Re: Cisco Secure VPN 642-511 [7:73919]

2003-08-19 Thread Alex Lee 
Just received e-mail from Cisco that they would send me the INFOSEC letter
of recognition after I signed the Cisco Certification Agreement.

I am spending time on other interesting stuffs which is not Cisco and not
sure if I would sit for recert.



""Kevin Wigle""  wrote in message
news:[EMAIL PROTECTED]
>>
> >
> on the same page is an INFOSEC Professional link.  Cisco has been granted
> rights to award this cert.  It is NOT a Cisco cert.  Which is cool because
> once it is awarded there is no need to recertify, it is permanent.
>
> Which is opposite to everything Cisco does - especially CCSP - to recert
> CCSP you have to take all 5 exams again.  Hopefully by the time people get
3
> years in CCSP Cisco will have a single recert exam like they do for
> CCIE/CCDP/CCNP
>
> I might do the security exams once to get the INFOSEC cert and then forget
> the recert on the Cisco stuff.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74180&t=73919
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re:Information Systems Security (INFOSEC) Professional [7:73514]

2003-08-09 Thread Alex Lee 
I received a e-mail from Cisco on July 1, 2003 about a new cert. :

On July 1, 2003, candidates in the Cisco Career Certifications Tracking
System who meet the above requirements will be recognized as an Information
Systems Security (INFOSEC) Professional and will receive a letter of
recognition from Cisco.
++

Has anyone received this said letter of recognition from Cisco yet ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73514&t=73514
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Re:Information Systems Security (INFOSEC) Professi [7:73606]

2003-08-06 Thread Alex Lee 
""Alan Ho""  wrote in message
news:[EMAIL PROTECTED]
> No. What are the "above requirements"?
>
> Thanks
>
> Alan
>

Content of e-mail from Cisco:-
+
Cisco Security Training Leads to Information Systems Security (INFOSEC)
Professional Certificate
In April 2003, the National Security Agency (NSA) and the Committee on
National Security Systems (CNSS) awarded Cisco formal certification
recognizing that Cisco security courseware meets the 4011 training standard.
This standard is intended for Information Systems Security (INFOSEC)
Professionals responsible for the security oversight or management of
critical networks. This formal NSA and CNSS certification gives Cisco the
authority to recognize those candidates who have demonstrated that they have
met this training standard.

To be eligible for the INFOSEC Professional certificate, candidates must be
CCNA certified and pass these security exams:

  a.. SECUR-Securing Cisco IOS Networks (or MCNS)
  b.. CSPFA-Cisco Secure PIX Firewall Advanced
  c.. CSVPN-Cisco Secure Virtual Private Networks
  d.. CSIDS-Cisco Secure Intrusion Detection System (or IDSPM)
This certificate indicates confidence in the competency of your skills. The
4011 standard for INFOSEC Professionals applies to all U.S. Government
departments and agencies, as well as to its contractors. Therefore, this
certificate will help you meet current or future Federal employment
requirements. In environments where these requirements do not apply, you can
use this certificate to demonstrate that you possess the knowledge and
skills needed to oversee and protect critical information infrastructures
and networks.

On July 1, 2003, candidates in the Cisco Career Certifications Tracking
System who meet the above requirements will be recognized as an Information
Systems Security (INFOSEC) Professional and will receive a letter of
recognition from Cisco. Candidates who partially meet these requirements can
track their progress using the online tracking system as with all Cisco
certifications at www.cisco.com/go/certifications/login. To learn more about
this and other training standards set forth by the CNSS, go to
www.nstissc.gov. Additional information about this INFOSEC certificate can
be found on the Certifications Online Support page at
www.cisco.com/go/certsupport.

+++

Alex Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73606&t=73606
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: History of the PIX Firewall [7:62512]

2003-02-05 Thread Alex Lee 
Cool.

""Richard Deal""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62540&t=62512
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Friday Follies On Wednesday - what's the problem? [7:55218]

2002-10-09 Thread Alex Lee 

I guess you suddenly remembered that this company must be the one which has
filed bankruptcy and has let all their BGP gurus to greener pastures.

""The Long and Winding Road""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Saw this one today. It caused me to scratch my head in puzzlement for a
> moment, until I remembered something.
>
> Today's puzzle - why was I scratching my head in puzzlement, and what was
it
> I remembered?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55221&t=55218
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: slightly OT: Pingflood [7:54334]

2002-09-27 Thread Alex Lee 

This is man ping under OBSD 3.2 -stable, i386 arch

+++
 -f  Flood ping.  Outputs packets as fast as they come back or one
 hundred times per second, whichever is more.  For every
 ECHO_REQUEST sent a period ``.'' is printed, while for every
 ECHO_REPLY received a backspace is printed.  This provides a
 rapid display of how many packets are being dropped.  Only the
 superuser may use this option.  This can be very hard on a net-
 work and should be used with caution.


OBSD can be downloaded from www.openbsd.org


""sam sneed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Does anyone know where I can get a copy of this or something similiar for
> Linux. I found a windoze version but I need linux or UNIX.
> My ping versions of linux and SunOS do not have the -f option. The only
> version of pingflood I found on google is crap, the source code reads:




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54348&t=54334
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PPPoE on Cisco 2500 [7:54139]

2002-09-26 Thread Alex Lee 

Rahul,

I looked at the features listed for this ios image at the feature navigator
also but could not find anything which says 'pppoe client'. Have I missed
anything ? Thanks.

Alex Lee


""Rahul Kachalia""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Yes it does.
>
> thanks,
> rahul.
> lab#
> lab#s ver
> Cisco Internetwork Operating System Software
> IOS (tm) 2500 Software (C2500-IS-L), Version 12.2(8)T,  RELEASE SOFTWARE
> (fc2)
> TAC Support: http://www.cisco.com/tac
> Copyright (c) 1986-2002 by cisco Systems, Inc.
> Compiled Wed 13-Feb-02 21:11 by ccai
> Image text-base: 0x0306DA78, data-base: 0x1000
>
> ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE
> SOFTWARE
> (fc1)
> BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1,
> PLATFORM SP
> ECIFIC RELEASE SOFTWARE (fc1)
>
> lab uptime is 18 weeks, 5 days, 4 hours, 50 minutes
> System returned to ROM by reload
> System image file is "flash:c2500-is-l.122-8.T"
>
> cisco AS2511-RJ (68030) processor (revision K) with 14336K/2048K bytes of
> memory
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54250&t=54139
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSIDS, self-study CD ROM [7:50287]

2002-07-31 Thread Alex Lee 

Has anyone used this self-study tool (TRNG-800237, CSIDS 2.1) ?

Does it help in getting familiar with the CSPM's GUI interfaces if one does
not have hand-on experience in config 4200 series sensors and CSPM ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50287&t=50287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Priscilla [7:50077]

2002-07-30 Thread Alex Lee 

I bought a copy a minute ago.

Alex Lee

""Priscilla Oppenheimer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> My new book has a troubleshooting focus. It will help people pass the
> Support Exam. It's called Troubleshooting Campus Networks. It's shipping
> finally! There's more info here:
>
> http://www.troubleshootingnetworks.com/
>
> Thanks for asking! ;-)
>
> Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50106&t=50077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CA , FQDN [7:48032]

2002-07-03 Thread Alex Lee 

If an entity does not have a registered domain name and has no desire to get
one, how would one configure a router's FQDN for CA support assuming using
in-house CA server.

Can I do this :-

hostname  whatever_host_name
ip domain-name whatever_domain_name.foo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48032&t=48032
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco VPN client and NAT [7:47430]

2002-06-26 Thread Alex Lee 

So how does the Linksys or cisco 800 handles the IPSec thru PAT then ?
Thanks.

 Alex Lee

""Lidiya White""  wrote in message
news:[EMAIL PROTECTED]...
> PIX doesn't support IPSec transparency/IPSec over TCP. Concentrators do.
> It all depends on the device that is between your client and PIX, that
> is doing PAT.
> IPSec uses ESP protocol, that doesn't have ports, so how can you perform
> PAT (port address translation) for a protocol that doesn't understand
> port concept?
> Some routers can pass IPSec through the PAT (like Linksys, Cisco 800).
> So if the router/device that is doing PAT is IPSec aware, then you
> should be able to pass IPSec through. If not, then you have to make sure
> that one-to-one address translation happens for your VPN clients, not
> one-to-many (PAT)...
> Hope this helps...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47476&t=47430
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-25 Thread Alex Lee 

It is still there. Make sure you select 'show all topics'.


""John Kaberna""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> It used to be up on securityie.com but it got taken down.  I would rather
> not post it here.  Email me off list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47428&t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: remote router IOS upgrade best practice [7:47283]

2002-06-24 Thread Alex Lee 

Hi group,

I am trying to get info from the Groupstudy mail list archive as I remember
this was posted several times before. It seems that the archive is having
problem, gives me error message 'Glimpse Index Not found'. Can anyone offer
some insight ?

I have two 1720, each in a different subnet. One router had two 'memory
allocation error' problem in two months. Both times required power-cycle the
router. Opened a TAC case but could not find any memory hardware issue.  The
two 1720 are linked by a fractional frame-relay with an ISDN BRI dial
backup. TAC said there could be IOS bug related to ISDN BRI, recommended us
to upgrade from 12.1.1 to 12.1.15.
Anyone has similar problem ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47283&t=47283
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: static route for port 21 [7:45682]

2002-06-04 Thread Alex Lee 

Yes, I do remember seeing that thread when I first joined the group. Just
can't find it now.

""Daniel Cotts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Time to restart the blueberry thread.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45759&t=45682
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN Client failing to connect to PIX using rsa-sig [7:45371]

2002-05-29 Thread Alex Lee 

Can you share your insight ? Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45371&t=45371
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SYSLOG time stamp problem [7:44949]

2002-05-24 Thread Alex Lee 

My take is that the time stamp is correct but it is using UTC time which is
4 hour ahead of U.S. East Coast's Day Light Saving Time.

