Re: TWO ISP AND ONE FAILURE [7:36371]
Is your server capable of running a dynamic routing protocol (RIP)? Does it support dead-gateway detection - use IRDP CM - Original Message - From: Yassel Omar Izquierdo Souchay To: Sent: Tuesday, February 26, 2002 5:13 AM Subject: Re: TWO ISP AND ONE FAILURE [7:36371] Hey guys The toplogy is this: ISP (65)(ISP 169) [R1] [R2] || || \--/ | [HOST] IP:169... IP: 65. The server have two IPs And i thnik tha with BGP i got the solution but is the combitanion of both protocol HSRP and BGP. So i'm goig to telle you something more intersting. The router are Ciscos 1000 series so coulden't find the way to configure the BGP, becasue it say that don't know BGP protocol. Thanx a lot to all of the member of this list interested in help. Sincerily Yassel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36485t=36371 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TWO ISP AND ONE FAILURE [7:36371]
This solution assumes that the subnet is routable by both providers. If this is the case, then HSRP is by far the easiest solution. CM - Original Message - From: John Neiberger To: Sent: Monday, February 25, 2002 7:49 PM Subject: RE: TWO ISP AND ONE FAILURE [7:36371] I'm not sure I understand your point. Assume the following topology: [R1] [R2] || || \--/ | [HOST] The two border routers are R1 and R2 and each have a connection to an ISP. HSRP is configured to track the WAN link. The default gateway on the host is the HSRP standby ip address. If either WAN link goes down, the relevant router--because it is tracking the WAN link--will notify the other router that it is no longer eligible and the other router will take over. Why are you saying that the perceived uptime to the host would not increase using this method? As I see it, unless both links go down, the downtime would be quite minimal. Thanks, John Hire, Ejay 2/25/02 11:24:23 AM Come on guys, Think about it for a minute. Do you really think the router is failing, or is his downtime caused by the wan link? HSRP won't significantly increase your uptime if the wan link is failing and he has to manually change his server's IP/default gateway to switch to the other link. A diferent way to think of it... If you had a car with no brakes and a broken tail-light, which would you fix first? -Ejay -Original Message- From: Ladrach, Daniel E. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 11:48 AM To: [EMAIL PROTECTED] Subject: RE: TWO ISP AND ONE FAILURE [7:36371] Run HSRP between the two cisco routers and then point your default gateway to the VIP address. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: Yassel Omar Izquierdo Souchay [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 10:11 AM To: [EMAIL PROTECTED] Subject: TWO ISP AND ONE FAILURE [7:36371] Hello i have a frecuent porblem with one of my isp, i have two cisco routers and each one to different isp. Frequentily i have to change the gateway of one of my servers, because one isp is failure. I want to know if with one of BGP, OSPF, RIP, NAT or other protocol i could do the change automatically to the other active isp. It happening me right now. And when i have to do that i have to reset one of my servers.. :S. Is a costs operatrion its a mail server. So if somebody knows how to resolve between routers with different isp each one, how to route accross the other good gateway. Thnx in advance Yassl Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36435t=36371 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dening telnet access [7:35628]
Dave is right... r7#sh run int e0 Building configuration... Current configuration : 128 bytes ! interface Ethernet0 ip address 10.10.10.77 255.255.255.0 ip access-group 101 in no ip route-cache no ip mroute-cache end r7#sh access-lists Extended IP access list 101 deny tcp any any eq telnet log (2 matches) permit ip any any (32 matches) r7# 04:08:59: %SEC-6-IPACCESSLOGP: list 101 denied tcp 192.168.1.222(11010) - 10.10.10.77(23), 1 packet r7# 04:10:18: %SEC-6-IPACCESSLOGP: list 101 denied tcp 10.10.10.111(11017) - 10.10.10.77(23), 1 packet CM - Original Message - From: Roberts, Larry To: Sent: Monday, February 18, 2002 9:00 PM Subject: RE: Dening telnet access [7:35628] And for reference: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr as_r/1rfip1.htm#xtocid1 Note that your source address is NOT on the same Ethernet subnet ( 172.28.64.11/26 ) Your coming from 172.28.56.48. A routing decision is being made. Put your machine on the 172.28.64.11 subnet and show me this getting dropped. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 3:21 PM To: Roberts, Larry Cc: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] Not in my world: interface Ethernet4/0/0 bandwidth 1000 ip address 172.28.64.11 255.255.255.192 ip access-group 150 in no ip directed-broadcast no ip mroute-cache ! access-list 150 deny tcp host 172.28.56.48 any eq telnet log access-list 150 permit ip any any *Feb 18 12:11:42: %SEC-6-IPACCESSLOGP: list 150 denied tcp 172.28.56.48(57010) - 172.28.64.11(23), 1 packet Thank you!! Dave Roberts, Larry wrote: The only way that the access-list applied to the inbound interface ( non-vty ) blocked your telnet is if you were trying to telnet To an address that was not the directly connected address ( loopback or far side serial/ethernet ) If you were to telnet directly to the interface that the access-list was applied to you WOULD get in. Only an access-class applied To the VTY ports will stop that. Thanks Larry -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 1:05 PM To: [EMAIL PROTECTED] Subject: Re: Dening telnet access [7:35628] I know it does. I have, even fairly recently, locked myself out of a router via an inbound access list applied to an interface,DOH:( Try again and if it doesn't work I would like to see the config. Are you sure the interface on which you applied the access list is the interface you were telneting to/thru?? Dave Patrick Ramsey wrote: really? I have had no luck using inbound acl's to control telnet to the router...I always have to use acc's on the vty's Is there a trick to this? -Patrick MADMAN 02/18/02 12:16PM Actually telnet packets are processed by inbound access-list. Now if your refering to outbound access-lists then you would be correct. Dave Hire, Ejay wrote: Because telnet packets destined for the router are not normally processed by access-lists. (i don't understand why not, but hey...) instead do this access-list y deny xx.xx.xx.xx xx.xx.xx.xx line vty 0 n (n = the results of a ?, usually 4) access-class y -Original Message- From: McHugh Randy [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 4:49 PM To: [EMAIL PROTECTED] Subject: Dening telnet access [7:35628] Access list problem: Why does this extended access list not work to deny telnet access applied to the internet interface on a 2514? Extended IP access list 199 deny tcp any any eq telnet interface Ethernet0 ip access-group 199 in I have alot more statments than this and of course the statement access-list 199 permit ip any any to take care of the implicit deny all , but I can still access the router from the internet through telnet. Anyone have any ideas what else might be needed to prevent of selectivly allow telnet access to my router. Thanks, Randy -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Confidentiality DisclaimerThis email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying
Re: DLSW access-list problem - more info [7:34985]
DLSW uses port 2065 for read, and 2067 for write CM - Original Message - From: ME To: Sent: Saturday, February 09, 2002 10:05 PM Subject: DLSW access-list problem - more info [7:34985] I can see the the dlsw connection is useing tcp 2065, but seems to be another piece missing... (dlsw peer works fine without acces-list). Any help would be appreciated... I fly to SJ tomorow for the lab on Monday... Thanks! R0-R1#sh access-list 101 Extended IP access list 101 permit udp any any eq rip (23 matches) permit tcp any any eq 2065 (39 matches) permit tcp any any eq bgp deny ip any any (105 matches) R0-R1# R0-R1# DLSw: CONN: peer 150.20.12.2 open failed due to partner close DLSw: peer 150.20.12.2(2065), old state DISCONN, new state DISCONN R0-R1# DLSw: passive open 150.20.12.2(11021) - 2065 DLSw: action_b(): opening write pipe for peer 150.20.12.2(2065) R0-R1# DLSw: dlsw_tcpd_fini() for peer 150.20.12.2(2065) DLSw: tcp fini for peer 150.20.12.2(2065) while blocking R0-R1# DLSw: CONN: peer 150.20.12.2 open failed due to partner close DLSw: peer 150.20.12.2(2065), old state DISCONN, new state DISCONN R0-R1# DLSw: passive open 150.20.12.2(11022) - 2065 DLSw: action_b(): opening write pipe for peer 150.20.12.2(2065) R0-R1# DLSw: dlsw_tcpd_fini() for peer 150.20.12.2(2065) DLSw: tcp fini for peer 150.20.12.2(2065) while blocking Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34987t=34985 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: multicast / CGMP towards the multicast server [7:33964]
Like I said before, as long as you have a router connected to that segment (VLAN), multicast flooding will be constrained to the ports that have sent membership report. Non-registered clients will not be able to receive the multicast traffic, even though they are on the same VLAN as the sender. The router dynamically modifies the switch MAC table through CGMP messages. CM - Original Message - From: Priscilla Oppenheimer To: Sent: Saturday, February 02, 2002 11:22 PM Subject: Re: multicast / CGMP towards the multicast server [7:33964] At 06:18 AM 2/2/02, Nigel Taylor wrote: Even in an design where the host and the server reside on the same VLAN(segment) IGMP and CGMP still provide the ability to control flooding of multicast traffic. Specifically, when the host multicasts the IGMP membership report to the group with the address 224.1.2.3(MAC 0x0100.5E01.0203) and there's no existing mapping in its CAM table, the switch will flood the report on all ports in the VLAN. It's not the membership reports we're concerned about. It's the multicast traffic from the source multicast server. The question can be boiled down to this: When you enable CGMP does that mean the switch automatically stops flooding multicast traffic to all devices in the VLAN? Does the switch instead wait for the recipients to send their membership reports, which go to the router and then get converted into CGMP messages from the router to the switch? Only devices that have sent the membership report can receive the traffic. (There could be a problem if it works this way. The multicast server could start sending before anyone joined.) The question is not about basic IGMP and CGMP behavior. The question has to do with switch behavior in the special case where the source of the multicast traffic is on the same switch and in the same VLAN as the recipients. We're concerned because that sounds like it would cause normal multicast flooding to kick in. For that not to happen, the switch must be smarter than we're thinking. However, any futher attempts to join that existing group would then be limited to port listed in the CAM table that are eligible to recieve the multicast traffic for the group. Once again we're not talking about the membership reports (joins), although what you say is probably true. I wonder if what's also true is that the first membership report causes the switch to then not forward the server's multicast traffic to any devices not listed in the port list in the CAM table for the multicast address. That would make sense. Devices have to send their joins in order to get on the list and get the traffic. Chptr 14, pgs 412-442 of Beau Williamson's book Developing IP Multicast Network provides some really good info on this issue. I couldn't find an answer to our question. Maybe you could?? Thanks. And to add to the question I've been wondering about more ordinary multicasts, like OSPF Hellos and even BPDUs. If you enabled CGMP, would these not get sent to any devices that didn't implement IGMP and sent their membership report? That seems kind of ugly. Maybe it's not an issue because you would only use CGMP on the edge in switches that connect end devices. Priscilla The author does note that flat switched LAN designs will present major problems in gaining/maintaining control of multicast flooding. I guess this really comes down to the network design as with every other aspect of building a scalable and efficient network. Thoughts.. Anyone! Nigel At 09:28 PM 2/1/02, Nigel Taylor wrote: Priscilla, You are correct. Thanks for the added insight. Nigel You are nice to say this, but you know what I realized?! My answer doesn't resolve the quandary either! ;-) I now think that Fears' real fears had to do with the recipients and the server being on the same VLAN. This might cause the switch to forward the multicast traffic before it even checks the results of CGMP. The switch may do its default multicast flooding to ports in a VLAN and just make use of CGMP to learn about other ports. Am I making any sense? It's late. ;-) My guess it that the answer is still that CGMP is smart. Once you configure it, the switch knows to not do its normal multicast flooding and instead wait to hear from the router regarding which ports should receive the multicast flow. Hopefully someone can confirm that. Priscilla - Original Message - From: Priscilla Oppenheimer To: Sent: Friday, February 01, 2002 2:03 PM Subject: Re: multicast / CGMP towards the multicast server [7:33964] No offence, but that answer doesn't remove the quandary. The entire switch is a segment from the router's point of view. The router receives the IGMP Join and now knows that packets for that multicast group must be sent out that interface to that
Re: multicast / CGMP towards the multicast server [7:33964]
As long as there is a multicast router connected to the switch, and CGMP is enabled on that switch, then yes, the router will control flooding of multicast traffic on the switch ports. CM - Original Message - From: Fears Michael S SSgt 50 CS/SCBBN To: Sent: Friday, February 01, 2002 1:57 PM Subject: RE: multicast / CGMP towards the multicast server [7:33964] Nigel, Thanks, Yes the switch and users are all on the same VLAN. PIM and IGMP are working fine across the router and into other CGMP enable switches. The thing I was not sure of, was: if I have a server multicasting on the same switch/VLAN as other users, can I prevent the multicast stream from flooding the broadcast domain that the server is in? I was asked this question and my answer was no. I thought it was just poor design to have the multicast server on the same VLAN as the users who are not using it. Maybe I'm wrong?? -Original Message- From: Nigel Taylor [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 31, 2002 8:19 PM To: [EMAIL PROTECTED] Subject: Re: multicast / CGMP towards the multicast server [7:33964] Michael, Of course this would depend on if the multicast server and the host connected on the same switch was assigned to the same vlan(broadcast domain). Just some quick points to mention.. Routers by default will not forward multicast traffic. However, if you enabled a multicast routing protocol(PIM, DVMRP) then this is possible. The important thing here is that IGMP is used by hosts to inform routers of their intent to become part of a multicast stream. This depends on your implementation of the multicast protocol. IGMPv2 has been improved to support leaves from a multicast group which is not supported in IGMPv1. This way the host is able to notify the source of it's intent to leave the multicast group. This is will allow the routers to prune the multicast traffic from the segment removing the unnecessary traffic, providing no other host on the segment remains a member of the multicast stream A good title as recommended by a number of folks on the list is Developing IP Multicast Networks Author: Beau Williamson. ISBN: 157870779 HTH Nigel Original Message - From: Fears Michael S SSgt 50 CS/SCBBN To: Sent: Thursday, January 31, 2002 4:59 PM Subject: multicast / CGMP towards the multicast server [7:33964] If a multicast server is connected to a Cisco Switch running CGMP, and several hosts are connected to the same switch, will a router turn off the switch ports for the users that are not requesting the multicast? So, will CGMP work back towards the multicast server? Fears Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34055t=33964 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: term no mon command [7:33658]
no logging console CM - Original Message - From: Stuart Laubstein To: Sent: Wednesday, January 30, 2002 8:12 AM Subject: term no mon command [7:33658] I have a 3620 and I have to work on the console port but I am swamped with messages every few seconds as people try to log in via the pri. I used the term no mon command but it doesnt work--I still get connect messages etc. Does anyone have an idea where these message come from and how I can shut them off. We are using 12.0(7) XK1 Early Deployment release. thanks stuart Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33669t=33658 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router doesn't hold Enable Passwrod [7:33645]
enable secret xyz - Original Message - From: Gerd Thuemmler To: Sent: Wednesday, January 30, 2002 8:36 AM Subject: Re: Router doesn't hold Enable Passwrod [7:33645] Hi, In article , [EMAIL PROTECTED] says... The Syntax I entered is below ( config t en password password ) ...try: ena pass xyz Gerd Thuemmler Berlin, Germany Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33670t=33645 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: simple ISDN / PRI question [7:33357]
It is used for framing and synchronization. CM - Original Message - From: bergenpeak To: Sent: Sunday, January 27, 2002 3:40 PM Subject: simple ISDN / PRI question [7:33357] In Europe, a PRI carries 30B and one D channels. Each operates at 64kb/s. The overall PRI bandwidth is 2.048 Mb/s. 31 channels at 64 kb/s is 64kbps less than 2.048Mb/s. What's the 32nd 64kbps channel used for? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33370t=33357 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: default-metric 64 vs 2.....why?? [7:33231]
Those values came from Caslow. I don't have mine at hand right now, so can't give you the exact page number. I believe it is under the Redistribution section though. I will try and locate my Caslow, and email you the page number. CM - Original Message - From: Kane, Christopher A. To: 'Charles Manafa' ; [EMAIL PROTECTED] Sent: Friday, January 25, 2002 10:59 PM Subject: RE: default-metric 64 vs 2.why?? [7:33231] I thought redistribution into any other protocol besides OSPF would have a metric of 0. 0 is not understood by EIGRP, IGRP or RIP and therefore won't work. Redistribution into OSPF always assumes 20 unless you specify otherwise. Charles, could you site your source? I'm concerned that I may not understand redistribution as well as I thought if your numbers are right and mine are wrong. Are you giving the unreachable numbers because the redistribution won't work or do you have something that specifically states those numbers (16 and -1)? Thanks, Chris -Original Message- From: Charles Manafa [mailto:[EMAIL PROTECTED]] Sent: Friday, January 25, 2002 4:15 PM To: [EMAIL PROTECTED] Subject: Re: default-metric 64 vs 2.why?? [7:33231] When metric is not supplied, and there is no default metric, then routes redistributed into RIP will have a metric of 16 (unreachable), routes redistributed into IGRP will have a metric of -1 (unreachable), and routes redistributed into OSPF will have a metric of 20. CM - Original Message - From: Lupi, Guy To: Sent: Friday, January 25, 2002 7:50 PM Subject: RE: default-metric 64 vs 2.why?? [7:33231] It was a little confusing to me also while reading the new practical studies book, he does state that without a default metric or metric specified in the redistribution statement the redistribution won't work, and while this is true with most protocols, I have never had to specify one, default or otherwise with OSPF. I would be interested to see if anyone has an explanation for this, is it something due to link state versus distance vector? I haven't done much ISIS, I would be curious to see if you need to specify a metric for that, since you don't with OSPF. -Original Message- From: Vincent Miller [mailto:[EMAIL PROTECTED]] Sent: Friday, January 25, 2002 2:18 PM To: [EMAIL PROTECTED] Subject: RE: default-metric 64 vs 2.why?? [7:33231] Remember, the metric on ospf is cost, the metric on rip is hops. You always need a seed metric when redistributing, I can't explain why the ospf continues to run, but thats what rip wo't work. Its the same with EigrpIGRP, no metric, no work. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33278t=33231 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router problem inserting into token ring [7:33304]
Have you checked the ring speed? CM - Original Message - From: Joseph Slawinski To: Sent: Saturday, January 26, 2002 8:26 PM Subject: Router problem inserting into token ring [7:33304] I am having a problem I know most of you folks could help me with. I have two 2502 routers and two token ring hubs. The hubs are dumb hubs, they have no network management capabilities. They don't even have external power supplies. The problem is I am able to hook up my computers to the hubs, the token ring cards will automatically attemt to insert themselves into the rings on the hubs. The relays light up every 15 seconds, so I know that is working ok. My problem is, I am unable to configure the routers to insert themselves into the ring. I have experience connecting hubs with network management modules into routers with no problems, but I somehow can't find a way to configure the routers to attach to these dumb hubs. I know that I'm missing something key here. I was thinking maybe the media filters I am using are defective, but I can't be sure. I know this question may sound dumb, but I have nowhere else to turn. Thank you in advance for your help, Joseph J. Slawinski ATT Global Networks Network Technician CCNP,CCNA,A+,Apple,HP,Canon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33314t=33304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: default-metric 64 vs 2.....why?? [7:33231]
