Configuring 3750 Switches [7:74210]
Hi Folks, Has anyone configured 3750 switches in a Stacking Mode? What I understand that it creates a one virtual switch. 1) I have five 3750 switches, and I need to know if I will have to create five virtual interfaces say for the managment. If I choose to go with VLAN 5 subnet 172.16.10.0/24 dedicated to Managment, will I create Int Vlan 5 in all(5) switches and assign the IP addresses from the above subnet or I just need to create one Int Vlan 5 in a masterswitch. 2) If I want to connect the stack of five switches back to a Backbone 6509 switch via fiber with 2 links, one primary andthe other one as a backup. Do I need to connect both of the fiber links from the master switch or I can connect1 fiber link from the top and the 2 fiber link from the bottom switch as we normally do. Regard, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74210t=74210 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
3750 Capability [7:73989]
Netflow Switching Card on 6509 allow administer to monitor traffic rightdown the plumbing level. For Example if one of the ports on 6509 is connected to a workstation, with netflow card one could determine in seconds that what kind of traffic is passed on that port, like video streaming, or users is downloading 10.0mb file and so on. Am I correct? If swithes such as 3750 (fairly new products) are stacked in IDF's and there is a issue with the port then how can one achieve the same results in 3750 switches as one can do it with netflow card in 6509 switches. Are there any features that can allow me to monitor traffic at plumbing level such as If user's port is bogged down because of video streaming in Cisco 3750 switches. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73989t=73989 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Routing Issue [7:71036]
Backbone 3550 router has 3 vlans with Intervlan routing: Vlan10 192.168.10.1Vlan20 192.168.20.1Vlan30 192.168.30.1 Vlan 30 connects to a WAN Router's E0 192.168.30.2 Other side of the WAN router: I have a same setup VLAN10 192.168.40.1VLAN20 192.168.50.1VLAN30 192.168.60.1 VLAN 30 connects to the other WAN Router's E0 192.168.60.2 The serial link between 2 routers is on subnet 192.168.100.0/24 From the second WAN router I can ping all the vlans interfaces except 192.168.10.1. Although I can ping 192.168.10.1 from the Backbone switch behind this router, but can't ping the address from the router itself. When I do a regular ping from the router obviously it will source from the Serial Interface and that is where the problem is. When I do a extended ping from the router and then source it from the Ethernet it will ping fine. Both Router and the far backbone switch do see the routes of each other. Really frustrated why it's happening. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71036t=71036 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
7120-4T1 router [7:70688]
My 7120 router suddenly is not working. I can't even console to it. I was able to console first time, and the error message appeared, CAN'T CONNECT CABLE/CONNECTOR FE0/0, it appeared three times and went to start decompressing self image, and then the same message appeared again, and it hung. Nothing happened for 5 minutes so I decided to reboot again, and now I can't even Console. Nothing comes up when I console to it. I tried recreating new HyperTerminal Sessions, changed my speed settings, and even tried hit control-C few times by powering down and up to to see if it even can go to rommode. No luck. It's so frustrating to not get into a console since it is the first layer of troubleshooting. Thanks ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70688t=70688 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW Icanreach [7:70154]
There is a lot of confusion about running dlsw+ between two routers. For example, If a there is a peer relationship between r1 and r2. r1 config, dlsw local-peer peer-id 1.1.1.1 dlsw remote-peer 0 tcp 2.2.2.2 r2 config, dlsw local-peer peer-id 2.2.2.2 dlsw remot-peer 0 tcp 1.1.1.1 both r1 and r2 have ethernet host. host on r1's mac-address is 1234.4321.0001 Now I want r2 to reach an ethernet host only. my statement would be on r1 dlsw icannreach mac-address 1234.4321.0001 mask .. dlsw icanreach mac-exclusive. Is the above statement correct? or will I have to do a bit-swapping since the ehternet only understands cononial format, and dlsw understands non-cononial format, then it should be like that dlsw icanreach mac-address 483c.c383.0080 mask .. dlsw icanreach mac-exculsive. Please confirm when to do bitswapping in pure ethernet enviroment. Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70154t=70154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RIP Network Problem [7:70153]
RIP doesn't allow to specifically put network statement unlike ospf and newer verison of EIGRP. If for example r1's s0 is running rip, and s1 will be running ospf in the future. r1's s0 is connected to another r2. so r1 config int s0 ip address 170.1.100.0 255.255.255.0 int s1 ip address 170.1.200.0 255.255.255.0 router rip network 170.1.0.0 now r2 will have a network entry of 170.1.200.0 which I don't want to be a rip route, because of the classfull network feature, r2 will quietly accept that route. The passive interface in the topology wouln't work since the nature of the passive in only one way, recieve, but don't advertise. The only solution I think would be to use distribute list on r2 not to accept the 171.1.200.0 route. What should be the approach in ccie lab if no instruction are given. I would filter it regardless of instructions, what you guys would do. Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70153t=70153 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Load Balance [7:69611]
If BGP route has two equal paths to the same destination, can it do load balance by installing the command? maximum-paths 2 ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69611t=69611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP for Jeff Doyle's Volume II [7:66626]
Jeff Doyle is a well known name, and I really enjoyed reading both of his volumes on Routing TCP/IP. However, I don't know that thescenerios such that BGP in Volume II will be helpful in CCIE Lab exam. It requires alteast 8 or 9 routers. His scenerios aremore towards real world rather than CCIE Lab. Does anyone think it is worth going through the practical scenerios he presented in his Volume II? They are good for getting a goodgrasp on BGP though? Any recommendations for CCIE Lab BGP scenerios? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66626t=66626 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP route to IGRP table [7:66391]