""Jeffrey Reed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I set up a syslog server and have a problem with the time stamp in a sys
log
> message. When a message is sent to my syslog server (using solar winds
> syslog monitor) the date/time field is correct, but the time stamp with
the
> message itself is not, its 4 hours ahead. I show calendar and clock on the
> 6500 MSFC and they are both set correctly. I have the system set up for
EST
> and daylight savings, so I think the syslog facility is not factoring in
> those settings.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44950&t=44949
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Wireless LAN for Home [7:44234]

2002-05-14 Thread Alex Lee 

Any recommendation on PCI type cards ?


""Roberts, Larry""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I use the BEFW11S4 and the Orinoco silver/gold cards. I have a couple of
the
> aironet cards on order for testing, but I can say that the WPC11 (
linksys )
> Card is something that you DON'T want. My range was doubled just by
changing
> cards.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44260&t=44234
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN client Cisco Concentrator 3030 [7:43675]

2002-05-09 Thread Alex Lee 

Great info.
You mentioned that the tweaking will work if one installed Cisco VPN client
before installing EnterNet. Does it mean that one will be have to un-install
the EnterNet PPPoE client if it was installed before the Cisco VPN client ?

""Elijah Savage""  wrote in message
news:[EMAIL PROTECTED]...
> This is not in refernce to certification but this is great information for
> our field. My company is rolling out a load balancing cisco vpn solution
> for our company using 3030 concentrators.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43767&t=43675
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 [7:43405]

2002-05-06 Thread Alex Lee 

Try this one http://www.securityie.com/


""Brian Zeitz""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I started a yahoo group called CSS1 if anyone is interested. Currently
> it has 1 member, me :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43406&t=43405
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: US Robotics modem to Cisco 2514 [7:41894]

2002-04-18 Thread Alex Lee 

This is what I have used for a 2501. The Sportster modem has original dip
switch setting of 3,5,8 down all others up.

line aux 0
login local
password password
modem inout
modem autoconfigure type usr_sportster
transport input all
flowcontrol hardware
stopbits 1
speed 38400




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41908&t=41894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: APC MasterSwitch AP2911 [7:41137]

2002-04-10 Thread Alex Lee 

I am access my home lab c2509rj from outside. Is there a way to control the
AP2911 with reverse telnet using 2509rj

If not, then can someone share his experience of how to remote access the
AP2911. Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41137&t=41137
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP helper-address, domain browsing & N [7:36089]

2002-02-22 Thread Alex Lee 

I am going to venture a guess :-

According to MS NT's static ports assignment, TCP: 42 is for WINS
replication, perhaps by changing this statetment from
ip nat inside source static 10.0.3.40 xxx.xxx.xxx.156 extendable
  to
ip nat inside source static 10.0.3.40 42 xxx.xxx.xxx.156 42 extendable
may solve the problem.

However, according to MS two other ports are also used in WINS functions:
TCP:135 for WINS Manager and TCP:137 for WINS Registration.

Interest to know if this helps.


""Kurdziel Peter""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Does anyone know of any issues using the IP helper-address and domain
> browsing while using NAT?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36220&t=36089
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Access-list [7:35464]

2002-02-14 Thread Alex Lee 

Can someone please advise me what is the difference, if there is any,
between these two :-
(a) access-list 100 deny ip 10.0.0.0  0.255.255.255  255.0.0.0
0.255.255.255
(b) access-list 100 deny ip 10.0.0.0  0.255.255.255  any

I came across (a) from
http://www.ietf.org/internet-drafts/draft-manning-dsua-07.txt

I cannot find anything from the Cisco website.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35464&t=35464
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT : Tacacs+ / Linux [7:32661]

2002-01-21 Thread Alex Lee 

Thanks Brian. I am going to do some reading and see if I could handle this
'beast'.


""Brian Dennis""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Alex,
> Use "ps -e | grep tac_plus" or you could use "/etc/init.d/tac_plus status"
> to
> see it is running.
>
> [root@bart /root]# /etc/init.d/tac_plus status
> tac_plus (pid 741) is running...
> [root@bart /root]# ps -e | grep tac_plus
>   741 ?00:00:00 tac_plus
> [root@bart /root]#
>
> To "stop", "start", or "restart" TACACS+ just su to root and type
> "/etc/init.d/tac_plus ".
>
> The config file for tac_plus is /etc/tacacs/tac_plus.cfg. If you need any
> help with the TACACS+ config file just let me know. Also make sure that
you
> have an alternate why to get into the router if TACACS+ authentication
fails
> and if the router can't communicate with the TACACS+ server.
>
> Good Luck and Enjoy!
>
> Brian Dennis, CCIE #2210 (R&S)(ISP/Dial)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32683&t=32661
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT : Tacacs+ / Linux [7:32661]

2002-01-21 Thread Alex Lee 

Thanks for the info.

Alex Lee


""Stefan Dozier""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Here's a couple of links I used to get Tacacs+ up and running
> on a Redhat v7.2 box.
>
> http://stiwww.epfl.ch/tacacs/u_g_F404.html
>
> Link on CCO
>
> http://www.cisco.com/warp/public/480/tacplus.shtml
>
> Also be advised that since it appears you installed using the .rpm
> file, it probably installed a copy of the User's Guide on your system,
> although that file might be an older version. On Redhat 7.2 it's in the
> "usr/share/doc/tac_plus-F4.0.3.alpha" directory!
>
> HTH
>
> Stefan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32682&t=32661
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT : Tacacs+ / Linux [7:32661]

2002-01-20 Thread Alex Lee 

A newbie question regarding Tacacs+ on Linux box for home lab.

I download the Tacacs+ v.9 from http://www.gazi.ed.tr/tacacs.

Installed it successfully (I believe) as per instruction from the site,
since I got a output of :
tac_plus-F4.0.3.alpha-9
when I issue a query : rpm -q tac_plus

How can I tell if Tacacs+ is up and running even before I configure a router
to test it ? Is Tacacs+ running as a service (daemon) whenever the Linux box
boots up ? I cannot get answer after reading the docs from the same site.

Can any group member point me to some resources concerning running Tacacs+
on Linux ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32661&t=32661
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 4500 flash upgrade problem [7:31042]

2002-01-05 Thread Alex Lee 

Hi all,

I tried to install two new 8MB flash to my 4500 router. When the router
booted up, observed following error message :

% Invalid chip id 0x detected in System flash.
   Setting System flash access to READ-ONLY.

Other than that the router was able to boot to 'router (boot) >' prompt.

I entered 'copy tftp flash' command, got following message:

Address or name of remote host [192.168.0.10]?
Name of file to copy? c4500-a3js56i-mz_121-9.bin
Copy c4500-a3js56i-mz_121-9.bin from 192.168.0.10? [confirm]
Checking for file 'c4500-a3js56i-mz_121-9.bin' on 192.168.0.10... [OK]
dev_iopen: System flash not writable.


- Was this because of wrong type of  flash ?
- How can I change the flash to 'Writable' ?

Thanks in advance for any feedback.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31042&t=31042
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Autosense this ... (add to your knowledgebase) [7:30446]

2001-12-31 Thread Alex Lee 

He is one smart TAC and should get a year-end bonus. Perhaps our group
members can send recommendation to Cisco's management for his diligence.


""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Someone at Cisco was just telling me about a guy who came in from Korea to
> take the CCIE lab and during lunch, he called TAC on one of the problems.
> The TAC tech recognized the problem as a lab problem from his CCIE test,
> called down to the lab instructors to see if that person was taking the
lab,
> and sure enough he was.  He was busted and sent back home.  I don't agree
> with what he did, but I find it amusing none the less.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30579&t=30446
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Maximum flash for 4500 router [7:29475]

2001-12-18 Thread Alex Lee 

Can someone confirm the max. flash can be installed on a 4500 (not 4500M)
router.

I have looked at the Cisco's on-line documentation and my understanding is
that the 4500 (not 4500M) can only have 8 MB flash.

Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29475&t=29475
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: GroupStudy we have a problem.... [7:28901]

2001-12-12 Thread Alex Lee 

If monetary contribution would cause you more problem than otherwise,
perhaps some members from the group can sell you their companies' surplus
server for a dollar. It would be a totally legitimate business transaction.



""Paul Borghese""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey gang,
>
> Servers database became corrupt thus preventing messages from being sent
> out.  It has been fixed so if you do not see your posting, please resend.
I
> have shipped more memory to InFlow.  Lon has agreed to install it for us.
> This should help.   So by the way, the server will be down for a little
> while tomorrow :-)
>
> The truth is we desperately need some better equipment.  Currently we are
> using a server I built for $500 dollars two years ago.  I purchased a used
> Dell Server but need to upgrade the RAID array and a few other things
before
> putting it online.
>
> Take care,
>
> Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28938&t=28901
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCO CD's [7:27701]

2001-11-29 Thread Alex Lee 

It should be somewhere in the archives. Let me recap a group-member's
recommendation :-

Quote
open the 'search.ini' file under CiscoCD directory, locate this line

  Browser=C:\Program~1\intern~1\iexplorer.exe

change it to

 Browser=

then save on exit.
Unquote


""VoIP Guy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Here's question that I have never got answered.
>
> How in te world do I get those CCO CD's to work?  I always install them
and
> try to open up the page and get a blank page.   I can browse the CD and
get
> to the home page that way, but as soon as I click on a link, it looks
almost
> like it's encrypted.
>
> I have tried IE, netscape, installing all the apps on the CD.
> What am I doing wrong?
>
> Steve




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27727&t=27701
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: problem in router config ? [7:27288]

2001-11-26 Thread Alex Lee 

Quote
Message not compatible with call state

Message type
Remote equipment received an unexpected message that does not correspond to
the current state of the connection. This is usually due to a D-channel
error.
Unquote

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122de
bug/dbfisdn.htm

Perhaps you need to check this out with the telco assuming this is not a lab
situation.


