RE: home lab equipment [7:75115]

[[EMAIL PROTECTED]]

I stopped buying long ago except isdn pbx, 

basics on routers at home, 

and started renting a few low budget ATM/VOICE etc. labs online.

Martijn 


-Oorspronkelijk bericht-
Van: Dave Williams [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 22:31
Aan: [EMAIL PROTECTED]
Onderwerp: home lab equipment [7:75115]


Group,

 

I'm planning on purchasing my final addition to my RS home lab sometime
this month. I'm having a hard time deciding if I should add another 3550
(I have one already) or if I should pick up a Lightstream 1010 with two
4500s that have an OC3 MM interface. ATM for the 3600s is way too
expensive for me. Any suggestions would be appreciated.

 

(Sorry if this message is a dub) 

 

-dave
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75226t=75115
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cisc SAFE Exam [7:75200]

[[EMAIL PROTECTED]]

Saw some on the group a few weeks ago.

Martijn 

-Oorspronkelijk bericht-
Van: Fred Wittenberg [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 10 september 2003 20:15
Aan: [EMAIL PROTECTED]
Onderwerp: Cisc SAFE Exam [7:75200]


Hello all,

I'm planning on taking the SAFE exam to wrap up my CCSP soon...can anyone
that
has passed/taken this offer what they used as study guides??

TIA,

FW
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75228t=75200
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Upgrading ROMMON on 2948G [7:75179]

[[EMAIL PROTECTED]]

CCO customer? login

http://ftp.cisco.com/cisco/lan/catalyst/4000/cat4000-releasenote.8-1-2.pdf 


2
Release Notes for Catalyst 4500 Series Software Release 8.x
OL-4502-02
ROMMON Requirements
If the Boot ROM (ROMMON) loaded onto your switch is version 4.5(1) or
earlier, you need to upgrade
the ROMMON to at least version 5.4(1) in order to run software release 8.1
or later.
Upgrading the ROMMON
Follow these guidelines to upgrade the ROMMON on your switch:
3
Release Notes for Catalyst 4500 Series Software Release 8.x
OL-4502-02
System Requirements
Caution To avoid actions that might make your system unbootable, read this
entire section before starting the
upgrade.
You can do this procedure entirely over a Telnet connection, but if
something fails, you will need to have
access to the console serial port. If done improperly, the system can become
unbootable. You will then
have to return it to Cisco for repair.
This section describes an upgrade to ROMMON version 6.4(1). The same
procedure applies to other
ROMMON versions, but you will have to substitute appropriate version numbers
in the upgrade image
names.
Step 1 Download the promupgrade program from Cisco.com and place it on a
TFTP server in a directory that
is accessible from the switch to be upgraded.
The promupgrade programs are available at the same location on Cisco.com
where you download
Catalyst 4500 series system images.
To upgrade to ROMMON version 6.1(4), download the
cat4000-promupgrade.6-1-4.bin file.
Step 2 In privileged mode on your switch, use the show version command to
verify the ROMMON version
loaded on the switch.
The ROMMON version number is listed as the System Bootstrap Version. For
example, in the following
output, the system is running ROMMON version 6.1(2):
Console (enable) show version
WS-C4003 Software, Version NmpSW:5.5(8)
Copyright (c) 1995-2001 by Cisco Systems, Inc.
NMP S/W compiled on May 24 2001, 21:12:09
GSP S/W compiled on May 24 2001, 18:39:50
System Bootstrap Version:6.1(2)
Hardware Version:1.0 Model:WS-C4003 Serial #:x
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: BGP Table and SNMP [7:75016]

[[EMAIL PROTECTED]]

Did you read trough the 

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1829/products_feat
ure_guide09186a0080087c60.html
12.0
BGP Received Routes MIB

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1839/products_feat
ure_guide09186a0080110bbc.html
12.2T
BGP 4 MIB Support for per-Peer Received Routes

Martijn

-Oorspronkelijk bericht-
Van: Alejandro Acosta [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 3:50
Aan: [EMAIL PROTECTED]
Onderwerp: BGP Table and SNMP [7:75016]


Hi all,
  I wonder if any of you have succesfully retrieved the BGP table from a
Cisco router using SNMP?. I read a lot of documents and tried a lot of
MIBs/OID without any success. I used the MIB navigation tool at the Cisco
TAC but I did not find something really useful. I only could read the
peerings, uptime of the BGP session and few more thing. By the moment I
think it should be done using snmpwalk, am I right?
  FYI, I do have the full routing table in one of my routers (IOS 12.2.6)

Any help will be appreciated.

Thank

Alejandro Acosta
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75232t=75016
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: route add [7:75024]

[[EMAIL PROTECTED]]

Easy did a zillion times for the sysadmins.

IE settings hack. trough a .reg file in the login script. (per user or group
dep on your directory/kix) 

so do NOT use proxy for this and this anbd this webserver

Martijn 


-Oorspronkelijk bericht-
Van: Steiven Poh [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 6:52
Aan: [EMAIL PROTECTED]
Onderwerp: route add [7:75024]


Dear All,

I have a very stupit quesrtion here. How am i by pass the proxy and route
direct to the router. Pls comment !!

Below is my diagram.

169.168.4.2/16 (my pc) - router (192.168.161.254/16)--Leased
Line 64k--router (192.167.161.254/16)Proxy
(192.167.3.34/16)---Internet router (192.167.3.35/16)


My pc route print :

Active Routes:

  Network Address Netmask  Gateway AddressInterface  Metric
  0.0.0.00.0.0.0  192.167.161.254  192.168.4.2
  1
  0.0.0.00.0.0.0  192.168.161.254  192.168.4.2
  1
  127.0.0.0  255.0.0.0127.0.0.1127.0.0.1  
1
  192.168.0.0  255.255.0.0  192.168.4.2  192.168.4.2  
1
  192.168.4.2  255.255.255.255127.0.0.1127.0.0.1  
1
  192.168.255.255   255.255.255.255  192.168.4.2  192.168.4.2 
 1
  224.0.0.0  224.0.0.0  192.168.4.2  192.168.4.2  
1
  255.255.255.255   255.255.255.255  192.168.4.2  0.0.0.0 
 1



This e-mail has been sent via JARING webmail at http://www.jaring.my
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75234t=75024
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: router CPU utilization on access lists? [7:75002]

[[EMAIL PROTECTED]]

So maybe permit and route to null0 in some cases? Then no unreachables are
generated because there is a route?

Martijn 


-Oorspronkelijk bericht-
Van: Marty Adkins [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 9 september 2003 20:29
Aan: [EMAIL PROTECTED]
Onderwerp: Re: router CPU utilization on access lists? [7:75002]


Priscilla Oppenheimer wrote:

 Yes, that's true indeed that access lists don't cause process switching
 anymore, so wouldn't show up in IP Input.
 
Two exceptions that I failed to mention are logging and the side effect
of a deny.  By default, a deny causes the generation of an ICMP admin.
prohibited unreachable sent to the source of the blcoked packet.  Since
packets cannot be created in interrupt mode, process context is required.
But these are rate limited to two/second by default as self protection.
Plus normal traffic shouldn't result in very many denies.  But you can
inhibit this entirely by configuring no ip unreachables on an interface.

If the matching ACE has the log keyword, then process context is required
to create the log message and perform normal logging.  This too is
rate-limited.

 Thanks for everyone's advice. It sounds like Marty has the right approach.
 Although access lists aren't process switched, they are generally fast
 switched unless the router supports some other feature (like silicon
 switching) or some fancy configuration like CEF or NetFlow?
 
 So, the thing to look for is a high utilization caused by interrupts (the
 number after the slash).
 
 I can't safely turn them off and test, so I think I will try to simulate
the
 network and traffic in a lab to test my theory that they are an issue.
 
 It's a 2621 router with lots of entries in the access lists that are
 applied. I think it's time to offload a lot of the policy represented by
the
 lists to a PIX firewall.
 
You can tune the lists by letting it run for a while and then noting the
match counts (show access-list).  Within each grouping of permit entries,
you
can reorder the statements to reduce the number of entries that must be
compared to reach a match.

If the ACL processing is as efficient as possible but is really impacting
CPU
utilization, then you could enable the turbo ACL feature (access-list
compiled).
Unfortunately, that's still only available on higher-end platforms, from
3700s
on up.

 Here's a good URL on troubleshooting high CPU util, by the way:
 
 http://www.cisco.com/warp/public/63/highcpu.html
 
 Thanks
 
 Priscilla
 
- Marty
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75233t=75002
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Ethernet bogs down help has anyone seen this problem [7:75238]

[[EMAIL PROTECTED]]

I have a customer that has a small office with a Cisco 56K Frame router.
They
are running Nat. Now when I plug in the frame side the ethernet side gets 
constant request for translation then it gets to the point where you can no 
longer even ping the ethernet side. If I remove the RG45 cable from the
frame side.
No problem the request stop and I can ping my ethernet side of the router 
fine with 10ml sec responses all day. The users office is down because he
can not
get out to the web. I've checked for viruses and everything seems fine. Does 
anyone have any ideas? This one is driving me crazy. The ISP says that my 
router is bad, but I doubt it. It started all of a sudden after working fine
for 2
years.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75238t=75238
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Network Benchmarking/Performance Analysis [7:74808]

[[EMAIL PROTECTED]]

Maybe also sniffer (distributed), nice reports, ready for excel or the
beamer (CEO-ready.. ;-))

Martijn 


-Oorspronkelijk bericht-
Van: Lupi, Guy [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 4 september 2003 19:17
Aan: [EMAIL PROTECTED]
Onderwerp: Network Benchmarking/Performance Analysis [7:74808]


I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75248t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NAT and SAP [7:74982]

[[EMAIL PROTECTED]]

Different approach:
Howmany clients? Static Nat on the router the other way around?

Give the server a route pointer to the nat router for the client. 

You even can choose to give the client a global ip to connect to the server
with, like a mail server for example.

Martijn 


-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 18:50
Aan: [EMAIL PROTECTED]
Onderwerp: NAT and SAP [7:74982]


When a SAP client tries to connect to a SAP server through a router with NAT
enabled there is a problem: the SAP server sends an IP embedded on the
payload of the packet, and the NAT router do not translate it.

Any suggestion?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75247t=74982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OSPF demand-circuit does not work [7:74954]

[[EMAIL PROTECTED]]

It will say multicast.

Martijn 

-Oorspronkelijk bericht-
Van: Devrim Yener KUCUK [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 16:38
Aan: [EMAIL PROTECTED]
Onderwerp: Re: OSPF demand-circuit does not work [7:74954]


what do you see when you do sh dialer on the calling router, as a dial
reason?
or debug dialer, debug isdn q931 will be telling you

regards

De
- Original Message -
From: Lesly Verdier 
To: 
Sent: Monday, September 08, 2003 2:25 PM
Subject: OSPF demand-circuit does not work [7:74954]


 Hello All,

 I've configured ip ospf demand-circuit on an ISDN connection and this
 statement is supposed to supress the calls initiated by the Hello Packets.
 Still my router keeps on dialing.

 Does anybody know what the reason might be?

 Thanks,

 Lesly Verdier
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75250t=74954
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NAT and SAP [7:74982]

[[EMAIL PROTECTED]]

Different approach:
Howmany clients? Static Nat on the router the other way around?

Give the server a route pointer to the nat router for the client. 

You even can choose to give the client a global ip to connect to the server
with, like a mail server for example.

Martijn 


-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 18:50
Aan: [EMAIL PROTECTED]
Onderwerp: NAT and SAP [7:74982]


When a SAP client tries to connect to a SAP server through a router with NAT
enabled there is a problem: the SAP server sends an IP embedded on the
payload of the packet, and the NAT router do not translate it.

Any suggestion?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75276t=74982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: EM VoIP Problem [7:74717]

[[EMAIL PROTECTED]]

Sounds like problems initiating on the remote site or the reception of the
session onthis site.

Start debugging on remote site, pls show us the output. 

Show call/pots/dial-

Any number expansion/wildcard issues?

debug call rsvp-sync events 

Martijn 

-Oorspronkelijk bericht-
Van: lost in space [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 3 september 2003 18:03
Aan: [EMAIL PROTECTED]
Onderwerp: EM VoIP Problem [7:74717]


Dear Experts,

I am having this problem with EM VoIP.  We are using an EM PABX operating
with 4 wire and using immediate signalling.  The network are connected via 2
Mbps Leased Line.  I can make voice calls from my site to remote site,
however when i asked someone from the remote site to call the other way
around he get busy tones all the time eventough the extension were actually
not bust at that time.

The strange thing is that the remote site can make voice call to my site
only to 2 extension (300 and 400),  but when they dial another extension ex:
363, or 369 they get busy tones all the time.

the dial-peer configuration on the remote router are like this

dial-peer voice 1 pots
destination-pattern +...
port 1/0/0

dial-peer voice 1 pots
destination-pattern +...
port 1/0/1

dial-peer voice 3 voip
destination-pattern +3..
session target ipv4:172.23.1.34(ip address of router's serial interface at
my site).


dial-peer voice 4 voip
destination-pattern +4..
session target ipv4:172.23.1.34 (ip address of router's serial interface at
my site).

Is it the wiring arrangement problem?
i already set up the wiring arrangement based on a reference i got from CCO.

Is it a timeouts parameter problem?

or Is it the EM PABX problem?

Like always, the PABX technician feel that he has done everything correctly.

I am also confident that i have done the configuration correctly.

Anyone has similar experience?

Any idea would be greaty appreciated.

Thanks in advance.


RD
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75160t=74717
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

delivery error (Thank you! , attachment name [7:75032]

[[EMAIL PROTECTED]]

Your mail seems to contain an attachment type which we don't allow for
security reasons.
If you need to deliver the file, please remove your attachment and email the
person you're trying to reach to arrange for alternative delivery method.
You might also run some anti-virus software on your machine to make sure this
attachment was not generated by a virus/worm.

thanks

Original message header follows:
--
From [EMAIL PROTECTED]  Tue Sep  9 17:11:30 2003
Return-Path: 
Received: from INBRO228 (251.besecure.net.au [203.19.157.251] (may be
forged))
by pop1.sydney.corp.yahoo.com (8.11.6p2/8.11.6/pop-au) with ESMTP id
h897BSR04225
for ; Tue, 9 Sep 2003 17:11:28 +1000 (EST)
Message-Id: 
From: 
To: 
Subject: Thank you!
Date: Tue, 9 Sep 2003 17:21:22 +1000
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=_NextPart_000_485530D4




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75032t=75032
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: CCNP exam changes...... [7:75044]

[[EMAIL PROTECTED]]

I've been working toward my CCNP for sometime. But Cisco have changed the
exams twice recently.
As my CCNA is only valid until Dec 6th this year, does this mean I'll have
to do it all over again ??

Thx
Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75044t=75044
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Aux port and modem connectivity [7:74909]

[[EMAIL PROTECTED]]

line aux 0
 exec-timeout 0 0
 modem InOut

What about 
modem out?

Martijn 


-Oorspronkelijk bericht-
Van: Robert Perez [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 5 september 2003 17:49
Aan: [EMAIL PROTECTED]
Onderwerp: Aux port and modem connectivity [7:74909]


Guys,

If I have a modem connected to the AUx port can can I harden the cisco so
that it can make calls but will never be able to receive any calls?  Here is
kind of my config.. Thx,.

 
interface Async65
 bandwidth 28
 ip address 192.168.116.64 255.255.255.0
 encapsulation ppp
 dialer in-band
 dialer idle-timeout 300
 dialer wait-for-carrier-time 15
 dialer map ip 172.20.241.1 
 dialer hold-queue 25
 dialer-group 1
 async default routing
 async mode interactive
 pulse-time 3
 no cdp enable
 ppp authentication chap

access-list 101 deny   udp any any
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101

line aux 0
 exec-timeout 0 0
 modem InOut
 modem autoconfigure discovery
 transport input all
 stopbits 1
 speed 115200
 flowcontrol hardware


***
| Bob Perez   |
| Intercept Payment Solutions |
| [EMAIL PROTECTED]  |
| 100 West Commons BLVD   |
| New Castle, DE  19720   |
| Phone: 302.326.0700 |
| Cell:  302.420.6883 |
| www.intercept.net   |
| |
---
| |
||   ||
|   :|: :|:   |
|  :|||:   :|||:  |
|  ..:|||:...:|||:..  |
| ___ |
|  C i s c o  S y s t e m s   |
|   CCNA  CCNP  MCSE   NET+   |
| |
***

Confidentiality Notice: This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75059t=74909
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

failure notice [7:75084]

[[EMAIL PROTECTED]]

Hi. This is the qmail-send program at mx4.jmail.co.jp.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

:
Sorry, no mailbox here by that name. (#5.1.1)

--- Below this line is a copy of the message.

