pass the internal network to the Router? Thanks! Michael Barnhart **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html === This message has been checked for all known viruses by the Sirocom Virus Scanning Service === === This message has been checked for all known viruses by the Sirocom Virus Scanning Service WWW.SIROCOM.COM === **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74167t=74141 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ISDN dialer rotatry groups [7:74159]
if you mean nvram, OK, I am not aware of RAM usage per dialer int. Ants, Dialin so you need a lot dialer int for callback destinations/routing? A rotary group is a designation for a group of physical interfaces (grouped together with a rotary number) that dialer interfaces can use so that you can assign your physical interfaces to different rotary groups and thus to dialer interfaces. PLS Tell us about you hunt-group number-plan, so we can continue on this. Martijn -Oorspronkelijk bericht- Van: Ants [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 19 augustus 2003 11:49 Aan: [EMAIL PROTECTED] Onderwerp: ISDN dialer rotatry groups [7:74159] Hi, have a C3640 with ISDN dialin capability currently around 40 dialer interfaces setup and would like to streamline memory used.. rotary groups will give me that function but not sure on how to set it up and how exactly it works with 'hunting' phone numbers also pro's and cons of using this functions... any advice would be appreciated. many thanks Ants **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74172t=74159 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: DSL over Dry Copper [7:74117]
What about the 2950 series LRE ? Long reach ethernet? Tell us about the specs, you have them. Cisco Long Range Ethernet (LRE) solution leverages Very High Data Rate Digital Subscriber Line (VDSL) technology to dramatically extend Ethernet services over existing Category 1/2/3 twisted pair wiring at speeds from 5 to 15 Mbps (full duplex) and distances up to 5,000 feet. The Cisco LRE technology delivers broadband service on the same lines as Plain Old Telephone Service (POTS), digital telephone, and ISDN traffic. In addition, Cisco LRE supports modes compatible with Asymmetric Digital Subscriber Line (ADSL) technologies, allowing service providers to provision LRE to buildings where broadband services already exist. http://www.cisco.com/en/US/products/hw/switches/ps605/products_white_paper09 186a0080088896.shtml http://www.cisco.com/en/US/products/hw/switches/ps293/products_data_sheet091 86a0080088894.html http://www.cisco.com/en/US/products/hw/switches/ps605/products_data_sheet091 86a0080088894.html Martijn -Oorspronkelijk bericht- Van: Dain Deutschman [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 21:05 Aan: [EMAIL PROTECTED] Onderwerp: DSL over Dry Copper [7:74117] Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74151t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP Connectivity Problem [7:74100]
Not completely on topic, sorry It is about a router, not a pc box. Martijn -Oorspronkelijk bericht- Van: Jansen, M Verzonden: dinsdag 19 augustus 2003 8:15 Aan: Eddie; [EMAIL PROTECTED] Onderwerp: RE: BGP Connectivity Problem [7:74100] What about mobile IP or VPN to border router and get an internal IP for the tftp server's point of view... Just in a typing mood. Martijn -Oorspronkelijk bericht- Van: Eddie [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 15:06 Aan: [EMAIL PROTECTED] Onderwerp: Re: BGP Connectivity Problem [7:74100] Matthew Webster wrote: Hi all, I have done a sample bgp configuration at r1r2.com. My network setup is as follows: TFTP_Server-(e0)r1(s0)--(s0)r2 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24. The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's e0 interface), I can't ping from r2, or from r1's s0 interface. [..] I suppose your TFTP server doesn't have a route entry pointing to the network 192.168.100.0 EC **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74154t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RM Process? [7:74198]
I have 2 AS5300 that have been rebooting pretty consistently. I upgraded both of them and I am still having the issue. I am seeing the following error: 00:20:31: %SYS-2-MALLOCFAIL: Memory allocation of 6000 bytes failed from 0x6032D3BC, alignment 0 Pool: Processor Free: 4353544 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool and it eventually crashes. I am not ruling out a DDoS. One thing that caught my attention is the RM Process which is consuming a lot of memory in a short period of time. Does anyone know what this does? A few minutes after a reboot of the chassi it increases systematically in size. Any help would be appreciated. as5300-2#sh processes memory Total: 46069472, Used: 20971964, Free: 25097508 PID TTY Allocated FreedHoldingGetbufsRetbufs Process 0 0 79648 1848 19373952 0 0 *Init* 0 0632 69616632 0 0 *Sched* 0 0 3556916871690602607959388 0 *Dead* 1 0280280 3808 0 0 Load Meter 2 0 5052 0 14412 3360 0 Mica board Downl 3 0 0 0 6808 0 0 Check heaps 4 0 96 0 6904 0 0 Chunk Manager 5 0 96 0 6904 0 0 Pool Manager 6 0280280 6808 0 0 Timers 7 0280280 6808 0 0 Serial Backgroun 8 0 96 0 6904 0 0 RM PROCESS 9 0 96 0 6904 0 0 RM PROCESS 10 0 96 0 6904 0 0 RM PROCESS 11 0 96 0 6904 0 0 RM PROCESS 12 0376280 6904 0 0 CAS Process 13 0 1692 1764 7408 0 0 ARP Input 14 0 0 0 6808 0 0 HC Counter Timer 15 0 5020280 6916 0 0 DDR Timers 16 0280280 12808 0 0 Dialer event 17 0 17320 3840 20288 0 0 Entity MIB API 18 0 96 0 6904 0 0 SERIAL A'detect as5300-2#sh processes memory Total: 46069472, Used: 22577836, Free: 23491636 PID TTY Allocated FreedHoldingGetbufsRetbufs Process 0 0 79648 1848 19371884 0 0 *Init* 0 0 11841829208 1184 0 0 *Sched* 0 0 385201168699352 3752608974108 0 *Dead* 1 0280280 3808 0 0 Load Meter 2 049658524455080 415476 0 0 Exec 3 0 0 0 6808 0 0 Check heaps 4 0 96 0 6904 0 0 Chunk Manager 5 0 96 0 6904 0 0 Pool Manager 6 0280280 6808 0 0 Timers 7 0 7240 2072 6808 0 0 Serial Backgroun 8 0 297444 7804 6904 0 0 RM PROCESS 9 034521602269824 7352 0 0 RM PROCESS 10 0 8628402018432 6904 0 0 RM PROCESS 11 0 19936 335760 6904 0 0 RM PROCESS 12 0376280 6904 0 0 CAS Process 13 0 1916 8492 7632 0 0 ARP Input 14 0 0 0 6808 0 0 HC Counter Timer 15 0 5128388 6916 0 0 DDR Timers 16 0280280 12808 0 0 Dialer event 17 0 17320 3840 20288 0 0 Entity MIB API 18 0 96 0 6904 0 0 SERIAL A'detect [snip] Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74198t=74198 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RM Process? [7:74198]