""Anthony Toh""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have add in the ppp authenication chap command at both physical and
> logical interfaces.
>
> This is my output of debug q931 commnad :
>
> The message "Message not compatible" seems to be the problem, can anyone
> highlight me what does it mean ?
>
> 01:00:52: ISDN BR0/0: RX  on B1
>  at 64 Kb/
> 01:00:225504882236: %DIALER-6-BIND: Interface BRI0/0:1 bound to profile
> Dialer1
> 01:00:223338299392: ISDN BR0/0: TX ->  CALL_PROC pd = 8  callref = 0x9B
> 01:00:225504866764: Channel ID i = 0x89
> 01:00:52: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
> 01:00:52: %DIALER-6-UNBIND: Interface BRI0/0:1 unbound from profile
Dialer1
> 01:00:52: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 5554000
> 01:00:223338299392: ISDN BR0/0: TX ->  CONNECT pd = 8  callref = 0x9B
> 01:00:225504866764: Channel ID i = 0x89
> 01:00:223338299392: ISDN BR0/0: TX ->  DISCONNECT pd = 8  callref = 0x9B
> 01:00:225504866764: Cause i = 0x8090 - Normal call clearing
> 01:00:52: ISDN BR0/0: RX   STATUS pd = 8  callref = 0x9B
> 01:00:229799834060: Cause i = 0x80E5 - Message not compatible with
> call state or protocol error, threshold exceeded
>
> 01:00:227633266688: Call State i = 0x0B
> 01:00:53: ISDN BR0/0: RX   RELEASE_COMP pd = 8  callref = 0x9B
> 01:00:54: ISDN BR0/0: RX  on B1
>  at 64 Kb/s
> 01:00:234094816828: %DIALER-6-BIND: Interface BRI0/0:1 bound to profile
> Dialer1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27323&t=27288
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: problem in router config ? [7:27288]

2001-11-25 Thread Alex Lee 

Try add int BRI0 subcommand 'ppp authentication chap' in both routers. This
must be configured on both physical and logical interfaces.

""Anthony Toh""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,I am trying to configure two 2600 series routers to run in a Frame
Relay
> network with an ISDN dial line as backup operation.
> The Frame Relay configuration is working alright but the ISDN is not.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27290&t=27288
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 501 [7:27002]

2001-11-21 Thread Alex Lee 

I followed the link. The data sheet says :

Quote
Interfaces
Console Port: RS-232 (RJ-45) 9600 baud
Outside: Integrated 10BaseT port, half-duplex, RJ45
Inside: Integrated auto-sensing, auto-MDIX 4-port 10/100 switch, RJ45
Unquote

The way I interpret this is that this PIX basically has two interfaces :-
one outside (10BaseT port) and one inside but implemented as 4-port switch,
which means you can only have two segments and no DMZ. Please correct me if
I am wrong.



""Ole Drews Jensen""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you look here (watch for wordwrap)
>
> http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/px501_ds.htm
>
> You will see that it has 4 x 10/100 Mbps ethernet interfaces.
>
> This could be a newer model, but this one with 10 users and 3DES
encryption
> license, can be bought from new for $495.-
>
> Hth,
>
> Ole
>
> ~~~
>  Ole Drews Jensen
>  Systems Network Manager
>  CCNP, MCSE, MCP+I
>  RWR Enterprises, Inc.
>  [EMAIL PROTECTED]
> ~~~
>  http://www.RouterChief.com
> ~~~
>  NEED A JOB ???
>  http://www.oledrews.com/job
> ~~~
>
>
> -Original Message-
> From: David Tran [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 21, 2001 9:38 AM
> To: [EMAIL PROTECTED]
> Subject: Re: PIX 501 [7:27002]
>
>
> My take on the PIX501 is that it is similar to Cisco router 2501 in that
the
> hardware is
> FIXED.  It only has two interfaces.  If you want to add another segment to
> your network
> (i.e. DMZ) then you have no choice but to upgrade to either a 515 or
higher.
> Other than
> that, the PIX IOS code is the same through out the PIX Series (with the
> exception that for
> the 501 and 506 you don't have redundancy (fail-over support).
>
> - Original Message -
> From: "Alex Lee"
> To:
> Sent: Wednesday, November 21, 2001 9:57 AM
> Subject: Re: PIX 501 [7:27002]
>
>
> > Has anyone used this PIX yet ?
> >
> > There were some discussions about this topic 2 weeks(?) ago but none of
> the
> > participants to the discussion has had any actual hand-on experience
with
> > the PIX 501 at that time.
> >
> > I got a quote from our supplier for a new PIX DES bundle with 10 user
> > licence for less than $500.00.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27027&t=27002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 501 [7:27002]

2001-11-21 Thread Alex Lee 

Has anyone used this PIX yet ?

There were some discussions about this topic 2 weeks(?) ago but none of the
participants to the discussion has had any actual hand-on experience with
the PIX 501 at that time.

I got a quote from our supplier for a new PIX DES bundle with 10 user
licence for less than $500.00.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27002&t=27002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: browsing network with VPN [7:25679]

2001-11-08 Thread Alex Lee 

Check the 'Release Notes for Cisco VPN Client, Release 3.0'. There are
several open caveats which may be relevent, in particular CSCds65138 and
CSCdt23662.

Make sure,
(1) that the user uses domain user logon.
(2) your network's WIN server ip address appears on the ppp adaptor if it is
dialup VPN and the PC is running Win98.

""Plantier, Spencer""  wrote in message
news:[EMAIL PROTECTED]...
> We have VPN client 3.0 installed and we can get to the network fine but
> cannot browse the network. Any help would be appreciated.
>
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=25687&t=25679
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ospf point-to-multipoint [7:23655]

2001-10-26 Thread Alex Lee 

I did a test in my home lab with three routers. Two configured as OSPF
routers, the third one as frame-relay switch.

In every test I booted up the two OSPF routers, entered two debug commands
( debug ip packet detail, debug ip ospf adj)  then booted up the frame-relay
switch to obtain the debug output.

The deubg outputs show :-
(a) For Point-to-Multipoint network type (using the interface subcommand ip
ospf network point-to-multipoint)
- Hello packets were exchanged using multicast during the Init-state
- OSP packets were sent using unicast during the ExStart, Exchange and
Loading states
- after Full state, hello packets were sent using multicast
(b) For point-to-multipoint non-broadcast network type (using the interface
subcommand ip ospf network point-to-multipoint non-broadcast)
- Hello packets as well as other OSPF packets used unicast duirng Init,
ExStart, Echange and Loading states.
(c) Point-to-point network
- Hello packets as well as other OSPF packets used multicast during Init,
ExStart, Exchange and Loading states.

The debug outputs too long to post here but I can e-mail separately to
anyone who wants to look at them.



""Jim Bond""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> On Jeff Doyle's TCP/IP volume I, P417 it says
> point-to-multipoint is multicast; P433 it says it's
> unicast. Which one is correct?
>
> Thanks in advance.
>
> Jim
>
> __
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24232&t=23655
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ospf point-to-multipoint [7:23655]

2001-10-22 Thread Alex Lee 

Can you shed some light on what debug commands which could tell us whether
the packets are unicasted or multicast ?


""adam lee""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I guess the best way is to set up some routers in each environment and
look
> at some debugs.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23803&t=23655
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ospf point-to-multipoint [7:23655]

2001-10-22 Thread Alex Lee 

I posted similar question about three/four weeks ago. Got some answers but
still have doubt. Hope someone can shed some light on this question.

Section 9.5. of RFC 2328 :
Quote
On broadcast networks and physical point-to-point networks, Hello packets
are sent every HelloInterval seconds to the IP multicast address
AllSPFRouters. On virtual links, Hello packets are sent as unicasts
(addresses directly to the other end of the virtual link) every
HelloInterval seconds. On Point-to-Multipoint networks, separate Hello
packets are sent to each attached neighbor every HelloInterval seconds.
Unquote

The way I interpret the statement "On Point-to-Multipoint networks, separate
Hello packets are sent to each attached neighbor every HelloInterval
seconds" is that the Hello packets are unicasted.

The Cisco's IOS interface subcomment 'ip ospf network point-to-multipoint'
by default configures the network to 'broadcast'. But does that mean the
packets, Hello packets and others, are now multicasted as a result of the
interface subcomment 'ip ospf network point-to-multipoint' ? If this is the
case then this configured 'point-to-multipoint' network is no longer
conforming to RFC 2328 ?

I was looking at a Tech Notes paper from Cisco :
http://www.cisco.com/warp/public/104/20.html. This paper describs a way to
resolve the problem of OSPF routers cannot form adjacency on a PRI, BRI or
Dialer interface. This 'Tech Note' says the problem is due to the fact that
OSPF uses multicast packets for point-to-point network type and routers are
getting packets meant for other router.
Quote
According to RFC 2328 section 8.1, OSPF sends a multicast packet for a
point-to-point network type even after the interface achieves the 2-way
state. Since RTR-A is trying to form adjacencies with both RTR-B and RTR-C,
RTR-B receives DBD packets meant for RTR-C and RTR-C receives DBD packets
meant for RTR-B.
To solve this problem, change the network type on all routers to
point-to-multipoint. This changes the behavior of OSPF to send unicast
packet after the 2-way state. Now RTR-B receives only packets destined for
itself and RTR-C receives packets destined for itself. Changing the
network-type in this way ensures that the OSPF router will form adjacency on
a PRI, BRI, or dialer interface.
Unquote

The way I understand this Tech Note,  the interface subcomment 'ip ospf
network point-to-multipoint' does not change the way how OSPF packets are
sent - they are still unicasted.


What is the definitive answer to this question then ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23766&t=23655
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF packets, point-to-multipoint [7:20115]

2001-09-16 Thread Alex Lee 

Still do not understand,

Building Scalable Cisco Networks, CiscoPress, page 123
" However,bcause the point-to-multipoint mode treats the network as a
collection of point-to-point links, multicast hello packets discover
neighbors dynamically, and statically configuring neighbors is not
required."

Routing TCP/IP, Vol. 1, page 433
"On broadcast and point-to-point network types, hellos are multicast to
AllSPFRouters (224.0.0.5). On NBMA, point-to-multipoint, and virtual link
network types, hello are unicast to individual neighbors. The implication of
unicasting is that router must first learn of the existence of its neighbors
either through manual configuration or an underlying mechanism such as
Inverse ARP."

What have I missed ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20132&t=20115
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF packets, point-to-multipoint [7:20115]

2001-09-16 Thread Alex Lee 

Group,

Can someone help me to understand or point me to a link so that I can get a
definitive answer. Thanks.