When metric is not supplied, and there is no default metric, then routes redistributed into RIP will have a metric of 16 (unreachable), routes redistributed into IGRP will have a metric of -1 (unreachable), and routes redistributed into OSPF will have a metric of 20. CM - Original Message - From: Lupi, Guy To: Sent: Friday, January 25, 2002 7:50 PM Subject: RE: default-metric 64 vs 2.why?? [7:33231] It was a little confusing to me also while reading the new practical studies book, he does state that without a default metric or metric specified in the redistribution statement the redistribution won't work, and while this is true with most protocols, I have never had to specify one, default or otherwise with OSPF. I would be interested to see if anyone has an explanation for this, is it something due to link state versus distance vector? I haven't done much ISIS, I would be curious to see if you need to specify a metric for that, since you don't with OSPF. -Original Message- From: Vincent Miller [mailto:[EMAIL PROTECTED]] Sent: Friday, January 25, 2002 2:18 PM To: [EMAIL PROTECTED] Subject: RE: default-metric 64 vs 2.why?? [7:33231] Remember, the metric on ospf is cost, the metric on rip is hops. You always need a seed metric when redistributing, I can't explain why the ospf continues to run, but thats what rip wo't work. Its the same with EigrpIGRP, no metric, no work. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33245t=33231 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: AUX to AUX dialup [7:32658]
I don't see dialer-list 1... in your nas2 config. CM - Original Message - From: D'Wayne Saunders To: Sent: Monday, January 21, 2002 4:53 PM Subject: AUX to AUX dialup [7:32658] Hi all I am having a few problem with connecting two 1720 routers for dialin and dial out from the aux port i dial in from nas2 to nas1 here are the config and debug of ppp negotation NAS1#sh ru Building configuration... Current configuration: ! ! Last configuration change at 10:49:00 CST Mon Jan 21 2002 by dwaynes ! NVRAM config last updated at 10:45:00 CST Mon Jan 21 2002 by dwaynes ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname NAS1 ! aaa new-model aaa authentication login default group tacacs+ enable aaa authentication enable default group tacacs+ enable aaa authentication ppp default group tacacs+ local aaa accounting exec default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ aaa accounting connection default start-stop group tacacs+ aaa accounting system default start-stop group tacacs+ ! username NAS2 password 0 ! ! ! ! memory-size iomem 25 clock timezone CST 9 30 ip subnet-zero no ip domain-lookup ip host r3 192.168.10.67 ip host r2 192.168.8.2 ! ! ! cns event-service server ! ! process-max-time 200 ! interface Serial0 no ip address no ip directed-broadcast no ip mroute-cache shutdown ! interface BRI0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface FastEthernet0 ip address 192.168.10.69 255.255.255.192 no ip directed-broadcast ! interface Async5 ip unnumbered FastEthernet0 no ip directed-broadcast encapsulation ppp dialer in-band dialer rotary-group 1 async mode dedicated fair-queue 64 16 0 ! interface Dialer1 ip unnumbered FastEthernet0 no ip directed-broadcast encapsulation ppp dialer in-band dialer-group 1 peer default ip address pool dial ppp authentication chap ! ip local pool dial 192.168.10.91 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 no ip http server ! access-list 1 permit any dialer-list 1 protocol ip list 1 tacacs-server host 192.168.10.100 tacacs-server key merlin06 ! line con 0 password 7 030752180500 transport input none line aux 0 modem InOut modem autoconfigure discovery transport input all stopbits 1 speed 115200 flowcontrol hardware line vty 0 4 password 7 01100F175804 ! ntp clock-period 17179467 ntp server 192.168.10.100 no scheduler allocate end NAS1# NAS2#sh ru Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname NAS2 ! ! username dwaynes password 0 merlin06 username NAS1 password 0 merlin06 memory-size iomem 25 ip subnet-zero ! chat-script Dialout ABORT ERROR ABORT BUSY AT OK ATDT T TIMEOUT 45 CONNE CT c ! ! ! ! ! interface Serial0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue ! interface BRI0 no ip address no ip directed-broadcast shutdown ! interface FastEthernet0 ip address 192.168.10.70 255.255.255.192 no ip directed-broadcast ! interface Async5 no ip address no ip directed-broadcast encapsulation ppp dialer in-band dialer pool-member 1 async default routing ppp authentication pap ! interface Dialer1 ip unnumbered FastEthernet0 no ip directed-broadcast encapsulation ppp dialer remote-name NAS1 dialer pool 1 dialer-group 1 ppp authentication pap ! ip classless no ip http server ! ! line con 0 transport input none line aux 0 modem InOut modem autoconfigure discovery stopbits 1 speed 115200 flowcontrol hardware line vty 0 4 login ! no scheduler allocate end NAS2# NAS1# 00:58:26: %LINK-3-UPDOWN: Interface Async5, changed state to up 00:58:26: As5 PPP: Treating connection as a callin 00:58:26: As5 PPP: Phase is ESTABLISHING, Passive Open 00:58:26: As5 LCP: State is Listen 00:58:28: As5 LCP: TIMEout: State Listen 00:58:28: As5 LCP: O CONFREQ [Listen] id 59 len 24 00:58:28: As5 LCP:ACCM 0x000A (0x0206000A) 00:58:28: As5 LCP:AuthProto PAP (0x0304C023) 00:58:28: As5 LCP:MagicNumber 0x5089FD8A (0x05065089FD8A) 00:58:28: As5 LCP:PFC (0x0702) 00:58:28: As5 LCP:ACFC (0x0802) 00:58:30: As5 LCP: TIMEout: State REQsent 00:58:30: As5 LCP: O CONFREQ [REQsent] id 60 len 24 00:58:30: As5 LCP:ACCM 0x000A (0x0206000A) 00:58:30: As5 LCP:AuthProto PAP (0x0304C023) 00:58:30: As5 LCP:MagicNumber 0x5089FD8A (0x05065089FD8A) 00:58:30: As5 LCP:PFC (0x0702) 00:58:30: As5 LCP:ACFC (0x0802) 00:58:32: As5 LCP: TIMEout: State REQsent 00:58:32: As5 LCP: O
Re: VLAN's [7:32351]
Configure bridge groups on the switch, and assign ports to the bridge groups as required. CM - Original Message - From: 416South To: Sent: Thursday, January 17, 2002 9:03 PM Subject: VLAN's [7:32351] Have a 2948GL 3 and want to set up a vlan but it docs state that you have to set up ISL . I don't want ISL enabled. is there a way to just create VLANS like in other L3 switches? I don't want to make these routeable or anything just L2 VLANS simple VLANS ie. when I do a int vlan 400 this would normally create a new vlan and put me into interface mode when i do a int vlan ? the options are to put in the vlan # but when I do all i get is a wrong command with the famous ^ at the vlan point in the command docs doc's dont seem to give enough info any Ideas thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32361t=32351 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP and ip load-sharing [7:28960]
Try the router bgp command maximum-paths 2 CM - Original Message - From: Alejandro Acosta To: Sent: Thursday, December 13, 2001 2:40 PM Subject: Re: BGP and ip load-sharing [7:28960] Hello, Thanks for answering me. I am using BGP because we have 2 Internet access and my customer has 2 providers too. Then, we have to use BGP This is the BGP configuration neighbor xxx.xxx.xxx.xxx description eBGP with Mycustomer neighbor xxx.xxx.xxx.xxx ebgp-multihop 2 neighbor xxx.xxx.xxx.xxx password 7 - neighbor xxx.xxx.xxx.xxx update-source Loopback1 neighbor xxx.xxx.xxx.xxx version 4 neighbor xxx.xxx.xxx.xxx maximum-prefix 8 I don't know why the packets that I am sending to my customer are not simetric in both links. However, the customer sends to me almost the same amount of traffic in both interfaces Thanks Alejandro MADMAN wrote: First problem, BGP doesn't load share but with IOS you can source an interface like a loopback, see BGP and loadsharing. If you have two parallel paths to a single provider why are you doing BGP??? Since you choose BGP I'll assume this is an Internet connection, set up two default routes, ip cef global command and the configs you have sent and you will have symetrical outgoing loadsharing. Dave Alejandro Acosta wrote: Hi All, This is my first message in the list. I am running a BGP session with a customer. It has 2 serial links with us (Each link of 2 Mbps). The customer and me have selected per-packet sharing in order to balanced the link. In this moment, the traffic that comes from the customer is very simetric in both links, however, the traffic that is sent to the customer from us is not simetric. As far as I know (if I am not wrong), if we are using load balacing per-packet, the incoming and outgoing traffic should be very very similar, right?. Why only the incoming traffic is simetric in this moment. This is the configuration for both interfaces in my router: interface Serial2/0 description Link 1 bandwidth 2048 ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx no ip directed-broadcast ip load-sharing per-packet no ip mroute-cache load-interval 30 no cdp enable hold-queue 1024 out ! interface Serial2/4 description Link number 2 bandwidth 2048 ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx no ip directed-broadcast ip load-sharing per-packet no ip mroute-cache load-interval 30 no fair-queue no cdp enable Any ideas? Thanks Alejandro Acosta P.D. I am using IOS 12.0(7)T -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=29080t=28960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: off topics / ARN Write String [7:27165]
Your best bet would be to use BCC. It is a memory hog, but much easier to work with. CM - Original Message - From: Nuurul Basar Mohd Baki To: Sent: Friday, November 23, 2001 3:17 AM Subject: off topics / ARN Write String [7:27165] Hai, I am trying to change a read only access to read/write on an ARN. the command that I am typing is as below [1:1]$ set wfsnmpcommEntry.wfsnpcommAcess.1 2 set: Invalid obj.attr.inst specified [1:1]$ commit [1:1]$ It do not work, I know that I have done some typing error here :( Can some one hep me on this matters Thanks Nuurul Basar Bin Mohd Baki Senior Customer Engineer Technical Support Department Solsis (M) Sdn Bhd Suite 5.02 Wisma Academy No 4A Jalan 19/1 46300 Petaling Jaya Tel 603-79577300 Fax 603-79562324 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27179t=27165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multicast Flooding [7:22025]
Any one have an idea on how to suppress multicast flooding on a 2948G-L3. The switch is configured with 3 bridge groups, and 3 bvi interfaces. The problem is that multicast packets are flooded throughout the bridge group the multicast server is connected to. Below is a snippet of the running config: ip multicast-routing ip dvmrp route-limit 2 bridge irb ! int f1 no ip address bridge-group 2 ! int f2 no ip address bridge-group 2 ! int f3 no ip address bridge-group 3 ! int bvi 2 ip add 10.10.20.1 255.255.255.0 ip pim sparse-dense-mode ! int bvi 3 ip add 10.10.30.1 255.255.255.0 ip pim sparse-dense-mode ! bridge cmf bridge 2 proto ieee bridge 2 route ip bridge 3 proto ieee bridge 3 route ip etc Software version is: cat2948g-in-mz.120-14.W5.20.bin CGMP is not supported on the bvi interface (at least not with this software release). CMF (Constrained Multicast Flooding) should do the trick, but doesn't appear to be working as expected. The flooding happens regardless of whether or not any host registers interest in receiving the multicast group. Multicast routing is working fine, and only registered hosts receive the multicast traffic, i.e flooding does not occur on the bridge group that the multicast server is not connected to. Any ideas will be greatly appreciated. CM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22025t=22025 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP route [7:21989]
Try turning off synchronization - no sync in the router bgp config. CM - Original Message - From: Daniel Ma To: Sent: Thursday, October 04, 2001 5:02 AM Subject: BGP route [7:21989] One of my customer uses Ethernet0/0, instead of Loopback as update source. (See following sample configuration) interface Ethernet0/0 ip address 200.110.60.1 255.255.255.0 router bgp 12345 bgp log-neighbor-changes network 200.110.60.0 neighbor 144.200.200.239 remote-as 1234 neighbor 144.200.200.239 ebgp-multihop 2 neighbor 144.200.200.239 update-source Ethernet0/0 ip route 144.200.200.239 255.255.255.255 Serial1/0 However, ISP thought it's loopback address, so in their configuration, they has a static route: ip route 200.110.60.1 255.255.255.255 Serial 4/1 However, internet users could ping to the router, but could not access servers which in the same subnet of Ethernet 0/0. For example, 200.110.60.2 Apparently, the network 200.110.60.0 was not advertised by BGP. Could anyone tell me why, and give some suggestion? Temporally, we asked ISP change the static route to: ip route 200.110.60.0 255.255.255.0 Serial 4/1 It's working now. But BGP should be able to advertise the route, am I right? So what's the problem here? Thanks, Daniel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22026t=21989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP route [7:21989]
Daniel, You only need to turn it off on your site only. CM - Original Message - From: Daniel Ma To: Sent: Thursday, October 04, 2001 12:56 PM Subject: Re: BGP route [7:21989] Thanks Charles, Should I just turn off synchronization on my site only? Or ISP site the BGP peer also need to turn off? Daniel Charles Manafa wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Try turning off synchronization - no sync in the router bgp config. CM - Original Message - From: Daniel Ma To: Sent: Thursday, October 04, 2001 5:02 AM Subject: BGP route [7:21989] One of my customer uses Ethernet0/0, instead of Loopback as update source. (See following sample configuration) interface Ethernet0/0 ip address 200.110.60.1 255.255.255.0 router bgp 12345 bgp log-neighbor-changes network 200.110.60.0 neighbor 144.200.200.239 remote-as 1234 neighbor 144.200.200.239 ebgp-multihop 2 neighbor 144.200.200.239 update-source Ethernet0/0 ip route 144.200.200.239 255.255.255.255 Serial1/0 However, ISP thought it's loopback address, so in their configuration, they has a static route: ip route 200.110.60.1 255.255.255.255 Serial 4/1 However, internet users could ping to the router, but could not access servers which in the same subnet of Ethernet 0/0. For example, 200.110.60.2 Apparently, the network 200.110.60.0 was not advertised by BGP. Could anyone tell me why, and give some suggestion? Temporally, we asked ISP change the static route to: ip route 200.110.60.0 255.255.255.0 Serial 4/1 It's working now. But BGP should be able to advertise the route, am I right? So what's the problem here? Thanks, Daniel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22031t=21989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I want to stop console messages [7:20889]
no logging console (global config command) - Original Message - From: Farooq Ahmed To: Sent: Monday, September 24, 2001 2:11 PM Subject: I want to stop console messages [7:20889] i m connected to console port of 2600 router. I want to stop console messages. Make a difference, help support the relief efforts in the U.S. http://clubs.lycos.com/live/events/september11.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20896t=20889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Etherchannel [7:20195]
NicExpress from IPMetrics will allow you to connect the server nics to both 6509s in active-active mode, i.e both nics are active at the same time. A virtual IP address is created for both nics (this is usually the primary nic's IP address). The software is very easy to setup, and provides SNMP monitoring. CM - Original Message - From: Larry Metzger To: Sent: Monday, 17 September, 2001 20:13 Subject: Etherchannel [7:20195] I'm working with a network that requires redundancy but also performance. We have 2 6509s with HSRP and Gigabit Etherchannel as shown in this article http://www.cisco.com/warp/public/473/23.html Currently servers are attached to each switch with the Intel dual NIC that allows for fail-over mode (each server has a NIC attached to each 6509). This does not utilized the bandwidth since the second port is only active when the first fails. Is there a way to configure Fast Etherchannel over the 2 6509s? I can find no reference for this. The only obvious way is to connect the server to one or the other 6509 and enable Fast Etherchannel. Any thoughts??? Thanks in advance for your help. Larry Metzger CCIE to be Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20212t=20195 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: configuring bridge on router [7:19936]
The 1 is the bridge-group number, and has local significance. For traffic to be bridged across router interfaces, all the interfaces must belong to the same bridge group. CM - Original Message - From: mak To: Sent: Friday, September 14, 2001 2:59 PM Subject: configuring bridge on router [7:19936] Hi All, I would like to know if I configure: bridge 1 protocol ieee Is it any special meaning for the 1? I configure the bridging between two routers like this PC R1 R2 PC I configure bridge 1 for R1 and bridge 2 for R2. But the PC can browse each other by NetBEUI. Is it this identifier number nothing special? or is there any special function? Thank a lot mak Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19962t=19936 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router as name server?? [7:19146]
I believe only the Distributed Director (4700-M), and most probably Cat6k and 7200 running SLB, can act as a DNS server. IMHO CM - Original Message - From: Ednilson Rosa To: Sent: Sunday, September 09, 2001 2:40 AM Subject: Router as name server?? [7:19146] Hi List! Is there any way of making a router act as a name server for the host names that are configured on it by the ip host command?? I would like to enter the hostnames of all routers of a network only on the central router and have it resolve the names for the other routers, instead of having to enter the ip host commands in every router or using a real dns server. Is that possible?? Regards, ER Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19245t=19146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quick CCIE Written Question [7:16797]
I agree with Brian, these are different route entries, and should all be installed. The route ultimately taken is dependent on the destination. CM - Original Message - From: Brian To: Sent: Wednesday, August 22, 2001 3:42 PM Subject: RE: Quick CCIE Written Question [7:16797] On Wed, 22 Aug 2001, Wright, Jeremy wrote: So for example, if you have the following 10.1.1.0/28 OSPF 10.1.0.0/24 EIGRP 10.1.1.0/26 Static Which route will be chosen? Thanks for the help. I guess that would depend where you are trying to go! You must provide a destination for someone to answer that question :) Brian -Original Message- From: McCallum, Robert [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 22, 2001 8:32 AM To: 'Wright, Jeremy'; [EMAIL PROTECTED] Subject: RE: Quick CCIE Written Question [7:16797] In a nut shell yes and no. i.e. Admin distance is the winner by means that the lower the admin distance the better, so a route learned from EIGRP will get into the routing table despite having a longer match route which was learned from say OSPF. BUT if you have two routes learned from the same admin distance then the longest match ALWAYS wins. Basically once the route is in the routing table then the longest match is the outmost winner. -Original Message- From: Wright, Jeremy [mailto:[EMAIL PROTECTED]] Sent: 22 August 2001 14:19 To: [EMAIL PROTECTED] Subject: Quick CCIE Written Question [7:16797] Does the longest match rule always override administrative distance?? [EMAIL PROTECTED] I'm buying / selling used CISCO gear!! email me for a quote Brian Feeny, CCIE #8036 Scarlett Parria [EMAIL PROTECTED] [EMAIL PROTECTED] 318-213-4709 318-213-4701 Netjam, LLC http://www.netjam.net 333 Texas St.VISA/MC/AMEX/COD Suite 1401 30 day warranty Shreveport, LA 71101 Cisco Channel Partner toll free: 866-2NETJAM phone:318-212-0245 fax:318-212-0246 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16905t=16797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson Test Question [7:16895]
Hello protocol is the process by which a DR is elected. Priority influences the election process. CM - Original Message - From: Wright, Jeremy To: Sent: Wednesday, August 22, 2001 10:41 PM Subject: Boson Test Question [7:16895] In OSPF, the DR is chosen by A. MAC B. Hello Protocol C. Priority D. IP I chose C but Boson says B. Obviously I have read a 1000 times that the DR is elected by highest priority, so is Boson wrong here or am I mis-interpreting the way the question is worded (typical Cisco).. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16908t=16895 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: a little OT: appletalk [7:16430]
There is a product called Dave, that would allow you to use TCP/IP only to talk to your NT/W2K server. CM - Original Message - From: Jim Bond To: Sent: Saturday, 18 August, 2001 01:36 Subject: a little OT: appletalk [7:16430] Hello, I have 2 offices connected each other with PIX running VPN. office1 has Mac users, office2 has a w2k server. Is there a way to have office1 Mac users access office2 w2k server? I already enabled File Service for Macintosh on the w2k server. I was told Appletalk must be enabled for Mac users to access w2k server, so should I use Appletalk AND TCP/IP or TCP/IP only? Thanks in advance. Jim __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16433t=16430 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list to allow IPSEC traffic through? [7:16367]
access-list 101 permit esp host x.y.z.1 host a.b.c.d access-list 101 permit ahp host x.y.z.1 host a.b.c.d CM - Original Message - From: Jim Bond To: Sent: Saturday, 18 August, 2001 01:59 Subject: RE: Access list to allow IPSEC traffic through? [7:16367] How to permit or deny IP protocol 50 or 51? Access-list 100-199? Thanks in advance. Jim --- Kent Hundley wrote: Andy, For future reference, when in doubt its always best to go to the source, i.e the RFC's. You can get a complete reference of the RFC's at: http://www.rfc.net Having said this, in general for IPSec to work you'll need to allow ISAKMP, which uses UDP port 500. This is _usually_ both the source and destination port, but not always. Some VPN clients use a random UDP source port, so you'll have to allow for that unless you know for a fact that your VPN clients don't have this behavior. If you use ESP only (which is common), you just need to also allow IP protocol number 50. If you use AH, you need to also allow IP protocol 51. (_not_ TCP/UDP port numbers, IP protocol numbers) These will be both the source and destination IP protocols. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Andy Sent: Friday, August 17, 2001 6:39 AM To: [EMAIL PROTECTED] Subject: Access list to allow IPSEC traffic through? [7:16367] Hi Does anyone know the correct requirements to allow IPSEC traffic through an access list on a perimeter router? Everything works OK without the access list in place. I know it's something to do with allowing the correct port numbers/protocols through, etc... but can't seem to find any more info. Any help greatly appreciated. Andy [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16434t=16367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Static routes [7:15851]