I have 2 AS5300 that have been rebooting pretty consistently. I upgraded both of them and I am still having the issue. I am seeing the following error: 00:20:31: %SYS-2-MALLOCFAIL: Memory allocation of 6000 bytes failed from 0x6032D3BC, alignment 0 Pool: Processor Free: 4353544 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool and it eventually crashes. I am not ruling out a DDoS. One thing that caught my attention is the RM Process which is consuming a lot of memory in a short period of time. Does anyone know what this does? A few minutes after a reboot of the chassi it increases systematically in size. Any help would be appreciated. as5300-2#sh processes memory Total: 46069472, Used: 20971964, Free: 25097508 PID TTY Allocated FreedHoldingGetbufsRetbufs Process 0 0 79648 1848 19373952 0 0 *Init* 0 0632 69616632 0 0 *Sched* 0 0 3556916871690602607959388 0 *Dead* 1 0280280 3808 0 0 Load Meter 2 0 5052 0 14412 3360 0 Mica board Downl 3 0 0 0 6808 0 0 Check heaps 4 0 96 0 6904 0 0 Chunk Manager 5 0 96 0 6904 0 0 Pool Manager 6 0280280 6808 0 0 Timers 7 0280280 6808 0 0 Serial Backgroun 8 0 96 0 6904 0 0 RM PROCESS 9 0 96 0 6904 0 0 RM PROCESS 10 0 96 0 6904 0 0 RM PROCESS 11 0 96 0 6904 0 0 RM PROCESS 12 0376280 6904 0 0 CAS Process 13 0 1692 1764 7408 0 0 ARP Input 14 0 0 0 6808 0 0 HC Counter Timer 15 0 5020280 6916 0 0 DDR Timers 16 0280280 12808 0 0 Dialer event 17 0 17320 3840 20288 0 0 Entity MIB API 18 0 96 0 6904 0 0 SERIAL A'detect as5300-2#sh processes memory Total: 46069472, Used: 22577836, Free: 23491636 PID TTY Allocated FreedHoldingGetbufsRetbufs Process 0 0 79648 1848 19371884 0 0 *Init* 0 0 11841829208 1184 0 0 *Sched* 0 0 385201168699352 3752608974108 0 *Dead* 1 0280280 3808 0 0 Load Meter 2 049658524455080 415476 0 0 Exec 3 0 0 0 6808 0 0 Check heaps 4 0 96 0 6904 0 0 Chunk Manager 5 0 96 0 6904 0 0 Pool Manager 6 0280280 6808 0 0 Timers 7 0 7240 2072 6808 0 0 Serial Backgroun 8 0 297444 7804 6904 0 0 RM PROCESS 9 034521602269824 7352 0 0 RM PROCESS 10 0 8628402018432 6904 0 0 RM PROCESS 11 0 19936 335760 6904 0 0 RM PROCESS 12 0376280 6904 0 0 CAS Process 13 0 1916 8492 7632 0 0 ARP Input 14 0 0 0 6808 0 0 HC Counter Timer 15 0 5128388 6916 0 0 DDR Timers 16 0280280 12808 0 0 Dialer event 17 0 17320 3840 20288 0 0 Entity MIB API 18 0 96 0 6904 0 0 SERIAL A'detect [snip] Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74244t=74198 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
OSPF Cost [7:74098]
Guys, Just to confirm that this is the correct costing default for OSPF :- 10*8 (1,,) \ bandwidth in kbps BW 1000 Kbit - 10Gig = OSPF Cost 10 BW 100 Kbit - 1Gig= OSPF Cost 100 BW 10 Kbit - 100Meg = OSPF Cost 1000 BW1 Kbit - 10Meg = OSPF Cost 1 BW 1544 Kbit - T1 = OSPF Cost 64767 (rounded up) BW 64 kbit - DS0 = OSPF Cost 1562500 Many thx indeed. Ken For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74098t=74098 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Trying run ISIS on 2600 [7:74051]
ISIS is part of the Enterprise code. Upgrading to that will allow you to configure ISIS. Thanks, Ian www.ccie4u.com Rack Rentals and Lab Scenarios starting at $20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of irfan siddiqui Sent: Saturday, August 16, 2003 4:30 PM To: [EMAIL PROTECTED] Subject: Trying run ISIS on 2600 [7:74051] I am trying to run ISIS on a 2600 series router however it does not accept the CLNS and ISIS routing commands at the Config mode. I am using IOS IP version only? Do i need IP plus version to configure ISIS?? Thanks _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74058t=74051 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 3750 Capability [7:73989]
What about RMON/SNMP in combi with managament software? Statistics (RMON group 1)-Collects Ethernet, Fast Ethernet, and Gigabit Ethernet statistics on an interface. History (RMON group 2)-Collects a history group of statistics on Ethernet, Fast Ethernet, and Gigabit Ethernet interfaces for a specified polling interval. Alarm (RMON group 3)-Monitors a specific management information base (MIB) object for a specified interval, triggers an alarm at a specified value (rising threshold), and resets the alarm at another value (falling threshold). Alarms can be used with events; the alarm triggers an event, which can generate a log entry or an SNMP trap. Event (RMON group 9)-Determines the action to take when an event is triggered by an alarm. The action can be to generate a log entry or an SNMP trap. Martijn -Oorspronkelijk bericht- Van: Azhar Teza [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 15 augustus 2003 1:58 Aan: [EMAIL PROTECTED] Onderwerp: 3750 Capability [7:73989] Netflow Switching Card on 6509 allow administer to monitor traffic rightdown the plumbing level. For Example if one of the ports on 6509 is connected to a workstation, with netflow card one could determine in seconds that what kind of traffic is passed on that port, like video streaming, or users is downloading 10.0mb file and so on. Am I correct? If swithes such as 3750 (fairly new products) are stacked in IDF's and there is a issue with the port then how can one achieve the same results in 3750 switches as one can do it with netflow card in 6509 switches. Are there any features that can allow me to monitor traffic at plumbing level such as If user's port is bogged down because of video streaming in Cisco 3750 switches. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74007t=73989 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Line Redundancy [7:73931]
How about this. I'll give some tips since nobody is replying. Different pairs of copper. Different dsl provider. 2 Different ip subnets/29? Double global pools on pix e0. dougble nat to double internal ip's for mail(1 nic). double public dns records for mx mail etc. different prio. try to mix and match with pix for routes (outside) subnet 1 to mail external mail relayer DG 1 AD 10 routes (outside) subnet 2 to mail external mail relayer DG 2 AD 20 so some kind of static failover/load balance. or something. Martijn -Oorspronkelijk bericht- Van: E. Keith J. [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 12 augustus 2003 19:38 Aan: [EMAIL PROTECTED] Onderwerp: Line Redundancy [7:73931] Hi all, I need some Line or Internet redundancy for a relatively small network. We currently have a SDSL line from speakeasy which resells Covad. I need another type of line that would remain up if this line went down as it recently did. Now they believe me about redundancy! To my understanding it is really difficult to get different connections in the last mile? From the CO to the site. Nonetheless any redundancy is better than absolutely none. I think T1 is a choice as it is logically different. Still may not protect me in the last mile but better than nothing. The T1 would become the primary connection with the SDSL becoming the backup. Id like to use a 515 to bring in both lines. A phone line would not meet the requirements needed. I understand having a ASDL line and SDSL line would use different hardware. This would be a choice if I cannot get the dollars for the above. We are still a small company. Maybe 50 employees, but growing. what other choices might I have? I'm in the California bay area if that helps. Thanks Keith J. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74008t=73931 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: hsrp and icmp redirects [7:73972]