Routing TCP/IP, Vol. 1, Jeff Doyle :
(a) Page # 417, 'Point-to-multipoint networks are a special configuration
.. because the network are seen as point-to-point links, OSPF packets
are multicast'.
(b) Page # 451, 'On point-to-multipoint and virtual link networks, updates
are unicasted to the interface addresses of adjacent neighbors'.
(c) Page # 561, 'The OSPF point-to-multipoint network type treats the
underlying as a collection of point-to-point links ..., and OSPF packets
are multicast to the neighbor.'




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20115&t=20115
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: All-In-One, Lab #43, BGP path selection [7:19182]

2001-09-09 Thread Alex Lee 

Group,

There is a 'passive-interface Serial0/0' subcommand under 'router ospf 64'
on both RouterB and RouterC. When I do a 'sh ip ospf  int s0', I can see
something like 'No Hellos  '.

Am I correct to assume that this 'passive-int serial0/0' is configured to
prevent RouterB and RouterC from sending Hello packets out of their
Serial0/0 interface to RouterA ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19182&t=19182
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: please clear my concept on frame-relay and ISDN [7:17649]

2001-08-29 Thread Alex Lee 

If the frame relay is working, a 'sh frame pvc' should show you that the you
have an active PVC :-

RouterA#sh frame pvc

PVC Statistics for interface Serial0 (Frame Relay DTE)

  Active Inactive  Deleted   Static
  Local 1000
  Switched   0000
  Unused  0000

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.1

  input pkts 5206147   output pkts 5297684  in bytes 1436207836
  out bytes 638236681  dropped pkts 73  in FECN pkts 0
  in BECN pkts 0   out FECN pkts 0  out BECN pkts 0
  in DE pkts 132082out DE pkts 0
  out bcast pkts 1911715out bcast bytes 152616993
  pvc create time 13w4d, last time pvc status changed 5d07h





"Susan Stone" wrote in message ...
>Hi.. Dear all,
>
>I don!&t understand this.  Hope u can clear my concept. I have a 1700
router
>in remote office(Milan) which is connected to a main router in London via a
>Frame-relay link in interface s0.1. My IT colleague (Milan) told me that
the
>frame-relay line was cancelled last week by ISP!&s mistake and the link has
>been running on ISDN since the 20th August.  Until now it is still in ISDN.
>
>Now I found that the Milan(remote) router is still connecting main router
>via the same interface s0.1.  When I type !'sh int s0.1!( shown below, it
>still show me that it is a frame-relay.
>1)How do I know whether it is on ISDN or not, what command?
>2)What is the difference between frame-relay line and lease line.   Can I
>say that previously the line is a frame-relay leased line and now it is a
>frame-relay ISDN line??
>3)How can they change the line into a ISDN using the same interface? I
>thought it should have a ISDN back up interface??  Can the ISP vendor
change
>the circuit to ISDN at their site without coming the Milan office?  Or the
>Remote(Milan) office change a ISDN!&s CSU/DSU and made it to a ISDN line?
>
>MILAN1>sh int s0.1
>Serial0.1 is up, line protocol is up
>  Hardware is PowerQUICC Serial
>  Description: --- Links to LON1, Ser1/0.12 ---
>  Internet address is 60.100.201.152/30
>  MTU 1500 bytes, BW 256 Kbit, DLY 2 usec,
> reliability 255/255, txload 1/255, rxload 1/255
>  Encapsulation FRAME-RELAY
>
>
>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17660&t=17649
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: J. Doyle's Routing TCP/IP, Vol. 1, OSPF [7:14952]

2001-08-05 Thread Alex Lee 

Group,

I am going thru' the OSPF section of this book and have a question :-
There is a Link ID of 192.168.30.8 appears on routers 'Goya' and 'Matisse'
ospf database, e.g. Figure 9.64 of page 525.
I cannot find this ip address on any of the routers used in the sample and
yet I can ping it from 'Goya' as well as from 'Matisse'.Traceroute is not
successful though.
Can someone shed some light ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14952&t=14952
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ios features [7:12945]

2001-07-19 Thread Alex Lee 

I think the link is :

www.cisco.com/cgi-bin/Support/FeatureNav/FN.pl


"Donald B Johnson jr" wrote in message
...
>Does anyone remember the link that allows you to search for a IOS version
>based on a feature, say DHCP.
>
>
>Don




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=12949&t=12945
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN Client features [7:11588]

2001-07-09 Thread Alex Lee 

I believe they are talking about VPN group management feature of PIX ver.
6.0. Take a look at this config sample:
http://www.cisco.com/warp/public/110/pix3000.html


""NetEng""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> According to cisco's website I can push out DNS and WINS addresses along
> with IP address assignment. What does that mean exactly (IP address
> assignment)? Is it like RAS where I get an internal address? Is any other
> company out there doing this (other than Cisco)? I'm looking for a VPN
> client solution that is idiot proof for our users. They get confused
> sometimes and don't deactivate the VPN connection (and can't log on to the
> network) when in the office. Any product out there that "looks and knows"
to
> automatically disconnect if on the local network? TIA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=11606&t=11588
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic: E-mail Spoofing/Spamming [7:11527]

2001-07-09 Thread Alex Lee 

Maybe this can give you some useful info on e-mail spam.

http://archives.groupcomputing.com//index.cfm?fuseaction=viewarticle&Content
ID=645


"Raul De La Garza" wrote in message
...
>List members,
>
>Does anyone have any experience guarding against e-mail spoofing and
>spamming?  I am interested in reading real world examples of victimized
>e-mail systems and what, if anything, was done to protect them by using
>either Cisco products or other products.  In particular, if you are using
>Lotus Domino Server 5 I would very much appreciate 'hearing' from you.
>
>Secondary question: Anyone out there use Cisco IDS?  If so, has it been
>effective against hackers and spammers?
>
>Regards,
>
>Raul De La Garza III, CCDA NNCSS CCNA MCSE CNE
>817.991.7889
>
>CCDP (after taking FRS 2.0 this week, hopefully!)
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=11564&t=11527
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN B Channel Disconnecting Cont... [7:10596]

2001-07-02 Thread Alex Lee 

If I read it correctly, it seems the command 'dialer load-threshold 1' will
not bring up addtional link anymore :-

Quote
When Multilink PPP is configured and you want a multilink bundle to be
connected indefinitely, use the dialer idle-timeout command to set a very
high idle timer. (The dialer load-threshold 1 command no longer keeps a
multilink bundle of n links connected indefinitely and the dialer
load-threshold 2 command no longer keeps a multilink bundle of two links
connected indefinitely.)
Unquote

http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/d
ial_c/dcprt2/dcppp.htm





"Sam Deckert" wrote in message ...
>Here is the debug isdn events output from when the 1700 disconnects:
>
>clarendon2-gw#
>04:14:10: ISDN BR0: Event: Hangup call to call id 0x801E
>04:14:10: ISDN BR0: process_disconnect(): call id 0x801E, call type is
DATA,
>b_idb 0x809D7DF8, ces 1, cause Normal call clearing(0x10)
>04:14:10: %ISDN-6-DISCONNECT: Interface BRI0:2  disconnected from
0353324231
>clarendon, call lasted 20 seconds
>04:14:49400989532: ISDN BR0: received HOST_DISCONNECT_ACK call_id 0x801E
>04:14:47244640256: ISDN BR0: HOST_DISCONNECT_ACK: call type is DATA
>04:14:47244640267: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down
>04:14:49398792589: ISDN BR0: received HOST_DISCONNECT_ACK call_id 0x801E
>04:14:47244640256: ISDN BR0: HOST_DISCONNECT_ACK: call type is DATA
>
>
>Here is the debug isdn events output from the 2611 side of things:
>05:12:32225367844: ISDN BR0/1: received HOST_DISCONNECT call_id 0x25
>05:12:30064771072: ISDN BR0/1: Event:  Call to  was hung up.
>05:12:32225367716: ISDN BR0/1: process_disc_ack(): call id 0x25, ces 1,
call
>type DATA
>05:12:30906921739: %ISDN-6-DISCONNECT: Interface BRI0/1:2  disconnected
from
>unknown , call lasted 20 seconds
>05:12:3871552: %LINK-3-UPDOWN: Interface BRI0/1:2, changed state to
down
>05:12:3862421: ISDN BR0/1: received HOST_DISCONNECT_ACK call_id 0x25
>05:12:30064771072: ISDN BR0/1: HOST_DISCONNECT_ACK: call type is DATA
>
>I am still working on it!  Thought it might be the fast-idle timer, so made
>it
>a large value, to no avail.
>
>Thanks again if anyone can help!
>
>Sam.
>
>
>- Original Message -
>From: Sam Deckert
>To: [EMAIL PROTECTED]
>Sent: Monday, July 02, 2001 3:09 PM
>Subject: ISDN B Channel Disconnecting
>
>
>Hello everyone,
>
>I am having a bit of an ISDN related problem at the moment and was
wondering
>if anyone is able to help.
>
>I am connecting two sites together via 128k isdn, with one site having a
2611
>and the other a 1700.
>
>I have the two sites permanently connected fine with the first B channel,
>however whenever I issue the "dialer load-threshold 1 either" command one
>each
>router to always have the 2nd B channel up, the second B channel connects
and
>remains connected for 20 seconds exactly before disconnecting.  The 1st B
>channel remains connected regardless.
>
>I have tried changing the idle-timeout values to no avail, and just cant
>figure it out.
>
>I guess it is probably something simple, but just cant work it out.
>
>Here is the BRI config of the 2611:
>
>username clarendon2-gw password 7 094E1B040D0210
>!
>hostname clarendon
>ip subnet-zero
>no ip finger
>!
>ipx routing 0030.854f.c9e0
>ipx gns-response-delay 1500
>isdn switch-type basic-net3
>!
>!
>interface BRI0/1
> ip unnumbered BRI0/0
> encapsulation ppp
> no ip mroute-cache
> dialer idle-timeout 200
> dialer enable-timeout 5
> dialer wait-for-carrier-time 15
> dialer map ip xxx.xxx.xxx.xxx name clarendon2-gw broadcast
> dialer map ipx FEEDBEEF.0002.1761.29dd name clarendon2-gw broadcast
> dialer load-threshold 1 either
> dialer-group 1
> ipx network FEEDBEEF
> no ipx route-cache
> ipx watchdog-spoof
> isdn switch-type basic-net3
> isdn calling-number 
> no fair-queue
> compress stac
> no cdp enable
> ppp authentication chap
> ppp multilink
>!
>dialer-list 1 protocol ip permit
>dialer-list 1 protocol ipx permit
>no cdp run
>
>
>Here is the config of the 1700:
>
>hostname clarendon2-gw
>!
>username clarendon password 7 011153094F0C01
>!
>!
>ipx routing 0002.1761.29dd
>ipx gns-response-delay 1500
>isdn switch-type basic-net3
>!
>interface BRI0
> ip unnumbered FastEthernet0
> encapsulation ppp
> dialer idle-timeout 200
> dialer map ip xxx.xxx.xxx.xxx name clarendon broadcast
> dialer load-threshold 1 either
> dialer-group 1
> ipx network FEEDBEEF
> no ipx route-cache
> ipx watchdog-spoof
> isdn switch-type basic-net3
> no fair-queue
> compress stac
> no cdp enable
> ppp authentication chap
> ppp multilink
>!
>ip classless
>no ip http server
>!
>dialer-list 1 protocol ip permit
>dialer-list 1 protocol ipx permit
>no cdp run
>!
>no scheduler allocate
>end
>
>
>What do you think???  Any advice, suggestions welcome and most appreciated!
>
>Thanks...
>
>Sam.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10647&t=10596
--
FAQ, list archives, and subscri