I have this scenerios: R4's loopback address is 170.100.40.4/29 running EIGRP.R4's Serial 1/0 interface's address is 170.100.124.4/24 running OSPF. Mutual redistribution is also configured on R4. R2 S0/0 170.100.124.2/24is connected to R4 through FR with OSPF Routing Protocol. Due to redistribtution on R4,I am able to see 170.100.40.4/29 route on R2. Everthing is fine at that point. (Multipoint Frame Relay) R2 S1/0 170.100.23.2/24 is connected to R3 S0/0 170.100.23/24 (Point-to-Point FR) running IGRP. Mutual Redistribution is configured on R2 as well. Obviously I am not able to see the route 170.100.40.4/29 from R4into R3 routing table due to the classful nature of IGRP protocol. The only work around I could have done in this scenrio to summarize route 170.100.40.4/29 on R4. Here is what I did. R4's S1/0 ip summary-address eigrp 1 170.100.40.0 255.255.255.0. I expected to see the route 170.100.40.0/24 onR2's routing table so then it would redistribute that route to IG RP and then R3 would be able to seethis route, but didn't work. Somehow R2's is still getting the 170.100.40.4/29 route. Am I doing something wrong? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66391t=66391 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Voice VLAN [7:65606]
I have this setup: 6509 switch connected to multiple 2950 switches. In each IDF I will have atleat (20) 2950 connected to 6500 switch. 6509 then will be connected to 3700 series router for WAN Connectivity. 6509 will also be connected to Nortel CSE1000 IP phone server. The question is: In each branch I will have atleast 5 or 6 IP phones connected to 2950 switch. I Like to put my 2950 switch ports for phones in a different vlan for voice traffic and will have a separate vlan for Data. Do I need any QOS for Voice port? The connection between 2950 switches to 6509 will be Gigabit. I believe I have enough bandwidth between the ports, and voice traffic should be okay w/o any QOS. Is there any specific good link for setup Voice VLAN in 6509 and 2950 switches along with QOS if needed? ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65606t=65606 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Voice VLAN [7:65606]
I have this setup: 6509 switch connected to multiple 2950 switches. In each IDF I will have atleat (20) 2950 connected to 6500 switch. 6509 then will be connected to 3700 series router for WAN Connectivity. 6509 will also be connected to Nortel CSE1000 IP phone server. The question is: In each branch I will have atleast 5 or 6 IP phones connected to 2950 switch. I Like to put my 2950 switch ports for phones in a different vlan for voice traffic and will have a separate vlan for Data. Do I need any QOS for Voice port? The connection between 2950 switches to 6509 will be Gigabit. I believe I have enough bandwidth between the ports, and voice traffic should be okay w/o any QOS. Is there any specific good link for setup Voice VLAN in 6509 and 2950 switches along with QOS if needed? ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65613t=65606 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Etherchannel Problem [7:64791]
I have created Etherchannel on Cisco 3524 between port 1-2, 3-4, and 5-6 and they are connected to 3 Dell Servers. Server 1 (Dual Nic) connected to port 1-2 Server 2 (Dual Nic) connected to port 3-4 Server 3 (Dual Nic) connected to port 5-6 The problem is after a few minutes, the 3 servers would lose connection. Another few minutes later, the connection would be good. And another few minutes, the connection is lost. It is basically intermittent. Port 24-25 are also Etherchannel and connected to another cisco switch, and it is working fine. The problem is only b/w servers and the switch. I thought it was the Spanning tree, so I disabled these ports from learning (STP Learning = Disabled), but the results were the same. Any Idea? ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64791t=64791 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Help [7:64634]
I have a PIX 506 with two interfaces. The PIX is only used between to private network segements for some political reason. Here the description is: PIX outside interface is on 198.199.199.0 network and PIX outside interace address is 198.199.199.1 connected to Cataylyst switch. PIX Inside interface is on 172.16.17.0 network and the Inside interace adddress is 172.16.17.2 is connected to another catalyst switch. The internal router is also connected to catalyst switch and the ip address of the router is 172.16.17.1. I have configured the access-list to allow outside hosts to access traffic on inside network. In order for traffic to go through between the PIX and internal router, I asked customer to build a static route on a router such as Ip route 198.199.199.0 255.255.255.0 172.16.17.2, but instead they want to do NAT to translate outside address to the inside address. For some political reason, they can't build the route into a router. Is address translation possible between to private segments. I don't think it is possible, and my reason are: If I use any fake segment such as 192.168.1.0, just for translate customer's outside network to inside address, then I will have to put my PIX's outside address on this fake segement. Outside hosts default gateway will still be pointing at 198.199.199.1 address, and since there is no router between the PIX's outside network and catalyst switch, then the traffic from the hosts will not be able to reach to the PIX. Is there any other solutions to provide connectivity between PIX outside network and the Internal router without being installing a route into a Internal router. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64634t=64634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX without public address translation [7:63908]
I have a two interface PIX in a lab. I am trying to simulate this for a customer. Th PIX will be used between two Private networks in the same campus for some political reason. On a PIX outside Interface the network is 172.16.10.0/24, and inside network is on 192.168.10.0/24. Outside interface is connected to a catalyst switch for 172.16.10.0/24 network, and inside interface is also connected to a 2nd catalyst switch on a inside network 192.168.10.0/24. Here is the issue. For allowing users to access resource from outside to inside. I can simply do: static (inside, outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 access-list outside permit ip 172.16.10.0 0.0.0.255 any access-group outside in interface outside. For testing reason, I also want to enable ping from 172.16.10.0 network to 192.168.10.0 network. access-list outside permit icmp any any. The only confusion I have is how do I ping a host which is sitting on an outside network 172.16.10.25 to ping a host on inside network which is sitting on a network 192.168.10.25 because there is no third network segment for natting, and PIX doesn't allow to ping the private addresses from outside. For example, In real world, there is a public address which is natted to a private address, and you ping a public address which is mapped to a private address for testing purpose, but in my case there are only two private networks and there is no public address for natting purpose. One thought I had to use the fake network segment such as 10.0.0.0/24 for natting purpose, but that won't work also I think because then I will have to put my PIX's outside interface on 10.0.0.0/24 segment where as the hosts on outside segment are sitting on 172.16.10.0/24 segment. Here is the config. Please pay attention to following commands: global (outside) 1 192.168.10.0 (Since there is not public addresses for translation, I am using the inside address itself.)nat (inside) 1 192.168.10.0 PIX Version 6.1(4)nameif ethernet0 outside security0nameif ethernet1 inside security100enable password 2KFQnbNIdI.2KYOU encryptedpasswd VlkRecOhbGq/.k3t encryptedhostname Clark-Countyfixup protocol ftp 21fixup protocol http 80fixup protocol h323 1720fixup protocol rsh 514fixup protocol rtsp 554fixup protocol smtp 25fixup protocol sqlnet 1521fixup protocol sip 5060fixup protocol skinny 2000namesaccess-list outside permit ip 172.16.10.0 255.255.255.0 anyaccess-list outside permit icmp any anypager lines 24interface ethernet0 autointerface ethernet1 automtu outside 1500mtu inside 1500ip address outside 172.16.10.1 255.255.255.0ip address inside 192.168.10.