Return-Path: 
Received: (qmail 25300 invoked from network); 9 Sep 2003 16:00:38 -
Received: from 12-249-103-63.client.attbi.com (HELO RENAMEME) (12.249.103.63)
  by mx4.jmail.co.jp with SMTP; 9 Sep 2003 16:00:38 -
From: 
To: 
Subject: Thank you!
Date: Tue, 9 Sep 2003 11:02:50 --0500
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=_NextPart_000_48F43304
X-Spam-Rating: mx4.jmail.co.jp 1.6.2 0/1000/N

This is a multipart message in MIME format

--_NextPart_000_48F43304
Content-Type: text/plain;
charset=iso-8859-1
Content-Transfer-Encoding: 7bit

Please see the attached file for details.
--_NextPart_000_48F43304--




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75084t=75084
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX PDM [7:74758]

[[EMAIL PROTECTED]]

Basic config PDM OK
Exotic  CLI

HIGH security? No pdm no ssh no telnet no snmp 

large shop maybe from a private management segment snmp
small shop  inside intf PDM management/monitoring + extra access-list

Always include radius/tacacs+ in the process for auth

Always work from policies.

Martijn 


-Oorspronkelijk bericht-
Van: Gary Leong [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 4 september 2003 4:09
Aan: [EMAIL PROTECTED]
Onderwerp: PIX PDM [7:74758]


Our security group is recommending not to use PDM to
configure our Pix firewalls.  They did not give any
reason for their recommendation.  Does anyone know why
PDM should not be used?

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74941t=74758
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: EtherChannel On Cat6500 [7:74944]

[[EMAIL PROTECTED]]

Nope.

Pagp per card, as far as i know. rethink the port layout.
Why not layer 3 resilience, different chassis?

Martijn 


-Oorspronkelijk bericht-
Van: Devraj, Prem [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 10:19
Aan: [EMAIL PROTECTED]
Onderwerp: EtherChannel On Cat6500 [7:74944]


Hi All,

Can I configure Ether channel on Ports on  2 different Modules? 
Eg: 3/1 and 4/1 can be configured as Ether channel?
I want to have resilience on my MAN links using 2 different modules.

Or if someone has any better ideas for resilience, I would appreciate.

Thanks
prem


***
Dresdner Kleinwort Wasserstein is the marketing name used 
globally to represent the investment banking activities of 
Dresdner Bank Group. In Japan, Dresdner Kleinwort Wasserstein 
is represented by Dresdner Kleinwort Wasserstein (Japan) Limited,
Tokyo Branch or Dresdner Bank AG, Tokyo Branch..
If you have received this e-mail in error or wish to read our e-mail
disclaimer statement and monitoring policy, please refer to 
http://www.drkw.com/disc/email/ or contact the sender.
***
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74947t=74944
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: EtherChannel On Cat6500 [7:74944]

[[EMAIL PROTECTED]]

Sorry, more of a 2950 kind a guy. Question is, do you want to do that?

Martijn 

-Oorspronkelijk bericht-
Van: Georgescu, Aurelian [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 14:37
Aan: Jansen, M; [EMAIL PROTECTED]
Onderwerp: RE: EtherChannel On Cat6500 [7:74944]


On the 6500 you can do EtherChannel between any (four max.?) ports within
the chassis all having the same speed.

Aurelian Georgescu
 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 08, 2003 6:26 AM
To: [EMAIL PROTECTED]
Subject: RE: EtherChannel On Cat6500 [7:74944]

Nope.

Pagp per card, as far as i know. rethink the port layout.
Why not layer 3 resilience, different chassis?

Martijn 


-Oorspronkelijk bericht-
Van: Devraj, Prem [mailto:[EMAIL PROTECTED]
Verzonden: maandag 8 september 2003 10:19
Aan: [EMAIL PROTECTED]
Onderwerp: EtherChannel On Cat6500 [7:74944]


Hi All,

Can I configure Ether channel on Ports on  2 different Modules? 
Eg: 3/1 and 4/1 can be configured as Ether channel?
I want to have resilience on my MAN links using 2 different modules.

Or if someone has any better ideas for resilience, I would appreciate.

Thanks
prem


***
Dresdner Kleinwort Wasserstein is the marketing name used 
globally to represent the investment banking activities of 
Dresdner Bank Group. In Japan, Dresdner Kleinwort Wasserstein 
is represented by Dresdner Kleinwort Wasserstein (Japan) Limited,
Tokyo Branch or Dresdner Bank AG, Tokyo Branch..
If you have received this e-mail in error or wish to read our e-mail
disclaimer statement and monitoring policy, please refer to 
http://www.drkw.com/disc/email/ or contact the sender.
***
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74959t=74944
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Cisco ICS 7750 experiences [7:75005]

[[EMAIL PROTECTED]]

Keep it simple:

ONE SITE - ONE Partition, ONE GW, ONE Call Search Space, Etc..

Test with a group of 4 -5 phones with a single POTS line and make sure all
of your services (voicemail, transfer, 7 - digit calls, long distance,)
works and use the same template for all your IP phones using the
Auto-Register feature.  Email me off the list and I'll fix you up with some
simple single-site guidelines.

Rob H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75005t=75005
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: IP expert's RS workbook [7:74849]

[[EMAIL PROTECTED]]

Nope.

Martijn 


-Oorspronkelijk bericht-
Van: Raj Singh [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 5 september 2003 4:19
Aan: [EMAIL PROTECTED]
Onderwerp: IP expert's RS workbook [7:74849]


Anyone willing to share there IP experts RS workbook or pitch in to get it
together?

Raj
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74869t=74849
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: SNMP on a Dialer interface [7:74722]

[[EMAIL PROTECTED]]

Maybe dumb, but what about the fixed layer 3 int?

Martijn 


-Oorspronkelijk bericht-
Van: Hanna, Keith [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 3 september 2003 18:53
Aan: [EMAIL PROTECTED]
Onderwerp: SNMP on a Dialer interface [7:74722]


Hi,

I'm running MRTG to provide bandwidth usage info on various routers/switches
etc, and it working well except it doesn't provide information on 'dialer'
interfaces.

We have one router with numerous dialer ints for ISDN and another providing
modem dialup - is there anyway to monitor these connections for bandwidth?

Virtual-Access ports are created and monitored, but it's not obvious which
virtual int ties up with which dialer (and as virtual's come  go, they will
change)

Any suggestions?

Thanks
Keith
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74882t=74722
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

the 642 exams and CCNA re-cert [7:74892]

[[EMAIL PROTECTED]]

From what I have read, any exam with a 642 prefix renews your CCNA.Can
anyone validate that?
Regards,
Ajay Chenampara




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74892t=74892
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

506 Flash Damaged [7:74895]

[[EMAIL PROTECTED]]

Hi, I have a 506 with damaged flash. Is there any way I can boot from TFTP,
or any other solution ??? I have looked at Cisco site and my books but
cannot find a solution. Otherwise I guess its fit for the bin, unless I can
get someone to replace the Flash chip.
 
Kind regards
 
Paul.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74895t=74895
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 640-604 Passing Score? [7:74698]

[[EMAIL PROTECTED]]

My certificate says the passing score was 776 and I sneaked in with 815. How
Cisco come up with the numbers is a subject all of its own.

Cheers,
Steve Wilson CCNP CCDA
Network Engineer

-Original Message-
From: Caxton The [mailto:[EMAIL PROTECTED] 
Sent: 03 September 2003 03:18
To: [EMAIL PROTECTED]
Subject: 640-604 Passing Score? [7:74698]

Does anybody know the passing score for the 640-604 switching exam?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74768t=74698
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco ATM module [7:74707]

[[EMAIL PROTECTED]]

Hi,

Were interested in buying some used Cisco equipment.

Specifically we are interested in ATM modules for the Cisco 4500/4700 router.
Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules.

Please let us know if you have anything available.

Thanks

[EMAIL PROTECTED]


Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat
60 Minuten.
http://internet.sunrise.ch/de/wireline/wir_plus.asp
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74772t=74707
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco ATM module [7:74707]

[[EMAIL PROTECTED]]

Hi,

Were interested in buying some used Cisco equipment.

Specifically we are interested in ATM modules for the Cisco 4500/4700 router.
Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules.

Please let us know if you have anything available.

Thanks

[EMAIL PROTECTED]


Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat
60 Minuten.
http://internet.sunrise.ch/de/wireline/wir_plus.asp
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74773t=74707
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

OT: Cable Lengths [7:74776]

[[EMAIL PROTECTED]]

I have a question regarding the max length for a 100BaseT cable. Granted I
haven't done a wealth of research on this so feel free to point me to
google if the answer is mind numbingly simple, which it probably is

I have always understood the 100M limitation on 10BaseT ethernet cable to
be attributable to the time it would take a collision signal - assuming you
are running at half duplex - to be returned in time to prevent the next
packet from being sent. In other words any longer than 100M and the sending
station would not get the message in time that there had been a collision
and thus continue sending packets instead of backing off. I have heard
attenuation mentioned, but not as the real reason for the distance limit.

My question is given that many stations are running 100 full duplex these
days - thus removing the collision concerns - does this effectively change
the maximum distance for cable runs? Or is attenuation truly a factor in
anything over 100M?

In general I am referring to standard Cat5 cabling

Just curious...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74776t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NM-1CT1 or WIC-1DSU-T1 [7:74741]

[[EMAIL PROTECTED]]

Along similar lines - can you directly interconnect two WIC-1DSU-T1
interfaces via serial cable?


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
neal rauhauser
Sent: Wednesday, September 03, 2003 6:55 PM
To: [EMAIL PROTECTED]
Subject: Re: NM-1CT1 or WIC-1DSU-T1 [7:74741]

The WIC-1DSU-T1 is a service module - it always appear as serial0/0 or
whatever, and if you do anything with timeslots you are just adjusting
the number used for this one serial interface.

  The NM-1CT1 is a channelized T1 interface. You must configure one or
more channels in a channel group, then they get assigned to a virtual
serial interface.

  In the bad old days before frame relay people used to get 56k leased
lines for remote offices and aggregate them all by having a channelized
T1 delivered with each DS0 being a separate circuit to a remote.

  One additional use for the channelized interfaces that I am aware of
is attachment to digital modem modules like the NM-xxDM. There may be
others, but that is the one that comes to mind first.


  If you don't know why you might want an NM-1CT1, you need a
WIC-1DSU-T1 :-)



neil K wrote:
 
 Can somebody explain when I can use WIC-1DSU-T1 over NM-1CT1 or what
exactly
 are the difference except that WIC-1DSU-T1 has a built-in DSU/CSU
where as
 NM-1CT1 is a T1 Module.
 
 Thanks in advance.
 
 neil
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own - Widespread Panic
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74756t=74741
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Wicked screensaver [7:74792]

[[EMAIL PROTECTED]]

Please see the attached file for details.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74792t=74792
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 3640 Router [7:74783]

[[EMAIL PROTECTED]]

The 3640 can in theory but cannot really support a DS3 circuit at full
speed..hence the 3745s will quickly take over the market for 3640s..

-Original Message-
From: Cappuccio Victor [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 8:46 AM
To: [EMAIL PROTECTED]
Subject: 3640 Router [7:74783]


Hello people

I what to know if a Cisco 3640 Router can support a E3 connection ??

Regards
Victor.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74790t=74783
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Calls made by DNS [7:74785]

[[EMAIL PROTECTED]]

The simplest method is to buy a plug in timer switch from radio shack and
connect the router through this to the power socket on the wall. Otherwise
you could use a time-based access control list to assist in defining the
interesting traffic that causes the ISDN calls to be made. Check out the
Cisco.com web page for the commands and the IOS revision needed.

Cheers,
Steve Wilson CCNP CCDA
Network Engineer

-Original Message-
From: Wayne Brewster [mailto:[EMAIL PROTECTED] 
Sent: 04 September 2003 14:56
To: [EMAIL PROTECTED]
Subject: Calls made by DNS [7:74785]

Hello group,

I have an 802 ISDN router connected to the internet. The firewall is a
PIX506. I want to stop DNS queries from the Win200 Servers from bring up
the channels after work hours or any other technique that will eliminate
DNS calls but still maintain the proper functionality of the network. I
am trying to reduce the cost of the ISDN monthly billing. Please give me
your input.

Wayne
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74798t=74785
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 640-604 Passing Score? [7:74698]

[[EMAIL PROTECTED]]

My certificate says the passing score was 776 and I sneaked in with 815. How
Cisco come up with the numbers is a subject all of its own.

Cheers,
Steve Wilson CCNP CCDA
Network Engineer

-Original Message-
From: Caxton The [mailto:[EMAIL PROTECTED] 
Sent: 03 September 2003 03:18
To: [EMAIL PROTECTED]
Subject: 640-604 Passing Score? [7:74698]

Does anybody know the passing score for the 640-604 switching exam?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74706t=74698
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco ATM module [7:74707]

[[EMAIL PROTECTED]]

Hi,

Were interested in buying some used Cisco equipment.

Specifically we are interested in ATM modules for the Cisco 4500/4700 router.
Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules.

Please let us know if you have anything available.

Thanks

[EMAIL PROTECTED]


Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat
60 Minuten.
http://internet.sunrise.ch/de/wireline/wir_plus.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74707t=74707
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: SOS:Load Balance with CSS 11500 [7:74538]

[[EMAIL PROTECTED]]

Larisa,
As all the requests are coming from the Webserver each brand new
connection may not really be brand new. Usually the cookie expires when
the client browser is closed. and a new cookie is sent when the new request
is made. This new cookie, however is generated from the expired one. This
may cause your request to get stuck to the old service.
try using arrowpoint-cookie expire-services in the content rule.
Also ttry reducing the cookie Expiration time.
HTH,
plz let me know if you got other solutions as well.
Regards,
Ajay Chenampara



   

 
Larisa

cc:
  Sent by: Subject:  SOS:Load Balance
with CSS 11500 [7:74538]
 
[EMAIL PROTECTED]
 
.com
   

   

  08/29/2003
09:05
 
PM
  Please respond
to
 
Larisa
   

   






Hi,
I am sorry for such long E-mail, but I have to figure out this for work and
don't know anyone to ask.  While searching Internet found this forum.

I am a CCNA and have been working with routers and switches for over 4
years, but recently at work was introduced to Cisco load Balancing switch
11500.

This is a situation where I don't really have time to learn ..just need to
do it.

I hope, someone in this list can help me to figure this out.


Here is the scenario:

Client sends  a request to the web server ( public url) , web server has
two
other  servers ( with the application running) that he sends the requests
to.

The task is to make the CSS balance load these two app. server , but when
the request comes to one server make it stay there until the session is
over.

The Cisco consultant was hired previously to help  with the configuration.
He configured web service and the apps service.
Two application servers that need to be load balanced are parts of the apps
service.

He used arrow-point advanced load method.. here is how it specified in the
content rule for the apps service.

Ex:
Owner Boston
 Content APPS
  VIP address x.x.x.xfor the apps servers belongs to
web
server's subnet.
   Protocol TCP
   Port 80
   URL /*
   Advanced-balance arrowpoint-cookies
   Active

The initial request comes from client to the web server and web server
passes the request to CSS ( that how this Internet application works).  CSS
needs to load balance request between two application servers to process
the
request.

The persistent part works o'k.  When the request comes from the web server
to CSS it returns the Arrowpoint cookie to one of the application servers
and stays there until the session is over.  No problem,,  should be that
way...

The problem is that the next brand new request comes to the same server,
and
then next new request again to the same server...

Then randomly, next time it can go to the other server and all the new
connections again to that server...  So it's not really load balancing
between two servers

What needs to be added?I wasn't present when this consultant was doing
final testing and I was told that it worked.

Now, it doesn't.  Show configs are the same with what he put in...  What
can
I check ? Why it's not doing balancing ...

At first I thought that it should come from different clients, but it
really
doesn't matter as all requests come to web server first and them should go
to different app servers from the same web server.  So during this testing
,
I was initiating requests from the web server itself.


I really need help...   I need to present a solution after labor day
weekend...

Thank you in advance if anyone can help.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74711t=74538
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 2620XM vs. 1721 Routers [7:74727]

[[EMAIL PROTECTED]]

Hi John,

You will definitely lose certain IOS functionality with the 1721.  Newer
code has more features and needs more memory.  The 2620XM that you speak
of has support for 128MB ram and 48MB flash while the 1721 is much much
lower.  Also note that as you start getting into 12.2 and 12.3 advanced
features your memory requirements go to 96MB and even 128MB for DRAM.
Depends on your needs for the various features.  Your best bet is to
decide what features you need (routing protocols and then other
features).  Then go to cisco.com/go/fn and find a router that supports
those features.  While there are many features you may not get with the
1721 - you also may not need them so why spend the extra money on the
2620XM for a simple serial connection.

Just my .02

Ian

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
John Neiberger
Sent: Wednesday, September 03, 2003 3:14 PM
To: [EMAIL PROTECTED]
Subject: Re: 2620XM vs. 1721 Routers [7:74727]

 John Neiberger 9/3/03 1:09:32 PM 
I'm not very familiar with the 1721 routers and while I'm researching
them
I
wanted to get some opinions. Isn't the 1721 really just a baby 2600
with a
slighly smaller processor and no network module slot? Are there any
other
significant differences between them?