Yes, you can. - Original Message - From: Hawthorne, Mike MM To: Sent: Monday, 13 August, 2001 14:08 Subject: Static routes [7:15851] Can anyone tell me if you are able to use a loopback address in a static route. For example ip route x.x.x.x y.y.y.y 196.8.87.17 x.x.x.x y.y.y.y being the loopback address. Thanks Mike __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relating to the official business of Standard Bank Investment Corporation (Stanbic) is proprietary to the company. It is confidential, legally privileged and protected by law.\ Stanbic does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Stanbic. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Stanbic can not assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. __ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15853t=15851 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12784]
What encapsulation are you using? -Original Message- From: Andrew Larkins [mailto:[EMAIL PROTECTED]] Sent: 18 July 2001 12:17 To: [EMAIL PROTECTED] Subject: RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12780] the very weird thing here is at RTS DTS etc are all up both devices are on a /30 subnet no problems here. I do not need any routing because these are directly connected networks. NO crc errors on link flap/ interface resets!! Very confused -Original Message- From: Phil Barker [mailto:[EMAIL PROTECTED]] Sent: 18 July 2001 12:45 To: [EMAIL PROTECTED] Subject: Re: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12778] Andrew, From what you say your remote end is working fine both in Tx and Rx and your Tx is working fine since remote end sees your cdp. Your Rx appears to be the problem. Have you tried swapping out your local Serial cable ? What about 'sh int serial xxx' to check your pins ? DCD RTS etc. regards, Phil. --- Andrew Larkins wrote: HI all, Strange problem here. The serial interface are UP UP on both sides, but we are not able to ping each other - even though directly connected. A debug ip ICMP on the remote site shows the ping coming through and replying, but the reply never gets back. Also the remote site saw my router using CDP, but I do not see him. Any ideas?? I believe this is Telco related, but the line shows clean from the interface stats Andrew [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12784t=12784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12790]
Can you post your priority list config -Original Message- From: Andrew Larkins [mailto:[EMAIL PROTECTED]] Sent: 18 July 2001 13:01 To: [EMAIL PROTECTED] Subject: RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12785] The interface resets are from when we moved the config to other ports to rule out physical issues First side Serial3/0 is up, line protocol is up Hardware is CD2430 in sync mode Description: Internet address is 10.99.253.17/30 MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: priority-list 1 Output queue (queue priority: size/max/drops): high: 0/20/0, medium: 0/40/0, normal: 0/60/0, low: 0/80/0 5 minute input rate 25000 bits/sec, 60 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1073220 packets input, 61641174 bytes, 0 no buffer Received 1911 broadcasts, 0 runts, 0 giants, 0 throttles 2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored, 0 abort 9220 packets output, 906798 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Remote side: Serial1/0 is up, line protocol is up Hardware is CD2430 in sync mode Description: xxx Internet address is 10.99.253.18/30 MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 00:00:02, output 00:00:02, output hang never Last clearing of show interface counters 00:00:02 Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: priority-list 1 Output queue (queue priority: size/max/drops): high: 0/20/0, medium: 0/40/0, normal: 0/60/0, low: 0/80/0 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1 packets input, 56 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1 packets output, 56 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up -Original Message- From: Farhan Ahmed [mailto:[EMAIL PROTECTED]] Sent: 18 July 2001 13:24 To: 'Andrew Larkins' Subject: RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:1 2780] send me the sh int -Original Message- From: Andrew Larkins [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 18, 2001 3:17 PM To: [EMAIL PROTECTED] Subject: RE: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12780] the very weird thing here is at RTS DTS etc are all up both devices are on a /30 subnet no problems here. I do not need any routing because these are directly connected networks. NO crc errors on link flap/ interface resets!! Very confused -Original Message- From: Phil Barker [mailto:[EMAIL PROTECTED]] Sent: 18 July 2001 12:45 To: [EMAIL PROTECTED] Subject: Re: WAN link funnies - UP UP but no comms- on same subnet!!! [7:12778] Andrew, From what you say your remote end is working fine both in Tx and Rx and your Tx is working fine since remote end sees your cdp. Your Rx appears to be the problem. Have you tried swapping out your local Serial cable ? What about 'sh int serial xxx' to check your pins ? DCD RTS etc. regards, Phil. --- Andrew Larkins wrote: HI all, Strange problem here. The serial interface are UP UP on both sides, but we are not able to ping each other - even though directly connected. A debug ip ICMP on the remote site shows the ping coming through and replying, but the reply never gets back. Also the remote site saw my router using CDP, but I do not see him. Any ideas?? I believe this is Telco related, but the line shows clean from the interface stats Andrew [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12790t=12790 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Error in configuring ISDN [7:12611]
No IP address has been provided for your BRI0/0 interface. CM -Original Message- From: NKP [mailto:[EMAIL PROTECTED]] Sent: 17 July 2001 11:25 To: [EMAIL PROTECTED] Subject: Error in configuring ISDN [7:12611] Hi , I am facing an error in configuring the ISDN on my Cisco 2620 with the BRI S/T interface card , it keeps on getting disconnected after it dials , can anyone guide me what mistake I could be making ? cisco2620#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname cisco2620 ! ! username mcse password 0 mcse ! ! ! ! ip subnet-zero no ip domain-lookup ! isdn switch-type basic-net3 isdn voice-call-failure 0 ! ! ! interface FastEthernet0/0 ip address 200.100.10.1 255.255.255.0 no ip directed-broadcast ip nat inside duplex auto speed auto ! interface Serial0/0 ip address 10.100.10.1 255.0.0.0 no ip directed-broadcast clockrate 64000 ! interface BRI0/0 no ip address no ip directed-broadcast ip nat outside encapsulation ppp dialer string 172324 dialer-group 2 isdn switch-type basic-ni isdn spid1 0 isdn spid2 0 isdn calling-number 172324 ppp authentication chap ! ip nat inside source list 1 interface BRI0/0 overload ip classless no ip http server ! access-list 1 permit any dialer-list 2 protocol ip list 2 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end cisco2620# The error message that I am recieving is as follows : cisco2620# 07:14:36: ISDN BR0/0: Outgoing call id = 0x800C, dsl 0 07:14:36: ISDN BR0/0: Event: Call to 172324 at 64 Kb/s 07:14:36: ISDN BR0/0: process_bri_call(): call id 0x800C, called_number 172324, speed 64, call type DATA 07:14:154618822656: CC_CHAN_GetIdleChanbri: dsl 0 07:14:154618822656: Found idle channel B1 07:14:154618822656: ISDN BR0/0: received HOST_INFORMATION call_id 0x800C 07:14:184683593728: ISDN Event: dsl 0 call_id 0x800C B channel assigned by switch 0 ISDN BR0/0: received HOST_PROCEEDING call_id 0x800C 07:14:184683593728: B-channel assigned in previous message call id = 0x800C 07:14:186844205132: ISDN BR0/0: received HOST_ALERTING call_id 0x800C 07:14:184683593728: ISDN BR0/0: DEV_CALL_PROGRESSING: modem 3A bchan 0, call_id 800C, cause 0 07:14:184683593728: ISDN BR0/0: HOST_PROGRESS: VOICE ERROR 3A: bchan 0, call id 800C 07:14:186844205132: ISDN BR0/0: received HOST_CONNECT call_id 0x800C 07:14:184683593775: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up 07:14:184683593792: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 172324 07:14:186844205036: ISDN BR0/0: Event: Connected to 172324 on B1 at 64 Kb/s 07:14:186844205132: ISDN BR0/0: received HOST_INFORMATION call_id 0x800C 07:14:197568495616: ISDN BR0/0: received HOST_DISCONNECT call_id 0x800C 07:14:197568495616: ISDN BR0/0: Event: Call to was hung up. 07:14:199729106892: ISDN BR0/0: process_disc_ack(): call id 0x800C, ces 1, call type DATA 07:14:197568495663: %ISDN-6-DISCONNECT: Interface BRI0/0:1 disconnected from 172324 , call lasted 3 seconds 07:14:199729106700: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down 07:14:206158430207: CC: dsl 0 No CCB Src-L3 cid 0x800C, ev 0x99 ces 1 07:14:244813135872: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0/0, TEI 80 changed to down 07:14:244813135872: In L3_StopT309 for dsl 0. 07:14:246973706992: ISDN BR0/0: Incoming call id = 0x3, dsl 0 07:14:246971349881: ISDN BR0/0: received HOST_DISCONNECT_ACK call_id 0x0 07:14:246973747196: ISDN BR0/0: HOST_DISCONNECT_ACK: call type is INTERNAL 07:14:244813135872: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0, TEI 80 changed to up 07:14:249108103167: Null Spid: 0 07:14:246971359084: In L3_StopT309 for dsl 0. cisco2620# cisco2620# cisco2620# My interface configurations are as follows : cisco2620#sh int bri0/0 BRI0/0 is up, line protocol is up (spoofing) Hardware is PQUICC BRI MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Last input 00:00:03, output never, output hang never Last clearing of show interface counters 01:08:36 Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/16 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 352 packets input, 1622 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 352 packets output, 1524 bytes, 0 underruns 0 output errors, 0
RE: Subject: RE: urgent question related to vtp [7:11687]
Word up!!! -Original Message- From: Paul Werner To: [EMAIL PROTECTED] Sent: 14/07/01 07:29 Subject: Re: Subject: RE: urgent question related to vtp [7:11687] ***VERBOSITY BIT IS SET*** Delete now if you are time challenged. Comments within and below. I have been struggling with the evil VTP also. ;-) I have a few questions. Is VTP required? Evil VTP. I love it. Yes, for the uninitiated, VTP can literally bring down an entire network if you are not careful. It has happened. To answer your question above, no it is not required in the strictest sense. Specifically, VTP can be set to transparent mode. You cannot completely turn VTP off, because to do so, would necessarily break the protocol's operation and segment your network into different VTP domains. You have a choice of three modes to use. They are VTP server, VTP client, and VTP transparent. Think of VTP transparent as the manual mode and VTP client and VTP server as semi- automatic mode. There is never full automation, because somebody still has to pull the trigger (in this case physically add, modify, or delete a VLAN). Officially, Cisco says that VTP functions in the following manner: 1. As a VTP server you can create, modify, and delete VLANs. You can also specify other VTP parameters such as VTP version, VTP pruning, MD5 password, etc. You also synchronize your VTP information with other VTP servers and clients. It's configuration is saved in some form of NVRAM. 2. As a VTP client, they are the same as the VTP server save for the fact that you cannot add, delete or modify VLANs or VLAN parameters:-) You can however synchronize with other VTP devices and forward VTP advertisements. Your VTP configuration is not saved in NVRAM. 3. A switch using VTP transparent can act just like a VTP server. It can add, modify, and delete VLANs. It cannot however synchronize with other VTP devices. It must however forward all VTP advertisements (lest it break VTP's operation). Cisco instructions regarding VLANs usually start with having you configure VTP, but do you need VTP? (assume a small network with few VLANs) As I mentioned previously, you cannot fully turn it off. I challenge you to do so. Go ahead and get on the console of your IOS based switch. If it is a CAT 2900XL or a CAT 3500XL, go into the vlan database configuration mode. if you are on an almost IOS based Catalyst 1900, go to global config and Type the following command: no vtp transparent See what happens. Do a sh vtp and see what mode you are in. If it reads VTP server, go back to global config and do a no vtp server. See what happens. I think you will find that it complains just a tad:-) So, to get to where I think you said you really wanted to go, you might want to set your VTP mode to transparent on all of your switches. If all of your switches happens to be 2 switches, it is no big deal. If all of your switches is 75 switches, that might be a little cumbersome. What will be even more cumbersome is when you have to add VLAN 78 to all 75 switches. That will be very fun - NOT:-) That is why VTP was created; namely to ease the administration of a large LAN switched network. Here's a design tip. Have a grand total of two VTP servers in any given VTP domain. One is designated as the primary and the other is the secondary. The primary is always used to configure VTP information unless it is down for maintenance. While down, the secondary is used, as long as the network did no get partitioned with the other switch being down. Make sure that the primary has its configuration revision number set to zero prior to entering the VTP domain(more later on this). Once the primary comes back up, it should synchronize with the secondary. The primary is then used again for VTP configuration. How does VTP interact with trunks, if at all? No Trunk = no VTP advertisements. Trunking is a mandatory part of VTP operation. I can configure a trunk to carry traffic for a subset of the VLANs that VTP advertises, can't I? Sure. You can prune user VLANs from trunks. Here's the catch. VTP advertisements are carried over the management VLAN. That's not one you would necessarily prune from a trunk. In many folks' networks, the management VLAN is VLAN 1. This can be changed if needed for security reasons. (not sure why I would want to, but I'm just confirming your point that VTP is misnamed, e.g. it is not a trunking protocol) In all fairness, they had to give it some name 8-) Let's see, we got this neat protocol that will keep all of the VLANs synchronized over the entire network. Let's call it VSP (VLAN synchronization protocol). That unfortunately doesn't speak to the transparent mode which does not synchronize. Hey, we need a trunk to make this thing work. Whaddya say we call it VLAN Trunking Protocol. If nothing else, at least the name will remind
RE: The Proxy ARP process [7:12198]
I don't think that hosts (capable of using default gateway) with no configured default gateway can arp for devices on a different network. Proxy arp is for hosts with no concept of default gateway or subnet mask. These hosts will arp for any IP address, and the local router (with proxy arp enabled) will respond if the target IP address is on a different network, and the router has a route to the target network. I also think that hosts with a default gateway pointing to themselves will arp for all addresses. CM -Original Message- From: Ted Dronen [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 23:26 To: [EMAIL PROTECTED] Subject: RE: The Proxy ARP process [7:12198] What it is: Proxy ARP is a method by which routers make themselves available to hosts that do not have a configured default gateway. Proxy ARP is enabled on Cisco routers by default. no ip proxy arp is the command to disable Proxy Arp on a per interface basis. Consider the following: Host A (192.168.1.2/24) needs to send a packet to host B (192.168.2.2/24) located in another network. A router with two ethernet ports connects to the 192.168.1.0 network on its first Ethernet port, and connects to the 192.168.2.0 network on its second Ethernet port. 192.168.1.0 192.168.2.0 Network Network Host A---Router--Host B .2.1.1 .2 Host A does not have a configured default gateway, and therefore does not know how to reach a router to connect to hosts outside the 192.168.1.0 network. Consequently, it may issue an APR request for 192.168.2.2. The router, receiving this request on Ethernet 1 (with Proxy ARP enabled), and knowing how to reach network 192.168.2.0, will issue an ARP Reply with its own MAC address in the hardware address field of the ARP Reply. In doing so, Host A believes that the router's Ethernet1 interface is the interface of Host B. Host A will make an entry in its ARP table using the MAC address of Ethernet1 on the router for Host B and unicast all subsequent packets for Host B to the router. See RFCs 925, and 1027. Are you having specific trouble with something? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12255t=12198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dialer idle-timeout [7:12256]
Interesting traffic will bring up the link, and maintain it. Whilst the link is up, any traffic can cross the link, but only interesting traffic can reset the idle timer. CM -Original Message- From: Burnham, Chris [mailto:[EMAIL PROTECTED]] Sent: 13 July 2001 11:39 To: [EMAIL PROTECTED] Subject: dialer idle-timeout [7:12256] I am currently working throught the Caslow , Pavlichenko Cisco Certification Book I have a query on page 163 that you guy's and girl's maybe able to help me with. It states that the DDR connection is maintained as long as interesting traffic is transferred over the connection before the dialer-idle-timeout occurs.? Is this correct?? I was alway's under the impression that the interesting traffic only determined what brought up the link once the link was up it would stay up regardless of traffic type crossing the ISDN link I would like to hear your opinions Chris Burnham, Systems Engineer, Delphis Consulting Plc. Tel: +(44) 020 7916 0200 Mob: +(44) 07799403576 [EMAIL PROTECTED] This e-mail and any files transmitted with it are intended solely for the addressee and are confidential. They may also be legally privileged. Copyright in them is reserved by Delphis Consulting PLC [Delphis] and they must not be disclosed to, or used by, anyone other than the addressee. If you have received this e-mail and any accompanying files in error, you may not copy, publish or use them in any way and you should delete them from your system and notify us immediately.E-mails are not secure. Delphis does not accept responsibility for changes to e-mails that occur after they have been sent. Any opinions expressed in this e-mail may be personal to the author and may not necessarily reflect the opinions of Delphis. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12258t=12256 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPX Network addresses [7:11990]
I have always thought that NetWare only auto-generated its internal network number (based on date and time of installation, which semi-gurantees uniqueness of the address), but the external network numbers had to be entered manually for each frame type. I may be wrong, but I don't think it auto-detects existing network numbers on the line. CM -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 03:18 To: [EMAIL PROTECTED] Subject: RE: IPX Network addresses [7:11990] Cool. I know about the different frame formats and running multiple ones which means you'll have multiple network numbers. I didn't know NetWare would automatically assign network numbers. What does it do if there are other servers and/or routers sharing the segment and they have already assigned the network number(s)? Is it smart enough to pick up on this? Thanks Priscilla At 08:08 PM 7/11/01, Patricia Leeb-Hart wrote: While it's certainly preferable to assign network numbers manually, NetWare will assign a random unique 8-digit hex IPX network number, depending on the installation process you choose. The express installation is really only useful for one-server environments and is an option I never used. Now, as to why it would assign multiple network numbers: normally only one frame type would be loaded (default is 802.3 with 3.2 and 4.x). However, it gives you the option to load them all, and often inexperienced admins will do so. So, if you loaded all the frame types and allowed NetWare to generate the network numbers, NetWare assumes that you'd do this in order to run multiple IPX networks. It's analogous to creating secondary addresses or sub-interfaces on a router, each with its unique network number and/or encapsulation. (i'd really like to see the AUTOEXEC.NCF for this particular server ) This isn't as much of an issue with 5.x, as the default protocol is IP. However, if you choose to install IPX compatibility, it will still offer you the choice of randomly generating the IPX network number. It's a NetWare thang. Priscilla Oppenheimer 07/11/01 01:28PM Interesting. Why would it generate network numbers, though? Shouldn't network numbers be manually configured? Priscilla At 04:11 PM 7/11/01, Patricia Leeb-Hart wrote: I finally feel qualified to comment on a question on this list (having worked with NetWare for the past 6 years) The addresses you're seeing are generated automatically. What's happening here is that the new server has every single Ethernet frame type loaded, and as a result is using different IPX network number for every frame type. New 3.x and 4.x servers will do this if you perform an install using all the defaults. You need to run INSTALL (or NWCONFIG if 5.x), edit the AUTOEXEC.NCF and remove all BIND statements referencing frame types you don't want to use. Ethernet_II is preferred. NetWare 5.x is more restrained and tries to use IP only. Ayers, Michael 07/11/01 12:12PM Those were either auto generated, or picked up from reading frames on the wire. -Original Message- From: Elmer Deloso [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 11:31 AM To: [EMAIL PROTECTED] Subject:IPX Network addresses [7:11990] hi, group. I just noticed that after installing NetWare server, it gave me this info regarding types of IPX frames: Frame type Network address Ethernet_802.2 3D410DCD Ethernet_802.3 1E0F4F9E Ethernet_SNAP FF994BB0 Ethernet_II D393B805 For the IPX gurus in the group, can someone tell me if there is some type of logic as to how the network address is translated from the type of frame used? Just to answer my curiosity. Thank you. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12092t=11990 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN QUERY [7:12068]
