Re: VPN [7:16948]

[Brian Whalen]

Need a little more info here, u lookin for study materials, hardware
recommendations, working design models or what??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Mahesh wrote:

> Hi
> Can any one tell me the best stuff for VPN,s
> thanks and regards
>
> --
> Mahesh Chandra




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17029&t=16948
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT using a single interface [7:16902]

[Brian Whalen]

I have been able to get a new mac recognized by just rebooting the cable
modem after attaching it to a different pc.  No need to call clueless
level1 tech support.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Patrick Ramsey wrote:

> you know... this is very hard suggesting this because I am one for finding
> the absolute hardest way to accomplish any given project.  Especially one
> that actually challenges me.  But hey... Sometimes being smart is about
> taking the easy way...
>
> Why not just run the cable modem to the second machine temporarily?  You
> could even phone ahead to your cable company to have them change the mac if
> need be, and when your connection stops working, you'll know to make the
> switch!  :)  I think ATT actually allows up to 4 macs currently so you may
> even be able to add a mac instead of exchange.
>
> -Patrick
>
> ps. this doesn't mean I have stopped working on the scenario!  :)
>
> >>> "Leigh Anne Chisholm"  08/23/01 12:38PM >>>
> Application:
>
> Short term solution for a family member.  One PC is currently configured
> with two NICs.  One is configured to access the internet, while the other
is
> configured with an IP address in the 192.168 network range.  The PC is used
> as a gateway by another family member who is absolutely addicted to email.
>
> The PC with the two NICs will be down for a couple of days--completely
> pulled apart.  I'm not using my 1601R right now so I thought I'd see if I
> could get DHCP and PAT working to translate between the 192.168 network and
> the DHCP assigned IP address.  A 1601R as you likely know, only has one
> Ethernet port.  Plug the cable modem into the hub, plug the router into the
> hub.  I can get outbound from the router to the Internet, but the router
> can't act as a gateway for the 192.168 clients because NAT is required.
>
> I'm currently working on another project and don't have much time to
> dedicate to this whimsical scenerio.  The archives have indicated lots of
> people have dabbled with the theory of using NAT over a single
interface--so
> I was hoping someone actually got it to work.  No, I don't know a single
> thing about NAT on a Cisco router.  At home, we've got a dedicated PC
> running Linux to do the trick...  Our old 386 that used to be our
> firewall/gateway is available but the room's pretty crowded and a 1601R
> takes up a lot less space than another PC.
>
>
>   -- Leigh Anne
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Patrick Ramsey
> Sent: Thursday, August 23, 2001 8:16 AM
> To: [EMAIL PROTECTED]
> Subject: Re: NAT using a single interface [7:16902]
>
>
> well I am not sure to what application this would be usefull for, but if
IOS
> supported this funtionallity, you would have to create sub interfaces with
> different ip addresses on different networks.  then set your inside
> interface to one sub and the outside interface to the other sub just as you
> would on a normal router.
>
> But I have to ask...  If you have 2 subnets on the same network, in theory
> you would have a lot of machines on each of those subnets trying to talk to
> one another.  Is this correct?  Why not just use that ethernet port as a
one
> armed router?  (I would then assume that you are migrating your network
from
> one subnet to another) so this would not be a permanent intallation. (as
> this is very unefficient)
>
> If this is not the case, please explain your situation... I'm interested in
> the need for this scenario.
>
> -Patrick
>
> >>> "Leigh Anne Chisholm"  08/22/01 06:27PM >>>
> I've searched the Groupstudy archives...  there's been much speculation as
> to whether or not this can be done.  Has anyone managed to get NAT using a
> single Ethernet interface to work?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17034&t=16902
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Best study materials to use [7:16946]

[Brian Whalen]

Design is likely slightly more valued, which to pursue is dependent on
whether you are seeking a postion to admin/maintain(ccnp), or a position
to design(ccdp).

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Brown G.G. wrote:

> Thanks for all of the posts, but let me rephrase the question.  I was
> wondering between the two certifications CCNP/CCDP. Let's say that there
are
> 2 individuals one with the CCDP and one with the CCNP and they both have
> about 2 years of experience on an average which one makes more on a rough
> estimate or from any personal experiences that any of you may have?  I know
> that the certs don't get you any money or jobs anymore but they do help
when
> it is time to interview for a position and you also have experience




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17037&t=16946
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to open specific TCP & UDP ports... [7:17047]

[Brian Whalen]

An access list will likely do this for you..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Ken Owens wrote:

> Hello,
>
> I am administering a Cisco 1600 router.  I need to "open" a specific TCP &
> UDP port number to allow traffic for a specific application.
>
> I have read my documentation for this router pretty thoroughly and do not
> see this mentioned anywhere.  Does anyone have any advice for me on this
> topic?
>
> Thank you in advance!
>
> Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17049&t=17047
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Another CCIE Written Question [7:17050]

[Brian Whalen]

Most are full duplex, so in those cases, no you shouldn't..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Wright, Jeremy wrote:

> Can you have collisions on a serial link?   Thanks again.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17052&t=17050
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Urgent: Anything wrong with this switch? [7:17045]

[Brian Whalen]

The lack of any warranty should provide a lower price for this.  I'd be
curious about the testing if any the seller has done.  Does it boot?  What
is displayed when it does?  Question is has there been testing done, and
if so what were the results.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Sanjay Chaudhry wrote:

> Hi Everyone,
> I'm trying to buy a refurbished switch with the following
> specifications:
>
> =
> Cisco Catalyst 5505 w/ Supervisor Engine II WS-X5506
>
> Included in the Chassis:
>
> One WS-C5505 Chassis 5 slot Chassis
> 1 Supervisor Engine II (WS-X5506)
>
> 1 AC Power Supply
> 1 12 PORT 100BaseTX Ethernet (WS-X5113)
> 1 AC Cord
> 1 Console Kit
> =
>
> There is no guarantee against DOA from seller. I'll be responsible for
> everything after the sale!!
> I'm a recent CCNA. This is intended for my CCNP/CCIE lab. I'll need your
> advice here... I don't even know if Flash/RAM should have been mentioned
> in the switch specs and are missing...
> Your input is highly valued.
> Thanks,
> Sanjay




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17059&t=17045
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Another CCIE Written Question [7:17050]

[Brian Whalen]

Tis why I said most and shouldn't :)  I expected the longtime lurkers to
come back with a couple that weren't full duplex.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 23 Aug 2001, Howard C. Berkowitz wrote:

> >Most are full duplex, so in those cases, no you shouldn't..
> >
> >Brian "Sonic" Whalen
> >Success = Preparation + Opportunity
> >
> >
> >On Thu, 23 Aug 2001, Wright, Jeremy wrote:
> >
> >  > Can you have collisions on a serial link?   Thanks again.
> >
>
>
> I'm in general agreement, but be aware that you might run into IBM
> BSC or SDLC networks that use polled multidrop on half-duplex
> facilities.  Rare now, but you might see them on things like
> automatic teller machines, point-of-sale terminals, etc. -- those
> being critical business applications that work, so no one wants to
> fiddle with them.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17064&t=17050
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: access-list [7:17097]

[Brian Whalen]

The inverse mask on this is likely incorrect, if yoy want it to be for
half a class c, you want 0.0.0.127

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 24 Aug 2001, Midnight Man wrote:

> You should change the order of your commands
>  Line vty 0 4
>  access-class 55 in
>  access-list 55 permit 202.157.78.0 0.0.0.128
>
> For sure it will run correctly
> gook luck
> MNM
> --- kaushalenders  wrote:
> > hi ,
> > hi i have made a access list to restrict telnet on
> > my router from other
> > network but when i implemented on vty it was no
> > working .Pls help
> > the acesslist wass
> > access-list 55 permit 202.157.78.0 0.0.0.128
> > line vty 0 4
> > access-class 55 in
> >
> > but it restricted the whole network
> [EMAIL PROTECTED]
>
>
> __
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17190&t=17097
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: confused with T1 router choices [7:17252]

[Brian Whalen]

Order a dry pair and do your own dsl line if the endpoints are close
enough.  There was an article on slashdot recently..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 25 Aug 2001, Brian wrote:

> On Sat, 25 Aug 2001, Kervin Pierre wrote:
>
> > Hello,
> >
> > I'm looking into a T1 setup and I'm a bit confused with the cisco
> > options for equipment.  I am looking for equipment for both ends of the
T1.
> >
> > What would be the cheapest setup? I'm looking at the 1600's right now.
>
> cheapest? probably 2 1005's with cheap externel CSU's.
>
> > Are there major draw backs to using those?  I'll have a linux
>
> no, its a decent router for a T1.
>
> > firewall/router on my network so I'm not very worried about doing ACL's
> > or any other CPU intensive stuff on the router.
> >
> > Would I still need the WIC-1T if I go with the 1602?  This router seems
> > to have a built in CSU/DSU, would it do?  Are there any scenarios where
> > I don't have to get a separate card?
>
> 1602 has built in 56k CSU, not T1.  1601 has built int serial.  None of
> the 1600's have built in CSU's although all can take the WIC-1DSU-T1
> wic card.
>
> >
> > Lastly, do I need the same equipment on both ends of the connection?
> > I'm trying to see if it will be more cost effect if I provide my own
> > equipment on the ISP side.
>
> no you do not need to use the same equipment on each side.
>
> >
> > Finally, since I'm providing both ends of the connection, I don't
> > *really* have to go T1, do I?  Can anyone suggest a cheaper Layer 1
> > solution, compatible with a leased-line.
>
> well, I mean,  you can do whatever you want, you could order a phone line
> and some sportster modems if you wanted I suppose.
>
> brian
>
>
> >
> > Any information, insight would be greatly appreciated.
> >
> > -Kervin
> I'm buying / selling used CISCO gear!!
> email me for a quote
>
> Brian Feeny, CCIE #8036   Netjam, LLC
> [EMAIL PROTECTED] http://www.netjam.net
> VISA/MC/AMEX/CODphone: 318-212-0245
> 30 day warranty fax:   318-212-0246




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17263&t=17252
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: access-list & ports ( TCP /UDP) [7:17374]

[Brian Whalen]

I use http://www.iana.org/assignments/port-numbers for finding out about
port numbers.  Re the dns topic below, udp is fine for a company that does
not have its own dns servers and only makes queries.  TCP is used for zone
transfers.  I believe that in newer versions of bind, random hi port
numbers are used.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 27 Aug 2001, shella kevin wrote:

> when dealing with access-list we use both TCP & UDP. For example we use
> tcp 53 or udp 53 for domain.
>
> My Q is when & how we know when we should use UDP and when TCP .
> what is the difference .
>
>
>
> Thanks
>
> Shella K.
>
>
>
> 
>
> Get your FREE download of MSN Explorer at http://explorer.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17431&t=17374
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: point-to-point question? [7:17437]

[Brian Whalen]

Perhaps they're talking about clocking.  If you have control over csus on
both sides, typically one would be a timing source, and the other would be
set to external timing.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 27 Aug 2001, Marshal Schoener wrote:

> Hey all,
>
> I was told that on a point-to-point dedicated T1, one router needs to be
> setup as a master, and the other router
> needs to be setup as a slave...
> Is there any truth to this, and if so, how would I go about doing it?
>
> I have never heard of anything like this before.
>
> Again, it isn't frame-relay, it's just a dedicated point-to-point link.
>
>Thanks a million in advance,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17438&t=17437
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: point-to-point question? [7:17437]

[Brian Whalen]

clock rate is a different deal.  Is this a full or fractional t1?  if its
full t1, I suspect the card will support that rate properly.  If its
fractional, then your intervention will be required to set the number of
timeslots properly.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 27 Aug 2001, Marshal Schoener wrote:

> I have two 1602 routers on each side.  They each of a T1 WIC card that is
> also the DSU...
> Do I need to set a clock rate on one side?  I didn't think so, but maybe I
> was wrong.
>
>
> Thanks again,
>
> -Original Message-
> From: Brian Whalen [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 27, 2001 4:36 PM
> To: Marshal Schoener
> Cc: [EMAIL PROTECTED]
> Subject: Re: point-to-point question? [7:17437]
>
>
> Perhaps they're talking about clocking.  If you have control over csus on
> both sides, typically one would be a timing source, and the other would be
> set to external timing.
>
> Brian "Sonic" Whalen
> Success = Preparation + Opportunity
>
>
> On Mon, 27 Aug 2001, Marshal Schoener wrote:
>
> > Hey all,
> >
> > I was told that on a point-to-point dedicated T1, one router needs to be
> > setup as a master, and the other router
> > needs to be setup as a slave...
> > Is there any truth to this, and if so, how would I go about doing it?
> >
> > I have never heard of anything like this before.
> >
> > Again, it isn't frame-relay, it's just a dedicated point-to-point link.
> >
> >Thanks a million in advance,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17445&t=17437
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: access-list & ports ( TCP /UDP) [7:17374]

[Brian Whalen]

Hopefully you know enough about or can find out enough about your
application to see whether it uses tcp or udp or both.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 27 Aug 2001, Ednilson Rosa wrote:

> The problem with this list is that every application seem to use both UDP
> and TCP, which is not always true.
>
> Ednilson Rosa
>
> - Original Message -
> From: "Brian Whalen" 
> To: 
> Sent: Monday, August 27, 2001 5:03 PM
> Subject: Re: access-list & ports ( TCP /UDP) [7:17374]
>
>
> I use http://www.iana.org/assignments/port-numbers for finding out about
> port numbers.  Re the dns topic below, udp is fine for a company that does
> not have its own dns servers and only makes queries.  TCP is used for zone
> transfers.  I believe that in newer versions of bind, random hi port
> numbers are used.
>
> Brian "Sonic" Whalen
> Success = Preparation + Opportunity
>
>
> On Mon, 27 Aug 2001, shella kevin wrote:
>
> > when dealing with access-list we use both TCP & UDP. For example we use
> > tcp 53 or udp 53 for domain.
> >
> > My Q is when & how we know when we should use UDP and when TCP .
> > what is the difference .
> >
> >
> >
> > Thanks
> >
> > Shella K.
> >
> >
> >
> > 
> >
> > Get your FREE download of MSN Explorer at http://explorer.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17476&t=17374
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: how to get frame-relay DNA number?? [7:17614]

[Brian Whalen]

No idea what a DNA number is.  DLCI numbers are determined by telco..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 28 Aug 2001, Sim, CT (Chee Tong) wrote:

> Hi..  When I report a frame-relay link fault to my ISP
> vendor.  They always ask me what is the DNA (data network address) number
of
> the link, but I can only able to give the frame-relay circuit ID?  May I
> know how can I know what is the DNA number of FR link ?  And what is that
> for?
>
>   If I have two routers A and B,  A is link to the backbone
> and B is link to A via Frame-relay.   If this frame-relay is down.  Whether
> I can still see the DLCI number when I console into B?  Who decided the
DLCI
> number??
>
>   Thanks
>   CT
>
>
>
>
>
> ==
> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
> is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
> onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
> de afzender direct te informeren door het bericht te retourneren.
> ==
> The information contained in this message may be confidential
> and is intended to be exclusively for the addressee. Should you
> receive this message unintentionally, please do not use the contents
> herein and notify the sender immediately by return e-mail.
>
>
> ==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17617&t=17614
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Work-related ACL problem [7:17695]

[Brian Whalen]

ah yes the old in or out debate...