We've been using 2600, and later the 2620XM, but we've recently got rid
of
the need for a network module, leaving us with a current need of one
WIC.
It
seems like a waste of money to buy a 2620XM if we're only going to pop
a
WIC-2T into it.  :-)

I'm sure there's a performance hit, but it's not like I'm trying to
drive
a
DS-3 with this thing. I'll need a T-1 connection, a low-speed serial
connection, and fast ethernet. Nothing too fancy. 

Any thoughts?

Thanks,
John

Once again, I'm replying to my own message. After further review,
according
to the Cisco Software Advisor the 1721 is fairly handicapped compared to
the
2600XM platform. I don't know that I'm willing to lose that much
potential
functionality. Heck, according to Software Advisor the 1721 doesn't
support
ISL or 802.1Q vlans! In my book that makes it a non-starter.

John
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74749t=74727
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Autoreply to Re: That movie [7:74628]

[[EMAIL PROTECTED]]

  This is an automated response to your mail
  
   CD Freaks Forum Helpdesk - [EMAIL PROTECTED]  

  http://club.cdfreaks.com



Dear visitor,

Thank you for contacting us. Due to the amount of 
questions we cannot answer all your questions
personally. This automated response however contains
important information that should help you answering
your questions. Please read it carefully!

We receive many questions about registration issues. 
See below for possible problems and solutions.

1) Before you post you will need to activate your 
account. Your account can only be activated by
clicking on a link that you will receive by e-mail

If you didn't enter a valid e-mail address during
the registration process, then please try again 
using a valid e-mail address and a different nickname. 
You can change your nickname if needed by sending a private 
message (PM) to a CD Freaks administrator/moderator, 
they'll be happy to assist you.

If you haven't received the email you can have
it resend it to you. If still doesn't work then check your 
spam filters or hotmail bulkmail inbox

2) Make sure you accept cookies from our site (*.cdfreaks.com). 
If you are accepting them, are registered and still are unable 
to post, then  please delete your cookies (if you don't know
how to do this, please use a search engine to learn more).

3) If you have lost your password you can use
this form:

http://club.cdfreaks.com/member.php?s=action=lostpw

By using this forum your password will be reset to a new one, 
and mailed to you. We can not retrieve your password, as they 
are stored encrypted.

4) If you have a question regarding software
hardware you have used the wrong e-mail address
CD Freaks provides no technical support by e-mail.

Instead use our search: 

http://club.cdfreaks.com/search.php

With this tool you should find answer to your
question. If not, then register and post your
question in the appropiate forum and other members
will help you.

5) Questions regarding our shop should be send using
the form on the following internet address:

http://shop.cdfreaks.com/mailform.php

6) If you still have problems then please contact
our second line support at [EMAIL PROTECTED]
Please include your entire question and any previous
communications, but make sure you have read this 
entire e-mail before contacting us. 

Be sure to read the rules before you post and contact
any of our administrators/moderators by PM (private
message) in case of any problems when you are 
registered!

Thanks for your intrest in our site and we hope you
will have a pleasant stay!

Kind regards,

Jan-Willem de Bruin
CD Freaks.com Management


---This is an automated response to your mail---





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74628t=74628
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

NM-8AM synch. support [7:74648]

[[EMAIL PROTECTED]]

Hi,
Does NM-8AM or WIC-1AM modules support sync. Connection?
Thanks
regards




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74648t=74648
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Cisco ICS 7750 experiences [7:74578]

[[EMAIL PROTECTED]]

Hi, Hugo
I am prepare the same project, would you pls give me a suggestion?
thnaks!
Stone
- Original Message - 
From: 
To: ; 
Cc: 
Sent: Friday, August 29, 2003 12:01 PM
Subject: Re: Cisco ICS 7750 experiences


 I just deployed one for a single site manufacturing new construction.  150
IP
 phones 7940s / 7960s, IPCC, Unity Unified, etc.  It took me about two days
to
 get all of the builds completed because of the patches you have to add,
but I
 got it configured pretty quick and, once it was up and I was making calls 
 across my PSTN, the only issues I had were a little echo.  Other than
that, it is
 a good system.  VERY SCALABLE, yet compact.  I like it.
 
 Rob Hugo
 Senior Network Engineer
 STL Technology Partners
 
 
 ___
 You are subscribed to the GroupStudy.com CCIE RS Discussion Group.
 
 Subscription information may be found at: 
 http://www.groupstudy.com/list/CCIELab.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74578t=74578
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

failure notice [7:74614]

[[EMAIL PROTECTED]]

Hi. This is the qmail-send program at casper.sri.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

:
130.107.1.30 does not like recipient.
Remote host said: 550 5.1.1 ... User unknown
Giving up on 130.107.1.30.

--- Below this line is a copy of the message.

Return-Path: 
Received: (qmail 26216 invoked from network); 1 Sep 2003 19:37:06 -
Received: from localhost (HELO casper.SRI.COM) (127.0.0.1)
  by casper.sri.com with SMTP; 1 Sep 2003 19:37:06 -
Received: (from ALI-PC-1 [213.84.176.225])
 by casper.SRI.COM (SAVSMTP 3.1.0.29) with SMTP id M2003090112363730932
 for ; Mon, 01 Sep 2003 12:36:41 -0700
From: 
To: 
Subject: Re: Approved
Date: Mon, 1 Sep 2003 21:36:36 +0200
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=_NextPart_000_005E25B0

This is a multipart message in MIME format

--_NextPart_000_005E25B0
Content-Type: text/plain;
charset=iso-8859-1
Content-Transfer-Encoding: 7bit

See the attached file for details
--_NextPart_000_005E25B0
Content-Type: text/plain;
name=DELETED0.TXT
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename=DELETED0.TXT

RmlsZSBhdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcgpBIGZpbGUgYXR0YWNoZWQgdG8gdGhp
cyBlbWFpbCB3YXMgcmVtb3ZlZA0KYmVjYXVzZSBpdCB3YXMgaW5mZWN0ZWQgd2l0aCBhIHZp
cnVzLg0KDQpSZXN1bHQ6IFZpcnVzIERldGVjdGVkDQpWaXJ1cyBOYW1lOiBXMzIuU29iaWcu
RkBtbQ0KRmlsZSBBdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcg0KQXR0YWNobWVudCBTdGF0
dXM6IGRlbGV0ZWQNCg==
--_NextPart_000_005E25B0--




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74614t=74614
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Catalyst 6500 Architecture [7:74460]

[\\[EMAIL PROTECTED]\]

The SFM is a piece of junk...and not as useful as you might seem...

The new Supervisor 720 has the SFM built-in...which greatly enhances its
use..



-Original Message-
From: neil K [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 29, 2003 5:31 AM
To: [EMAIL PROTECTED]
Subject: Catalyst 6500 Architecture [7:74460]


Folks,

The Catalyst 6500 uses a Shared bus Architecture and to increase the
Backplane capacity you have to have Switch fabric module (SFM) with
fabric Enabled modules to make it work. Is there a vendor which has a
better architecture or a better solution.

Thanks,

neil K.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.


**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74534t=74460
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

802.3x switch traffic disruption [7:74455]

[[EMAIL PROTECTED]]

I need some expert option on the following matter:

I have  a Netgear Fast Ethernet Switch FS608 (which does 802.3x Flow
control) connected to a DLink 5 port switch (no flow control)

Twice this week, the FS608 locked itself causing ALL traffic in the company
to be disrupted. The problem was solved by power cycling the switch.

All the clients on the FS608 have 3Com network cards that support flow
control.

Here are my questions:

1) Are there some caviat in running 802.3x  I am not aware of? I did
extensive research before implementing this and did not find any issues with
the implementation of the technology?

2) Is there an issue of running 802.3x on one switch and not on the other?

3) I could turn off the 802.3x feature on all the workstations but I can't
turn it off on the FS608. This is NOT a managed switch. Any suggestion on
how to troubleshoot this problem?

Thank you,

Pierre-Alex




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74455t=74455
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Cisco ICS 7750 experiences [7:74481]

[[EMAIL PROTECTED]]

I just deployed one for a single site manufacturing new construction.  150
IP
phones 7940s / 7960s, IPCC, Unity Unified, etc.  It took me about two days
to
get all of the builds completed because of the patches you have to add, but
I
got it configured pretty quick and, once it was up and I was making calls 
across my PSTN, the only issues I had were a little echo.  Other than that,
it is
a good system.  VERY SCALABLE, yet compact.  I like it.

Rob Hugo
Senior Network Engineer
STL Technology Partners




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74481t=74481
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Re: Thank you! [7:74488]

[[EMAIL PROTECTED]]

Dear [EMAIL PROTECTED]

The email that you sent to [EMAIL PROTECTED]
 did not reach the intended receipient due to existance of virus. Kindly
have your computer check for virus.

Best Regards,

Mail Administrator
Datacraft Asia Ltd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74488t=74488
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Re: Your application [7:74449]

[[EMAIL PROTECTED]]

Dear [EMAIL PROTECTED]

The email that you sent to [EMAIL PROTECTED]
 did not reach the intended receipient due to existance of virus. Kindly
have your computer check for virus.

Best Regards,

Mail Administrator
Datacraft Asia Ltd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74449t=74449
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Flash [7:74491]

[[EMAIL PROTECTED]]

I tried some nasty things from rommon trough the console a few times, 

So booting to rommon and whiping the whole thing from there would help you
further, then tftp upgrade/reload the image you want.

Martijn 


-Oorspronkelijk bericht-
Van: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 29 augustus 2003 12:29
Aan: [EMAIL PROTECTED]
Onderwerp: Flash [7:74491]


We want to set up lab with 2500s but the flash size is 8M and 4M read-only
and we want to load 12.2 IOS.Does anyone have an idea on how we should go
about it ?
Rgds,
Akpome
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74496t=74491
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Catalyst 6500 Architecture [7:74460]

[[EMAIL PROTECTED]]

The SFM is a piece of junk...and not as useful as you might seem...

The new Supervisor 720 has the SFM built-in...which greatly enhances its
use..



-Original Message-
From: neil K [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 29, 2003 5:31 AM
To: [EMAIL PROTECTED]
Subject: Catalyst 6500 Architecture [7:74460]


Folks,

The Catalyst 6500 uses a Shared bus Architecture and to increase the
Backplane capacity you have to have Switch fabric module (SFM) with
fabric Enabled modules to make it work. Is there a vendor which has a
better architecture or a better solution.

Thanks,

neil K.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74499t=74460
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: TCP/UDP port for CHAP [7:74480]

[[EMAIL PROTECTED]]

In your example,

VPDN is built over Ethernet, and there must be some kind of dialer where you
want your access-list on.

That imposes e1 ATM0 can be without access-list, the untrusted traffic, is
coming in encapsulated in PPP over E.

So within the PPP session there will be IP (dialer, say dhcp neg IP) and
that is where you want to put an incoming access-list on.

Martijn 

-Oorspronkelijk bericht-
Van: Thomas N [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 29 augustus 2003 11:31
Aan: [EMAIL PROTECTED]
Onderwerp: TCP/UDP port for CHAP [7:74480]


I got SOHO sites with PPPoE connection to the Internet.  They use CHAP for
authentication.  I would like to setup an ACL to filter out traffic on the
outside interface.  I am wondering what TCP/UDP port CHAP protocol use?
Thanks!

Thomas
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74505t=74480
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: 802.3x switch traffic disruption [7:74455]

[[EMAIL PROTECTED]]

No, I don't think I have a design issue: the network has 7 clients and 1
server so the architecture is very simple. My client was complaining of slow
speed when opening files. My approach was to optimize at every layer
possible. Choosing 802.3x feature was just one thing among others I did to
speed up file access.

1) I moved them from a bus architecture, to a switched architecture,
replacing all the coax cabling with twisted pair.
2) When I replaced the NICs I went for NIC that could do flow control and
chose a brand name switch that supported the same feature. (Yes I should
have chosen Cisco for the Switch, but how do you convince you client to pay
more for something that appears to do the same thing?).
3) I replaced the OS on the clients  (Windows Millennium) with Windows XP
professional. Optimized the page file (and removed it from the system/boot
partition). Disabled unnecessary services.
4) On the server side, I used SCSI hard disks and the fastest SCSI
controller I could find on the market. Optimized the server to death.
5) I did not mess-up with modifying TCP Window parameters because I thought
that was not necessary.

The speed increase is visible, but with the network freezing up twice this
week, all my work has taken a serious credibility hit. I have replaced their
Switch with one of my personal Cisco switches  after the second incident. My
plan is to leave the switch ( a Cisco 2924XL) there for a week or two so I
can monitor network activity and gather statistics . Then  I don't know...
The switch belongs to my CCIE rack so I will either have to sell it to them
or buy them another inexpensive switch.  :)





- Original Message -
From: annlee 
To: 
Sent: Friday, August 29, 2003 7:24 PM
Subject: Re: 802.3x switch traffic disruption [7:74455]


 Netgear does have its problems...
 http://www.dslreports.com/shownews/31774?mode=flat

 That said, all the inexpensive devices have problems of one sort or
 another. I think it's a case of getting what you paid for / caveat
 emptor. For small networks clients, I always try to get them to buy
 one step higher quality than they wanted to pay for (since if they
 understood the ramifications, they wouldn't need me). It rarely works
 though ... which does tend to lead to repeat business...

 Annlee

 Priscilla Oppenheimer wrote:

  It sounds like the Netgear Layer 2 802.3 flow control is buggy. It
sounds
  like you can't turn it off, though, because it's not a managed switch.
  Should have bought Cisco!? :-)
 
  You can turn it off on the workstations, though, and I would somewhat
  hesitantly recomment that. You might risk other problems by disabling
it.
  Flow control should be negotiated with autonegotiation, but we know how
 well
  that works for duplex mode. Nontheless, if it were me, I think I would
turn
  it off on the workstations carefully, as a test to start with.
 
  I'd be interested in other people's opinions, but I think flow control
at
  the data-link-layer is risky and unnecessary anyway.
 
  No offence to Netgear (really!) but I'm not sure I would trust them to
do
 it
  right, especially on a low-end switch. So, let's say a switch port has
been
  flow controlled and told not to send any packets for a while. What does
it
  do with the packets? How much buffering can it support? Does it have
  features to avoid head-of-the-line blocking? Will the flow control on
that
  interface cause problems for other interfaces?
 
  TCP already does end-to-end flow control. Of course, not every
application
  uses TCP, but a lot do. I think that's a better way to handle it.
 
  And one final comment, if you really need to be flow controlling
traffic,
  perhaps you should just upgrade the bandwidth? Ethernet flow control
sounds
  like a bandaid over a design problem to me
 
  What do others think? Do you use 802.3x flow control? Thanks.
 
  Priscilla
 
 
 
  [EMAIL PROTECTED] wrote:
 
 I need some expert option on the following matter:
 
 I have  a Netgear Fast Ethernet Switch FS608 (which does 802.3x
 Flow
 control) connected to a DLink 5 port switch (no flow control)
 
 Twice this week, the FS608 locked itself causing ALL traffic in
 the company
 to be disrupted. The problem was solved by power cycling the
 switch.
 
 All the clients on the FS608 have 3Com network cards that
 support flow
 control.
 
 Here are my questions:
 
 1) Are there some caviat in running 802.3x  I am not aware of?
 I did
 extensive research before implementing this and did not find
 any issues with
 the implementation of the technology?
 
 2) Is there an issue of running 802.3x on one switch and not on
 the other?
 
 3) I could turn off the 802.3x feature on all the workstations
 but I can't
 turn it off on the FS608. This is NOT a managed switch. Any
 suggestion on
 how to troubleshoot this problem?
 
 Thank you,
 
 Pierre-Alex
  **Please support GroupStudy by purchasing from the GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info

Re: 802.3x switch traffic disruption [7:74455]

[[EMAIL PROTECTED]]

Thank you Annlee, this is enlightening.

My users mainly use word/excel documents along with a small access database.

I know that sounds awful but what performance gain I will loose by using a
cheap switch that does not do flow control?

If I where able to convince my client and we used a Cisco switch, how could
I verify that the 3COM cards are compatible with the Cisco gears?

Would you use a sniffer and analyze the traffic or is there a simpler way?