Use static route on router D. This will overide the dynamically learnt route to 10.1.1.0 CM -Original Message- From: Grad Alfons Kanon [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 06:49 To: [EMAIL PROTECTED] Subject: VPN QUERY [7:12068] All, need help, I have such scenarios like this. Router A as the headquesrter connect to router B, C and D, (let says using star connection) Segment A's ethernet: 172.10.0.0 segment B's ethernet: 10.0.0.0 segment C's ethernet: 170.20.0.0 segment D's ethernet: 170.30.0.0 let's assume that all of the WAN interfaces from B C D to A are using /30 mask and using 170.100.0.0 segment. Routing protocol is dynsmic (EIGRP or OSPF) The problem is: there's one small segment in C router (let says in other ethernet) that has 10.1.1.0/24. How can I create a VPN from B to C, so if client from D want to go to 10.1.1.0 segment, they will go to B first , not direcly go to C. regards Grad __ ___ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12093t=12068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely off topic here... [7:12060]
I have a vinyl player capable of attaining two speeds (can't remember what they are), with a whopping, monstrous 5watts RPM per speaker...beat that -Original Message- From: Tony van Ree [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 06:52 To: [EMAIL PROTECTED] Subject: RE: Completely off topic here... [7:12060] Hi, This ole guy will make you jealous, I have a Telecaster for over 30 Years now, a Precision Bass a couple of years newer, a 12 String Rickenbacker, and one you won't see outside Australia but is about as good an acoustic aas you'll get a Maton CW80 getting well into it 30's. Just some of a good little collection that I still use when I'm short or just for fun. Teunis, Hobart, Tasmania Asutralia On Wednesday, July 11, 2001 at 11:47:47 PM, [EMAIL PROTECTED] wrote: Ole - I play a Strat myself, great guitars (and always a fan of Mr. Ray Vaughn) I just bought a Spyder Line 6 Amp, but my main-stay is an old Fender 75...Great Amps, but they weigh a ton... As for Portland, I just moved up from the Bay Area...This place is rockin' Good job market, very low cost of living. The only thing you have to get over is the weather. Granted, it has been 80 - 90 lately, it is usually overcast and raining. I heard Houston was really turning around, and, funny thing, my wife wants to start looking in Austin.. I heard the market is really looking good out there. Cheers, Duncan -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 8:10 PM To: '[EMAIL PROTECTED]'; Ole Drews Jensen; [EMAIL PROTECTED] Subject: RE: Completely off topic here... It sure is Duncan, It's my Fender Princeton Chorus which I use with my Standard Fender Stratocaster, my SRV Signature Fender Stratocaster, my Jackson and my Epiphone. It's always nice to pick the guitar and play some riffs. I can see you're from Oregon. That's actually a place my wife and I have talked about moving to, the day we get really really tired of the traffic and polution in Houston. How is it workwise - are there some good jobs with decent salaries up there? Thanks, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.oledrews.com/ccnp NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 10:08 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Completely off topic here... Ole - Just curious about the backround of your lab shot...Is that a guitar amp ??? Looks so much like my lab ??? Thanks, Duncan Duncan Wallace Sr. Network Engineer CCNA CCNP 800.COM Inc. 1516 NW Thurman St Portland, OR 97209-2517 Direct: 503.944.3671 Cell: 503.969.8248 Fax: 503.943.9371 Web: http://800.com Email: [EMAIL PROTECTED] -Original Message- From: Ole Drews Jensen [ mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 7:07 PM To: [EMAIL PROTECTED] Subject: OSPF Neighbor - I'm confused! [7:12048] Okay. Everything works in my new frame relay environment. I have followed the Configuring OSPF for a Single Area in an NBMA Environment section of my CiscoPress BSCN book. Router 1 is setup as a Frame Relay switch. Router 2 and 3 are communicating with eachother on a PVC through Router 1. Router 2's connected interface has an OSPF priority of 0, and Router 3 has therefore been elected as the DR, and I have added Router 2's IP address manually on Router 3 as it's OSPF neighbor. All this works great. If I do a show ip ospf int on Router 3, it shows that it's the DR, and that it has one OSPF neighbor - Router 2. Now, the book tells me that even though it's not necessary, I should add Router 3 as the OSPF neighbor on Router 2. I am a very nice guy, so I did that right away. However, this is where I am confused... After I have added Router 3 as the OSPF neighbor on Router 2 (and of course have saved the configuration), it does not show up in my sh conf like Router 2 does on Router 3. But, it does show up in show ip ospf int on Router 2 as it's neighbor. I don't get it. Can anyone turn on the light here? Thanks, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.oledrews.com/ccnp NEED A JOB ??? http://www.oledrews.com/job -- www.tasmail.com Message Posted
RE: Access-list Question [7:12043]
I don't believe this guy will actually implement this configuration. I think he just wants to know if it is theoretically possible. CM -Original Message- From: Tony van Ree [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 06:56 To: [EMAIL PROTECTED] Subject: Re: Access-list Question [7:12043] Hi, You have one in and one out. It would seem a bit strange blocking and/or allowing the same stuff in both directions however. Also if you were to monitor your access-list 100 it would not be able to identify which way the data came from easily. Just a thought Teunis, Hobart, Tasmania Australia On Wednesday, July 11, 2001 at 08:12:38 PM, Washington Rico wrote: Is it true that you can have only one access-list per direction per interface. If so the below configuration be correct or incorrect. Thank you for your input. interface BRI0/0:1 description Connection Segment bandwidth 64 ip address X.X.X.X 255.255.255.240 ip access-group 100 in ip access-group 100 out no ip directed-broadcast encapsulation ppp no keepalive no cdp enable __ ___ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12095t=12043 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: redistribute subnet vs. redistribute connected [7:12103]
OSPF also uses redistribute connected to redistribute all connected interfaces that don't belong to any OSPF area, but have IP enabled on the interfaces. These are redistributed as external to the AS. CM -Original Message- From: Jeongwoo Park [mailto:[EMAIL PROTECTED]] Sent: 12 July 2001 12:12 To: [EMAIL PROTECTED] Subject: redistribute subnet vs. redistribute connected [7:12103] Hi all One is ospf's subnet command: redistribute subnet The other is eigrp's connected command: redistribute connected Are these two kind of same? I know that without subnet keyword, ospf's routing table shows only major network address that are not directly connected the redistributing router will be redistributed. I was wondering if this is true for eigrp's connected Thanks JP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12108t=12103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing polices [7:11896]
Note that Policy Route Mapping disables fast cache. 1. Divide your users into two subnets 2. In global config, create route maps for policy routing - route-map E0 permit 10 3. Specify access list to use - match ip address 101 4. Set the outbound interface - set interface s0 5. Create the access list - access-list 101 permit ip [subnet1] any 6. Apply the route map to the interface - ip policy route-map E0 7. Do the same for the second interface - route-map E1 permit 10 (global config) match ip address 102 set interface s1 access-list 102 permit ip [subnet2] any (global config) ip policy route-map E1 (interface config) CM -Original Message- From: Jacek Malinowski To: [EMAIL PROTECTED] Sent: 11/07/01 10:17 Subject: Re: Routing polices [7:11896] I can't use BGP !!! On Linux routers there is no problem, but I see that the Cisco has a big problem. I receive only advice use BGP. I don't need any BGP. I want only that LAN 0 go through serial0 and LAN 1 do through serial1, on my Linux routers I do this on 3 second. Who really understand route-map command and routing policy on cisco routers ? MacDonald wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... is your Router has AS number Use BGP multi homing config Jacek Malinowski wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have 2 ISP and 2 serial and 2 ethernet in my 2509 Cisco router. I want half my LAN goes through ISP1 and serial 0 and ethernet 0. And the other through ISP2 and serial1 and ethernet1. How should I do this ? What combination with route map should I use ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11928t=11896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Still having BRI stress! [7:11653]
Uche, You may have an end-to-end connectivity problem. What does debug ppp negotiation give you. I believe your ISDN line is good, and the problem might be the other end. Also, try dropping ppp multilink. CM -Original Message- From: Uche Ishionwu [mailto:[EMAIL PROTECTED]] Sent: 10 July 2001 11:28 To: [EMAIL PROTECTED] Subject: RE: Still having BRI stress! [7:11653] Christian, I have IOS version 12.0. currently running..see config below I also configured the line as ppp multilink..just check out the config, and let me know what's wrong. PS: Are u in Germany by any chance - please let me know. cheers! config- oks#sh conf Using 1721 out of 29688 bytes ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname oks ! no logging monitor enable secret 5 $1$IU9Q$qYwqs3CXuKmsl1y1GjcM30 enable password oks ! username msn password 0 msn ! ! ! ! memory-size iomem 15 ip subnet-zero no ip domain-lookup ! isdn switch-type basic-net3 isdn voice-call-failure 0 isdn tei-negotiation first-call ! ! ! interface FastEthernet0/0 ip address 192.168.0.2 255.255.255.0 no ip directed-broadcast duplex auto speed auto ! interface BRI0/0 description OKS testing interface! no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 dialer pool-member 2 isdn switch-type basic-net3 isdn twait-disable ! interface Dialer1 description connected to ELSATEST ip unnumbered BRI0/0 ip access-group 1 in ip directed-broadcast encapsulation ppp dialer remote-name msn dialer pool 1 dialer idle-timeout 2147483 either dialer wait-for-carrier-time 90 dialer string 0192658 dialer hold-queue 100 dialer-group 1 no cdp enable ppp authentication chap ppp multilink ! interface Dialer2 ip address 192.168.8.3 255.255.255.0 ip access-group 1 in ip directed-broadcast encapsulation ppp dialer pool 2 dialer idle-timeout 2147483 either dialer wait-for-carrier-time 90 dialer string 0192658 dialer hold-queue 100 dialer-group 2 no cdp enable ppp authentication chap ppp multilink ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 no ip http server ! access-list 1 permit any access-list 99 permit any dialer-list 1 protocol ip permit dialer-list 1 protocol ipx permit dialer-list 2 protocol ip list 99 ! line con 0 transport input none line aux 0 line vty 0 4 password uche1 login ! end oks# Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11678t=11653 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: urgent question related to vtp [7:11687]
VLANs are created by switches operating in Server mode, and VTP is the means by which the configuration is pushed out to other domain members. Switches operating in Client mode can not create/delete/modify VLANs, but can use the VLANs already created. CM -Original Message- From: getme [mailto:[EMAIL PROTECTED]] Sent: 10 July 2001 13:04 To: [EMAIL PROTECTED] Subject: urgent question related to vtp [7:11687] Hi, I am kinda confused. Wot i understood from the doucumentation is that in vtp domains, we can add vlans from server on clients. Can this be done? and if yes how its done? i am using 2900xl Thanks in advance -- Do you VisualMail? Grab a copy of the best WebMailer right now! http://www.mintersoft.com/visualmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11691t=11687 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [7:11709]
Are you having a laugh... -Original Message- From: Donald B Johnson jr [mailto:[EMAIL PROTECTED]] Sent: 10 July 2001 15:28 To: [EMAIL PROTECTED] Subject: Re: [7:11709] Can you use rip to route cdp. Why? - Original Message - From: Lowell Sharrah To: ; Sent: Tuesday, July 10, 2001 7:09 AM Subject: Re: [7:11709] this is a common misconception. A routing protocol is a protocol like eigrp, igrp, is-is,ospf, etc. A routed protocol is like ipx/spx, tcp/ip, vines, decnet, etc. A routed protocol must have a layer 3 address so netbios or cdp cannot be routed by themselves. Donald B Johnson jr 07/10/01 09:59AM Couple issues there wilson. First the csu-dsu issue, someone is spoofing my e-mail address check the header it says SR not JR. Second my response was to mohamed not parky, I thought his definition was a little off. Also I thought the response should have made the person (Mohamed) think, not just recite the cisco routED routING line. Let me reinterate the question Ask yourself can a router route without a protocol. Maybe you can trace a packet from the time it leaves the source and arrives at the destination for us Wilson. I did think it was a good question to ask someone who answered Parky's question with that response. Although I didn't answer the csu/dsu question I don't mind someone using my e-mail address cause if they told them to get a book that is a good answer. Lets get a roll call of all you CCIE's that didn't do their own research. - Original Message - From: Wilson, Bradley To: Sent: Tuesday, July 10, 2001 6:10 AM Donald, I know you think your responses are helpful, but I have to let you know that I don't think they are. Think about what you're saying to this person, and try to see it from their perspective: they obviously don't speak English. What they're asking isn't so much a technical question as it is a definitional question. You also wrote a reply (to I believe the same poster) when he asked what a CSU/DSU was. Your response was to get a book and read through it this time. Could you perhaps have included some suggestions as to which books he might read? Keep in mind that CSU/DSU functionality is not covered in any CCNA-level text that I've ever read, and is not part of the Cisco curriculum. The question was valid, and your response belittled the poster. Please make sure your responses in the future are respectful and helpful. Sincerely, Bradley J. Wilson Donald B Johnson jr wrote: Ask yourself a question can a router route without a protocol. - Original Message - From: Mohamed El Komy To: Sent: Tuesday, July 10, 2001 12:45 AM Subject: Re: routing and routed [7:11655] parky chan wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear What is the different of routing protocols and routed protocols and give me example? Bradley J. Wilson CCNP CCDP MCSE NNCSS CNX MCT CTT EDS/Boston Scientific Account (508) 650-8739 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11726t=11709 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load Balancing [7:11731]
HSRP is run on the Ethernet interface of both routers in one subnet. You want to create two HSRP groups, not two subnets. Use priority to influence which router is primary for which HSRP group. CM -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 10 July 2001 15:54 To: [EMAIL PROTECTED] Subject: Load Balancing [7:11731] Hi Folks, Further to my last mail I want to pose the following scenario / question... I have one LAN switch which is connected to 2 Cisco 2600 routers which have E1 channelised cards installed. Both these routers are connected back to the central site using 256K E1 Lines. I intend to enable HSRP on the two routers to provide for high availability and load balancing. Each router will act as the default gateway for its own subnet but be able using HSRP to act as the default gateway for the other subnet should its router fail... Host will be spread evenly over the two subnets to provide for load balancing... Okay... I am fairly certain the above approach works. But... I am dealing with fairly small offices, and I would like to avoid having to use two subnets / default gateways.. Basically is there a better way I can implement this Your help is greatly appreciated... Kind Regards, Peter. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11734t=11731 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My BRI interface will not respond! [7:11045]
BRI Leased-Line service is only available in Japan and Germany, and operates like a serial point-to-point leased line. However, the service has to be requested. Also, I understand that channel aggregation at 128K is only available in Japan. Can you confirm that this service has been setup for you, and that Germany now supports 128k channel aggregation. Do you have a properly configured device at the other end of the leased-line? CM -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 09 July 2001 01:25 To: [EMAIL PROTECTED] Subject: RE: My BRI interface will not respond! [7:11045] Well, your current config doesn't look like it will do much - there's nothing to tell it where to dial. I suspect that is the cause of your error message. How are you trying to get it to dial? Traffic to 192.168.8.0 will be directed to BRI1/0, but BRI1/0 has no dialer string or dialer map to associate a number to dial. If you've tried other configs that do have the association, have you spoken to your telco to find out whether they actually think the ISDN service is working? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 09/07/2001 10:03 am --- Uche Ishionwu @groupstudy.com on 06/07/2001 05:05:59 pm Please respond to Uche Ishionwu Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: RE: My BRI interface will not respond! [7:11045] Hello Jenny, currently the lights are blinking, but there seems to be no data-traffic. you might want to take a look at my current config. -Uche. ps: this is the only message i keep on receiving upon implementing debug isdn q921/9931 ! 00:36:15: No dialer db, manual isdn call can't dial out what does this mean please??? config-- oksen Password: oks#sh conf Using 1662 out of 29688 bytes ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname oks ! no logging console no logging monitor enable secret 5 $1$DjGs$cxj/.CpMxoel/kKvi.Wqn1 ! ! ! ! ! memory-size iomem 15 ip subnet-zero ! isdn switch-type basic-net3 isdn voice-call-failure 0 isdn tei-negotiation first-call isdn leased-line BRI1/0 128 ! ! ! interface FastEthernet0/0 ip address 192.168.0.2 255.255.255.0 no ip directed-broadcast duplex auto speed auto ! interface BRI0/0 description This is my domain!! ! no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/0 description l ip address 192.168.8.2 255.255.255.0 no ip directed-broadcast fair-queue 64 16 0 ! interface BRI1/1 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/2 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/3 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface Dialer0 no ip address no ip directed-broadcast dialer in-band no cdp enable ! interface Dialer1 ip address negotiated ip directed-broadcast dialer in-band dialer map ip 192.168.9.5 name ELSATEST 02710755 no cdp enable ! ip classless ip route 192.168.0.0 255.255.255.0 FastEthernet0/0 ip route 192.168.8.0 255.255.255.0 BRI1/0 no ip http server ! ! map-class dialer ! map-class dialer oks_cisco1 dialer-list 1 protocol ip permit ! line con 0 password ucheoma transport input none line aux 0 line vty 0 4 login ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11419t=11045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP and IGRP network discovery [7:11273]
I believe the question is asking for Network Discovery method NOT Neighbor Discovery method. CM -Original Message- From: abc [mailto:[EMAIL PROTECTED]] Sent: 08 July 2001 09:34 To: [EMAIL PROTECTED] Subject: Re: EIGRP and IGRP network discovery [7:11273] IGRP use distance vector routing protocol alogorithm to discover neighbor. EIGRP use link state routing protocol algorithm to discover neighbor. Metric calaucation is basically same, but eigrp multiply 256. No wonder, cisco certification is no longer valueable. John Feuerherd Hello all, I'm studying for my CCIE written exam and I came across a question on a sample test that has me a little baffled. It states that EIGRP and IGRP use the same network discovery method. I know they use the same metrics, but I am under the impression that they use different methods when discovering networks. Am I correct in that statement? Thanks in advance, JF Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11435t=11273 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I Need an Advise [7:11294]
If I was retiring in 20 months time AND I have to do one or the other, then I will opt for a Master's degree - more prestigious, and IMO more valuable than CCNA and MCSE. I regard CCNA as a stepping stone into the network industry, and generally requires that more certifications will ensue. CM -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 08 July 2001 04:11 To: [EMAIL PROTECTED] Subject: I Need an Advise [7:11294] Hi. After 20 years in the U.S. Navy, I'm changing career to IT. I just finished my BS in Information Technology. Which do you think is better: 1)pursue a Master's Degree in IT, or 2) to study for CCNA and MCSE at Community College. The Navy is willing to spend money for scholarship for these; it's just a matter of (my) choice. And I have to use this before I retire in 20 months. I need an advise from you folks. Thanks, Val Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11438t=11294 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT [7:11245]
www.cisco.com -Original Message- From: a. ahmad To: [EMAIL PROTECTED] Sent: 07/07/01 13:37 Subject: NAT [7:11245] hi, can any one describe NAT Function in detail (many-to-one). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11248t=11245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: My BRI interface will not respond! [7:11045]