4500 vs 4500M [7:10278]

2001-06-28 Thread Alex Lee 

Group,

It is my understanding that the 4500M uses a different microprocessor and
perhaps some other system feature differences.

My question are :
Would IOS images listed for 4500M work also on 4500 if it meets the minmum
system requirement like flash and RAM size ? Or, if there is such a thing
that there are different images for 4500 and 4500M.

Also, is the flash interchangeable between 4500 and 4500M ?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10278&t=10278
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with configuring Cisco AUX port for call-back [7:7652]

2001-06-07 Thread Alex Lee 

I am using a Teltone line simulator so the phone no. is not real-life no.
and I am using a c2501 not 2610 but this should not matter.

The first part of the attachment is the direct output from the hyperterm
running on my laptop. As you can see the 2501 call me back, I login the
router and enter a 'sh config' command. The second part is the debug output
from the 2501.

The config I am using is not exactly the same as the sample I pointed to
you. I have been using several different variations based on the sample
config from the Cisco config cookbook. This one combining PPP and callback.

==


ats0=1
OK
atdt 101
CONNECT 9600/ECLC


User Access Verification

Username: austin-01
Password:
Callback initiated - line is disconnected
NO CARRIER

RING

CONNECT 9600/ECLC


User Access Verification

Username: austin-01
Password:
c2501>en
Password:
c2501#sh run
Building configuration...

Current configuration:
!
version 12.0
service exec-callback
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname c2501
!
enable password cisco
!
username admin password 0 samepass
username austin-01 callback-dialstring 102 password 0 samepass
username austin-02 callback-dialstring "" password 0 samepass
ip subnet-zero
chat-script mod ABORT ERROR ABORT BUSY "" "AT Z" OK "ATDT \T" TIMEOUT 30
CONNECT
 \c
chat-script offhook "" "ATH1" OK
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.0.0
 no ip directed-broadcast
!
interface Ethernet0
 ip address 10.1.1.7 255.255.255.0
 no ip directed-broadcast
!
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
interface Async1
 ip unnumbered Ethernet0
 no ip directed-broadcast
 encapsulation ppp
 dialer in-band
 async mode interactive
 ppp callback accept
 ppp authentication chap
!
ip classless
!
!
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
 autoselect during-login
 autoselect ppp
 script modem-off-hook offhook
 script callback mod
 login local
 modem InOut
 modem autoconfigure type usr_sportster
 transport input all
 stopbits 1
 speed 38400
 flowcontrol hardware
line vty 0 4
 login
!
end

c2501#




c2501#debug dialer events
Dial on demand events debugging is on
c2501#
00:27:48: CHAT1: Asserting DTR
00:27:48: CHAT1: Chat script offhook started
00:27:49: CHAT1: Chat script offhook finished, status = Success
00:27:49: CHAT1: Asserting DTR
00:27:49: CHAT1: Chat script mod started
00:28:08: CHAT1: Chat script mod finished, status = Success
00:30:13: CHAT1: Asserting DTR
00:30:13: CHAT1: Chat script offhook started
00:30:14: CHAT1: Chat script offhook finished, status = Success
00:30:14: CHAT1: Asserting DTR
00:30:14: CHAT1: Chat script mod started
00:30:33: CHAT1: Chat script mod finished, status = Success

==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7664&t=7652
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP on 2501 [7:7216]

2001-06-05 Thread Alex Lee 

My 2501 has 16 MB flash and 16MB RAM which should meet the min. system
requirement per CCO for IOS ver. 12.2.

The TFTP download was successful but the router could not re-boot. I had to
roll back to its original flash image. If I remember correctly the 25xx
series has a max. of 16 MB RAM.

Have you been successful in loading the 12.2 with 16MB flash and 16 MB RAM ?


""G30RG3""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Bob
>
> Using IOS 12.2 you can issue the command "ip address dhcp" at the
interface
> level and that should do the trick.
>
> George, Head Janitor, CCNA CCDA
> Cisco Systems
>
>
> ""Bob Edmonds""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I was wondering if it is possible for my 2501 to pick up an IP from a
DHCP
> > server that way I don't cause any problems.  Any help would be greatly
> > appreciated.  I searched cisco for some stuff on DHCP but after wading
> > through hundreds of their texts I have turned here to ask I know I'm
> > stupid : )  This should be simple right? : )
> >
> > Bob Edmonds
> > CCNA, Network+




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7232&t=7216
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with configuring Cisco AUX port for call-back [7:6834]

2001-06-01 Thread Alex Lee 

Take a look at this example. I have successfully tried it out in my lab.

http://www.cisco.com/warp/public/793/access_dial/execcall.html



"kevin jones" wrote in message ...
>I need help with this situation.
>
>I connect the cisco 2610 router AUX port to an External US Robotics
>Sporter 33.6kps modem for remote acess in case all else fail.  This
>Cisco router 2610 acts as an access server which I use to control other
>Cisco devices on the network.  I can connect to the
>router via dial-up from my laptop when my DSL connection goes down (I only
>use dial-up as the last resort).  I also TACACS authentication.  Everything
>is working fine so far.  Now I would like to achieve the following:
>
>I would like to implement the call-back capability on the router.  What it
>means is that let say that whenever I make a dial-up attempt to the router
>AUX port, the router will disconnect my connection and dial  back to my
>original number.  For example:
>
>1) Cisco router 2610 is connected to phone number (703) 637-7000,
>2) My laptop is connected to phone number (202) 637-1234,
>
>From my laptop, whenever I dial (703) 637-7000 from the number (202)
>637-1234, the router will hang-up and call-back number (202) 637-1234 and
>only to this number so that someone else, let say from (408) 222-1245 tries
>to make connection to the router, he/she will fail.
>
>This method is similar to Windows RAS with call-back capability.  I've been
>playing with this for the past few days (cisco router that is) without
>success.  Anyone in this group have done this before, I would love to get a
>sample configuration from you, or at least point me to the right direction.
>
>Many thanks.
>
>Kevin
>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6851&t=6834
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Uploading IOS on 2500 via AUI [7:6687]

2001-06-01 Thread Alex Lee 

Please elaborate what do you mean by 'For IOS file greater than 16M, you
can't use TFTP' ?


""Vincent Chong""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you use the following to upload the IOS into your router.
>
> TFTP, FTP, RCP.
>
> I do not see any problem.
>
> Note: For IOS file greater than 16M, you can't use TFTP.
>
> TIA
> Vincent
>
> ""Sean C.""   Hi Group,
> >
> > I'm uploading a new IOS on a 2509.  I've verified I have enough
Ram/Flash
> on
> > the 2509 for the new IOS.  I have to use the available memory pumping
the
> > new IOS on, so I'm going to have to squeeze the old IOS off before doing
> the
> > new upload.
> >
> > To do the upload, can I go through the AUI interface, via a transceiver,
> and
> > use a cross-over cable attached right to the Ethernet port on my PC
> > (assuming I use proper IP addresses)?
> >
> > I've done this a few times on 2600's (doing a cross-over between the
2600
> > Ether and my PC) but have never put a transceiver into the mix.
> >
> > TIA,
> > Sean C.
> >
> > CCNP, CCDP, MCSE
> > Email:  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6764&t=6687
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TR Int Errr [7:6112]

2001-05-28 Thread Alex Lee 

How about 'ring-speed 4' ?