Thanks,

Pierre-Alex


- Original Message -
From: Annlee 
To: 
Cc: 
Sent: Friday, August 29, 2003 10:09 PM
Subject: Re: 802.3x switch traffic disruption [7:74455]


 A Google search on 802.3x yields a lot of discussion of flow control
 issues people seem to have -- linux as well as windows clients.  One
 item I found at the IEEE's web page was this:
 http://grouper.ieee.org/groups/802/3/efm/public/email/msg02446.html

 /quote
 In working with Ethernet for over 20 years, the one functionality that is
 most severely vendor dependant is 802.3x Flow Control.  Perhaps it is
 partly the politics of the 802.3WG.  Perhaps the politics of IETF pushing
 their flow and rate adaptation to the exclusion of other layer or
 types is
 partly to blame.  In some cases it marketing decisions on the part of
 vendors that cause them to improperly implement 802.3x in their
 interfaces
 and systems.  For those vendors that are purely Ethernet and expect
 themselves to do things right, 802.3x Flow Control works to a level and
 quality that is at first surprising to their customers.  If you want more
 information about my experiences with vendors and their
 implementations of
 802.3x, continue to read.

 ...and it goes on, at some length.

 FWIW

 Annlee

 [EMAIL PROTECTED] wrote:
  No, I don't think I have a design issue: the network has 7 clients and 1
  server so the architecture is very simple. My client was complaining of
slow
  speed when opening files. My approach was to optimize at every layer
  possible. Choosing 802.3x feature was just one thing among others I did
to
  speed up file access.
 
  1) I moved them from a bus architecture, to a switched architecture,
  replacing all the coax cabling with twisted pair.
  2) When I replaced the NICs I went for NIC that could do flow control
and
  chose a brand name switch that supported the same feature. (Yes I
should
  have chosen Cisco for the Switch, but how do you convince you client to
pay
  more for something that appears to do the same thing?).
  3) I replaced the OS on the clients  (Windows Millennium) with Windows
XP
  professional. Optimized the page file (and removed it from the
system/boot
  partition). Disabled unnecessary services.
  4) On the server side, I used SCSI hard disks and the fastest SCSI
  controller I could find on the market. Optimized the server to death.
  5) I did not mess-up with modifying TCP Window parameters because I
thought
  that was not necessary.
 
  The speed increase is visible, but with the network freezing up twice
this
  week, all my work has taken a serious credibility hit. I have replaced
their
  Switch with one of my personal Cisco switches  after the second
incident. My
  plan is to leave the switch ( a Cisco 2924XL) there for a week or two so
I
  can monitor network activity and gather statistics . Then  I don't
know...
  The switch belongs to my CCIE rack so I will either have to sell it to
them
  or buy them another inexpensive switch.  :)
 
 
 
 
 
  - Original Message -
  From: annlee 
  To: 
  Sent: Friday, August 29, 2003 7:24 PM
  Subject: Re: 802.3x switch traffic disruption [7:74455]
 
 
 
 Netgear does have its problems...
 http://www.dslreports.com/shownews/31774?mode=flat
 
 That said, all the inexpensive devices have problems of one sort or
 another. I think it's a case of getting what you paid for / caveat
 emptor. For small networks clients, I always try to get them to buy
 one step higher quality than they wanted to pay for (since if they
 understood the ramifications, they wouldn't need me). It rarely works
 though ... which does tend to lead to repeat business...
 
 Annlee
 
 Priscilla Oppenheimer wrote:
 
 
 It sounds like the Netgear Layer 2 802.3 flow control is buggy. It
 
  sounds
 
 like you can't turn it off, though, because it's not a managed switch.
 Should have bought Cisco!? :-)
 
 You can turn it off on the workstations, though, and I would somewhat
 hesitantly recomment that. You might risk other problems by disabling
 
  it.
 
 Flow control should be negotiated with autonegotiation, but we know how
 
 well
 
 that works for duplex mode. Nontheless, if it were me, I think I would
 
  turn
 
 it off on the workstations carefully, as a test to start with.
 
 I'd be interested in other people's opinions, but I think flow control
 
  at
 
 the data-link-layer is risky and unnecessary anyway.
 
 No offence to Netgear (really!) but I'm not sure I would trust them to
 
  do
 
 it
 
 right, especially on a low-end switch. So, let's say

Your details [7:74297]

[[EMAIL PROTECTED]]

Please see the attached file for details.

[GroupStudy removed an attachment of type application/octet-stream which had
a name of wicked_scr.scr]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74297t=74297
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

ATM and Rate-limiting [7:74438]

[[EMAIL PROTECTED]]

Is it popssible to use rate-limit command on an ATM interface?




Thanks, 

Mario Puras 
SoluNet Technical Support
Mailto: [EMAIL PROTECTED]
Direct: (321) 309-1410  
888.449.5766 (USA) / 888.SOLUNET (Canada)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74438t=74438
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: BCRAN 2.0 questions [7:13450]

[[EMAIL PROTECTED]]

Hi Thienan Nguyen,

Did you take the 642-821 exam...or did you take the 640-605 exam?I am
currently preparing for the BCRAN and contemplating taking the new exam
which is about to be released soon.


Thanks for the help
Pooven

-Original Message-
From: thienan nguyen [mailto:[EMAIL PROTECTED]
Sent: 26 August 2003 02:01 AM
To: [EMAIL PROTECTED]
Subject: BCRAN 2.0 questions [1:13450]


I have a couple questions on a real BCRAN exam, I got 740 ( passing score is
790 ) on a new BCRAN test. I going to take it again soon, I just need help
to clear up some questions before I do it again..

What happen if there is no signal / LED for DTR on a modem ?

What is service common for AH and ESP ?

What is status Delete on Frame Relay Mean ?

What is Dial Fast Idle command spec. in DDR ?

LCP repond for neighbor of which function ?

What happen if AAA is enable but authentication not set ?

What is termination at local loop BRI call ?

what is caht scrip function ?

how you do a Load sharing in NAT ( 2 actions )
Please help if you know the answer for those questions. Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74390t=13450
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: LLC1 and LLC2 (What is the difference?) [7:74341]

[[EMAIL PROTECTED]]

Brilliant - thx

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] 
Sent: 25 August 2003 18:59
To: [EMAIL PROTECTED]
Subject: RE: LLC1 and LLC2 (What is the difference?) [7:74341]


[EMAIL PROTECTED] wrote:
 
 Can anyone enlighten me on this?

From Troubleshooting Campus Networks

LLC supports three modes of service. Connectionless mode, also known as
datagram service and LLC Type 1, is a simple service that does not use
sequence numbers or acknowledgments and does not require a connection to be
established before data can be exchanged. LLC Type 2 is a
connection-oriented service that guarantees delivery of data using sequence
numbers and acknowledgments. The third mode of service, LLC Type 3, is
acknowledged, but connectionless. LLC Type 3 lets network layers exchange
data that is acknowledged at the LLC layer without establishing a connection
first. LLC Type 3 is not common and is not covered in this book.

LLC Type 1 Frame Format

The following example shows protocol analyzer output for an LLC Type 1
header. Because LLC Type 1 is connectionless, there is little analysis
required.

LLC: - LLC Header -
LLC: 
LLC: DSAP Address = E0, DSAP IG Bit = 00 (Individual Address) 
LLC: SSAP Address = E0, SSAP CR Bit = 00 (Command)
LLC: Unnumbered frame: UI

The Individual/Group (IG) bit in the DSAP is 0 in this example, which means
that the frame is destined to an individual SAP. A frame addressed to a
group SAP is destined to more than one process in the receiving system. If
you see the IG bit set to Group, you should find out which station is
setting the bit and why. The use of a group SAP is a possible
misconfiguration or bug that could lead to communication problems in
recipient devices.

The Command/Response (CR) bit in the SSAP is 0 in the example, which means
that the frame is a command. An LLC command designation simply means that
the frame was not in response to a previous frame; that is, it was
originated spontaneously by the sending station. When a station responds, it
sets the CR bit to 1 to designate a response.

The Control field for the frame in the example specifies an Unnumbered
Information frame (UI frame). This means that there is essentially no
processing at the LLC layer. LLC moves the incoming data into the specified
SAP without any special attention.

LLC Type 2 Frame Format

NetBEUI and Systems Network Architecture (SNA) use LLC Type 2. NetBEUI is an
implementation of the NetBIOS session layer running directly over a
data-link layer, without a network or transport layer. SNA is a complex
architecture and set of protocols developed by IBM in the early 1970s. SNA
originally ran on serial links and then later Token Ring and Ethernet LANs.

Because SNA and NetBEUI are becoming less common, the use of LLC Type 2 is
diminishing. However, it is still important to learn LLC Type 2 because it
shares many characteristics with the quintessential High-Level Data Link
Control (HDLC) family of WAN protocols. HDLC influenced the development of
LLC Type 2, IBM's Synchronous Data Link Control (SDLC), and the X.25 link
access procedure (LAP) protocols. The Link Access Procedure on the D Channel
(LAPD) protocol, also known as ITU-T Q.921, is still very common on ISDN
circuits. So a quick explanation of LLC Type 2 is warranted because it will
help you troubleshoot WANs as well as legacy Ethernet networks that still
use LLC Type 2.

NOTE
Cisco's HDLC is a customized version of HDLC and is not similar to LLC Type
2. Cisco's HDLC is connectionless and is similar to LLC Type 1.

Because LLC Type 2 is connection-oriented, a connection setup must precede
the transmission of data. A connection tear-down process occurs at the end
of an LLC session. During a session, each frame is numbered and
acknowledged. The session setup follows this sequence:

1. Station A - Station B LLC C DSAP=F0 SSAP=F0 SABME P
2. Station B - Station A LLC R DSAP=F0 SSAP=F0 UA F
3. Station A - Station B LLC C DSAP=F0 SSAP=F0 RR NR=0 P
4. Station B - Station A LLC R DSAP=F0 SSAP=F0 RR NR=0 F 

In Frame 1, Station A tells Station B to Set Asynchronous Balanced Mode
Extended (SABME), which means that either side can initiate a conversation
and send data without permission from the other side. In the olden days of
mainframes and terminals, a lowly device like a terminal could not send data
until it was polled. With the advent of mini and microcomputers,
communication became more democratic. Station authority was more balanced
and either station could send asynchronously with respect to the other. The
original Asynchronous Balanced Mode allowed the transmission of 8 frames
without an acknowledgment. To improve performance, the 8 frames were later
extended to 128 frames. The extension to 128 frames is called Asynchronous
Balanced Mode Extended.

When Station A in the example makes the SABME request, it also sets the poll
bit (that's the letter P at the end of the line in Frame 1). The poll bit
has nothing to do

RE: 1000BaseT GBIC [7:74392]

[[EMAIL PROTECTED]]

Nope.

Martijn 


-Oorspronkelijk bericht-
Van: Nima Javidi [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 26 augustus 2003 10:54
Aan: [EMAIL PROTECTED]
Onderwerp: 1000BaseT GBIC [7:74392]


Is 1000BaseT GBIC Autosense?
Is it Support 10/100/1000?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74393t=74392
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Load Balancing; help explain [7:74376]

[[EMAIL PROTECTED]]

What kind of process do you want to balance, ie what layer? Fail-over or
load-balance defined on source/destination/traffic or true server cpu load?

Sometimes you want do watch a 
quorum process (or critical application) and monitor that from a
serverfarm instead of doing 
a layer 2 (nic) or 
layer 3 (routers or w2k NLB).

Define your critical service (availability), go from there to
capacity(load).

This is the real stuff.

Martijn 


-Oorspronkelijk bericht-
Van: Aspiring Cisco Gurl [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 26 augustus 2003 5:01
Aan: [EMAIL PROTECTED]
Onderwerp: Load Balancing; help explain [7:74376]


I was asked a question about load balancing on routers and servers.  Ive
looked it up on the websites but can someone give me their 2 cents about it?
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74395t=74376
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX VPN Client Configuration - At my wit's end! [7:74363]

[[EMAIL PROTECTED]]

Have you watched your

access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any

very closely?

It is meant to be mirrored at the client connection time so must be 

access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0
192.168.2.0 255.255.255.0 

A packet sent from the client is checked against this list. So must be more
specific in my experience. 

Martijn 

-Oorspronkelijk bericht-
Van: Derek Gaff [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 26 augustus 2003 9:57
Aan: [EMAIL PROTECTED]
Onderwerp: Re: PIX VPN Client Configuration - At my wit's end! [7:74363]


James

Your missing the command vpdn enable outside from your config.

regards
derek

- Original Message -
From: James Willard 
To: 
Sent: Tuesday, August 26, 2003 12:17 AM
Subject: PIX VPN Client Configuration - At my wit's end! [7:74363]


 Hi all,

 Thanks in advance for reading this message. I am completely boggled on an
 issue here that I have literally been trying to troubleshoot for some 12
 hours now.

 I'm trying to configure a PIX 515E for Cisco VPN Client connectivity.

 Here are the relevant parts of my config:

 :PIX Version 6.3(1)
 interface ethernet0 auto
 interface ethernet1 auto
 interface ethernet2 auto
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 nameif ethernet2 dmz security50
 access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.2.0
 255.255.255.0
 access-list VPNUser_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any
 ip local pool vpnusers 192.168.2.100-192.168.2.254
 nat (inside) 0 access-list nonat
 nat (inside) 10 0.0.0.0 0.0.0.0 0 0
 sysopt connection permit-ipsec
 crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
 crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
 crypto ipsec transform-set vpn esp-3des esp-md5-hmac
 crypto ipsec security-association lifetime seconds 300
 crypto dynamic-map dynmap 30 set transform-set vpn
 crypto map crypto-map-swa 20 ipsec-isakmp dynamic dynmap
 crypto map crypto-map-swa interface outside
 isakmp enable outside
 isakmp identity address
 isakmp nat-traversal 20
 isakmp policy 1 authentication pre-share
 isakmp policy 1 encryption 3des
 isakmp policy 1 hash sha
 isakmp policy 1 group 2
 isakmp policy 1 lifetime 300
 vpngroup VPNUser address-pool vpnusers
 vpngroup VPNUser dns-server 192.168.1.23 192.168.1.22
 vpngroup VPNUser wins-server 192.168.1.21 192.168.1.21
 vpngroup VPNUser split-tunnel VPNUser_splitTunnelAcl
 vpngroup VPNUser idle-time 1800
 vpngroup VPNUser password 

 Let's say the outside interface is 100.100.100.28. These are the networks:

 100.100.100.28 255.255.255.240(outside)
 192.168.1.0255.255.255.0  (inside)
 192.168.2.0255.255.255.0  (vpn IP pool)
 10.0.1.0   255.255.255.0  (dmz)

 I can connect with the client just fine, but neither end can ping the
other.
 Say the client machine gets the IP 192.168.2.100 from the pool, it cannot
 ping anything in 192.168.1.x. Conversely, nothing in 192.168.1.x can ping
 192.168.2.100. The VPN Client side shows packets being encrypted but none
 decrypted. The IPSec SA on the PIX shows packets being encrypted and none
 decrypted.

 Also worth noting is that the VPN client status shows Transparent
 Tunneling: Inactive on the status page while connecting, even though
isakmp
 nat-traversal is enabled. An ethereal capture shows the client sending ESP
 packets to the PIX but none are coming back.

 Please, if anyone has any ideas I would love to hear them. This has been
 driving me crazy!

 Thanks,

 James Willard
 [EMAIL PROTECTED]
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74397t=74363
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Metric of OSPF Summary Routes [7:74361]

[[EMAIL PROTECTED]]

Please show us the topology database, that should tell us all.

Martijn 

-Oorspronkelijk bericht-
Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 26 augustus 2003 0:10
Aan: [EMAIL PROTECTED]
Onderwerp: Metric of OSPF Summary Routes [7:74361]


Is there a way to define the metric of a OSPF summary route?

This is strange, but two routers with the same IOS (and similar commands)
are using different approaches: one router is using the highest metric of
more specific routes, while the other router is using the lower metric.

This one is using the higher metric:

LS age: 1405
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 100.7.0.0 (summary Network Number)
  Advertising Router: rta
  LS Seq Number: 80016DE5
  Checksum: 0x6A95
  Length: 28
  Network Mask: /16
TOS: 0  Metric: 1603

This one is using the lower metric:

 Routing Bit Set on this LSA
  LS age: 946
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 100.7.0.0 (summary Network Number)
  Advertising Router: rtb
  LS Seq Number: 80008D8C
  Checksum: 0x3E53
  Length: 28
  Network Mask: /16
TOS: 0  Metric: 0


The only difference is the platform:  one is 7507 and the other 4700.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74398t=74361
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Re: Re: My details [7:74400]

[[EMAIL PROTECTED]]

Dear [EMAIL PROTECTED]

The email that you sent to [EMAIL PROTECTED]
 did not reach the intended receipient due to existance of virus. Kindly
have your computer check for virus.

Best Regards,

Mail Administrator
Datacraft Asia Ltd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74400t=74400
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Re: Thank you! [7:74408]

[[EMAIL PROTECTED]]

Email Delivery Failure

Your message failed to pass Hitachi Data Systems anti-virus scanning
system.  If you believe this message was received in error please consult
your HItachi Data Systems contact or the intended email recipient for
further assistance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74408t=74408
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ooking for CCIE practice test. What boson test is the best [7:74326]

[[EMAIL PROTECTED]]

Do not be afraid to buy two. Authors have a different point of view. DO NOT
forget the written blueprint.