You can't ignore the dialer map statement, you need it for legacy DDR. That's what binds the remote IP address to a phone number. CM -Original Message- From: Uche Ishionwu To: [EMAIL PROTECTED] Sent: 05/07/01 11:53 Subject: My BRI interface will not respond! [7:11045] Who can help me? I am trying to get cisco2620 modular router to route out of it's bri interface. can anyone help? below you will find a copy of th current configurationthe only significant interface to look out for here is Bri1/0 ...This is the interface i am testing with at the moment. You can just ignore the Dialer map / dialer interface configurations for now. I just want to see the interface showing some sign of lifeat the moment the lights wont even flicker, even though the debug(q921 q931) messages I'm receiving arent showing me anything relevant. I would really appreciate any form of help. Cheers Pash! Config oksen Password: oks#sh conf Using 1443 out of 29688 bytes ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname oks ! no logging console no logging monitor enable secret 5 $1$DjGs$cxj/.CpMxoel/kKvi.Wqn1 ! ! ! ! ! memory-size iomem 15 ip subnet-zero ! isdn switch-type basic-net3 isdn voice-call-failure 0 ! ! ! interface FastEthernet0/0 ip address 192.168.0.2 255.255.255.0 no ip directed-broadcast duplex auto speed auto ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/0 ip address 192.168.8.2 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer string 053 dialer string 02710750 dialer-group 1 isdn switch-type basic-net3 ! interface BRI1/1 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/2 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface BRI1/3 no ip address no ip directed-broadcast shutdown isdn switch-type basic-net3 ! interface Dialer0 no ip address no ip directed-broadcast dialer in-band no cdp enable ! ip classless ip route 192.168.0.0 255.255.255.0 FastEthernet0/0 ip route 192.168.8.0 255.255.255.0 BRI1/0 no ip http server ! ! map-class dialer ! map-class dialer oks_cisco1 dialer isdn speed 56 dialer-list 1 protocol ip permit ! line con 0 password ucheoma transport input none line aux 0 line vty 0 4 login ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11047t=11045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about IGMP queries and reports [7:11062]
I don't think the router needs to be configured to be in any multicast group in order to process the membership report. A router is registered for a multicast group if it receives a membership report for that multicast group. These membership reports can be unsolicited or in response to membership query. In IGMP v1, a router will periodically multicast a membership query with the GDA set to 0.0.0.0. A host from all active multicast groups will send a report in response to the query. In version 2, a router can direct the membership query to a specific group, by setting the GDA to the group's address. The router uses membership reports to maintain its multicast table. Groups are added to the table (or refreshed) when membership reports are received, and existing groups are removed from the table, if no membership reports are received for that group. CM -Original Message- From: R.Srikanth To: [EMAIL PROTECTED] Sent: 05/07/01 14:39 Subject: Question about IGMP queries and reports [7:11062] Hi, I have a question about IGMP queries and reports. 1. When an IGMP querier router sends a query, this packet is sent to 224.0.0.1 address (01-00-5e-00-00-01) to which all multicast capable hosts listen. 2. When a host sends a membership report (either in reponse to the query, or an unsolicited report ) for the group in which it is a member ( say 224.1.1.1), the report is sent to the 224.1.1.1 address. This is the address specified in the 'Group address' field of the IGMP report message, as well as the destination IP address of the IP packet carrying this report. The Ethernet frame that encapsulates this packet would carry the destination Layer-2 multicast address of 01-00-5e-01-01-01. This method ensures report suppression by other hosts which are members of the same group, as they will listen to this address and suppress their reports. The querying router has to pick this frame and look into the IGMP report to know that the host is or wants to be a member of 224.1.1.1 group. Does it mean that router is also a member of this group inorder to pick this frame and process the report message ? If another host is a member of a different group 224.1.1.2 and sends report to this address, should the router listen to this address also to process the reports for this group ? How will the router to know what groups it should listen to, so that it can process the report messages to find out what groups are active ? What method does the router use, if this is not the correct one ? Thanks, Srikanth. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11072t=11062 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: debug dialer event/packet [7:10972]
sh dialer CM -Original Message- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: 04/07/01 12:22 Subject: debug dialer event/packet [7:10972] Hi All, Is there a way to see who is (IP address) causing the ISDN line to come up. I tried using debug dialer event/packet and got only this. Jul 4 11:01:12 UTC: Serial4/0:15: rotor dialout [priority] Jul 4 11:01:12 UTC: Serial4/0:15: Dialing cause: Dialer2: ip PERMIT Jul 4 11:01:12 UTC: Serial4/0:15: No holdq created - not configured Jul 4 11:01:12 UTC: Serial4/0:15: Attempting to dial 1234567890 Is there another way to check that ? Regards, Tarry -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net GMX Tipp: Machen Sie Ihr Hobby zu Geld bei unserem Partner 11! http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10975t=10972 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Advertising Default Route [7:10742]
The concept of default route is the same which ever routing protocol you are using. With BGP however, you can advertise default route to selected peer(s) if you wish. Can you explain a little bit more about your network. How many exit points do you have? CM -Original Message- From: Tay Chee Yong To: [EMAIL PROTECTED] Sent: 03/07/01 04:17 Subject: Advertising Default Route [7:10742] Hi, I am running BGP in my network, however, I do not understand the implications of advertising default route to my peer. How will this action affect my network? My Manager forbids me to advertise default route to our peer. Can someone please advise? Thanks. Regards, Cheeyong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10782t=10742 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Browser Issue with Network Neighbourhood [7:10780]
Consider deploying WINS server if you want full visibility of your network. Browsing generally requires broadcast capability, in the absence of a WINS server. By default, routers do not pass broadcasts. However, I believe that Network Neighbourhood browsing uses directed broadcast, so perhaps, enabling directed broadcast on your router might work. CM -Original Message- From: Richard Spencer To: [EMAIL PROTECTED] Sent: 03/07/01 09:50 Subject: Browser Issue with Network Neighbourhood [7:10780] Hello i am unable to browse the network through a router, eg. i can ping the server and the server is our dhcp which we get our Ip address from. When we go to the Network Neighbourhood icon it is unable to see the server or any other servers for that matter We are using IP and tried with Ipx and netbeui for the hell of it even though its not a routed protocol. can anyone help ??? any advice is better then no advice even if its just a one line comment thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10788t=10780 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PASSED BCRAN! + BIG gripe [7:7794]
you need to be MCSE (McDonalds Certified Systems Engineer), or specialize in chips technology. -Original Message- From: hal9001 To: [EMAIL PROTECTED] Sent: 03/07/01 13:35 Subject: Re: PASSED BCRAN! + BIG gripe [7:7794] I think I'm going to give up and apply to McDonalds! - Original Message - From: Buri, Heather H To: Sent: Tuesday, July 03, 2001 1:04 PM Subject: RE: PASSED BCRAN! + BIG gripe [7:7794] He must be a speed reader! :-) I need to take that course. Heather Buri CSC Technology Services - Houston Phone: (713)-961-8592 Fax: (713)-961-8249 Mobile: Alpha Page: Mailing: 1360 Post Oak Blvd Suite 500 Houston, TX 77056 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 03, 2001 4:38 AM To: [EMAIL PROTECTED] Subject: Re: PASSED BCRAN! + BIG gripe [7:7794] Thats impressive.. if he had 50 questions in his bcran test he done each one in circa 8 secs Regards, Ronald Regan. Jayesh Patel @groupstudy.com on 03/07/2001 09:21:46 Please respond to Jayesh Patel Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Peter McCracken/DMR/CA) Subject: Re: PASSED BCRAN! + BIG gripe [7:7794] Hi Just for you info my brother passed his BCRAN 7 min with a score of 930. He passed his CIT in 5 mins at a score of 954 and Switching in 9 min a score of 870. Regards Jayesh Patel CNE,MCNE,MCP,MCP+Internet,MCSE,CCNA,CCDA,CCNP,CCDP,CCIE written,CCNP + Voice Access, CSE in Small Business,CSE in Enterprise Business and CSE for Voice Access Solutions. - Original Message - From: hal9001 To: Sent: Saturday, June 09, 2001 9:49 AM Subject: Re: PASSED BCRAN! + BIG gripe [7:7794] The Syngress Published book CCNP Remote Access Study Guide ISBN:007211908X has an excellent section (Ch2) on ALL of the relevant Cisco Router offerings. The IDG I find that its better, if you can afford it, to not stick with just one source but go to multiple sources not only to get a balanced view but also to find other information omitted by another publisher/author. The future gains always (hopefully) outweigh the present costs. After all, all these books are just an authors/publishers interpretation of the Exam Objectives. Its pot luck what questions you get in the exam so best to cover ALL the bases if you can. Karl - Original Message - From: Michael L. Williams To: Sent: Friday, June 08, 2001 10:23 PM Subject: PASSED BCRAN! + BIG gripe [7:7794] Hello all.. Passed the BCRAN with an 898 today. not a bad exam. A couple of vague questions (or questions that seemed to have more than one correct answer but only one answer was asked for). Even took time to write some comments and finished in 35 minutes. One HUGE gripe: The Cisco Press book had a huge chapter on the Cisco 700. The Exam Cram Remote Access book had a pared down chapter on the 700 just highlighting the stuff you need to know for the exam (which was nice). I had maybe 2 or 3 questions about the 700 series. BOTH books had a single, small paragraph on the 1600 series tho saying it's for branch not SOHO and takes a WIC card. THAT'S IT! I went through all 4 quizzes in both of the Boson BCRAN exam 1 and 2 (over 400 questions) and I kept getting hammered with questions about the Cisco 1600 and what interfaces the different models had (something neither book had any details about). Lucky for me I tried to take note, instead of blowing it off, because I got as many if not more questions about Which model of 1600 has a 56K/ISDN/Serial port than I did about the Cisco 700. I have to say that I'm disappointed that there were so many questions about the 1600 series compared to the 700 series, yet the Cisco Press and Exam Cram book barely mentioned them I can't believe the Cisco Press book dedicated a very lengthy chapter to the 700 with so few questions on the exam while virtually ignoring the 1600! KUDOS TO BOSON for making practice exams that not only are a good simulation of the real exams but also covered material that exam creators didn't even include in their own study book (Cisco!). I owe my 898 to Boson for hammering me with 1600 questions and letting me get the info I needed for the real exam while I was practicing for it. Now on to Support for CCNP then CID for CCDP Woohoo! Thanks to everyone for the group.. seeing people in the group talking and passing exams motivates me to keep going! Mike W. EOM NOTICE - This message contains information intended only for the use of the addressee named above. It may also be confidential and/or privileged. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action in reliance on it.
RE: Is EIGRP a DV or LS protocol [7:10657]
EIGRP is an advanced Distance Vector protocol, but also known as a hybrid protocol, because it exhibits attributes from both world. CM -Original Message- From: CCIE TB To: [EMAIL PROTECTED] Sent: 02/07/01 17:02 Subject: Is EIGRP a DV or LS protocol [7:10657] Hi Group members, Is EIGRP a Distance Vector or a Link State protocol. I thought it is a Link State until I read Cisco BSCN book, which classify it as both. Is that possible. Regards to all Adiah _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10660t=10657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP [7:10428]
There are two possible scenarios here. One is to divide the user community into two - half will use one gateway, the other will use the second gateway. To accomplish this 2 HSRP groups will be configured on the routers. Each router will be active for one group, and backup for the other group. 2 DHCP servers will then need to be setup, each serving half of the scope with the gateway set to one of the HSRP groups. This solution will, in principle, divide the traffic evenly. Obviously, in practice, several issues such as traffic pattern, and DHCP availability will need to be considered. The second solution depends on whether you are running a routing protocol with your ISPs. If you receive full or partial routes from your ISPs, then it is possible to have one HSRP group, but enable ICMP redirect on the routers. This will have the effect of using both links intelligently, using which ever router has a better route/metric to the destination. I don't think that HSRP can be used to invoke a backup link, depending on the traffic threshold. CM -Original Message- From: Sam Sneed To: [EMAIL PROTECTED] Sent: 29/06/01 20:58 Subject: HSRP [7:10428] I was doing a little research on HSRP and had a question for anyone who has configured it. I read the whole RFC 2281 and could not find my answer there. If you have two routers running HSRP with T1 lines to the internet, 1 is the standby and one is the active. Does all traffic only go through the active at all times unless it dies? If so isn't it a waste not ever utilizing the T1 line thats on standby (of course until the active fails)? If bandwidth exceeded 1.5MB would the second router kick in to share the load or would it totally take over? With these 2 routers acting as a single virtual router would throughput ever be able to exceed 1.54 MB assuming each has its own T1 connection? thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10496t=10428 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Technical Questions [7:10427]
Anyone know of a position going at McDonalds...this networking business is getting a bit too strenuous for me. CM -Original Message- From: Howard C. Berkowitz To: [EMAIL PROTECTED] Sent: 30/06/01 14:12 Subject: Re: Technical Questions [7:10427] I'm pretty good at allocating address blocks in binary as well. What I'm not good at is analyzing several decimal addresses (with variable-length masks) to see if they overlap. I almost always am forced to write these out in binary. See additional in-line comment. Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Open Forum might be more up to speed if your free-time consists of working address plans in binary or looking for probability in the pregnant chads of Fortran punch cards :o) There's something wrong with doing address plans in binary? Best way to learn, once you realize you don't have to do all 32 bits in binary. Seriously, when I plan an address structure, and I am documenting it, my primary mode is binary, and then converting to dotted decimal where appropriate. Now, when I say planning address structures, it often is to say a /19 here, split into 8 /21 for I'll agree you're probably pretty good at subne Harrumph. I was using that technique known only to true addressing experts, where you polarize the bits and use Northern and Southern addresses in the same space. It might LOOK like ordinary mortals could only get 4 /21 out of a /19, but with polarizing overload, you double the space! The only real problem with polarizing as a general technique is that if you test the network in North America but move it to Australia, you have to readdress. If part of the network is in the Northern Hemisphere while some remains in the Southern Hemisphere, you have to use NAT (Network Address Turnover), and no host will work properly _on_ the equator. Just as the modem modulation people kept getting more and more bits into a baud, there are research efforts to get more address space by adding polarization modes. Unfortunately, bits seem stable only in a vertical polarization. If they aren't solidly grounded, they fall over and are eaten by bit-scavenging bacteria. Virus protection software is ineffective against bacteria. While prions are not strictly viruses, there is strong belief that a prion infection, against which antiviruses would not have helped, caused the Mad Dow Syndrome that has affected our industry. It is unclear if the prions were inserted by a cyberterrorist, or are merely a NASDAQ mutation. If anyone wonders, the power went out in the middle of the night (tree branch hit a wire) and I am short on sleep. tting in your head. Your typing skills could be further honed, however. :-) areas. Not boasting here, but when you've been doing these for what...15 years or so, I can do a fair bit of subnetting in my head. There are tricks, but I wouldn't confuse a beginner with them. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10520t=10427 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP and CCIE [7:10281]
10 -Original Message- From: Iyuri Yagami To: [EMAIL PROTECTED] Sent: 28/06/01 16:52 Subject: CCNP and CCIE [7:10281] Hello Does any body know that how many CCNA, CCDA, CCNP, CCDP and CCIE are in the world ??/ Iyuri Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10285t=10281 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 1603 router config - part 2 [7:10304]
If you turn on debug ppp authentication you will see what's gone wrong. Basically, there is no username entry in router WH for the ppp chap hostname - bob, or router hostname - Bow. CM -Original Message- From: Andrew Lawrence To: [EMAIL PROTECTED] Sent: 28/06/01 20:18 Subject: 1603 router config - part 2 [7:10304] I've managed to connect 2 1603 routers together up to a fashion but I have 2 questions From one router I can ping the other router (it dials the number connects and then the ping replies) From the other router if I ping it dials but gets disconnected, a debug shows the following 01:50:12: BR0 DDR: rotor dialout [priority] 01:50:12: BR0 DDR: Dialing cause ip (s=172.30.70.2, d=192.168.10.2) 01:50:12: BR0 DDR: Attempting to dial 02077394093 01:50:12: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up 01:50:12: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1 01:50:12: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 02077394093 01:50:13: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down 01:50:13: DDR: Call disconnected, 1 packets unqueued and discarded 01:50:13: BR0 DDR: has total 2 call(s), dial_out 0, dial_in 0 01:50:13: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di1 01:50:13: BR0:1 DDR: disconnecting call. Question 1 Why is it doing this , I haven't really paod much attention to authentication, is any going on ! Question 2 If I have PCs on the network with the router that does dial out OK and have their default gateway set are they likely to communicate with a server on the other side (if that has its gateway set as well) i.e is there any other ip type config required on the routers? TIA Andy Here are the 2 router configs (p.s the 172.30.70.x network wasn't one of mine !) Router one - Can't ping other router Current configuration WH version 12.0 service timestamps debug uptime service timestamps log uptime service password-encryption hostname Wh enable secret 5 username Router password 7 ip subnet-zero no ip source-route isdn switch-type basic-net3 ! interface Ethernet0 ip address 172.30.70.2 255.255.255.0 no ip directed-broadcast no ip proxy-arp interface BRI0 no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 no fair-queue no cdp enable ! interface Dialer1 description RCN ip unnumbered Ethernet0 no ip directed-broadcast no ip proxy-arp encapsulation ppp no ip split-horizon dialer remote-name Wh dialer idle-timeout 300 dialer string 01220394093 dialer hold-queue 10 dialer load-threshold 10 either dialer pool 1 dialer-group 1 ppp authentication chap ppp chap hostname mick ppp chap password 7 14041D0D0505242437 ppp pap sent-username mick password 7 120A0A111B0A020B39 ppp multilink ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 192.168.10.0 255.255.255.0 Dialer1 ! dialer-list 1 protocol ip permit ! line con 0 exec-timeout 120 0 transport input none line vty 0 4 exec-timeout 0 0 login local ! end And router 2 - can dial and gets a reply to pings Current configuration Bow ! version 12.0 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname Bow ! enable secret 5 ! username Router password 7 023 username Wh password 7 1522 ip subnet-zero no ip source-route no ip domain-lookup isdn switch-type basic-net3 ! interface Ethernet0 ip address 192.168.10.2 255.255.255.0 no ip directed-broadcast no ip proxy-arp ! interface BRI0 no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 no fair-queue ppp authentication chap pap callin ppp multilink ! interface Dialer1 description RCN ip unnumbered Ethernet0 no ip directed-broadcast no ip proxy-arp encapsulation ppp no ip split-horizon dialer remote-name bow dialer idle-timeout 300 dialer string 0207224680 dialer hold-queue 10 dialer pool 1 dialer-group 1 ppp authentication chap ppp chap hostname bob ppp chap password 7 08264542050A ppp pap sent-username bob password 7 07082840421A ppp multilink ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 172.30.70.0 255.255.255.0 Dialer1 ! dialer-list 1 protocol ip permit ! line con 0 exec-timeout 0 0 transport input none line vty 0 4 exec-timeout 0 0 login local ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10327t=10304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: redistribution of network 0.0.0.0, use the [7:10087]
default-information originate will inject 0.0.0.0 in OSPF, PROVIDED that the router itself has a default route (either learnt dynamically, or set statically). To force the injection of default route into OSPF, whether or not the router has a default route, use default-information originate always. CM -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 26 June 2001 23:59 To: [EMAIL PROTECTED] Subject: redistribution of network 0.0.0.0, use the default-information [7:10032] Does default-information originate injecting 0.0.0.0 in OSPF? Do you have to be careful when injecting 0.0.0.0 in OSPF? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=10087t=10087 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access list problem [7:9939]