"RamG" wrote in message ...
>Hello Gang - I am having problem bring up TR int.  Following is the output.
>
>R2502#show interface tokenring0
>TokenRing0 is initializing, line protocol is down
>  Hardware is TMS380, address is .30ba.4a52 (bia .30ba.4a52)
>  MTU 4464 bytes, BW 16000 Kbit, DLY 630 usec, rely 255/255, load 1/255
>  Encapsulation SNAP, loopback not set, keepalive set (10 sec)
>  ARP type: SNAP, ARP Timeout 04:00:00
>  Ring speed: 16 Mbps
>  Duplex: half
>  Mode: Classic token ring station
>  Group Address: 0x, Functional Address: 0x0800
>  Ethernet Transit OUI: 0x00
>  Last input never, output never, output hang never
>  Last clearing of "show interface" counters never
>  Queueing strategy: fifo
>  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
>  5 minute input rate 0 bits/sec, 0 packets/sec
>  5 minute output rate 0 bits/sec, 0 packets/sec
> 0 packets input, 0 bytes, 0 no buffer
> Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
> 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
> 0 packets output, 0 bytes, 0 underruns
> 0 output errors, 0 collisions, 54 interface resets
> 0 output buffer failures, 0 output buffers swapped out
> 59 transitions
>
>R2502#show config
>Using 774 out of 32762 bytes
>!
>version 12.0
>service timestamps debug uptime
>service timestamps log uptime
>no service password-encryption
>service udp-small-servers
>service tcp-small-servers
>!
>hostname R2502
>!
>no logging console
>enable password ram
>!
>ip subnet-zero
>no ip domain-lookup
>!
>!
>!
>interface Serial0
> bandwidth 64
> no ip address
> no ip directed-broadcast
> encapsulation ppp
> no ip route-cache
> no ip mroute-cache
>!
>interface Serial1
> bandwidth 64
> ip address 10.1.5.1 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> no ip route-cache
> no ip mroute-cache
>!
>interface TokenRing0
> no ip address
> no ip directed-broadcast
> no ip route-cache
> no ip mroute-cache
> ring-speed 16
>!
>ip classless
>!
>!
>line con 0
> transport input none
>line aux 0
> transport input all
>line vty 0 4
> login
>!
>end
>
>Thanks  /  RamG
>FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6115&t=6112
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Software V6.0 [7:5969]

2001-05-25 Thread Alex Lee 

No more DES.

I was told by TAC that if you want to use VPN 3.0 client, your PIX must have
3 DES activated. A pre-sale told me that this costs $1,000.00 plus license
for VPN clients.

Can someone confirm this ?

Alex Lee


"Carroll Kong" wrote in message ...
>At 05:17 PM 5/25/01 -0400, Vijay Ramcharan wrote:
>>If anyone wasn't aware, V6.0 of the PIX software is now available.
>>And as I just found out, to use the VPN 3.0 client, "isakmp policy ?
>>group 2" must be used to enable successful authentication.
>>
>>Vijay Ramcharan
>
>Are you sure this is not user configurable?  Group 2 refers to the
>Diffie-Hellman group used.  I suppose unless they made it a standard to not
>allow you to use Group 1 (weaker), but sheesh, if they made that the
>requirement, how dare they let people use DES.
>
>
>
>-Carroll Kong
>FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5994&t=5969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: tftp PIX [7:5919]

2001-05-25 Thread Alex Lee 

How about 'file bh60.bin' instead of 'file bh60' ?


""Paul Holloway""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am stumped... I'm trying to tftp a newer ios into a PIX515 and keep
> getting the message "TFTP failed (return:-10 arg:0x1)". I have went
through
> all the correct steps, I believe, but must be missing something simple. Is
> there a certain way the file should be located on the TFTP server? Is
there
> a port that should be opened on the PIX that the documentation doesn't
> mention? Here's what I've done so far. (Copied from Hyperterminal ROM mode
> on PIX)
>
> Use BREAK or ESC to interrupt flash boot.
> Use SPACE to begin flash boot immediately.
> Flash boot interrupted.
> 0: i8255X @ PCI(bus:0 dev:13 irq:10)
> 1: i8255X @ PCI(bus:0 dev:14 irq:7 )
>
> Using 1: i82559 @ PCI(bus:0 dev:14 irq:7 ), MAC: 0005.328f.85c1
> Use ? for help.
> monitor> address 192.168.1.134
> address 192.168.1.134
> monitor> server 192.168.1.132
> server 192.168.1.132
> monitor> file bh60
> file bh60
> monitor> ping 192.168.1.132
> Sending 5, 100-byte 0x358e ICMP Echoes to 192.168.1.132, timeout is 4
> seconds:
> !
> Success rate is 100 percent (5/5)
> monitor> tftp
> tftp [EMAIL PROTECTED]
> TFTP failed (return:-10 arg:0x1)
>
> Any help would be appreciated!!
>
> Paul
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5930&t=5919
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC address of interfaces in PIX 515R [7:5544]

2001-05-23 Thread Alex Lee 

How about 'sh int e0' ?


""Sean Graham""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi, I am in the process of setting up a PIX515 for use with a cable modem.
> The provider DHCP's the address to the clients. I want to use the PIX to
> connect to the modem but the ISP secure the DHCP request by MAC address of
> the interface. I have to inform them what it is before it will lease the
new
> IP address. What is the easiest way to find out the MAC address of the
> Ethernet interfaces in the PIX. I can't see an obvious command.
>
> Many thanks,
>
> Sean
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5558&t=5544
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PPP async dial-in [7:3943]

2001-05-09 Thread Alex Lee 

After I config a local address pool range using 'ip local pool' and 'peer
default ip address pool' command, what additional config is needed on the
access router so that the dial-in client acquires the correct subnet mask ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3943&t=3943
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: AUX port for dial out??? [7:2077]

2001-04-26 Thread Alex Lee 


""Bob Edmonds""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just a quick question...  Is it possible to configure the AUX port on a
2501
> to dial out?  Possibly configure DDR on it?  Just wondering!  Any help
would
> be greatly appreciated...
>
> Bob
> CCNA
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2079&t=2077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix 6.0 debut? Anyone know when? Thanks [7:1780]

2001-04-25 Thread Alex Lee 

I was told yesterday by TAC that it would be second week of May.


""Dropped Packet""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1869&t=1780
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BOOT-2500= bios [7:1412]

2001-04-20 Thread Alex Lee 

Use the contact phone no. on their website. You need to talk to pre-sale
first then you'll be transfer to sales to the order. The boot-2500= is free
but the way Cisco handles it, they still consider it as a sale.


""RamG""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I will be getting couple of 8MB flash {3rd Party}.  As per seller
BOOT-2500
> bios will be needed to recognize the flash upgrade.  I heard Cisco
provides
> this item for free but have to pay shipping charge. I am unable to find
the
> link at Cisco site.  Does any one has the link.
>
> Thanks  /  RamG
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1414&t=1412
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BRI interface configuration [7:212]

2001-04-11 Thread Alex Lee 

Group,

Sorry to bring this question up again but I can't get good explantion from
couple of books and on the CCO.

My question is : When do I need to config 'no keepalive' on a BRI0 interface
and when I do not need to ? Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=212&t=212
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: No keepalive

2001-04-09 Thread Alex Lee 

Can someone let me know the reason to config 'no keepalive' on a BRI
interface ? Thanks.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help please

2001-04-06 Thread Alex Lee 

Go to Compaq's website to download the correct video driver for your laptop.


"Issaya Ernest" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I've a notebook PC Compaq armada 1560. After
> reformating and reintalling windows 95, my notebook
> display has been reduced to half the screen size How
> can I make the screen full as was before.
>  Any help will be appreciated.
>
> __
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Loopback interface IP address

2001-04-05 Thread Alex Lee 

Group,

I was looking at some documents at CCO, and noticed that sometimes their
examples use /32 IP address like :

interface loopback 0
ip address 172.16.254.3  255.255.255.255

Can someone help me to understand reason behind in using this type of
address in the configuration ?
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 508-CS versus 2509/2511

2001-03-29 Thread Alex Lee 

What is considered a good IOS version for c2509rj ?


""EA Louie"" <[EMAIL PROTECTED]> wrote in message
99un8a$hek$[EMAIL PROTECTED]">news:99un8a$hek$[EMAIL PROTECTED]...
> hmmm... if you have access to the 508-CS, it's old, but if its running
9.21
> then many of the minimal features of the 2509/11 are available.  know the
> other line commands that go with the newer 12.0 IOS, though, because you
may
> need them in the lab  ;-)
>
> -e-
>
> Ken W. Alger <[EMAIL PROTECTED]> wrote in message
> 99ufk5$1jh$[EMAIL PROTECTED]">news:99ufk5$1jh$[EMAIL PROTECTED]...
> > For a CCNP/CCIE lab, is a 508-CS sufficient to act as a terminal server
or
> > is it better to go for the 2509/11?
> >
> > Thanks,
> > Ken
> >
> >
> > _
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: can't ping the internet through pix

2001-03-23 Thread Alex Lee 

Brent,

I don't know whether your PIX problem is same as ours. But this is what is
happening to us ..

We have a PIX 515. Our PCs, printers, etc, all uses static public IP
addresses. Once in a while, one of our PC users cannot point his internet
browser to any URL, nor can he ping anything outside our subnet. The PC can
be running Win 98, Win NT or Win 95. We work around this problem so far by
changing the PC's ip address to another ip address. On some PCs we don't
even need a re-boot and the computer can go out to internet with no problem.
After a day or so, we change it back to its original ip address and it works
with no problem. We have opened at least three cases with TAC and have
upgraded our PIX software version two times but still cannot find a
permanent fix. I posted our problem to the group a couple of days ago.

If you are using static ip address on your PC maybe you can try to change to
another un-used ip address, or release the current ip address to acquired a
new one if you are using DHCP and see if it works.