How do all incoming routes/gateway branchoffice routes look? Martijn -Oorspronkelijk bericht- Van: Robert Kimble [mailto:[EMAIL PROTECTED] Verzonden: donderdag 14 augustus 2003 16:57 Aan: [EMAIL PROTECTED] Onderwerp: hsrp and icmp redirects [7:73972] Ok. I'll try to explain what happened as best as I can. We have two 6509's each with an msfc and until last night we were only using the msfc on one of them. Last night I brought up the second msfc and set up hsrp between the two. everything worked great here in the office last night. However, this morning our branch offices had no connectivity to us. My boss went in and turned off icmp redirects on the vlan interfaces on the second msfc and everything was fine. 1. I thought icmp redirects were disabled automatically when you configure hsrp on an interface. 2. How did turning off the redirects fix the problem? (I would ask my boss but I probably look bad enough). Any way. Please let me know if you need more info to answer this question. -Bobby **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74005t=73972 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX xlate question [7:74012]
PLS give, just to be sure, Global and NAT statements. Martijn -Oorspronkelijk bericht- Van: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 15 augustus 2003 12:34 Aan: [EMAIL PROTECTED] Onderwerp: PIX xlate question [7:74012] why would I see the folowing when I do sh xlate on the pix, i.e. one global address is beeing translated to the next in line global address ? and sugestions would be welcome Global 213.213.128.143 Local 213.213.128.142 Global 213.213.128.142 Local 213.213.128.141 Global 213.213.128.137 Local 213.213.128.136 Global 213.213.128.136 Local 213.213.128.135 Global 213.213.128.139 Local 213.213.128.138 Global 213.213.128.138 Local 213.213.128.137 Global 213.213.128.133 Local 217.3.103.62 Global 213.213.128.132 Local 213.213.128.131 Global 213.213.128.135 Local 213.213.128.134 Global 213.213.128.134 Local 213.213.128.133 Global 213.213.128.129 Local 213.213.128.128 Global 213.213.128.128 Local 213.213.128.127 Global 213.213.128.131 Local 213.213.128.130 Global 213.213.128.130 Local 213.213.128.129 Global 213.213.128.189 Local 213.213.128.188 Global 213.213.128.188 Local 213.213.128.187 Global 213.213.128.191 Local 200.65.74.239 Global 213.213.128.190 Local 213.213.128.189 Global 213.213.128.185 Local 213.213.128.184 Global 213.213.128.184 Local 213.213.128.183 Global 213.213.128.187 Local 213.213.128.186 Global 213.213.128.186 Local 213.213.128.185 Global 213.213.128.181 Local 213.213.128.180 Global 213.213.128.180 Local 213.213.128.179 Global 213.213.128.183 Local 213.213.128.182 Global 213.213.128.182 Local 213.213.128.181 Global 213.213.128.177 Local 213.213.128.176 Global 213.213.128.176 Local 213.213.128.175 Global 213.213.128.179 Local 213.213.128.178 Global 213.213.128.178 Local 213.213.128.177 Global 213.213.128.173 Local 213.213.138.210 Global 213.213.128.172 Local 10.200.20.124 Global 213.213.128.175 Local 213.213.128.174 Global 213.213.128.174 Local 213.213.128.173 Global 213.213.128.169 Local 213.213.128.168 Global 213.213.128.168 Local 213.213.128.167 Global 213.213.128.171 Local 213.213.128.170 Global 213.213.128.170 Local 213.213.128.169 Global 213.213.128.165 Local 213.213.128.164 Global 213.213.128.164 Local 213.213.128.163 Global 213.213.128.167 Local 213.213.128.166 Global 213.213.128.166 Local 213.213.128.165 Global 213.213.128.161 Local 213.213.128.160 Global 213.213.128.160 Local 213.213.128.159 Global 213.213.128.163 Local 213.213.128.162 Global 213.213.128.162 Local 213.213.128.161 **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74014t=74012 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX timeout uauth [7:73995]
Simer, I always leave all timers standard. That works. I keep PIXOS versions in sync. When you ping from site 2 in the morning, tunnel should also come up. Double check all the access-lists/peer statements. Martijn -Oorspronkelijk bericht- Van: Simer Mayo [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 15 augustus 2003 6:46 Aan: [EMAIL PROTECTED] Onderwerp: PIX timeout uauth [7:73995] I have a site to site tunnel between 2 sites with PIX 515e. The tunnel between the sites goes in a sleep mode every morning and I have to ping site 2 PC IP address from a PC behind the PIX in site 1 to get the tunnel back online. timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute uauth 00:25:00 inactivity Please advice. Thanks **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74004t=73995 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: traffic flow [7:73495]
That's what i said, use a ws with SNIFFER in between, INSTANT graphs. Martijn -Oorspronkelijk bericht- Van: Doan Nguyen [mailto:[EMAIL PROTECTED] Verzonden: donderdag 7 augustus 2003 22:11 Aan: [EMAIL PROTECTED] Onderwerp: RE: traffic flow [7:73495] Netlfow would be your best way of doing this but you will need a netflow server and I think that costs additional money. AFter that you would need to write scripts to parse out the netflow data, because it's not pretty to look at. ip accounting is a quick and intrusive way to do accounting of ip traffic but it is stresful to your router and would only give you the biggest IP pair talker. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73863t=73495 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
FW: cisco back to back cable [7:71992]