It appears that you are allowing web access (www) to only two servers (.204 and .215). Which direction are you applying this acl, are you hosting the web services? CM -Original Message- From: John Brandis [mailto:[EMAIL PROTECTED]] Sent: 26 June 2001 09:26 To: [EMAIL PROTECTED] Subject: Access list problem [7:9939] Hi All, I thought I was on top of access lists, until today. When ever I apply this particualr access list in IOS 11.2 , nothing on the network can view internet pages. They can ping no problem but nothing else. Please advise if you can, on which line the error is. Thanks all, I appreciate it. Extended IP access list 110 deny tcp any any eq 139 permit udp any any eq domain permit tcp any any eq domain permit icmp any any permit tcp any host 203.111.42.200 eq ftp-data permit tcp any host 203.111.42.200 eq ftp permit tcp any host 203.111.42.200 eq 22 permit tcp any host 203.111.42.204 eq ftp-data permit tcp any host 203.111.42.204 eq ftp permit tcp any host 203.111.42.204 eq www permit tcp any host 203.111.42.204 eq 3389 permit tcp any host 203.111.42.215 eq smtp permit tcp any host 203.111.42.215 eq www permit tcp any host 203.111.42.215 eq 3389 permit ip host 203.111.42.224 any permit ip host 203.111.42.225 any permit ip host 203.111.42.226 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9941t=9939 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Console command [7:9805]
The key-combination I meant to post is ctrl+r. The IOS version I'm using right now is 12.0(14), and it works on it. I use it all the time. CM -Original Message- From: Raees Ahmed Shaikh [mailto:[EMAIL PROTECTED]] Sent: 26 June 2001 07:16 To: 'Charles Manafa' Subject: RE: Console command [7:9805] Thanks for your support, however I tried this command in two of my routers using versions 11.3 and 12.0 respectively but it didnt work, can you tell me in which version is this command supported. Thanks. -Original Message- From: Charles Manafa [mailto:[EMAIL PROTECTED]] Sent: Mon, June 25, 2001 8:57 PM To: [EMAIL PROTECTED] Subject: RE: Console command [7:9805] will also refresh the command line. CM -Original Message- From: Richard Chang To: [EMAIL PROTECTED] Sent: 25/06/01 18:39 Subject: Re: Console command [7:9805] Try logging synchronous To synchronize unsolicited messages and debug output with solicited Cisco IOS software output and prompts for a specific console port line, auxiliary port line, or virtual terminal line, use the logging synchronous line configuration command. Use the no form of this command to disable synchronization of unsolicited messages and debug output. logging synchronous [level severity-level | all] [limit number-of-buffers] no logging synchronous [level severity-level | all] [limit number-of-buffers] Richard Raees Ahmed Shaikh wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear All, Pls suggest the command to break into the console, once it is showing lot of debugging output on the console, and we want to log into the router for checking the util etc. Can we interrupt the logging on the console to give preference to keyboard commands view and not to the console message, I tried no console logging, but it stops all the messages, I want to view the console message but want to type some commands as well I need preference when I am typing something on the console. Any help appreciated Thanks in advance, Raees Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9942t=9805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to tell the difference beteween a 1600 and a 1600R [7:9988]
mz is compressed and runs in memory CM -Original Message- From: Neil Schneider [mailto:[EMAIL PROTECTED]] Sent: 26 June 2001 13:33 To: [EMAIL PROTECTED] Subject: Re: How to tell the difference beteween a 1600 and a 1600R [7:9956] I am pretty sure the M means it is a compressed IOS. Neil Sam Deckert wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Check the image name from the sh ver - if it contains an 'm' it means run from memory I think. Here are the examples someone else used - you can see it from these: IOS for 1600: c1600-y-l.113-11b.bin IOS for 1600R: c1600-y-mz.120-9.bin HTH, Sam. - Original Message - From: Raul F. Fernandez-WCOMM To: Sent: Tuesday, June 26, 2001 1:38 AM Subject: How to tell the difference beteween a 1600 and a 1600R series. [7:9797] Dear Folks, Hope all is going well for everyone. I have a real quick question. From the show ver is there a way to determine the difference between a 1600 and 1600R series routers. Also will a 1600R run regualr 1600 code? Thank you. Sincerely, Raul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9988t=9988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Console command [7:9805]
will also refresh the command line. CM -Original Message- From: Richard Chang To: [EMAIL PROTECTED] Sent: 25/06/01 18:39 Subject: Re: Console command [7:9805] Try logging synchronous To synchronize unsolicited messages and debug output with solicited Cisco IOS software output and prompts for a specific console port line, auxiliary port line, or virtual terminal line, use the logging synchronous line configuration command. Use the no form of this command to disable synchronization of unsolicited messages and debug output. logging synchronous [level severity-level | all] [limit number-of-buffers] no logging synchronous [level severity-level | all] [limit number-of-buffers] Richard Raees Ahmed Shaikh wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear All, Pls suggest the command to break into the console, once it is showing lot of debugging output on the console, and we want to log into the router for checking the util etc. Can we interrupt the logging on the console to give preference to keyboard commands view and not to the console message, I tried no console logging, but it stops all the messages, I want to view the console message but want to type some commands as well I need preference when I am typing something on the console. Any help appreciated Thanks in advance, Raees Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9825t=9805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: about callback [7:9487]
From the debug output, it appears that callback was successful. I believe the problem is with Win2k. Check the Event viewer, and modem log. LLC negotiation can also be problematic. CM -Original Message- From: Eric ding To: [EMAIL PROTECTED] Sent: 22/06/01 09:09 Subject: about callback [7:9487] i want to implement async-ppp callback between an access server and a pc,also i read the following url: http://www.cisco.com/warp/customer/793/access_dial/async_ppp.html and apple it to my access router and laptop. i doesn't work! the debug output is as follow: .. (omit) .. (o02:01:03: TTY5 Callback process initiated, user: callback dialstring 85313850 02:01:11: TTY5 Callback forced wait = 30 seconds 02:01:41: CHAT5: Asserting DTR 02:01:41: CHAT5: Chat script offhook started 02:01:41: CHAT5: Chat script offhook finished, status = Success 02:01:41: CHAT5: Asserting DTR 02:01:41: CHAT5: Chat script callback started 02:02:29: CHAT5: Chat script callback finished, status = Success 02:02:29: TTY5 Exec Callback Successful - await exec/autoselect pickup 02:02:29: TTY5: DSR came up 02:02:29: TTY5: Callback in effect 02:02:29: tty5: Modem: IDLE-READY 02:02:29: TTY5: EXEC creation *Mar 1 02:02:32: %LINK-3-UPDOWN: Interface Async5, changed state to up 02:02:55: TTY5: Async Int reset: Dropping DTR 02:02:56: Async5: asking modem_process to hangup TTY5 02:02:56: TTY5: dropping DTR, hanging up 02:02:56: tty5: Modem: HANGUP-IDLE *Mar 1 02:02:57: %LINK-3-UPDOWN: Interface Async5, changed state to down 02:03:01: TTY5: restoring DTR 02:03:02: TTY5: autoconfigure probe started mit) does it a problem lie on the side of router or computer? i ues windows NT2000 5.00.2195 service pack 2 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9530t=9487 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Routing Help Please!! [7:9312]
Is the IP Address of the head office ethernet LAN private or public. If it is private, then you already have NAT setup. Merely include the remote site IP Address in the nat inside source list If it is public, then you need to setup NAT to allow the remote office access the Internet. In all cases, the remote router should be configured to default to the head office router. CM -Original Message- From: Mitesh Khatri To: [EMAIL PROTECTED] Sent: 21/06/01 14:56 Subject: IP Routing Help Please!! [7:9312] [ The following text is in the iso-8859-1 character set. ] [ Your display is set for the US-ASCII character set. ] [ Some characters may be displayed incorrectly. ] Hi! I have a problem with routing to the internet from a remote site. There is a router at the remote site (Ethernet IP Address 10.1.3.0/24) that connects to a 2-port router at the head office. One port of the router is connected to the remote site (IP address 10.1.2.0/24 for the WAN link) while the other port connectes via a lease line to a ISP (IP Address for the serial link is a Class C address). On the headoffice router I have a default route to serial 1(the ISP link). I am not using any routing protocols for the Internet link. Also there is no DNS Server at the headoffice. The users at head office are able to connect to the Internet. I need the users at the remote site to connect to the Internet and use the ISP's name server which has a Class C IP address. Can someone please advise is this can be done? Thanks, Mitesh Important Notice ***This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the post master or system manager @tfl.com.fj [Telecom Fiji Ltd.]*** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9323t=9312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access-list [7:9292]
[ The following text is in the iso-8859-1 character set. ] [ Your display is set for the US-ASCII character set. ] [ Some characters may be displayed incorrectly. ] The telnet packet sourced by router B is not checked against the access list for outbound. The return packet (from router A) is not sent to the telnet port on router B, and therefore will not match the deny statement. To make it work, I think you need to include the telnet port for both source and destination: ip access-list extended LAN deny tcp any any eq telnet deny tcp any eq telnet any permit ip any any Alternatively, apply the same access list to router A. CM -Original Message- From: Ednilson Rosa To: [EMAIL PROTECTED] Sent: 21/06/01 03:38 Subject: Access-list [7:9292] Hi Folks, I have a doubt about access-lists. I have the following topology: Router A Ethernet 0 10.0.0.1 | | 10.0.0.2 FastEth0 Router B Serial 0.1 192.168.1.1 | | 192.168.1.2 Serial 0.1 Router C I wanted to block telnet TO and FROM network 10.0.0.0. I created an access-list as follows: ip access-list extended LAN deny tcp any any eq telnet permit ip any any Applied it to Router B on Fast Ethernet 0 interface this way: interface FastEthernet0 ip access-group LAN in ip access-group LAN out Doing this I really blocked telnet from network 10.0.0.0 to routers B and C. I also blocked router C from telneting to router A (or any other host on network 10.0.0.0). But, surprisingly to me, I'm still able to telnet Router A from Router B! My question is: since I blocked telnet traffic on the interface Fast Ethernet 0 on router B for inbound and outbound, shouldn't this block my telnets from B to A?? What is missing here? Thanks in advance! Ednilson Rosa CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9330t=9292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: why there are so many IPX traffic in my network [7:9045]
IPX is layer 3 Switches operate at layer 2 CM -Original Message- From: Sim, CT (Chee Tong) To: [EMAIL PROTECTED] Sent: 20/06/01 08:14 Subject: RE: why there are so many IPX traffic in my network [7:9045] Thanks! I found the setting in the printer to disable the IPX. However Can we filter the IPX traffic on our 2900 IOS switches, and set based 5500 switches. IF yes.. what is the command to disable transmission of IPX traffic in the switches. -Original Message- From: Jim Dixon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 19, 2001 9:40 PM To: Sim, CT (Chee Tong) Subject: RE: why there are so many IPX traffic in my network [7:9045] It may be an HP JetDirect card. Get rid of it by assigning your JetDirect and or Printer an IP Address (whichever you need to do) Turn IPX off on the JetDirect Print Server. OR Filter IPX at your router and see if you can still print. Then RE_check for your IPX.. Is it still there? Did printer stop working? If so then you may want to keep IPX till you can switch to IP. -Original Message- From: Sim, CT (Chee Tong) [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 19, 2001 8:12 AM To: [EMAIL PROTECTED] Subject: why there are so many IPX traffic in my network [7:9045] Hi. I use the fluke meter and ethereal software to check the health of our network and I found there are a lot of IPX traffic in our network. But we have no Novell server here and where is the IPX traffic coming from? In the ethereal output I saw a lot of statement like source destination Protocol Info 0.0008c7280106 0.IPX SAP Nearest Query 0.0008c7280106 0.IPX SAP General Query 0.0008c7280106 0.IPX SAP General Response 0.0008c7280106 0.NBIPXFind name our domain name 0.0008c7280106 0.BROWSER Host Announcement workstation name workstation, server, print queue server, NT workstation, NT server, Potential browser. In fluke meter, I saw these IPX are mostly by printer and printer server? Why printer got something to do with IPX . How to get rid of this? Please advice Thanks -Original Message- From: jason douglas [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 19, 2001 8:38 PM To: [EMAIL PROTECTED] Subject: Re: what about ccie-pre-qualification test in boson cisco [7: 9041] I thought it was similar. frank wrote: compared with 350-001,easier or much the same? Thanks, frank -- Jason Douglas Lucent World Wide Services Pager 888-451-0755 == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9174t=9045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help with VLSM [7:9024]
I believe you can do that, if you enable subnet zero, and there won't be any address conflict because the subnet masks are different. But, you will not get the number of subnets and hosts that you have specified. This is because each time you subnet, you use up one address from the block you are subnetting from - hierachical thing. I would personally reserve bits from the assigned prefix block, and use those reserved addresses for further subnetting. That way you will not get into the pitfall where a network address is also a host address. CM -Original Message- From: Oletu Hosea Godswill, CCNA. To: [EMAIL PROTECTED] Sent: 19/06/01 07:52 Subject: Please Help with VLSM [7:9024] Hi group, Please just throw more light of this. If I have a block of ip address, can I use different subnets for different purposes like this: If my block is 216.73.203.0 1. 216.73.203.0/26 4 Networks, 64 Hosts each 2. 216.73.203.0/27 -- 8 Networks, 32 Hosts each 3. 216.73.203.0/28 -- 16 Networks, 16 Hosts each 4. 216.73.203.0/29 -- 32 Networks, 8 Hosts each 5. 216.73.203.0/30 -- 64 Networks, 4 Hosts each. My desire is to use the item 5 for all my WAN links since it only have 2 valid hosts per network and the rest for other purposes. But my problem is if I have use two same IP-addresses but from different networks (eg one from item 3 and the other from item 4 above) assigned to two different hosts on both ends of a routable network, wouldn't the system response with a conflict/duplication of IP-addresses or give some other kind of error? Eg If, I have this scenerio: Host A = 216.73.203.21 255.255.255.248 (ie a host on network 216.73.203.16/29) Host B = 216.73.203.21 255.255.255.252 (ie another host on network 216.73.203.20/30) Questions: Since both hosts are on both sides of a routable network: 1. Wouldn't there be an IP-address conflict? 2. Wouldn't it be a duplication of IP-address? 3. If I ping 216.72.207.21, which of the two host will reply? OR 4. Is it that I can only variably subnet a block of IP-addresses once, say /29 and use only hosts from that subnet and cannot do another subnetting on that same block when the need arises? These are my questions. How I wish someone can clear this, for it will help myself and many other people in the group. Rgards. Oletu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9033t=9024 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help with VLSM [7:9024]
1. The command is ip subnet-zero. It is a global config command, and can be enabled on any router. This is generally not advised, due to inherent confusion between subnet and network addresses. 2. Starting with the block 216.73.203.0/24, reserve 2 bits from the host portion, this will give you 2 new subnets (ignoring the all zeroes, and all ones) - 216.73.203.64/26, and 216.73.203.128/26. Repeat the same process, again using 2 bits from the host portion (you can use 1 bit if you like). The block, 216.73.203.64/26 will yield the subnets - 216.73.203.80/28 and 216.73.203.96/28. The other block, 216.73.203.128/26 will yield the subnets - 216.73.203.144/28 and 216.73.203.160/28. Repeat the same process to get /30 subnets. Please note that you can use any number of bits, and you can also use the first and last subnets of all subsequent blocks. Do not use the first subnet (all zeroes) of the main block (216.73.203.0), for the issue already pointed out. Hope this helps. CM -Original Message- From: Oletu Hosea Godswill, CCNA. To: Charles Manafa Sent: 19/06/01 09:31 Subject: Re: Please Help with VLSM [7:9024] Thanks a lot Charles, I did understand your point, however two key questions are really begging for your answer: 1. How and where do I enable network zero (is it on the Core Routers, Distribution Routers or the Access layer Router)? 2. How do I carry out the further sudnetting from a reserved bit as you explained in the second paragraph of your email? Regards. Oletu - Original Message - From: Charles Manafa To: Sent: Tuesday, June 19, 2001 11:06 AM Subject: RE: Please Help with VLSM [7:9024] I believe you can do that, if you enable subnet zero, and there won't be any address conflict because the subnet masks are different. But, you will not get the number of subnets and hosts that you have specified. This is because each time you subnet, you use up one address from the block you are subnetting from - hierachical thing. I would personally reserve bits from the assigned prefix block, and use those reserved addresses for further subnetting. That way you will not get into the pitfall where a network address is also a host address. CM -Original Message- From: Oletu Hosea Godswill, CCNA. To: [EMAIL PROTECTED] Sent: 19/06/01 07:52 Subject: Please Help with VLSM [7:9024] Hi group, Please just throw more light of this. If I have a block of ip address, can I use different subnets for different purposes like this: If my block is 216.73.203.0 1. 216.73.203.0/26 4 Networks, 64 Hosts each 2. 216.73.203.0/27 -- 8 Networks, 32 Hosts each 3. 216.73.203.0/28 -- 16 Networks, 16 Hosts each 4. 216.73.203.0/29 -- 32 Networks, 8 Hosts each 5. 216.73.203.0/30 -- 64 Networks, 4 Hosts each. My desire is to use the item 5 for all my WAN links since it only have 2 valid hosts per network and the rest for other purposes. But my problem is if I have use two same IP-addresses but from different networks (eg one from item 3 and the other from item 4 above) assigned to two different hosts on both ends of a routable network, wouldn't the system response with a conflict/duplication of IP-addresses or give some other kind of error? Eg If, I have this scenerio: Host A = 216.73.203.21 255.255.255.248 (ie a host on network 216.73.203.16/29) Host B = 216.73.203.21 255.255.255.252 (ie another host on network 216.73.203.20/30) Questions: Since both hosts are on both sides of a routable network: 1. Wouldn't there be an IP-address conflict? 2. Wouldn't it be a duplication of IP-address? 3. If I ping 216.72.207.21, which of the two host will reply? OR 4. Is it that I can only variably subnet a block of IP-addresses once, say /29 and use only hosts from that subnet and cannot do another subnetting on that same block when the need arises? These are my questions. How I wish someone can clear this, for it will help myself and many other people in the group. Rgards. Oletu _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9035t=9024 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSS 11000 question (Urgent) [7:8990]
I don't think the CSS is geared to perform data replication. I believe this is the responsibility of the web farm. In my former company, one of the developers wrote a real-time agent that performs this sort of replication, between servers in the web farm. CM -Original Message- From: John Neiberger To: [EMAIL PROTECTED] Sent: 18/06/01 21:39 Subject: Re: CSS 11000 question (Urgent) [7:8990] I know that these boxes can do dynamic replication of web content but you're wanting to do dynamic, instantaneous replication of per-session user data. Of the top of my head I can't think of a way to do that. Perhaps there is a way but I'm just not sure if the CSS switches have that capability. Bradley Wong 6/18/01 1:57:33 PM I have a CSS 11000 serving 4 webserver. The users are retrieving and updating the data from a sql database thru the webservers. If a webserver is crashed while the user has a session connecting to the database, CSS will switch it to the next available web server. I wonder whether or not it is possible to cache the information to another web server without having the user to re-enter the information again. Thanks. Brad [EMAIL PROTECTED] __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9037t=8990 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Static Routing [7:8896]
Are your servers configured with the correct default gateway? CM -Original Message- From: Shane Stockman To: [EMAIL PROTECTED] Sent: 17/06/01 20:08 Subject: Static Routing [7:8896] Hi I have 3 routers running a point-to-point network.There are 2 branches and the 3rd router is at the ISP.All the links are 64K and I am using static routes.I can telnet into and ping all 3 routers both serial and ethernet interfaces , but I cannot see the WINS and DNS servers at the ISP. I have put a static route on the fastethernet interface at the ISP router 0.0.0.0 0.0.0.0 fast 0 and the same route on the serial interface at the second branch which connects at to the ISP router 0.0.0.0 0.0.0.0 serial 1. B But after that I still cannot see those 2 servers from branch1 and 2.If I do a show arp on the ISP router I can see the 2 servers and ping them from that router, but not from the other 2. BRANCH164k Link--BRANCH264K Link-ISP--Ethernet--Servers Thanks _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8922t=8896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Newbie Question [7:8933]