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 192.168.10.0nat (inside) 1 192.168.10.0 255.255.255.0 0 0static (inside,outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 0 0access-group outside in interface outsidetimeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00timeout uauth 0:05:00 absoluteaaa-server TACACS+ protocol tacacs+aaa-server RADIUS protocol radiusno snmp-server locationno snmp-server contactsnmp-server community publicno snmp-server enable trapsfloodguard enableno sysopt route dnattelnet timeout 5ssh timeout 5terminal width 80Cryptochecksum:c9981720a27c052407817428a787baf6: end ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63908t=63908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Effect of Multipoint config on point-to-point [7:63460]
First of all, what WAN technology will you be using. FR or PPP T1. Mulitpoint on FR will have a network type non-broadcast and will not neighbor to a router on point to point interface which will have network type point to point. Either you change your point to point network type to non-broadcast and use neighbor command on your hub router or change multipoint interface to point-to-point.--- On Thu 02/20, Monu Sekhon lt; [EMAIL PROTECTED] gt; wrote:From: Monu Sekhon [mailto: [EMAIL PROTECTED]: [EMAIL PROTECTED]: Fri, 21 Feb 2003 02:06:14 GMTSubject: Effect of Multipoint config on point-to-point [7:63460]Hi Again ,A new small query on frame-relay itself.Is the config below valid and can it be used having both Multipoint on maininterface and poin-to-point sub interface simutaneusly.int serial 0encap frame-relayip address frame-relay interface-dlci 16int serial 0/0.2 multiip address frame-relay map 17Does such conguration can work or the Muti access config on main interfacewill afffect the sub interfaces connections also.What implications the above design has or all 3 connections can be made toworkany help will be appreciated.Thanx in advance Message Posted at:http://www.groupstudy.com/form/read.php?f=7amp;i=63460amp;t=63460--FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.htmlReport misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63534t=63460 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco ISDN issue [7:63535]
I don't what I am doing wrong, but apparently it is something to do with either Cisco 4500 router running ios 11.3. In router 1: I have DN: 963-5000 SPID1: 2569635101DN: 963-5001 SPID2: 25696350010101In router 2: I have DN: 963-6000 SPID1: 2569636101DN: 963-6001 SPID2: 25696360010101___hostname r1int bri0ip address 10.0.0.1 255.0.0.0encapsulation pppdialer map ip 10.0.0.2 name r2 broadcast 9636000dialer-group 1dialer-list 1 protocol ip permit___hostname r2int bri0ip address 10.0.0.2 255.0.0.0encapsulation pppdialer map ip 10.0.0.1 name r1 broadcast 9635000dialer-group 1dialer-list 1 protocol ip permit__First Issue: If I ping r2 (10.0.0.2), it will time out, however my interface gets connected. if I do show int bri 0 1 2, it will show bri0:1 is up line protocol is up, but ping will not go through. Because of frustration, I changed the Dial in number in both routers from 9635000 and 9636000 to 2nd Dial in numbers 963-5001 and 963-6001. ping was successfull. I don't know why it will not work on primary DNs. __Second issue: If I only want r1 to initiate a call, all I have to do remove dialer map command from the r2 router and that should only allow r1 to initiate a call, pretty basic that is what I thought so, but I guess I was wrong. If I do that I can get my interface bri0:1 to up/up mode, but ping will not go through. Some how these 4500 routers want dialer map commands on both routers along with only Second DNs.I spent the whole week in lab troubleshooting this issue, but finally gave up. I even check the logs in ISDN switch and it accepts the calls on it's interface, and that made me think that it is not the switch. However I could be wrong.Can someone please help? I am really frustrated.Thanks in advance,Regards, ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63535t=63535 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can't ping with Dialer Map Command [7:63393]
I have set up a simple ISDN dial up between two routers, and I don't see any wrong with the configs may be. The funny thing is when I use dialer string command on both routers then I can successfully ping each other, but if I replace Dialer String with Dialer Map which is a preferred way I am not able to ping. The Bri channel 1 will be connected, but my ping times out. Here is the configs for both routers:r1#wr tBuilding configuration...Current configuration:!version 11.3service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname r1!enable secret 5 $1$oix0$jjbU/t1qjJlHT1zYajIeG/!no ip domain-lookupisdn switch-type basic-ni1!!interface Ethernet0 ip address 170.10.22.1 255.255.255.0 no keepalive media-type 10BaseT!interface Ethernet1 no ip address shutdown media-type 10BaseT!interface Serial0 no ip address encapsulation frame-relay!interface Serial0.1 point-to-point ip address 170.10.29.1 255.255.255.252 frame-relay interface-dlci 102!interface Serial1 ip address 170.10.23.1 255.255.255.252!interface Serial2 no ip address shutdown!interface Serial3 no ip address shutdown!interface BRI0 ip address 170.10.129.1 255.255.255.252 encapsulation ppp dialer map ip 170.10.129.2 name r2 broadcast 9636000 dialer-group 1 isdn spid1 2569635101 isdn spid2 25696350010101!interface BRI1 no ip address shutdown!interface BRI2 no ip address shutdown!interface BRI3 no ip address shutdown!router ospf 1 passive-interface BRI0 network 170.10.22.1 0.0.0.0 area 1 network 170.10.23.1 0.0.0.0 area 1 network 170.10.29.1 0.0.0.0 area 0 network 170.10.129.1 0.0.0.0 area 0!ip classless!dialer-list 1 protocol ip permit!line con 0 logging synchronousline aux 0line vty 0 4 no login!endr1#r2#wr tBuilding configuration...Current configuration:!version 11.3service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname r2!enable secret 5 $1$D58d$cmNsq25bGd02XGPfZSUY9/!no ip domain-lookupisdn switch-type basic-ni1!!interface Ethernet0 no ip address shutdown media-type 10BaseT!interface Ethernet1 no ip address shutdown media-type 10BaseT!interface Serial0 no ip address encapsulation frame-relay no ip mroute-cache!interface Serial0.1 point-to-point ip address 170.10.29.2 255.255.255.252 frame-relay interface-dlci 201!interface Serial1 ip address 170.10.49.2 255.255.255.252!interface Serial2 no ip address shutdown!interface Serial3 no ip address shutdown!interface BRI0 ip address 170.10.129.2 255.255.255.252 encapsulation ppp dialer map ip 170.10.129.1 name r1 broadcast 9635000 dialer-group 1 isdn spid1 2569636101 isdn spid2 25696360010101!interface BRI1 no ip address shutdown!interface BRI2 no ip address shutdown!interface BRI3 no ip address shutdown!router ospf 1 passive-interface BRI0 network 170.10.0.0 0.0.255.255 area 0!ip classless!dialer-list 1 protocol ip permit!line con 0 logging synchronousline aux 0line vty 0 4 no login!endr2# ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63393t=63393 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS for Home Lab [7:62830]