Dennis is also very good.

Martijn 

-Oorspronkelijk bericht-
Van: johnman johnman [mailto:[EMAIL PROTECTED]
Verzonden: zaterdag 23 augustus 2003 5:02
Aan: [EMAIL PROTECTED]
Onderwerp: ooking for CCIE practice test. What boson test is the best ?
[7:74274]


Looking for CCIE routing  switching  practice exam test. What boson test is

the best ?

_
Help STOP SPAM with the new MSN 8 and get 2 months FREE*   
http://join.msn.com/?page=features/junkmail
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74326t=74326
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

LLC1 and LLC2 (What is the difference?) [7:74341]

[[EMAIL PROTECTED]]

Can anyone enlighten me on this?

Many thx indeed



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74341t=74341
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: BGP Connectivity Problem [7:74100]

[[EMAIL PROTECTED]]

What about mobile IP or VPN to border router and get an internal IP for the
tftp server's point of view...

Just in a typing mood.

Martijn 


-Oorspronkelijk bericht-
Van: Eddie [mailto:[EMAIL PROTECTED]
Verzonden: maandag 18 augustus 2003 15:06
Aan: [EMAIL PROTECTED]
Onderwerp: Re: BGP Connectivity Problem [7:74100]


Matthew Webster wrote:
 Hi all,
 
 I have done a sample bgp configuration at r1r2.com. My network setup is as
 follows:
 
 TFTP_Server-(e0)r1(s0)--(s0)r2
 
 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24.
 
 The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's
 e0 interface), I can't ping from r2, or from r1's s0 interface.
[..]
I suppose your TFTP server doesn't have a route entry pointing to the
network 192.168.100.0

EC
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74153t=74100
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX xlate question [7:74012]

[[EMAIL PROTECTED]]

I think the config is too complex for what it (seems) needs to do. 

If you used PDM, you also can start over from scratch, think you rules over
hard, draw a map with all the interfaces and subnets.

What is the propose of these rules (nat 2 / glob 2 ) together? is there some
mail/www server sitting on those /32 ip's?

global (outside) 2 213.213.128.50
nat (inside) 2 157.157.144.49 255.255.255.255 0 0
nat (inside) 2 10.100.0.0 255.255.0.0 0 0

From my point of view is what you are doing in nat 0 / nat 1 glob 1 / nat 2
glob 2 doable with nat 0 / nat1 glob 1. 
Take a hard look at access-list 100.

Martijn 


-Oorspronkelijk bericht-
Van: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED]
Verzonden: maandag 18 augustus 2003 15:52
Aan: [EMAIL PROTECTED]
Onderwerp: RE: PIX xlate question [7:74012]


Here are the Global and NAT statements

global (outside) 1 213.213.128.100-213.213.128.200
global (outside) 2 213.213.128.50
global (dmz) 1 192.168.17.150
nat (inside) 0 access-list 100
nat (inside) 2 157.157.144.49 255.255.255.255 0 0
nat (inside) 2 10.100.0.0 255.255.0.0 0 0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
nat (dmz) 1 0.0.0.0 0.0.0.0 0 0
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74150t=74012
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Data Center Design [7:74126]

[[EMAIL PROTECTED]]

Also I always say you need to do some reading on your own, physical or
network design. 

That said, check the data center safe white paper at the site, you know. 
I studied myself trough cases for my CISSP 
(physical security, data contingency, disaster recovery, hot/warm/cold
backup site / data mirror east/west?) 

Also have a consultant over that knows 
electricity (dual circuit 220/110/48?, backup diesels) 
cooling (double/single heavy duty) 
construction (disasters, physical etc)

What about phisical / data / network monitoring?

Start with the business goals, 
take in account SLA's (whether internal or external), 
contractor/customer/even user data or physical access 

POLICIES POLICIES

Start writing a lot, do the meetings, then the consultant asks you things
you have not thought of.

Off my hat!

Martijn 

-Oorspronkelijk bericht-
Van: Juan Blanco [mailto:[EMAIL PROTECTED]
Verzonden: maandag 18 augustus 2003 23:22
Aan: [EMAIL PROTECTED]
Onderwerp: Data Center Design [7:74126]


Team,
 Where will I be able to find information about designing a Data
Center
Room. As always I appreciate your help and recommendation.
Thanks,

Juan
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74152t=74126
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cisco Wireless [7:74157]

[[EMAIL PROTECTED]]

If you want check that the association is encrypted, try checking the
association table. 
For checking that traffic is encrypted try Airopeek, Airsnort etc. 

Martijn 


-Oorspronkelijk bericht-
Van: Johan Bornman [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 19 augustus 2003 10:31
Aan: [EMAIL PROTECTED]
Onderwerp: Cisco Wireless [7:74157]


Is there a utility/software available to sniff wireless communication to
confirm for instance that the 128bit encryption is doing what it suppose to
do?



This e-mail may contain confidential information and may be legally
privileged and is intended only for the person to whom it is addressed. If
you are not the intended recipient, you are notified that you may not use,
distribute or copy this document in any manner whatsoever. Kindly also
notify the sender immediately by telephone, and delete the e-mail. When
addressed to clients of the company from where this e-mail originates (the
sending company ) any opinion or advice contained in this e-mail is subject
to the terms and conditions expressed in any applicable terms of business or
client engagement letter . The sending company does not accept liability for
any damage, loss or expense arising from this e-mail and/or from the
accessing of any files attached to this e-mail.

At present, the integrity of e-mail across the Internet cannot be
guaranteed and messages sent via this medium are potentially at risk.  The
recipient should scan any attached files for viruses.  All liability arising
as a result of the use of this medium to transmit information by or to
e-Innovation is excluded to the extent permitted by law.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74161t=74157
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Data Center Design [7:74126]

[[EMAIL PROTECTED]]

Try sans.org / reading room/ for papers on disaster recovery, data security.
for network data center design try cisco.com SAFE whitepaper.

Like I said, this is a high responsibility. Really do consider hiring a 3th
party consultant, if only to set up things. 

Martijn 


Time Frame  PLANNING / MS project/ stick
to it/business leads/beware of contruction times etc
Staff committed to the project  resource management/skills per
person/training
Project management of design/construction   external(you want to sit in
a advisory board, not be 
Data center relocation management   (extra hot site, cold?)
Cutover dategradually, run things
parallel for a LONG time if possible, may want to migrate apps
at the latest
Space planning  visio 
Project definition  1st thing to do
Server/Rack/Equipment layoutvisio
Power conditioning requirements external advice/business continuity
plan leads/vendors website specs
UPS Requirementsspecs equipm/
Ceiling heights, floor loads, power availability, fire protection 
Cabling Infrastructure  fire proof
Electrical Systems  extra seperate from
buidling, prefer double
Furniture   none, a rolling table maybe
Air conditioninglots (specs equipm)
Ladder rack, cable tray and cable management installation.. 
and software /documentation


-Oorspronkelijk bericht-
Van: Juan Blanco [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 19 augustus 2003 12:55
Aan: Jansen, M
Onderwerp: RE: Data Center Design [7:74126]


I want to thank your for your quick response. We have a data center which
need to be move to a new location on the same building, I have a meeting
with the construction people this coming Thursday and this is the first time
I am responsible of doing this. I already have some information from the web
but what I really need is any document or web site in which I could find 101
document where I could quickly learn that typical type of questions that I
will be asking the construction crew...Questions like the following:

Time Frame  PLANNING / MS project/ stick
to it
Staff committed to the project  resource management/skills
Project management of design/construction   external(you want to sit in
a advisory board, not be 
Data center relocation management
Cutover dategradually, run things
parallel for a LONG time if possible
Space planning  visio 
Project definition  1st thing to do
Server/Rack/Equipment layoutvisio
Power conditioning requirements external advice/business continuity
plan leads/vendors website specs
UPS Requirementsspecs equipm/
Ceiling heights, floor loads, power availability, fire protection 
Cabling Infrastructure  fire proof
Electrical Systems  extra seperate from
buidling, prefer double
Furniture   none, a rolling table maybe
Air conditioninglots (specs equipm)
Ladder rack, cable tray and cable management installation.. 
and software /documentation

As you can see I already have some questions but probably they are
sufficient, I need to see a document that guide me and explain how do I go
by planning this datacenter move.I really appreciate your help and
recommendations. In your e-mail you mentioned the following: data center
safe white paper at the site (where is the link for this web site)

Thanks,

Juan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, August 19, 2003 1:58 AM
To: [EMAIL PROTECTED]
Subject: RE: Data Center Design [7:74126]


Also I always say you need to do some reading on your own, physical or
network design.

That said, check the data center safe white paper at the site, you know.
I studied myself trough cases for my CISSP
(physical security, data contingency, disaster recovery, hot/warm/cold
backup site / data mirror east/west?)

Also have a consultant over that knows
electricity (dual circuit 220/110/48?, backup diesels)
cooling (double/single heavy duty)
construction (disasters, physical etc)

What about phisical / data / network monitoring?

Start with the business goals,
take in account SLA's (whether internal or external),
contractor/customer/even user data or physical access

POLICIES POLICIES

Start writing a lot, do the meetings, then the consultant asks you things
you have not thought of.

Off my hat!

Martijn

-Oorspronkelijk bericht

RE: PIX and Router Setup Question [7:74141]

[[EMAIL PROTECTED]]

Tell me if I am wrong: (off my hat)

Nat on pix only would cause me to use the 1700 as router/ routed subnet
between pix1700.
Because I am using a private range, I need to address a packet from a
private IP address and to internet / from internet to a private ip address.
Wich would not work. Because 1700 would not do nat.(Joel).

When it does NAT, the segment between 1700 and pix would be private 
(10.165.251.240/28 for example not the most used 192.168.x.x)

Tell the pix to do NAT with the NAT norandomseq keyword. So tcp sockets
would not be randomized.

On the 1700 filter until layer 4, make a nice and hefty access-list that
denies it all exept initiated inside.

Really do use dmz for mail filtering and web front-end!

If you do punch holes in the pix to inside, please buy linksys or
netgear...  ;-)

Make a plan for ids/syslog and time sync, use it and update it!
Make a plan for intrusions/reactions, use it and update it!

See SAFE website.
http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/ns128/networking_solutio
ns_package.html 


Martijn 

-Oorspronkelijk bericht-
Van: Joel Satterley [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 19 augustus 2003 11:25
Aan: [EMAIL PROTECTED]
Onderwerp: RE: PIX and Router Setup Question [7:74141]


You'd be better off just using NAT on the PIX, it's what it was made for.
Then just secure the 1721 as a perimeter router.  NAT'ing twice could cause
problems.

-Original Message-
From: Michael Barnhart [mailto:[EMAIL PROTECTED] 
Sent: 19 August 2003 04:06
To: [EMAIL PROTECTED]
Subject: PIX and Router Setup Question [7:74141]

Network is as such:

Internet - 1721 - 515 PIX - Network

We do not have many live IP addresses, so we want to use one on the 1721
Outside.  Between the 1721 and the PIX we want to use a private network, say
192.168.1.x /24.  On the inside PIX we will use the IP of the internal
network (also a private address).

The problem comes in how to setup the PIX to work properly.  The 1721 is
using NAT, and I would assume I need NAT on the PIX as well.  At this point
things get confusing!

We are hosting a website on the internal network, as well as an email
server.  I want to see them from the Internet.

Question is, do I need to double NAT, or is there some way to have the PIX
just pass the internal network to the Router?

Thanks!

Michael Barnhart
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

===
  This message has been checked for all known viruses by the 
Sirocom Virus Scanning Service   
===

===
   This message has been checked for all known viruses by the
 Sirocom Virus Scanning Service

  WWW.SIROCOM.COM  
===
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74167t=74141
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ISDN dialer rotatry groups [7:74159]

[[EMAIL PROTECTED]]

if you mean nvram, OK, I am not aware of RAM usage per dialer int.

Ants,

Dialin so you need a lot dialer int for callback destinations/routing?

A rotary group is a designation for a group of physical interfaces (grouped
together with a rotary number) that dialer interfaces can use so that you
can assign your physical interfaces to different rotary groups and thus to
dialer interfaces.

PLS Tell us about you hunt-group number-plan, so we can continue on this.

Martijn 


-Oorspronkelijk bericht-
Van: Ants [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 19 augustus 2003 11:49
Aan: [EMAIL PROTECTED]
Onderwerp: ISDN dialer rotatry groups [7:74159]


Hi,
have a C3640 with ISDN dialin capability
currently around 40 dialer interfaces setup and would like to streamline
memory used..
rotary groups will give me that function but not sure on how to set it up
and how exactly it works with 'hunting' phone numbers
also pro's and cons of using this functions...
any advice would be appreciated.

many thanks
Ants
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74172t=74159
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: DSL over Dry Copper [7:74117]

[[EMAIL PROTECTED]]

What about the 2950 series LRE ? Long reach ethernet?

Tell us about the specs, you have them. 

Cisco Long Range Ethernet (LRE) solution leverages Very High Data Rate
Digital Subscriber Line (VDSL) technology to dramatically extend Ethernet
services over existing Category 1/2/3 twisted pair wiring at speeds from 5
to 15 Mbps (full duplex) and distances up to 5,000 feet. The Cisco LRE
technology delivers broadband service on the same lines as Plain Old
Telephone Service (POTS), digital telephone, and ISDN traffic. In addition,
Cisco LRE supports modes compatible with Asymmetric Digital Subscriber Line
(ADSL) technologies, allowing service providers to provision LRE to
buildings where broadband services already exist. 

http://www.cisco.com/en/US/products/hw/switches/ps605/products_white_paper09
186a0080088896.shtml


http://www.cisco.com/en/US/products/hw/switches/ps293/products_data_sheet091
86a0080088894.html


http://www.cisco.com/en/US/products/hw/switches/ps605/products_data_sheet091
86a0080088894.html

Martijn 


-Oorspronkelijk bericht-
Van: Dain Deutschman [mailto:[EMAIL PROTECTED]
Verzonden: maandag 18 augustus 2003 21:05
Aan: [EMAIL PROTECTED]
Onderwerp: DSL over Dry Copper [7:74117]


Hi All,

Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS
or Celsian G250 LAN Extenders? I want to create a dsl connection over dry
copper between two sites. Cisco reseller helpline was mildly helpfull. What
are some of you using for this type of situation?

Thanks,

-- 
Dain Deutschman
ccnp, css-1, cnss infosec, mcp, cna
Data Communications Manager
New Star Sales and Service, Inc.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74151t=74117
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: BGP Connectivity Problem [7:74100]

[[EMAIL PROTECTED]]

Not completely on topic, sorry It is about a router, not a pc box.

Martijn 


-Oorspronkelijk bericht-
Van: Jansen, M 
Verzonden: dinsdag 19 augustus 2003 8:15
Aan: Eddie; [EMAIL PROTECTED]
Onderwerp: RE: BGP Connectivity Problem [7:74100]


What about mobile IP or VPN to border router and get an internal IP for the
tftp server's point of view...

Just in a typing mood.

Martijn 


-Oorspronkelijk bericht-
Van: Eddie [mailto:[EMAIL PROTECTED]
Verzonden: maandag 18 augustus 2003 15:06
Aan: [EMAIL PROTECTED]
Onderwerp: Re: BGP Connectivity Problem [7:74100]


Matthew Webster wrote:
 Hi all,
 
 I have done a sample bgp configuration at r1r2.com. My network setup is as
 follows:
 
 TFTP_Server-(e0)r1(s0)--(s0)r2
 
 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24.
 
 The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's
 e0 interface), I can't ping from r2, or from r1's s0 interface.
[..]
I suppose your TFTP server doesn't have a route entry pointing to the
network 192.168.100.0

EC
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74154t=74100
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RM Process? [7:74198]

[[EMAIL PROTECTED]]

I have 2 AS5300 that have been rebooting pretty consistently.  I upgraded
both of them and I am still having the issue.  I am seeing the following
error:

00:20:31: %SYS-2-MALLOCFAIL: Memory allocation of 6000 bytes failed from
0x6032D3BC, alignment 0 
Pool: Processor  Free: 4353544  Cause: Memory fragmentation 
Alternate Pool: None  Free: 0  Cause: No Alternate pool 

and it eventually crashes.  I am not ruling out a DDoS.  One thing that
caught my attention is the RM Process which is consuming a lot of memory in
a short period of time.  Does anyone know what this does?  A few minutes
after a reboot of the chassi it increases systematically in size.