or maybe try alternating the dce/dte settings on the serial interfaces -Original Message- From: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED] Sent: 08 August 2003 09:37 AM To: [EMAIL PROTECTED] Subject: RE: cisco back to back cable [7:71992] Sure you're using a cross cable? -Original Message- From: KW S [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 6:22 PM To: [EMAIL PROTECTED] Subject: cisco back to back cable [7:71992] Dear All I have a 2501 and 2505 and I am trying to set up a homelab..These 2 routers come with a cable which is a DB60(DTE) and the other end is a DB60(DCE).This is wat that is label on the cable. Anyway, I try to connect this cable to the serial interface of the 2 routers...and both the routers are showing serial is down and line protocol is down. I guess I have used the wrong cable...or maybe I have missed out something. Please comment.. Regards, kws DISCLAIMER This e-mail and any attachment thereto may contain information which is confidential and/or protected by intellectual property rights and are intended for the sole use of the recipient(s) named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation. For further information about Proximus mobile phone services please see our website at http://www.proximus.be or refer to any Proximus agent. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73711t=71992 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Access Internet via the corporate PIX [7:73563]
Build the tunnel first. Use HQ or RO dns. Make sure users cannot HTTP direct through firewall, enable direct HTTPS trough it if you want. MAybe also no ftp etc, no direct dns? I believe you need an inside next hop proxy-server. Until 6.2 atleast pix does not route ip between 2 ipsec tunnels. User's Get request forwarded to deamon through tunnel, fetched from cache or Inet, reply to browser through tunnel. Proxy will also do a nice job filtering mobile code and keeping surfing behaviour in line with policies. I'd say you should already should have it. Martijn -Oorspronkelijk bericht- Van: johnman johnman [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 5 augustus 2003 23:06 Aan: [EMAIL PROTECTED] Onderwerp: Access Internet via the corporate PIX [7:73563] I am building a vpn tunnel PIX-to-PIX both connected to the internet. I would like theusers at the remote site to access the internet only via the the corporate PIX. Remote PIX 501: Inside net 192.168.2.0/24 outside x.x.x.x Corporate PIX 515: Inside net 192.168.1.0/24 outisde IP y.y.y.y How would I build the access-list to force the remote users behind the PIX 501 to access the internet via the PIX 515 at the corporate site ? _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73601t=73563 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Cisco 806 ? [7:73613]
It does. It is IOS. Just do your CLI thing. Martijn -Oorspronkelijk bericht- Van: Herold Heiko [mailto:[EMAIL PROTECTED] Verzonden: woensdag 6 augustus 2003 17:21 Aan: [EMAIL PROTECTED] Onderwerp: Cisco 806 ? [7:73613] Hi, for some tests I need something cheap to play with, having 2 eth, vpn and (static) nat capability. Could anybody confirm if a 806 with a IP/FW PLUS 3DES image does support IPSEC and NAT at the same time ? From the docs I'd say it does support both but can I have a vpn tunnel, and nat inside the local network, and nat outside the remote (on the other end of the tunnel) network ? The other endpoint would be a pix or a fw-1 although that shouldn't matter. Couldn't find any configrmation of this in the docs :( Thanks Heiko -- -- PREVINET S.p.A. www.previnet.it -- Heiko Herold [EMAIL PROTECTED] -- +39-041-5907073 ph -- +39-041-5907472 fax **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73642t=73613 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: IOS image.... [7:73481]
Buy online cco when you're partner/subscribe http://shop.cisco.com Subscribtions should have latest. Maybe ebay? Martijn -Oorspronkelijk bericht- Van: Shab Hanon [mailto:[EMAIL PROTECTED] Verzonden: woensdag 6 augustus 2003 21:47 Aan: [EMAIL PROTECTED] Onderwerp: Re: IOS image [7:73481] Ya this is good link . Thanks :) Cheers, Shab wrote in message news:[EMAIL PROTECTED] Buy online cco when you're partner/subscribe or http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm Martijn -Oorspronkelijk bericht- Van: alaerte Vidali [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 5 augustus 2003 17:05 Aan: [EMAIL PROTECTED] Onderwerp: RE: IOS image [7:73481] Any recommendation in how to get the doc CD with 12.2 features? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73646t=73481 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Networkers 2002 PDFs [7:73522] (LINKS READY FOR DOWNLOAD!) [7:73596]
Only this once all level 2-3 READY FOR DOWNLOAD! Use them as flashcards in the subway.. RST-221 Router Architecture and Operation L2 Phillip Harris 2.8 MB RST-222 Catalyst Switch Architecture and Operation L2 Jeff Raymond 1.1 MB RST-231 Deploying IPv6 Networks L2 Raj Gulani 885 KB RST-241 Deploying OSPF L2 Ian Foo, Bill Parkhurst 1.8 MB RST-242 Deploying EIGRP L2 Russ White 2.5 MB RST-243 Deploying BGP-4 L2 Alvaro Retana 709 KB RST-251 Deploying MPLS Traffic Engineering L2 Eric Osborne 552 KB RST-252 Deploying L2 Transport and Tunneling Technologies L2 Eric Matkovich 1.5 MB RST-253 Deploying MPLS VPNs L2 Eric Osborne, Ajay Simha 1.5 MB RST-260 Deploying IP Multicast L2 Beau Williamson 687 KB RST-261 Deploying Inter-Domain IP Multicast L2 Michael McBride 1.4 MB RST-271 Deploying Campus Networks L2 Chetan Sharan 805 KB RST-321 Troubleshooting Router IOS Operation L3 Russ White, David Cook 3.3 MB RST-322 Troubleshooting Catalyst Switches L3 Todd Hollmann, Tom Settle 449 KB RST-341 Troubleshooting OSPF L3 Cliff Potts, Faraz Shamim 594 KB RST-342 Troubleshooting EIGRP L3 Don Slice 627 KB RST-343 Troubleshooting the Deployment of BGP-4 L3 Daniel Walton 1.4 MB RST-360 Troubleshooting IP Multicast L3 Bryan McLaughlin 1.1 MB RST-440 Advanced Routing Concepts and Developments L4 Alvaro Retana 1.0 MB RST-450 Advanced Concepts and Developments in MPLS L4 Bruce Davie 1.1 MB http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-221.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-222.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-232.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-241.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-242.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-243.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-251.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-252.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-253.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-260.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-261.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-271.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-321.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-322.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-341.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-342.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-343.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-360.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-440.pdf http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-450.pdf Cheers Martijn -Oorspronkelijk bericht- Van: Jens Petter Eikeland [mailto:[EMAIL PROTECTED] Verzonden: woensdag 6 augustus 2003 7:06 Aan: [EMAIL PROTECTED] Onderwerp: RE: Networkers 2002 PDFs [7:73522] Hi , Here are the complet url... http://www.cisco.com/networkers/nw02/post/presentations/pres_routing.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of YASSER ALY Sent: 5. august 2003 16:54 To: [EMAIL PROTECTED] Subject: Networkers 2002 PDFs [7:73522] Dear All, Anybody knows the URL to download Cisco networkers 2002 PDFs Are PDFs for 2003 available for download ? Regards, Yasser _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73596t=73596 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: cisco back to back cable [7:71992] ENGLISH version, so to [7:73714]