How do you intend to bring up a dead router through an attached modem. Do you mean if an interface goes down? -Original Message- From: Brian Fitzpatrick To: [EMAIL PROTECTED] Sent: 18/06/01 12:11 Subject: Newbie Question [7:8933] Hi, how do I set up a router with a dial in modem? Is it just a matter of plugging in the serial port and connecting to an analogue line or is it way more complex? The moden needs to be there so that If it(Router) ever goes down, I can dial in and bring it back up. Thanks in advance. Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8937t=8933 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPX EIGRP [7:8694]
Redistribution will be required if you use different AS numbers. CM -Original Message- From: ejobson [mailto:[EMAIL PROTECTED]] Sent: 15 June 2001 12:13 To: [EMAIL PROTECTED] Subject: IPX EIGRP [7:8694] If asked to use IPX EIGRP in the lab, are there any advantages or diadvantages in using different AS's? For example if IPX EIGRP was used over Frame Relay and also across a VLAN, should all IPX networks be within one autonomous sytems or is it better to use different ones? Is redistribution then needed or does it share routes like OSPF areas do? Can't find that much information on this in the books I have or CCO. Thanks in advance. Eddie Jobson Internetworking Solutions Engineer Thrupoint Inc. 1 The Square Stockley Park Uxbridge Middlesex UB11 1JJ Tel: +44 (0)208 831 8300 Cell: +44 (0)7867 505635 www.thrupoint.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8716t=8694 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reverse Telnet Problem. [7:8455]
Try pressing once the line is open. CM -Original Message- From: Tariq Azad [mailto:[EMAIL PROTECTED]] Sent: 14 June 2001 09:41 To: [EMAIL PROTECTED] Subject: Re: Reverse Telnet Problem. [7:8455] Hello everybody. I am unable to do reverse telnet to my Cisco 2503 router from Cisco 2511 router. Please look at my config file and let me know please what should I do next. Cables are checked and other router is also working properly. Thanks Thanks for your quick reply. Here is my config file output : ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname Cisco2511 ! enable secret 5 $1$c0aW$ptfFTXZoEHB7aJW/u8EVw1 enable password cisco ! ! interface Loopback1 ip address 1.1.1.1 255.0.0.0 ! interface Ethernet0 ip address 192.168.0.1 255.255.255.0 ! interface Serial0 ip address 172.16.0.1 255.255.0.0 clockrate 64000 ! interface Serial1 ip address 10.0.0.1 255.0.0.0 ! ip host R1 2001 1.1.1.1 no ip classless logging buffered ! line con 0 line 1 16 session-timeout 20 no exec exec-timeout 0 0 transport input all line aux 0 line vty 0 4 exec-timeout 60 0 password login ! end Please look at it and let me know please. Thanks TARIQ - Original Message - From: Tariq Azad To: Circusnuts Sent: Thursday, June 14, 2001 4:25 AM Subject: Re: Reverse Telnet Problem. [7:8455] Thanks for your quick reply. Here is my config file output : ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname Cisco2511 ! enable secret 5 $1$c0aW$ptfFTXZoEHB7aJW/u8EVw1 enable password cisco ! ! interface Loopback1 ip address 1.1.1.1 255.0.0.0 ! interface Ethernet0 ip address 192.168.0.1 255.255.255.0 ! interface Serial0 ip address 172.16.0.1 255.255.0.0 clockrate 64000 ! interface Serial1 ip address 10.0.0.1 255.0.0.0 ! ip host R1 2001 1.1.1.1 no ip classless logging buffered ! line con 0 line 1 16 session-timeout 20 no exec exec-timeout 0 0 transport input all line aux 0 line vty 0 4 exec-timeout 60 0 password login ! end Please look at it and let me know please. Thanks TARIQ - Original Message - From: Circusnuts To: Sent: Wednesday, June 13, 2001 9:19 PM Subject: Re: Reverse Telnet Problem. [7:8455] Show us the config. My guess is that you have No Exec instead of No Exec timeout on the vty's or maybe a password needs to be set. Phil - Original Message - From: Tariq Azad To: Sent: Wednesday, June 13, 2001 8:55 PM Subject: Reverse Telnet Problem. [7:8455] Hello Everybody ! I am trying to telnet my Cisco 2503 router from Cisco 2511 router. I am getting the follwing message Trying Cisco2503 (1.1.1.1 2001) open but I am not getting any thing on screen. My Cisco 2503 router is working OK and I can use regular console cable with my Cisco 2503 router without any problem. Please let me know how to configure this reverse telnet with Cisco 2511 Thanks TARIQ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8492t=8455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IRDP, why isn't it used more often [7:8425]
IRDP can use either multicast and broadcast. Obviously it makes more sense to use multicast if the routers and hosts support it. Cisco and Nortel routers can be configured to use either. Windows OS can be configured to listen to either broadcast or multicast. I used IRDP to provide fault tolerance in a mixed vendors environment, where it is not possible to use either HSRP or VRRP. The problem with configuring a workstation with multiple gateways, instead of using IRDP, is that the TCP Dead Gateway Detection process relies on TCP timing out on a default gateway, before switching to the secondary gateway. In a typical user environment, this can take a very very long time, at times a network admin would have to perform an operation that will trigger the dead gateway detection (such as telnet to the dead router). Manipulating the IRDP timers is crucial to a transparent fault tolerance environment, without cluttering the bandwidth with unecessary IRDP broadcast/multicast. CM -Original Message- From: Kim Edward B [mailto:[EMAIL PROTECTED]] Sent: 13 June 2001 23:55 To: [EMAIL PROTECTED] Subject: RE: IRDP, why isn't it used more often [7:8425] I agree on the 'not natively implemented in the most common o/s' part' but doesn't IRDP use Multicast instead of Broadcast? I know that IRDP uses the all-systems multicast address (224.0.0.1) which is sort of a broadcast in a multicast group but I think it still uses multicast for the communication. Let me know. Edward -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 13, 2001 6:29 PM To: [EMAIL PROTECTED] Subject: RE: IRDP, why isn't it used more often [7:8425] Broadcast intensive and not natively implemented in the most common o/s would be my guess. -Original Message- From: Kane, Christopher A. [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 13, 2001 6:01 PM To: [EMAIL PROTECTED] Subject: IRDP, why isn't it used more often [7:8425] I've read several times that IRDP allows hosts to discover gateway routers. But every time I read that it's followed by the statement that it's seldom used. Does anybody know why? It seems like it would come in handy for failover purposes. Chris * DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8493t=8425 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reverse Telnet Problem. [7:8455]
The only thing you've got missing from your config is transport preferred telnet. If that doesn't fix it, then you may have cabling issues. CM -Original Message- From: Tariq Azad [mailto:[EMAIL PROTECTED]] Sent: 14 June 2001 10:56 To: Charles Manafa Cc: [EMAIL PROTECTED] Subject: Re: Reverse Telnet Problem. [7:8455] I did and there was no result. Thanks - Original Message - From: Charles Manafa To: 'Tariq Azad' ; Sent: Thursday, June 14, 2001 4:51 AM Subject: RE: Reverse Telnet Problem. [7:8455] Try pressing once the line is open. CM -Original Message- From: Tariq Azad [mailto:[EMAIL PROTECTED]] Sent: 14 June 2001 09:41 To: [EMAIL PROTECTED] Subject: Re: Reverse Telnet Problem. [7:8455] Hello everybody. I am unable to do reverse telnet to my Cisco 2503 router from Cisco 2511 router. Please look at my config file and let me know please what should I do next. Cables are checked and other router is also working properly. Thanks Thanks for your quick reply. Here is my config file output : ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname Cisco2511 ! enable secret 5 $1$c0aW$ptfFTXZoEHB7aJW/u8EVw1 enable password cisco ! ! interface Loopback1 ip address 1.1.1.1 255.0.0.0 ! interface Ethernet0 ip address 192.168.0.1 255.255.255.0 ! interface Serial0 ip address 172.16.0.1 255.255.0.0 clockrate 64000 ! interface Serial1 ip address 10.0.0.1 255.0.0.0 ! ip host R1 2001 1.1.1.1 no ip classless logging buffered ! line con 0 line 1 16 session-timeout 20 no exec exec-timeout 0 0 transport input all line aux 0 line vty 0 4 exec-timeout 60 0 password login ! end Please look at it and let me know please. Thanks TARIQ - Original Message - From: Tariq Azad To: Circusnuts Sent: Thursday, June 14, 2001 4:25 AM Subject: Re: Reverse Telnet Problem. [7:8455] Thanks for your quick reply. Here is my config file output : ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname Cisco2511 ! enable secret 5 $1$c0aW$ptfFTXZoEHB7aJW/u8EVw1 enable password cisco ! ! interface Loopback1 ip address 1.1.1.1 255.0.0.0 ! interface Ethernet0 ip address 192.168.0.1 255.255.255.0 ! interface Serial0 ip address 172.16.0.1 255.255.0.0 clockrate 64000 ! interface Serial1 ip address 10.0.0.1 255.0.0.0 ! ip host R1 2001 1.1.1.1 no ip classless logging buffered ! line con 0 line 1 16 session-timeout 20 no exec exec-timeout 0 0 transport input all line aux 0 line vty 0 4 exec-timeout 60 0 password login ! end Please look at it and let me know please. Thanks TARIQ - Original Message - From: Circusnuts To: Sent: Wednesday, June 13, 2001 9:19 PM Subject: Re: Reverse Telnet Problem. [7:8455] Show us the config. My guess is that you have No Exec instead of No Exec timeout on the vty's or maybe a password needs to be set. Phil - Original Message - From: Tariq Azad To: Sent: Wednesday, June 13, 2001 8:55 PM Subject: Reverse Telnet Problem. [7:8455] Hello Everybody ! I am trying to telnet my Cisco 2503 router from Cisco 2511 router. I am getting the follwing message Trying Cisco2503 (1.1.1.1 2001) open but I am not getting any thing on screen. My Cisco 2503 router is working OK and I can use regular console cable with my Cisco 2503 router without any problem. Please let me know how to configure this reverse telnet with Cisco 2511 Thanks TARIQ [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8502t=8455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Recall: Reverse Telnet Problem. [7:8455]
Charles Manafa would like to recall the message, Reverse Telnet Problem. [7:8455]. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8503t=8455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help! Urgent!!! [7:8485]
no ip proxy-arp will stop R2 from responding, but this is not what you want. You can either use floating static route, or run an IGP between the routers. If using floating static route, then it will only need to be configured on R2 and Ra. CM -Original Message- From: Vichai Viriyathanaporn [mailto:[EMAIL PROTECTED]] Sent: 14 June 2001 14:38 To: [EMAIL PROTECTED] Subject: Please Help! Urgent!!! [7:8485] My company have an Alpha Server at Head Office. The server's IP address is 10.1.1.1 and netmask is 255.0.0.0. This Alpha Server OS version can not change the subnet mask. My company have sevaral branch. The Nework Number on each brach look like 10.2.0.0, 10.3.0.0, 10.4.0.0, . I cannot add static route like 10.2.0.0, 10.3.0.0, ... on Alpha Server.Because it's not accept. (It's Network Number is 10.0.0.0) At Head Office, There are 2 Cisco Routers to Connect to branch A. Each Router connect to branch A on different Path. There are only one router at branch A but two Serial interface. The 1st Serial interface connect to H/O. The another connect to the other branch. Let's say the Network Number of Branch A is 10.2.0.0. Pls. see the picture H/O-R1--Ra---Brach A | | |--R2--{Rx--Branch C--Rx}- When Server at H/O send packet to address 10.2.1.1 that the host address in branch A. It broadcast then R1 an R2 catch the packet then tried to send to branch A. Cisco Router automatically send the packet. (There are no static route to brach A on Server (because I cannot do that, the server does not accept it) and the Default Route is not both R1 and R2.) I want R1 is a main router to send packet. If Serial interface of R1 down then R1 send the packet to R2. (I do this by manual configure static route and set the cost on R1) But in the real world it cannot do like that. Because R1 and R2 are automatically forward the packet. Is there a command to disable the automatically forward? Don't try to tell me to change the IP Numbering because there are a lot of factor that I can not do that. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8521t=8485 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ARP and TCP/IP layering [7:8335]
I think that ARP straddles both Layer 2 and Layer 3. It does not completely belong to either. CM -Original Message- From: Dr Rita Puzmanova To: [EMAIL PROTECTED] Sent: 13/06/01 14:58 Subject: ARP and TCP/IP layering [7:8335] Hi all, Trivial yet fundamental question. I have seen ARP described as part of the network (internet) layer so many times that I have started to believe it belongs there (although I know well that it operates as if the Layer 2 protocol - as per OSI RM). Now I have eventually come across Doug Comer's statement: It's part of the network interface layer. I should not ask where the truth is but still I will. That would mean quite a lot of books are incorrect in this (including Cisco materials). Rita Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8341t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A bit C bit [7:8206]
Address was recognised, but the frame was not copied due to insdufficient buffer - congestion in the ring? CM -Original Message- From: Pickard, Richard To: [EMAIL PROTECTED] Sent: 12/06/01 18:36 Subject: A bit C bit [7:8206] 6/12/2001 11:00am Tuesday =20 How should a source station interpret a frame returned with the A bit set but not the C bit ? =20 =20 Richard L. Pickard CCNP NNCSE MCSE A+ Corporate PC Source [EMAIL PROTECTED]=20 (630) 508-1508 =20 [GroupStudy.com removed an attachment of type image/gif which had a name of btzhsepa.gif] [GroupStudy.com removed an attachment of type image/gif which had a name of Network Blitz Bkgrd.gif] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8243t=8206 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF over NBMA [7:7941]
Point to point requires different subnet for each link, and a lot of manual configuration on the hub side. CM -Original Message- From: Burnham, Chris [mailto:[EMAIL PROTECTED]] Sent: 11 June 2001 09:31 To: [EMAIL PROTECTED] Subject: OSPF over NBMA [7:7941] Whenever reading about OSPF there seems to be a great deal of emphasis on NBMA in a multipoint enviroment. Why would you want to implement mulipoint when you could uses point to point between remote offices connecting back to area0 ?? Chris Burnham, Systems Engineer, Delphis Consulting Plc. Tel: +(44) 020 7916 0200 Mob: +(44) 07799403576 [EMAIL PROTECTED] This e-mail and any files transmitted with it are intended solely for the addressee and are confidential. They may also be legally privileged. Copyright in them is reserved by Delphis Consulting PLC [Delphis] and they must not be disclosed to, or used by, anyone other than the addressee. If you have received this e-mail and any accompanying files in error, you may not copy, publish or use them in any way and you should delete them from your system and notify us immediately.E-mails are not secure. Delphis does not accept responsibility for changes to e-mails that occur after they have been sent. Any opinions expressed in this e-mail may be personal to the author and may not necessarily reflect the opinions of Delphis. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7944t=7941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IGRP [7:7966]
RIP and IGRP only maintain the routing table. I don't believe any other table/database is used. CM -Original Message- From: Lupi, Guy [mailto:[EMAIL PROTECTED]] Sent: 11 June 2001 15:55 To: [EMAIL PROTECTED] Subject: RE: IGRP [7:7966] I know that the RIB is sent on a regular basis, but even RIP has a show ip rip database that will show you routes that the router has seen but did not install in the table. I am looking for a command that will do something similar to this. I cannot find one in any documentation that I have, I was hoping that someone else has also encountered this. It is very possible that the command does not exist, but I was hoping that is not the case. -Original Message- From: Philip Barker [mailto:[EMAIL PROTECTED]] Sent: Monday, June 11, 2001 10:19 AM To: Lupi, Guy; [EMAIL PROTECTED] Subject: Re: IGRP [7:7966] IGRP is a distance vector routing protocol whereby the RIB is sent on a regular basis. There isn't a database to my knowledge as you find with OSPF and EIGRP. Phil. - Original Message - From: Lupi, Guy To: Sent: Monday, June 11, 2001 2:03 PM Subject: IGRP [7:7966] I set up IGRP in a lab this weekend, studying up on the earlier protocols. What I need to know is, how would I go about seeing all the routes in the database so I can determine what routes the router is seeing in addition to what is in the routing table? I could not find a show ip igrp database or anything similar. I ended up having to set the variance to the maximum (128), looking at all the routes and their corresponding metrics, and then setting the variance command again to install only those routes I wanted. Thanks in advance for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8010t=7966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IGRP [7:7966]
Note that the rip database only contain summary address entries for subnets in the routing table. The subnets in the routing table must exist for this database to be created. Also, the database is created if ip rip triggered extension is enabled. CM -Original Message- From: West, Karl [mailto:[EMAIL PROTECTED]] Sent: 11 June 2001 16:34 To: [EMAIL PROTECTED] Subject: RE: IGRP [7:7966] yep..it does... 12.07T on a 3640. bb1.li#sh ip rip database 198.207.193.0/24auto-summary 198.207.193.0/24directly connected, FastEthernet0/0 198.207.193.238/32 [1] via 198.207.193.46, 00:00:30, FastEthernet0/0 202.19.125.0/24auto-summary 202.19.125.0/24 [1] via 198.207.193.4, 00:00:17, FastEthernet0/0 204.180.230.0/24auto-summary 204.180.230.14/32 [1] via 198.207.193.45, 00:00:02, FastEthernet0/0 204.180.230.38/32 [1] via 198.207.193.46, 00:00:30, FastEthernet0/0 204.180.230.48/32 [1] via 198.207.193.46, 00:00:30, FastEthernet0/0 204.180.230.58/32 ...[snip] -Original Message- From: Philip Barker [mailto:[EMAIL PROTECTED]] Sent: Monday, June 11, 2001 11:01 AM To: [EMAIL PROTECTED] Subject: Re: IGRP [7:7966] I havn't seen 'sh ip rip database' . What IOS are you running with ? Phil. - Original Message - From: Lupi, Guy To: 'Philip Barker' ; Sent: Monday, June 11, 2001 3:37 PM Subject: RE: IGRP [7:7966] I know that the RIB is sent on a regular basis, but even RIP has a show ip rip database that will show you routes that the router has seen but did not install in the table. I am looking for a command that will do something similar to this. I cannot find one in any documentation that I have, I was hoping that someone else has also encountered this. It is very possible that the command does not exist, but I was hoping that is not the case. -Original Message- From: Philip Barker [mailto:[EMAIL PROTECTED]] Sent: Monday, June 11, 2001 10:19 AM To: Lupi, Guy; [EMAIL PROTECTED] Subject: Re: IGRP [7:7966] IGRP is a distance vector routing protocol whereby the RIB is sent on a regular basis. There isn't a database to my knowledge as you find with OSPF and EIGRP. Phil. - Original Message - From: Lupi, Guy To: Sent: Monday, June 11, 2001 2:03 PM Subject: IGRP [7:7966] I set up IGRP in a lab this weekend, studying up on the earlier protocols. What I need to know is, how would I go about seeing all the routes in the database so I can determine what routes the router is seeing in addition to what is in the routing table? I could not find a show ip igrp database or anything similar. I ended up having to set the variance to the maximum (128), looking at all the routes and their corresponding metrics, and then setting the variance command again to install only those routes I wanted. Thanks in advance for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8008t=7966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how-to restrict modem incoming call, allow only out-going [7:8009]
Try no modem dialin, no modem callin, or disable modem autoanswer on the modem (AT command) CM -Original Message- From: kevin jones [mailto:[EMAIL PROTECTED]] Sent: 11 June 2001 13:48 To: [EMAIL PROTECTED] Subject: how-to restrict modem incoming call, allow only out-going [7:7963] I connect a US robotics 33.6kbps to one the async-line of the 3640 router. This async line will be used to dial-out to other Cisco devices. I would like to be able to allow outboundconnection on this line. What this mean is that nobody will be able to dial-in to this accessserver through the POTS line. For example, let say that the async-line is connected to amodem with a phone 202-637-7000. Users are allowed to telnet to the router, then reversetelnet to the async-line, and finally dial-out. If anyone tries to connect to the access-sever viadialing into the number 202-637-7000, access will be dennied. How can I make thishappen? I have look through a lot of Cisco documentation but couldn't find the answer.There is no such command modem out. I only see the command modem InOut but thatwill allowed users from dialing into the router which is something I don't want for security. Here is my configuration: line aux 0 login local modem InOut modem autoconfigure type usr_courier transport input all speed 115200 flowcontrol hardware Please helpKevin -- -- Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8009t=8009 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP Query [7:7879]