I purchased some Cisco 4500/3810/2600 routers to setup the home lab. They all have old IOS and with only 4MB of flash for 4500s, but 3810s and 2600s have 8MB of flash. I like to upgrade to atleast version 12. Can you guys recommend what IOS will be best for the real CCIE Lab? By the way, does any of you know which IOS version is used in real CCIE Labs? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62830t=62830 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Modem Config [7:62479]
Thanks Scott ! I got modem to work, and can get to router prompt, but it's doing the funny thing. It types twice eventhough I type it once. For example, if i type telnet command, it will type ttlleenneett, it's really frustrating, it's a new 33.6 modem, but don't know why it is doing that. Regards, Teza--- On Tue 02/04, Scott Terminiello lt; [EMAIL PROTECTED] gt; wrote:From: Scott Terminiello [mailto: [EMAIL PROTECTED]]To: [EMAIL PROTECTED], [EMAIL PROTECTED]: Tue, 4 Feb 2003 22:08:30 -0500Subject: RE: Modem Config [7:62479]Make sure the dip switch settings are as follows:1 UP Data terminal ready normal2 UP Verbal result codes3 Down Display result codes4 UP Echo offline commands5 UP Auto Answer first ring6 UP Carrier detect normal7 UP Load NVRAM defaults8 Down Smart ModeYou need to reverse telnet into the modem to configure. When you reversetelnet enter the command string. Here is a good link.http://www.cisco.com/warp/customer/471/mod-aux-exec.htmlGood luck,Scott TerminielloPresidentScott Enterprises5 Whitney DriveMarlboro, NJ 07746-1241Office: (732)972-2698Email: [EMAIL PROTECTED] Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf OfAzhar TezaSent: Tuesday, February 04, 2003 9:08 PMTo: [EMAIL PROTECTED]: Modem Config [7:62479]I am trying to setup a modem dialup for Cisco AUX or Console port. Themodem connects fine, but then hangsand never goes to to the router prompt. Is there any special configs for setting up 33.6 usroobotics modem. Here iswhat I am doing: GLOBAL MODE:modemcap entryusrobotics:MSC=amp;amp;F1amp;amp;D3S0=1 LINE MODE:line aux 0 modem InOut modemautoconfigure type usrobotics transport input all speed 38400 flowcontrolhardware line con 0 modem InOut modem autoconfigure type usroboticstransport input all speed 38400 flowcontrol hardware PIN 1, 3 AND 8 DOWN ANDTHE REST OF THEM UP. Any idea? Thanks, Teza___Join Excite! - http://www.excite.comThe most personalized portal on the Web!Message Posted at:http://www.groupstudy.com/form/read.php?f=7amp;i=62479amp;t=62479--FAQ, list archives, and subscription info:http://www.groupstudy.com/list/cisco.htmlReport misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62566t=62479 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Modem Config [7:62479]
I am trying to setup a modem dialup for Cisco AUX or Console port. The modem connects fine, but then hangsand never goes to to the router prompt. Is there any special configs for setting up 33.6 usroobotics modem. Here is what I am doing: GLOBAL MODE:modemcap entry usrobotics:MSC=amp;F1amp;D3S0=1 LINE MODE:line aux 0 modem InOut modem autoconfigure type usrobotics transport input all speed 38400 flowcontrol hardware line con 0 modem InOut modem autoconfigure type usrobotics transport input all speed 38400 flowcontrol hardware PIN 1, 3 AND 8 DOWN AND THE REST OF THEM UP. Any idea? Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62479t=62479 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mgmt VLAN [7:62283]
I have a 6509 switch with Cisco IOS in it. I have created a sepearte VLAN for the managment purpose, and the only way to bring the Managment VLAN up to assign a port to the VLAN. In most designs, that is not a problem since there are other IDF switches connected to the backbone switch and trunking mechanism allows ports to assign to multiple vlans, and gladly we add the management vlan to this trunking port. However, what could be done in a small network where there is no other switches accept 6500, with only 2 or 3 vlans for users, servers, and the internet respectively. Since each port is a member of its specific vlan, and no trunking is needed, is there any techniqe to bring the managment vlan up w/o assigning any port?. I just don't waste a port for the managment vlan only. One thought, I had to make any data port (For example, my laptop connection port) to be a trunk port, and assign the port to user and mgmt vlan. Any suggestions. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62283t=62283 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Just want to know [7:62004]
Lot of custmers have been hit by SQL 2 virus regardless of having a PIX in their networks. I am just curios,if by default all packets are denied from outside to inside unless one opens it manually through conduit/access-list,what is it good to apply access-list to block such port 1433 and 1434. 2) Shouldn't these ports are disabled by default since traffic is coming from outside. If it is then how the virusentered the network. Please shed some lights. Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62004t=62004 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Logging [7:61039]
I have a PIX 525 with 6.1(1) version. I have setup a kiwi syslog server for logging. What is the best choice out of 0-emergencies-System unusable messages 1-alerts-Take immediate action 2-critical-Critical condition 3-errors-Error message 4-warnings-Warning message 5-notifications-Normal but significant condition 6-informational-Information message 7-debugging-Debug messages and log FTP commands and WWW URLs Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61039t=61039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE READING [7:61034]