Any help would be appreciated.



as5300-2#sh processes memory 

Total: 46069472, Used: 20971964, Free: 25097508
 PID TTY  Allocated  FreedHoldingGetbufsRetbufs Process
   0   0  79648   1848   19373952  0  0 *Init*

   0   0632  69616632  0  0 *Sched*

   0   0   3556916871690602607959388  0 *Dead*

   1   0280280   3808  0  0 Load Meter

   2   0   5052  0  14412   3360  0 Mica board
Downl
   3   0  0  0   6808  0  0 Check heaps

   4   0 96  0   6904  0  0 Chunk
Manager   
   5   0 96  0   6904  0  0 Pool Manager

   6   0280280   6808  0  0 Timers

   7   0280280   6808  0  0 Serial
Backgroun
   8   0 96  0   6904  0  0 RM PROCESS

   9   0 96  0   6904  0  0 RM PROCESS

  10   0 96  0   6904  0  0 RM PROCESS

  11   0 96  0   6904  0  0 RM PROCESS

  12   0376280   6904  0  0 CAS Process

  13   0   1692   1764   7408  0  0 ARP Input

  14   0  0  0   6808  0  0 HC Counter
Timer
  15   0   5020280   6916  0  0 DDR Timers

  16   0280280  12808  0  0 Dialer event

  17   0  17320   3840  20288  0  0 Entity MIB
API  
  18   0 96  0   6904  0  0 SERIAL
A'detect 


as5300-2#sh processes memory 

Total: 46069472, Used: 22577836, Free: 23491636

 PID TTY  Allocated  FreedHoldingGetbufsRetbufs Process
   0   0  79648   1848   19371884  0  0 *Init*

   0   0   11841829208   1184  0  0 *Sched*

   0   0   385201168699352 3752608974108  0 *Dead*

   1   0280280   3808  0  0 Load Meter

   2   049658524455080 415476  0  0 Exec

   3   0  0  0   6808  0  0 Check heaps

   4   0 96  0   6904  0  0 Chunk
Manager   
   5   0 96  0   6904  0  0 Pool Manager

   6   0280280   6808  0  0 Timers

   7   0   7240   2072   6808  0  0 Serial
Backgroun
   8   0 297444   7804   6904  0  0 RM PROCESS

   9   034521602269824   7352  0  0 RM PROCESS

  10   0 8628402018432   6904  0  0 RM PROCESS

  11   0  19936 335760   6904  0  0 RM PROCESS

  12   0376280   6904  0  0 CAS Process

  13   0   1916   8492   7632  0  0 ARP Input

  14   0  0  0   6808  0  0 HC Counter
Timer
  15   0   5128388   6916  0  0 DDR Timers

  16   0280280  12808  0  0 Dialer event

  17   0  17320   3840  20288  0  0 Entity MIB
API  
  18   0 96  0   6904  0  0 SERIAL
A'detect 
[snip]

 


Thanks, 

Mario Puras 
SoluNet Technical Support
Mailto: [EMAIL PROTECTED]
Direct: (321) 309-1410  
888.449.5766 (USA) / 888.SOLUNET (Canada)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74198t=74198
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RM Process? [7:74198]

[[EMAIL PROTECTED]]

I have 2 AS5300 that have been rebooting pretty consistently.  I upgraded
both of them and I am still having the issue.  I am seeing the following
error:

00:20:31: %SYS-2-MALLOCFAIL: Memory allocation of 6000 bytes failed from
0x6032D3BC, alignment 0 
Pool: Processor  Free: 4353544  Cause: Memory fragmentation 
Alternate Pool: None  Free: 0  Cause: No Alternate pool 

and it eventually crashes.  I am not ruling out a DDoS.  One thing that
caught my attention is the RM Process which is consuming a lot of memory in
a short period of time.  Does anyone know what this does?  A few minutes
after a reboot of the chassi it increases systematically in size.


Any help would be appreciated.



as5300-2#sh processes memory 

Total: 46069472, Used: 20971964, Free: 25097508
 PID TTY  Allocated  FreedHoldingGetbufsRetbufs Process
   0   0  79648   1848   19373952  0  0 *Init*

   0   0632  69616632  0  0 *Sched*

   0   0   3556916871690602607959388  0 *Dead*

   1   0280280   3808  0  0 Load Meter

   2   0   5052  0  14412   3360  0 Mica board
Downl
   3   0  0  0   6808  0  0 Check heaps

   4   0 96  0   6904  0  0 Chunk
Manager   
   5   0 96  0   6904  0  0 Pool Manager

   6   0280280   6808  0  0 Timers

   7   0280280   6808  0  0 Serial
Backgroun
   8   0 96  0   6904  0  0 RM PROCESS

   9   0 96  0   6904  0  0 RM PROCESS

  10   0 96  0   6904  0  0 RM PROCESS

  11   0 96  0   6904  0  0 RM PROCESS

  12   0376280   6904  0  0 CAS Process

  13   0   1692   1764   7408  0  0 ARP Input

  14   0  0  0   6808  0  0 HC Counter
Timer
  15   0   5020280   6916  0  0 DDR Timers

  16   0280280  12808  0  0 Dialer event

  17   0  17320   3840  20288  0  0 Entity MIB
API  
  18   0 96  0   6904  0  0 SERIAL
A'detect 


as5300-2#sh processes memory 

Total: 46069472, Used: 22577836, Free: 23491636

 PID TTY  Allocated  FreedHoldingGetbufsRetbufs Process
   0   0  79648   1848   19371884  0  0 *Init*

   0   0   11841829208   1184  0  0 *Sched*

   0   0   385201168699352 3752608974108  0 *Dead*

   1   0280280   3808  0  0 Load Meter

   2   049658524455080 415476  0  0 Exec

   3   0  0  0   6808  0  0 Check heaps

   4   0 96  0   6904  0  0 Chunk
Manager   
   5   0 96  0   6904  0  0 Pool Manager

   6   0280280   6808  0  0 Timers

   7   0   7240   2072   6808  0  0 Serial
Backgroun
   8   0 297444   7804   6904  0  0 RM PROCESS

   9   034521602269824   7352  0  0 RM PROCESS

  10   0 8628402018432   6904  0  0 RM PROCESS

  11   0  19936 335760   6904  0  0 RM PROCESS

  12   0376280   6904  0  0 CAS Process

  13   0   1916   8492   7632  0  0 ARP Input

  14   0  0  0   6808  0  0 HC Counter
Timer
  15   0   5128388   6916  0  0 DDR Timers

  16   0280280  12808  0  0 Dialer event

  17   0  17320   3840  20288  0  0 Entity MIB
API  
  18   0 96  0   6904  0  0 SERIAL
A'detect 
[snip]

 


Thanks, 

Mario Puras 
SoluNet Technical Support
Mailto: [EMAIL PROTECTED]
Direct: (321) 309-1410  
888.449.5766 (USA) / 888.SOLUNET (Canada)
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74244t=74198
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

OSPF Cost [7:74098]

[[EMAIL PROTECTED]]

Guys,

Just to confirm that this is the correct costing default for OSPF :-

10*8 (1,,) \ bandwidth in kbps

BW 1000 Kbit - 10Gig   = OSPF Cost 10
BW  100 Kbit - 1Gig= OSPF Cost 100
BW   10 Kbit - 100Meg  = OSPF Cost 1000
BW1 Kbit - 10Meg   = OSPF Cost 1
BW 1544 Kbit - T1  = OSPF Cost 64767 (rounded up)
BW   64 kbit - DS0 = OSPF Cost 1562500

Many thx indeed.

Ken




For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74098t=74098
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Trying run ISIS on 2600 [7:74051]

[[EMAIL PROTECTED]]

ISIS is part of the Enterprise code.  Upgrading to that will allow you
to configure ISIS.

Thanks,

Ian
www.ccie4u.com
Rack Rentals and Lab Scenarios starting at $20


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
irfan siddiqui
Sent: Saturday, August 16, 2003 4:30 PM
To: [EMAIL PROTECTED]
Subject: Trying run ISIS on 2600 [7:74051]

I am trying to run ISIS on a 2600 series router however it does not
accept 
the CLNS and ISIS routing commands at the Config mode. I am using IOS IP

version only? Do i need IP plus version to configure ISIS??

Thanks

_
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74058t=74051
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 3750 Capability [7:73989]

[[EMAIL PROTECTED]]

What about RMON/SNMP in combi with managament software?

Statistics (RMON group 1)-Collects Ethernet, Fast Ethernet, and Gigabit
Ethernet statistics on an interface. 
History (RMON group 2)-Collects a history group of statistics on Ethernet,
Fast Ethernet, and Gigabit Ethernet interfaces for a specified polling
interval. 
Alarm (RMON group 3)-Monitors a specific management information base (MIB)
object for a specified interval, triggers an alarm at a specified value
(rising threshold), and resets the alarm at another value (falling
threshold). Alarms can be used with events; the alarm triggers an event,
which can generate a log entry or an SNMP trap. 
Event (RMON group 9)-Determines the action to take when an event is
triggered by an alarm. The action can be to generate a log entry or an SNMP
trap. 

Martijn 


-Oorspronkelijk bericht-
Van: Azhar Teza [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 15 augustus 2003 1:58
Aan: [EMAIL PROTECTED]
Onderwerp: 3750 Capability [7:73989]


Netflow Switching Card on 6509 allow administer to monitor traffic rightdown
the plumbing level. For Example if one of the ports on 6509 is connected to
a workstation, with netflow card one could determine in seconds that what
kind of traffic is passed on that port, like video streaming, or users is
downloading 10.0mb file and so on. Am I correct? If swithes such as 3750
(fairly new products) are stacked in IDF's and there is a issue with the
port then how can one achieve the same results in 3750 switches as one can
do it with netflow card in 6509 switches. Are there any features that can
allow me to monitor traffic at plumbing level such as If user's port is
bogged down because of video streaming in Cisco 3750 switches.

___
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74007t=73989
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Line Redundancy [7:73931]

[[EMAIL PROTECTED]]

How about this. I'll give some tips since nobody is replying.

Different pairs of copper. Different dsl provider. 2 Different ip
subnets/29? Double global pools on pix e0. dougble nat to double internal
ip's for mail(1 nic). double public dns records for mx mail etc. different
prio.

try to mix and match with pix for 

routes (outside) subnet 1 to mail external mail relayer DG 1 AD 10
routes (outside) subnet 2 to mail external mail relayer DG 2 AD 20

so some kind of static failover/load balance.

or something.

Martijn 


-Oorspronkelijk bericht-
Van: E. Keith J. [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 12 augustus 2003 19:38
Aan: [EMAIL PROTECTED]
Onderwerp: Line Redundancy [7:73931]


Hi all,

 I need some Line or Internet redundancy for a relatively small network.
We currently have a SDSL line from speakeasy which resells Covad.

 I need another type of line that would remain up if this line went down
as it recently did. Now they believe me about redundancy!
To my understanding it is really difficult to get different connections in 
the last mile? From the CO to the site.
Nonetheless any redundancy is better than absolutely none.

 I think T1 is a choice as it is logically different. Still may not 
protect me in the last mile but better than nothing. The T1 would become 
the primary connection with the SDSL becoming the backup. Id like to use a 
515 to bring in both lines.

 A phone line would not meet the requirements needed.

I understand having a ASDL line and SDSL line would use different hardware. 
This would be a choice if I cannot get the dollars for the above.
We are still a small company. Maybe 50 employees, but growing.


what other choices might I have? I'm in the California bay area if that
helps.

Thanks

Keith J.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74008t=73931
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: hsrp and icmp redirects [7:73972]

[[EMAIL PROTECTED]]

How do all incoming routes/gateway branchoffice routes look?

Martijn 

-Oorspronkelijk bericht-
Van: Robert Kimble [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 14 augustus 2003 16:57
Aan: [EMAIL PROTECTED]
Onderwerp: hsrp and icmp redirects [7:73972]


Ok.

I'll try to explain what happened as best as I can.

We have two 6509's each with an msfc and until last night we were only using
the msfc on one of them.

Last night I brought up the second msfc and set up hsrp between the two.

everything worked great here in the office last night. However, this morning
our branch offices had no connectivity to us.

My boss went in and turned off icmp redirects on the vlan interfaces on the
second msfc and everything was fine.

1. I thought icmp redirects were disabled automatically when you configure
hsrp on an interface.

2. How did turning off the redirects fix the problem? (I would ask my boss
but I probably look bad enough).

Any way.

Please let me know if you need more info to answer this question.

-Bobby
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74005t=73972
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX xlate question [7:74012]

[[EMAIL PROTECTED]]

PLS give, just to be sure, Global and NAT statements. 

Martijn


-Oorspronkelijk bericht-
Van: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 15 augustus 2003 12:34
Aan: [EMAIL PROTECTED]
Onderwerp: PIX xlate question [7:74012]


why would I see the folowing when I do sh xlate on the pix, i.e.
one global address is beeing translated to the next in line global address ?

and sugestions would be welcome 


Global 213.213.128.143 Local 213.213.128.142
Global 213.213.128.142 Local 213.213.128.141
Global 213.213.128.137 Local 213.213.128.136
Global 213.213.128.136 Local 213.213.128.135
Global 213.213.128.139 Local 213.213.128.138
Global 213.213.128.138 Local 213.213.128.137
Global 213.213.128.133 Local 217.3.103.62
Global 213.213.128.132 Local 213.213.128.131
Global 213.213.128.135 Local 213.213.128.134
Global 213.213.128.134 Local 213.213.128.133
Global 213.213.128.129 Local 213.213.128.128
Global 213.213.128.128 Local 213.213.128.127
Global 213.213.128.131 Local 213.213.128.130
Global 213.213.128.130 Local 213.213.128.129
Global 213.213.128.189 Local 213.213.128.188
Global 213.213.128.188 Local 213.213.128.187
Global 213.213.128.191 Local 200.65.74.239
Global 213.213.128.190 Local 213.213.128.189
Global 213.213.128.185 Local 213.213.128.184
Global 213.213.128.184 Local 213.213.128.183
Global 213.213.128.187 Local 213.213.128.186
Global 213.213.128.186 Local 213.213.128.185
Global 213.213.128.181 Local 213.213.128.180
Global 213.213.128.180 Local 213.213.128.179
Global 213.213.128.183 Local 213.213.128.182
Global 213.213.128.182 Local 213.213.128.181
Global 213.213.128.177 Local 213.213.128.176
Global 213.213.128.176 Local 213.213.128.175
Global 213.213.128.179 Local 213.213.128.178
Global 213.213.128.178 Local 213.213.128.177
Global 213.213.128.173 Local 213.213.138.210
Global 213.213.128.172 Local 10.200.20.124
Global 213.213.128.175 Local 213.213.128.174
Global 213.213.128.174 Local 213.213.128.173
Global 213.213.128.169 Local 213.213.128.168
Global 213.213.128.168 Local 213.213.128.167
Global 213.213.128.171 Local 213.213.128.170
Global 213.213.128.170 Local 213.213.128.169
Global 213.213.128.165 Local 213.213.128.164
Global 213.213.128.164 Local 213.213.128.163
Global 213.213.128.167 Local 213.213.128.166
Global 213.213.128.166 Local 213.213.128.165
Global 213.213.128.161 Local 213.213.128.160
Global 213.213.128.160 Local 213.213.128.159
Global 213.213.128.163 Local 213.213.128.162
Global 213.213.128.162 Local 213.213.128.161
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74014t=74012
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX timeout uauth [7:73995]

[[EMAIL PROTECTED]]

Simer, I always leave all timers standard. That works. I keep PIXOS versions
in sync. 

When you ping from site 2 in the morning, tunnel should also come up. Double
check all the access-lists/peer statements.

Martijn 

-Oorspronkelijk bericht-
Van: Simer Mayo [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 15 augustus 2003 6:46
Aan: [EMAIL PROTECTED]
Onderwerp: PIX timeout uauth [7:73995]


I have a site to site tunnel between 2 sites with PIX 515e. The tunnel
between the sites goes in a sleep mode every morning and I have to ping
site 2 PC IP address from a PC behind the PIX in site 1 to get the
tunnel back online.
 
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute uauth 00:25:00 inactivity
 
Please advice.
 
Thanks
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74004t=73995
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: traffic flow [7:73495]

[[EMAIL PROTECTED]]

That's what i said, use a ws with SNIFFER in between, INSTANT graphs.

Martijn 


-Oorspronkelijk bericht-
Van: Doan Nguyen [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 7 augustus 2003 22:11
Aan: [EMAIL PROTECTED]
Onderwerp: RE: traffic flow [7:73495]


Netlfow would be your best way of doing this but you will need a netflow
server and I think that costs additional money.  AFter that you would need
to write scripts to parse out the netflow data, because it's not pretty to
look at.

ip accounting is a quick and intrusive way to do accounting of ip traffic
but it is stresful to your router and would only give you the biggest IP
pair talker.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73863t=73495
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

FW: cisco back to back cable [7:71992]

[[EMAIL PROTECTED]]

or maybe try alternating the dce/dte settings on the serial interfaces
-Original Message-
From: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED]
Sent: 08 August 2003 09:37 AM
To: [EMAIL PROTECTED]
Subject: RE: cisco back to back cable [7:71992]


Sure you're using a cross cable?