url do a no shut on serial intf clock dce say 64000 then sh controllers ser x Look at the DCD=up DSR=up DTR=up RTS=up CTS=up you have a working cable, interface 2x http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fint er_r/irfshoap.htm#1019003 http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_examp le09186a0080094504.shtml LET OP DE ONDERSTE REGEL DAN IS IE UP! spicey#show interfaces serial 1 Serial1 is up, line protocol is up Hardware is HD64570 Internet address is 5.0.2.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP Last input 00:00:01, output 00:00:01, output hang never Last clearing of show interface counters 00:09:27 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 130 packets input, 3392 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 129 packets output, 3378 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Martijn -Oorspronkelijk bericht- Van: Jansen, M Verzonden: vrijdag 8 augustus 2003 12:36 Aan: 'LINSEN Jurgen (BMB)'; [EMAIL PROTECTED] Onderwerp: RE: cisco back to back cable [7:71992] In dutch, to keep things easy. Denk dat je eerst even de zaken moet proberen. controle kabel checken met commando sh controller serial, zie je een interface type staan, dus die dce/dte sh interface serial x Router# show interfaces serial Serial 0 is up, line protocol is up Hardware is MCI Serial Internet address is 131.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:07, output 0:00:00, output hang never Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec 16263 packets input, 1347238 bytes, 0 no buffer Received 13983 broadcasts, 0 runts, 0 giants 2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 1 carrier transitions 22146 packets output, 2383680 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets, 0 restarts check onderaan dte/dce/rts/cts signalen moeten werken configuratie standaard configuratie de ene is dce (moet commando clockrate bv 64000 bij) ander is dte geen clockrate Martijn -Oorspronkelijk bericht- Van: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 8 augustus 2003 9:37 Aan: [EMAIL PROTECTED] Onderwerp: RE: cisco back to back cable [7:71992] Sure you're using a cross cable? -Original Message- From: KW S [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 6:22 PM To: [EMAIL PROTECTED] Subject: cisco back to back cable [7:71992] Dear All I have a 2501 and 2505 and I am trying to set up a homelab..These 2 routers come with a cable which is a DB60(DTE) and the other end is a DB60(DCE).This is wat that is label on the cable. Anyway, I try to connect this cable to the serial interface of the 2 routers...and both the routers are showing serial is down and line protocol is down. I guess I have used the wrong cable...or maybe I have missed out something. Please comment.. Regards, kws DISCLAIMER This e-mail and any attachment thereto may contain information which is confidential and/or protected by intellectual property rights and are intended for the sole use of the recipient(s) named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation. For further information about Proximus mobile phone services please see our website at http://www.proximus.be or refer to any Proximus agent. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73714t=73714
RE: a token ring question [7:73908]
According to cco cat 3900/5000 can switch multicast on TR. http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr mc_r/mult/1rfmult2.htm#1078651 ip multicast use-functional To enable the mapping of IP multicast addresses to the Token Ring functional address 0xc000.0004., use the ip multicast use-functional command in interface configuration mode. To disable the function, use the no form of this command. ip multicast use-functional no ip multicast use-functional Syntax Description This command has no arguments or keywords. Defaults IP multicast address are mapped to the MAC-layer address 0x... Usage Guidelines This command is accepted only on a Token Ring interface. Neighboring devices on the Token Ring on which this feature is used should also use the same functional address for IP multicast traffic. Because there are a limited number of Token Ring functional addresses, other protocols may be assigned to the Token Ring functional address 0xc000.0004.. Therefore, not every frame sent to the functional address is necessarily an IP multicast frame. Examples The following example configures any IP multicast packets going out Token Ring interface 0 to be mapped to MAC address 0xc000.0004.: interface token 0 ip address 1.1.1.1 255.255.255.0 ip pim dense-mode ip multicast use-functional Martijn -Oorspronkelijk bericht- Van: wj chou [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 12 augustus 2003 7:55 Aan: [EMAIL PROTECTED] Onderwerp: a token ring question [7:73908] Hi, Can token ring carry multicast traffic? And what's the ip address to mac address mapping if it does? Thanks! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73909t=73908 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: VPN Best Hardware to use? [7:73793]