Add Cisco LAN switching to it. I would also recommend to have a William Parkhurst's BGP and OPSF Configuration books.--- On Tue 01/14, Manny lt; [EMAIL PROTECTED] gt; wrote: From: Manny [mailto: [EMAIL PROTECTED]]To: [EMAIL PROTECTED]: Tue, 14 Jan 2003 17:10:32 GMTSubject: CCIE READING [7:61034]Is this a good reading lista.. Routing TCP/IP Volume I (CCIE Professional Development) and Vol 2 byJeff Doyle (Textbook Binding)b.. Internet Routing Architectures (2nd Edition) by Sam Halabi, DannyMcPherson (Contributor) (Hardcover)c.. CCIE Practical Studies, Volume I by Karl Solie (Hardcover)d.. Cisco Certification: Bridges, Routers and Switches for CCIEs (2ndEdition) by Andrew Bruce Caslow, et al (Hardcover)e.. Cisco CCIE Fundamentals: Network Design amp; Case Studies by MarkMcGregor (Textbook Binding)Regards,MannyMessage Posted at:http://www.groupstudy.com/form/read.php?f=7amp;i=61034amp;t=61034--FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.htmlReport misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61040t=61034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Broadcast Packet [7:60738]
I have a small network where users have been complaining of slowness. I decided to run sniffer and was really confused about a machine running on ip address 10.0.3.10 sending a packet to a non-existing ip address which is 10.0.3.127. I understand that broadcast will be sent to all the hosts in the network only to existing ip addresses, but don't understand why the broadcast is going to 10.0.3.127. It doesn't effect the machine, but ofcourse its taking the bandwidth on the ethernet wire.Thanks, ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60738t=60738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Broadcast Packet [7:60738]
Thanks James ! the machine has 24 bit mask.--- On Thu 01/09, James Willard lt; [EMAIL PROTECTED] gt; wrote: From: James Willard [mailto: [EMAIL PROTECTED]]To: [EMAIL PROTECTED], [EMAIL PROTECTED]: Thu, 9 Jan 2003 15:28:04 -0500Subject: RE: Broadcast Packet [7:60738]Well first of all, how is the machine's networking configured? If yournetwork is supposed to have a /24 netmask (255.255.255.0) but you set itto /25 (255.255.255.128) on that one machine, that would explain whythat machine thinks 10.0.3.127 is the correct broadcast address. Whatnetmask does that machine have?James [EMAIL PROTECTED] Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf OfAzhar TezaSent: Thursday, January 09, 2003 3:12 PMTo: [EMAIL PROTECTED]: Broadcast Packet [7:60738]I have a small network where users have been complaining of slowness. Idecided to run sniffer and was really confused about a machine runningon ip address 10.0.3.10 sending a packet to a non-existing ip addresswhich is 10.0.3.127. I understand that broadcast will be sent to allthe hosts in the network only to existing ip addresses, but don'tunderstand why the broadcast is going to 10.0.3.127. It doesn't effectthe machine, butofcourse its taking the bandwidth on the ethernet wire. Thanks,___Join Excite! - http://www.excite.comThe most personalized portal on the Web!Message Posted at:http://www.groupstudy.com/form/read.php?f=7amp;i=60738amp;t=60738--FAQ, list archives, and subscription info:http://www.groupstudy.com/list/cisco.htmlReport misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60742t=60738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Works [7:59406]
For a small Network such as 200 users with (1) 6509 (7) 3500 and (1) PIX Firewall what managment software will be appropriate out of CiscoWorks LAN Management Solution 2.1 (LMS)CiscoWorks Small Network Management Solution 1.0 (SNMS) CiscoWorks for Windows 6.1 (CWW) or any other package. Note: We already have CSPM for monitoring IDS Blade.Thanks in advance ! Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59406t=59406 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Adding VLANs [7:57819]
I have a question about how to add vlans to the port-channel without it being disruptive. When I added vlan 62,63, and 64 I started with the interfaces 1/1 and 1/2 on 6509A then did the portchannel 1 on the 6509a then went to the 6509b and did the same thing in the same order. By the time I got to doing the portchannel on the 6509b, users were calling like crazy Once I finished, all was fine again. The message I got was related to the portchannel not having the same vlan mask on both ends. Is there an order that I can do on future additions to the portchannel that will avoid this unpleasantness? ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57819t=57819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
GRE on PIX and Concentrators [7:57729]
Hi Folks, Does anyone know if PIX or VPN Concentrators support GRE to enable multiprotocol routing such as EIGRP.I have 10 branches and am thinking to replace my FR clould with site-to-sit VPN. IPSEC doesn'tsupport multiprotocol routing such as EIGRP and requires GRE to work in parallel. As far as I know GRE is only supported in routers and Cisco yet to provide this feature in PIX and Concentrators.How in the world I could do this since my hearquarter has PIX and that is where I wanted my VPN tunnels.Is there any alternatives? Does PIX 510 support VPN? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57729t=57729 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
LAN-toLAN VPN [7:57427]
Can LAN to LAN VPN be possible by having a PIX 510 at the corporate office and other branches let sayBranch 1 has 1720 router with T1 CircuitBranch 2 has VPN concentrator with T1 circuitBranch 3 has PIX with DSL CircuitBranch 4 has Router with DSL Circuit or all the branches should have the PIX as well in order to do LAN-to-LAN VPN. In other words can devices be mixed between the sites in order to do LAN to LAN VPN Connections. Thx ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57427t=57427 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Interrupting VLANs [7:57261]
If I have a working network, for example (2) 3550 switches are connected to (2) 6509s. The first 3550 is in VLAN 10 connected to both 6509s, and the second 3550 is in VLAN 11 again connected to both 6509s. I like to add one more 3550 switch (24) ports in VLAN 10 and the other (24) ports in VLAN 11. As I assume this new switch will run STP Calculations to determine which uplink ports should go into the forwarding/Blocking mode since the switch will be connected to both Core 6509s. My question is will it interrupt the already working VLANs 10 and 11 since STP will have to rerun for this new switch only. If it will then I will have to do this after hours. Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57261t=57261 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
6509 Flash Architecture [7:57008]
IIs there any link about Catalyst 6509 Flash Architecture. I am not able to see my Flash device if I run any of the commands such as SHOW FLASH:, SHOW DISK0: etc). I like to see how much space has been taken by the IOS in Flash memory, but doesn't seem to work. I am also having problems copying the IOS and Config file to my Flash Card. It just errors out. I couldn't evenfind a ciso link where the sample configs are shown about copying the contents. Thanks, ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57008t=57008 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Better Way [7:57020]