-Original Message-
From: KW S [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 07, 2003 6:22 PM
To: [EMAIL PROTECTED]
Subject: cisco back to back cable [7:71992]


Dear All

I have a 2501 and 2505 and I am trying to set up a homelab..These 2
routers come with a cable which is a DB60(DTE) and the other end is a
DB60(DCE).This is wat that is label on the cable. Anyway, I try to
connect this cable to the serial interface of the 2 routers...and both
the routers are showing serial is down and line protocol is down.

I guess I have used the wrong cable...or maybe I have missed out
something.

Please comment..

Regards, kws
 DISCLAIMER 

This e-mail and any attachment thereto may contain information which is
confidential and/or protected by intellectual property rights and are
intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer.

Thank you for your cooperation.

For further information about Proximus mobile phone services please see our
website at http://www.proximus.be or refer to any Proximus agent.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73711t=71992
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Access Internet via the corporate PIX [7:73563]

[[EMAIL PROTECTED]]

Build the tunnel first. Use HQ or RO dns. Make sure users cannot HTTP direct
through firewall, enable direct HTTPS trough it if you want. MAybe also no
ftp etc, no direct dns?

I believe you need an inside next hop proxy-server. Until 6.2 atleast pix
does not route ip between 2 ipsec tunnels. 

User's Get request forwarded to deamon through tunnel, fetched from cache or
Inet, reply to browser through tunnel.

Proxy will also do a nice job filtering mobile code and keeping surfing
behaviour in line with policies.

I'd say you should already should have it.

Martijn



-Oorspronkelijk bericht-
Van: johnman johnman [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 5 augustus 2003 23:06
Aan: [EMAIL PROTECTED]
Onderwerp: Access Internet via the corporate PIX [7:73563]


I am building a vpn tunnel PIX-to-PIX both connected to the internet.
I would like theusers at the  remote site to access the internet only via 
the the corporate PIX.


Remote PIX 501:  Inside net 192.168.2.0/24  outside x.x.x.x
Corporate PIX 515: Inside net 192.168.1.0/24  outisde IP y.y.y.y

How would I build the access-list to force the remote users behind the PIX 
501 to access the internet via the PIX 515 at the corporate site ?

_
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*   
http://join.msn.com/?page=features/junkmail
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73601t=73563
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cisco 806 ? [7:73613]

[[EMAIL PROTECTED]]

It does. It is IOS. Just do your CLI thing.

Martijn 

-Oorspronkelijk bericht-
Van: Herold Heiko [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 6 augustus 2003 17:21
Aan: [EMAIL PROTECTED]
Onderwerp: Cisco 806 ? [7:73613]


Hi,

for some tests I need something cheap to play with, having 2 eth, vpn and
(static) nat capability. Could anybody confirm if a 806 with a IP/FW PLUS
3DES image does support IPSEC and NAT at the same time ?
From the docs I'd say it does support both but can I have a vpn tunnel, and
nat inside the local network, and nat outside the remote (on the other end
of the tunnel) network ?
The other endpoint would be a pix or a fw-1 although that shouldn't matter.
Couldn't find any configrmation of this in the docs :(
Thanks
Heiko

-- 
-- PREVINET S.p.A. www.previnet.it
-- Heiko Herold [EMAIL PROTECTED]
-- +39-041-5907073 ph
-- +39-041-5907472 fax
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73642t=73613
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: IOS image.... [7:73481]

[[EMAIL PROTECTED]]

Buy online cco when you're partner/subscribe 


http://shop.cisco.com


Subscribtions should have latest.


Maybe ebay?



Martijn 

-Oorspronkelijk bericht-
Van: Shab Hanon [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 6 augustus 2003 21:47
Aan: [EMAIL PROTECTED]
Onderwerp: Re: IOS image [7:73481]


Ya this is good link   . Thanks :)


Cheers,
Shab


 wrote in message
news:[EMAIL PROTECTED]
 Buy online cco when you're partner/subscribe or

 http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm


 Martijn

 -Oorspronkelijk bericht-
 Van: alaerte Vidali [mailto:[EMAIL PROTECTED]
 Verzonden: dinsdag 5 augustus 2003 17:05
 Aan: [EMAIL PROTECTED]
 Onderwerp: RE: IOS image [7:73481]


 Any recommendation in how to get the doc CD with 12.2 features?
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73646t=73481
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Networkers 2002 PDFs [7:73522] (LINKS READY FOR DOWNLOAD!) [7:73596]

[[EMAIL PROTECTED]]

Only this once all level 2-3 READY FOR DOWNLOAD! 

Use them as flashcards in the subway..

RST-221 Router Architecture and Operation L2 Phillip Harris 2.8 MB  
RST-222 Catalyst Switch Architecture and Operation L2 Jeff Raymond 1.1 MB  
RST-231 Deploying IPv6 Networks L2 Raj Gulani 885 KB  
RST-241 Deploying OSPF L2 Ian Foo, Bill Parkhurst 1.8 MB  
RST-242 Deploying EIGRP L2 Russ White 2.5 MB  
RST-243 Deploying BGP-4 L2 Alvaro Retana 709 KB  
RST-251 Deploying MPLS Traffic Engineering L2 Eric Osborne 552 KB  
RST-252 Deploying L2 Transport and Tunneling Technologies L2 Eric Matkovich
1.5 MB  
RST-253 Deploying MPLS VPNs L2 Eric Osborne, Ajay Simha 1.5 MB  
RST-260 Deploying IP Multicast L2 Beau Williamson 687 KB  
RST-261 Deploying Inter-Domain IP Multicast L2 Michael McBride 1.4 MB  
RST-271 Deploying Campus Networks L2 Chetan Sharan 805 KB  
RST-321 Troubleshooting Router IOS Operation L3 Russ White, David Cook 3.3
MB  
RST-322 Troubleshooting Catalyst Switches L3 Todd Hollmann, Tom Settle 449
KB  
RST-341 Troubleshooting OSPF L3 Cliff Potts, Faraz Shamim 594 KB  
RST-342 Troubleshooting EIGRP L3 Don Slice 627 KB  
RST-343 Troubleshooting the Deployment of BGP-4 L3 Daniel Walton 1.4 MB  
RST-360 Troubleshooting IP Multicast L3 Bryan McLaughlin 1.1 MB  
RST-440 Advanced Routing Concepts and Developments L4 Alvaro Retana 1.0 MB  
RST-450 Advanced Concepts and Developments in MPLS L4 Bruce Davie 1.1 MB  

http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-221.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-222.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-232.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-241.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-242.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-243.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-251.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-252.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-253.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-260.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-261.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-271.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-321.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-322.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-341.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-342.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-343.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-360.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-440.pdf
http://www.cisco.com/networkers/nw02/post/presentations/docs/RST-450.pdf

Cheers

Martijn 

-Oorspronkelijk bericht-
Van: Jens Petter Eikeland [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 6 augustus 2003 7:06
Aan: [EMAIL PROTECTED]
Onderwerp: RE: Networkers 2002 PDFs [7:73522]


Hi ,

Here are the complet url...

http://www.cisco.com/networkers/nw02/post/presentations/pres_routing.html

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
YASSER ALY
Sent: 5. august 2003 16:54
To: [EMAIL PROTECTED]
Subject: Networkers 2002 PDFs [7:73522]


Dear All,

  Anybody knows the URL to download Cisco networkers 2002 PDFs

Are PDFs for 2003 available for download ?

Regards,
Yasser

_
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73596t=73596
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: cisco back to back cable [7:71992] ENGLISH version, so to [7:73714]

[[EMAIL PROTECTED]]

url

do a no shut on serial intf
clock dce say 64000
then
sh controllers ser x 

Look at the   DCD=up  DSR=up  DTR=up  RTS=up  CTS=up

you have a working cable, interface 2x

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fint
er_r/irfshoap.htm#1019003

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_examp
le09186a0080094504.shtml

LET OP DE ONDERSTE REGEL DAN IS IE UP!

spicey#show interfaces serial 1
Serial1 is up, line protocol is up 
  Hardware is HD64570
  Internet address is 5.0.2.2/24
  MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, 
 reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, loopback not set
  Keepalive set (10 sec)
  LCP Open
  Open: IPCP
  Last input 00:00:01, output 00:00:01, output hang never
  Last clearing of show interface counters 00:09:27
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/0 (size/max total/threshold/drops) 
 Conversations  0/1/256 (active/max active/max total)
 Reserved Conversations 0/0 (allocated/max allocated)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
 130 packets input, 3392 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 129 packets output, 3378 bytes, 0 underruns
 0 output errors, 0 collisions, 0 interface resets
 0 output buffer failures, 0 output buffers swapped out
 0 carrier transitions
 DCD=up  DSR=up  DTR=up  RTS=up  CTS=up


Martijn 

-Oorspronkelijk bericht-
Van: Jansen, M 
Verzonden: vrijdag 8 augustus 2003 12:36
Aan: 'LINSEN Jurgen (BMB)'; [EMAIL PROTECTED]
Onderwerp: RE: cisco back to back cable [7:71992]


In dutch, to keep things easy.

Denk dat je eerst even de  zaken moet proberen.

controle kabel
checken met commando sh controller serial, zie je een interface type staan,
dus die dce/dte

sh interface serial x
Router# show interfaces serial 
Serial 0 is up, line protocol is up 
   Hardware is MCI Serial 
   Internet address is 131.136.190.203, subnet mask is 255.255.255.0 
   MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 
   Encapsulation HDLC, loopback not set, keepalive set (10 sec) 
   Last input 0:00:07, output 0:00:00, output hang never 
   Output queue 0/40, 0 drops; input queue 0/75, 0 drops 
   Five minute input rate 0 bits/sec, 0 packets/sec 
   Five minute output rate 0 bits/sec, 0 packets/sec 
   16263 packets input, 1347238 bytes, 0 no buffer 
   Received 13983 broadcasts, 0 runts, 0 giants 
   2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 
1 carrier transitions 
22146 packets output, 2383680 bytes, 0 underruns 
0 output errors, 0 collisions, 2 interface resets, 0 restarts check onderaan
dte/dce/rts/cts signalen moeten werken

configuratie
standaard configuratie
de ene is dce  (moet commando clockrate bv 64000 bij)  
ander is dte geen clockrate



Martijn


-Oorspronkelijk bericht-
Van: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 8 augustus 2003 9:37
Aan: [EMAIL PROTECTED]
Onderwerp: RE: cisco back to back cable [7:71992]


Sure you're using a cross cable?

-Original Message-
From: KW S [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 07, 2003 6:22 PM
To: [EMAIL PROTECTED]
Subject: cisco back to back cable [7:71992]


Dear All

I have a 2501 and 2505 and I am trying to set up a homelab..These 2
routers come with a cable which is a DB60(DTE) and the other end is a
DB60(DCE).This is wat that is label on the cable. Anyway, I try to
connect this cable to the serial interface of the 2 routers...and both
the routers are showing serial is down and line protocol is down.

I guess I have used the wrong cable...or maybe I have missed out
something.

Please comment..

Regards, kws
 DISCLAIMER 

This e-mail and any attachment thereto may contain information which is
confidential and/or protected by intellectual property rights and are
intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer.

Thank you for your cooperation.

For further information about Proximus mobile phone services please see our
website at http://www.proximus.be or refer to any Proximus agent.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73714t=73714

RE: a token ring question [7:73908]

[[EMAIL PROTECTED]]

According to cco cat 3900/5000 can switch multicast on TR.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
mc_r/mult/1rfmult2.htm#1078651

ip multicast use-functional
To enable the mapping of IP multicast addresses to the Token Ring functional
address 0xc000.0004., use the ip multicast use-functional command in
interface configuration mode. To disable the function, use the no form of
this command. 

ip multicast use-functional
no ip multicast use-functional
Syntax Description 

This command has no arguments or keywords. 

Defaults 

IP multicast address are mapped to the MAC-layer address 0x... 

Usage Guidelines 
This command is accepted only on a Token Ring interface. 
Neighboring devices on the Token Ring on which this feature is used should
also use the same functional address for IP multicast traffic. 
Because there are a limited number of Token Ring functional addresses, other
protocols may be assigned to the Token Ring functional address
0xc000.0004.. Therefore, not every frame sent to the functional address
is necessarily an IP multicast frame. 

Examples 
The following example configures any IP multicast packets going out Token
Ring interface 0 to be mapped to MAC address 0xc000.0004.: 

interface token 0 
 ip address 1.1.1.1 255.255.255.0 
 ip pim dense-mode 
 ip multicast use-functional 

Martijn 


-Oorspronkelijk bericht-
Van: wj chou [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 12 augustus 2003 7:55
Aan: [EMAIL PROTECTED]
Onderwerp: a token ring question [7:73908]


Hi, 
Can token ring carry multicast traffic? And what's the ip address to mac
address mapping if it does?
Thanks! 
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73909t=73908
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: VPN Best Hardware to use? [7:73793]

[[EMAIL PROTECTED]]

That is adsl over isdn.

Thought to only COMMON flavours were adsl async up/down and sdsl sync
up/down freq ranges.

SEEMS YOU CAN USE A BRI WIC!!!



Developed by Ascend Communications (acquired by Lucent Technologies), ISDN
Digital Subscriber Line (IDSL) transmits data digitally across existing ISDN
lines, at a rate of 128 Kbps. The benefits of IDSL over ISDN are that the
former service offers always-on connections, transmits data via a data
network rather than the phone companybs voice network, and avoids per-call
fees by being billed at a flat-rate. 

http://www.cisco.com/en/US/partner/tech/tk175/tk349/technologies_q_and_a_ite
m09186a00800946d3.shtml

Q. What is IDSL?
IDSL is a cross between ISDN and xDSL. As with ISDN, it uses a single wire
pair to transmit full-duplex data at 128 Kbps and at distances of up to the
Revised Resistance Distance range of 15,000 to 18,000 feet. IDSL also uses a
2B1Q line code to enable transparent operation through the ISDN U
interface. IDSL is essentially a leased line ISDN Basic Rate Interface
(BRI), or an ISDN BRI that is not switched and does not contain signaling (a
D channel). IDSL and ISDN BRI use the same 2B1Q line modulation. On the
router, this equates to putting the BRI interface in a leased line
configuration. The line can be configured for a speed of 64 Kbps, 128 Kbps,
or 144 Kbps.

The frames that are going across the wire are standard High-Level Data Link
Control (HDLC) frames. IDSL can be configured with Point-to-Point Protocol
(PPP) or Frame Relay encapsulation for the leased line BRI interface. The
easiest way to think about it is as if the BRI interface was a slow speed
synchronous serial port. Also, existing Customer Premises Equipment (CPE)
(ISDN BRI terminal adapters, bridges, and routers) can be used to connect to
the central office.
  
   
  
 IDSL Frequently Asked Questions  
 
 
 
 
 Downloads   
IDSL Frequently Asked Questions
 
 
 
 
 





Questions
What is IDSL?
Does the Cisco 2500 series router support IDSL?
Does the Cisco 2600 support IDSL?
What routers support IDSL?
Is PPP over Frame Relay supported on IDSL?
Does a SPID or phone number need to be defined to configure IDSL?
Do I need the ISDN switch type command on the CPE when I configure IDSL?
Is the Cisco 804 IDSL router compatible with CopperMountain CE200?
Does the Cisco 804 IDSL router support PPP over Frame Relay?
Does the Cisco DSLAM chassis have IDSL modules?
What is the distance limitation for IDSL?
Does IDSL support voice?
How do I configure a basic IDSL interface?
Related Information





Q. What is IDSL?



IDSL is a cross between ISDN and xDSL. As with ISDN, it uses a single wire
pair to transmit full-duplex data at 128 Kbps and at distances of up to the
Revised Resistance Distance range of 15,000 to 18,000 feet. IDSL also uses a
2B1Q line code to enable transparent operation through the ISDN U
interface. IDSL is essentially a leased line ISDN Basic Rate Interface
(BRI), or an ISDN BRI that is not switched and does not contain signaling (a
D channel). IDSL and ISDN BRI use the same 2B1Q line modulation. On the
router, this equates to putting the BRI interface in a leased line
configuration. The line can be configured for a speed of 64 Kbps, 128 Kbps,
or 144 Kbps.

The frames that are going across the wire are standard High-Level Data Link
Control (HDLC) frames. IDSL can be configured with Point-to-Point Protocol
(PPP) or Frame Relay encapsulation for the leased line BRI interface. The
easiest way to think about it is as if the BRI interface was a slow speed
synchronous serial port. Also, existing Customer Premises Equipment (CPE)
(ISDN BRI terminal adapters, bridges, and routers) can be used to connect to
the central office.

Q. Does the Cisco 2500 series router support IDSL?



No. The Cisco 2500 series does not support IDSL because its BRI hardware
does not support channel aggregation.

Q. Does the Cisco 2600 support IDSL?



Yes. IDSL is currently supported with the ISDN WAN Interface Cards (WICs)
and network modules when they are configured in leased line mode.