That is adsl over isdn. Thought to only COMMON flavours were adsl async up/down and sdsl sync up/down freq ranges. SEEMS YOU CAN USE A BRI WIC!!! Developed by Ascend Communications (acquired by Lucent Technologies), ISDN Digital Subscriber Line (IDSL) transmits data digitally across existing ISDN lines, at a rate of 128 Kbps. The benefits of IDSL over ISDN are that the former service offers always-on connections, transmits data via a data network rather than the phone companybs voice network, and avoids per-call fees by being billed at a flat-rate. http://www.cisco.com/en/US/partner/tech/tk175/tk349/technologies_q_and_a_ite m09186a00800946d3.shtml Q. What is IDSL? IDSL is a cross between ISDN and xDSL. As with ISDN, it uses a single wire pair to transmit full-duplex data at 128 Kbps and at distances of up to the Revised Resistance Distance range of 15,000 to 18,000 feet. IDSL also uses a 2B1Q line code to enable transparent operation through the ISDN U interface. IDSL is essentially a leased line ISDN Basic Rate Interface (BRI), or an ISDN BRI that is not switched and does not contain signaling (a D channel). IDSL and ISDN BRI use the same 2B1Q line modulation. On the router, this equates to putting the BRI interface in a leased line configuration. The line can be configured for a speed of 64 Kbps, 128 Kbps, or 144 Kbps. The frames that are going across the wire are standard High-Level Data Link Control (HDLC) frames. IDSL can be configured with Point-to-Point Protocol (PPP) or Frame Relay encapsulation for the leased line BRI interface. The easiest way to think about it is as if the BRI interface was a slow speed synchronous serial port. Also, existing Customer Premises Equipment (CPE) (ISDN BRI terminal adapters, bridges, and routers) can be used to connect to the central office. IDSL Frequently Asked Questions Downloads IDSL Frequently Asked Questions Questions What is IDSL? Does the Cisco 2500 series router support IDSL? Does the Cisco 2600 support IDSL? What routers support IDSL? Is PPP over Frame Relay supported on IDSL? Does a SPID or phone number need to be defined to configure IDSL? Do I need the ISDN switch type command on the CPE when I configure IDSL? Is the Cisco 804 IDSL router compatible with CopperMountain CE200? Does the Cisco 804 IDSL router support PPP over Frame Relay? Does the Cisco DSLAM chassis have IDSL modules? What is the distance limitation for IDSL? Does IDSL support voice? How do I configure a basic IDSL interface? Related Information Q. What is IDSL? IDSL is a cross between ISDN and xDSL. As with ISDN, it uses a single wire pair to transmit full-duplex data at 128 Kbps and at distances of up to the Revised Resistance Distance range of 15,000 to 18,000 feet. IDSL also uses a 2B1Q line code to enable transparent operation through the ISDN U interface. IDSL is essentially a leased line ISDN Basic Rate Interface (BRI), or an ISDN BRI that is not switched and does not contain signaling (a D channel). IDSL and ISDN BRI use the same 2B1Q line modulation. On the router, this equates to putting the BRI interface in a leased line configuration. The line can be configured for a speed of 64 Kbps, 128 Kbps, or 144 Kbps. The frames that are going across the wire are standard High-Level Data Link Control (HDLC) frames. IDSL can be configured with Point-to-Point Protocol (PPP) or Frame Relay encapsulation for the leased line BRI interface. The easiest way to think about it is as if the BRI interface was a slow speed synchronous serial port. Also, existing Customer Premises Equipment (CPE) (ISDN BRI terminal adapters, bridges, and routers) can be used to connect to the central office. Q. Does the Cisco 2500 series router support IDSL? No. The Cisco 2500 series does not support IDSL because its BRI hardware does not support channel aggregation. Q. Does the Cisco 2600 support IDSL? Yes. IDSL is currently supported with the ISDN WAN Interface Cards (WICs) and network modules when they are configured in leased line mode. Q. What routers support IDSL? The following routers support IDSL: 800 b Cisco 801-805 ISDN, Serial, and IDSL Routers 1600 b Cisco 1600 Series Routers and WAN Interface Cards 1720 b Cisco 1720 Modular Access Router 1750 b Cisco 1750 Modular Access Router 2600 b Connecting WAN and Voice Interface Cards to a Network Martijn -Oorspronkelijk bericht- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: woensdag 13 augustus 2003 7:53 Aan: Jansen, M; [EMAIL PROTECTED] Onderwerp: RE: VPN Best Hardware to use? [7:73793] That is a ADSL WIC or am I missing something? We are looking to use IDSL but can not find a router that supports 3DES and IDSL Ryan -Original Message- From: [EMAIL PROTECTED] [mailto
RE: VPN Best Hardware to use? [7:73793]
You mean? newest: DSL WAN Interface Cards WIC-1ADSL-I-DG 1-port ADSLoISDN WAN Interface Card cco partner login: http://www.cisco.com/en/US/partner/products/hw/routers/ps221/products_data_s heet09186a0080088713.html Martijn -Oorspronkelijk bericht- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: woensdag 13 augustus 2003 3:57 Aan: [EMAIL PROTECTED] Onderwerp: RE: VPN Best Hardware to use? [7:73793] You are right it is a service offering. Right now, we are using ISDN dial-up and would like to move to a full time connection. We would not be using the customerbs connection but will be installing a 144K IDSL or 192K SDSL line. What I am going to do on Friday in the lab ( If we get the lines from Covad on time) is use a 7200 at the head end and a 1700 on the other end run the IPSec and NAT on the 1700 and see how that goes. The only problem is I cannot find an IDSL WIC on CCO I only see an ADSL and SDSL. Ryan Message- From: [EMAIL PROTECTED] on behalf of Reimer, Fred Sent: Mon 8/11/2003 10:02 AM To: [EMAIL PROTECTED] Cc: Subject: RE: VPN Best Hardware to use? [7:73793] I would certainly hope that the remotes wouldn't use different platforms. I don't know the business model, but it sounds to me like it's some kind of service offering or something. Maybe they have a 2000 site Frame Relay network used to offer a service or something, and they want to switch to something more economical. Instead of paying monthly circuit fees, pay a one-time hardware cost (assuming they don't own the FR routers at the customer end) and use the customer's Internet connection. Why in the world would you want different hardware at each customer site in that situation? Standardize on one hardware platform, and build the cost of that hardware into the business model... If that's the case then the cost of a 3005 can be justified in a small number of months, depending on your FR cost. Certainly you would recoup your cost and start making more money, due to less operating cost, relatively quickly. Now, if this is something else, like a company with 2000 offices throughout the world, then I can see your point and you may end up with different requirements. But, that's not how it sounds so far. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 6:57 AM To: [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] Despite all hw issues, you really need to - describe the business req's first - translate to technical req's (you are talking 2000+ sites) And you will see that you'll need more than one platform for de Remotes. Dependig on your hierarchy concerning - messaging - authentication - client-server - webapps - desktop/register maintenance/management - security man You will need to or may want to build an hierarchical design. Keep in mind that differen platfroms use different (HQ) fail-over or 2nd ip techniques. Martijn -Oorspronkelijk bericht- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: zondag 10 augustus 2003 4:36 Aan: [EMAIL PROTECTED] Onderwerp: VPN Best Hardware to use? [7:73793] I need to setup VPNs to about 2000 sites. Each site will have an IDSL line installed that will be used to connect to monitor network devices and servers. Some of the remote networks will be using the same network block. I am looking to know what the best hardware to use on each end is. On my end, would it be better to use a PIX or a 3030? On the remote end, I was looking at a PIX 501, SOHO 91 or the 831? Thank you Ryan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from