Alex Lee



""Brent Ulfig"" <[EMAIL PROTECTED]> wrote in message
99g29m$jj7$[EMAIL PROTECTED]">news:99g29m$jj7$[EMAIL PROTECTED]...
> nope
>
>
> ""Alex Lee"" <[EMAIL PROTECTED]> wrote in message
> 99g1pq$gfe$[EMAIL PROTECTED]">news:99g1pq$gfe$[EMAIL PROTECTED]...
> > Are you able to point your web browser to any URL ?
> >
> > Alex Lee
> >
> >
> > ""Brent Ulfig"" <[EMAIL PROTECTED]> wrote in message
> > 99fuhb$tig$[EMAIL PROTECTED]">news:99fuhb$tig$[EMAIL PROTECTED]...
> > > As i mentioned below
> > >
> > > > I've also used the  conduit permit icmp any any
> > > > command so that i can ping in and out of the firewall...
> > >
> > > The tricky part is...i can ping from the internal network 192.168.1.x
to
> > the
> > > router (which is through the firewall)...i can't ping anything past
the
> > > router...
> > >
> > >
> > >
> > >
> > > ""Aidan Manning"" <[EMAIL PROTECTED]> wrote in message
> > > 99ftm7$og7$[EMAIL PROTECTED]">news:99ftm7$og7$[EMAIL PROTECTED]...
> > > > Is there firewall software running?
> > > > If so have you rules that are disabling ICMP?
> > > >
> > > > ""Brent Ulfig"" <[EMAIL PROTECTED]> wrote in message
> > > > 99fq63$5no$[EMAIL PROTECTED]">news:99fq63$5no$[EMAIL PROTECTED]...
> > > > > I've got an unusual problem with my PIX 515.
> > > > >
> > > > > I've configured the inside interface correctly, and can ping hosts
> on
> > > the
> > > > > internal network.  I've configured the outside interface correctly
> (as
> > > far
> > > > > as ip addresses go) and can ping anywhere on the internet.
> > > > >
> > > > > I've configured the router (to the internet) as the default route
of
> > the
> > > > > pix...and the pix as the default gateway of the hosts on the
> internal
> > > > > network.
> > > > >
> > > > > I've also used the  conduit permit icmp any any
> > > > > command so that i can ping in and out of the firewall...
> > > > >
> > > > > When I try to ping anywhere on the internet from the firewall it
> > > > > works...also when i try to ping the internal network it works...
> > > > >
> > > > > When i try to ping the pix from a host it works...when i try to
ping
> > the
> > > > > router (to the internet) from a host it works...(meaning it goes
> > through
> > > > the
> > > > > pix to the router fine)
> > > > >
> > > > > however, when i try to ping anywhere on the internet (including
the
> > next
> > > > hop
> > > > > from the router) it doesn't work...i can't get passed the
> router...it
> > > just
> > > > > dead ends there...
> > > > >
> > > > > i checked to make sure that the subnet mask on the pix is
> right...and
> > > its
> > > > > fine...
> > > > >
> > > > > any ideas?
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Brent
> > > > > CCNP, CCDA, MCSE, MCP+I, etc.
> > > > >
> > > > >
> > > > > ___

Re: can't ping the internet through pix

2001-03-23 Thread Alex Lee 

Are you able to point your web browser to any URL ?

Alex Lee


""Brent Ulfig"" <[EMAIL PROTECTED]> wrote in message
99fuhb$tig$[EMAIL PROTECTED]">news:99fuhb$tig$[EMAIL PROTECTED]...
> As i mentioned below
>
> > I've also used the  conduit permit icmp any any
> > command so that i can ping in and out of the firewall...
>
> The tricky part is...i can ping from the internal network 192.168.1.x to
the
> router (which is through the firewall)...i can't ping anything past the
> router...
>
>
>
>
> ""Aidan Manning"" <[EMAIL PROTECTED]> wrote in message
> 99ftm7$og7$[EMAIL PROTECTED]">news:99ftm7$og7$[EMAIL PROTECTED]...
> > Is there firewall software running?
> > If so have you rules that are disabling ICMP?
> >
> > ""Brent Ulfig"" <[EMAIL PROTECTED]> wrote in message
> > 99fq63$5no$[EMAIL PROTECTED]">news:99fq63$5no$[EMAIL PROTECTED]...
> > > I've got an unusual problem with my PIX 515.
> > >
> > > I've configured the inside interface correctly, and can ping hosts on
> the
> > > internal network.  I've configured the outside interface correctly (as
> far
> > > as ip addresses go) and can ping anywhere on the internet.
> > >
> > > I've configured the router (to the internet) as the default route of
the
> > > pix...and the pix as the default gateway of the hosts on the internal
> > > network.
> > >
> > > I've also used the  conduit permit icmp any any
> > > command so that i can ping in and out of the firewall...
> > >
> > > When I try to ping anywhere on the internet from the firewall it
> > > works...also when i try to ping the internal network it works...
> > >
> > > When i try to ping the pix from a host it works...when i try to ping
the
> > > router (to the internet) from a host it works...(meaning it goes
through
> > the
> > > pix to the router fine)
> > >
> > > however, when i try to ping anywhere on the internet (including the
next
> > hop
> > > from the router) it doesn't work...i can't get passed the router...it
> just
> > > dead ends there...
> > >
> > > i checked to make sure that the subnet mask on the pix is right...and
> its
> > > fine...
> > >
> > > any ideas?
> > >
> > >
> > > Thanks,
> > >
> > > Brent
> > > CCNP, CCDA, MCSE, MCP+I, etc.
> > >
> > >
> > > _
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > >
> >
> >
> > _
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MZMaker compression program.

2001-03-21 Thread Alex Lee 

Group,

Can someone point me a URL to download this utility software. Thanks.



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re:12.0.9 Enterprise Plus IOS, 25xx router

2001-03-20 Thread Alex Lee 

Group,

Has anyone been successful in running this version of IOS with 8MB flash and
16 MB RAM on 25xx routers ?

The download site recommends minimum of 16 MB flash and 6 MB RAM.


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Question

2001-03-15 Thread Alex Lee 

Cannot find download from the usual download location. Can you post an URL ?


""Nathan Chessin"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> yes
>
> http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/index.htm
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Parris, Brian
> Sent: Thursday, March 15, 2001 8:20 AM
> To: '[EMAIL PROTECTED]'
> Subject: Question
>
>
> Has Cisco come out with a version of Cisco Secure VPN Client software yet,
> that is compatible with Windows 2000.  I can't buy laptops with NT anymore
> and this is putting me in a real bind.
>
> Thanks,
> Brian
>
> _
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX 515, fixup command

2001-03-15 Thread Alex Lee 

Group,

If we do not have any web server on our subnet, should I use 'no fixup
protocol http 80' or should I use 'fixup protocol http 80'.






_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX 515 Firewall problems

2001-03-14 Thread Alex Lee 

Group,

We have a PIX 515 for a year now. There is one recurring problem which we
still cannot resolve. We opened case and talked to TAC at least two times.
Each time we were told to upgrade the code. We are now running version
5.2(3).

Here is our issue :-

We are using static public IP adddresses on all our servers and computers.
Our subnet is flat. After we installed the PIX we noticed that once in a
while one or two computers could not go out to the interenet. They could do
anything internally. Our work-around to this problem is simply change the
computer's original IP address to another one. Then it worked just fine. A
day later we could give the computer its old IP address and it would work
just great.

We did turn on the debug and saw that the PIX was trying to build an
outgoing tcp connection for the computer which was having problem. This
particular outgoing connection was never established.

Can anyone out there shed some light ?



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: frame-relay backup with ISDN

2001-03-13 Thread Alex Lee 

Hi group,

We are going to setup an isdn BRI backup between two sites located in two
different states.

In my dialer map ip command do I need to add '1' in front of the 10-digit
phone number (area code + phone # ), e.g.

dialer map ip 172.16.12.1 name HQ broadcast 1+area code+phone number






_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Spliting Hairs With Frame Relay

2001-03-08 Thread Alex Lee 

Our frame-relay ISP told us that our frame-relay's port speed is 256Kbs and
CIR is 128Kbs. Does it mean that our Excess Burst is 256Kbs ? How does one
check the clockrate ?


""Circusnuts"" <[EMAIL PROTECTED]> wrote in message
00af01c0919a$877114a0$[EMAIL PROTECTED]">news:00af01c0919a$877114a0$[EMAIL PROTECTED]...
>
> Excess Burst is the maximum # of uncommitted bits that the Frame Relay =
> switch attempts to transfer beyond the CIR.  My handy dandy BCRAN book =
> says the typical Excess Burst is limited to the port speed.  The CIR is =
> the transfer speed agreed to in bps (DTE clockrate).
>
> I say all this to say- if my Excess Burst is my agreed CIR (port speed), =
> where is the excess... or should I look @ this as point to multipoint =
> (many VC's terminating on one interface). =20
>
> Any takers ???
>
> Thanks
> Phil=20
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Another Frame-relay issue..

2001-03-02 Thread Alex Lee 

This happens to me in frame-relay lab. Apparently the inverse arp does not
function the way it should in lab. Right now I always do 'copy run start',
then 'reload' on all lab routers to make sure that the inverse arp and
what-not work as it should.

In a recent actual frame relay implementation between two sites, we had to
config the lmi type at one site in order to bring up frame-relay connection.
We were using 1720 with v. 12.1(1) at both sites.


"Nigel Taylor" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> All,=20
> I made another weird discovery this morning in one of my =
> practice labs. The lab equipment in use;
>
> AGS+ : 11.0(22) Frame-relay cloud
> R1 2501   : 12.0.9(15)  Hub  sub-interface(s0.1 P-t-P1.1.1.1), and =
> (s0.2, ip 2.2.2.1) Multipoint
> R2 2502   : 11.3.(11a)T1  Spoke - Physical interface, ip 1.1.1.2
> R3 2502   : 11.3.(11a)T1  Spoke - Physical interface, ip 2.2.2.2
> R4 2520   : 11.3.(11a)T1  Spoke - Physical interface, ip 2.2.2.3
>
> After setting the frame circuit and the Hub and spoke routers the HUB =
> specific local DLCI's come up and go active on the frame switch, the =
> spoke DLCI's go active the inactive, then deleted.  I looked at every =
> thing that made sense,=20
>
> 1)Is the HUB - is the interface-dlci command using the correct dlci's , =
> Yes!  =20
> 2) At the spokes is the encapsulation type(frame relay) configured, Yes!
> 3) Is the ip (L3) configured on all devices, Yes!
>
> Ok, a "clear frame inverse-arp"  and a good sign I get an arp for R2 on =
> the hub!  A second look shows R2 has no mappings and the pvc is =
> inactive.  No matter what I did nothing.
>
> No this is really weird...  Before I started this lab I did a "wr erase" =
> on all the routers.  I proceeded to do a "wr mem" for the first time =
> since entering all my commands for my frame relay setup on the HUB, and =
> out of nowhere all the Spoke DLCI's go active and everything works like =
> it's suppose too.
>
> No, in everything things I've read it says that the commands go active =
> as they're entered, however here it seemed to require me to wr mem for =
> the circuit to come up. Has anyone seen this or have it happen in the =
> past.
>
> Thanks
>
> Nigel.
>
>
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Upgrade IOS version on router without ethernet port

2001-02-27 Thread Alex Lee 

Hi group,

What is the best way to do software upgrade on a 2525 router ?