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 29 Aug 2001, John Neiberger wrote:

> The problem is in your second line.  You are denying traffic *sourced*
> from port 80 (www), not traffic destined for port 80.  Change the line
> to:
>
> access-list 101 deny tcp any any eq www
>
> I would even consider adding "eq www" to the first line since you only
> want to allow web traffic to that host, right?
>
> HTH,
> John
>
> >>> "Wilson, Bradley"  8/29/01 10:03:33 AM >>>
> Okay gang, this one's work-related so don't feel obligated to help. ;-)
>  I
> think it's an interesting thought problem though:
>
> The Problem I'm Trying To Solve: allow access to a particular website
> (2.2.2.2) from users on a particular subnet.  Do NOT allow them to
> access
> any *other* website.  Allow them to access other resources within your
> internal network (172.0.0.0).
>
> Here's the ACL I came up with:
>
> access-list 101 permit ip any host 167.216.138.4
> access-list 101 deny tcp any eq www any
> access-list 101 permit ip any 172.0.0.0 0.255.255.255
> access-list 101 permit ip any any
>
> This list was created on an MSFC card running in a 6509 chassis, and
> has
> been applied to interface Vlan1 inbound (I tried outbound as well just
> for
> kicks).  The (unintended) result is that users can access both the
> target
> website, as well as other websites on the Internet.  Any ideas?
>
>
>
> Bradley J. Wilson
> CCNP CCDP MCSE NNCSS CNX MCT CTT
> EDS/Boston Scientific Account
> (508) 650-8739
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17754&t=17695
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: I need help [7:17713]

[Brian Whalen]

If all that is wanted is 3-5 ips, I'd probably look for a business class
dsl offering if possible.  Then services/servers could be hosted and
allowed.  Going to Arin for a request this small is inappropriate.
Alternatively, if you're a little more serious you could buy colo space,
they'd provide you with ips and give better network stability.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 29 Aug 2001, Gore, Roger (Signal) wrote:

> you might begin here... http://www.arin.net/index.html
>
> -Original Message-
> From: Keith J. [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 29, 2001 11:29
> To: [EMAIL PROTECTED]
> Subject: I need help [7:17713]
>
>
> I want to get a IP address or small block of IP's that are registered.
> I'm not sure exactly how to do this and what it will cost.
> I own a domain already but it is hosted by a service provider.
> I know have dsl and a static IP for that but I will want to host my own
> stuff soon.
>
> Don't know how to do it. I have knowledge here and there but feel there are
> wholes.
>
> Can some please describe what I must do to get  3 -5  legal ip's
> and eventually setup my own site and host my own services
>
> Thanks
>
> Keith




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17755&t=17713
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How do I filter ICMP? [7:17761]

[Brian Whalen]

think u wanna replace tcp with icmp to block pings..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 29 Aug 2001, Mr. Magoo wrote:

> Hi List!
>
> I would like to know how can I block ICMP echos (Ping & Trace) for an
> specific interface, allowing everything else. I tried the ACL below but it
> didn't work. What am I doing wrong??
>
> Router-R2#sh run
>
> access-list 101 deny   tcp any any eq echo
> access-list 101 deny   udp any any eq echo
> access-list 101 permit ip any any
>
> interface Ethernet0
>  ip address 192.168.0.101 255.255.255.0
>  ip access-group 101 in
>  ip access-group 101 out
>
> Router-R2#r1
> Trying R1 (192.168.0.100)... Open
> Router-R1#ping r2
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echoes to 192.168.0.101, timeout is 2 seconds:
> !
> Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
> Router-R1#
>
> Thanks in advance!!
>
> Magoo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17763&t=17761
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How do I filter ICMP? [7:17761]

[Brian Whalen]

also, want to state that blocking all icmp may or may not be appropriate
depending on your level of paranoia.  Some useful info is relayed via
icmp.  You may want to try something like this.

permit icmp from monitoring hosts
deny icmp echo requests
permit other icmp

There was an article in Sysadmin magazine a few months back that talked in
greater detail about icmp types.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 29 Aug 2001, John Neiberger wrote:

> Yep, Brian is right.  TCP and UDP echo are not the same as an ICMP echo
> request and echo reply.  In cisco terminology they are called small
> servers and I really don't know what they're used for, except perhaps
> some troubleshooting.  They seem to be pretty useless and it's a good
> idea to turn them off.
>
> no service tcp-small-servers
> no service udp-small-servers
>
> Anyway, as your list is currently constructed, this traffic is what
> you're blocking, not ICMP.
>
> HTH,
> John
>
> >>> "Brian Whalen"  8/29/01 4:45:42 PM >>>
> think u wanna replace tcp with icmp to block pings..
>
> Brian "Sonic" Whalen
> Success = Preparation + Opportunity
>
>
> On Wed, 29 Aug 2001, Mr. Magoo wrote:
>
> > Hi List!
> >
> > I would like to know how can I block ICMP echos (Ping & Trace) for
> an
> > specific interface, allowing everything else. I tried the ACL below
> but it
> > didn't work. What am I doing wrong??
> >
> > Router-R2#sh run
> >
> > access-list 101 deny   tcp any any eq echo
> > access-list 101 deny   udp any any eq echo
> > access-list 101 permit ip any any
> >
> > interface Ethernet0
> >  ip address 192.168.0.101 255.255.255.0
> >  ip access-group 101 in
> >  ip access-group 101 out
> >
> > Router-R2#r1
> > Trying R1 (192.168.0.100)... Open
> > Router-R1#ping r2
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echoes to 192.168.0.101, timeout is 2
> seconds:
> > !
> > Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
> > Router-R1#
> >
> > Thanks in advance!!
> >
> > Magoo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17771&t=17761
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Offtopic: Sun Solaris Admin [7:17684]

[Brian Whalen]

There are lots of mailing lists and newsgroups.  For newsgroups, there are
a few comp.sys.sun groups, and some yahoo clubs; I'm sure others can be
found with some searching.  www.sunhelp.org is useful, as is the sun
managers list.  A site for that is www.sunmanagers.org.  Both of these
last 2 sites have mucho faqage..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 29 Aug 2001, Rob Bains wrote:

> Try solcert on yahoo.  There are a couple of sun related lists on Yahoo,
but
> solcert is
> a good starting point.
>
>  > Rob
>
> Admin wrote:
>
> > hi all,
> >
> > do you know of a similar discussion group dedicated to Unix/Sun Solaris
> Admin
> > certification ?
> >
> > have to get solaris admin cert to retain my job.
> >
> > thanks
>
> [GroupStudy.com removed an attachment of type text/x-vcard which had a name
> of rbains.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17786&t=17684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Logging in Cisco Router: Will it decrease router's [7:17967]

[Brian Whalen]

For the sake of long term data gathering, performance history etc, that is
enuff to make me want to use a separate server..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 30 Aug 2001, Michael Williams wrote:

> > I have 2 options here:
> > Option 1 : redirect the syslog message to Linux box
> > Pro: easier to manage, need not connect to router
> > Con: need a linux server
>
> Actually, I use a great *FREE* syslog Daemon for Windows from Kiwi
> Enterprises.  I run it in the background on my workstation.  You can
> download it here:
>
> http://www.kiwi-enterprises.com
>
> > Option 2 : keep log in router
> > Pro: dont need extra linux server
> > Con: log message size restricted
> >
> > Doubts:
> > Most probably I will choose Option2 but my worry is
> > "will the logging process affect the router's
> > performance? especially the memory of router.."
>
> Actually, writing the log to memory takes the least CPU time of all logging
> options.  As you pointed out, you don't waste all of your routers memory
for
> logging.  But you could at least check the amount of memory being used
> regularly and then use anything above that for logging.
>
> Check out that link I put in above.  That software is free and they don't
> list minimum CPU/Memory for the PC, so I'd assume that you can run it on
any
> PC that can run Win95/98 with a NIC.
>
> Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17967&t=17967
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Dial in/Dial Out modem bank [7:17929]

[Brian Whalen]

You actually allow users to dial out from their desktops, while connected
to a lan??

The horror of it..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 30 Aug 2001, Jim Dixon wrote:

> Cisco AS5300 should handled your needs nicely.
>
>
> -Original Message-
> From: Mike Momb [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 30, 2001 2:56 PM
> To: [EMAIL PROTECTED]
> Subject: Dial in/Dial Out modem bank [7:17929]
>
>
> To all you cisco wizards,
>
> What Cisco product would you recommend for dial in/dial out capability on a
> LAN.  We have many users who dial into our network and do work from home.
> We also have users that would like to dial out from their desktop without
> using stand alone modems.  Something that would handle at least 16
> simultaneous users.  We currently use a product that is slow and sometimes
> it locks up.  Any advice/input would be appreciated.
>
> Mike




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17971&t=17929
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Offtopic: Sun Solaris Admin [7:17684]

[Brian Whalen]

Hmm, didnt really stop to think about the diff between g and q, and that
in a quick glance, someone may misinterpret.  Apologies to anyone
offended..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 30 Aug 2001, Donald B Johnson jr wrote:

> yo bri you better watch you mucho faqage.
> Don't say you aint been warned.
>
>
>
> - Original Message -
> From: "Brian Whalen" 
> To: 
> Sent: Wednesday, August 29, 2001 6:40 PM
> Subject: Re: Offtopic: Sun Solaris Admin [7:17684]
>
>
> > There are lots of mailing lists and newsgroups.  For newsgroups, there
are
> > a few comp.sys.sun groups, and some yahoo clubs; I'm sure others can be
> > found with some searching.  www.sunhelp.org is useful, as is the sun
> > managers list.  A site for that is www.sunmanagers.org.  Both of these
> > last 2 sites have mucho faqage..
> >
> > Brian "Sonic" Whalen
> > Success = Preparation + Opportunity
> >
> >
> > On Wed, 29 Aug 2001, Rob Bains wrote:
> >
> > > Try solcert on yahoo.  There are a couple of sun related lists on
Yahoo,
> > but
> > > solcert is
> > > a good starting point.
> > >
> > >  > Rob
> > >
> > > Admin wrote:
> > >
> > > > hi all,
> > > >
> > > > do you know of a similar discussion group dedicated to Unix/Sun
> Solaris
> > > Admin
> > > > certification ?
> > > >
> > > > have to get solaris admin cert to retain my job.
> > > >
> > > > thanks
> > >
> > > [GroupStudy.com removed an attachment of type text/x-vcard which had a
> name
> > > of rbains.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17974&t=17684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hello all....terminal emulation software... [7:17968]

[Brian Whalen]

securecrt, and presumably crt do.  Its shareware, not freeware, but is
obtainable at www.vandyke.com.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 30 Aug 2001, [EMAIL PROTECTED] wrote:

> I am trying to locate a freeware terminal emulation software that will
allow
> me to select com ports 5 and 6...hyperterm doesn't support anything beyond
> com4.  I've installed a serial card that utilizes com5 and com6 only.  I
> will
> be using these two ports to console into my routers.  Anyhelp in finding a
> terminal software that does this is greatly appreciated.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17977&t=17968
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dial in/Dial Out modem bank [7:17929]

[Brian Whalen]

I have a really huge level of paranoia about a network connected puter
also being connected via modem, especially to an isp.


Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 30 Aug 2001, EA Louie wrote:

> no no no, Bri - that's a GOOD thing.
>
> 1.  you can authenticate them for access to dial-out
> 2.  you consolidate (pool) the resource, so that fewer dedicated outbound
> lines are required
> 3.  it's more secure (no one can set their desktop up to answer a modem
call
> thereby remvoing that security threat)
> 4.  people tend to abuse it less because they feel they're being monitored
> (the centralized paranoia syndrome)
> 5.  easier to maintain than individual dial modems scattered all over the
> office/building/campus
>
> It works GREAT when implemented properly.  The only support problem becomes
> the absolutely clueless users, and they're always a problem anyway, so
> that's a wash.  ;-)
>
> Enterprise networking...what a concept!
>
> -e-
>
> - Original Message -
> From: "Brian Whalen" 
> To: 
> Sent: Thursday, August 30, 2001 3:43 PM
> Subject: RE: Dial in/Dial Out modem bank [7:17929]
>
>
> > You actually allow users to dial out from their desktops, while connected
> > to a lan??
> >
> > The horror of it..
> >
> > Brian "Sonic" Whalen
> > Success = Preparation + Opportunity
> >
> >
> > On Thu, 30 Aug 2001, Jim Dixon wrote:
> >
> > > Cisco AS5300 should handled your needs nicely.
> > >
> > >
> > > -Original Message-
> > > From: Mike Momb [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, August 30, 2001 2:56 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Dial in/Dial Out modem bank [7:17929]
> > >
> > >
> > > To all you cisco wizards,
> > >
> > > What Cisco product would you recommend for dial in/dial out capability
> on a
> > > LAN.  We have many users who dial into our network and do work from
> home.
> > > We also have users that would like to dial out from their desktop
> without
> > > using stand alone modems.  Something that would handle at least 16
> > > simultaneous users.  We currently use a product that is slow and
> sometimes
> > > it locks up.  Any advice/input would be appreciated.
> > >
> > > Mike
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17989&t=17929
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Errors in All-in-one CCIE [7:17985]

[Brian Whalen]

Try the errata page of the publisher??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 31 Aug 2001, Dennis H wrote:

> > there are lot of errors in this book. Can anybody tell me these errors
and
> > there page numbers. I am using second edition of this book.
>
> The book is full of errors... way too many to list...
>
> >
> > Moreover, I will appreciate if somebody can send me CCIE braindumps and
> > practise exams.
>
> If you want braindumps then stick with Microsoft exams loser!  You don't
> have want it takes to be a Cisco engineer.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18143&t=17985
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What's the critical difference between level 3 switching [7:29032]

[Brian Whalen]

Theres a nice discussion of this in the most recent packet magazine.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 6 Dec 2001, ndabarasa michel wrote:

> hello,
> the difference between layer3 and layer2 switching is that:
>
> *for layer2 switching the switching box use the info in the
> second layer of the OSI model(datalink layer) to choose
> where to forward the frame while.the info used is the MAC
> address ab:34:fe:bla:blabla:blablabla
>
> *while for layer3 switching the box uses the info in the
> third layer of the OSI model to make forwarding
> decisions.the info in layer3 is the IP address   210.12.x.x
>
>
>
>
>
>
>
> On Thu, 6 Dec 2001 12:57:43 -0500
>  "c.h.ip"  wrote:
> > hi all,
> >
> > It seems that both is looking for level 3 header
> > information (like
> > destination IP address) to make decision of packet
> > forwarding.
> >
> > Just can't get into the concepts between them.
> >
> > Any hint is appreciated.
> >
> > Regards,
> > c.h.Ip
> > [EMAIL PROTECTED]
>
>
>   /'^ ^'\
>  ((o)-(o))
>  |oOOO--(_)--OOOo--|-|-
>  |  Ndabarasa Michel...   |
>  |  CCNA,CCAI..  |
>  |  National University of Rwanda..  |
>  |  Computing Centre...   |
>  |  voice.. |
>  |  office (+250)530666  |
>  |  cell   (+250)08510951..|
>  |   .oooO   |
>  |  (  )Oooo.  |
>  |---\ (--- (  )---|-|
>   \_)   ) /|-|
>(_/
>
>
>
> --
> FREE! The Best in Rwanda Email Address @mail.rw
> Reserve your name right now at http://mail.rw




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29032&t=29032
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VLSM [7:28768]

[Brian Whalen]

get very comfortable in decimal to binary conversion..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 10 Dec 2001, SUranjith Ariyapperuma wrote:

> Dear friends
> I would like to learn about VLSM, I would be grateful if any body has any
> pointers where I can start from ?.
> Suranjith




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29035&t=28768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Interview Tips [7:28704]

[Brian Whalen]

I would take em with you in a decent briefcase or at least professional
folder thing.  State that you have them as part of the answer to the ,"Why
should we hire you" query.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 10 Dec 2001, Daniel Cotts wrote:

> A rule of thumb in sales is to never let anything get in the way of the
> "close". If you think that you may be asked to show the certificates, bring
> them along but don't present them unless asked.
>
> The ideal situation is to be interviewed by your future boss. You have the
> opportunity to determine what are his/her real needs. You can then
> illustrate how you might be part of the solution.
>
> An interview should be a conversation. Both sides should ask and answer
> questions.
>
> A poor situation is to be interviewed by an HR person who has no technical
> background. They might have a check list of desired skills with no
> understanding what they mean. When you try to explain terms to them their
> eyes glaze over within 30 seconds. In this case superficial things may make
> the difference.
>
> First impressions do count. Personal grooming and business casual or better
> clothes are important in large companies.
>
> Learn about the company. Go to their web site. Know what they do. How they
> fit within their industry. What problems they may have.
>
> If you are not comfortable in an interview process, find others with whom
to
> practice. Try the Job Placement office of the college. Write out and
> memorize what you want to say.
>
> Spell check everything that you write. 'emplyment passport' caught my eye.
>
> It isn't the end of the world if you don't get the job. Look at the
> interview as a learning opportunity.
>
> The best of luck to you. You should also post your question on the
> [EMAIL PROTECTED] list. Some great recruiters regularly contribute.
>
> also see:
> Archive of the Career Advisor newsletter:
> http://www.nwfusion.com/newsletters/careers/index.html
>
> > -Original Message-
> > From: Russ Kreigh [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, December 10, 2001 12:02 PM
> > To: [EMAIL PROTECTED]
> > Subject: Interview Tips [7:28704]
> >
> >
> > Hello all-
> >
> > I have my first real job interview this week with a large
> > corporation. I am
> > 18 and am currently in college and have passed my CCNA, CCDA
> > and am planning
> > on taking CCNP routing January 21st. I also participated in the Cisco
> > Network Academy program and have an 'emplyment passport' from it. My
> > question is, how should I present these materials in the
> > interview; should I
> > even take the actual certificates in to the interview with
> > me? If someone
> > has some personal tips, or a website to help me prepare for
> > this interview
> > it would be greatly appreciated.
> >
> > Thanks in advance,
> >
> > Russ Kreigh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29033&t=28704
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cisco academy's routing skills final ,tough!!! [7:29212]

[Brian Whalen]

I really don't agree that everyone should pass, tho perhaps that was a
wisecrack I didn't see.  Inevitably in any class some students try and
some don't.  If everyone fails then yes perhaps that is a problem, but
given the material difficulty, I would expect a substantial failure rate.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 15 Dec 2001, Tom Lisa wrote:

> I resemble that remark!
>
> Prof. Tom Lisa, CCAI
> Community College of Southern Nevada
> Cisco Regional Networking Academy
>
> Priscilla Oppenheimer wrote:
>
> > It sounds like some old-fashioned meanie wrote this test.
>
> > Priscilla
> >
> > At 12:32 PM 12/14/01, brian hall wrote:
> > >Just a message to those who (like me!) thinking that reading, doing labs
> and
> > >taking multiple choice test will prepare you for the real world and
> > >(hopefully)the CCIE lab need to be exposed to cisco's network accademy
> > >semester 5 skills final . I just took it yesterday and failed . In fact
> the
> > >whole class failed.
> > >
> > >One of our students who scored high on most test and blazed through the
> > >final written exam in 10 mins, walked out in frustration .
> > >Another student who works as an administrator, was are best chance of
> having
> > >someone pass missed it . I myself knew after an hour that if you don't
> have
> > >those commands down cold with a solid understanding of how to implement
> them
> > >your GOOSE is cooked !!! . You do have the option to have your own
written
> > >notes to help but that might weigh you down if too much is in front of
> you .
> > >Working on idividual labs is one thing but putting the whole environment
> > >together is a whole different animal .
> > >
> > >Once given the actual skills asessment designing, implementing and
trouble
> > >shooting you assume that this ones in the bag . The environment wasn't
> large
> > >and looking back at the running config's there wasnt much to them other
> than
> > >having MED and CBAC . Ah!!! but how wrong I was!!! I'll spare the
details
> > >and say that this was an eye opener . It showed me what I really don't
> know
> > >and to do the job in the real world will take a lot work on my part .
> > >
> > >Buyer Beware !!!
> > >
> > >Overall it was good to go through and to be pushed just shows the weak
> areas
> > >FAQ, list archives, and subscription info:
> > >http://www.groupstudy.com/list/cisco.html
> > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> > 
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29355&t=29212
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp/ospf/eigrp for redundant internet [7:29417]

[Brian Whalen]

If each site has multiple links, are they to the same or different
providers?  If each only has 1 link, then regardless of what routing
method you use, a down linl=>a down site.  You could get an as, do ibgp
between them and make them multihomed, though that costs dough.  At a
minumum, you could dual home each site to the same provider, thereby not
needing bgp..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Dec 2001, Patrick Ramsey wrote:

> Ok guys/gals,
>
> I have a scenario here that I am trying to implement and before I start
> working on it, I would like some personal opinions/expereinces from anyone
> that cares to respond.
>
> we have 6 major facilities all connected via various speed wan links.  Each
> facillity has it's own connection to the internet with default routes set
> accordingly.  Each facillity then has statics back to each of the other
> facillites.
>
> Currently their is no redundancy in the internet connectivity.  If one site
> loses it's internet T, then it's down until that T comes back.  Nobody has
> ever complained about this being an issue, but it just seems a bit silly to
> pay for 6 T's and not get full use of them.
>
> I have never setup hsrp before and am reading about it right now.  But is
> hsrp all that I need to accomplish this task?
>
> each facillity has mulitple networks seperated by it's core layer3 switch,
> then the wan links are either 2600's or 3600's
>
> thanks!
>
> -Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29421&t=29417
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp/ospf/eigrp for redundant internet [7:29417]

[Brian Whalen]

backup default route, just use a higher metric.  Assuming you are willing
to do that..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Dec 2001, Patrick Ramsey wrote:

> well each site has one link to the inernet but it also has it's wan link
to the enterprise.  What I want though is for one site's internet connection
to go down and it be able to use it's wan link to find another way to get to
the internet.
>
> -Patrick
>
> >>> Brian Whalen  12/17/01 04:46PM >>>
> If each site has multiple links, are they to the same or different
> providers?  If each only has 1 link, then regardless of what routing
> method you use, a down linl=>a down site.  You could get an as, do ibgp
> between them and make them multihomed, though that costs dough.  At a
> minumum, you could dual home each site to the same provider, thereby not
> needing bgp..
>
> Brian "Sonic" Whalen
> Success = Preparation + Opportunity
>
>
> On Mon, 17 Dec 2001, Patrick Ramsey wrote:
>
> > Ok guys/gals,
> >
> > I have a scenario here that I am trying to implement and before I start
> > working on it, I would like some personal opinions/expereinces from
anyone
> > that cares to respond.
> >
> > we have 6 major facilities all connected via various speed wan links. 
Each
> > facillity has it's own connection to the internet with default routes set
> > accordingly.  Each facillity then has statics back to each of the other
> > facillites.
> >
> > Currently their is no redundancy in the internet connectivity.  If one
site
> > loses it's internet T, then it's down until that T comes back.  Nobody
has
> > ever complained about this being an issue, but it just seems a bit silly
to
> > pay for 6 T's and not get full use of them.
> >
> > I have never setup hsrp before and am reading about it right now.  But is
> > hsrp all that I need to accomplish this task?
> >
> > each facillity has mulitple networks seperated by it's core layer3
switch,
> > then the wan links are either 2600's or 3600's
> >
> > thanks!
> >
> > -Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29424&t=29417
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE SECURITY WORK BOOK [7:29429]

[Brian Whalen]

try a search site like www.mysimon.com..



Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Dec 2001, CRG wrote:

> I am planning on purchasing the "CCIE SECURITY WORK BOOK" for a Christmas
> gift.  Any one have any feedback on this book or know of a cheaper price
> than $200?
>
>
>

> ***
>
>
> Employment Consultant
> CRG Executive Search & Rescue Placement
> Office: 954-677-9912
> Fax: 888-624-8659
>
>
>

> ***
>
> [GroupStudy.com removed an attachment of type image/gif which had a name of
> Chess.gif]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29440&t=29429
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hsrp/ospf/eigrp for redundant internet [7:29417]

[Brian Whalen]

in its most simple form, without a routing protocol, you could at each
site go;

ip route 0.0.0.0 0.0.0.0 internet connected interface
ip route 0.0.0.0 0.0.0.0 enterprise connected interface 200

Then of course with internet traffic cruising your normally private
network, some security auditing may be in order, depending on your setup.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Dec 2001, Patrick Ramsey wrote:

> yeah I think that was the consensous. : )  I'm going to do some more
reading
> and research this a bit more.  From what I can tell I think the simplest
> will be the floating static default route.
>
> thanks! (and to everyone else!)
>
> -Patrick
>
> >>> "Priscilla Oppenheimer"  12/17/01 07:11PM >>>
> This isn't a job for HSRP. HSRP provides redundancy from end-station
> clients to their default gateway. The clients' default gateway(s) must be
> in the same subnet as the clients. It doesn't sound like that would be the
> case for any of the non-local routers.
>
> It sounds like a job for a routing protocol. IGRP claims to figure out a
> candidate default route. Would it dynamically select a new route when the
> Internet interface went down? Or how about using OSPF and its ability to
> interject Type 4 routes to Autonomous System Boundary Routers?
>
> You could probably do this without a routing protocol too with a backup
> command of some sort of a floating static (default) route. OK, so I'm
> waving my hands here. ;-) But I can say for sure that you're barking up the
> wrong tree with HSRP.
>
> Priscilla
>
> At 05:51 PM 12/17/01, Patrick Ramsey wrote:
> >Ok guys/gals,
> >
> >I have a scenario here that I am trying to implement and before I start
> >working on it, I would like some personal opinions/expereinces from anyone
> >that cares to respond.
> >
> >we have 6 major facilities all connected via various speed wan links. 
Each
> >facillity has it's own connection to the internet with default routes set
> >accordingly.  Each facillity then has statics back to each of the other
> >facillites.
> >
> >Currently their is no redundancy in the internet connectivity.  If one
site
> >loses it's internet T, then it's down until that T comes back.  Nobody has
> >ever complained about this being an issue, but it just seems a bit silly
to
> >pay for 6 T's and not get full use of them.
> >
> >I have never setup hsrp before and am reading about it right now.  But is
> >hsrp all that I need to accomplish this task?
> >
> >each facillity has mulitple networks seperated by it's core layer3 switch,
> >then the wan links are either 2600's or 3600's
> >
> >thanks!
> >
> >-Patrick
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29441&t=29417
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: how to disable NAT in PIX firewall (both insid [7:29405]

[Brian Whalen]

Though I am not a PIX pro, if you don't want nat, are you sure you got the
right product for your needs??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Dec 2001, David Tran wrote:

> Hi Everyone,
>
> I am having problem setting up a network in this scenario
>
> with my PIX515-UR firewall running version 6.1(1) with pdm
>
> version 1.1(2).
>
> I have a network with REGISTERED IP addresses. The
>
> "inside" interface of the PIX is on the 129.174.1.0/24
>
> network with IP address of 129.174.1.254. The "outside"
>
> interface of the PIX is on the 66.61.46.0/24 network with
>
> IP address of 66.61.46.120. The "inside" interface has
>
> a security level of 100 and the "outside" interface has
>
> security level of 0. On the "inside" internal network, I
>
> have 10 workstations range from 129.174.1.1-10. These
>
> workstations have the default gateway point to the
>
> "inside" interface of the PIX.
>
> I understand that for machines from the "inside"
>
> network to access the Internet, the command "nat"
>
> and global must be used. However, since I all of my
>
> machines have valid (aka registered IP addresses), I
>
> want to disabe NAT completely. For, example,
>
> I want machine 129.174.1.1 to be able to browse and
>
> ping any machines on the Internet. At the same time,
>
> I don't want users from the Internet to be able to access
>
> any of the workstations on the "inside" interface. I have
>
> been searching for documentation on Cisco website
>
> but it seems likemost of the example have to do with NAT
>
> enable. There are a few examples that will disable NAT
>
> but it is relatedto VPN which is something I don't want.
>
> Furthermore, most of the examples fill with errors and
>
> pretty worthless (for PIX anyway). If anyone has done
>
> this before, let me know. I also include a copy of the config.
>
> Thanks.
>
> David
>
> PIX Version 6.1(1)
>
> nameif ethernet0 outside security0
>
> nameif ethernet1 inside security100
>
> nameif ethernet2 dmz security50
>
> enable password sdfkjfdjjdfjksdf encrypted
>
> passwd sdfjksdfkjsdfjksjf encrypted
>
> hostname ciscopix
>
> fixup protocol ftp 21
>
> fixup protocol http 80
>
> fixup protocol h323 1720
>
> fixup protocol rsh 514
>
> fixup protocol rtsp 554
>
> fixup protocol smtp 25
>
> fixup protocol sqlnet 1521
>
> fixup protocol sip 5060
>
> fixup protocol skinny 2000
>
> names
>
> access-list no-nat-list permit ip any any
>
> access-list no-nat-list permit icmp any any
>
> pager lines 24
>
> interface ethernet0 auto
>
> interface ethernet1 auto
>
> interface ethernet2 auto
>
> mtu outside 1500
>
> mtu inside 1500
>
> mtu dmz 1500
>
> ip address outside 66.61.46.120 255.255.255.0
>
> ip address inside 129.174.1.254 255.255.255.0
>
> ip address dmz 127.0.0.1 255.255.255.255
>
> ip audit info action alarm
>
> ip audit attack action alarm
>
> no failover
>
> failover timeout 0:00:00
>
> failover poll 15
>
> failover ip address outside 0.0.0.0
>
> failover ip address inside 0.0.0.0
>
> failover ip address dmz 0.0.0.0
>
> pdm history enable
>
> arp timeout 14400
>
> nat (inside) 0 129.174.1.0 255.255.255.0
>
> static (inside, outside) 129.174.1.0 129.174.1.0
>
> conduit permit ip any any
>
> conduit permit icmp any any
>
> route outside 0.0.0.0 0.0.0.0 66.61.46.254 1
>
> timeout xlate 3:00:00
>
> timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00
> sip
>
> 0:30:00 sip_media 0:02:00
>
> timeout uauth 0:05:00 absolute
>
> aaa-server TACACS+ protocol tacacs+
>
> aaa-server RADIUS protocol radius
>
> no snmp-server location
>
> no snmp-server contact
>
> snmp-server community public
>
> no snmp-server enable traps
>
> floodguard enable
>
> no sysopt route dnat
>
> telnet timeout 5
>
> ssh timeout 5
>
> terminal width 80




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29405&t=29405
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RE: T1 connection speed [7:29937]

[Brian Whalen]

These types of questions come about often because some single user expects
full t1 bw on a single app.  Just setup mrtg or some other monitoring to
see what is passing.  Typically, a single app cannot get full use of the
t1 either because of other users on the lan/in the office, or because the
path to the target is suboptimal.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 22 Dec 2001, John Neiberger wrote:

> It's not even necessary to go that far.  If you have installed
> a T-1 and your CSU/DSU is configured for 1.544 Mbps, if the
> link is up then you are running at 1.544 Mbps!
>
> If the line were being clocked at a different speed than that
> configured in your CSU/DSU, it would not function at all.
>
> File transfer speed isn't the best test to use here, although
> if your calculations show that you're using almost the full T-1
> then I'm not sure what your concerns might be.
>
> If you have a T1 connection to a frame relay network then you
> have even more issues to deal with regarding transfer speeds
> between two points.  However, my point remains.  If you're only
> worried about the operational speed of the link, then it *has*
> to be running at the configured clockrate to function.
>
> HTH,
> John
>
>  On Sat, 22 Dec 2001, Joshua Barnes
> ([EMAIL PROTECTED]) wrote:
>
> > That sounds like too much thought
> >
> > I would just get a sniffer or Paradyne frame saver csu/dsu
> and let it
> > tell
> > Me that it is working at the right speed.
> >
> > But anyway, yeah the way you did it will work too.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
> Behalf Of
> > A.Steinbock
> > Sent: Saturday, December 22, 2001 4:01 PM
> > To: [EMAIL PROTECTED]
> > Subject: T1 connection speed [7:29937]
> >
> > If I can copy a file of 2,481 KB across a T1 line in 14
> seconds, can I
> > claim
> > that the T1 line is working fine and configured properly?
> >
> > Saying that 2481 KB is 2,540,544 Bytes, or 20,324,352 bits
> > divided by 14 seconds-  the result is 1,451,740 bits per
> second.
> >
> > Adding Windows overheads, this is almost equal to 1,540,000
> bits per
> > second
> > T1
> > line speed.
> > I would conclude that this T1 line is working properly.
> > Am I right?
> >
> > TIA for your input.
> >
> > Akim
> >
> >
> >
> 
> 
> > Get free e-mail and a permanent address at
> http://www.amexmail.com/?A=1
> [EMAIL PROTECTED]
> >
> >
>
>
> 
> Get your own "800" number
> Voicemail, fax, email, and a lot more
> http://www.ureach.com/reg/tag




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29951&t=29937
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Free BOOT CAMP LABS! [7:29926]

[Brian Whalen]

Can we please all stop trying to be socialists and instead reward the
efforts of those who created these.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 22 Dec 2001, screw bootcamp wrote:

> Marc,
>
> If you are updating all your labs you won't mind your old ones being posted
> free for all those people in the poorer countries, as you put it.
>
> In fact why don't you post the old ones and get some good publicity for
your
> company. You could look at it as your Christmas present to the learning
> community after all they have given to you.
>
> A quick calculation for people to consider.
>
> BootCamp charge $600 a pop for the labs.
>
> There are say 1000 people that have bought these legitimatly. (This is
> possibly  conservative)
>
> The lab scenarios themselves cost only time to develop. The kit to develope
> them had to be purchased anyway for CCIE studies.
>
> Yes you can expand this argument into lots of different areas to suit your
> purpose.
>
> As for legitimate updates Mark. I am sure you can come up with a cheap but
> secure method for providing updates to people via the web. While you are at
> it why don't you create a electronic method for purchasing the products in
> the first place.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29950&t=29926
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Adtran TSU & p-t-p T1 [7:29957]

[Brian Whalen]

Tried making one end of these ckts a clock source?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 22 Dec 2001, Randall Yoo wrote:

> Sorry for cross-posting.
>
> I've got a cheap customer who wants to continue to use Cisco 1000 routers
> (IOS 10.3(10)) with external Adtran TSU's (P/N: 1200.060L1).  Currently,
> they're running a 3-site frame relay (384k, 128k, 128k) WAN with 3 of those
> routers and 3 Adtran units.
>
> They've signed up for point-to-point T1 (w/ Eureka Broadband) and wants to
> switch their frame relay WAN to point-to-point T1 WAN.  I've reconfigured
> the serial interfaces accordingly (IP address and encapsulation ppp) and
> re-programmed the Adtran units for 24 channels, ESF, B8ZS and "Network" for
> clock source on both ends.  While Adtrans are re-booting, the other end
> flashes Error LED, but once up, all LED's are green.  However, ping'ing the
> other end just times out.
>
> With Cisco T1 DSU WIC's, point-to-point T1 setup is almost a no-brainer.
> But, with Adtran unit in the equation, I can't determine if it's the router
> config (which I doubt), or the Adtran unit, or the carrier setup (which I
> doubt also - they had tested and turned up the ckt and plugged hard loop
> back plug into the smart jacks).
>
> Any thoughts?
>
> TIA,
>
> Randall




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=29959&t=29957
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: recertify time [7:30208]

[Brian Whalen]

I am ccna v1, and just logged into
https://www.galton.com/~cisco_s/login.html and saw that my 1999 ccna is
good till 2002, so guess its 3 years they're good for.
Login and see for yourself where you're at.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 27 Dec 2001, D sam wrote:

> Does anyone know what the recertification rule is I know it came into
effect
> in 2000-2001, but how does that effect those who got their certification in
> 1999, when does the recert clock start ticking for us, I received my CCNA
in
> April of 1999(does it start then) or does it start in 2001 being that the
> rule was just implemented.
>
>
> rick
>
> _
> Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30241&t=30208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Virtual Study Groups [7:30295]

[Brian Whalen]

What about videoconferencing, I mean many of us have fast net available at
home or work right??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 28 Dec 2001, Mike Sweeney wrote:

> Suranjith Ariyapperuma wrote:
> >
> > Dear Friends,
> > Is forming a Virtual Study Group a practical idea ?. if yes
> > would anyone be willing to form one?, currently I am studying
> > for CCNP routing exam (BSCN).
> > Suranjith
> >
>
> It can be done..  I've taking online classes which work roughly the same
> way. It requires a bit more dedication then when everyone lives local but I
> will toss out some ideas..
>
> Use a instant messaging program- you can have several people yakking at the
> same time. On AOL, you can make a custom chat room which would accomplish
> the same idea.. a common forum.
>
> Get a rack online where people can telnet to it while in the chat room
>
> Personally I think it would work nicely..  another idea which I did use
when
> dating my wife, is to use an internet phone for a more real-time
connection.
> The phone requires a decent sound card for full duplex and at least a 56K
> link but it does work.
>
> If you want to pursue this more off line- drop me a email.
>
> MikeS
> find me at www dot packetattack dot com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30307&t=30295
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Half Successfull ping [7:30449]

[Brian Whalen]

I have seen this behavior when there are multiple static routes when there
shouldnt have been..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 29 Dec 2001, Marc Russell wrote:

> Kind of strange. What does debug ip packet give you. If you are running
> other IP data then use debug ip packet 101 with the access list below. That
> will make it easier to sort through the output. Have you tried slowing down
> the clock rate or switching which side is DCE?
>
> access-list 101 permit icmp any any.
>
>
> Marc Russell
> www.ccbootcamp.com
>
>
>
> ""McHugh Randy""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Anyone have an ideas on this half successfull ping across two directly
> > connect serial interfaces? Clock rate, encapsulation, controllers and
> cables
> > look OK. Address on R4 is 172.16.1.4/24 and R2 is 172.16.1.5/24 . Here is
> > the ping from R4
> > R4#ping 172.16.1.5
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 172.16.1.5, timeout is 2 seconds:
> > .!.!.
> > Success rate is 40 percent (2/5), round-trip min/avg/max = 32/32/32 ms
> >
> > Same thing from R2 to R4
> > R2#ping 172.16.1.4
> >
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 172.16.1.4, timeout is 2 seconds:
> > !.!.!
> > Success rate is 60 percent (3/5), round-trip min/avg/max = 28/30/32 ms
> > Thanks
> > Randy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30470&t=30449
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Half Successfull ping [7:30449]

[Brian Whalen]

looking at r2, it appears that connected routes for the 172.16.1.0 network
are showing up on both serial0 and serial1.  Using 2 sets of ips out of
the same class c and assigning both pairs a /24 netmask?


Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sun, 30 Dec 2001, McHugh Randy wrote:

> Here is the routing table on R2 and R4. I have a hub and spoke config with
> frame relay between R1 - R2,R3, and the frame connection between R1 and R4
> is not coming up so hence the need for a direct serial back to back from R2
> to R4.
> R2#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
>D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
>i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
> area
>* - candidate default, U - per-user static route, o - ODR
>P - periodic downloaded static route
>
> Gateway of last resort is not set
>
> C223.2.2.0/24 is directly connected, Loopback0
>  172.16.0.0/24 is subnetted, 3 subnets
> O IA172.16.5.0 [110/128] via 172.16.1.3, 16:37:46, Serial0
> O   172.16.6.0 [110/74] via 172.16.1.1, 18:17:57, Serial0
> C   172.16.1.0 is directly connected, Serial0
>is directly connected, Serial1
>  10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
> O IA10.1.11.1/32 [110/65] via 172.16.1.1, 18:17:57, Serial0
> O IA10.1.12.1/32 [110/65] via 172.16.1.1, 18:17:57, Serial0
> O IA10.1.31.1/32 [110/65] via 172.16.1.3, 18:17:58, Serial0
> C   10.1.22.0/24 is directly connected, Loopback2
> C   10.1.21.0/24 is directly connected, Loopback1
> O IA10.1.32.1/32 [110/65] via 172.16.1.3, 18:17:58, Serial0
>
> R4#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
>D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
>i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
> area
>* - candidate default, U - per-user static route, o - ODR
>P - periodic downloaded static route
>
> Gateway of last resort is not set
>
> C223.4.4.0/24 is directly connected, Loopback0
>  172.16.0.0/24 is subnetted, 2 subnets
> C   172.16.6.0 is directly connected, Ethernet0
> C   172.16.1.0 is directly connected, Serial1
>  10.0.0.0/24 is subnetted, 2 subnets
> C   10.1.42.0 is directly connected, Loopback2
> C   10.1.41.0 is directly connected, Loopback1
> As you can see there is no direct connection shown between serial 1 on R4
> which is 172.16.1.4 which is directly connected to serial 1 on R2
172.16.1.5
> . It may have something to do with the load balance or another path to the
> same source. Any suggestions welcome and appreciated.
> Thank you,
> Randy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30512&t=30449
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Autosense this ... (add to your knowledgebase) [7:30446]

[Brian Whalen]

You have access to a phone during the test?  I guess a cell call during a
bathroom break could occur.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 31 Dec 2001, EA Louie wrote:

> > Someone at Cisco was just telling me about a guy who came in from Korea
to
> > take the CCIE lab and during lunch, he called TAC on one of the problems.
> > The TAC tech recognized the problem as a lab problem from his CCIE test,
> > called down to the lab instructors to see if that person was taking the
> lab,
> > and sure enough he was.  He was busted and sent back home.  I don't agree
> > with what he did, but I find it amusing none the less.
> >
>
> now THAT's funny, and tragic, and qualifies as an honorable mention in "The
> 2001 Darwin Awards"
>
>
>
>
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30605&t=30446
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, [7:30643]

[Brian Whalen]

Looks like
http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/itg_medi.pdf has
some tips to try.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 1 Jan 2002, SA J wrote:

> Hi All,
>  Im facing one problem on our central site i.e
> currently im using
> Cisco
>  3640 router with fast ethernet module in it, its
> working perfect,
> but
>  when i change the module i.e 1E2W & no shuts the
> ethernet
> interface
>  it, then the following scenario occurs!
>
>  Router(config-if)#
>  Router(config-if)#no shut
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %LINEPROTO-5-UPDOWN: Line protocol on Interface
> Ethernet0/0,
> changed
>  state to up
>  %LINK-3-UPDOWN: Interface Ethernet0/0, changed
> state to up
>  Router(config-if)#ip address 10.1.0.1 255.255.0.0
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>
>
>  Ethernet doesnt work properly! Excessive
> collisions occurs! but
> the
>  same module is working alright on our brach
> office.
>  Any Suggestions? Need solution urgently.
>
>  Rgds,
>  SAJ
>
>
> __
> Do You Yahoo!?
> Send your FREE holiday greetings online!
> http://greetings.yahoo.com
> X-Apparently-To: [EMAIL PROTECTED] via web20908.mail.yahoo.com; 01
>   Jan 2002 02:49:24 -0800 (PST)
> X-Track: 1: 40
> Received: from 202.163.99.184  (EHLO company.mail) (202.163.99.184) by
>   mta442.mail.yahoo.com with SMTP; 01 Jan 2002 02:49:23 -0800 (PST)
> Received: from gacpak.com [10.1.0.10] by company.mail [10.1.1.157] with
>   SMTP (MDaemon.PRO.v5.0.1.T) for ; Tue, 01 Jan
>   2002 15:49:00 +0500
> Received: from ccMail by gacpak.com (ccMail Link to SMTP R8.30.00.7) id
>   A1009928999; Tue, 01 Jan 2002 15:50:08 +0500
> X-Mailer: ccMail Link to SMTP R8.30.00.7
> Date: Tue, 01 Jan 2002 15:51:46 +0500
> From:
> To: ,
> Subject: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
> Content-Description: "cc:Mail Note Part"
> X-MDRemoteIP: 10.1.0.10
> X-Return-Path: [EMAIL PROTECTED]
> X-MDaemon-Deliver-To: [EMAIL PROTECTED]
> Content-Length: 474
>
>  Hi All,
>  Im facing one problem on our central site i.e currently im using Cisco
>  3640 router with fast ethernet module in it, its working perfect, but
>  when i change the module i.e 1E2W & no shuts the ethernet interface
>  it, then the following scenario occurs!
>
>  Router(config-if)#
>  Router(config-if)#no shut
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed
>  state to up
>  %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
>  Router(config-if)#ip address 10.1.0.1 255.255.0.0
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>
>
>  Ethernet doesnt work properly! Excessive collisions occurs! but the
>  same module is working alright on our brach office.
>  Any Suggestions? Need solution urgently.
>
>  Rgds,
>  SAJ




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30643&t=30643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, [7:30644]

[Brian Whalen]

I would be suspicious of the cable at the failure site also, and do your
duplex settings match..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 2 Jan 2002, Brian Whalen wrote:

> Looks like
> http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/itg_medi.pdf has
> some tips to try.
>
> Brian "Sonic" Whalen
> Success = Preparation + Opportunity
>
>
> On Tue, 1 Jan 2002, SA J wrote:
>
> > Hi All,
> >  Im facing one problem on our central site i.e
> > currently im using
> > Cisco
> >  3640 router with fast ethernet module in it, its
> > working perfect,
> > but
> >  when i change the module i.e 1E2W & no shuts the
> > ethernet
> > interface
> >  it, then the following scenario occurs!
> >
> >  Router(config-if)#
> >  Router(config-if)#no shut
> >  Router(config-if)#
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> > collisions, TDR=1,
> > TRC=0.
> >  %LINEPROTO-5-UPDOWN: Line protocol on Interface
> > Ethernet0/0,
> > changed
> >  state to up
> >  %LINK-3-UPDOWN: Interface Ethernet0/0, changed
> > state to up
> >  Router(config-if)#ip address 10.1.0.1 255.255.0.0
> >  Router(config-if)#
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> > collisions, TDR=1,
> > TRC=0.
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> > collisions, TDR=1,
> > TRC=0.
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> > collisions, TDR=1,
> > TRC=0.
> >
> >
> >  Ethernet doesnt work properly! Excessive
> > collisions occurs! but
> > the
> >  same module is working alright on our brach
> > office.
> >  Any Suggestions? Need solution urgently.
> >
> >  Rgds,
> >  SAJ
> >
> >
> > __
> > Do You Yahoo!?
> > Send your FREE holiday greetings online!
> > http://greetings.yahoo.com
> > X-Apparently-To: [EMAIL PROTECTED] via web20908.mail.yahoo.com; 01
> >   Jan 2002 02:49:24 -0800 (PST)
> > X-Track: 1: 40
> > Received: from 202.163.99.184  (EHLO company.mail) (202.163.99.184) by
> >   mta442.mail.yahoo.com with SMTP; 01 Jan 2002 02:49:23 -0800 (PST)
> > Received: from gacpak.com [10.1.0.10] by company.mail [10.1.1.157] with
> >   SMTP (MDaemon.PRO.v5.0.1.T) for ; Tue, 01 Jan
> >   2002 15:49:00 +0500
> > Received: from ccMail by gacpak.com (ccMail Link to SMTP R8.30.00.7) id
> >   A1009928999; Tue, 01 Jan 2002 15:50:08 +0500
> > X-Mailer: ccMail Link to SMTP R8.30.00.7
> > Date: Tue, 01 Jan 2002 15:51:46 +0500
> > From:
> > To: ,
> > Subject: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1
> > MIME-Version: 1.0
> > Content-Type: text/plain; charset=US-ASCII
> > Content-Transfer-Encoding: 7bit
> > Content-Description: "cc:Mail Note Part"
> > X-MDRemoteIP: 10.1.0.10
> > X-Return-Path: [EMAIL PROTECTED]
> > X-MDaemon-Deliver-To: [EMAIL PROTECTED]
> > Content-Length: 474
> >
> >  Hi All,
> >  Im facing one problem on our central site i.e currently im using
Cisco
> >  3640 router with fast ethernet module in it, its working perfect,
but
> >  when i change the module i.e 1E2W & no shuts the ethernet interface
> >  it, then the following scenario occurs!
> >
> >  Router(config-if)#
> >  Router(config-if)#no shut
> >  Router(config-if)#
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
> >  %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed
> >  state to up
> >  %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
> >  Router(config-if)#ip address 10.1.0.1 255.255.0.0
> >  Router(config-if)#
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
> >  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
> >
> >
> >  Ethernet doesnt work properly! Excessive collisions occurs! but the
> >  same module is working alright on our brach office.
> >  Any Suggestions? Need solution urgently.
> >
> >  Rgds,
> >  SAJ




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30644&t=30644
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, [7:30649]

[Brian Whalen]

I havent worked with this mod before, heres a bit of useful info..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


-- Forwarded message --
Date: Wed, 2 Jan 2002 09:00:23 +0200
From: Andrew Larkins 
To: Brian Whalen 
Subject: RE: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, [7:306
43]

The 1E2W module is a 10MB module - change the switch port speeds and duplex

-Original Message-----
From: Brian Whalen [mailto:[EMAIL PROTECTED]]
Sent: 02 January 2002 07:00 AM
To: [EMAIL PROTECTED]
Subject: Re: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions,
[7:30643]


Looks like
http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/itg_medi.pdf has
some tips to try.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 1 Jan 2002, SA J wrote:

> Hi All,
>  Im facing one problem on our central site i.e
> currently im using
> Cisco
>  3640 router with fast ethernet module in it, its
> working perfect,
> but
>  when i change the module i.e 1E2W & no shuts the
> ethernet
> interface
>  it, then the following scenario occurs!
>
>  Router(config-if)#
>  Router(config-if)#no shut
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %LINEPROTO-5-UPDOWN: Line protocol on Interface
> Ethernet0/0,
> changed
>  state to up
>  %LINK-3-UPDOWN: Interface Ethernet0/0, changed
> state to up
>  Router(config-if)#ip address 10.1.0.1 255.255.0.0
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive
> collisions, TDR=1,
> TRC=0.
>
>
>  Ethernet doesnt work properly! Excessive
> collisions occurs! but
> the
>  same module is working alright on our brach
> office.
>  Any Suggestions? Need solution urgently.
>
>  Rgds,
>  SAJ
>
>
> __
> Do You Yahoo!?
> Send your FREE holiday greetings online!
> http://greetings.yahoo.com
> X-Apparently-To: [EMAIL PROTECTED] via web20908.mail.yahoo.com; 01
>   Jan 2002 02:49:24 -0800 (PST)
> X-Track: 1: 40
> Received: from 202.163.99.184  (EHLO company.mail) (202.163.99.184) by
>   mta442.mail.yahoo.com with SMTP; 01 Jan 2002 02:49:23 -0800 (PST)
> Received: from gacpak.com [10.1.0.10] by company.mail [10.1.1.157] with
>   SMTP (MDaemon.PRO.v5.0.1.T) for ; Tue, 01 Jan
>   2002 15:49:00 +0500
> Received: from ccMail by gacpak.com (ccMail Link to SMTP R8.30.00.7) id
>   A1009928999; Tue, 01 Jan 2002 15:50:08 +0500
> X-Mailer: ccMail Link to SMTP R8.30.00.7
> Date: Tue, 01 Jan 2002 15:51:46 +0500
> From:
> To: ,
> Subject: %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
> Content-Description: "cc:Mail Note Part"
> X-MDRemoteIP: 10.1.0.10
> X-Return-Path: [EMAIL PROTECTED]
> X-MDaemon-Deliver-To: [EMAIL PROTECTED]
> Content-Length: 474
>
>  Hi All,
>  Im facing one problem on our central site i.e currently im using
Cisco
>  3640 router with fast ethernet module in it, its working perfect, but
>  when i change the module i.e 1E2W & no shuts the ethernet interface
>  it, then the following scenario occurs!
>
>  Router(config-if)#
>  Router(config-if)#no shut
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed
>  state to up
>  %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
>  Router(config-if)#ip address 10.1.0.1 255.255.0.0
>  Router(config-if)#
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>  %AMDP2_FE-5-COLL: AMDP2/FE(0/0), Excessive collisions, TDR=1, TRC=0.
>
>
>  Ethernet doesnt work properly! Excessive collisions occurs! but the
>  same module is working alright on our brach office.
>  Any Suggestions? Need solution urgently.
>
>  Rgds,
>  SAJ




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30649&t=30649
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problem with VPN over PPPoE ADSL [7:30723]

[Brian Whalen]

a wild guess, packet frag issues?  Try to ping with larger packets to test
this..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 2 Jan 2002, Bruce Williams wrote:

> I have a customer with an ADSL line which uses PPPoE. They are able to
> establish a VPN tunnel over the DSL line, but they are only able to ping
> through the tunnel. TCP, UDP and other higher protocols will not work. I
> heard that there is an issue with doing VPNs over PPPoE ADSL. Does anyone
> know what the issue is and if there is a solution?
>
> Bruce Williams
> mailto:[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30734&t=30723
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to Block MSN ... [7:30891]

[Brian Whalen]

googled for msn messenger ports and got

http://messenger.msn.com/support/firewall.asp

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 4 Jan 2002, Ziyaad wrote:

> Hi all
>Can anyone tell me how can I block msn messanger on my network..What
> port in the access list should I block to stop workers from using msn
> messanger ??Does it uses a fix port ?I am using 2503 router with NAT
enabled
>
>
> Regards
> Ziyaad




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30896&t=30891
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Access-List questions [7:31001]

[Brian Whalen]

The first entry, by ending in .7, allows for 10.10.10.40-47, remember this
is a span of 8.  Then you need 48 and 49, hence the .1.  The .40 and .48
are network addresses, I'll refer you to one of the many subnet
calculators out there if thinking in binary is not yet second nature.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 5 Jan 2002, Hunt Lee wrote:

> Thanks for the response guys  :)  But can anyone explain to me how do you
> guys derive:
>
> 10.10.10.40 0.0.0.7 & 10.10.10.48 0.0.0.1
>
> And also, for the second statement, how do you know 48 has to be placed in
> the fourth octet?
>
> I'm still very confused, but thanks for your help in advance.
>
> Best Regards,
> Hunt Lee
>
>
> ""Gaz""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > You're not wrong, spotted the previous mistake, you just missed off an
> > address. That's a nice way of putting it eh?
> >
> > Changing your second line to Permit 10.10.10.48 0.0.0.1 will do the trick
> > because it allows 48 and 49 through.
> >
> > Regards,
> >
> > Gaz
> >
> >
> > ""Shengtao""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I think "Permit 10.10.10.40 0.0.0.7" will allow 40-47, and you need
> > another
> > > statement " Permit 10.10.10.48 0.0.0.0" to allow 48 to get through.
> > >
> > > Am I worng?
> > >
> > >
> > > ""Godswill HO""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Hi,
> > > >
> > > > Try the following:
> > > >
> > > > IP access-list standard allowed
> > > > Permit 10.10.10.40 0.0.0.7
> > > > Permit  10.10.10.49 0.0.0.0
> > > >
> > > > The first permit statement allow addresses n.n.n.40 to n.n.n.48,
while
> > the
> > > > last one allow address n.n.n.49. There is no way you can deny whole
> > range
> > > > without affecting other addresses with one single statement.
> > > >
> > > > When appliying it to your interface say:
> > > >
> > > > Router(config-if)#IP access-group allowed in
> > > >
> > > > Regards.
> > > > Oletu
> > > >
> > > > - Original Message -
> > > > From: Hunt Lee
> > > > To:
> > > > Sent: Friday, January 04, 2002 9:29 PM
> > > > Subject: Access-List questions [7:31001]
> > > >
> > > >
> > > > > Hello there,
> > > > >
> > > > > I need some help on Access-Lists:
> > > > >
> > > > > Say if I want to permit network access to only 10.10.10.1 -
> > 10.10.10.254
> > > > >
> > > > > I know you can simply use:
> > > > >
> > > > > Access-list 10 permit 10.10.10.0 0.0.0.255
> > > > >
> > > > > However, if I want to only permit the range of 10.10.10.40 to
> > > 10.10.10.49
> > > > > (inclusive), then what should I do?
> > > > >
> > > > > Any help is greatly appreciated.
> > > > >
> > > > > Best Regards,
> > > > > Hunt Lee
> > > > > IP Solution Analyst
> > > > > Cable & Wireless
> > > > _
> > > > Do You Yahoo!?
> > > > Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31033&t=31001
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to block MSN, and others. [7:31057]

[Brian Whalen]

How inept does a netadmin have to be to block his own servers.  If Im that
guys boss, he is so fired..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 7 Jan 2002, John Allhiser wrote:

> This discussion reminds me of a popular quote I see all the time on another
> forum: "There are seldom good technological solutions to behavioral
> problems."
> --attributed to Ed Crowley, Compaq Technical Consultant
>
> A friend of mine worked for a company that had a problem with a certain
> spammer.
> They blocked the IP address of the offending emailer at the gateway, and to
> their utter astonishment, the pernicious perpetrator changed its IP.  The
> spam
> continued to flow.
> Eventually, after about 9 IPs were entered into the "deny" access-list, the
> legitmate email started having problems (the spammer seemed to have been
> stopped).+
>
> Long story, short:  The spammer was using the company's ISP's mail relay
host
> addresses.
> By shutting down those IPs, they effectively shut down their Intenet mail
> service.
>
> --John
>
>
> -Original Message-
> From: Gaz [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, January 06, 2002 1:56 PM
> To: [EMAIL PROTECTED]
> Subject: Re: How to block MSN, and others. [7:31057]
>
>
> I suppose it comes down to they type of company/employees. I'm more used to
> companies that leave things fairly open for employees, and demand (rather
> than expect) that the employee be responsible with it.
> Employees will understand that monitoring needs to be done at times and
> offenders be dealt with.
> "Firm and fair" sometimes works better than "beat me if you can". Not
always
> though, so admittedly it's horses for courses.
>
> Gaz
>
> ""Mike Sweeney""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Let me put something into perspective here. It was said earlier about why
> > give access then block it. Why indeed... the why is for BUSINESS
reasons..
> > not day trading, not stock tickers, not chatting for hours(documented)
> with
> > friends at the expense of work, viruses coming in on Hotmail attachments
> > that bypass the clamped down exchange server and so on.
> >
> > The internet is given to employees for business reasons with the
> expectation
> > that the employee will be responsible with it. Will there be personal
> use..
> > of course.. just like the phone. Why limit certain things? gee.. the
> company
> > pays for a T1, they have 4,000 users, 100 decide to watch a Victoria
> Secret
> > webcast at 300Kbps.. see the problem?  This not theorical.. this really
> > happened to one of my clients and the webcastusers/readaudio users
managed
> > to max out the T during working hours.
> >
> > The courts have already decided for good or bad that email is company
> > property and they can do what they wish with it. I would imagine that web
> > access falls under the same rules as it's a company building, desk, PC(or
> > Mac), servers, connection and so on.
> >
> > My opinion
> >
> > MikeS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31237&t=31057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPv6 [7:31228]

[Brian Whalen]

.bomb failures have lengthened the usefulness of v4 I am sure..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 7 Jan 2002, Steven A. Ridder wrote:

> Another question,
>
> When's IPv6 gonna hit the mainstream?   Or the backbone?  Of all the stuff
I
> ever read on it, the main reason it came into play was because of the
> impending depletion of public addresses.  Well with NAT, firewall and other
> proxy services handiling a lot of requests onto the public internet, the
> depletion has been put out a few years (actually, does anyone have any good
> like, studies pointing out when this is supposed to happen now?).  So what
> else is going to drive the adoption of IPv6?
>
> --
>
> RFC 1149 Compliant.
>
>
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31342&t=31228
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Router down for a few seconds, many times [7:31308]

[Brian Whalen]

Got logging setup somewhere looking for errors that correspond with this?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 8 Jan 2002, [EMAIL PROTECTED] wrote:

> Well, "show log" would be a good start.
> You haven't given us much to go on, but if the interfaces don't actually
> drop it could be a routing protocol problem.  Or it could be a lot of other
> things :-)
> Does this happen at specific times?  Regular intervals?  Or is it random?
> Is there anything else happening on your network that you can correlate
> with this?
> What does the log show?  Hopefully that will give you an idea of what to
> look at.  You may then need to put on some debugs to get further
> information.  Use debugs cautiously or they can hang a perfectly healthy
> router!
>
> JMcL
> - Forwarded by Jenny Mcleod/NSO/CSDA on 09/01/2002 09:02 am -
>
>
> "NetEng"
>
> cc:
> Sent by:  Subject: Router down for
a
> few seconds, many
> nobody@groupstudy.times
> [7:31308]
>
> com
>
>
> 09/01/2002
> 06:36
>
> am
> Please respond
> to
>
> "NetEng"
>
>
>
>
>
>
> I have a Cisco 4000 in the core that goes down for 15 seconds or so about
> 10
> times a day. All interfaces are unreachable (pinging), and from what I can
> tell the actual interfaces never actually drop. I will console into it, but
> any ideas what I can look for? show processes and ?TIA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31350&t=31308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How is this book ? [7:31382]

[Brian Whalen]

I also wanted to add this..
The second edition of this, isbn number 0071356762, is classified as a
paperback but is a hardcover book.  I have
one here now. I have read bits of it in attempt to strengthen areas I am
weak, but not the entire thing.  Interestingly, it is not listed on
http://www.osborne.com/errata/errata.shtml.  The book shows up if you search
the site, but not on the errata page..

Brian

""Mahisri""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> How is this book ?
>
> Cisco CCIE All-in-One Study Guide Paperback, 1999
> Roosevelt Giles
> Condition: Like New
> Price: $19.39 (Save $60.59!)
> Seller: EducationalBook
>
> Thanks in advance for the feedback
>
> Sri




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31456&t=31382
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Serial Line problems [7:31426]

[Brian Whalen]

Are all these circuits riding on the same larger telco ckt or in the same
area, thus same co??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 9 Jan 2002, Steven A. Ridder wrote:

> If it was a crossed pair somewhere, it wouln't come up at all.  No carrier.
>
> It can very well be bad dmarc extensions, but so many all at once.  Is it
> all in one area of the state/city?  Could still be bad telco wiring if in
> same area of CO.
>
> I believe that the customer of yours receive timing on the CO, not your
> frame-switch, even though your souce is supposed to be higher.  Are you not
> synced with the telco switch or the USNO?
>
> Maybe someone else can speak about the avail banwidth output, but I just
> checked a T1 frame module, and I have the same output, so I don't think
it's
> that.  I'll look that one up though.
>
> I'd still focus on the timing.
>
> --
> RFC 1149 Compliant.
>
>
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31460&t=31426
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How is this book ? [7:31382]

[Brian Whalen]

ok, I noticed something here.  The second edition of this, isbn number
0071356762, is classified as a paperback but is a hardcover book.  I have
one here now. I have read bits of it in attempt to strengthen areas I am
weak, but not the entire thing.  Interestingly, it is not listed on
http://www.osborne.com/errata/errata.shtml.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 9 Jan 2002, Brian wrote:

> Hes talking about the paperback, perhaps it has corrections, since they are
> often printed after the hardcovers..
>
> Brian
>
> - Original Message -
> From: "David L. Blair" 
> To: 
> Sent: Wednesday, January 09, 2002 7:17 AM
> Subject: Re: How is this book ? [7:31382]
>
>
> > I heard that 1st edition is full of errors.  Do not know about the 2nd
> > edition.
> >
> >
> > --
> >
> >
> > "Through Complexity there is Simplicity,
> >Through Simplicity there is Complexity"
> >
> > David L. Blair - CCNP, CCNA, MCSE, CBE, A+, 3Wizard
> >
> >
> >
> > ""Mahisri""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > How is this book ?
> > >
> > > Cisco CCIE All-in-One Study Guide Paperback, 1999
> > > Roosevelt Giles
> > > Condition: Like New
> > > Price: $19.39 (Save $60.59!)
> > > Seller: EducationalBook
> > >
> > > Thanks in advance for the feedback
> > >
> > > Sri




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31471&t=31382
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help on putting "line protocol up" [7:31611]

[Brian Whalen]

Cmon, gotta give us a little here, a sh ip int b at least, so we know if
its up/down or down/down, adminned down, and what kind of int it is?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 10 Jan 2002, Stephane Wantou Siantou wrote:

> Hi everybody,
>
> Can anybody tell me how to turn "line protocol up" on an interface?
> Thanks,
> Stephane




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31613&t=31611
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help on putting "line protocol up" [7:31611]

[Brian Whalen]

no shut on the relevant interfaces might be a start on this..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 10 Jan 2002, Stephane Wantou Siantou wrote:

>
> This is what I did.  I made a simple configuration with 3 Routers with IOS
> 12.1.
> Router A and Router C are DTE devices and they are connected to router B
> with DTE to DCE cable.
> When I do "sh ip route" on either one of the routers, I don't see the
> directly connected ip addresses.
> When I do "sh int" for either of the interfaces, it says that the line
> protocol is down.  That's why I thought that my problem could be with the
> line protocol being down.  Do you have any idea why there is no
> connectivity whatsoever?  Thanks a lot
>
> For example:
> RouterB#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
>D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
>i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
> area
>* - candidate default, U - per-user static route, o - ODR
>P - periodic downloaded static route
>
> RouterB#sh int s0
> Serial0 is down, line protocol is down
>   Hardware is HD64570
>   Internet address is 172.16.20.2/24
>   MTU 1500 bytes, BW 56 Kbit, DLY 2 usec,
>  reliability 255/255, txload 1/255, rxload 1/255
>   Encapsulation HDLC, loopback not set
>   Keepalive set (10 sec)
>   Last input never, output never, output hang never
>   Last clearing of "show interface" counters 00:25:49
>   Queueing strategy: fifo
>   Output queue 0/40, 0 drops; input queue 0/75, 0 drops
>   5 minute input rate 0 bits/sec, 0 packets/sec
>   5 minute output rate 0 bits/sec, 0 packets/sec
>  0 packets input, 0 bytes, 0 no buffer
>  Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
>  0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>  0 packets output, 0 bytes, 0 underruns
>  0 output errors, 0 collisions, 3 interface resets
>  0 output buffer failures, 0 output buffers swapped out
>  0 carrier transitions
>  DCD=up  DSR=up  DTR=down  RTS=down  CTS=up
>
> Gateway of last resort is not set
>
> RouterA
>
> Current configuration : 651 bytes
> !
> version 12.1
> no service single-slot-reload-enable
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname RouterA
> !
> logging rate-limit console 10 except errors
> !
> ip subnet-zero
> no ip finger
> !
> cns event-service server
> !
> interface Ethernet0
> ip address 172.16.10.1 255.255.255.0
>  shutdown
> !
> interface Serial0
>  ip address 172.16.20.1 255.255.255.0
>  shutdown
>  no fair-queue
> !
> interface Serial1
>  no ip address
>  shutdown
> !
> interface BRI0
>  no ip address
>  shutdown
> !
> ip kerberos source-interface any
> ip classless
> no ip http server
> !
> line con 0
> transport input none
> line aux 0
> line vty 0 4
> !
> end
>
>
> RouterB
>
> Current configuration : 1190 bytes
> !
> version 12.2
> no service single-slot-reload-enable
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname RouterB
> !
> logging rate-limit console 10 except errors
> !
> ip subnet-zero
> no ip finger
> !
> no ip dhcp-client network-discovery
> !
> interface Serial0
>  bandwidth 56
> ip address 172.16.20.2 255.255.255.0
>  shutdown
>  no fair-queue
>  clockrate 56000
> !
> interface Serial1
>  bandwidth 56
>  ip address 172.16.40.1 255.255.255.0
>  shutdown
>  clockrate 56000
> !
>
>
> RouterC
>
> current configuration : 631 bytes
> !
> version 12.1
> no service single-slot-reload-enable
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname RouterC
> !
> logging rate-limit console 10 except errors
> !
> ip subnet-zero
> no ip finger
> !
> cns event-service server
> !
> interface Ethernet0
> ip address 172.16.50.1 255.255.255.0
> !
> interface Serial0
>  ip address 172.16.40.2 255.255.255.0
>  no fair-queue
> !
> interface Serial1
>  no ip address
>  shutdown
> !
> interface BRI0
>  no ip address
>  shutdown
> !
> ip kerberos source-interface any
> ip classless
> no ip http server
> !
> line con 0
>  transport input none
> line aux 0
> line

Re: I would like to hear from those who have taken the CCIE lab [7:31708]

[Brian Whalen]

Interesting atm is in sect 8.4 of the written blueprint but not on the
lab..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 11 Jan 2002, Chuck Larrieu wrote:

> true or false - loopback interfaces can never be down unless the entire box
> fails..
>
> ""Brad Ellis""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > They have removed ATM and Voice completely.  Don't bother studying it.
> You
> > should really focus on your loopback and token ring interface
> configuration.
> > Make sure you can put the loopback interfaces in a 'down down' state. 
For
> > the token ring interfaces, make sure you can program the router to
> > automatically bring up a token ring interface without a mau or media
> filter
> > or anything at all connected to the interface...and for that matter, if
> you
> > do use a mau, make sure you can bring up the interface WITHOUT pushing in
> > the RingIn and RingOut buttons (inside joke).
> >
> > You should be able to run a mile in under 5 minutes, as the cafeteria has
> > been relocated 2.5 miles away and you only have a half hour for lunch,
> bring
> > pepto and gatorade.  Your lab is now written using invisible ink, make
> sure
> > you can see it.  You may have to repell from the third floor, bring a
long
> > rope.  There will be loud music playing, and a laser light show, wear
> > sunglasses and earplugs.  The room temperature will be over 100F, dress
> > light.  You will have to solve world hunger, bring extra food.  And last
> but
> > not least, NDA!!!  You'll find out when you get there!!!  Study
EVERYTHING
> >
> > -Brad
> > ""Firesox""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I am going for a the CCIE R/S lab in March.
> > > I am going thru all the labs that I can find, but I would love to hear
> > from
> > > someone who has actually taken it recently.
> > > I am particularly curious to see how much ATM and Voice stuff I would
> have
> > > to know.
> > > Please email me at [EMAIL PROTECTED]
> > >
> > > Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31708&t=31708
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Static route load balancing? [7:31715]

[Brian Whalen]

Doesnt that depend on whether you route to the local interface or the
remote ip?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 12 Jan 2002, Bill Carter wrote:

> If the static routes have the save metric, the router will load balance
> traffic it sends out according to the routes.  I don't like this option
> because if one path goes down every other packet will fail.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Cisco Breaker
> Sent: Saturday, January 12, 2002 6:05 AM
> To: [EMAIL PROTECTED]
> Subject: Static route loacd balancing? [7:31715]
>
>
> Hi all,
>
> My customer wants load balancing solution to a branch office. He heard that
> it can be done with static routes, but as I know load balancing can't be
> done by deploying static routes. Any help about this? Can it be done or how
> effective will it be?
>
> Best regards,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31755&t=31715
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Secure communications without an IPsec feature for IOS ? [7:31760]

[Brian Whalen]

You talking about routing protocol data, user traffic, or what?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 12 Jan 2002, Cristian Piatnitchi wrote:

> Hi to everybody
>
> I am wondering if  is there any method to encrypt / secure the
> communcation between 2 routers without to use an IPsec based IOS. I am
> searchig for a cheaper sollution based on a basic IOS 12.0(5) for a 2600
> and IOS version 12.0(3c) for a Cisco 3640.
>
> cisc0 2600 ios image : c2600-i-mz.121-1
> cisco 3640 ios image : c3640-i-mz.120-3c
>
> Any advice would be appreciated
> Thanks in advance
> Cristian




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31760&t=31760
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: linux mailing group [7:31848]

[Brian Whalen]

www.svlug.org
www.kernel-panic.org

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 14 Jan 2002, george gittins wrote:

> i been looking for a linux redhat mailing group where i can ask technical
> questions. any sugesstions?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31874&t=31848
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DS3 requirments [7:31914]

[Brian Whalen]

Need to know more, how many ds3s, need a lan interface, bgp peering and if
so how many sessions?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 14 Jan 2002, Richard Tufaro wrote:

> Hey guys...is there a quick rundown of the best hardware software, that
> would be good for a DS3 connection?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31937&t=31914
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: tunneling with previously undefined endpoint? [7:32057]

[Brian Whalen]

Wouldnt ipsec wallop a 2500 cpu??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 15 Jan 2002, the-other-jason wrote:

> Henry -
>
> Absolutely right, the "dynamic" keyword for crypto maps solves the
> problem, but our Cisco SE and quite a few others at work are quite sure
> that we can't run IPSec on a 2500. I thought the 2500s could be used
> just to provide cleartext encapsulation (to keep the vpn appliances
> happy)  the link you ref. specifies the 2500 platform and the IOS
> feature navigator _does_ show IPSec support on a 2500 (with the right
> image, of course). Guess I'll have to call our SE ... thanks for the tip!
>
> Hey, if this works we can toss the IPSec appliances!
>
> Jason
>
> Henry D. wrote:
>
> > If I get this correctly you can use dynamic-map feature
> > as seen in the example here:
> >
> > http://www.cisco.com/warp/customer/707/ios_804.html
> >
> > ""the-other-jason""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> >
> >>Help, I can't think of a way to do this . :-(
> >>
> >>We have two IPSec "appliances" at work that require known, routable
> >>addresses on their "non-secure" ethernet interfaces.
> >>
> >>We want to create a kit engineers can take home for remote IPSec access
> >>into the network from personal cable/dsl connections. Our typical home
> >>networks have a cheapo router running NAT. The router is getting a real
> >>"outside" address from a service provider via DHCP (point "C" in the
> >>drawing). On the inside, we use private addressing (point "B").
> >>
> >>The problem is to configure an IPSec appliance with a real address but
> >>connect it via the private address LAN at home. The obvious way to do
> >>this is with a tunnel, so we've managed to scavenge a couple of old
> >>2500s for this purpose...
> >>
> >>
> >>IPSec   cheapo  IPSec
> >>appliance -->2500-->router-->ISP-->Internet-->3660-->2500-->appliance
> >>  A B   C D
> >>
> >>Ideally, we want a tunnel from the left side of the left 2500 to either
> >>the 3660 or the right 2500  so that we can give the left IPSec
> >>appliance some of our address space.  With GRE, however, you have to
> >>specify the endpoint addresses in advance, and of course we don't know
> >>what address the ISP will give one via DHCP 
> >>
> >>After some reading, I _think_ PPPoE, L2F, PPTP, and L2TP won't help us
> >>
> > much
> >
> >>Does anyone have any ideas?
> >>
> >>Jason




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32121&t=32057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How would you design a Network ? [7:32067] wrap up... [7:32187]

[Brian Whalen]

Its just that for each of the noncentral nodes, with only 1 way back to
the middle, a routing protocol seems like overkill.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 16 Jan 2002, Bullock, Jason wrote:

> thanks for the good feedback from the list and madman, chuck, howard, and
> steve.  I admit the static routes work efficiently, and they do the load
> balancing as required.  It just seems a bit uncool to be all static ,
that's
> all.  If we go any direction it will probably be with eigrp, I like the
idea
> of the WAN update controls inherent when forced to carrying IPX/SPX to some
> sites from the core.  i could have done without the archive crack from
> patrick. ;-)
>
>
>
> jason
>
>
>
>
>
> -Original Message-
> From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 15, 2002 05:25 PM
> To: [EMAIL PROTECTED]
> Subject: Re: How would you design a Network ? [7:32067]
>
>
>
>
>
>
> why do you think you need to change? seriously? what would dynamic routing
>
> give you that you don't have now - in terms of stability and the like?
>
>
>
> it might seem an odd thing to say, but I believe that dynamic routing in
>
> small environments, and maybe even in some larger environments,  is over
>
> rated, no matter whose routers or what routing protocols you use.
>
>
>
> BTW, I am personally acquainted with a portion of the network of a very
>
> large technology company that consists entirely of static routes. Over 3000
>
> of them. They had a particular good reason for doing it this way. But my
>
> point is that there are considerations other than "because you can" or
>
> "because you want to"
>
>
>
> Chuck
>
>
>
>
>
> ""Bullock, Jason""  wrote in message
>
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> > Listers.
>
> >
>
> > I would like to make some routing changes to a mostly static routing
>
> > environment.  Currently everything is either routed via default gateway,
>
> or
>
> > static route statements.
>
> >
>
> > the environment consists of about 30 remote point to point WAN sites,
with
>
> > most data traffic consisting of IP.  We have several sites on dual T1's,
>
> and
>
> > all sites are terminating at a central corporate location.  So a big star
>
> > network.   The vendor of choice is cisco for routing and switching.
>
> >
>
> > Anyone see OSPF, EIGRP, BGP, IGRP, ISIS as the way to go?   I would like
>
> to
>
> > make this network more dynamic, just having a hard time justifying the
>
> move.
>
> >
>
> > All thoughts appreciated!
>
> >
>
> > thanks,
>
> > Jason




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32187&t=32187
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Router reset [7:32180]

[Brian Whalen]

vxr or non, which npe, got logs??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 16 Jan 2002, Kwock99 wrote:

> Hi All,
>
> I have a router 7206 and reset occasionally. Anyone knows what is the
reason
> that will cause a router reset?
>
> Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32188&t=32180
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP AS Number [7:32107]

[Brian Whalen]

True unless you get it out of an old class a or b assignment.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 16 Jan 2002, MADMAN wrote:

> I have yet to have an ISP refuse to announce a customers /24 network
> so I don't think it's that common.
>
>   Dave
>
> Eric wrote:
> >
> > IMHO - You will need at least a /21 as some ISP's set policies that will
> > filter anything less.
> >
> > Best bet is to pick up a copy of: Internet Routing Architectures, Second
> > Edition. ISBN# 1-57870-233-X.
> >
> > This book will also introduce you to the third item to consider when
> > connecting to two ISP's: Symmetry.
> >
> > Regards,
> > Eric
> >
> > - Original Message -
> > From: "John Neiberger"
> > To:
> > Sent: Tuesday, January 15, 2002 7:37 PM
> > Subject: Re: BGP AS Number [7:32107]
> >
> > > To make connections to separate ISPs work, you need to have
> > > some address space assigned to you that is large enough to be
> > > routed successfully.  This generally means that you have to
> > > have at least a /24 prefix.
> > >
> > > Once you've successfully gotten that address space from one of
> > > your providers you can apply at www.arin.net to get an ASN.
> > >
> > > If you were only considering multiple connections to the same
> > > ISP one option would be to use a private ASN, or you might not
> > > need to use BGP at all.
> > >
> > > However, to do what you're considering, you need to have your
> > > own ASN and address space.
> > >
> > > Also, for the nitpickersI'm being overly general on
> > > purpose.  This can get to be much more complicated if you want
> > > it to be.  :-)
> > >
> > > HTH,
> > > John
> > >
> > >
> > > 
> > > Get your own "800" number
> > > Voicemail, fax, email, and a lot more
> > > http://www.ureach.com/reg/tag
> > >
> > >
> > >  On Tue, 15 Jan 2002, Shawn Xu ([EMAIL PROTECTED])
> > > wrote:
> > >
> > > > As far as we know, when you connect to two ISPs for load
> > > balancing and
> > > > fault
> > > > tolerance,  you have to configure BGP, please refer
> > > >
> > > > http://www.cisco.com/warp/public/459/40.html
> > > >
> > > > but from the above examples, you have to have your own AS
> > > number. If I
> > > > don't
> > > > have my own AS number, I can not connect to two ISPs?
> > > >
> > > > Please help, thanks.
> > > >
> > > > Shawn Xu
> > > >
> > > >
> > > 
> > > _
> > > > MSN Photos is the easiest way to share and print your photos:
> > > > http://photos.msn.com/support/worldwide.aspx
> > > [EMAIL PROTECTED]
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32190&t=32107
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNPs and CCDPs [7:32166]

[Brian Whalen]

One plus of getting them is it forces you to get stronger in areas you are
not familiar with..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 16 Jan 2002, Kaminski, Shawn G wrote:

> I believe that you need them because many employers expect them. However,
it
> still all boils down to what you can actually perform on the equipment.
> Hands-on experience, not certifications, makes all the difference once you
> get on the job.
>
> -Original Message-
> From: richard roe [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 16, 2002 10:40 AM
> To: [EMAIL PROTECTED]
> Subject: CCNPs and CCDPs [7:32166]
>
>
> Hello all,
>
> Just wondering... are these "mid-level" cisco certifications really worth
> the trouble? Is it imperative to obtain for someone new to the field to get
> a job in the field? has it become a sort of "minimum" qualification?
>
> thanks for the comments!
>
> newbie.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32199&t=32166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to upgrade ios on 2502 [7:18449]

[Brian Whalen]

joken ring nics can be had for dirt, see www.compgeeks.com as an example
for some 5 buck cards..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 4 Sep 2001, Paul Lalonde wrote:

> I think the original responder assumed that you had a second router that
you
> could use.
>
> Theoretically, the only way to upgrade a single router like this would be
by
> removing the existing flash memory SIMM and replacing it with another flash
> memory SIMM that had the IOS version you need.  Perhaps a friend may help?
>
> At the least, you'll need a second router (and connect them back-to-back
> with the serial ports) or a token ring hub / token ring NIC in your
> workstation.
>
> Paul Lalonde
>
> ""ietobe""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > How to do it?
> >
> > Tks
> >
> > ietobe
> > CCNP CCDP
> > ""Jason""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Have you consider using the serial port ? ;-)
> > >
> > > ""ietobe""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Hi,
> > > > does anybody know how to upgrade ios version on 2502, as you know
> I
> > do
> > > > not have a token ring card on my pc or any other rouer. The router
> does
> > > not
> > > > provide copy xmodem: flash: command and does not have xmodem command
> > under
> > > > rom ios. How do I upgrade ios software from console port?
> > > >
> > > > TKS
> > > >
> > > > ietobe
> > > > CCNP CCDP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18482&t=18449
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: regarding cisco and SecureCRT software---> [7:18486]

[Brian Whalen]

Ditto, it is shareware, you get a 30 day eval for free, after that yer
sposed to pay em if u keep using it..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 4 Sep 2001, Eric Rivard wrote:

> Isn't this program a licensed program that you NEED to purchase to use?
> Are we all into piracy? Also the software has strict rules about being
> exported across seas, before we give out serial numbers we should see if
> we are breaking any licensing policies.
>
>   -Original Message-
>   From: John Neiberger
>   Sent: Tue 9/4/2001 2:43 PM
>   To: [EMAIL PROTECTED]
>   Cc:
>   Subject: Re: regarding cisco and SecureCRT software--->
> [7:18486]
>
>
>
>   Sure, no problem.  Here they are:
>
>   Serial No:  09-02-191523
>
>   Key:  K5I6 S2S3 M6Y5 B3I2 G1F2 A8T5 B9U3 T5T2
>
>   good luck, hope that helps.
>
>   John
>
>   >>> "[EMAIL PROTECTED]"  9/4/01 3:13:22 PM >>>
>   Hey there:
>
>   Does anyone have the Serial number and license key for the
> SecureCRT
>   ...I
>   can't seem to enable mine utilizing the keys.  I'm assuming
> these are
>   all
>   the
>   same, if anyone out there has the keys or wants to upload me a
> direct
>   copy I
>   would greatly appreciate it...for some reason hyperterminal
> doesn't
>   work
>   well
>   with cisco routers.
>
>   thankx
> [EMAIL PROTECTED]
>
> [GroupStudy.com removed an attachment of type application/ms-tnef which had
> a name of winmail.dat]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18556&t=18486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IP unnumbered [7:18250]

[Brian Whalen]

In previous network monitoring experience, I have had it happen to me
where a customer unplugs the lan to do some work, but leaves the serial
in, thinking theyre doing us a favor.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 5 Sep 2001, Bill Carter wrote:

> The Loopback Interface is useful in OSPF, BGP, for network management.  If
> a loopback will have 2-3 uses anyway, why not throw in ip unnumbered.
>
> If someone is dead set against loopback, you could use
>
> interface serial 0/0
> ip unnumbered
> interface ethernet 0/0
> ip address 10.1.1.1 255.255.255.0
> no keepalive
>
> The Ethernet interface would always be up!!
>
> ^-^-^-^-^-^-^-^-^-^-^
> Bill Carter
> CCIE 5022
> ^-^-^-^-^-^-^-^-^-^-^
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Michael L. Williams
> Sent: Tuesday, September 04, 2001 5:49 PM
> To: [EMAIL PROTECTED]
> Subject: Re: IP unnumbered [7:18250]
>
>
> Dave,
>
> I agree totally with your statement, however, I don't understand why you
say
> that if you use ip unnumbered pointing to a LoopBack interface that
> nullifies the point of using unnumbered (to save IPs).  You can still use a
> single IP address on a LoopBack not waste more by putting separate IPs on
> each p-t-p link..
>
> Mike W.
>
> "MADMAN"  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Brett gives a good example that will work just fine but I would not
> > recommend using IP unnumbered.  With RFC 1918 you have more IP addesses
> > than your going to need so no problems with using registered addresses
> > on p-to-p links.  troubleshooting also becomes trickier but if you
> > insist on using them then use a loopback interface, but then a primary
> > argument is shot, burning IP addreses.
> >
> >   Dave
> >
> > Brett Hairbottle wrote:
> > >
> > > Hi
> > >
> > > Instead of using a "numbered link" you can use ip unnumbered to connect
> > > sites.
> > > Example:
> > >
> > > Router A:
> > > interface fastethernet 0
> > > ip address 10.100.2.1 255.255.255.0
> > > interface serial 0
> > > ip unnumbered fasthethernet 0
> > >
> > > Router B:
> > > interface fastethernet 0
> > > ip address 10.100.31 255.255.255.0
> > > interface serial 0
> > > ip unnumbered fasthethernet 0
> > >
> > > now instead of assigning a ip address to each serial port you can use
> the
> > ip
> > > unnumbered command
> > >
> > > Brett Hairbottle
> > > Network Administrator
> > > CCNA
> > > - Original Message -
> > > From: "sami natour"
> > > To:
> > > Sent: Sunday, September 02, 2001 10:33 PM
> > > Subject: IP unnumbered [7:18250]
> > >
> > > > Hello everybody,
> > > > I know how to cinfigure IP unumbered but I do not know
> > > > any practical scenario that I make use of this
> > > > feature.Any body has specific scanrios where  I can
> > > > use ip unnumbered .
> > > >
> > > > Regards ,
> > > > sami
> > > >
> > > >
> > > > __
> > > > Do You Yahoo!?
> > > > Get email alerts & NEW webcam video instant messaging with Yahoo!
> > > Messenger
> > > > http://im.yahoo.com
> > --
> > David Madland
> > Sr. Network Engineer
> > CCIE# 2016
> > Qwest Communications Int. Inc.
> > [EMAIL PROTECTED]
> > 612-664-3367
> >
> > "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18658&t=18250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Symptom: 3640 router reboots itself over and over again!! [7:18692]

[Brian Whalen]

Any chance you're logging console messages to a server??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 5 Sep 2001, Bob Johnson wrote:

> I've seen it happen when a newly uploaded IOS doesn't support one of the
> existing interface cards..
> Try pulling out all cards (if there are any) and see if it helps
> Try swapping the DRAM also (or trying just a single SIMM if you have
> multiple)...
>
> Bob
>
> > -Original Message-
> > From: Jeongwoo Park [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, September 05, 2001 1:16 PM
> > To: [EMAIL PROTECTED]
> > Subject: Symptom: 3640 router reboots itself over and over again!!
> > [7:18674]
> >
> >
> > Hi all
> > Have anyone encountered the situation that the 3640 router
> > rebooted itself
> > over and over again?
> > I don't think it is the crashed flash memory because I booted
> > off the flash
> > card and it showed the same symptom.
> > This is the first time I have ever seen this kind of issue.
> >
> > Thanks in adv.
> >
> > JP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18692&t=18692
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What does "a single point of failure" mean? [7:18734]

[Brian Whalen]

Wonder how long it'll be before someone orders business class sdsl with 2
providers and wants bgp over it.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 6 Sep 2001, Circusnuts wrote:

> No plan B.  A lot of designs exercise redundancy, only to order a single
> connection (or 2 PVC's on the same connection).  That makes the single
point
> of failure the local loop (DSL people know that's never a problem :o)
>
> All the best !!!
> Phil
>
> - Original Message -
> From: "david"
> To:
> Sent: Wednesday, September 05, 2001 11:43 PM
> Subject: What does "a single point of failure" mean? [7:18734]
>
>
> > it usually means a routing or switching device is down,or the link is
cut?
> >
> >
> > Thanks,
> >
> > David




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18836&t=18734
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TCP 3 way Handshake ? [7:18794]

[Brian Whalen]

Heres some pix and router security tips..

http://www.cisco.com/warp/public/cc/pd/rt/2600/prodlit/flrrr_ov.htm

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 6 Sep 2001, Stephane LITKOWSKI wrote:

> Yes, it's vendor dependant.
>
> TCP protocol doesn't specify any connection timeout.
> A TCP connection can be alive forever.
>
> So the application (client or server side) must manage timeout, if needed
> and send a TCP reset.
>
> ""Phil Barker""  a icrit dans le message news:
> [EMAIL PROTECTED]
> > I thought that would grab your attention Priscilla
> > hehehe.
> >
> > I need to grant Terminal Service Access from anyone
> > (internet) to a well known TCP port of a destination
> > IP Server address x.x.x.x
> >
> > This is implemented as a permit on the PIX F/W.
> >
> > My problem is that I can telnet that well known port
> > and the Server generates an Error Message "Error :
> > Must Authenticate first."
> >
> > Obviously, I am open to a denial of service attack.
> >
> > I am attempting to rectify the Server Message issue by
> > displaying a blank screen for this instance.
> >
> > However, my real question is : When I telnet the well
> > known port, I can see the 3-WAY-HANDSHAKE with my
> > Sniffer. How long will the connection be established
> > for ? My gut feeling is that this will be vendor
> > dependant as either side can Reset or Tear down the
> > TCP connection, but a rough idea would do.
> >
> > Phil.
> >
> >
> >
> > 
> > Do You Yahoo!?
> > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
> > or your free @yahoo.ie address at http://mail.yahoo.ie




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19085&t=18794
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New to CCNP [7:18933]

[Brian Whalen]

I would do the one you have the most familiarity with already, confidence
building is a good thing..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 7 Sep 2001, Tel Khan wrote:

> Hi guys i passed my CCNA 2.0, i would like to know which topic i should
> cover 1st? i think i should cover the Routing topic 1st.
>
> Can someone please come back to me on this.
>
> Kind reagrds
> Tel




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19153&t=18933
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: access list question [7:19005]

[Brian Whalen]

Given that there is an implied deny at the end, and there are 2 deny
statements in the list, my opinion about the result would be a basically
useless interface, at least in whichever direction you choose to apply
this :)

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 7 Sep 2001, [EMAIL PROTECTED] wrote:

> any one know what will be the result of it
> its an inbound acl
>
> access-list 100 deny   ip 224.0.0.0 31.255.255.255 any
> access-list 100 deny   ip host 0.0.0.0 any




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19156&t=19005
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Is this going to be a trend for the CCIE cert??? [7:19344]

[Brian Whalen]

It could also be that they ar looking for the ever valuable experience as
a CCIE??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 10 Sep 2001, Eric Rogers wrote:

> I was just cruising on the dice jobs board when something caught my
> attention.
>
> dice.com/DandL/k/ktii.213.html (paste into your browser)
>
>
> This is the first time that I've personally seen a recruiter target a
number
> range for a CCIE job!!!
>
> My question aloud is this -
>
> With the impending CCIE #10,XXX coming by next year are we going to find
> that there is going to be the perception that the higher your number the
> less value to the customer/employer/client.
>
> Of course, the headhunter/manager will never even comprehend that the CCIE
> made today has a much broader range to cover as say the CCIE of 3 to 5
years
> ago. NO, I NOT BASHING ANYONE JUST STATING A FACT.. :-)
>
> DAMN! I knew I should not have procrastinated for the past year before
> stepping up to the lab. I can just hear it now.
>
> Me: "Yes, I'm CCIE #xyz"
>
> Headhunter: "Thank you, but we're looking for a CCIE from block #abc"
>
> I hope this does not become the quid pro quo among
> managers/headhuters/recruiter or this could be a bad sign for the CCIE in
> the long run.
>
>
> Just MY percecption I guess!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19344&t=19344
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Video/Voice over IP [7:19351]

[Brian Whalen]

Many people agree with the below, that 384k is the minimum for reasonable
live video..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 10 Sep 2001, Leigh Anne Chisholm wrote:

> As Manager, Voice/Data systems at the law firm I worked at, we demo'd two
> different Videoconferencing technologies.  I don't remember the first
> vendor, but the second we looked at was Polycom.  For both, I had 3 ISDN
> lines installed (3 x 128 kbps = 384 kbps).  Use that as a ballpark figure
> for video - if you're going to use specialized videoconferencing equipment.
>
>
>   -- Leigh Anne
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Thomas N.
> > Sent: Monday, September 10, 2001 8:35 PM
> > To: [EMAIL PROTECTED]
> > Subject: Video/Voice over IP [7:19351]
> >
> >
> > Hi All,
> >
> > My company is concerning about running voice/video over IP
> > network.  Our WAN
> > is running on fractial T1, so bandwidth limitation is a big problem to
us.
> > What will be the mininum bandwidth requirement for voice and
> > video traffic?
> > 128k?  Thanks!
> >
> > Thomas N.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19365&t=19351
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: US Stock [7:19433]

[Brian Whalen]

Perhaps because the greatest conflicts in history are over religion, not
lack thereof..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 11 Sep 2001, Puckett, Larry (TIFPC) wrote:

> Funny how it's always "Pushing religion is unacceptable" but never '
Pushing
> atheism is unacceptable' .
>  -Original Message-
> From: Symon Thurlow [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 11, 2001 4:15 PM
> To:   [EMAIL PROTECTED]
> Subject:  RE: US Stock [7:19433]
>
> pushing religion is pushing the limits of acceptable OT converstaion IMHO
>
> My deepest sympathy to those affected by this series of atrocities. A few
> weeks ago, a car bomb went off just up the road from my place (West
London),
> and I thought that was a wake up call the scale of this disaster is
just
> incomprehensible.
>
> Symon
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Craig Richardson
> Sent: 11 September 2001 21:08
> To: [EMAIL PROTECTED]
> Subject: Re: US Stock [7:19433]
>
>
> I know this is off-topic and long, but I'll give it a shot anyway...
>
> Hello all, and much respect to everyone on this list.
> This is my first time writing to this list (as far as I can remember),
> although
> I have observed it for awhile.  Most topics seem to be out of my Cisco
> range,
> but I do enjoy the information that crosses the list and I do respect
> everyone's
> opinion as their own.  Terrible tragedies have been suffered today, and
many
> lives are now changed forever.  As Priscilla mentioned, the damage to
> families
> is irreparable.  However, to think that "if God existed, this incredible
> loss of life
> wouldn't have occurred in the first place", is to say that that the devil
> does not
> exist.  God is very real and He does exist.  Unfortunately, the devil is
> very real also,
> and he does exist.  Many people think that the devil is a mythical figure
> that has
> nothing to do with current events, so they equate God with all of the good
> and the bad
> things.  The fact is, that God does love us all, and it is not his desire
> that anyone of us
> should perish, but we all have an enemy, and that is the devil.  Every
> opportunity he gets,
> he seeks to devour.  God works through his people and He is patient.
> Tragedies do
> occur, but the blame should go to the devil, not God.  When we pray, our
> prayers do make
> a difference as God hears our prayers.  The "we" that I'm talking about is
> those that believe
> on His son, Jesus Christ.  There is a spiritual war going on that must not
> be overlooked.
> Todays events are part of this war.  The bible says it all.  These are the
> "end times" that we
> are in.  It is my hope that these tragedies will lead the rest of us to
> realize that we do need a
> saviour, and He is Jesus Christ.  Please check Romans 14:10, 12/Ephesians
> 2:8,9/
> Romans 3:23/Romans 6:23/ and Romans 10:9,10.  Also, the book of Revelations
> tells much
> about the end times (which we've been in for quite some time).  Prayer,
> along with using all
> available opportunities to help (like donating blood), goes a long way.
> Thank you.
>
> Craig.
>
> - Original Message -
> From: B.J. Wilson
> To:
> Sent: Tuesday, September 11, 2001 2:27 PM
> Subject: Re: US Stock [7:19433]
>
>
> > Well, since we're off-topic anyway...maybe if God existed, this
incredible
> > loss of life wouldn't have occurred in the first place.  Part of
> rebuilding
> > our society involves rebuilding our economy, so it's worth discussing. 
As
> > far as life is concerned, I'm donating blood later today, and I've made
> sure
> > my two friends who live in NYC are okay.  What are you doing besides
> > praying?
> >
> >
> > - Original Message -
> > From: "Juan Blanco"
> > To:
> > Sent: Tuesday, September 11, 2001 1:05 PM
> > Subject: RE: US Stock [7:19433]
> >
> >
> > > Thanks Priscilla, you are %100 correct, these people here are thinking
> > > about the economic...when they shoulb be thinking about rebuilding
> > > families.they should be thinking about a prayer to God in order to
> > save
> > > as many peoples as posible
> > >
> > > My prayer to those that did not make it in the terror atack
> > >
> > > God bless america..
> > >
> > > -Original Message-
> > > From: Priscilla Oppenheimer
> > > To: [EMAIL PROTECTED]
> > > Sent: 9/11/2001 12:45 PM
> > > Subject: RE: US Stock [7:19433]
> > >
> > > We're talking about rebuilding the economy? How about rebuilding
> > > families
> > > (if that can even be done??)
> > >
> > > Priscilla
> > >
> > > At 01:25 PM 9/11/01, Chuck Larrieu wrote:
> > > >since you asked - this is real bad news for the economy. there are a
> > > number
> > > >of major financial firms located in the twin towers, all of whom have
> > > >probably lost key people. These are firms that drive the economy in
> > > terms of
> > > >investment and investment capital. how long will it take to get things
> >

Re: Denial of service attack prevention [7:19568]

[Brian Whalen]

Heres a good solaris security article, likey applicable to other nixes..

http://www.samag.com/articles/2000/0013/0013c/0013c.htm

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 13 Sep 2001, MADMAN wrote:

> I don't know what else on the router you could do but there are things
> you can do on your host but not being a sys admin I can't get into
> details.  Check this out:
>
> http://www.cisco.com/warp/public/707/4.html
>
>   Dave
>
> Haydn Solomon wrote:
> >
> > Actually I was asking what OTHER means than tcp intercept there was
> > because we don't have the version that supports it. Can you answer that?
> > I know that our version doesn't cause I checked with the "?" feature and
> > the option isn't there. In any case here is a copy of the sh ver.
> >
> > Cisco Internetwork Operating System Software
> > IOS (tm) RSP Software (RSP-ISV-M), Version 12.0(15), RELEASE SOFTWARE
> > (fc1)
> > Copyright (c) 1986-2000 by cisco Systems, Inc.
> > Compiled Wed 27-Dec-00 13:54 by linda
> > Image text-base: 0x60010930, data-base: 0x60C46000
> >
> > ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE
> > SOFTWARE (fc1)
> > BOOTFLASH: GS Software (RSP-BOOT-M), Version 11.1(22)CA, EARLY
> > DEPLOYMENT RELEASE SOFTWARE (fc1)
> >
> > -- Haydn
> >
> > -Original Message-
> > From: MADMAN [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, September 12, 2001 11:05 AM
> > To: Haydn Solomon
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Denial of service attack prevention [7:19568]
> >
> >   send a sh ver of your router, not all platforms support TCP Intercept.
> >
> >   Dave
> >
> > Haydn Solomon wrote:
> > >
> > > Hi all,
> > >
> > > I was recently reading an article on ciscos site about strategies for
> > > preventing denial of service attacks. They mentioned the ip intercept
> > > configuration feature for IOS version 11.3. However our routers are
> > > running version 12.0 and doesnt have that feature. Does anyone out
> > > there know what other effective strategies can be used to prevent this
> > > kind of attack on IOS versions other than 11.3? Any input will be
> > > appreciated, thanks.
> > >
> > > -Haydn
> > --
> > David Madland
> > Sr. Network Engineer
> > CCIE# 2016
> > Qwest Communications Int. Inc.
> > [EMAIL PROTECTED]
> > 612-664-3367
> >
> > "Emotion should reflect reason not guide it"
> >
> > _
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com
>
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19824&t=19568
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Alteon Switch manual [7:19861]

[Brian Whalen]

I have no familiarity with this product, but googling is good..

http://www.allasso.es/base/docs/1979494715.pdf

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 13 Sep 2001, Ali Mesdaq wrote:

> Hello,
> Does anyone have the manual in pdf format of the Alteon switch model AD2.
If
> anyone knows of a site please let me know.
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19868&t=19861
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hyperterminal giberish? [7:20136]

[Brian Whalen]

Yeah bottom line is if yer gonna use that bundled pos software, goto the
manufacturers page and get the update so you can send a friggin break
properly.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Sep 2001, hal9001 wrote:

> There was also a Hyperterminal Special, Ltd, Personal or whatever which
> fixed this problem through Windows 98/NT4 etc follow the link from the
> Hyperteminal about that comes in Windows!
>
> Karl
> - Original Message -
> From: "MADMAN"
> To:
> Sent: Monday, September 17, 2001 3:16 PM
> Subject: Re: hyperterminal giberish? [7:20136]
>
>
> > ya hyperterm sucks, use teraterm, find it a tucows...
> >
> >   Dave
> >
> > Jason Couch wrote:
> > >
> > > I have just recently started using hyperterminal as opposed to ZOC in
> order
> > > to get ready for the CCIE lab.  I noticed that while working in
> > > hyperterminal that it spits giberish out of the top of the working area
> > > (white area) into the buffer (grey area), hence making my scrollback
> buffer
> > > entirely useless.  I played with the settings and can't seem to find
any
> > fix
> > > for it.  Anyone have any input?
> > >
> > > Thanks
> > --
> > David Madland
> > Sr. Network Engineer
> > CCIE# 2016
> > Qwest Communications Int. Inc.
> > [EMAIL PROTECTED]
> > 612-664-3367
> >
> > "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20204&t=20136
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP on the 1600 series??? [7:20209]

[Brian Whalen]

You'll also suffer from the router's limitations in mem and the resultant
partial view.  Be sure to consider the acceptibility of that.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 17 Sep 2001, Andras Bellak wrote:

> 1600 series won't run bgp - I believe that 2500's will, and I know that
> 2600's will.
>
> Andras Bellak
> Director, WAN Engineering
> [EMAIL PROTECTED]
>
>
>
> -Original Message-
> From: Cisco Nuts [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 17, 2001 2:06 PM
> To: [EMAIL PROTECTED]
> Subject: BGP on the 1600 series??? [7:20209]
>
>
> Hi,
> Do the 1600 series routers run BGP? I tried to configure bgp 100 on a
> 1603
> and it gives me an "unknown routing protocol" error msg.? I am running
> IOS
> ver. 11.2(15)P. Do I have to upgrade the IOS to run BGP? Please advise.
> Thank you.
>
>
> _
> Get your FREE download of MSN Explorer at
> http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20223&t=20209
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Access-Lists Config [7:20374]

[Brian Whalen]

Being a somewhat paranoid fellow, have u thought about permitting the mail
retrieval port and blocking all else??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 19 Sep 2001, Antonio Del Grosso wrote:

> Hi
>
> There is an explicit deny any any invisible at the end of each access list.
> You are denying all traffic.
>
> Try something like:
>
> access-list 101 deny tcp any any eq www
> access-list 101 permit ip any any
>
> ""norsyam ariffin""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi guys.
> >
> > I have some problem with my access-list configuration. My access-list
> config
> > is as stated below:
> >
> > ethernet 0/0
> > ip access-group 101 out
> >
> > access-list 101 deny tcp any any eq www
> >
> > My branch office connected to HQ thru leased-line and they get their
> > internet access thru HQ(HQ has 1 leased-line to ISP) and also they get
> their
> > email from our email server at HQ. What I'm trying to do is to block
> > internet access from my branch office but will allow email access. But
> > referring to the above config, I manage to block the internet access but
> > unfortunately the email access has been blocked.
> >
> > Do I need to add anything to my access-lists config?
> >
> >
> > Thanks in advance
> >
> >
> >
> > _
> > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20456&t=20374
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HP OpenView, CiscoWorks, Cabletron [7:20406]