What is the better way of designing the LAN Network with 6509s and 3500 switches. VTP Pruning or manually clear the unnecessary VLANs from the Trunk Links. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57020t=57020 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Such Command for 6509 [7:56858]
Is there any command for Catalyst 6509 running Cisco IOS to show the Serial#s for chassi, sup cards, and Ethernet Cards etc. Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56858t=56858 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ICS7750 with only One SPE Card [7:56705]
I reimaged my ICS7750's SPE Card. Unfortunetly, I only have one SPE card to run everything such as ICS Core Software, ICS System Manager, ICS Call Manager and Unity etc.I was using Imaging Tool from the Laptop Connected to ICS chassis via Ethernet Port to SSP Card and Console Port to SAP card. When I ran the ImageInstall Batch File the windows pops up with all the (6) Slots, I have a SPE on slot 5.I like to that what needs to be installed in Slot (5) whether ICS Core or ICS System Manager. I would think both, but how do I do that. If I choose ip 10.0.0.1 it it mapped to ICS system Manager and if I choose 10.0.0.245 it is mapped to ICS Core Software.How do I then install both which is required for ICS7750 to run properly. Please shed some lights. Thanks ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56705t=56705 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multiple IP addresses [7:56393]
In Windows 2000/NT, it allows to assign multiple IP addresses to a single NIC Card. Whether you can assign multiple ip addresses from the same subnet orfrom the different Subnets. My question is what is the advantage of assigning (2) IP addresses to the same NIC card. If we do that with (2)NIC cards, then it is understandable that you are making your Server Multihomed/Router, but what is the advantage of assigning (2) ip addresses to the same card besides in Web Servers to run multiple websites through Server. I know somebody is doing that to connect (2) subnets to Cisco routers. The guy has assignedan ip address 192.168.10.10/24 to a W2K's NIC Card, and in the same NIC card he has assigned a logical IPaddress 192.168.40.5/24. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56393t=56393 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP B/W Layer 3 Devices [7:56374]
Can HSRP work between to layer 3 devices? If I have (2) 6000 Layer 3 Catalyst switches and (2) 7500 series routers. I want to connect each 6000 switches to 7500 routers. For Example, I can connect (2) 6009A/6009B to 7507A/7507B via subnets 172.16.10.0/24, and 172.16.20.0/24. Configs:6009A:int vlan 10ip address 172.16.10.2 255.255.255.0standby 10 ip addres 172.16.10.1standby 10 priority 110standby 10 preempt int vlan 11ip address 172.16.11.3 255.255.255.0standby 11 ip address 172.16.11.1standby 11 priroity 100 6009B int vlan 10ip address 172.16.10.3 255.255.255.0 standby 10 ip addres 172.16.10.1standby 10 priority 100 int vlan 11ip address 172.16.11.2 255.255.255.0standby 11 ip address 172.16.11.1standby 11 priroity 110standby 11 preempt 7500Aint E6/0ip address 172.16.10.4 255.255.255.0 int E6/1ip address 172.16.11.4 255.255.255.0 7507B int E6/0ip address 172.16.10.5 255.255.255.0 int E6/1ip address 172.16.11.5 255.255.255.0 Will it work? I don't know if HSRP can work between (2) Layer 3 device. Thanks ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56374t=56374 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Shutting Vlan1 down [7:56052]
In Catalyst 6509, IOS 12.1 shutting Interface VLAN 1 down should not create any problems since the VLAN 1 itself will still be active. The question is that the latest IOS version allows you to remove VLAN 1 from you trunk ports which is fine as long as the Data and the Management VLAN is not 1. I was reading Cisco LAN Switching Book, and found out that most of the control traffic such as VTP, DISL/DTP (used for trunk negotiation) , CDP, and PAGP always use VLAN 1. Won't it create a major problem if VLAN 1 is removed from the trunk links. When is it possible to remove VLAN 1 from all trunk links.?Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56052t=56052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3550 GigaStack [7:56053]
If (5) 3550 Catalyst Switches are configured in a Stack, the last swtich will always connect to the first switchin order to complete the loop. Am I Correct? In stack configruation, is it still required to assign five management IP addresses to maintainthe switches or just one management IP address will be able to control the whole switch. In orderto configure the ports, then I would assume that one terminal or telnet session will show the total portsof five switches. Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56053t=56053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
6059 to 7507 [7:55951]
New Network:I have 6509 connected to (2) 3550 switches. Vlan 20 and Vlan 30 Existing Network:Customer has an existing network with 10 token ring subnets and all connected to 7507routers and the Ethernet 1/0 is connected to 1st Cat5000 (172.16.20.0 subnet, ServerFarm1) and Ethernet 1/1 connected to 2nd Catalyst 5000 (172.16.30. subnet, ServerFarm2) I like to connect two networks so customer can easily migrate the servers from cat5000 to cat 3550 switches. This is what I am going to do move subnets 172.16.20.0 and 172.16.30.0 to 6509 switches. Connect 7507s Ethernet 1/0 and 1/1 to 6509 respectively as new subnets for example, 172.16.100.0 and 172.16.200.0) to 6509 logical interfaces, int vlan 100 and int vlan 200. Create vlan 20 and 30 as well in Cat5000s, and then connect to 3550. Now any users behind 7507s will be able to reach server farms from 7507 to 6509 to 3550s and finally to cat5000s. Two question: 1) Will it work?2) The link ports on7507 1/0 and 1/1 to 6509 would be trunk ports or just regular ports. For example, on 6509 I will create, vlan 100 and 200 and move two port 3/1 and 3/2 to vlan 100 and 200 respectively Router Config: Int vlan 100ip address 172.16.100.1 to 7507 E1/0 172.16.100.2int vlan 200ip address 172.16.200.1 to 7507 E1/1 172.16.200.2 Thanks ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55951t=55951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Strange Fiber Problem [7:55952]
I have an access Catalyst 3524 switch uplink trhough Fiber to backbone Catalyst 6509 switch. The uplinks ports are LX-GBICs adaptors. The distance I believe would be about 2200 feet. The link ports on 3524 and 6509 are green and in up/up mode. I can also see the devices in CDP Neighbor commands, but I can't ping anything from 3524 to 6509. Could it be a distance that doesn't allow layer 3 traffic to pass through eventhough I can see the devices in CDP as layer 2. Thanks, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55952t=55952 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Native VLAN 1 [7:55743]
When Ports are configured as trunk in Catalyst switches, they still belong to VLAN 1 in native column eventhough the ports can span all VLANs. What's the drawback of changing the port from Native VLAN 1 to some other VLANs? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55743t=55743 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Right apporach for HSRP with spantree load balancing [7:55579]