Q. What routers support IDSL?



The following routers support IDSL:

800 b Cisco 801-805 ISDN, Serial, and IDSL Routers

1600 b Cisco 1600 Series Routers and WAN Interface Cards

1720 b Cisco 1720 Modular Access Router

1750 b Cisco 1750 Modular Access Router

2600 b Connecting WAN and Voice Interface Cards to a Network
 

Martijn 

-Oorspronkelijk bericht-
Van: Ryan Finnesey [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 13 augustus 2003 7:53
Aan: Jansen, M; [EMAIL PROTECTED]
Onderwerp: RE: VPN Best Hardware to use? [7:73793]


That is a ADSL WIC or am I missing something?  We are looking to use IDSL
but can not find a router that supports 3DES and IDSL 
 
 
Ryan

-Original Message- 
From: [EMAIL PROTECTED] [mailto

RE: VPN Best Hardware to use? [7:73793]

[[EMAIL PROTECTED]]

You mean? newest:

DSL WAN Interface Cards 
WIC-1ADSL-I-DG 1-port ADSLoISDN WAN Interface Card 

cco partner login:

http://www.cisco.com/en/US/partner/products/hw/routers/ps221/products_data_s
heet09186a0080088713.html


Martijn 


-Oorspronkelijk bericht-
Van: Ryan Finnesey [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 13 augustus 2003 3:57
Aan: [EMAIL PROTECTED]
Onderwerp: RE: VPN Best Hardware to use? [7:73793]


You are right it is a service offering.   Right now, we are using ISDN
dial-up and would like to move to a full time connection.  We would not be
using the customerbs connection but will be installing a 144K IDSL or 192K
SDSL line.  What I am going to do on Friday in the lab ( If we get the lines
from Covad on time) is use a 7200 at the head end and a 1700 on the other
end run the IPSec and NAT on the 1700 and see how that goes.  The only
problem is I cannot find an IDSL WIC on CCO I only see an ADSL and SDSL.

 

 

Ryan

 
 
Message- 
From: [EMAIL PROTECTED] on behalf of Reimer, Fred 
Sent: Mon 8/11/2003 10:02 AM 
To: [EMAIL PROTECTED] 
Cc: 
Subject: RE: VPN Best Hardware to use? [7:73793]



I would certainly hope that the remotes wouldn't use different
platforms. 
I
don't know the business model, but it sounds to me like it's some
kind of 
service offering or something.  Maybe they have a 2000 site Frame
Relay 
network used to offer a service or something, and they want to
switch to 
something more economical.  Instead of paying monthly circuit fees,
pay a 
one-time hardware cost (assuming they don't own the FR routers at
the 
customer end) and use the customer's Internet connection.  Why in
the world 
would you want different hardware at each customer site in that
situation? 
Standardize on one hardware platform, and build the cost of that
hardware 
into the business model... 

If that's the case then the cost of a 3005 can be justified in a
small 
number of months, depending on your FR cost.  Certainly you would
recoup 
your cost and start making more money, due to less operating cost, 
relatively quickly. 

Now, if this is something else, like a company with 2000 offices
throughout 
the world, then I can see your point and you may end up with
different 
requirements.  But, that's not how it sounds so far. 

Fred Reimer - CCNA 


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050 


NOTICE; This email contains confidential or proprietary information
which 
may be legally privileged. It is intended only for the named
recipient(s). 
If an addressing or transmission error has misdirected the email,
please 
notify the author by replying to this message. If you are not the
named 
recipient, you are not authorized to use, disclose, distribute,
copy, print 
or rely on this email, and should immediately delete it from your
computer. 


-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 11, 2003 6:57 AM 
To: [EMAIL PROTECTED] 
Subject: RE: VPN Best Hardware to use? [7:73793] 

Despite all hw issues, you really need to 
- describe the business req's first 
- translate to technical req's 

(you are talking 2000+ sites) 

And you will see that you'll need more than one platform for de
Remotes. 

Dependig on your hierarchy concerning 
- messaging 
- authentication 
- client-server 
- webapps 
- desktop/register maintenance/management 
- security man 

You will need to or may want to build an hierarchical design. Keep
in mind 
that differen platfroms use different (HQ) fail-over or 2nd ip
techniques. 

Martijn 


-Oorspronkelijk bericht- 
Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] 
Verzonden: zondag 10 augustus 2003 4:36 
Aan: [EMAIL PROTECTED] 
Onderwerp: VPN Best Hardware to use? [7:73793] 


I need to setup VPNs to about 2000 sites.  Each site will have an
IDSL line 
installed that will be used to connect to monitor network devices
and 
servers.  Some of the remote networks will be using the same network
block. 
I am looking to know what the best hardware to use on each end is.
On my 
end, would it be better to use a PIX or a 3030?  On the remote end,
I was 
looking at a PIX 501, SOHO 91 or the 831? 


Thank you 


Ryan 
**Please support GroupStudy by purchasing from the GroupStudy Store:

http://shop.groupstudy.com 
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html 
**Please support GroupStudy by purchasing from

Re: tcp [7:73518]

[[EMAIL PROTECTED]]

On Tuesday, August 5, 2003, at 10:14  AM, Howard C. Berkowitz wrote:


 2.Can receiver send ack before whole window comes in?

 Not for the window it's receiving, but for a previous window.

Unless you're Microsoft.

http://grotto11.com/blog/slash.html?+1039831658

This isn't to make this a MS-bashing thread.  More for information 
purposes that there are implementations out there that don't follow 
RFCs exactly, and there are some that practically throw them out the 
window.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73542t=73518
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: what are ip directed-broadcast and ip mroute-cache [7:73842]

[\\[EMAIL PROTECTED]\]

A quick explanation- please add on...

Mroute is for the multicast routing table...

Ip directed-boradcast allows a host to direct a physical broadcast to a
specific subnet it only effects broadcast medium...

-Original Message-
From: Iwan Hoogendoorn [mailto:[EMAIL PROTECTED] 
Sent: Sunday, August 10, 2003 9:25 AM
To: [EMAIL PROTECTED]
Subject: what are ip directed-broadcast and ip mroute-cache [7:73800]


Can someone explain me what this is for and what is does?


ip directed-broadcast
ip mroute-cache

Thank You 

Iwan 
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.


**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73842t=73842
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: cisco back to back cable [7:71992]

[[EMAIL PROTECTED]]

In dutch, to keep things easy.

Denk dat je eerst even de  zaken moet proberen.

controle kabel
checken met commando sh controller serial, zie je een interface type staan,
dus die dce/dte

sh interface serial x
Router# show interfaces serial 
Serial 0 is up, line protocol is up 
   Hardware is MCI Serial 
   Internet address is 131.136.190.203, subnet mask is 255.255.255.0 
   MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 
   Encapsulation HDLC, loopback not set, keepalive set (10 sec) 
   Last input 0:00:07, output 0:00:00, output hang never 
   Output queue 0/40, 0 drops; input queue 0/75, 0 drops 
   Five minute input rate 0 bits/sec, 0 packets/sec 
   Five minute output rate 0 bits/sec, 0 packets/sec 
   16263 packets input, 1347238 bytes, 0 no buffer 
   Received 13983 broadcasts, 0 runts, 0 giants 
   2 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 2 abort 
1 carrier transitions 
22146 packets output, 2383680 bytes, 0 underruns 
0 output errors, 0 collisions, 2 interface resets, 0 restarts check onderaan
dte/dce/rts/cts signalen moeten werken

configuratie
standaard configuratie
de ene is dce  (moet commando clockrate bv 64000 bij)  
ander is dte geen clockrate



Martijn


-Oorspronkelijk bericht-
Van: LINSEN Jurgen (BMB) [mailto:[EMAIL PROTECTED]
Verzonden: vrijdag 8 augustus 2003 9:37
Aan: [EMAIL PROTECTED]
Onderwerp: RE: cisco back to back cable [7:71992]


Sure you're using a cross cable?

-Original Message-
From: KW S [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 07, 2003 6:22 PM
To: [EMAIL PROTECTED]
Subject: cisco back to back cable [7:71992]


Dear All

I have a 2501 and 2505 and I am trying to set up a homelab..These 2
routers come with a cable which is a DB60(DTE) and the other end is a
DB60(DCE).This is wat that is label on the cable. Anyway, I try to
connect this cable to the serial interface of the 2 routers...and both
the routers are showing serial is down and line protocol is down.

I guess I have used the wrong cable...or maybe I have missed out
something.

Please comment..

Regards, kws
 DISCLAIMER 

This e-mail and any attachment thereto may contain information which is
confidential and/or protected by intellectual property rights and are
intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer.

Thank you for your cooperation.

For further information about Proximus mobile phone services please see our
website at http://www.proximus.be or refer to any Proximus agent.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73713t=71992
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: VPN Best Hardware to use? [7:73793]

[[EMAIL PROTECTED]]

Despite all hw issues, you really need to 
- describe the business req's first
- translate to technical req's

(you are talking 2000+ sites)

And you will see that you'll need more than one platform for de Remotes.

Dependig on your hierarchy concerning 
- messaging
- authentication
- client-server
- webapps 
- desktop/register maintenance/management
- security man

You will need to or may want to build an hierarchical design. Keep in mind
that differen platfroms use different (HQ) fail-over or 2nd ip techniques.

Martijn


-Oorspronkelijk bericht-
Van: Ryan Finnesey [mailto:[EMAIL PROTECTED]
Verzonden: zondag 10 augustus 2003 4:36
Aan: [EMAIL PROTECTED]
Onderwerp: VPN Best Hardware to use? [7:73793]


I need to setup VPNs to about 2000 sites.  Each site will have an IDSL line
installed that will be used to connect to monitor network devices and
servers.  Some of the remote networks will be using the same network block. 
I am looking to know what the best hardware to use on each end is.  On my
end, would it be better to use a PIX or a 3030?  On the remote end, I was
looking at a PIX 501, SOHO 91 or the 831?


Thank you


Ryan
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73862t=73793
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

New Remote Access exam 642-821 vs the old current exam BCRAN [7:73592]

[[EMAIL PROTECTED]]

 Hello All,
 
 Has anybody taken the Beta Remote Access 642-821 exam?
 Does anybody know whether the new exams has X.25 and TACACS+ included in
 it as Cisco.com does not have it as one of the exam objectives listed.
 The new exam has VPN and DSL included.
 
 Pooven




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73592t=73592
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Want a spam-friendly mailbox? [7:73856]

[[EMAIL PROTECTED]]

Want a spam-friendly mailbox?

Call 1-480-946-1462 and leave your name, email address and phone number.

You may also click REPLY to this address and provide your full details.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73856t=73856
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Gigabit Ethernet Collisions [7:73555]

[[EMAIL PROTECTED]]

You have a setup you would like to share?

Martijn 


-Oorspronkelijk bericht-
Van: Neil Andersen [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 6 augustus 2003 2:06
Aan: [EMAIL PROTECTED]
Onderwerp: Re: Gigabit Ethernet  Collisions [7:73555]


This would be when you are using the Gigastack options?  Isn't normal
operation of Gigabit is FULL DUPLEX.  My thoughts were that collisions on
Gigabit were bug/hardware problems, not flow control, normal, or
representation of giants.

Neil
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73590t=73555
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Strange VPN problem [7:73641] OT:F funny [7:73722]

[[EMAIL PROTECTED]]

I mailed that! 

Only your explanation is superior.  ;-) 

When i have time, not studying for my lab, i study the English
language..  Say, getting dizzy over the CC BGP guide

(that should be during my sleep though, like very wannabee, I have not seen
a normal book in a while)

Martijn 


-Oorspronkelijk bericht-
Van: Reimer, Fred [mailto:[EMAIL PROTECTED]
Verzonden: donderdag 7 augustus 2003 15:33
Aan: [EMAIL PROTECTED]
Onderwerp: RE: Strange VPN problem [7:73641]


Does anyone read the manuals around here???

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/secu
r_r/sec_c2g.htm#1070272

You probably have your IKE proposal in your concentrator set for XAUTH, and
you don't have your router setup for that.  You can configure your router as
the reference manual says, or you }may{ be able to add in a new or modify an
existing IKE policy under Configuration | System | Tunneling Protocols |
IPSec | IKE Proposals so that the Authentication mode is not one that has
(XAUTH) at the end of it.  Probably Preshared Keys would be the one you
want.  If you create a new one (recommended) they you would have to change
the IKE policy used for your SA under Configuration | Policy Management |
Traffic Management | SAs.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: suaveguru [mailto:[EMAIL PROTECTED] 
Sent: Thursday, August 07, 2003 1:08 AM
To: [EMAIL PROTECTED]
Subject: Strange VPN problem [7:73641]

hi all, 

I am trying to setup a easy VPN solution for a cisco
837 to a cisco VPN concentrator 3005 using network
extension mode but I keep getting this error msg Aug 
7 13:08:16.571: EZVPN(mendelvpn): Pending XAuth
Request, Please enter the following command:
Aug  7 13:08:16.571: EZVPN: crypto ipsec client ezvpn
xauth

Any form of input will be appreciated 

suaveguru

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73722t=73722
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73953]

[[EMAIL PROTECTED]]

Since you don't have any access to the ATM switch on the exam it follows
that you don't need to know how to configure it.  There are things such
as ILMI/QSAAL with auto pvc discovery that may not function the same on
a point to point link versus having a switch in the middle.  Just a
thought.


Ian
http://www.ccie4u.com
Rack Rentals and Lab Scenarios starting at $20


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 12, 2003 1:36 PM
To: [EMAIL PROTECTED]
Subject: RE: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73612]

From what I have heard, you are not asked to configure ATM switches, so
back
to back connection would be ok.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73953t=73953
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73882]

[[EMAIL PROTECTED]]

Fred, I respect you. You are one of the top repliers at the moment, terms of
qual and freq. I am learning a lot from you, between work en heavy (i mean
heavy) cramming an typing for my coming lab. And I mean it. I get a laugh
out of your, Fred, (ccna) and answering ccie level qa!


More than one platform depending on req's MAYBE also deployment costs, EOL
(800 806-820's-830's series spinning like crazy, 501 here to stay, vpn hw
client okay.)

Please stop because we're fishing, we need facts.

RYAN,

Please give us a list of req's. 

When you design 10-20 sites you ask for a box.
When you design 2000 sites you design a total solution.

Management of 
- config, 
- change, 
- security, 
- availability, 
- performance and 
- capacity. 

I am sure I forgot one.
You catch my drift?
I am also curious about service offered, need front-end? back-end? DMZ's?
etc. 

Learnt as designer consultant etc that if you make a quicky of business
req's you'll pay afterwards, because it is not what customer had hoped
for

Trusted -untrusted client sites.

Martijn 

-Oorspronkelijk bericht-
Van: Reimer, Fred [mailto:[EMAIL PROTECTED]
Verzonden: maandag 11 augustus 2003 16:02
Aan: Jansen, M; [EMAIL PROTECTED]
Onderwerp: RE: VPN Best Hardware to use? [7:73793]


I would certainly hope that the remotes wouldn't use different platforms.  I
don't know the business model, but it sounds to me like it's some kind of
service offering or something.  Maybe they have a 2000 site Frame Relay
network used to offer a service or something, and they want to switch to
something more economical.  Instead of paying monthly circuit fees, pay a
one-time hardware cost (assuming they don't own the FR routers at the
customer end) and use the customer's Internet connection.  Why in the world
would you want different hardware at each customer site in that situation?
Standardize on one hardware platform, and build the cost of that hardware
into the business model...

If that's the case then the cost of a 3005 can be justified in a small
number of months, depending on your FR cost.  Certainly you would recoup
your cost and start making more money, due to less operating cost,
relatively quickly.

Now, if this is something else, like a company with 2000 offices throughout
the world, then I can see your point and you may end up with different
requirements.  But, that's not how it sounds so far.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 11, 2003 6:57 AM
To: [EMAIL PROTECTED]
Subject: RE: VPN Best Hardware to use? [7:73793]

Despite all hw issues, you really need to 
- describe the business req's first
- translate to technical req's

(you are talking 2000+ sites)

And you will see that you'll need more than one platform for de Remotes.

Dependig on your hierarchy concerning 
- messaging
- authentication
- client-server
- webapps 
- desktop/register maintenance/management
- security man

You will need to or may want to build an hierarchical design. Keep in mind
that differen platfroms use different (HQ) fail-over or 2nd ip techniques.

Martijn


-Oorspronkelijk bericht-
Van: Ryan Finnesey [mailto:[EMAIL PROTECTED]
Verzonden: zondag 10 augustus 2003 4:36
Aan: [EMAIL PROTECTED]
Onderwerp: VPN Best Hardware to use? [7:73793]


I need to setup VPNs to about 2000 sites.  Each site will have an IDSL line
installed that will be used to connect to monitor network devices and
servers.  Some of the remote networks will be using the same network block. 
I am looking to know what the best hardware to use on each end is.  On my
end, would it be better to use a PIX or a 3030?  On the remote end, I was
looking at a PIX 501, SOHO 91 or the 831?


Thank you


Ryan
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73882t=73882
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com