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame relay lab problem - need help

2001-02-21 Thread Alex Lee 

Hi group,

Tried to do Lab #9 (page 183 of All-in-one CCIE Lab Study guide). I was
using a 4500 as frame relay switch and two 2501.

Every 'Sh' command output were basically same as the book. The only
exception is 'Sh frame map' on each of the two routers (RouterA & RouterB).

RouterA#sh frame map
Serial0 : ip 0.0.0.0 dlci 100<0x64,0x1840>
broadcast,
CISCO, status defined, active


RouterB#sh frame map
Serial0 : ip 0.0.0.0 dlci 101<0x65,0x1850>
broadcast,
CISCO, status defined, active

I could not ping either. Apparently the inverse arp is not working. I check
my config on the routers many times. What have I missed ? Can someone in the
group help me with this ? Thanks.




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Need advise on PPP async callback server configuration

2001-02-12 Thread Alex Lee 

I was trying to do this async callback in my lab. Have tried to get answer
from books and Cisco website for quite some time but with no luck. Seek help
from the group.

By looking at the debug info, seemed the callback client is working OK but
missed something on the callback server side as there was no callback.

Callback server :-

c2509rj#sh run
Building configuration...

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname c2509rj
!
enable secret 5 $1$FNXZ$OXAMRvJMI90li81Ua.h3b1
!
username c2501 password 0 samepass
chat-script call-c2501 ABORT ERROR "" "AT Z" OK "ATDT \T" TIMEOUT 30 CONNECT
\c
!
interface Loopback1
 ip address 1.1.1.1 255.255.0.0
 no logging event subif-link-status
!
interface Ethernet0
 no ip address
 no logging event subif-link-status
 shutdown
!
interface Serial0
 no ip address
 no logging event subif-link-status
 shutdown
!
interface Async2
 ip address 10.1.1.7 255.255.255.0
 encapsulation ppp
 no logging event subif-link-status
 async mode interactive
 dialer in-band
 dialer callback-secure
 dialer idle-timeout 200
 dialer wait-for-carrier-time 120
 dialer map ip 10.1.1.8 name c2501 class dial1 102
 dialer hold-queue 60
 dialer-group 1
 ppp callback accept
 ppp authentication chap
!
no ip classless
!
map-class dialer dial1
 dialer callback-server username
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 0 0
line 1
 no exec
 transport input all
line 2
 password samepass
 autoselect during-login
 autoselect ppp
 script callback call-c2501
 login local
 modem InOut
 modem autoconfigure discovery
 transport input all
 stopbits 1
 speed 115200
 flowcontrol hardware
line 3 8
line aux 0
line vty 0 4
 login
!
end


Callback Client
=
c2501#sh run
Building configuration...

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname c2501
!
!
username c2509rj password 0 samepass
chat-script dial-c2509rj "" "AT Z" OK "ATDT \T" TIMEOUT 300 CONNECT \c
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
interface Async1
 ip address 10.1.1.8 255.255.255.0
 encapsulation ppp
 async mode interactive
 dialer in-band
 dialer map ip 10.1.1.7 name c2509rj 101
 dialer-group 1
 ppp callback request
 ppp authentication chap
!
no ip classless
!
dialer-list 1 protocol ip permit
!
line con 0
 exec-timeout 0 0
line aux 0
 password samepass
 script dialer dial-c2509rj
 login local
 modem InOut
 modem autoconfigure discovery
 transport input all
 stopbits 1
 rxspeed 38400
 txspeed 38400
 flowcontrol hardware
line vty 0 4
 login
!
end


Debug

c2501#ping 10.1.1.7

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.7, timeout is 2 seconds:

Async1: Dialing cause ip (s=10.1.1.8, d=10.1.1.7)
Async1: Attempting to dial 101
CHAT1: Attempting async line dialer script
CHAT1: Dialing using Modem script: dial-c2509rj  & System script: none
CHAT1: process started
CHAT1: Asserting DTR
CHAT1: Chat script dial-c2509rj started
CHAT1: Sending string: AT Z
CHAT1: Expecting string: OK
CHAT1: Completed match for expect: OK
CHAT1: Sending string: ATDT \T
CHAT1: Expecting string: CONNECT.
Success rate is 0 percent (0/5)
c2501#
CHAT1: Completed match for expect: CONNECT
CHAT1: Sending string: \c
CHAT1: Chat script dial-c2509rj finished, status = Success
%LINK-3-UPDOWN: Interface Async1, changed state to up
As1 PPP: Treating connection as a callout
%LINK-3-UPDOWN: Interface Async2, changed state to up
Async2: Dialer received incoming call from 
Async2:Callback server starting to c2501 102
Async2: disconnecting call
As1 PPP: Phase is AUTHENTICATING, by both
As1 CHAP: O CHALLENGE id 9 len 26 from "c2501"
As1 CHAP: I CHALLENGE id 9 len 28 from "c2509rj"
As1 CHAP: O RESPONSE id 9 len 26 from "c2501"
As1 CHAP: I SUCCESS id 9 len 4
As1 CHAP: I RESPONSE id 9 len 28 from "c2509rj"
As1 CHAP: O SUCCESS id 9 len 4
Async1: Callback negotiated - waiting for server disconnect
%LINK-5-CHANGED: Interface Async2, changed state to reset
%LINK-5-CHANGED: Interface Async1, changed state to reset
Callback client for c2509rj 101 created
%LINK-3-UPDOWN: Interface Async2, changed state to down
%LINK-3-UPDOWN: Interface Async1, changed state to down
Async2: re-enable timeout
callback triggered by dialer_timers
Async2:beginning callback to c2501 102
Async2: Attempting to dial 102
CHAT2: Attempting async line dialer script
CHAT2: no matching chat script found for 102
Async2: Unable to dial 102.
: Dialing failed, 0 packets unqueued and discarded
: unable to dial callback return call
Freeing callback to c2501 102
Async1: re-enable timeout
Async2: re-enable timeout
No callback received from c2509rj 101
Freeing callback to c2509rj 101

===











_
FAQ, list archives, and subs

Re: Frame relay lab setup

2001-01-22 Thread Alex Lee 

Hi group,

Is it possible to have a cable to connect a frame relay switch to a T1/FT1
DSU/CSU module on another router, i.e a DB-60 male connector on one end of
the cable and a RJ48C modular jack on the other end ?




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How about the oldest CCIE ?

2000-10-14 Thread Alex Lee 

Does anybody know who is / was the oldest CCIE and what
was his / her age when they attained the CCIE?






_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re :All-in-one CCIE lab, Lab # 65, HSRP

2000-09-19 Thread Alex Lee 

Hi Group,

I tried to configure two standby groups-- Group 1 & Group 2 on e0 interface
of a 2501 router according to the book.

Configured the first standby group without any problem. Got the following
error message when I tried to configure the second standby group :-"Standby:
Interface hardware cannot support multiple groups."

My 2501 has code version 11.2 <12>, system image file :c2500-j-1.112-12.bin,
16MB memory and 8 MB flash.

Same thing happened when I tried on another 2501.

Any suggestion ?


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISL on sub-if

2000-09-02 Thread Alex Lee 

Thanks for the explanation.

What I was really asking is : Would there be a difference in the ability to
perform the inter-vlan routing function between these two types of
Fastethernet ports. '100 BaseT' Fastethernet port can perform the inter-vlan
routing. Can '10 BaseT/100 Base T' fastethernet port do the same ?

I should have asked the question differently.

Alex

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 02, 2000 5:33 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: ISL on sub-if

In a message dated 9/2/00 4:54:00 PM Eastern Daylight Time,
[EMAIL PROTECTED] writes:


<< Is there a difference between '10BaseT/100BaseT' Fastethernet port (which
is
the Fastethernet port on 2621) vs a '100BaseT' fastethernet port ?
 >>

10/100 baseT can be configured as either of the 2 speeds, where-as 100baseT
can only be configured as 100...

Mark Zabludovsky ~ CCNA, CCDA




___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISL on sub-if

2000-09-02 Thread Alex Lee 

Is there a difference between '10BaseT/100BaseT' Fastethernet port (which is
the Fastethernet port on 2621) vs a '100BaseT' fastethernet port ?

The Fastethernet port supported by 4500 router is a '100BaseT' port.



"John Hardman" wrote in message <8ormfb$d23$[EMAIL PROTECTED]>...
>Hi
>
>Correct, I had forgot about the Plus image. But the 2620 is a FE router...
>
>--
>John Hardman, CCNP MCSE+I
>
>
>
>"Jay Hennigan" <[EMAIL PROTECTED]> wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> On Sat, 2 Sep 2000, John Hardman wrote:
>>
>> > Make sure you specify the encapsulation before the IP address.
>>
>> You also must be running a "Plus" IOS image.  ISL only works with Fast
>> and Gig Ethernet ports, not standard Ethernet.
>>
>> --
>> Jay Hennigan  -  Network Administration  -  [EMAIL PROTECTED]
>> NetLojix Communications, Inc.  NASDAQ: NETX  -  http://www.netlojix.com/
>> WestNet:  Connecting you to the planet.  805 884-6323
>>
>> ___
>> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>> FAQ, list archives, and subscription info: http://www.groupstudy.com
>> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>>
>
>
>___
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re : ISDN simulator

2000-08-14 Thread Alex Lee 

Hi group,

Is the less expensive Teltone ISDN Demonstrator good enough for CCNP lab
practice or the more expensive model ILS-2000 is required ?


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re : Swapping module on a 4500 router

2000-07-19 Thread Alex Lee 

Hello group,

My weekend project is to swap out the NP-2T network processor module on my
4500 rotuer with a NP-4T.

Since I Have not done that before, I downloaded the 'Cisco 4500 Hardware
Installation and Maintenance' manual for my reference.

Would the group be kind enough to offer a 'Best Practice' recommendation on
how to proceed ?


Regards,



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Home lab practice - one arm routing

2000-07-13 Thread Alex Lee 

Hi, Group,

Is it absolutely necessary to use a router with Fast Ethernet port for one
arm routing (routing VLANS) lab practice ?

Regards,

Alex Lee



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]