Is it the right approach to do spantree-load balancing with HSRP redundancy I have 4 users Vlans tied to subnets, vlan 10 172.16.10.0 vlan 11 172.16.11.0vlan 20 172.16.20.0 vlan 21 172.16.21.0 Server Farm Vlans vlan 101 172.16.101.0vlan 102 172.16.102.0 users vlans are connected back to (2) 6509 switches as well as server farms vlans. All of the ports between the switches will be trunk ports USER'S VLANS (1) 6509 (2) 6509set spantree root 10 20 set spantree root 11 21 set spantree root 11 21 secondary set spantree root 10 20 secondary int vlan 10 int vlan 10ip address 172.16.10.2 255.255.255.0 ip address 172.16.10.3 255.255.255.0 standby 1 ip 172.16.10.1 preempt standby 1 ip 172.16.10.1standby 1 priority 110 standby 1 priority 100 int vlan 20 int vlan 20ip address 172.16.20.2 255.255.255.0 ip address 172.16.20.3 255.255.255.0stand! by 2 ip 172.16.20.1 preemptstandby 2 ip 172.16.20.1standby 2 priority 110 standby 2 priority 100 int vlan 11 int vlan 11ip address 172.16.11.2 255.255.255.0 ip address 172.16.11.3 255.255.255.0standby 3 ip 172.16.11.1standby 3 ip 172.16.11.1 preempt standby 3 priority 100 standby 3 priorty 110 int vlan 21 int vlan 21ip address 172.16.21.2 255.255.255.0 ip address 172.16.21.3 255.255.255.0standby 4 ip 172.16.21.1 standby 4 ip 172.16.21.1 preempt standby 4 priority 100 ! standby 4 priority 110 For the server farm vlans: (1) 6509 (2) 6509set spantree root 101 set spantree root 102set spantree root 102 secondary set spantree root 101 secondary int vlan 101 int vlan 101 ip address 172.16.101.2 255.255.255.0ip address 172.16.101.3 255.255.255.0standby 5 ip 172.16.101.1 preempt standby 5 ip 172.16.101.1standby 5 priority 110 standby 5 priority 100 int vlan 102 int vlan 102 ip address 172.16.102.1 255.255.255.0! ip address 172.16.102.3 255.255.255.0standby 6 ip 172.16.102.1 standby ip address 172.16.102.1 preemptstandby 6 priority 100 standby 6 priority 110 I will also connect 6509 switches together as trunk ports. Any thoughts? Teza Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55579t=55579 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VLAN Load Balancing [7:55411]
If I have multiple VLANS for example 10,20,30 on 1st, 2nd, and 3rd floors respectivley and VLANS 11,21,31 on 4th, 5th, 6th floors. All of the floor switches are connected to (2) 6509 switches. The server farms have vlans 40 and 50 and hanging off on two seperate switches 3548. Each has its own VLANS. They are also connected to (2) 6509 swithes. 6509s are doing all the routing. Each Vlan is tied to a unique subnet. In order for me to do VLAN Load balancing: I could make (1) 6509 as root bridge for vlans 10, 20, and 30 and secondary root bridge for VLANS 11,21,31 and vice versa for(2) 6509 as a root bridge for vlans 11,21,31 and secondary root bridge for vlans 10,20, and 30. When I do the set commands, for example on (1) 6509, I would do SET SPANTREE PRIORITY 100 10 20 30SET SPANTREE PRIORITY 200 11,21, 31 On (2) 6509, SET SPANTREE PRIORITY 100 11,21, 31SET SPANTREE PRIORITY 200 10,20,30 The question was do I also need to include VLANS 40 and 50 (The server farm VLANS) in those above commands. Regards, Teza Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55411t=55411 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP with Spanning Tree Load Balancing [7:55428]
Is it possible to do HSRP, not MHSRP with VLAN-Spanning Tree Load balancing. I have multiple VLANS, each Vlan/Subnet assigned to the IDF. IDF switches then connect to (2) 6500 backbone switches that is also performing routing/layer 3. I know I can do vlan load balancing by making odd vlans to take (1) 6509 route and even vlans to take (2) 6509 path to reach the server farms. On top of it, I also want to implement HSRP just for the redundancy purpose. If one of the back bone switches goes down, layer 2 will not be affected, but users default gateway will have to be changed to point to the other backbone switch. HSRP is the only option to avoid that. Someone said HSRP can't run in parallel with vlan-spanning tree load balancing. Thanks Az Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55428t=55428 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Complicated Network Scenerio [7:55318]
Hi Folks, I have this complicated scenerio, and really need someone's help. The new network: (2) 6509 Switches with layer 3 blade(5) 3500 Gigabit Stack for Server farm 1. The subnet will be 192.160.20.0/24 VLAN 20(5) 3500 Gigable Stack for Server farm 2. The subnet will be 192.168.30.0/24 VLAN 30(1) 4006 for IDF will be on VLAN 85, subnet 192.168.85.0.24(1) 4006 for same IDF, but will be on VLAN 86, subnet 192.168.86.0.24 1st 6509 will be root bridge for vlan 85 to reach vlan 20, 2nd 6509 will be root bridge for vlan 85 to reach vlan 302nd 6509 will be a root bridge for vlan 86 to reach vlan 30, 1st 6509 will be a root bridge for vlan 85 to reach vlan 20. On top, I will also do HSRP for layer 3 redundancy. per say on 6509's, I could do 1st 6509: 2nd 6509int vlan 85 int vlan 85ip address 192.168.85.2 255.255.255.0 ip address 192.168.85.3 255.255.255.0standby 1 ip ip 192.168.85.1 standby 1 ip 192.168.85.1standby 1 priority 100 standby 1 priority 120 int vlan 86 int vlan 86ip address 192.168.86.2 255.255.255.0 ip address 192.168.86.3 255.255.255.0 standby 1 ip 192.168.86.1 standby 1 ip 192.168.86.1standby 1 priority 100 standby 1 priority 120 Sam! e procedure for server farm vlans 20 and 30, and other vlans. To add the complexity, customer has an exisiting network and want to migrate slowly by connecting their existing network to this new network. Customer currently has (2) Catalyst 4000 Server Farm switches and two 7500 router. and tons of IDF swithes and they reach the server farm switches via 7500 routers. 1st 4006 has subnet 192.168.20.0/24 same as we will use for the new network2nd 4006 has subnet 192.168.30.0/24 again same for the new server farms. No vlans are used. (2) 7500 router connects to both switch to support HSRP. 7500 routers are doing both LAN and WAN traffic. Eventually 7500 will only be used for WAN after the migration. One thing I could do to connect their 4006 switch to my 3500 server farm switches. All I need to make sure that to assign a different ip addresses on 6509 switches from the same existing subnets which are 192.168.20.0 and 192.168.30.0. Meaning if the customer is using 192.! 168.20.1 (Virtual ip address for HSRP) and 192.168.20.2 an 192.168.20.3 as physical address on 1st 7507 and 192.168.30.1 (Virtual IP address for HSRP), 192.168.30.2 and 192.168.30.3 as physical addresses on the 2nd 7507. I could use the different addresses from the same subnets for my 6509 backbone switches let say, 192.168.20.252 (virtual ip address, and 192.168.20.253 and 254 as a physical ip addresses. Luckily only server farm subnets can not be changed. For the floors' IDFs they will be using all new subnets which will not conflict with their exisiting subnets. Now, 6509 switches will be connecting to the new IDF switches. Now, traffic from the 6509 (new network) and traffic from the 7500 routers should be able to reach the server which are currently on 4006 switches but slowly will be moved to 3500 gigastack switches. Will this work? Someone said that first I will have to connect 4006 switches serverfarm to the new 3500 switch server farm, and then I will also hav! e to connect 7500 routers direclty to 3500 server farm switches in order for traffic to reach to server farms from 6509 and 7500 respectivlely. What a mess ? I really need suggestions here to smoothly do this. Regards, Teza Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55318t=55318 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Migration Plan (6509) [7:55064]