Re: tcp [7:73518]
On Tuesday, August 5, 2003, at 10:14 AM, Howard C. Berkowitz wrote: 2.Can receiver send ack before whole window comes in? Not for the window it's receiving, but for a previous window. Unless you're Microsoft. http://grotto11.com/blog/slash.html?+1039831658 This isn't to make this a MS-bashing thread. More for information purposes that there are implementations out there that don't follow RFCs exactly, and there are some that practically throw them out the window. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73542t=73518 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: what are ip directed-broadcast and ip mroute-cache [7:73842]
A quick explanation- please add on... Mroute is for the multicast routing table... Ip directed-boradcast allows a host to direct a physical broadcast to a specific subnet it only effects broadcast medium... -Original Message- From: Iwan Hoogendoorn [mailto:[EMAIL PROTECTED] Sent: Sunday, August 10, 2003 9:25 AM To: [EMAIL PROTECTED] Subject: what are ip directed-broadcast and ip mroute-cache [7:73800] Can someone explain me what this is for and what is does? ip directed-broadcast ip mroute-cache Thank You Iwan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73842t=73842 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: cisco back to back cable [7:71992]
In dutch, to keep things easy. Denk dat je eerst even de zaken moet proberen. controle kabel checken met commando sh controller serial, zie je een interface type staan, dus die dce/dte sh interface serial x Router# show interfaces serial Serial 0 is up, line protocol is up Hardware is MCI Serial Internet address is 131.136.190.203, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:07, output 0:00:00, output hang never Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 0 bits/sec, 0 packets/sec Five minute output rate 0 bits/sec, 0 packets/sec 16263 packets input, 1347238 bytes, 0 no buffer Received 13983 broadcasts, 0 runts, 0 giants 2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 1 carrier transitions 22146 packets output, 2383680 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets, 0 restarts check onderaan dte/dce/rts/cts signalen moeten werken configuratie standaard configuratie de ene is dce (moet commando clockrate bv 64000 bij) ander is dte geen clockrate Martijn -Oorspronkelijk bericht- Van: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED] Verzonden: vrijdag 8 augustus 2003 9:37 Aan: [EMAIL PROTECTED] Onderwerp: RE: cisco back to back cable [7:71992] Sure you're using a cross cable? -Original Message- From: KW S [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 6:22 PM To: [EMAIL PROTECTED] Subject: cisco back to back cable [7:71992] Dear All I have a 2501 and 2505 and I am trying to set up a homelab..These 2 routers come with a cable which is a DB60(DTE) and the other end is a DB60(DCE).This is wat that is label on the cable. Anyway, I try to connect this cable to the serial interface of the 2 routers...and both the routers are showing serial is down and line protocol is down. I guess I have used the wrong cable...or maybe I have missed out something. Please comment.. Regards, kws DISCLAIMER This e-mail and any attachment thereto may contain information which is confidential and/or protected by intellectual property rights and are intended for the sole use of the recipient(s) named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation. For further information about Proximus mobile phone services please see our website at http://www.proximus.be or refer to any Proximus agent. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73713t=71992 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: VPN Best Hardware to use? [7:73793]
Despite all hw issues, you really need to - describe the business req's first - translate to technical req's (you are talking 2000+ sites) And you will see that you'll need more than one platform for de Remotes. Dependig on your hierarchy concerning - messaging - authentication - client-server - webapps - desktop/register maintenance/management - security man You will need to or may want to build an hierarchical design. Keep in mind that differen platfroms use different (HQ) fail-over or 2nd ip techniques. Martijn -Oorspronkelijk bericht- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: zondag 10 augustus 2003 4:36 Aan: [EMAIL PROTECTED] Onderwerp: VPN Best Hardware to use? [7:73793] I need to setup VPNs to about 2000 sites. Each site will have an IDSL line installed that will be used to connect to monitor network devices and servers. Some of the remote networks will be using the same network block. I am looking to know what the best hardware to use on each end is. On my end, would it be better to use a PIX or a 3030? On the remote end, I was looking at a PIX 501, SOHO 91 or the 831? Thank you Ryan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73862t=73793 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
New Remote Access exam 642-821 vs the old current exam BCRAN [7:73592]
Hello All, Has anybody taken the Beta Remote Access 642-821 exam? Does anybody know whether the new exams has X.25 and TACACS+ included in it as Cisco.com does not have it as one of the exam objectives listed. The new exam has VPN and DSL included. Pooven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73592t=73592 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Want a spam-friendly mailbox? [7:73856]
Want a spam-friendly mailbox? Call 1-480-946-1462 and leave your name, email address and phone number. You may also click REPLY to this address and provide your full details. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73856t=73856 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Gigabit Ethernet Collisions [7:73555]