I don't believe HSRP alters the routing behaviour of a router, hence a router will always install the best path to a destination into its routing table - be it through an HSRP standby router. Why would you want to enable ICMP redirect, even though it negates the object of running HSRP. I would expect the firewall to behave like an ordinary host, and use the redirected router for that particular destination. CM -Original Message- From: Rashid Lohiya To: [EMAIL PROTECTED] Sent: 10/06/01 16:23 Subject: HSRP Query [7:7879] Guys, I need confirmation of a HSRP design. I have 2 x Routers configured for HSRP on a LAN. A packet is sent from a Firewall on the LAN to the HSRP virtual address, as the (default gateway). The packet reaches the active router, (highest priority). It compares the packets destination address/subnet in its routing table. A). Will it send the packet back on the LAN, (to the standby routers real LAN interface address), if it finds that the standby router has a shorter route to the destination, than itself? Or B). Will it ignore that fact and shoot it accross its own WAN link regardless. I haven't had time to lab this just yet, but I'm quite sure the answer should be A. 2nd query is I understand that ICMP redirect is switched off by default if HSRP is used, even if I was to switch this on, I was wondering if a standard firewall would actually take notice of the redirect and send the next packet to the router with the shorter path as advised by the ICMP redirect, rather than to the statically set default gateway, pointing to the virtual HSRP address. Regards, Rashid Lohiya [EMAIL PROTECTED] 020 8509 2990 07785 362626 www.pioneer-computers.com London UK Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7897t=7879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 5000 series from where? [7:7533]
Crescendo -Original Message- From: Neil Schneider To: [EMAIL PROTECTED] Sent: 07/06/01 16:14 Subject: Catalyst 5000 series from where? [7:7533] What was the name of the Company that cisco bought for the 5000 series switches? Neil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7658t=7533 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ipsec question [7:7568]
IPSec is not reliant on any routing protocol, but routed protocol - IP. You must have IP configured to use IPSec (IP Security). CM -Original Message- From: Dar To: [EMAIL PROTECTED] Sent: 07/06/01 18:56 Subject: ipsec question [7:7568] Cant we configure ipsec over routers running any routing protocol ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7659t=7568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Transparent Bridging ? [7:7126]
Check your addressing. Both PCs should be on the same subnet, and do not require a default gateway. A PC should not be configured with the IP address of a bridge as the default gateway. CM -Original Message- From: Philip Barker To: [EMAIL PROTECTED] Sent: 04/06/01 20:22 Subject: Transparent Bridging ? [7:7126] Hi Group, I vill say ziss only vonce. Okay, its my second attempt at trying to work out how I can bridge IP across to 2500's. I have 2 2500's configured with no ip routing. 2 PC's are connected at either end, i.e one to bridge 1 and one to bridge 2. I have a sniffer on both PC's. I am attempting to ping from one PC to the other. IEEE spanning tree is applied on both bridges. The bridges are connected via a serial cable and the serial ports of the bridges as well as the Ethernet ports are in bridge group 1. I have verified spanning tree operation and one of the serial ports has been elected root port on bridge 1, the other bridge is the designated bridge. Ref : Radia Perlman, Interconnections p.83. So far so good. I have configured the PC's with a default gateway to the IP address of each of the bridges. When I attempt to ping from one PC to the other, I can see from my Sniffer trace that the PC ARP's for the MAC Address of the bridge, this ARP is successful and the PC then sends out an ICMP echo request. This echo request appears to be my problem since the destination MAC address of this packet contains the Ethernet Mac address of the local bridge and the local bridge consequently disregards the packet. Should the PC have an ARP entry installed for the destination IP address that I am pinging ? Has anyone achieved this scenario ? or am I way off mark with my thinking here. The reason I set this LAB up was because so many questions appear to be being asked at CCIE written level akin to this setup i.e can PC 1 ping PC 2 in similar arrangement using (RSRB/DLSW+/SRB etc) Any comments welcome. Regards, Phil. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7147t=7126 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Diffie-Hellmen [7:6539]
I believe Diffie-Hellman is used to protect the initial key exchanges (IKE). IKE in turn is not necessary, but enhances the way IPSEC works. For instance, IKE automatically negotiates SAs for IPSec, which eliminates the need to manually configure all the IPSec security parameters. It also facilitates dynamic change of encryption keys during IPSec sessions. There's also scalability issue, etc. Unless you have any compelling reasons for not using IKE, my advice is to configure an ISAKMP Policy, and you are done with it. CM -Original Message- From: Rick Holden [mailto:[EMAIL PROTECTED]] Sent: 31 May 2001 01:26 To: [EMAIL PROTECTED] Subject: VPN Diffie-Hellmen [7:6539] I am a little confused why Diffie-Hellmen's key exchange is needed for IKE. When I setup ISAKMP, regardless of the authentication I am using I need to supple a key weather pre-share, public/private, or RSA sig. If this is the case why can't the two VPN peer just use this key for setting up the VPN tunnel or vice versa why can't Diffie-Hellmen's key exchange be used instead of the ISAKMP keys. I hope my question is clear. It just seems Diffie-Hellmen is used to create secret keys and I have to create secret key myself to setup IKE. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6584t=6539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Local director [7:6535]
Use alias ip address to assign the LD an address on the VLAN 2 subnet. CM -Original Message- From: Magnus Thorne [mailto:[EMAIL PROTECTED]] Sent: 31 May 2001 00:12 To: [EMAIL PROTECTED] Subject: Local director [7:6535] Firewall | -- VLAN 1 | Local Director | ---VLAN 2 | Server I'm getting ping loss going to my default gateway. Is there any problem with having the local director bridge? Both its interfaces are connected to the same switch. The switches are seeing the firewall's MAC on both VLAN 1 and VLAN 2. I'm guessing that it is because the local director is bridging, instead of using it as a router and point the servers at it. Currently the default route from the servers are the firewall. Servers on VLAN 1 and VLAN 2 are having this ping loss problem. The servers seem to talk fine locally, since they don't have to go their default route. thanx, -Mag FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6585t=6535 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579]
Try using DHCPLOC to monitor DHCP requests/replies traffic. This will give you an indication as to why clients can not lease IP addresses. I believe the reason why clients that move from one VLAN to another keep getting the same IP address is because they are trying to renew the existing IP address. Those clients need to release their IP addresses before attempting to obtain a new one: IPCONFIG /RELEASE; IPCONFIG /RENEW CM -Original Message- From: Jeroen Timmer [mailto:[EMAIL PROTECTED]] Sent: 31 May 2001 10:03 To: [EMAIL PROTECTED] Subject: RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] We have a configuration at our company that has the same configuration as you just described. But somewhere along the line .. This doesn't seem to work that well. We got about 4 vlans, all vlan interfaces have an ip helper address to our DHCP server. Problem is that 8 out of 10 times, a DHCP client doesn't get an ip address. We used an Windows NT server as DHCP but also Nortel's NetID. Both systems give the same problems. Some times a user moves from one vlan to the other but gets an ip address from the old vlan he was in before he did a DHCP request for his new VLAN. We have been trying to find the solution but didn't succeed sofar, maybe somebody had this before and is willing to share it with me. We use a Cisco cat 6500 to handle to forwarding to the DHCP server and the VLAN routing, as access switches we have Cisco cat 3500. Thnx in advance, JT -Original Message- From: Pawel Sikora [mailto:[EMAIL PROTECTED]] Sent: donderdag 31 mei 2001 10:49 To: [EMAIL PROTECTED] Subject: Re: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] - Original Message - From: Sam Deckert The problem is the client wants to use DHCP, so that people in the offices can simply plug in and away they go. But how would you go about implementing a DHCP server in this situation?? In order to allocate an address from the appropriate range, the DHCP server needs to be aware of the VLAN that the client DHCP request came from. I have not been able to find a DHCP server that has this capability whatsoever. I am sure this has been done before - does anyone know how or have any suggestions?? At the edge of each VLAN, an instance of router subinterface is obviously needed. You can configure at each subinterface ip helper address pointing to a real dhcp server located anywhere. Router then forwards any dhcp requests broadcasted by stations in vlans with apopriate subnet info, that dhcp server can use a defined scope for each vlan. Server than answers with lease data to the requestor via directed broadcast. (im not sure if such way) For example NT dhcp server service works flawlessy with such topology, with many different scopes. Pawel/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6588t=6579 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Intrusion Detection [7:6494]
...I thought STFW stands for STir Fried Wice -Original Message- From: Russ Kreigh [mailto:[EMAIL PROTECTED]] Sent: 30 May 2001 22:30 To: [EMAIL PROTECTED] Subject: Re: Intrusion Detection [7:6494] STFW! - Original Message - From: Christopher Kolp To: Sent: Wednesday, May 30, 2001 4:02 PM Subject: RE: Intrusion Detection [7:6494] link please -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russ Kreigh Sent: Wednesday, May 30, 2001 4:48 PM To: [EMAIL PROTECTED] Subject: Re: Intrusion Detection [7:6494] Snort is also a decent one for the price (free) - Original Message - From: William E. Gragido To: Sent: Wednesday, May 30, 2001 3:11 PM Subject: RE: Intrusion Detection [7:6494] Check out Intrusion.com They make some truly great products -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mel Chandler PMI Sent: Wednesday, May 30, 2001 2:08 PM To: [EMAIL PROTECTED] Subject: Intrusion Detection [7:6494] Has any had the opportunity to evaluate an intrusion detection system? I know Cisco makes one, not sure what it runs for an OS and how well it's put together. Have looked at Cabletron, excuse me, Enterasys, and Webtrends. Anyone offer any insight? Mel L. Chandler, A+, Network+, MCNE, MCDBA, MCSE+I, CCNA [EMAIL PROTECTED] Network Analyst Information Services PMI Delta Dental (562) 467-6627 FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6589t=6494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can anyone shed the light on Cisco AUX port? [7:6640]
Cisco 2600 is a modular router like the 3600, and is capable of supporting two modules. Whether or not these slots are populated, it doesn't change the tty numbering, i.e slot 0: 0-31, slot 1: 32-64 etc. As the AUX port is the last tty + 1, the AUX port is 65 on a 2600. CM -Original Message- From: Sean Young To: [EMAIL PROTECTED] Sent: 31/05/01 19:19 Subject: Can anyone shed the light on Cisco AUX port? [7:6640] I am hoping someone on the group can explain to me the following situation: I've noticed that on the Cisco 2500s platform, the AUX port is listed on line 1 (sine consoleport is on line 0). However, on Cisco 2600s platform, the AUX port is listed on line 65(console port is still at line 0). On the cisco 3640 router, if I put my FE module in slot 0, thenthe AUX port is listed on line 129. If I put my FE module in slot 3, then the AUX port is listed on line 97. I understand why that is the case on Cisco 2500s and 3600s platform, but apparently, the 2600s platform is really out of wack. Why doesn't Cisco make themconsistent on all platforms? I work for an ISP shop and it is hard for me to new network engineering folks about this especially when it involves async-lines, AS5300, Radius andTACACS (you get the point). I guess when Cisco controls about 90% market share of the router market, it really doesn't give a f___ about these things. No wonder why Juniper andAvici are kicking Cisco's ass in the carrier market because it makes the product moreuser-friendly (until it becomes just as big as Cisco then those guys will start acting arrogant). An explaination from anyone in this group is very appreciate. Sean Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6661t=6640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP Problem [7:6376]
Check with Interpacket. They've probably assigned a higher local preference to routes coming from you. CM -Original Message- From: Osama Kamal [mailto:[EMAIL PROTECTED]] Sent: 30 May 2001 07:48 To: [EMAIL PROTECTED] Subject: BGP Problem [7:6376] We have a problem with BGP , We need your advice to isolate the cause and solve the problem . We have three downlinks and two upliks . We use BGP at one way for incoming traffics . So we advertise our own IPs through the three providers Interpacket , Netvision and paltel . We successfully do BGP peers with the three links . I do tests to see how the world see us . I do test from the site ( http://www.1anetworks.com/test1.htm ) . The result is that : 1- When the three links on ( BGP sessions ) Most of the world reach us through Interpacket . 2- I do individual Test for every BGP session alone . and all the three advertise our routes . 3- For example from Telehous1-UK the as-path =4 through Interpacket , as-path = 4 Through Netvision and = 6 from Paltel . 4- I prepend the routes through Interpacket so as-path =6 . the expect result must be that Telehous1-UK reach us through Netvision . But in fact the whole world still reach us through Interpacket Which means that the AS-PATH is not the factor in that issue. So What do you think the Cause . and What you advise us to do . FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6389t=6376 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: The most and least significant bits [7:5882]
The significant indicates how the bits are stored in memory, which follows the big-endian/little-endian paradigm. In big-endian the most significant bit is stored first (IBM), whereas in little-endian, the least significant bit is stored first (every body else). CM -Original Message- From: Dasari [mailto:[EMAIL PROTECTED]] Sent: 25 May 2001 09:09 To: [EMAIL PROTECTED] Subject: The most and least significant bits [7:5882] Hi folks: I am trying to grapple with the address conversion issues between unlike media (ie ethernet and tokenring). I have seen in this occassion and elsewhere people/books referring to the most and the least significant bits. My question here is what really are these bits. The word signifcant, at least as I understand it, describes the importance of a noun/pronoun it qualifies (either in relation to some other noun/pronoun or by itself). It seems the usage in the context of hardware addresses seem to refer to the position of a bit in a byte , for example, in 1000 the most significant bit is 1 and the least significant bit is 0. It looks like this stands true wether the address is represented canonically or non-canonically. Am I right here in assuming it? Can somebody comment on it. Thanks for your help. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5886t=5882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Distributed Director [7:5794]
Distributed Director works great when used in conjunction with Local Directors spread across multiple sites. When deploying DD bear in mind that the DD merely determines the best server (webfarm) that can service the client, based on configurable parameters, then returns the IP address of the server to the client. This means that the DD is authoritative over the subdomain (www.abc.com). The primary DNS server for abc.com needs to have an NS entry in its zone file for the DD. I guess the most important part of the deployment is how the DD determines the best server. It can use feedback from edge routers (DFP) to determine the server closest to the client. This is quite sophisticated, and can include BGP attributes (such as AS-Path), and RTT. Hope this helps. CM -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 24 May 2001 22:32 To: [EMAIL PROTECTED] Subject: Distributed Director [7:5794] Anyone have any real world experience with the Distributed Directors (4700-M) ? Any pointers would be much appreciated. Thanks, Duncan Duncan Wallace Network Engineer 800.COM Inc. 1516 NW Thurman St Portland, OR 97209-2517 Direct: 503.944.3671 Cell: 503.969.8248 Fax: 503.943.9371 Web: http://800.com Email: [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5892t=5794 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple ISP Leased Line [7:5536]
What is the purpose of ISP2 if it can not route your address space. Do you have 2 ISP assigned address space? Who's hosting your secondary DNS? CM -Original Message- From: imran obaidullah [mailto:[EMAIL PROTECTED]] Sent: 23 May 2001 09:09 To: [EMAIL PROTECTED] Subject: Multiple ISP Leased Line [7:5536] Hi friends, WEBSEVER--FIREWALL---(E0)ROUTER1(S0)-(S0)ROUTER2(ISP1) --INTERNET | | (S1)-(S0)ROUTER3(ISP2)--INTERNET I have Webserver which is NATed with the Valid IP from ISP1 and has DNS entry at the ISP1 site. If the user is trying to access the webserver from the net, he will goto ISP1 and from there he will reach the webserver. If the Link btn ISP1 and ROUTER1(S0) goes down, how the user will access the websrever from the net. I know I cannot have multiple DNS entry for the same hostname even with multiple ISP. My objective is the User should still access the net through redundant ISP link. Is there any solution for this. regards imran __ ___ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5543t=5536 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Written [7:5188]
...also add Boson prep tests in your shopping list (they are must have) CM -Original Message- From: EA Louie [mailto:[EMAIL PROTECTED]] Sent: 21 May 2001 05:17 To: [EMAIL PROTECTED] Subject: Re: CCIE Written [7:5188] Gary - in a word, Tons. Start with the Blueprint http://www.cisco.com/warp/public/625/ccie/certifications/rsblu eprint.html and assess yourself with the subjects (I have a self-assessment spreadsheet that you're welcome to have on request) Then, look at their Recommended Reading list http://www.cisco.com/warp/public/625/ccie/certifications/routi ng.html#34 Towards the bottom of the list, there are LOTS of links to Cisco-generated documents that you can have for free (well, for the cost of bits on a disk, or sheets of 8-1/2 x 11 paper) Finally, when you feel you have the subject matter pretty well handled, there's a great book that my one of my study partners has loaned me CCIE Prep Kit CCIE 350-001 Routing and Switching, published by Que ISBN 0-7897-2359-x which will ice the cake for you. If you have lots of experience, your reading will probably be more on the theoretical side. If you have little or no experience, you'll need some of the background information that's provided in the Cisco docs. hth... -e- - Original Message - From: Gary Hughes To: Sent: Sunday, May 20, 2001 11:28 AM Subject: CCIE Written [7:5188] Any good books or study material recommended for the CCIE Written test? FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5244t=5188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP Statechage [7:4403]
Check the switch the routers are connected to. CM -Original Message- From: Andy Low [mailto:[EMAIL PROTECTED]] Sent: 14 May 2001 13:58 To: [EMAIL PROTECTED] Subject: HSRP Statechage [7:4403] Hi, What could cause a HSRP state change if the router is not down? It's very difficult to debug since there is no pre-determine time of when this will happen? There is nothing to do with the recent HSRP DoS for sure :), since I have implemented the necessary steps to overcome it. #sh logging | include STATECHANGE: .May 14 19:00:28: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Standby - Active .May 14 19:00:28: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Standby - Active .May 14 19:00:31: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Active - Speak .May 14 19:00:31: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Active - Speak .May 14 19:00:31: %STANDBY-6-STATECHANGE: Standby: 150: FastEthernet4/0/0.150 state Standby - Active .May 14 19:00:31: %STANDBY-6-STATECHANGE: Standby: 148: FastEthernet4/0/0.148 state Standby - Active .May 14 19:00:31: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Standby - Active .May 14 19:00:32: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Active - Speak .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 154: FastEthernet4/0/0.154 state Standby - Active .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Speak- Standby .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Speak- Standby .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 148: FastEthernet4/0/0.148 state Active - Speak .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 150: FastEthernet4/0/0.150 state Active - Speak .May 14 19:00:41: %STANDBY-6-STATECHANGE: Standby: 154: FastEthernet4/0/0.154 state Active - Speak .May 14 19:00:46: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Speak- Standby .May 14 19:00:51: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Standby - Active .May 14 19:00:51: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Standby - Active .May 14 19:00:51: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Active - Speak .May 14 19:00:54: %STANDBY-6-STATECHANGE: Standby: 148: FastEthernet4/0/0.148 state Speak- Standby .May 14 19:00:54: %STANDBY-6-STATECHANGE: Standby: 150: FastEthernet4/0/0.150 state Speak- Standby .May 14 19:00:54: %STANDBY-6-STATECHANGE: Standby: 154: FastEthernet4/0/0.154 state Speak- Standby .May 14 19:00:56: %STANDBY-6-STATECHANGE: Standby: 1: FastEthernet4/0/0.1 state Standby - Active .May 14 19:00:56: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Standby - Active .May 14 19:00:57: %STANDBY-6-STATECHANGE: Standby: 1: FastEthernet4/0/0.1 state Active - Speak .May 14 19:00:57: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Active - Speak .May 14 19:00:59: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Active - Speak .May 14 19:01:01: %STANDBY-6-STATECHANGE: Standby: 153: FastEthernet4/0/0.153 state Speak- Standby .May 14 19:01:07: %STANDBY-6-STATECHANGE: Standby: 1: FastEthernet4/0/0.1 state Speak- Standby .May 14 19:01:07: %STANDBY-6-STATECHANGE: Standby: 156: FastEthernet4/0/0.156 state Speak- Standby .May 14 19:01:09: %STANDBY-6-STATECHANGE: Standby: 155: FastEthernet4/0/0.155 state Speak- Standby FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4406t=4403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]