What is the best way to perform Migration? I have a customer who has currently running CAT5000 as a backbone switch and tons of 3COM switches at access layer. We would be installing (2) 6509 switches with 3524 switches will be used at access layers and server farms. It is a campus environments and they have tons of IDFs. We will have about 15 VLANS will be load balancing between (2) 6509 switches along with HSRP for Layer 3 redundancy. During the First phase, I want to configure (2) 6509 along with the Serverfarm switches. The way I would migrate is that I will connect their Existing backbone Cat 5000 with (2) 6509 switches, and will also force to Cat5000 to become non-root switch. By doing that I could slowly move users from their current network to the new switches and both the newtworks will have an access to the servers which will be on its own subnet in (5) 3524 gigastack switches. The only problem I see it here is these 15 VLANS. I guess I will also have to configure their existing subnets and VLANS to the 6509 switches only temporarily basis because those VLANS and Subnets coming from 3com switches to new 6509 via Cat5000, and in order to reply back, 6509 will have to know the routes and vlans. Is it right approach or someone have a better suggestion? Regards, Teza Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55064t=55064 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Scenerio [7:54824]
In this PIX Scenerio, What will be the best option. Note: PIX is being used between the two Private networks. I am just treating the outside interface as one of the users' subnets. I have 10 users on outside interface (Network 192.168.40.0) want to have an acess to the some resources in the inside (Network 172.16.20.0). Instead of statically mapping each IP address from the users to the inside resources, can I justdo this: static (inside, outside) 192.168.40.0 172.16.20.0 netmask 255.255.255.0, and then apply conduit For Example, conduit permit tcp host 192.168.40.5 (User's IP address) 172.16.20.5 (File Server) and so on, or will it be better to statically map each user ip address to the resource ip address, and then open the conduit static (inside, outside) 192.168.40.5(user's computer) 172.16.20.5 (File Server) netmaks 255.255.255.255. I think I can't statically map the actual user IP address. I am gonna have to use an unused IP address from the user's subnet (192.168.10.0). Please let me know. Thanks, Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54824t=54824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wireless Netowrk [7:54757]
In a campus network the customer would like to have a wireless LAN since all the users in the other building are Telecommuters. Wireless has its own security, but they would still like to have PIX between this wirless network and the main network. PIX is the device which is mainly used to isolate the private network from the public network, but in this scenerio the PIX would be used between two Private Networks. Here is the details: Users on Wirelss subnet 172.16.10.0 would connect to the Cisco 2900 switch. The PIX's outside interface will be part of this subnet. The PIX Internal address would then connect to another Cisco switch where customer main network resides, Servers, Applications etc. This subnet is 192.168.10.0. Conduits will be opened for Wirless users to access this network. This should work fine. I just wanted to have an advise from the forum users to make sure that it will work. Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54757t=54757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Redundant Switches [7:54614]
I have a customer who has (1) 6509 backbone switches which is also acting as a root bridge. (7) 3524 are connect back to 6509 via fiber each as a seperate unit. At this point, if 6509 fails whole network will go down. I suggested to have an additional switch run in standby mode as a backup backbone switch. Customer doesn't want to spend around 40,000 to buy a 2nd 6509 switch. Can the backup switch be another Catalyst say 4000 or does it have to be the exact same model. I know the performance will be downgraded since 4000 series don't have the same switching backplane as opposed to 6509, but still it should take over as a root bridge incase 6509 goes down. In this configuration, the only thing they will have to do is to move their servers to the 4006 switch until the 6509 comes back online. All I need to make sure that the both 6509 and 4006 switch have the same configuration. Is there anything I am missing, please shed some lights guys. Teza Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54614t=54614 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3500 GigatStack Module [7:54360]
If I take 4 Catalyst 3500 Series Switches and configure in a GigabitStack Module then I would assume that I am creating a one virtual switch and all the backplanes of the switches should combine the total speed of switching backplane. Am I correct or it is a samething you are connecting two swiches through crossover and dividing the bandwidth. If my assumptions are correct then the STP run only on those ports which will be uplink to (2) 6509 layer 3 switches. One in forwarding mode and the other one in blocking mode. The GigabitStack ports between the four switches should not be in either a forwarding or blocking port since they are just being used creat a big one virtual switch from the 4 seperate physical switches. If my assumptions are incorrect then what is the benefit of using stacking modules and diving the bandwidth instead of combining them. I would then rather connect each 3500 directly to 6509 switch. Thanks Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54360t=54360 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
WAN Monthy Report [7:54362]
My boss has asked me to provide a monthly WAN reports regarding the UpTime/Downtime, Data Throughput etc. Does someone has a template in regards of what other fields can be included in the report? He would like to have a professional report. Thanks, Teza Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54362t=54362 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Test Message [7:54288]
Test Message Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54288t=54288 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