You have a setup you would like to share? Martijn -Oorspronkelijk bericht- Van: Neil Andersen [mailto:[EMAIL PROTECTED] Verzonden: woensdag 6 augustus 2003 2:06 Aan: [EMAIL PROTECTED] Onderwerp: Re: Gigabit Ethernet Collisions [7:73555] This would be when you are using the Gigastack options? Isn't normal operation of Gigabit is FULL DUPLEX. My thoughts were that collisions on Gigabit were bug/hardware problems, not flow control, normal, or representation of giants. Neil **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73590t=73555 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Strange VPN problem [7:73641] OT:F funny [7:73722]
I mailed that! Only your explanation is superior. ;-) When i have time, not studying for my lab, i study the English language.. Say, getting dizzy over the CC BGP guide (that should be during my sleep though, like very wannabee, I have not seen a normal book in a while) Martijn -Oorspronkelijk bericht- Van: Reimer, Fred [mailto:[EMAIL PROTECTED] Verzonden: donderdag 7 augustus 2003 15:33 Aan: [EMAIL PROTECTED] Onderwerp: RE: Strange VPN problem [7:73641] Does anyone read the manuals around here??? http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/secu r_r/sec_c2g.htm#1070272 You probably have your IKE proposal in your concentrator set for XAUTH, and you don't have your router setup for that. You can configure your router as the reference manual says, or you }may{ be able to add in a new or modify an existing IKE policy under Configuration | System | Tunneling Protocols | IPSec | IKE Proposals so that the Authentication mode is not one that has (XAUTH) at the end of it. Probably Preshared Keys would be the one you want. If you create a new one (recommended) they you would have to change the IKE policy used for your SA under Configuration | Policy Management | Traffic Management | SAs. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: suaveguru [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 1:08 AM To: [EMAIL PROTECTED] Subject: Strange VPN problem [7:73641] hi all, I am trying to setup a easy VPN solution for a cisco 837 to a cisco VPN concentrator 3005 using network extension mode but I keep getting this error msg Aug 7 13:08:16.571: EZVPN(mendelvpn): Pending XAuth Request, Please enter the following command: Aug 7 13:08:16.571: EZVPN: crypto ipsec client ezvpn xauth Any form of input will be appreciated suaveguru __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73722t=73722 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73953]
Since you don't have any access to the ATM switch on the exam it follows that you don't need to know how to configure it. There are things such as ILMI/QSAAL with auto pvc discovery that may not function the same on a point to point link versus having a switch in the middle. Just a thought. Ian http://www.ccie4u.com Rack Rentals and Lab Scenarios starting at $20 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 12, 2003 1:36 PM To: [EMAIL PROTECTED] Subject: RE: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73612] From what I have heard, you are not asked to configure ATM switches, so back to back connection would be ok. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73953t=73953 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73882]
Fred, I respect you. You are one of the top repliers at the moment, terms of qual and freq. I am learning a lot from you, between work en heavy (i mean heavy) cramming an typing for my coming lab. And I mean it. I get a laugh out of your, Fred, (ccna) and answering ccie level qa! More than one platform depending on req's MAYBE also deployment costs, EOL (800 806-820's-830's series spinning like crazy, 501 here to stay, vpn hw client okay.) Please stop because we're fishing, we need facts. RYAN, Please give us a list of req's. When you design 10-20 sites you ask for a box. When you design 2000 sites you design a total solution. Management of - config, - change, - security, - availability, - performance and - capacity. I am sure I forgot one. You catch my drift? I am also curious about service offered, need front-end? back-end? DMZ's? etc. Learnt as designer consultant etc that if you make a quicky of business req's you'll pay afterwards, because it is not what customer had hoped for Trusted -untrusted client sites. Martijn -Oorspronkelijk bericht- Van: Reimer, Fred [mailto:[EMAIL PROTECTED] Verzonden: maandag 11 augustus 2003 16:02 Aan: Jansen, M; [EMAIL PROTECTED] Onderwerp: RE: VPN Best Hardware to use? [7:73793] I would certainly hope that the remotes wouldn't use different platforms. I don't know the business model, but it sounds to me like it's some kind of service offering or something. Maybe they have a 2000 site Frame Relay network used to offer a service or something, and they want to switch to something more economical. Instead of paying monthly circuit fees, pay a one-time hardware cost (assuming they don't own the FR routers at the customer end) and use the customer's Internet connection. Why in the world would you want different hardware at each customer site in that situation? Standardize on one hardware platform, and build the cost of that hardware into the business model... If that's the case then the cost of a 3005 can be justified in a small number of months, depending on your FR cost. Certainly you would recoup your cost and start making more money, due to less operating cost, relatively quickly. Now, if this is something else, like a company with 2000 offices throughout the world, then I can see your point and you may end up with different requirements. But, that's not how it sounds so far. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 6:57 AM To: [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] Despite all hw issues, you really need to - describe the business req's first - translate to technical req's (you are talking 2000+ sites) And you will see that you'll need more than one platform for de Remotes. Dependig on your hierarchy concerning - messaging - authentication - client-server - webapps - desktop/register maintenance/management - security man You will need to or may want to build an hierarchical design. Keep in mind that differen platfroms use different (HQ) fail-over or 2nd ip techniques. Martijn -Oorspronkelijk bericht- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: zondag 10 augustus 2003 4:36 Aan: [EMAIL PROTECTED] Onderwerp: VPN Best Hardware to use? [7:73793] I need to setup VPNs to about 2000 sites. Each site will have an IDSL line installed that will be used to connect to monitor network devices and servers. Some of the remote networks will be using the same network block. I am looking to know what the best hardware to use on each end is. On my end, would it be better to use a PIX or a 3030? On the remote end, I was looking at a PIX 501, SOHO 91 or the 831? Thank you Ryan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73882t=73882 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com