[Brian Whalen]

This probably depends greatly on what you'd like to do with it.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 19 Sep 2001, Mr. Monitor wrote:

> Dears..
>
> Who know which one is the best ?
> Which one is the best tools?
>
> Thank you very much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20458&t=20406
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Router IP Question [7:20419]

[Brian Whalen]

Well if you want to do external dns and be the authoratice source, 2 dns
servers at least are required for that.  All the rest can be done either
on that 1 box or via port forwarding.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 19 Sep 2001, Brian wrote:

> I have one DSL line, with a modem with 1 static IP. Is it possible to use
> the IP for the router, Mail (MX), and for hosting my own external DNS? all
> on 1 IP address?
>
> I may get a 2nd DSL with a static IP, with another router on it, maybe a
> 2621.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20459&t=20419
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: T1 Router question [7:20460]

[Brian Whalen]

How many t1s?
If only 2, Most of thr 2500s will do that for you.  If more, than a
modular deal may be in order..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 19 Sep 2001, Jeff Martinez wrote:

> Question for you if you don't mind.   I was wondering if you knew of a
Cisco
> router that can use multiple T1's lines connected to it?  I would like to
> use the router to either bind the T1 lines to give me double the speed or
> use for fault tolerance.  Or do both.  If you can suggest one I would
> appreciate it.
>
> Jeff
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20462&t=20460
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Where can I get Books at lowest cost. [7:20642]

[Brian Whalen]

www.mysimon.com for new, or likely www.half.com for 2nd hand stuff.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 21 Sep 2001, Eugene Nine wrote:

> Try www.addall.com and let if find the lowest price.
> Eugene
>
> ""MJ""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hello,
> >
> > Can you recommend me the website of place where I can get books at the
> > cheapest prices. If someone know anything based in Singapore that would
be
> > great otherwise suggest website which offers best bargains.
> > I am particularly interested in Cisco Press books. and if the books are
> even
> > second hand they are fine.
> >
> > Thanks in Advance,
> >
> > Mukul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20803&t=20642
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BCMSN [7:20597]

[Brian Whalen]

do your best and if thats not good enough try again after more effort..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 21 Sep 2001, John McCartney wrote:

> So what is the passing score for this exam? I'm also taking it next month.
> Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20804&t=20597
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Certifications for Sale ? [7:20747]

[Brian Whalen]

exactly, assuming they have a tech screen before they actually are offered
the job, they'd likely crash & burn.  of course therte is the occasional
executive interview..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 22 Sep 2001, George Murphy CCNP, CCDP wrote:

> I cant imagine anyone who "buys" a certifcation being much of a threat
> nor able to support or configure their way out of a wet paper sack, nor
> slime though an interview
>
> Bruce Williams wrote:
>
> >There is a thread being discussed on Cisco Network Professional Discussion
> >page about Cisco Certifications such as CCNA, CCDA, CCNP, CCDP and CCIE
> >being sold in India and Pakistan for the cost of the exam. Several people
in
> >the Forum have confirmed it and have even said it is common knowledge.
> >Please tell me it is not true. I have worked very hard to achieve the
CCNA,
> >CCDA, CCNP and CCDP and now I am working even harder to prepare for the
CCIE
> >Lab. I would be highly upset to discover that Cisco is tolerating this.  I
> >really dont see what value the certification holds if it can be bought
this
> >easily.
> >
> >If you want to see the comments yourself, check out this link
> >http://forums.cisco.com/eforum/servlet/NetProf?page=main
> >and then click on "career certifications"
> >
> >The first comment was posted on September 17th.
> >
> >Bruce




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20806&t=20747
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TFTP: How to save without .TXT extension a config file [7:20807]

[Brian Whalen]

you could always rename it after saving it.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sat, 22 Sep 2001, Thomas Larus wrote:

> I am trying to edit config files and then save them to the TFTP server, and
> WIN2K's Wordpad puts .txt after every kind of file, it seems.  Text file is
> .txt, but so is unicode.  How can I save something without Win2k tacking on
> the .txt extension?
>
>
>
> Thomas Larus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20807&t=20807
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: I want to stop console messages [7:20889]

[Brian Whalen]

I see all these previous suggestions stop console messages.  Needless to
say, it is worthwhile to have these somewhere.  Have you considered
logging to an external host?

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 24 Sep 2001, MADMAN wrote:

> Pick your poison:
>
> C7507MIX(config)#no logging ?
>   Hostname or A.B.C.D  IP address of the logging host
>   buffered Set buffered logging parameters
>   console  Set console logging level
>   exceptionLimit size of exception flush output
>   facility Facility parameter for syslog messages
>   history  Configure syslog history table
>   monitor  Set terminal line (monitor) logging level
>   on   Enable logging to all supported destinations
>   rate-limit   Set messages per second limit
>   source-interface Specify interface for source address in logging
>transactions
>   trap Set syslog server logging level
>
> Farooq Ahmed wrote:
> >
> > i m connected to console port of 2600 router. I want to stop console
> > messages.
> >
> > Make a difference, help support the relief efforts in the U.S.
> > http://clubs.lycos.com/live/events/september11.asp
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20941&t=20889
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Other Groups [7:21115]

[Brian Whalen]

I would also add the lists on http://puck.nether.net.  There are juniper
and cisco lists there..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 26 Sep 2001, EA Louie wrote:

> there are a few others...Brainbuzz actually has quite a few- here are 2
> examples
> Cisco CCNA/CCIE/NP/DA/DP Discussion Board
> http://boards.brainbuzz.com/boards/vbt.asp?b=78
> Cisco Certified Internetworking Expert Board
> http://boards.brainbuzz.com/boards/vbt.asp?b=716
>
> 2 newsgroups (check your newsreader)
> news:comp.sys.dcom.cisco
> news:alt.certification.cisco
>
> and there is also a CCNA discussion list on www.groupstudy.com
>
> -e-
>
> - Original Message -
> From: "MJ"
> To:
> Sent: Wednesday, September 26, 2001 2:53 AM
> Subject: Other Groups [7:21115]
>
>
> > Dear All,
> >
> > This newsgroup has been really helpful and great. Do anyone of you know
> more
> > groups on Cisco like this ?
> >
> >
> > Mukul
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21212&t=21115
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dial up and Leased Lines Solution [7:21660]

[Brian Whalen]

a 7206 vxr with 6 pa-mc-8t1 cards and io controllers with dual fe will get
you 48 t1s, so just get enough to satisfy your need.  You could also
channelize the t1s into t3s, you'd only need about 18 ds3s to do that..

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Tue, 2 Oct 2001, Stephen Skinner wrote:

> 500 leased linesHellthat`s a lot of leased lines
>
> i don`t know of any single cisco device with 500 serial interfacess..
> ( and yes i am  aware of ways round that ...bit i am going on what he has
> said in his post)
>
> so the question begs "as howard"
>
> what problem are you trying to solve ?
>
>
>
> >From: "ashraf awadalla"
> >Reply-To: "ashraf awadalla"
> >To: [EMAIL PROTECTED]
> >Subject: Dial up and Leased Lines Solution [7:21660]
> >Date: Tue, 2 Oct 2001 08:55:51 -0400
> >
> >Hello everyone
> >I have an issue finding the correct Cisco equipment
> >solution for the following requirements:
> >
> >1. Support for up to 1500 Dial Up Users
> >2. Support for up to 500 Leased Lines.
> >
> >Can anyone suggest a Cisco solution please? I have
> >looked at the AS5xxx but was not able to conclude that
> >the above are supported and on what modules.
> >Thank you very much for your time in advance.
> >Regards
> >Ash
> >
> >__
> >Do You Yahoo!?
> >Listen to your Yahoo! Mail messages from any phone.
> >http://phone.yahoo.com
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21987&t=21660
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Linux RPM equiv to Tera Term Pro? [7:21944]

[Brian Whalen]

tterm pro even with the addon for ssh i think only supports ssh1, not
ssh2.  This is proly unacceptable to a lot of folks.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Wed, 3 Oct 2001, Craig Columbus wrote:

> By far, my favorite windows based terminal emulator is Tera Term Pro.  I'm
> toying with Linux on a laptop and am looking for a RedHat/Mandrake
> compatible terminal emulator that offers equivalent functionality to
> teraterm.  Any suggestions?
>
> TIA,
> Craig




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=22257&t=21944
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Enable secret hacking [7:23670]

[Brian Whalen]

perhaps this is why sho run and sho conf are not level 1 commands??

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sun, 21 Oct 2001, Gareth Hinton wrote:

> The reason I asked was to see if other peoples impression was the same as
> mine. I've got the tools for the level 7 passwords, but was under the
> impression that the enable secret was almost impossible.
> I do some work for a fairly large company that had some penetration testing
> done this week by a government agency.
> One of the "hackers" told me that depending on the length and complexity of
> the password he could crack the enable password from the MD5 hash pretty
> quickly.
> The passwords we normally use for enable secrets are over 8 character
random
> alphanumeric strings, so it was taking some time.
> Not believing him entirely, I suggested that I simplify the password a
> little to a dictionary word of 7 characters. I changed it to "kittens" and
> it took his unix box around 5 seconds to go through the dictionary
> performing MD5 hash on every word, then comparing the result with the real
> hash.
>
> I was quite surprised at how quick it was. Admittedly they need to see the
> MD5 hash somehow, but I've never gone over the top to cover these up before
> now.
>
> We also (a little carelessly) got caught out with a few switches with "IP
> HTTP SERVER" on as default, so the weakness with http allowed level 15
> access to the switches. Oops.
>
> Just thought I'd bring it up anyway. I think "no ip http server" and more
> complex passwords are in order.
>
>
> Regards,
>
> Gareth
>
> ""John Neiberger""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > The enable secret would not be an easy thing to crack.  The enable
> password,
> > however, can be cracked easily with a number of utilities available for
> free
> > on the internet.
> >
> > If you have hackers attacking your network who have the capability to
> crack
> > the enable secret then you have much bigger problems.
> >
> > As I recall, the enable secret displayed when you do a show run is a
> one-way
> > hash, so the original cannot be determined from the encrypted version.
> I'll
> > have to check into that.
> >
> > A good hacker would spend his time elsewhere.  Sitting at the login
prompt
> > trying to guess passwords for a few years probably isn't a wise way to
> spend
> > one's time.  Hackers tend to go for the low-hanging fruit.
> >
> > Regards,
> > John
> >
> > On Sun, 21 Oct 2001 09:13:35 -0400, Gareth Hinton wrote:
> >
> > |  Hi all,
> > |
> > |  I'm asking this as a matter of interest after something I saw this
> week:
> > |  Given the following line of config:
> > |
> > |  enable secret 5 $1$32Pc$uq7Tr7gq4v22PqEG4WFF90
> > |
> > |  What are the chances of cracking the enable secret?  (Without raising
> > |  suspicicion by having 40 million attempts on the box itself.)
> > |  Lets say the password is an 8 character string of letters only, not
> > |  necessarily a dictionary word.
> > |
> > |  What's everybody's view, could it be easily hacked or not?
> > |
> > |
> > |  Thanks,
> > |
> > |  Gaz
> > |
> > |
> > |
> > |
> > ___
> > http://inbox.excite.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23708&t=23670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: over 1700 passing ccie written every month [7:23680]

[Brian Whalen]

If I put in the effort to pass the written, I'd have no problem telling
people that in an interview.  From the employer's perspective, if a
candidate says I'm a CCIE, its up to the employer to ask him/her to prove
it.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Sun, 21 Oct 2001, nrf wrote:

> I've never understood why Cisco can't just make the written harder, much
> harder.  For example, they could just put the pass percentage at 95% or 98%
> or something, and/or they could stipulate that if you could only attempt
the
> written a certain number of times per year.   Not only would that get rid
of
> this glut of "CCIE-written-certified" guys (OK, I know, such a cert doesn't
> exist, but everybody here knows  people who call themselves CCIE-written
> certified), but it would also have the nice side benefit of seriously
> cutting down on the lab wait time.
>
>
>
>
>
> ""Ken Diliberto""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I am participating in a study group at Cisco here in the Dallas area.
> Even
> > the Cisco Engineers in the group are there for their own edification to
> help
> > them pass.  I know if I had access to the lab equipment all the time like
> > they
> > do, I would be feeling fairly confident.  I haven't even attempted the
> > written
> > yet but I have years worth of router time in a production environment.
> The
> > number of CCIEs get depressing if you look at them for too long.  Just
> keep
> > looking at dice.com, hotjobs.com and such for jobs requiring a CCIE.
> Keeps
> > me
> > interested.  :-)
> >
> > Ken
> >
> > >>> "Thomas Larus"  10/21/01 10:52AM >>>
> > I wouldn't worry too much about the raw numbers.  A lot of these supposed
> > 1700 a month are VERY good at memorization, and have not touched routers
> and
> > switches for more than 10 or 12 hours altogether.  I have trouble
> believing
> > the number is quite that high, because the lab dates do not seem to be
> > getting booked up anywhere near that fast.  People haven't a prayer of
> > passing the CCIE Lab until they get many hundreds or perhaps a thousand
or
> > two thousand hours of work configuring routers and switches.
> >
> > It is a long road, and I am still a long way from getting to the CCIE Lab
> > milestone myself, but the journey itself is very satisfying.
> >
> > Thomas Larus
> >
> > ""Hello Hello""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > ccie r catching up with ...mcse now
> > >
> >
>
http://searchnetworking.discussions.techtarget.com/WebX?[EMAIL PROTECTED]
> > xa4O3aKi^1@.ee8464a/114!viewtype=threadDate&skip=&expand=




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23734&t=23680
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCDA is worth ? [7:24085]

[Brian Whalen]

yeah ditto that, if u want to design nets the da and dp are the way to go,
if u want to maintain/support, the na and np are preferable.  I would
probably try for da and na before going to either the np or dp, for
breadth reasons.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 25 Oct 2001, George Murphy CCNP, CCDP wrote:

> Cosmin, I did CCNP first and then decided to do CCDP which requires
> CCDA. The reason is that any reference to designing networks is
> positive. I have  had many small firms ask me to design networks for
> them and they always notice the DA and DP. Also by studying the track it
> enhanced my knowledge. Check www.brainbuzz.net for salary surveys...
>
> [EMAIL PROTECTED] wrote:
>
> >Dear all,
> >Can anybody tell me the degree of the worth of CCDA cert?
> >Should I invest in CCDA or go directly towards CCNP ?
> >
> >Are CCDA certs wanted on the market? Or just a bit?
> >
> >Is anybody who can say that CCDA cert brought him an
> >advantage distinct from the adv. grought bu CCNP?
> >
> >Do you happen to know a site with sallary survey for
> >certified professionals?
> >
> >Thanks a lot.
> >
> >Cosmin
> >MCSE NT&W2K,CCNA
> >
> >-
> >This mail sent through IMP: http://horde.org/imp/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24163&t=24085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Juniper's group [7:24314]

[Brian Whalen]

groupstudy.com has a juniper list also, goto the web page to sign up.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 26 Oct 2001, Juan Blanco wrote:

> Team
> Where I could find any group-stuyd like this group for JUNIPER'S
> Networks.
>
> Thanks...
>
> JB




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24316&t=24314
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: quick response (help) please [7:24238]

[Brian Whalen]

0 and 255 are network and subnet octets for a 255.255.255.0 or /24
subnetted network.  Your example is not that.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Fri, 26 Oct 2001, John Green wrote:

> the IP address alloted by the dhcp server to my home
> computer (via cable ie cable modem connection) is
>
> IP address   24.15.125.255
> subnet mask  255.255.248.0
> def gw   24.15.125.1
>
> ok look ar the last quad  it is 255 !!!
> i can't believe this.
>
> do you how this is possible ? 0 and 255 are rserved
> for network and broadcast addresses.
>
> please email me asap...
>
> __
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24317&t=24238
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Collisions on a Serial Line [7:24601]

[Brian Whalen]

Typically collisions mean lack of full duplex, and most current serial
port protocols are full duplex.  There may be some stoneage stuff out
there that is not, but for the most part serial means full duplex.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Mon, 29 Oct 2001, Dave Luancing wrote:

> Is it possible to have collisions on a serial line ??
> if so, what causes this?
>
> - D.L.
>
> __
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24614&t=24601
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: telco looping [7:24972]

[Brian Whalen]

Typically telco is only responsible to the demarc, but will somtimes
"offer" to loop the csu as a way to get you off their backs.  I doubt
you'd see a smartjack loop, but a csu loop you should be able to see in
your gear.

Brian "Sonic" Whalen
Success = Preparation + Opportunity


On Thu, 1 Nov 2001, Jay Creasy wrote:

> When troubleshooting a typical T1 with telco and they say they have
> your CSU looped. Are they actually able to give the CSU inside the Cisco
> Router a command to be looped or are they really just looping the
> smart-jack/demark ? I've been on the phone with telco and seen that when
> they claim to have the CSU\DSU looped, what they are actually doing is
> looping the smart-jack/demark, which will loop all traffic from the csu
> back on itself.
>
>
> Jay
>
>
>
>
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=25029&t=24972
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]